From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: yanek@novavax.nova.edu (Yanek Martinson) Date: Fri, 1 Jan 93 09:21:32 PST To: gnu@cygnus.com Subject: Random Number Generation references In-Reply-To: <9212310751.AA21888@cygnus.com> Message-ID: <9301011720.AA05280@novavax.nova.edu> MIME-Version: 1.0 Content-Type: text/plain Here's a list of references from the end of Rueppel's _Stream_Chiphers_ that seem to be relevant to random number generation: J. Bernasconi and C.G. Gunther, "Analysis of a nonlinear feedforward logic for binary sequence generators," BBC Tech. Rep., 1985 T. Beth and F. Piper, "The stop-and-go generator," in Lecture Notes in Computer Science 109; Advances in Cryptology: Proc. Eurocrypt '84, T. Beth, N. Cot, and I. Ingemarsson, Eds., Paris, France, April 9-11, 1984, pp. 88-92. Berlin: Springer-Verlag, 1985. M. Blum and S. Micali, "How to generate cryptographically strong sequences of pseudo-random bits," SIAM J. Comput., vol. 13, pp. 850-864, 1984 L. Blum, M. Blum , and M. Shub, "A simple unpredictable pseudo-random number generator," SIAM J. Comput., vol. 15, pp. 364-383, 1986. J.O. Bruer, "On pseudo random sequences as crypto generators," in Proc. Int Zurich Seminar on Digital communication, Switzerland, 1984. L. Brynielsson, "On the linear complexity of combined shift regiser sequences," in Lecture Notes in Computer Science 219; Advances in Cryptology: Proc. Eurocrypt '85, F. Pichler, Ed., Linz, Austria, April 1985, pp. 156-166. Berlin: Springer-Verlag, 1986. J. Gait, "A new nonlinear pseudorandom number generator," IEEE Trans. Software Eng., vols. S E3, no. 5, pp. 359-363, Sept. 1977. O. Goldreich, S. Goldwasser, and S. Micali, "How to construct random functions," J. ACM, vol. 33, no. 4, pp. 792-807, 1986. D. Gollman, "Pseudo random properties of cascade connections of clock controlled shift registers," in Lecture Notes in Computer Science 209; Advances in Cryptology: Proc. Eurocrypt '84, T. Beth, N. Cot, and I. Ingermasson, Eds., Paris, France, April 9-11, 1984, pp. 93-98. Berlin: Springer-Verlag, 1985. B. Kaliski, A pseudo random bit generator based on elliptic logarithms, M. Sc. thesis, Massachusetts Institute of Technology, 1987. E. L. Key, "An analysis of the structure and complexity of nonlinear binary sequence generators," IEEE Trans. Inform. Theory, vol. IT-22, no. 6, pp. 732-763, Nov. 1976. M. Luby and C. Rackoff, "How to construct pseudorandom permutations from pseudorandom functions," SIAM J. Comput. vol. 17, pp. 373-386, 1988. J.L. Massey, A. Gubser, A. Fischer, P. Hochstrasser, B. Huber, and R. Sutter, "A self-synchronizing digital scrambler for cryptographic protection of data," in Proceedings of International Zurich Seminar, March, 1984. J.L. Massey and R.A. Rueppel, "Linear ciphers and random sequence generators with multiple clocks," in Lecture Notes in Computer Science 209; Advances in Cryptology: Proc. Eurocrypt '84, T. Beth. N. Cot, and I. Ingermasson, Eds., Paris, France, April 9-11, 1984, pp. 74-87. Berlin: Springer-Verlag, 1985. U. Maurer and J. L. Massey, "Perfect local randomness in pseudo-random sequences," in Lecture Notes in Computer Science 435; Advances in Cryptology: Proc. Crypto'89, G. Brassard, Ed., Santa Barbara, CA, Aug. 20-24. 1989, pp. 110-112. Berlin: Springer-Verlag, 1990. U. Maurer, "A provable-secure strongly-randomized cipher," in Lecture Notes in Computer Science 473; Advances in Cryptology: Proc. Eurocrypt'90, I. Damgard, Ed., Aarhus, Denmark, May 21-24. 1990, pp. 361-373. Berlin: Springer-Verlag. S. Micali and C.P. Schnorr, "Efficient, perfect random number generators," preprint, Massachusetts Institute of Technology, University of Frankfurt, 1988. R.A. Rueppel and O. Stafflebach, "Products of sequences with maximum linear complexity," IEEE Trans. Inform. Theory, vol. IT-33, no.1, pp. 124-131, Jan. 1987. A. Shamir, "On the generation of cryptographically strong pseudo-random sequences," 8th Int. Colloquim on Automata, Languages, and Programming, Lecture Notes in Computer Science 62, Springer Verlag, 1981. Y. Zheng, T. Matsumoto, and H. Imai, "Impossibility and optimality results on constructing pseudorandom permutations," in Lecture Notes in Computer Science 434; Advances in Cryptology; PRoc. Eurocrypt'89, J.-J. Quisquater and J. Vandewalle, Eds., Houthalen, Belgium, April 10-23, 1989, pp. 412-422. Berlin: Springer-Verlag, 1990. -- Yanek Martinson mthvax.cs.miami.edu!safe0!yanek uunet!medexam!yanek this address preferred -->> yanek@novavax.nova.edu <<-- this address preferred Phone (305) 765-6300 daytime FAX: (305) 765-6708 1321 N 65 Way/Hollywood (305) 963-1931 evenings (305) 981-9812 Florida, 33024-5819 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: edgar@spectrx.Saigon.COM (Edgar W. Swank) Date: Fri, 1 Jan 93 17:10:34 PST To: Cypherpunks Subject: Re: A solution remailer signature suppression Message-ID: <1k4PwB7w165w@spectrx.saigon.com> MIME-Version: 1.0 Content-Type: text/plain Hugh Daniels said here on Dec 28: There are very good reasons to build remailers (and all mail tools) to pass on all the bytes they can, trailing spaces and .sigs included. Hugh doesn't say what these reasons are. They are not obvious to me, so I must disagree. I've already stated what I think are good reasons at least for remailers whose purpose is anonymity to remove automatic sigs which are likley to destroy anonymity. I've said I would accept either a less ambiguous sig delimiter than "--" or a remailer option to remove the sig (default) or leave it in. Might I sugjest that we set up the remailers with a feature where it tests mail sent from its owner to make sure there is no "compromising" content and that the outer shell verifies correctly, if it fails either of these tests it is dumped in a file and a note returned to you saying someings not right. Hugh doesn't say what criteria we are to use to detect "compromising" content (short of genuine AI) or what the outer shell is supposed to verify to. Why limit this test to the remailers "owner"? This system I use doesn't allow me to run my own software, so I think this idea wouldn't work for me, in any case. -- edgar@spectrx.saigon.com (Edgar W. Swank) SPECTROX SYSTEMS +1.408.252.1005 Silicon Valley, Ca From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: S.E. Brown Date: Fri, 1 Jan 93 17:22:12 PST To: cypherpunks@toad.com Subject: Unsubscribe Message-ID: <9301020122.AA09373@toad.com> MIME-Version: 1.0 Content-Type: text/plain Please unsubscribe me to the list. I am on vacation and am not able to clear my mailbox on a regular basis. Thanks Shawn From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Fri, 1 Jan 93 23:10:10 PST To: cypherpunks@toad.com, gnu Subject: Why mailers should not touch the body In-Reply-To: <1k4PwB7w165w@spectrx.saigon.com> Message-ID: <9301020710.AA15980@toad.com> MIME-Version: 1.0 Content-Type: text/plain > There are very good reasons to build remailers (and all mail > tools) to pass on all the bytes they can, trailing spaces and > .sigs included. > Hugh doesn't say what these reasons are. They are not obvious to me, A fair question (though not phrased as one). The reason to build mailers that faithfully pass on the entire body of the message, without any kind of alteration, is that it permits you to send ANY body through that mailer and rely on its faithful arrival at the destination. If there are no exceptions to the "ANY body" rule, programs can assume that the mail system is a black box (you put info in here, it comes out over there -- you don't care about its guts). If there are exceptions, then it becomes more complicated for programs (and humans!) to use the mail system to pass arbitrary information. One of the great things about adding checksums to messages is that mail and news paths which alter messages will be detected and corrected. I think that if PGP is told that something it signs is text, it should canonicalize line endings from the local storage format (whether newlines are CR, LF, or CRLF) and that's it. If a message passes through a system that expands all tabs to spaces, the messages is corrupted and its signature SHOULD not match. Systems which cannot represent strings of ASCII/ISO-Latin-1 text characters separated by line-endings (such as IBM mainframes which assume EBCDIC 80-column records padded out with trailing blanks) cannot be used "in the obvious way" to move signed textual email. The email will have to be encoded to pass through such non-transparent mail systems -- which will be sufficiently painful that eventually the mail systems will be fixed. It's already a pain that most Internet email won't handle a body consisting of arbitrary 8-bit bytes. If they fix that throughout 80% of the Internet, the other 20% will be forced to go along, or forced to receive an endless stream of corrupted binaries, uncheckable signatures, etc, from the fully capable part of the net. John Gilmore PS: I note that my own mailer, MH, inserts an extra newline at the beginning of many messages, and probably to the end as well. A proper body checksum would detect that and report an error. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Fri, 1 Jan 93 23:13:51 PST To: cypherpunks@toad.com, gnu Subject: Why remailers shouldn't suppress signatures In-Reply-To: <1k4PwB7w165w@spectrx.saigon.com> Message-ID: <9301020713.AA16058@toad.com> MIME-Version: 1.0 Content-Type: text/plain A further issue relates to stripping signatures. Let's be clear here. ==> IF YOU ARE PRESENTING YOURSELF AS MULTIPLE IDENTITIES, AND EXPECT THEM NOT TO BE LINKED, AVOIDING AUTOMATIC .SIGNATURE FILES IS THE LEAST OF YOUR WORRIES! <== Remove the file ".signature" from your home directory and you'll be done with *that* hassle. John PS: An extra credit note for the differently clued among us: Suppose you wanted to have a *different* signature for each of your multiple identities? I guess the remailers had better not strip off signatures, eh? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Fri, 1 Jan 93 23:17:23 PST To: cypherpunks@toad.com Subject: Initial Release of Privacy Enhanced Mail Message-ID: <9301020717.AA16145@toad.com> MIME-Version: 1.0 Content-Type: text/plain Forwarded from the PEM-DEV mailing list. Message-Id: <9212301932.AA07388@TIS.COM> From: James M Galvin To: pem-dev@TIS.COM Cc: rsaref-users@rsa.com Subject: Initial Release of Privacy Enhanced Mail Date: Wed, 30 Dec 92 14:32:08 -0500 -----BEGIN PRIVACY-ENHANCED MESSAGE----- Proc-Type: 4,MIC-CLEAR Content-Domain: RFC822 Originator-ID-Asymmetric: MEYxCzAJBgNVBAYTAlVTMSQwIgYDVQQKExtUcnV zdGVkIEluZm9ybWF0aW9uIFN5c3RlbXMxETAPBgNVBAsTCEdsZW53b29k,02 MIC-Info: RSA-MD5,RSA,mHp3q4Av7Axil1BTXaaii+9NIdfm7doy00d/aw6TYEj y/eCt6CLpjbJzXHZt0kavc9ygC0eRNxOmAHiXmFC0Qg== Trusted Information Systems Incorporated (TIS), under DARPA sponsorship, in cooperation with RSA Data Security Incorporated (RSADSI), is preparing to release a reference implementation of Privacy Enhanced Mail (TIS/PEM) to the Internet community. TIS/PEM is a UNIX-based implementation that has been integrated with Rand MH 6.7.2 and is easily integrated into other mail user agents. TIS/PEM will be distributed in source form with RSADSI BSAFE object code. It will be widely available within the United States and Canada for non-commercial use (not for resale) with the stipulation that users join the Internet certification hierarchy. You are invited to participate in the testing of the initial release of TIS/PEM. Organizations and individuals must meet the following criteria to be accepted as a tester of the initial release of TIS/PEM. 1. You must be a United States or Canadian organization, or a United States or Canadian citizen residing in the United States or Canada. 2. You must have available the computing resources necessary to run the software and either be responsible for the administration of the resources or be able to delegate the responsibility. 3. You must have FTP access in order to be able to retrieve the software. With this release of TIS/PEM and an Internet certificate, you will be able to send and receive authenticated and confidential electronic mail messages, subject to the constraints of your local security policy. Attached is a field test agreement form. Please review it. If you agree to the terms and wish to participate, reply to this message and we will provide an ftp account for you to retrieve the file. The main features of this agreement are the following: o This test period will last a few months, probably until the end of March. When the test period is complete, we will release this code for general Internet distribution. o There is no charge for the use of this code, but it may only be used by you or within your own organization within the United States or Canada. It may not be given to others outside your organization or sold. (If you have a multinational organization, contact us for further discussion.) o When the system is released for regular use, users must obtain certificates through the regular certificate issuing channels and pay whatever fees are required. During the test period, there is no charge for certificates. When a regular certificate issuing mechanism is in place you will be informed. o We intend for this version of the code to be usable for real traffic. Although new versions of the software will be issued, the messages and certificates generated by this system and the databases maintained by this system should be compatible with future distributions. o We will undoubtedly issue changes, updates, bug fixes, etc. during this period. When we issue updates or new releases, you are obligated to install these changes. o You are free to drop out at any time. Thank you very much for your time. TIS/PEM Beta Test Site Agreement Trusted Information Systems (TIS) in cooperation with RSA Data Security Incorporated (RSADSI) is preparing to release TIS/PEM, a reference implementation of Privacy Enhanced Mail, to the Internet community. The purpose of beta testing is to evaluate TIS/PEM according to the criteria specified below. This agreement protects the interests of the beta testers, TIS, and RSADSI during the beta test period. By accepting a distribution of TIS/PEM during the beta test period, a beta test site agrees to the following: 1. You will acquire no ownership interest in any software, documentation, or other pieces of TIS/PEM as a result of their being distributed to you by Trusted Information Systems during the beta test period. Except as necessary to install and operate the software throughout your organization within the United States, TIS/PEM may not be distributed to others. (If you have a multinational organization, contact us for further discussion.) 2. TIS/PEM is to be used only with certificates issued under a Certification Authority which is itself registered under a permanent or temporary Policy Certification Authority (PCA). TIS is operating a PCA and will supply PCA services without charge during the beta test period. 3. At the conclusion of the beta test period, the beta test site may keep the software and continue to use it provided the site registers with a PCA and pays the appropriate fees. 4. Evaluations, comments, and suggestions about TIS/PEM should be communicated to Trusted Information Systems and may be communicated to other beta testers. 5. A technically competent systems administrator and programmer, someone capable of installing a software system comprising more than 50,000 lines of C source code, is expected to be assigned responsibility for TIS/PEM. All technical communication with a beta test site will be coordinated with this technical point of contact. 6. Upgrades will be installed and evaluated according to the criteria specified below in a timely fashion. Obsolete versions of the system must be taken out of service as quickly as possible. 7. If the site elects to drop out of beta testing, all software, documentation, and other pieces of TIS/PEM as may be distributed during the beta test period must be returned to Trusted Information Systems. During the beta test period, TIS agrees to the following: 1. One copy of all software, documentation, and other pieces of TIS/PEM as may be necessary to its correct and proper operation will be supplied to each beta test site for use during the beta test period. 2. Evaluations, comments, suggestions, bug fixes, and improvements of TIS/PEM will be acknowledged and incorporated into TIS/PEM according to an internal TIS review process. 3. During normal business hours, telephone and electronic mail technical support will be provided to the technical point of contact at each beta test site assigned responsibility for TIS/PEM. 4. One copy of upgrades to TIS/PEM incorporating evaluations, comments, suggestions, bug fixes, and improvements will be supplied to each beta test sites for use during the beta test period. 5. Beta test sites will be informed of the completion of beta testing and may be asked to return all software, documentation, and other pieces of TIS/PEM as may have been distributed during the beta test period. TIS/PEM Evaluation Criteria Beta test sites are requested to evaluation TIS/PEM according to the following criteria. The results of the evaluation must be returned to TIS in order for changes to be incorporated in the next release of TIS/PEM. There are 5 areas of particular interest, but any and all comments are hereby solicited. Beta test sites are asked to evaluate how well we achieve the objectives stated for each area. 1. Installability TIS/PEM is expected to operate on most BSD and SYS5 derived UNIXs. With respect to installability we want to achieve the following objectives: a. TIS/PEM should install smoothly on as many different "flavors" of UNIX as possible. b. TIS/PEM should install smoothly on as many different hardware platforms as possible. c. The installation process should be as simple as possible, but not simpler. Beta test sites are encouraged to port TIS/PEM to as many different software and hardware environments as possible. If possible, enhancements to get TIS/PEM to install smoothly on other versions of UNIX that are returned to TIS will be incorporated into a future distribution of TIS/PEM. 2. Usability TIS/PEM is provided with a command line oriented interface. In particular, it is integrated with the Rand MH Message Handling user agent. This interface was chosen because of the ease with which TIS/PEM could be integrated and because it is in the public domain. For each site, a certificate administrator must be designated who will be responsible for the administration of TIS/PEM. In particular, there is some site specific initialization to be completed. In addition, there is some initialization required to be executed by every user before they can make use of the TIS/PEM enhancements to MH. Depending on local conventions, users may be required to request the initialization of their certificate administrator or they may be able to execute the initialization individually. With respect to usability we want to achieve the following objectives: a. For users familiar with MH, the integration of TIS/PEM and MH should appear to be a natural extension of the MH model. b. The initialization process should be as simple as possible. Users will need to be familiar with MH or be prepared to learn about it. The MH source tree includes a tutorial of the minimal set of commands. In the future it is expected that others will contribute additional user interface software. Beta test sites are encouraged to enhance local user interfaces to include TIS/PEM. If possible, these enhancements will be included in future distributions of TIS/PEM. 3. Performance The performance of TIS/PEM is dominated by the processing time for certificates and cryptography. We have attempted to minimize the impact of these factors but we encourage beta test sites to investigate the operation of the system and identify bottlenecks for which they have suggestions for improvement. With respect to performance we want to achieve the following objective: o The design and model of TIS/PEM, and its integration with various applications, should be such that it will perform as well as it can. Obviously, performance is a subjective criteria. Different architectures will influence performance as much as the overall design of the system. Beta test sites are encouraged to empirically observe the performance of TIS/PEM under various operating conditions and report those results. 4. Interoperability With respect to interoperability we want to achieve the following objectives: a. TIS/PEM should interoperate with other implementations of PEM. b. Future versions of TIS/PEM should be backward compatible with previous versions. 5. Documentation On-line manual pages are provided for all TIS/PEM programs and those programs we have changed as a result of our integration with MH. In addition, we will provide an installation manual, an administrator's manual, and a user's manual. With respect to documentation we want to achieve the following objectives o All documentation should completely and accurately describe TIS/PEM. o All documentation should be easy to understand and easy to use. Beta test sites are encouraged to thoroughly review all documentation and provide feedback to be incorporated in future versions. -----END PRIVACY-ENHANCED MESSAGE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Fri, 1 Jan 93 22:23:32 PST To: CYPHERPUNKS Subject: Remailer .sig suppressio Message-ID: <930102062025_74076.1041_DHJ24-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- From: edgar@spectrx.Saigon.COM (Edgar W. Swank) > Hugh Daniels said here on Dec 28: > > There are very good reasons to build remailers (and all mail > tools) to pass on all the bytes they can, trailing spaces and > .sigs included. > > Hugh doesn't say what these reasons are. They are not obvious to me, > so I must disagree. I've already stated what I think are good reasons > at least for remailers whose purpose is anonymity to remove automatic > sigs which are likley to destroy anonymity. > > I've said I would accept either a less ambiguous sig delimiter than > "--" or a remailer option to remove the sig (default) or leave it in. I'll just relate one story that happened to me today. I wanted to try an experiment in which I would use two non-cypherpunks remailers to set up a chained anonymous address. One is anon.penet.fi, which doesn't do any encryption, but which will allow you to specify an arbitrary destination address. The other is pax.tpa.com.au, which does PGP decryption (but you can't encrypt the remailer destination address like you can with our remailers). The Pax remailer lets you send them a PGP key which it saves. Then, any future messages to you are encrypted by the remailer using that key. That way message contents are always protected between Pax and you. I wanted to send Pax a key via the Penet remailer so that Pax wouldn't know who I really was. I tried this, and got a message back from Pax saying: Error: you didn't include a public key for us ! So we can't assign an alias or send you our public key. But I _had_ sent them a public key. After some head-scratching I figured out the answer. My public key had started with the string: "-----BEGIN PGP MESSAGE-----". But the Penet remailer strips sigs, which it considers to be any line starting with "--". It thought my PGP key was a signature! It had stripped it, so that Pax received only a blank message. I haven't thought of a way around this problem yet. Now, Edgar may take as the moral of the story that remailers should have smarter sig recognition. But I take the moral to be that munging mail messages may cause problems when people try to use it for something which you didn't anticipate. Hal -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK0UJOqgTA69YIUw3AQHusQP/YuzvntMZ8XPpfLwwE5YElLjwfKGF0Q2e Cjk1PMmvtcn/bjSCB49lagOs0cEjm9Vt4gsEkTxwVlOya0+WOTeY/zzZAYlf3z4R 9QY7uRSyPQYJlPH6rosifEREMNWksRMCNMlISp8PDh1duJf3BvdwY3nyXk/PABpS LTp6NAFaFi4= =j0Wl -----END PGP SIGNATURE----- Distribution: CYPHERPUNKS >INTERNET:CYPHERPUNKS@TOAD.COM From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Sat, 2 Jan 93 02:28:03 PST To: cypherpunks Subject: FYI: New report on public public-key infrastructure available Message-ID: <9301021028.AA22146@toad.com> MIME-Version: 1.0 Content-Type: text/plain ------- Forwarded Message To: John Gilmore Subject: FYI: New report on public public-key infrastructure available Date: Tue, 01 Dec 92 19:37:12 +0000 From: Mike Roe In Europe, an EC-funded project called PASSWORD (`Piloting Authentication and Security Services Within OSI Research and Development') aims to deploy an initial pilot service of privacy and integrity enhanced mail (and several more exotic applications) between academic and industrial organisations throughout Europe. The plans for how we intend to do certificate-based key management are described in a report entitled ``PASSWORD R2.5: Certification Authority Requirements''. Version 1.0 of this report is available by anonymous FTP from: ftp.cl.cam.ac.uk (128.232.0.56) reports/mrr-passwords.dvi.Z I realise that you're probably far too busy with other matters right now, but if you have any comments to make we'd be delighted to hear them. Yours sincerely, Michael Roe Cambridge University Computer Lab Computer Security Group ------- End of Forwarded Message John here. I have pulled this file down and translated it to PostScript (which I haven't tried to read yet). It's in cygnus.com:/pub/mrr-passwords.ps. The "DVI" format he provided is sort of like object files output by TeX; I have no idea why he didn't just provide us the TeX source, or the printable PostScript. John From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jordan@imsi.com (Jordan Hayes) Date: Sat, 2 Jan 93 12:19:21 PST To: cypherpunks@toad.com Subject: Re: Why mailers should not touch the body Message-ID: <9301021504.AA28104@IMSI.COM> MIME-Version: 1.0 Content-Type: text/plain All the more reason why the signature should be in the envelope (i.e. one of the headers in 822-land, in the p1? part for X.400, etc), not the body. Where did this convention of signing at the bottom come from anyway? /jordan From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tribble@xanadu.com (E. Dean Tribble) Date: Sat, 2 Jan 93 19:57:51 PST To: cypherpunks@toad.com Subject: remailer architecture (and signatures) Message-ID: <9301030327.AA13331@xanadu.xanadu.com> MIME-Version: 1.0 Content-Type: text/plain First a brief description of the new (read not-yet-available) remailer architecture, then what's this means to signatures, etc. The new remailer design comes from the realization that mail systems are missing configurability on both sides of message delivery: when you receive mail, and when you send it. Most of the 'remailer' is just the infrastructure to allow programmatic modification to messages in those two phases of delivery. With this infrastructure, remailers are trivial to construct. There will be an Incoming Mail Rewriting Agent (IMRA) and on Outgoing Mail Rewriting Agent. The behavior of these agents is specified by production/rewrite rules (match a pattern and take corresponding action, possibly recurring) on the mail message they are processing. The incoming agent is much like the existing framework for remailers. It is invoked through .forward and handles mail before it gets to yout mailbox. The outgoing agent is invoked when you send mail to do any rewriting necessary then (such as encryption, signture, etc.). Note that .signature handling is a grody hack in existing mail systems that directly implements a rather uninteresting piece of outgoing mail rewriting (I had fun writing that :-). It should just be junked for the more general scheme, which can support real crypto signatures (and .sig files, of course) for pseudonyms, outgoing encryption, automatic remailer routing (a header: 'Hops: 3' that would route the mail through 3 remailers to the eventual destination), etc. It of course won't be junked immediately, but the default behavior of remailers should certainly not be to strip anything that looks like sigs. Can we guarantee that all the tools that produce ascii encodings like uuencode will never produce the trivial pattern that the remailers thinks means 'signature.' For example, hypertalk comments start with '--', just like signatures. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Sat, 2 Jan 93 21:32:49 PST To: CYPHERPUNKS Subject: New remailers... Message-ID: <930103052525_74076.1041_DHJ38-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- From: tribble@xanadu.com (E. Dean Tribble) > First a brief description of the new (read not-yet-available) remailer > architecture, then what's this means to signatures, etc. > [...] This is neat. It sounds like the plan is to provide a convenient mail filtering tool which provides remailer capability as a SIDE EFFECT! What a great way to spread remailers! Not to mention, the same tools can provide automatic encryption and decryption - the long-sought integration of PGP (or RIPEM, etc.) with mail in an easy-to-use way. I'm really looking forward to seeing more about this idea. Speaking of integrating encryption into email, does anybody here have access to the announced beta-test of PEM from TIS? It would be interesting to see the documentation about how they've handled the user-interface issue. I gather that it only works with the MH package but presumably they've had to face some of the problems we're talking about here. Hal 74076.1041@compuserve.com -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK0ZOFqgTA69YIUw3AQHQkwP/VjXxDvQWqpx+owL4re1YVtMTobydqcD4 myGTAyT9VVmB5R/DEQdatwyc+mXuvGAx7YTEX+o3MPuZE/5VXFG+FgZZb21PZqWS UFae9YFY1AY6RHJi0APM5G5S8x6LHJJXtKo1wFgeKd8BjUeHS1l73qFpKeNzdN3g SCzCS/BGslE= =xw7Q -----END PGP SIGNATURE----- Distribution: CYPHERPUNKS >INTERNET:CYPHERPUNKS@TOAD.COM From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: hughes@toad.com (Eric Hughes) Date: Mon, 4 Jan 93 12:01:08 PST To: KL62%MARISTB.bitnet@YaleVM.YCC.Yale.Edu Subject: Re: The Need for Positive Repuations Message-ID: <9301031713.AA21649@toad.com> MIME-Version: 1.0 Content-Type: text/plain --------------------------- Original Message --------------------------- You sent this to cypherpunks-request and not to cypherpunks. Eric ----------------------------------------------------------------------------- Return-Path: <@YaleVM.YCC.Yale.Edu:KL62@MARISTB.BITNET> Date: Fri, 18 Dec 92 15:18:35 EST From: "Ryan, Edmund J" To: Subject: Re: The Need for Positive Repuations In-Reply-To: In reply to your message of FRI 18 DEC 1992 11:45:55 EST > Indeed, in the long run, when there are billions of people in the nets, > even UseNet newsgroups devoted to people who use musical instruments as > sex toys would have thousands of posts a day because given billions of > possible subscribers, finding a few tens of thousands with a particularly > obscure interest wouldn't be hard. Thus, in the long run, the nets will move > to "closed" newsgroups and mailing lists in which to be a subscriber one > will have to be explicitly subscribed to a list and will only be able to > read with one's private key and post by digitally signing messages. In such > an environment, anonymous abusers will simply be incapable of annoying people. Well there won't be a complete movement in that direction. The set up of the list may differ. Some lists may be open to all to read but open only to subscribers to post. Some lists may be the other way around. (Can't think of an example, but there may be one out there.) By the way, I've never really seen too many abusive postings on the Usenet groups I frequent.It doesn't seem to be a problem. Just my opinion. > A weak version of this exists already in the Extropians mailing list, which > considers itself to be a closed list. The list is governed by a privately > produced legal code (its in some ways a test of anarchocapitalist legal theory > and since the adoption of the code, we've had a reduction of flaming by > a large factor even though we've seen a three fold increase in list size. > The content is improving because people know that sanctions will be applied > for flaming and that they can actually be kicked off the list, and that being > kicked off is meaningful. In the long run, all serious discussion groups > will likely evolve in this direction, with the lists being closed to explicit > subscribers and with meaningful sanctions like ostracism being applied to > people that behave in an antisocial manner. Such lists have little reason > to fear people hiding behind cloaks of anonymity. With digital signatures, > even the anonymous can develop meaningful reputations and can be sanctioned > for failing to live up to those reputations. > > Perry Again, there will always be the fun of watching people flame. Virtually, Edmund J. Ryan ------------------------------------------------------------------------ - Edmund J. Ryan C.I.S. Major Extropian - - KL62@MARISTB C.S. Minor Libertarian - - "Insert your snappy quote of the day." - ------------------------------------------------------------------------ ------------------------------------------------------------------------ - Edmund J. Ryan Major: Computer Information Systems - - KL62@MARISTB Minor: Computer Science/Business - - Marist College Political philosophy: Libertarian - - Poughkeepsie, NY Extropian - - - - "Replace taxpayers with shareholders, - - regulators with customers: privatize!" - ------------------------------------------------------------------------ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jordan@imsi.com (Jordan Hayes) Date: Sun, 3 Jan 93 08:08:38 PST To: cypherpunks@toad.com Subject: Re: Why mailers should not touch the body Message-ID: <9301031512.AA05222@IMSI.COM> MIME-Version: 1.0 Content-Type: text/plain I got lots of mail telling me that signing messages in the body of the message came about because "various mailers" munge header lines. Now it's true that for gateway processing, To: and From: lines need to get translated, but I've never seen a mailer change or remove a header that doesn't have to do with addressing before. Can someone provide an example? My claim is that a signature belongs on the envelope and not in the body. ----- To be clear, I'm talking about (e.g.) a PGP signature, not a .signature with a cute saying in it. /jordan From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: edgar@spectrx.Saigon.COM (Edgar W. Swank) Date: Mon, 4 Jan 93 17:02:47 PST To: Cypherpunks Subject: Re: Return addresses Message-ID: MIME-Version: 1.0 Content-Type: text/plain Hal Finney wrote here on Dec 30: Chaum's idea was that the message contents would be encrypted at each step, as Eric suggests, but Chaum would have the encryption key be part of the anonymous address, created by the same person who made the anonymous address. The idea would be, after decrypting the incoming message, the remailer would see something like: Anon-To: Encrypt-With: It would then encrypt the message "contents" (but not the "envelope", as Eric points out) using the specified key. When the owner of the anonymous address received the message, he would decrypt it using the chain of "Encrypt-With" keys that he put into the anonymous address. I'd like to point out that the "-ca" function of PGP could be used to perform this function if Encrypt-With: specified a PGP pass-phrase rather than a direct key. I'd also like to suggest that the message- body to be encrypted require heading and trailing delimiters such as: -----BEGIN MESSAGE BODY----- -----END MESSAGE BODY----- Note delimiters would not be part of message body and would not be encrypted. -- edgar@spectrx.saigon.com (Edgar W. Swank) SPECTROX SYSTEMS +1.408.252.1005 Silicon Valley, Ca From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ghsvax!hal@uunet.UU.NET (Hal Finney) Date: Sun, 3 Jan 93 17:28:45 PST To: cypherpunks@toad.com Subject: Anonymous discussion on Pax Message-ID: <9301040105.AA26178@nano.noname> MIME-Version: 1.0 Content-Type: text/plain There has been some discussion on the Pax mailing list (mail to anon.subscribe@pax.tpa.com.au to subscribe) about anonymous posting and mail. Here is an excerpt from one posting that I thought was interesting. From: mjr@netcom.com (Matthew Rapaport) > >anonymous posting is just another noise source. Very little is riding > >on who "wins" arguments on Usenet. > > True, so I'll try something more serious. Suppose you were trying to > convince some small group of vulnerable people to commit some crime, or > aid in one directly or indirectly (perhaps for political reasons). > He/she/they might resist one provacateur, but all *10* of *you* assure > him/her/them that you've all done it (for which reason you must > naturally hide your identities), it must be done, etc. > > ******* > > >The idea of positive reputations is designed to help with the problem > >that anonymity could lower the quality of postings by reducing > >accountability. > > The WELL tried a completely anonymous conference once. It quickly became > a mire of flaming viciousness, lying, trickery and backstabbing. It was > unbelievable to see how fast it got nasty, and in an otherwise > reasonably well behaved user population. Does anyone here have information on this experiment on the WELL? That sounds like an interesting data point. Presumably they did not try to press on with some kind of rating or reputation system. Hal 74076.1041@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Richard Childers Date: Sun, 3 Jan 93 20:28:18 PST To: cypherpunks@toad.com Subject: Re: A solution remailer signature suppression Message-ID: <9301040426.AA10757@rchilder.us.oracle.com> MIME-Version: 1.0 Content-Type: text/plain "Hugh Daniels said here on Dec 28: There are very good reasons to build remailers (and all mail tools) to pass on all the bytes they can, trailing spaces and .sigs included." "Hugh doesn't say what these reasons are. They are not obvious to me, so I must disagree. I've already stated what I think are good reasons at least for remailers whose purpose is anonymity to remove automatic sigs which are likley to destroy anonymity." I can think of a few ... (1) it's a bad precedent to rewrite contents. one program's apparent signature could be another program's data or instruction. (2) it is unnecessary complexity and falls under KISS, IE, 'Keep It Simple, Simon'. (-: (3) It is less robust and portable as a result of having this additional complexity. ( I use 'portable' not in the conventional compiler- specific manner, but more to apply to a given application's usability for future, yet-to-be- known applications, IE, flexibility. ) In this respect it fails to conform to requirements for a good software 'tool'. It is the user's job to hide his or her identity, but it should not be the programmer's responsibility to anticipate the user's failure to think at all. Someone who uses these tools without understanding the principles upon which they are founded - such as people whom accept keys from individuals whom are only electronically known - will quickly founder upon their own, um, state of stupor, and one should not undertake to protect them from this, as what you are pro- -tecting them from, in reality, is the opportunity to learn from their mistakes. "I've said I would accept either a less ambiguous sig delimiter than "--" or a remailer option to remove the sig (default) or leave it in." Until there is a convention, IE, an RFC or ANSI standard for signatures, it would be unwise to build in any assumption. I just realized an excellent example. For years, I've been signing myself ... -- richard ... such that everything after my name - IE, contact data - would be trimmed off. Not well thought out ... I have actually seen this in the case of a few mail servers that rewrite contents ( such as the elec- -tric vehicles digest, EV-L ). -- richard ===== -- richard childers rchilder@us.oracle.com 1 415 506 2411 oracle data center -- unix systems & network administration "If Life is a drama, then, surely, the hardest parts go to the most skillful." From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Matt Willis Date: Mon, 4 Jan 93 09:51:02 PST To: cypherpunks@toad.com Subject: Acceptance of Keys Message-ID: <01GT4DS9PKZ40000QP@stetson.bitnet> MIME-Version: 1.0 Content-Type: text/plain Richard Childers writes: > >> It is the user's job to hide his or her identity, but it should not >> be the programmer's responsibility to anticipate the user's failure >> to think at all. Someone who uses these tools without understanding >> the principles upon which they are founded - such as people whom >> accept keys from individuals whom are only electronically known - >> will quickly founder upon their own, um, state of stupor, and one >> should not undertake to protect them from this, as what you are pro- >> -tecting them from, in reality, is the opportunity to learn from >> their mistakes. As wary as I am of expressing my ignorance, I'll give it a shot... I'm new to the Cypherpunks list and I'm just curious, is it going against the principles of PGP to "accept keys from individuals whom are only electronically known"? (if so, I guess I'm in a state of stupor) Most of my dealings on the internet are internet-exclusive, that is, I never meet the people with whom I communicate. With the exception of some locals, computer social life in FL, USA is pretty non-existant. I wish my communications to be secure and I believe that PGP is the best way and I will never have the opportunity to meet the people I talk to in Kansas or in New York (both places, I hope I never visit). If meat-relations are the only secure way I'm supposed to communicate, then I guess I'll have to use carrier pigeons. :) DISCLAIMER: Of course, I could be taking this TOTALLY out of context, and in that case this message should read: Hey, I really like this list... It's intellectually stimulating and a clearly positive influence on my life. How's the weather in Europe? I'm not trying to be argumentative, I just have serious questions about the keeping of public keys... here's another one... couldn't we assign one at birth... it'd be better than a social security number (dunno what you use in Europe), but a whole lot harder to remember... ALSO: We Mac users are wondering when MacPGP 2.1 will be out? Anyone have any contact info? thanks for reading my words. +-------Matt-Willis--------------------------------+ | Matt Willis ASTMWILL@STETSON.BITNET | elsewhere: | Matt Willis Head of the Underground | mwill@mindvox.phantom.com | Matt Willis Robotech PBM List | +-------Matt-Willis--------------------------------+ "Absolutely alone in awareness of the mechanism." -Agrippa by WG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl L. Barrus Date: Mon, 4 Jan 93 12:04:01 PST To: ASTMWILL%STETSON.bitnet@CUNYVM.CUNY.EDU Subject: Acceptance of Keys In-Reply-To: <01GT4DS9PKZ40000QP@stetson.bitnet> Message-ID: <9301042003.AA13849@tree.egr.uh.edu> MIME-Version: 1.0 Content-Type: text/plain Matt, You posted some very good questions. The reason why it is "unacceptable" to accept keys electronically is that you may be vulnerable to spoofing. Okay, in reality, you have to realize that attacking cryptographic protocols is a paranoid view of things, and that you may not be attacked, but... if you send your public key to somebody, it could be possible for someone to eavesdrop, grab your key, substitute their own, and send that one along. Then when someone responds to "you", the eavesdropper could read the message, re-encrypt it with the public key they stole, and send it along to you. Then, you don't even know you are the victim of eavesdropping. Anyway, it all boils down to validating the keys you receive. Which makes it tough unless you can meet people face to face. However, the latest version of pgp contains an option which computes the md5 hash of your public key - which allows you to call someone, and read each others hashes, thus completing the verification over the phone. Of course, now you have to worry about receiving their correct phone number... :-) /-----------------------------------\ | Karl L. Barrus | | barrus@tree.egr.uh.edu (NeXTMail) | | elee9sf@menudo.uh.edu | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: eric@parallax.com (Eric Messick) Date: Tue, 5 Jan 93 01:01:56 PST To: cypherpunks@toad.com Subject: RFC-822 header processing in perl Message-ID: <9301050049.AA07963@parallax.com> MIME-Version: 1.0 Content-Type: text/plain I've written a perl script to parse RFC-822 style headers. It was a good deal harder than I had thought it would be. Since it's over 300 lines (with comments) I won't post it, but will mail it to anyone who wants to play with it. It has the following features: Doesn't touch anything unless you ask it to. Leaves the ordering and whitespace/folding of header lines unchanged. Allows you to replace any header line (which appears only once) with an arbitrary value, which is appropriatly folded on output. Allows you to delete any header line, or add a header line to the end of the header. These are special cases of replacing a header line. Allows you to access the value (stuff after the :) of any header line. Given a list of addresses, returns an array of canonicalized addresses. The last item is the hard part. It correctly parses the sample addresses in the RFC-822 paper, as well as some really gnarly looking junk that I threw at it. It correctly handles the various types of quoted strings, and backslash quoting, not splitting addresses at quoted commas. It removes nested comments from addresses. It deletes the group name from a list of addresses without screwing up quoted colons. It should be useful as a first step in alias processing. That's what I'll be adding next, when I figure out exactly how I want to do it. -- eric messick eric@toad.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Mon, 4 Jan 93 07:39:52 PST To: Richard Childers Subject: Re: A solution remailer signature suppression In-Reply-To: <9301040426.AA10757@rchilder.us.oracle.com> Message-ID: <9301041652.aa07015@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain Richard Childers writes: > It is the user's job to hide his or her identity, but it should not > be the programmer's responsibility to anticipate the user's failure > to think at all. Someone who uses these tools without understanding > the principles upon which they are founded - such as people whom > accept keys from individuals whom are only electronically known - > will quickly founder upon their own, um, state of stupor, and one > should not undertake to protect them from this, as what you are pro- > -tecting them from, in reality, is the opportunity to learn from > their mistakes. Well, in principle I agree. And if I would start from a clean slate, I would *gladly* leave out the sig stripper. But people in groups such as alt.sexual.abuse.recovery have come to rely on the behaviour of previous servers, and are *not* very computer- or e-mail-literate. Julf (admin@anon.penet.fi) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Mon, 4 Jan 93 23:41:21 PST To: CYPHERPUNKS Subject: Re: Remail addresses... Message-ID: <930105070855_74076.1041_DHJ43-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- From: edgar@spectrx.Saigon.COM (Edgar W. Swank) > > Anon-To: > Encrypt-With: > > I'd like to point out that the "-ca" function of PGP could be used > to perform this function if Encrypt-With: specified a PGP pass-phrase > rather than a direct key. This sounds like a good idea. The user would have to have some scripts to decrypt incoming anonymous-address messages using this pass phrase (or some sequence of pass phrases if more than one remailer was used for the anonymous address). > I'd also like to suggest that the message- > body to be encrypted require heading and trailing delimiters such as: > > -----BEGIN MESSAGE BODY----- > -----END MESSAGE BODY----- > > Note delimiters would not be part of message body and would not > be encrypted. These anonymous addresses do need a distinction between the "message address" (or "envelope") and the message body. The anonymous address gets decrypted at each step, and the message body gets encrypted at each step using the scheme above. But Eric Hughes pointed out that we already have such a distinction in the RFC822 message headers vs body. We should use that existing structure rather than try to create our own. That means that anonymous addresses should be designed to fit into mail headers. Unfortunately many mail agents make this difficult or inconvenient right now, but perhaps that is an area where we could make some improvements. In this model, we would not need message body delimiters, since mail already has its message body delimited distinct from its headers. If we do process the message body with encryption at each stage, I do have an idea which could be useful. If the body which is being encrypted is already in the format of an ASCII-encoded message using the standard RFC822 encryption used in PGP, RIPEM and PEM, then rather than just encrypting it it could be de-ASCII'd, then encrypted, then re-ASCII'd. This would keep it from increasing in size by a factor of 4/3 at each encryption step. Hal -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK0kHvKgTA69YIUw3AQHBuwP/ekp1feh06tLHwxws49DE3wVxnu/36Yg7 oW2l43n3llgRJC+r/KYJ2+5LTG0/f1Ib/R8c4qxUJzZeCj7zABSdJ6KSwIlwmfP6 Djz0vOBnife6CvhQRi+T/8NuFqFIzlxO1vK+7tG9KWshxP+7AMayGOLuY0pOTREX 7brcJHnn7Mg= =9Uss -----END PGP SIGNATURE----- Distribution: CYPHERPUNKS >INTERNET:CYPHERPUNKS@TOAD.COM From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Tue, 5 Jan 93 09:56:19 PST To: cypherpunks@toad.com Subject: Re: purloined letter In-Reply-To: Message-ID: <9301051753.AA25648@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Peter Breton writes: > In using encrypted communications, how does one avoid the problem of > calling attention to the message BECAUSE it is encrypted? "If he went to > the trouble of coding it, there MUST be something in there!!" Granted that > if everyone begins encrypting, this problem will vanish... are there > practical solutions in the meantime? (eg, Codes that look like plaintext?) The study of how to hide the _existence_ of an encrypted message is called _steganography_. Messages have traditionally been: -placed on microdots and hidden inside letters, under stamps, etc. -transformed into innocuous-looking messages ("Hello, Peter! Things are going very well on this January morn.")...typically used with book codes -deposited in physical "dead drops," such as in tin cans by the side of the road, in the branches of trees, etc. (all agreed-upon in advance, of course) The cypherspace domain offers new degrees of freedom for hiding such messages: -messages may be packed into the "least signficant bits" (LSBs) of digital images, GIFs and TIFFs, sound samples, etc. As these bits are at the "noise floor" for modern recording technology, message bits can be easily made indistinguishable from "real" bits. A simple GIF image, such as those posted worldwide in the various "pictures" groups, can easily hold 50K bytes or more just in the LSBs (of each of the colors). A standard 2-hour digital audio tape (DAT) can carry 80 M bytes in the LSBs alone! (Imagine the Customs Department trying to stop someone from carrying out the blueprints to the Aurora spy plane packed into the LSBs of their favorite tape!) -similar systems can be used to pack bits into the "ragged right" margins of messages like this one, where the precise word spacing carries some bits. Not very many, of course. And the spacing is susceptable to munging. -raw data, such as weather reports and sports scores, can be used. Used since the dawn of espionage, and featured as a plot device in the French thriller "Soft War," this method is certainly still possible to use. As the amount of bits moving around increases dramatically, so, too, will the avenues for sending encrypted messages. -Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | PGP Public Key: by arrangement. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Tue, 5 Jan 93 10:03:47 PST To: pbreton@cs.umb.edu Subject: Re: purloined letter Message-ID: <9301051802.AA17738@servo> MIME-Version: 1.0 Content-Type: text/plain A couple of years ago somebody posted some clever programs to sci.crypt that hid arbitrary (cipher)text in seemingly innocuous "plaintext". You had two options: plaintext that looked like a running commentary on a baseball game (with the ciphertext encoded in the choices of names of players at bat, the sequence of balls and strikes, etc) or plaintext that looked like the writings of a particular legal scholar (I think). I don't remember his name, but he was chosen because Senator Joseph Biden of Delaware plagairized his works during law school, and Biden had recently introduced S.266 with the now-infamous "resolution" against cryptography. A nice touch. :-) Another approach to this problem is this: if you can't make the needles inconspicuous by themselves, generate some big haystacks to hide them in. I.e., write a program that produces bogus PGP "messages" and execute it frequently to produce background traffic. I wrote a first-order bogus PGP message generator and posted it to sci.crypt two weeks ago. I say "first order" because it looks like a PGP message to the naked eye, but is clearly invalid when fed to PGP - I didn't bother generating correct checksums on the ciphertext. The ideal bogus message generator would produce a message indistinguishable from a real PGP message encrypted with an unknown public key, or perhaps with a known public key chosen at random. Anybody want to write this? Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Breton Date: Tue, 5 Jan 93 07:26:50 PST To: cypherpunks@toad.com Subject: purloined letter In-Reply-To: <9301050049.AA07963@parallax.com> Message-ID: MIME-Version: 1.0 Content-Type: text/plain Hi, I'm fairly new here and not sure if this topic has come up before, but I'll offer it anyway: In using encrypted communications, how does one avoid the problem of calling attention to the message BECAUSE it is encrypted? "If he went to the trouble of coding it, there MUST be something in there!!" Granted that if everyone begins encrypting, this problem will vanish... are there practical solutions in the meantime? (eg, Codes that look like plaintext?) Peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mch@sqwest.wimsey.bc.ca (Mark C. Henderson) Date: Tue, 5 Jan 93 10:27:47 PST To: Peter Breton Message-ID: <9301051019.ZM15222@west.sq.com> MIME-Version: 1.0 Content-Type: text/plain On Jan 5, 10:19, Peter Breton wrote: > Subject: purloined letter > > Hi, > > I'm fairly new here and not sure if this topic has come up before, but > I'll offer it anyway: > > In using encrypted communications, how does one avoid the problem of > calling attention to the message BECAUSE it is encrypted? "If he went to > the trouble of coding it, there MUST be something in there!!" Granted that > if everyone begins encrypting, this problem will vanish... are there > practical solutions in the meantime? (eg, Codes that look like plaintext?) The best way to prevent this type of traffic analysis is to encrypt everything. As a second best, encrypt all correspondence with a specific person. Mark -- Mark Henderson, SoftQuad Inc, 108-10070 King George Hwy, Surrey, B.C. V3T 2W4 Internet: markh@wimsey.bc.ca, mch@sqwest.wimsey.bc.ca, mch@holonet.net UUCP: {van-bc,sq}!sqwest!mch Telephone: +1 604 585 8394 Fax: +1 604 585 1926 RIPEM public key available by Email/finger mch@holonet.net/keyserver From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: whitaker@eternity.demon.co.uk (Russell E. Whitaker) Date: Tue, 5 Jan 93 12:08:24 PST To: cypherpunks@toad.com Subject: MEETING: Cypherpunks UK (2nd; last announcement) Message-ID: <8326@eternity.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- 2nd Meeting, Cypherpunks UK - --------------------------- Chris Tame, of FOREST and the Libertarian Alliance, has generously offered the use of the meeting room at his offices for our gathering, Sunday, 10 January 1993, from 1300 onwards, at: FOREST 4th Floor 2 Grosvenor Gardens London SW1W 0DH 071-823-6550 This is just around the corner from Victoria Station, at the end of the mansion block near Hobart Place. There's a dark green cabbie shelter across the street from the entrance, and some British Telecom payphones. Can't miss it, really. However, if you have trouble, call the telephone number above, or call my pager, on 081-812-2661. If it helps, we're in the direction of Buckingham Palace, which is (very) partially visible from our windows. If you wish to attend, you should bring a 3.5" DOS-formatted diskette (sorry! My UN*X machine is an Intergraph workstation, and I can't use it for crypto) with a copy of your PGP 2.0+ public key. I'll sign it there. Mac users: if you don't have Apple File Exchange (what!?), I'll be extra nice and take your keys anyway ( ;-)) for AFE conversion on my IIcx. Not to fear. It might not be a bad idea to copy your public key on each of several diskettes, so you've got a copy to distribute to each of the others. Don't trust me to copy *your* key to others! As a matter of fact, as there are plenty of power points in the meeting room, you should bring your laptop, and/or a desktop PC: when someone hands you a disk-with-key, you can sign her key, and hand her back her diskette, with your own pubkey added. [Note to the novice: don't hand another person your secret key... the one named secring.pgp. Read the documentation.] This should be a lively meeting. Among the topics likely to be discussed are: o The proliferation of public key cryptography in the U.K. o The local development of anonymous remailers and a proposed automated public key repository at Demon Internet Systems o Electronic networking/email security for the novice o Pro-active proliferation of PGP 2.1+ to interesting European, African, and Asian sites - ftp placement - BBS distribution - sneakernet across borders o The use of HPACK in securing local file installations .. and much more! Mark Turner, from Demon Internet Systems, is likely to be on hand to demo DIS for non-DIS users. We've set up our own local, high-quality newsgroups: demon.security demon.security.keys and established the /pub/pgp and /pub/ibmpc/pgp archives on gate.demon.co.uk (expanding recently to include all versions of PGP, and interesting related files). Hope to see you there! Semper vigilans, -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK0lmwYTj7/vxxWtPAQFtVQQAna8vfz6LqC5J5fhlgE1FB+m4GpkvU4o9 HrpFd5NKTc+JrKZEuv/sEDbJvXScc5N38n9KCyIEKdPEUxsjSA58CffcLLEW4xnb w3zAIMyr3wdsD0sxw0gqSi3sx6MbGP5fXwbUb+LyNJzCvpzt3MLYA5tYWZkvIbl9 ONV1PIPtB60= =8qA3 -----END PGP SIGNATURE----- Russell Earl Whitaker whitaker@eternity.demon.co.uk Communications Editor 71750.2413@compuserve.com EXTROPY: The Journal of Transhumanist Thought AMiX: RWHITAKER Board member, Extropy Institute (ExI) ================ PGP 2.0 public key available ======================= From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: whitaker@eternity.demon.co.uk (Russell E. Whitaker) Date: Tue, 5 Jan 93 12:10:16 PST To: cypherpunks@toad.com Subject: Anonymous thanks ;-) Message-ID: <8333@eternity.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Some kind U.S. cypherpunk sent me a copy of his public keyring last week. Unfortunately - mea culpa! - after having integrated his keyring, I deleted his original message from my mailbase, and thus lost his contact info. I wish to thank this person for sending the keyring, whoever you are... my memory is faulty: so much email to catch up on! In the meantime, Mark Turner (mt@kram.org) is hard at work 1.) porting PGP to 386BSD and 2.) developing a telnettable PGP Key Server. Details as they happen. -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK0lqRITj7/vxxWtPAQGKeQQAo45IcgvBRON49bxyRtPSyHEpi4InsXQA oNxAE+iN+mGTRYRov8a9twgPXp+i7YHv+Xx+A8+c0ZilJV/954uPFy22xAqxl+4P kpUaITTt+oo/3no7g2cBPC2JhOZS7QTkokBvILhoofjNzRZJ+qTUScpyZ4QVlRvP smkZ8WWQg6o= =uvOA -----END PGP SIGNATURE----- Russell Earl Whitaker whitaker@eternity.demon.co.uk Communications Editor 71750.2413@compuserve.com EXTROPY: The Journal of Transhumanist Thought AMiX: RWHITAKER Board member, Extropy Institute (ExI) ================ PGP 2.0 public key available ======================= From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: eab@msc.edu (Edward Bertsch) Date: Tue, 5 Jan 93 09:21:50 PST To: pbreton@cs.umb.edu (Peter Breton) Subject: Re: purloined letter In-Reply-To: Message-ID: <9301051721.AA16197@uh.msc.edu> MIME-Version: 1.0 Content-Type: text/plain ->calling attention to the message BECAUSE it is encrypted? "If he went to ->the trouble of coding it, there MUST be something in there!!" Granted that ->if everyone begins encrypting, this problem will vanish... are there ->practical solutions in the meantime? (eg, Codes that look like plaintext?) a good point indeed. I know of no software that works the way it seems you would like. The best would be encryption software that makes your 'secret' message look like the kind of message that you would actually be sending to the recipient. Some kind of message that (when read by a human) makes sense, and seems innocuous. This sounds like a VERY difficult problem, and one that is not likely to be solved any time soon (in the sense of having this be done 100% by software). Another option would be to have the message fit the letter-frequency, letter-pair frequency, etc... that 'normal' messages have. The idea here is that messages may be scanned for unusual (i.e. non-english text) properties in this regard, and then scanned further by humans and/or computers in the order of their 'interestingness'. So to defeat this kind of scanning, your 'secret' message should 'appear' to be a 'ordinary' message. -- Edward A. Bertsch (eab@msc.edu) Minnesota Supercomputer Center, Inc. Operations/User Services 1200 Washington Avenue South (612) 626-1888 work Minneapolis, Minnesota 55415 (612) 645-0168 voice mail From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Matt Willis Date: Tue, 5 Jan 93 08:26:21 PST To: cypherpunks@toad.com Subject: Hiding PGP code Message-ID: <01GT5P4IHYCG000224@stetson.bitnet> MIME-Version: 1.0 Content-Type: text/plain Peter Breton writes: > In using encrypted communications, how does one avoid the problem of >calling attention to the message BECAUSE it is encrypted? "If he went to >the trouble of coding it, there MUST be something in there!!" Granted that >if everyone begins encrypting, this problem will vanish... are there >practical solutions in the meantime? (eg, Codes that look like plaintext?) Here's an interesting solution... You can program a message filter to add extract letters to each PGP character to make it a word. I'm sure you could find any database of words and have it randomly make first letters... it'd be pretty simple... and then the receiver would just take every letter followed by a space... and if you wanted to be ultra-sneaky (who, us) you could have null words that change conditions in the letter... like switching to the second letter in the word, or skipping the next word altogether... but what to do with no-letter PGP codes... ok, the first TWO letters of the word indicate a character... sort of like a byte... hey, I think I might just write this sucker... Code will follow! carpe crypto +-------Matt-Willis--------------------------------+ | Matt Willis ASTMWILL@STETSON.BITNET | elsewhere: | Matt Willis Head of the Underground | mwill@mindvox.phantom.com | Matt Willis Robotech PBM List | +-------Matt-Willis--------------------------------+ "Absolutely alone in awareness of the mechanism." -Agrippa by WG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Matt Willis Date: Tue, 5 Jan 93 08:44:58 PST To: cypherpunks@toad.com Subject: Re: RE: Acceptance of Keys Message-ID: <01GT5PQFUPTG000224@stetson.bitnet> MIME-Version: 1.0 Content-Type: text/plain From: "Karl L. Barrus" writes: > You posted some very good questions. The reason why it is >"unacceptable" to accept keys electronically is that you may be >vulnerable to spoofing. Okay, in reality, you have to realize that >attacking cryptographic protocols is a paranoid view of things, and >that you may not be attacked, but... if you send your public key to >somebody, it could be possible for someone to eavesdrop, grab your >key, substitute their own, and send that one along. Then when someone >responds to "you", the eavesdropper could read the message, re-encrypt >it with the public key they stole, and send it along to you. Then, >you don't even know you are the victim of eavesdropping. But we both call the same system (at least the people I x-change keys with) usually mindvox or a private system with a respected name... and in the case of Minvox, we do a DCC on IRC... straight person-to-person... to be eavesdropping... one, they'd have to tap my line, heavy equipment needed to tap a 16.8k HST v.42bis connection, seeing as I pretty much max out a phone line and HST's are really picky... or two, they'd intercept a DCC on the IRC at berkeley... but that's a 57.6k connection... however, that does seem possible... does anyone have any suggestions on how to make e-transfers of keys more secure, because, besides snail-mail (which would please the feds a lot) I have no other way of getting my key to them... > Anyway, it all boils down to validating the keys you receive. >Which makes it tough unless you can meet people face to face. >However, the latest version of pgp contains an option which computes >the md5 hash of your public key - which allows you to call someone, >and read each others hashes, thus completing the verification over the >phone. Of course, now you have to worry about receiving their correct >phone number... :-) geez, I didn't know it was this complicated... if someone screws with the key, it just doesn't decode, correct? nowadays, with MNP and ARQ-retries and all of our little .bis buddies, not to mention the CRC's in transfer protos, wouldn't that make an error in transfer EXTREMELY remote... so the only other way'd be tampering and even then it just wouldn't decode, so what... you get the key again... but I oversimplify the situation, I guess... Oh, and I know this is going to make me sound like a complete idiot in front of my peers, but I've always did straight tranfers of keys... how do you put ascii keys into your keyring? I can't seem to make MacPGP do it... sniffle... and if ihe reason I can't decode the key is due to an error in transmission, forget this entire message... +-------Matt-Willis--------------------------------+ | Matt Willis ASTMWILL@STETSON.BITNET | elsewhere: | Matt Willis Head of the Underground | mwill@mindvox.phantom.com | Matt Willis Robotech PBM List | +-------Matt-Willis--------------------------------+ "Absolutely alone in awareness of the mechanism." -Agrippa by WG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uri@watson.ibm.com Date: Tue, 5 Jan 93 09:55:48 PST To: cypherpunks@toad.com Subject: Re: purloined letter In-Reply-To: <9301051721.AA16197@uh.msc.edu> Message-ID: <9301051754.AA20090@buoy.watson.ibm.com> MIME-Version: 1.0 Content-Type: text/plain Edward Bertsch says: > > ->calling attention to the message BECAUSE it is encrypted? "If he went to > ->the trouble of coding it, there MUST be something in there!!" Granted that > ->if everyone begins encrypting, this problem will vanish... are there > ->practical solutions in the meantime? (eg, Codes that look like plaintext?) Well, my opinion is - the only way to go is to SHORTEN the transition period. Switch to all-encrypted e-mail ASAP. > a good point indeed. I know of no software that works the way it seems > you would like. > ............................................This sounds like a VERY > difficult problem, and one that is not likely to be solved any time soon > (in the sense of having this be done 100% by software). Agreed. Theoretically possible - practically infeasible. Plus imagine message size... Plus it depends on how clever a scanner-program can be - if eavesdroppers have enough CPU power, they could check for the "validity" as well, i.e. right word sequences, not just amount... > Another option would be to have the message fit the letter-frequency, > letter-pair frequency, etc... that 'normal' messages have. The idea > here is that messages may be scanned for unusual (i.e. non-english text) > properties in this regard, and then scanned further by humans and/or > computers in the order of their 'interestingness'. So to defeat this > kind of scanning, your 'secret' message should 'appear' to be a 'ordinary' > message. Again, it will, or will not work, depending on how smart the scanning program is. There's no reason why it can't detect, that your letters don't form valid English (German, Swedish, Arabic, whatever) words, *or* the words don't form valid sentences... I repeat - the surest way is to get over the hump sooner. -- Regards, Uri uri@watson.ibm.com scifi!angmar!uri N2RIU ----------- From cypherpunks-request Tue Jan 5 10:49:28 1993 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com (Bill_Stewart(HOY002)1305) Date: Tue, 5 Jan 93 10:48:32 PST To: cypherpunks@toad.com Subject: Re: purloined letter Message-ID: <9301051843.AA15785@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text The hiding-data-in-bogus-text system that Phil referred to is Peter Wayner's Mimic functions, which let you represent data using a Huffman code or context-free-grammar set of productions that matches innocuous text. The examples in the paper used baseball game radio narration (hiding a message "Paul is dead" :-) and political speeches by Mr. Neil Kinnock, the raving Labour Party honcho whose speeches were plagiarized by Joe Biden. (Biden, btw, was a nice guy when he was elected to the Senate at age just-under-30, but he's apparently gone Big Brotherish as he's aged. I'm not bothered by one politician borrowing another's speeches, but stooping to Neil Kinnock's syrupy ranting is a bit much :-) The papers on the mimic functions are in ftp.cs.cornell.ecu, under /pub/wayner/Mimic. There are also a couple of papers on building a highly parallel des-cracker out of content-addressable memory, Until encryption becomes widely used, if yuo want to hide encrypted data, mimic functions or low-bits-of-gifs are good ways to go. Bill Stewart From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com (Bill_Stewart(HOY002)1305) Date: Tue, 5 Jan 93 13:50:00 PST To: cypherpunks@toad.com Subject: Re: purloined letter -- mimic functions Message-ID: <9301052145.AA17381@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text Peter Wayner sent along the following note about mimic functions: ------- cut here ------ Original-From: wayner@cs.cornell.edu (Peter Wayner) Cool. I'm not a member of the mailing list. You can tell them if they want a copy of the code they should send me a note. They can get it in either C or Pascal. The C comes with tar wrapping paper for the faux industrial tech look. (I can't wait until Crate and Barrel start mining the Civil Defencse era for new retro-trendy styles. ) -Peter ------ cut here ------- At the risk of sounding like Peter G Neumann, I should comment that the combination of mimic functions and Mime mail could lead to lots of silliness and hand-waving .... Bill From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Mark Turner" Date: Tue, 5 Jan 93 13:19:58 PST To: whitaker@eternity.demon.co.uk Subject: Re: Anonymous thanks ;-) Message-ID: <9301052119.AA04308@toad.com> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- On Tue, 05 Jan 93 11:00:49 BST, "Russell E. Whitaker" wrote: > In the meantime, Mark Turner (mt@kram.org) is hard at work 1.) > porting PGP to 386BSD and 2.) developing a telnettable PGP Key > Server. Details as they happen. I was beaten too it with the port by Graham Toal (gtoal@gtoal.com) and Adrian Hall (adrian@rachel.ibmpcug.co.uk). It's available for anon ftp from rachel.ibmpcug.co.uk:/usr/local/src/pgp. Regards, Mark. p.s. I'll announce the PGP server here once it's fully operational. It will also have a mail server. -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK0n6NUER4WTv6d3nAQHorAP/ekT7fQYOSBBuS3vcBXJ7FG7RtwoID8QP NxspuGGrXcFSkKR4pCIzAArhWpxN3/gIqELiMQuEF2oGkzVomZBxmnyXvQxOjTtl e1x42EISp06qgMplwx4xu1FyPtF00BYI+WLlzeELvJ4DEvej8A5o+WVqQyjn8Ah7 /fAWIx4JSaE= =/ja0 -----END PGP SIGNATURE----- -- /\/\ark Turner Demon Systems / Demon Internet Office: mark@demon.co.uk (+44 81 349 0063) 42 Hendon Lane, London Home: mt@kram.org (+44 831 823 212) N3 1TT, England ------------------ PGP version 2.1 Public Key available ------------------- *** IP level dial-up connectivity to the Internet for a tenner a month! *** From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: edgar@spectrx.Saigon.COM (Edgar W. Swank) Date: Wed, 6 Jan 93 10:12:35 PST To: Cypherpunks Subject: Re: Remailer .sig suppressio Message-ID: MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- I was glad to read Hal's comments of Jan 2 about sig suppression and his anecdote about trying to chain the penet and pax remailers. I was not aware til now that the penet sig test was any line which *starts with* "--". A more appropriate test would be any line *consisting of only* "--" (exactly two dashes). Do you know if the pax sig test is the same as penet's? I can't imagine any solution to your problem which does not involve changing either the remailer (tighter sig test) or PGP (recognize either ----- or - --- as starting a PGP message or key delimiter). The best solution so far appears to be Miron Cuperman's remailer which is similar to (based on) the cypherpunks remailer, but *requires* encrypted input and does not remail any unencrypted text which might preceed or follow the encrypted text. But some modification of Miron's remailer to process trailing plaintext seems to be necessary for ARA. I hope it will include some recognition of a well-defined unambiguous text delimiter such as - -----END OF MESSAGE BODY----- which will screen out any following text. John Gilmore commented on my request for sig suppression: Remove the file ".signature" from your home directory and you'll be done with *that* hassle. Well, my home directory doesn't *have" a ".signature" file! This is an MS-DOS based WAFFLE BBS. All the sigs on this system look the same so I suspect that they are made up from the user directory and some file outside my home directory. I am led to believe from the user doc that if I *create* a file "sig" or "mailsig" (no dots) in my home directory this may affect the auto sig produced, but I haven't had a chance to try it yet. My fear is that if I produce a null sig file that the "--" will still appear, making it obvious that the auto sig is nulled. If this "--" appears at the same time on both my regular and anonymous messages, people who see both may put two and two together. John: PS: An extra credit note for the differently clued among us: Suppose you wanted to have a *different* signature for each of your multiple identities? I guess the remailers had better not strip off signatures, eh? Since I make up my outgoing mail offline, I would prefer to copy in the correct sig corresponding to each message identity. That way I can see that the correct sig is matched with the correct msg in each case. I can easily avoid remailer stripping by using a delimiter like "**" instead of "--". As I said in a previous msg, the problem with auto sigs is reliably switching them as you send out (with an automatic script) messages from your different ID's. Since getting the wrong sig on the wrong msg could result in jail, under some circumstances, I consider this a serious problem. An "anonymous" remailer which allows a user to lose his anonymity through a simple lapse (forgetting about the auto sig) is one too dangerous for me to use. In another msg, John Gilmore delivers a long harangue about "Why mailers should not touch the body". I agree with the above phrase if we differentiate "mailers", which are necessary for the generation and forwarding of all mail, from "anonymous remailers", which have to be specifically requested by the message sender, and whose only purpose is to obscure the message origin. Since the automatic signature often reveals the message origin, it's quite compatible with the mission of an anonymous remailer to remove it. John doesn't want PGP changed to eliminate trailing blanks on signed plaintext. (Which I think would fix about 90+% of current problems verifying sigs). He wants us all to suffer until all the mailers in the world are fixed to pass 8-bit binary. Well, I won't hold my breath for that. I think UUENCODE and PGP armored form are going to be around a long time. I prefer a more pragmatic approach that will give more immediate relief. -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK0rOvt4nNf3ah8DHAQGBrQP+I9DKzknWE6sNTmYeSga3tQWv2IrHQPyc hnqgXXqwq6GRvOUvGXqHdig9jfXbatYh7uYuMqn61xP9409JXnNJZ7QQuB9vSNdz K5gvCKksPKjJoxAb5miDJvf61bS3N/bavl8gHM80DaRxv0n5UlzymLAvurZrL2qR ZxgCWhz9P3o= =CAUz -----END PGP SIGNATURE----- -- edgar@spectrx.saigon.com (Edgar W. Swank) SPECTROX SYSTEMS +1.408.252.1005 Silicon Valley, Ca From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: yanek@novavax.nova.edu (Yanek Martinson) Date: Wed, 6 Jan 93 05:53:09 PST To: cypherpunks@toad.com Subject: RSAREF now available via anonymous FTP (fwd)) Message-ID: <9301061352.AA03071@novavax.nova.edu> MIME-Version: 1.0 Content-Type: text/plain In case someone's interested: Forwarded message: > Date: Tue, 5 Jan 93 17:15:58 PST > Message-Id: <9301060115.AA18302@RSA.COM> > To: rsaref-users@RSA.COM > From: burt@RSA.COM > Subject: RSAREF now available via anonymous FTP > Sender: rsaref-users-request@RSA.COM > > Dear RSAREF user -- > > RSAREF is now available via anonymous FTP to 'rsa.com'. Along with > RSAREF you can get RIPEM, Mark Riordan's RSAREF-based privacy-enhanced > mail application, and an Emacs command interface to RIPEM. See the > file 'README' in the FTP directory 'rsaref' for more information. > > -- Burt Kaliski > RSA Laboratories > -- Yanek Martinson mthvax.cs.miami.edu!safe0!yanek uunet!medexam!yanek this address preferred -->> yanek@novavax.nova.edu <<-- this address preferred Phone (305) 765-6300 daytime FAX: (305) 765-6708 1321 N 65 Way/Hollywood (305) 963-1931 evenings (305) 981-9812 Florida, 33024-5819 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peter honeyman Date: Wed, 6 Jan 93 08:48:52 PST To: edgar@spectrx.Saigon.COM (Edgar W. Swank) Subject: Re: A solution remailer signature suppression In-Reply-To: <1k4PwB7w165w@spectrx.saigon.com> Message-ID: <9301061648.AA16517@toad.com> MIME-Version: 1.0 Content-Type: text/plain count me on the side of those folks who feel that remailers (and mailers, for that matter) should keep their hands off the body of the message. furthermore, any editor that changes a file without being told to (e.g., by stripping blanks) is (imho) broken. edgar, you say: > This system I use doesn't allow me to run my own software, so I > think this idea wouldn't work for me, in any case. that is probably not the sort of system you want to use if you are interested in the privacy and integrity of your work. peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tytso@ATHENA.MIT.EDU (Theodore Ts'o) Date: Wed, 6 Jan 93 13:24:09 PST To: peter honeyman Subject: Re: A solution remailer signature suppression In-Reply-To: <9301061648.AA16517@toad.com> Message-ID: <9301062123.AA17503@tsx-11.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain I also agree that any sort of mailers should pass a message body UNTOUCHED. Next thing you know, people will be advocating that remailers have AI capabilities for stripping out incriminating statements made inside the body. If your mail system is broken enough that it inserts signatures without your permission, and you have no way to controlling it, it's broken. End of statement. Fix it or ditch it. - Ted From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: shipley@merde.dis.org Date: Wed, 6 Jan 93 20:25:15 PST To: toad.com!cypherpunks@soda.berkeley.edu Subject: mh wrapper Message-ID: <9301070203.AA25280@merde.dis.org> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- here is my first pass (a 7min hack) at a wrapper for a pgp<->mh use. the next verion will me a replacement for the editor to automaticly sign the body of a file (while leaving the header alone. ===== CUT HERE ==== #!/bin/sh #pgpcomp - pgp compose # Peter M. Shipley (Wed Jan 6 17:58:41 PST 1993) umask 7077 TEMP=${TEMP-/tmp} EDITOR=${EDITOR-/usr/ucb/vi} whatnow=/usr/local/mh-6.7/bin/whatnow export TEMP EDITOR tempfile=$TEMP/pgp$$ /bin/cat << EEOOFF > $tempfile To: cc: Fcc: +drafts Subject: Precedence: special-delivery - -------- EEOOFF $EDITOR $tempfile /bin/sed "/^--------/,$ d" < $tempfile > ${tempfile}.head /bin/sed "1,/^--------/d" < $tempfile > ${tempfile}.body /usr/local/bin/pgp -sta +clearsig=on $tempfile.body -o $tempfile.signed /bin/mv ${tempfile}.head ${tempfile} /bin/cat << EEOOFF >> ${tempfile} - -------- EEOOFF /bin/cat < $tempfile.signed.asc >> ${tempfile} /bin/rm -f ${tempfile}.* exec $whatnow -prom "pgpsend> " $tempfile ===== CUT HERE ==== -----BEGIN PGP SIGNATURE----- Version: 2.1 iQBFAgUBK0uPgMhmn7GUWLLFAQH7MAF9EuCX3ZAauG771viwGmnyk4YaiNDFhpmr ann0Qvd6hVhTOnbSZNKet3Z9i0FUnDDu =40PL -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Wed, 6 Jan 93 21:54:47 PST To: cypherpunks@toad.com Subject: Russian analysis of PGP Message-ID: <9301070552.AA22839@servo> MIME-Version: 1.0 Content-Type: text/plain Anybody familiar with the internals of PGP care to comment on this item that just showed up on sci.crypt? It's amazing to think that the famous "kremvax" joke was only a decade ago. Now the Russians are openly reviewing our cryptosystems for us. May you live in interesting times. Phil From qualcom.qualcomm.com!walter!uunet!noc.near.net!lynx!mkagalen Wed Jan 6 21:48:32 PST 1993 Article: 12285 of sci.crypt Xref: qualcom.qualcomm.com sci.crypt:12285 alt.security.pgp:1003 Newsgroups: sci.crypt,alt.security.pgp Path: qualcom.qualcomm.com!walter!uunet!noc.near.net!lynx!mkagalen From: mkagalen@lynx.dac.northeastern.edu (michael kagalenko) Subject: discussion desired Message-ID: <1993Jan7.002820.3579@lynx.dac.northeastern.edu> Organization: Northeastern University, Boston, MA. 02115, USA Date: Thu, 7 Jan 1993 00:28:20 GMT Lines: 127 I'd appreciate greately your enlightened opinions on the following article. (disclaimer : I have no qualification in the Great Science of Cryptology(tm) ; I'm just posting someone's e-mail) About using the electronic signature for protection of commercial information: The analysis of PGP ver.2.0 program. --------------------------------------------------------------------- THE MOSCOW STATE UNIVERSITY named after m.V. Lomonosov ______________________________________________________________ THE MATHEMATICAL CRYPTOGRAPHY PROBLEMS LABORATORY The MSU mathematical cryptography problems laboratory employeers with some addition specialists were executed the preliminary analysis of PGP ver.2.0 program. The preliminary study of working and program source code analysis result in following PGP features and problems: 1. The common character problems - the sequence of random numbers has strong prevalences on bytes (up to 0.05 ... 0.1 on material of 10000 byte) and strong correlation dependence between contiguous bytes; - the program doesn't check it's own integrity, so it can be infected by "virus" which intercept confidential keys and passwords used for their protection and save them onto magnetic carriers; - the program has not optimal exponentiation algorithm in GF(P) field, when P - prime number, which result in low performance; 2. The RSA algorithm realization problems - the prime numbers reception using in this program (R and q in RSA algorithm) permits not less than on two order to reduce the labour-intensiveness of factorization; with 256 bit blocks of data lenght it is possible to execute the cryptanalysis in real time; - before using RSA the program executes compression and block encryption that positively affects on the common stability encryption. 3. The electronic signature problems - for signature calculation the program originally executes hashing of file into number of given length (256, 512 or 1024 bit), but hashing function does not corresponds the ISO recommendations; - when considering the hashing function as the automatic device without output, it is enough simply possible to construct the image of reverse automatic device and with using the blanks in text files (or free fields in some standard formats as in DBF), to compensate the hashing function at changed file to former significance. Thus, it is possible to forge the electronic signature without analysis of RSA algorithm. 4. The block encryption algorithm problems - when executing analysis on plaintext and ciphertext the linear correlation dependences with encryption key were founded (0.01 and more degree); - also the effective method of decreasing security which reduces the order of time necessery to key definition in two times in comparison with exhaustive search of all keys (i.e. algorithm has the labour-intensiveness which is equal the root square from labour-intensiveness of the exhaustive search algorithm) have been found. The conclusions: It is recommended to use encryption with 1024 bit key length. The using of electronic signature is not recommended and requires the additional study. The block encryption algorithm has temporary stability. The hashing function should be reduce in conformity with ISO recommendations. The using of PGP program in actual version is undesired. The MSU mathematical cryptography problems Laboratory Manager Academician Dr. Sidelnikov V.M. ==END From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Matt Willis Date: Mon, 11 Jan 93 11:02:02 PST To: cypherpunks@toad.com Subject: Commie's Message-ID: <01GT8HKCAJFK0004WU@stetson.bitnet> MIME-Version: 1.0 Content-Type: text/plain To this southern boy, it looks like the pinkos are slamming American (whoops, sorry, English) programming... :) "pgp in actual use is not recommended.", oh yeah, well our alphabet has more characters, so there... There were some interesting flaws that they pointed out... Could someone do a follow up and say what has been fixed in PGP version 2.1? If pgp cyphertext/encrypted data is predictable, I wonder how that would affect the "it'd take a Cray a year" figure? (or were the pinkos being overconfident) I actually like the Russians, but I'm just fulfilling my stereotype. peace :* +-------Matt-Willis--------------------------------+ | Matt Willis ASTMWILL@STETSON.BITNET | elsewhere: | Matt Willis Head of the Underground | mwill@mindvox.phantom.com | Matt Willis Robotech PBM List | +-------Matt-Willis--------------------------------+ "Absolutely alone in awareness of the mechanism." -Agrippa by WG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl L. Barrus Date: Thu, 7 Jan 93 11:10:50 PST To: cypherpunks@toad.com Subject: double anonymity via pax and penet Message-ID: <9301071910.AA04605@tree.egr.uh.edu> MIME-Version: 1.0 Content-Type: text/plain Cypherpunks, I've been toying lately with "tying" the remailers at pax and penet together. Briefly, the anonymous service at anon.penet.fi supports anonymous remailing (but you must register your id), anonymous posting, and anonymous forwarding. The remailer at pax.tpa.com.au support anonymous remailing (runs pgp, must register your key for encryption service) and anonymous posting. For more info, get the help files by mailing to help@anon.penet.fi and anon.info@pax.tpa.com.au. Anyway, my idea is as follows: somehow get one of these services to establish an id on the other one, and also establish a path back to you. Then, you should be able to receive mail by having it sent to an anonymous id on one of the services, which will then forward it to another anonymous id on the other service, which will then forward to you. Of course, as cypherpunks, we have several of our own cryptographically protected remailers, but I thought I'd explore using these others ones also. If you don't have an id already established on either service, you can get one by simple trying to use it (for example, posting a message). Since the remailer at anon.penet.fi allows anonymous forwarding (using the % notation), I established a double system as follows: (for convenience I shall reveal the anonymous id's I was assigned by this test procedure; @penet shall mean @anon.penet.fi and @pax shall mean @pax.tpa.com.au) I mailed to anon.post.alt.test%pax.tpa.com.au@anon.penet.fi from barrus@tree.egr.uh.edu. This went to anon.penet.fi, where I was allocated an anonymous id for barrus@tree. The id I was given for barrus@tree was an5022@penet. Then, penet forwarded to anon.post.alt.test@pax.tpa.com.au (because of the % notation), which resulted in two things: a post to alt.test, and the establishing of an id on pax for the anonymous id on penet - anon.435@pax. After a few minutes, I recieved acknowledgment of my post to alt.test, sent from penet. So pax sent the acknowledgement to the anonymous id at penet, which then sent it to me - barrus@tree. I also watched for my post to alt.test to appear, which it did. So now, mail sent to anon.435@pax gets forwarded to me via penet. Then, I tried the process in reverse. I sent to the anonymous pax allocated from my other account (elee9sf@menudo.uh.edu). I sent from the other account because I already have an anonymous id for that one, and I wanted to keep new account allocation to a minimum, but as it turns out I think I messed up. Anyway, the mail I sent made it to barrus@tree (via pax and penet), but I was allocated another anonymous id from penet (an5030@penet), and the notice came to elee9sf! After thinking about it some more, I realized that what that acknowledgement must be. When I mailed to anon.435@pax from elee9sf, I wasn't allocated an anonymous id because I have one. So pax sent the message to an5022@penet. But penet hadn't seen a message from anon.435@pax, so it allocated another id, and sent to acknowledgement back to anon.435@pax. But for some reason, the remailer at pax didn't send this to an5022@penet - it jumped it and responded to my account elee9sf@menudo.uh.edu. So the pax service seems fairly intelligent. Or there is a bug :-) Then, I tried to mail to anon.435@pax from barrus@tree. I thought I would be assigned an anonymous id at pax for barrus@tree, but I wasn't. Actually, for some reason, I was mailed the acknowledgement of yet another anonymous id, an5047@penet! But, my original goal was to establish an anonymous id on pax which would forward to an anonymous id on penet (and vice versa), and I succeeded: mail sent to anon.435@pax goes to barrus@tree via penet mail sent to an5030@penet goes to elee9sf@menudo via pax as an unplanned effect: mail sent to anon.437@pax goes to elee9sf@menudo via penet mail sent to an5047@penet goes to barrus@tree via pax These are the anonymous id's I beleive I've generated because of this procedure: an5022@penet, an5030@penet, an5047@penet (I don't understand this one), anon.435@pax, anon.437@pax (I don't understand this one either). I figured I would use four id's: one from penet for barrus@tree, one from pax for barrus@tree, one from penet for pax, and one from pax for penet. For some reason, when I mail to anon.437@pax or an5047@penet from barrus@tree, the mail doesn't arrive in either of my accounts. So I'm still trying to sort out this mess before I mail to the administrators at both sites, explain what happened, and have these various id's deleted. Anybody with an id already established on pax or penet is welcome to mail to me at anon.208@pax or an5030@penet to help me figure out if it worked (I've run out of accounts to test this from and I don't want to involve elee7h5@rosebud where I'm running a remailer). I think the step I may have erred was mailing to anon.435@pax from elee9sf, where I have an id. Maybe by mailing from barrus@tree I would have been assigned an id, and recieved acknowledgement of an id from penet for the id at pax, and possibly an5047@penet wouldn't have been generated. Some uses of this I can think of are of course mailing via cypherpunk remailers to the first link in the pax/penet remailers chain. This would hide our remailers from others, since pax and penet are well known anonymous services. I haven't thought of a way to send messages (other than posting to usenet) via pax/penet. So I could post a message, as described above, and collect responses via a double anonymous reply. Anyway, what do you think?? Any ideas or suggestions? /-----------------------------------\ | Karl L. Barrus | | barrus@tree.egr.uh.edu (NeXTMail) | | elee9sf@menudo.uh.edu | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl L. Barrus Date: Thu, 7 Jan 93 13:53:49 PST To: cypherpunks@toad.com Subject: chaining remailers... Message-ID: <9301072153.AA05530@tree.egr.uh.edu> MIME-Version: 1.0 Content-Type: text/plain Geez, I can't beleive I forgot to consider that responding to me will result in a steady stream of anonymous id allocations. Guess I was caught sleeping on that one! Back to the better cryptographically protected cypherpunk remailers and Hal's "constructed" anonymous addresses...and I better ask the administrators at pax and penet to wipe out some allocated id's :-) /-----------------------------------\ | Karl L. Barrus | | barrus@tree.egr.uh.edu (NeXTMail) | | elee9sf@menudo.uh.edu | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Thu, 7 Jan 93 13:04:27 PST To: CYPHERPUNKS Subject: Chaining remailers. Message-ID: <930107205520_74076.1041_DHJ47-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- It was interesting to see Karl Barrus's efforts to chain the Pax and Penet remailers. I think one of his problems is this: If I reply to one of Karl's double-remailed aliases, I will get assigned two anonymous aliases - one from each of pax and penet. The first machine I send to will assign me an anonymous alias, and forward my mail on, with a "From:" indicating that same new alias. The second machine will then see mail coming in from that new alias, assign me an alias for that, and send it back to me (via the first machine). That's why Karl got an extra alias in some of his tests that he wasn't expecting. It also means that the fact that he is using a double remailing alias will be revealed to anyone who chooses to send to him. I think the lesson is that this process of automatic alias assignment may not be the best way to handle things. It sounds attractive and simple, but look at all the problems Karl ran into. And if you're using a chain of remailers for an anonymous address, you really don't want everyone who sends to you to find out exactly what chain you are using. I still lean towards the idea of a "constructed" anonymous address, where I decide ahead of time which remailers I'll use, and in what order. Then, I need some way to put that address into the return field of my mail that I send. If this were possible, then person A could post a message, with his headers set so that replies will go to this anonymous address. And if person B wanted to send to A, he could, using A's anonymous address, and B could arrange it so that B's own anonymous address would go into the outgoing headers. A and B could then communicate using two completely different paths, both anonymously. A could go from pax to penet to B, and B could go from menudo to rebma to A. Each user would establish his anonymous address in the way he preferred. I think this is probably a better system than all this automatic assignment of anonymous aliases. It seems simpler and it should still be easy to use. The automatic systems tend to get out of hand. Hal Finney 74076.1041@compuserve.com -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK0xuQagTA69YIUw3AQEGXAP/XxoWGmnMOm7E0d70uRGuwqHpG8KPzopk uERMjltmE1Xug7auzmFYKEV1I24DZyd3ClaDyoZQWpI79dTLQfnEPOHqhgXD8Ul4 PgYo5Gyf2yKIv5kbsmetWnAB23oDeyuE6HR9X5vl/MNWq38exbRlt8I303FtXQCi foIUiShHcaA= =0k6V -----END PGP SIGNATURE----- Distribution: CYPHERPUNKS >INTERNET:CYPHERPUNKS@TOAD.COM From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Thu, 7 Jan 93 15:20:26 PST To: "Karl L. Barrus" Subject: Re: double anonymity via pax and penet In-Reply-To: <9301071910.AA04605@tree.egr.uh.edu> Message-ID: <9301072254.aa08873@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > I've been toying lately with "tying" the remailers at pax and > penet together. Briefly, the anonymous service at anon.penet.fi > supports anonymous remailing (but you must register your id), > anonymous posting, and anonymous forwarding. The remailer at > pax.tpa.com.au support anonymous remailing (runs pgp, must register > your key for encryption service) and anonymous posting. For more > info, get the help files by mailing to help@anon.penet.fi and > anon.info@pax.tpa.com.au. Well, let's start by saying that fo%bar@blach addresses are pretty error prone, as there are a lot of brain-damaged mailers out there. Much safer to use the X-Anon-To: header for this kind of stuff. See the help file from help@anon.penet.fi for more info. Secondly, currently anon.penet.fi strips off PGP messages and signature blocks. I am going to fix the .sig stripper Real Soon Now.... Thirdly, I notice a lot of mailers get "From:" and "Sender:" (or envelope) addresses screwed up. Anon.penet.fi puts the anon id in the "From:" field, but makes "Sender:" point to the anon admin, to catch mail bounces that might reveal the true identity of an anon id. I don't know how pax.tpa.com.au handles this.... > These are the anonymous id's I beleive I've generated because > of this procedure: an5022@penet, an5030@penet, an5047@penet (I don't > understand this one), anon.435@pax, anon.437@pax (I don't understand > this one either). I figured I would use four id's: one from penet for > barrus@tree, one from pax for barrus@tree, one from penet for pax, and > one from pax for penet. > For some reason, when I mail to anon.437@pax or an5047@penet > from barrus@tree, the mail doesn't arrive in either of my accounts. > So I'm still trying to sort out this mess before I mail to the > administrators at both sites, explain what happened, and have these > various id's deleted. Anybody with an id already established on pax > or penet is welcome to mail to me at anon.208@pax or an5030@penet to > help me figure out if it worked (I've run out of accounts to test this > from and I don't want to involve elee7h5@rosebud where I'm running a > remailer). > I think the step I may have erred was mailing to anon.435@pax > from elee9sf, where I have an id. Maybe by mailing from barrus@tree I > would have been assigned an id, and recieved acknowledgement of an id > from penet for the id at pax, and possibly an5047@penet wouldn't have > been generated. I'll check on those id's tomorrow. It's 11pm out here, and I have a specification to finish for a meeting tomorrow morning.... Julf (an0@anon.penet.fi) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mjr@netcom.com (Matthew Rapaport) Date: Fri, 8 Jan 93 19:57:22 PST To: cypherpunks@toad.com Subject: Alias cascades Message-ID: <9301090357.AA07830@netcom2.netcom.com> MIME-Version: 1.0 Content-Type: text/plain ****** Hal <74076.1041@CompuServe.COM> ****** >I think the lesson is that this process of automatic alias assignment >may not be the best way to handle things... look at all the problems >Karl ran into. If I understand Karl right, he got this cascade of aliases because he tried to talk to HIMSELF through different accounts/aliases at alternate ends of the chain. Since no one would want to do that (other than to test things) normally, this wouldn't be a problem. >I still lean towards the idea of a "constructed" anonymous address, >where I decide ahead of time which remailers I'll use, and in what >order. But I already *do* control the order of use for MY mail, that means stuff I send out and stuff people send to me in DIRECT reply to my stuff. There is nothing to stop someone from sending to my id on pax say through a first remailer of their own choice, provided they originate the mail (i.e. a REPLY is not equivalent to ORIGINAL mail in this case). As for picking my own alias, this sounds appealing but is actually much weaker then a randomly assigned one. Besides that, it could be an administrative nightmare for the sysadmins on the aliasing systems. matthew rapaport Philosopher/Programmer At Large KD6KVH mjr@netcom.com 70371.255@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Chael Hall) Date: Fri, 8 Jan 93 17:49:57 PST To: cypherpunks@toad.com Subject: New Remailer Message-ID: <9301090147.AA03071@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain Fellow Cypherpunks: I am working on a program in C that will provide both anonymous remailing capabilities and mail server operations. In order to better test the software I have installed it on my account through my .forward and .maildelivery files so that all messages received with a header line "X-Anon-To" or "Request-Remailing-To" will be remailed to the appropriate address. If you cannot add your own header lines with your mailer, set the subject to contain "Request Remailing" and use the following format: :: Request-Remailing-To: user@host Subject: Anything you choose :: Any of the following fields can be placed within the "::" delimiters: Request-Remailing-To: X-Anon-To: Subject: The remailer is case insensitive and you can place the "::" lines anywhere within the message. Signature stripping is NOT supported, however a "kill line" will be implemented soon so that you can halt message processing beyond a certain point. Message body processors are supported as an add-on feature. PGP support would work as a message processor. On my end, I can define a "start processing" line and a "stop processing" line. Only text between (and including) those lines will be passed to the message processor. Unfortunately, PGP is not installed on this system, so support will have to wait. I will post full specifications later. Plesae let me know of any ambiguities. Please also note that I am keeping detailed logs of the use of this software for testing purposes, but I would rather delete all logs than provide them to authorities. The remailer is run on a multi-user system for which I do not have a privileged account. Chael Hall Chael Hall | Campus Phone Number nowhere@bsu-cs.bsu.edu | (317) 285-3648 00CCHALL@bsuvax1.bitnet | 00CCHALL@LEO.BSUVC.BSU.EDU | "I hate it when that happens!" From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Chael Hall) Date: Fri, 8 Jan 93 18:02:48 PST To: cypherpunks@toad.com Subject: New Remailer (more) Message-ID: <9301090200.AA03698@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain I forgot to add: If you are chaining remailers, you can use the sequence "+::+" at the beginning of the line to pass the remaining characters on that line through the remailer untouched. For example: Message sent to this remailer: ----------v :: X-Anon-To: anon@anon.penet.fi :: +::+:: X-Anon-To: nowhere@bsu-cs.bsu.edu +::+:: beginning of text... ----------^ Message sent to anon.penet.fi: ----------v :: X-Anon-To: nowhere@bsu-cs.bsu.edu :: beginning of text... ----------^ Chael Hall Chael Hall | Campus Phone Number nowhere@bsu-cs.bsu.edu | (317) 285-3648 00CCHALL@bsuvax1.bitnet | 00CCHALL@LEO.BSUVC.BSU.EDU | "I hate it when that happens!" From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: edgar@spectrx.Saigon.COM (Edgar W. Swank) Date: Sat, 9 Jan 93 14:58:45 PST To: Cypherpunks Subject: Trailing blanks in signed plaintext Message-ID: MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Distribution: Cypherpunks Branko Lankester I noticed something about PGP signed plaintext the last time used that feature to send a message to Cypherpunks. Apparently PGP takes any line beginning with 5 dashes ("-----") and adds "- " (dash blank) to it. I guess the purpose for this is to avoid confusion if the plaintext message should contain a PGP delimiter like -----BEGIN PGP SIGNATURE----- But in my particular case, what I specified in my input plaintext was -----END OF MESSAGE BODY----- (but with no indentation), but what came out was - -----END OF MESSAGE BODY----- Given that PGP is going to make changes like this to signed plaintext, I suggest there is no longer any reason to object if PGP also removes trailing blanks from signed plaintext. -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK02ta94nNf3ah8DHAQFX8wP/dyusrml+2XH7XQtFcsQveGW3Zz3ib6K9 xGGV2hnvhwIHbFs4HIKTIVT0BFR6Y4SuqFMeF0BS16FIu47GmW8Q55iIhweDP7x5 +CUMXSynwQsz4XOMU/CpqNAwJifNoM9BwNu+RqfhIxwi6KxO1i3FwJjxPzE+uHkh Y7Mjl7Ytkd0= =0l/6 -----END PGP SIGNATURE----- -- edgar@spectrx.saigon.com (Edgar W. Swank) SPECTROX SYSTEMS +1.408.252.1005 Silicon Valley, Ca From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: edgar@spectrx.Saigon.COM (Edgar W. Swank) Date: Sat, 9 Jan 93 15:00:34 PST To: Cypherpunks Subject: Delimiting text body in ARA Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Jan 5, Hal commented on my suggestions for ARA using a Miron Cuperman remailer. > I'd also like to suggest that the message- body to > be encrypted require heading and trailing > delimiters such as: > > -----BEGIN MESSAGE BODY----- > -----END MESSAGE BODY----- > > Note delimiters would not be part of message body > and would not be encrypted. These anonymous addresses do need a distinction between the "message address" (or "envelope") and the message body. The anonymous address gets decrypted at each step, and the message body gets encrypted at each step using the scheme above. But Eric Hughes pointed out that we already have such a distinction in the RFC822 message headers vs body. We should use that existing structure rather than try to create our own. That means that anonymous addresses should be designed to fit into mail headers. Unfortunately many mail agents make this difficult or inconvenient right now, but perhaps that is an area where we could make some improvements. In this model, we would not need message body delimiters, since mail already has its message body delimited distinct from its headers. I think "many mail agents" at least the one at this location, make it downright impossible to put an ARA into the header. Especially a chained ARA, which is part address and part body (to all except the last remailer in the chain). I think we are better off writing tools which will work now on the worst common denominator of mailers, rather than insisting that the world change so our solutions can be more elegant. Note that the user of an ARA is likely to be less computer & e-mail literate than the person he is responding to. It's easy to specify, to reply, mail to the [first remailer address]. Put this encrypted ARA block first in your message body, followed by your reply message enclosed in -----BEGIN MESSAGE BODY----- -----END MESSAGE BODY----- Only the text between these two delimiter lines will be received by the original sender, so your anonymity will be protected too. Note that this elegantly takes care of discarding the automatic sig of the responder, if any. Some here, like Richard Childers, don't want to protect users who might not understand that they need to suppress their automatic sig to maintain their anonymity with a remailer. People who run remailers have to be pretty gutsy anyway. They may get sued by disgruntled recipients of abusive or threatening anon msgs. It seems to me they don't also need to risk being sued by disgruntled message senders (or responders) who are embarassed (or worse) by inadvertantly revealing their identity in what they intended as an anonymous message. Note that your average civil jury is not going to be terribly computer-literate. Even a suit which loses is going to cost a lot to defend against. As to Hal's other suggestion: If we do process the message body with encryption at each stage, I do have an idea which could be useful. If the body which is being encrypted is already in the format of an ASCII-encoded message using the standard RFC822 encryption used in PGP, RIPEM and PEM, then rather than just encrypting it it could be de-ASCII'd, then encrypted, then re-ASCII'd. This would keep it from increasing in size by a factor of 4/3 at each encryption step. Sound's like a good idea, but it's not going to save anywhere near 1/3 (4/3 - 1), at least with PGP, since (recall) PGP (at least by default) compresses before it encrypts. -- edgar@spectrx.saigon.com (Edgar W. Swank) SPECTROX SYSTEMS +1.408.252.1005 Silicon Valley, Ca From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Fri, 8 Jan 93 23:43:08 PST To: CYPHERPUNKS Subject: New remailer in C. Message-ID: <930109073836_74076.1041_DHJ43-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- From: nowhere@bsu-cs.bsu.edu (Chael Hall) > Fellow Cypherpunks: > > I am working on a program in C that will provide both anonymous > remailing capabilities and mail server operations. It's good to see more people working on remailers. The cypherpunks remailers have been written in Perl, which facilitates experimenting and testing of new interfaces. The idea might be to migrate them to C eventually for efficiency, but during this experimental phase we may want to try out new ideas, and it's easier to modify a Perl script than a C program. > If you cannot add your own header lines with your mailer, set > the subject to contain "Request Remailing" and use the following format: > > :: > Request-Remailing-To: user@host > Subject: Anything you choose > :: > > Any of the following fields can be placed within the "::" delimiters: > > Request-Remailing-To: > X-Anon-To: > Subject: > > The remailer is case insensitive and you can place the "::" lines > anywhere within the message. This is somewhat similar to the cypherpunks remailers; however, they accept the :: only at the beginning of the message, allow any fields to be put there that the user desires (not just those three), and terminate the block by a blank line. Does your alternate system have some advantages? > I forgot to add: If you are chaining remailers, you can use the > sequence "+::+" at the beginning of the line to pass the remaining characters > on that line through the remailer untouched. I do find the use of this string to produce rather complicated looking commands. The cypherpunks remailers get the same effect by just putting in blocks starting with :: and separated by blank lines: :: Anon-To: anon@anon.penet.fi :: Anon-To: nowhere@bsu-cs.bsu.edu This looks simpler to me. Hal Finney 74076.1041@compuserve.com -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK05WUagTA69YIUw3AQGpaAP+LxpocNUI1/Zw3DAwwAxeKBtdj0sSyx8p 05xnI3FmklosxapVpcF/aVkDKL/FjzwBZ9ML5wt2m7UvqS1iX9UILQByPNAxTOKF TIuFKkjt2wT5ykvHRGLl6ZAB6w6PzkNiclHNJw4FFEaFzoxmnz3bQXatKBFFgGFd IjIMFF0d0Ig= =ztz0 -----END PGP SIGNATURE----- Distribution: CYPHERPUNKS >INTERNET:CYPHERPUNKS@TOAD.COM From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Fri, 8 Jan 93 23:47:53 PST To: CYPHERPUNKS Subject: Chaining addresses... Message-ID: <930109073904_74076.1041_DHJ43-2@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- From: mjr@netcom.com (Matthew Rapaport) > >I think the lesson is that this process of automatic alias assignment > >may not be the best way to handle things... look at all the problems > >Karl ran into. > > If I understand Karl right, he got this cascade of aliases because he > tried to talk to HIMSELF through different accounts/aliases at alternate > ends of the chain. Since no one would want to do that (other than to > test things) normally, this wouldn't be a problem. My understanding was that everyone who tried to talk to him would get two aliases assigned automatically. Karl made the problem worse by talking to himself from two different addresses, but you're still talking about a lot of aliases. > >I still lean towards the idea of a "constructed" anonymous address, > >where I decide ahead of time which remailers I'll use, and in what > >order. > > But I already *do* control the order of use for MY mail, that means > stuff I send out and stuff people send to me in DIRECT reply to my > stuff. There is nothing to stop someone from sending to my id on pax say > through a first remailer of their own choice, provided they originate > the mail (i.e. a REPLY is not equivalent to ORIGINAL mail in this case). OK, so you can set up an anonymous address which, say, goes through pax and then penet and then to you. If someone replies to that address, they will be anonymous to you, by default; their anonymous address will go through penet and then pax. But if they didn't want that anonymous address, they could use one of their own (say, rebma to soda to themselves) first, then go to your address. Now when you reply to them, I guess your message will go through penet, then pax, then rebma, then soda, then to them. My feeling was it would be better if they could put a Reply-To: into the message that just meant to go to rebma then to soda to themselves, and get that Reply-To: to go through the pax-to-penet chain to you. Also, they would not get anonymous ID's assigned by penet and pax, ideally. Instead, you would reply to them using this Reply-To address and go through just rebma and soda to get to them. This will be simpler and faster than having all messages go through the union of both communicant's anonymous address chains. > As for picking my own alias, this sounds appealing but is actually much > weaker then a randomly assigned one. Besides that, it could be an > administrative nightmare for the sysadmins on the aliasing systems. I wasn't really talking about picking my own alias. It is more a matter of having a straightforward way to construct an anonymous address that goes through the specific chain of systems that I choose. Hal Finney 74076.1041@compuserve.com -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK05Wa6gTA69YIUw3AQFy+QP/RAepMQETJWqM7szQ9ID0TAgrIvQc8ArH MX6S14lzb492skAIathLYllfyhN2TTO/gN+lCC4lvnzs9UOLJ2rlNzFxT8geV1yx MxKKzIZ39tMmyCXHx2cnH7ySHMoEVzp5TqXqQhEbmqn0k6c7hoL+sz6l43/g6rPL g++F+kRs2nQ= =0OfU -----END PGP SIGNATURE----- Distribution: CYPHERPUNKS >INTERNET:CYPHERPUNKS@TOAD.COM From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: eab@msc.edu (Edward Bertsch) Date: Sat, 9 Jan 93 05:49:38 PST To: karn@qualcomm.com (Phil Karn) Subject: Re: Russian analysis of PGP In-Reply-To: <9301070552.AA22839@servo> Message-ID: <9301091348.AA01342@wc.msc.edu> MIME-Version: 1.0 Content-Type: text/plain -> The conclusions: -> It is recommended to use encryption with 1024 bit key length. -> The using of electronic signature is not recommended and -> requires the additional study. -> The block encryption algorithm has temporary stability. -> The hashing function should be reduce in conformity with ISO -> recommendations. -> The using of PGP program in actual version is undesired. -> The MSU mathematical cryptography -> problems Laboratory Manager -> Academician -> Dr. Sidelnikov V.M. these are serious claims. What do the authors of the software have to say about them? Others? -- Edward A. Bertsch (eab@msc.edu) Minnesota Supercomputer Center, Inc. Operations/User Services 1200 Washington Avenue South (612) 626-1888 work Minneapolis, Minnesota 55415 (612) 645-0168 voice mail From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mjr@netcom.com (Matthew Rapaport) Date: Sat, 9 Jan 93 09:20:46 PST To: cypherpunks@toad.com Subject: Cascading Aliases Message-ID: <9301091720.AA17521@netcom2.netcom.com> MIME-Version: 1.0 Content-Type: text/plain ****** Hal <74076.1041@CompuServe.COM> ***** >My understanding was that everyone who tried to talk to him would get >two aliases assigned automatically. Yes I suppose, but I can ignore them. Let's see if I got this right. In the following scenario, I will represent alias servers and their aliases in the following way: A-123 where 'A' is the server, and '123' is the alias. I receive a message from Z-999. I have no idea how many servers this has gone through. I *originate* a message back to this person, but I sent it first through *my* preferred alias chain, so the message goes from me through A-123 -> B-456 -> Z-999 and then somewhere else (perhaps) before reaching its final destination. Now the Z server has never seen a message from B-456, so it automatically generates a NEW alias (Z-111) for that ID. Now machine Z bounces that new alias back along the chain B-456 -> A-123 and thence to me, informing me that an alias has been established on machine Z for my ID on machine B. It also uses that alias to send the message along to the next machine on the chain (if there is one) which also creates a new alias (never having seen a message from Z-111), and bounces it back, etc. I see that this is where I get to detect the alias path my recipient is using, but there is an easy solution (see below). So one or more new aliases will be generated (you are correct) in response to my original mail, BUT, I can ignore those aliases (once I receive them in the reflected mail) and never need think about them again because the link between B-456 and Z-111 is now established. Further translation will take place automatically with no further bounce backs in any future correspondence between the two parties *if* they both use their own chosen mail paths consistently. If in my next mail, however, I REPLY to Z-999 (i.e. I don't generate original mail), then another alias will be generated on the Z machine for mjr@netcom.com and I will also be informed of that, etc. Once again, however, I don't have to care about that. From the recipients viewpoint, however, mail has now been received from two different aliases that represent the same person (one for my original mail, and one for my REPLIES) There are two possible solutions while still generating automatic aliases: 1) Don't alias someone who hasn't specifically requested it (e.g. with a ping or something). This is probably not a good idea. I like the fact that these Aservers take a "most conservative approach" automatically assuming that someone wants to be aliased if they are originating/replying to an aliased ID. 2) Stop the alias-information-bounce-back unless someone specifically requests it (e.g. with a ping). This might do the trick. I don't have to KNOW what my alias number is even on the machine that does the first outbound and last inbound conversion. All the conversions along the chain are automatic, so why should I care what my alias numbers are? matthew rapaport Philosopher/Programmer At Large KD6KVH mjr@netcom.com 70371.255@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tytso@ATHENA.MIT.EDU (Theodore Ts'o) Date: Sat, 9 Jan 93 08:52:30 PST To: eab@msc.edu Subject: Re: Russian analysis of PGP In-Reply-To: <9301091348.AA01342@wc.msc.edu> Message-ID: <9301091651.AA21070@tsx-11.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain From: eab@msc.edu (Edward Bertsch) Date: Sat, 9 Jan 93 7:48:46 CST these are serious claims. What do the authors of the software have to say about them? Others? "Dr. Sidelnikov" has presented some very serious claims, indeed, but has not produced one shred of evidence to back them up. Some of his claims, to wit his assertion that PGP's hashing function is breakable, he could have very simply demonstrated, without using a lot of clumsy english. (All he would have needed to do is to produce, two strings, X and Y, where X != Y and MD5(X) == MD5(Y) --- or better yet, given message digest Z which someone else picks, such as the test values in RFC-1321, produce a string X such that MD5(Z) == X. Some of his other claims, such as his complaint that PGP doesn't contain any self-checking code to protect against "killer viruses", on the surface seem to indicate a very shallow analysis of the problem. Something else to consider is that the source of his posting is somewhat suspect. The person who posted it got it from a friend, who got it from some other net where supposedly Dr. Sidelnikov posted it. At the moment, its source sounds like an awful lot of urban legend stories which many of us have heard before. An equivalent statement to his posting might be: "I heard from a friend who heard from an Eminent MIT Professor: Don't use XXX, since it uses DES which could be broken." While I might have a lot of respect for MIT and its professors, I would want to see a demonstration of this fact before I would take that kind of report very seriously. The same standards should be held to Dr. Sidelnikov. - Ted P.S. Note that I am not completely ruling out Dr. Sidelnikov's claims; but we should keep in mind that up to this point, we have not one shred of evidence that he is (a) who he claims to be, or (b) his statements are true. I would expect that most academics, when publishing something of this magnitude, would include some sort of evidence to back their claims up. P.P.S. Also note that if his claim about MD5 is true, then we are in a lot more trouble than just PGP being insecure. There are an awful lot of other protocols that use MD5, including Privacy Enhanced Email (PEM). From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mjr@netcom.com (Matthew Rapaport) Date: Sat, 9 Jan 93 12:49:59 PST To: cypherpunks@toad.com Subject: Cascading Aliases Message-ID: <9301092049.AA03501@netcom2.netcom.com> MIME-Version: 1.0 Content-Type: text/plain The discussion just above between Karl, Hal, Johan, and myself, has made me realize that the standard "bounce back" behavior of all the alias servers I've used so far actually defeates the purpose of remailer chains no matter how one embeds the forwarding information. When any person *first* replies to or originates mail across a remailer chain, a new alias is generated at each hop (however many). So far, that is good, a "most conservative assumption" approach, and it provides easily for reply channel maintenance. The problem is that each machine also reflects its new alias back along the chain to the message originator thereby revealing the entire chain to the message originator, something that might not be desirable to the party on the other side. The solution is very simple, just stop bouncing the new alias information back along the chain. This can not HURT anyone using the alias/remailer system because you never need to know what your aliases are as the conversion and forwarding process is automatic. If someone needs, for some reason to KNOW his alias for a given system (or all of them) on *his/her* chain, he/she can easily arrange to ping the server at the appropriate level. Besides not hurting any current operations, Stopping the *automatic* reply to sender about a new alias helps to secure everything a great deal more because it hides the "other guy's" chain, something that both parties might reasonably expect. matthew rapaport Philosopher/Programmer At Large KD6KVH mjr@netcom.com 70371.255@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: norm@netcom.com (Norman Hardy) Date: Sat, 9 Jan 93 17:52:25 PST To: toad.com!cypherpunks@soda.berkeley.edu Subject: Politics of Rmailers Message-ID: <9301100152.AA02289@netcom2.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Theodore Ts'o writes: If your mail system is broken enough that it inserts signatures without your permission, and you have no way to controlling it, it's broken. End of statement. Fix it or ditch it. I can imagine a system administrator choosing to require that all mail originating from his machine include a signature that correctly identifies the local name of the sender. I make this special point to illustrate a broader problem with remailers: They require operators of remailers to be sympathetic with the ends of the users of remailers. This obviously does not include the entire population for at least the recipient is not sympathetic. I suspect that technical solutions sought in recent mail will founder in presence of the politics of the operators of the remailers. I understand that routing your message thru at least one "friendly" remailer may be enough but if your reasons for using remailers are not sufficiently popular, then society, in some form, will pressure the friendly remailers to betray the sender without advance warning. If society polarizes into camps then there may be remailers in each camp. A remailer in one camp is unlikely to service messages from the other. Barriers then arise. I think that the technical issues are only the tip of the iceberg. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Sat, 9 Jan 93 15:33:30 PST To: Cypherpunks Subject: Cascading aliases Message-ID: <930109232813_74076.1041_DHJ76-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain I think Matthew Rapaport's point is good that much of the trouble with the automatic assignment of aliases comes from the automatic mailing to the user of a new alias. Most of the remailing servers have a special address or command you can send meaning "assign me a new alias, and tell me what it is". Probably, as Matthew says, they should only mail back the newly assigned alias when one of these special commands is used. I'm still not convinced that automatic alias assignment should always be done when mail goes through a server from a new address. It seems like this might generate so many aliases that it would be too great a load on the servers, especially if remailers become more widely used. But it's hard to say how bad a problem this is. I feel that the main purpose of an anonymous address is to protect the anonymity of the person being addressed, not people who send to him. Just because a person chooses to be anonymous is no reason to expect that everyone who wants to talk to him also wants to be anonymous. I think it would be better to only provide anonymity when asked. Systems that do too much for people sometimes get in the way. Hal Finney 74076.1041@compuserve.com Distribution: Cypherpunks >INTERNET:cypherpunks@toad.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Sat, 9 Jan 93 17:12:59 PST To: Cypherpunks Subject: Trailing blanks in PGP Message-ID: <930110010447_74076.1041_DHJ70-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain Edgar points out that PGP prepends a "- " string to every line that starts with "-", and suggests that it would not be much further to go to strip trailing blanks. While I sympathize with the problems Edgar and others have with trailing blanks messing up signature checking, it turns out that the "- " quoting is done at a different stage of the processing than signature checking. When a signed message is created, it is first "canonicalized", which presently means only that each line is made to end with a carriage return line feed. The signature is then calculated on this form. For the cleartext signature, the message is then wrapped in the "-----BEGIN PGP MESSAGE-----" lines, and the quoting of lines starting with "-" is done. As Edgar surmises, this quoting is so that the end of the message can be accurately located, even if the message contains lines like "-----END PGP MESSAGE-----". On the receiving end, the message is first stripped of the -----BEGIN and -----END lines, and the "-" quoting is undone. The resulting message is then canonicalized (so that lines end with CRLF's) and the signature is calculated and checked against that sent with the message. Space stripping could be done fairly easily in the "unwrapping" process, along with the "-" de-quoting, as Edgar suggests. But it would still fail if the user signed a message which ended a line with a blank. In fact, if he ever did sign such a message, and the de-quoting routine were enhanced to strip trailing blanks, the message would always fail the signature check, because that necessary trailing blank will be gone. What really needs to be done is to change the definition of a "canonical text" message. Presently it only specifies CRLF line terminators. It would have to be enhanced to specify also that no spaces precede any CRLF. If this were done, then the canonicalizing process done at both ends would strip the trailing blanks before calculating the signature, and therefore trailing blanks would not affect the signature check. Presently, PGP "knows" that on a PC, canonical text form is the same as regular text form. That is because CRLF is the normal line terminator on a PC. So, canonicalizing is skipped on the PC, which speeds up signing and verification on this class of machines, which include some of the slowest on which PGP is run. Adding blank-stripping to the definition of canonical text means that all messages will have to be canonicalized on PC's, thus adding an extra processing pass which is avoided now. So there is some cost in doing this. There are also some compatibility problems, in that old signed messages which had trailing blanks would no longer signature-verify if we changed the definition of canonical text in this way. However, there probably aren't that many such messages, so this may be a tolerable cost. I do think we should consider making this change, as many people have complained about it. Hal Finney 74076.1041@compuserve.com Distribution: Cypherpunks >INTERNET:cypherpunks@toad.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Sat, 9 Jan 93 10:56:27 PST To: Hal <74076.1041@compuserve.com> Subject: Re: New remailer in C. In-Reply-To: <930109073836_74076.1041_DHJ43-1@CompuServe.COM> Message-ID: <9301092030.aa10557@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > > I am working on a program in C that will provide both anonymous > > remailing capabilities and mail server operations. > > It's good to see more people working on remailers. The cypherpunks > remailers have been written in Perl, which facilitates experimenting > and testing of new interfaces. The idea might be to migrate them > to C eventually for efficiency, but during this experimental phase > we may want to try out new ideas, and it's easier to modify a Perl > script than a C program. I do appreciate the cypherpunks stuff, but perl is still not a very widely used standard tool, and not everyone of us want to learn the ins and outs of yet another language... So I do applaud the C version... And please, I am *not* trying to start any religious wars... Julf (an0@anon.penet.fi) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mjr@netcom.com (Matthew Rapaport) Date: Sat, 9 Jan 93 21:21:39 PST To: cypherpunks@toad.com Subject: Politics of Rmailers Message-ID: <9301100521.AA28337@netcom2.netcom.com> MIME-Version: 1.0 Content-Type: text/plain ***** norm@netcom.com (Norman Hardy) ***** >I can imagine a system administrator choosing to require that >all mail originating from his machine include a signature that >correctly identifies the local name of the sender. I can too, but I suspect they wouldn't last long, particularly if they were commercial systems and their paying users felt that the anonymity option was something to be desired. I worry about institutional constraints much more, particularly at the national level "All machines on the Internet in this country will insure that mail originators are identified...", etc. Even this can be overcome technically though (smarter signature strippers). >This obviously does not include the entire population for at least the >recipient is not sympathetic. This isn't necessarily so. I can appreciate some other person's desire to remain anonymous in certain kinds of transactions. Also, people in other parts of the world seem much more sensitive to issues of privacy then we here in the US tend to be. >If society polarizes into camps then there may be remailers in >each camp. A remailer in one camp is unlikely to service messages >from the other. Well maybe, but this goes against the philosophical, political, and technical grain of the International Internet as it now exists. I note that the world already *is* polarized into camps to a greater or lesser extent. If there is eventual political and social fallout from the use of alias remailers, I think it would be more of an us (the Internet community who use remailers) vs. them (everyone else) kind of thing. I have detected murmurs of dislike for people who use remailers just on general principles (i.e. you should take responsibility for what you say). matthew rapaport Philosopher/Programmer At Large KD6KVH mjr@netcom.com 70371.255@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tribble@xanadu.com (E. Dean Tribble) Date: Sat, 9 Jan 93 23:56:14 PST To: uunet!netcom.com!norm@uunet.UU.NET Subject: Politics of Rmailers In-Reply-To: <9301100152.AA02289@netcom2.netcom.com> Message-ID: <9301100731.AA10229@xanadu.xanadu.com> MIME-Version: 1.0 Content-Type: text/plain Date: Sat, 9 Jan 93 17:52:01 -0800 From: uunet!netcom.com!norm (Norman Hardy) I can imagine a system administrator choosing to require that all mail originating from his machine include a signature that correctly identifies the local name of the sender. I can imagine it, but none exist. This is mostly because the From: field is supplied by the mailer and satisfies that requirement, whereas requiring things in teh body of the mail message goes against the grain of how the systems are used. remailers: They require operators of remailers to be sympathetic with the ends of the users of remailers. This obviously does not Are there other reasons to use a remailer besides anonymity? I can't think of any, so that solves the sympathy problem. If a remailer operator conspires to reveal who you are that's a different issue, and is solved (or reduced a lot) by using a chain of remailers. Then *all* of the remailers have to be compromised to reveal that connection from source to destination. dean From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tribble@xanadu.com (E. Dean Tribble) Date: Sat, 9 Jan 93 23:56:11 PST To: uunet!netcom.com!norm@uunet.UU.NET Subject: Politics of Rmailers In-Reply-To: <9301100152.AA02289@netcom2.netcom.com> Message-ID: <9301100732.AA10236@xanadu.xanadu.com> MIME-Version: 1.0 Content-Type: text/plain Date: Sat, 9 Jan 93 17:52:01 -0800 From: uunet!netcom.com!norm (Norman Hardy) I can imagine a system administrator choosing to require that all mail originating from his machine include a signature that correctly identifies the local name of the sender. I can imagine it, but none exist. This is mostly because the From: field is supplied by the mailer and satisfies that requirement, whereas requiring things in teh body of the mail message goes against the grain of how the systems are used. remailers: They require operators of remailers to be sympathetic with the ends of the users of remailers. This obviously does not Are there other reasons to use a remailer besides anonymity? I can't think of any, so that solves the sympathy problem. If a remailer operator conspires to reveal who you are that's a different issue, and is solved (or reduced a lot) by using a chain of remailers. Then *all* of the remailers have to be compromised to reveal that connection from source to destination. dean From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mjr@netcom.com (Matthew Rapaport) Date: Sun, 10 Jan 93 08:02:07 PST To: cypherpunks@toad.com Subject: Cascading-Automatic aliases Message-ID: <9301101601.AA03100@netcom2.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Hal Finney: > I think it would be better to only provide anonymity when asked. Johan Helsingius: > It all depends on the intended target audience. I have to agree with Johan here, and with the way all (?) the Aserver creators/administrators have chosen to go. Consider the following scenarios, assuming that Person-X does not know anything about the particulars of the Aserver(s) he/she is routed through when making a direct *reply* to an anonymous message. A) Person-X doesn't care if he/she is aliased when he/she replies, but he/she is aliased anyway. consequence: Not much, the message still gets through (as would a re-reply, so if the Person-X *wants* to make his/her identity known later he/she can always state it in a message body). B) Person-X *wants* to be aliased in his/her reply, but *isn't* because the Aserver doesn't do it automatically, and person-X isn't aware that such a "switch" needs to be thrown. consequence: Potentially disasterous to person-X! I submit that automatic aliasing, by default, is consistent with the very purpose of Aservers, more exactly their intended, legitimate, uses! This doesn't mean that Aliasing software shouldn't contain some provision for turning ON a switch that passes you through un-aliased, but this switch should be for users who KNOW the server and how to modify its default behavior. I wouldn't object to such a switch, but personally I don't see much use for it either. Once I knew I wanted to reveal myself to someone, I could just tell him/her in a message body. If they want to reveal themselves to me, they can do likewise, and then we can address each other's machines directly, bypassing the Aserver(s). Now if these same creators/administrators would only *turn off* the automatic (default) message saying: "An alias [ALIAS####] has been created for you on Aserver@somewhere.in.the.world" the privacy of what seems to be a growing, potential, aliasing network (Anetwork) would be significantly enhanced. Reversing the default here would be consistent with the "most conservative assumption" approach otherwise already taken with respect to auto-alias. matthew rapaport Philosopher/Programmer At Large KD6KVH mjr@netcom.com 70371.255@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Sun, 10 Jan 93 00:45:29 PST To: Hal <74076.1041@compuserve.com> Subject: Re: Cascading aliases In-Reply-To: <930109232813_74076.1041_DHJ76-1@CompuServe.COM> Message-ID: <9301101022.aa17715@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain Hal Finney writes: > I feel that the main purpose of an anonymous address is to protect the > anonymity of the person being addressed, not people who send to him. Just > because a person chooses to be anonymous is no reason to expect that > everyone who wants to talk to him also wants to be anonymous. I think it > would be better to only provide anonymity when asked. Systems that do too > much for people sometimes get in the way. Well, yeeeeesss... but.... It all depends on the intended target audience. If our users are pretty sophisticated netfreaks, I agree that the philosophy of the system ought to be "only do what the user asks for". But if the users are non-computer-literate people, seeking a source of support and understanding in this vast mess of e-mail and netnews, I feel they need and deserve all the hand-holding and safety switches the software can provide. So it seems there is room and need for *different* remailers. Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Crys Rides Date: Sun, 10 Jan 93 08:22:48 PST To: tribble@xanadu.COM (E. Dean Tribble) Subject: Politics of Rmailers In-Reply-To: <9301100152.AA02289@netcom2.netcom.com> Message-ID: <9301101621.AA12728@ucunix.san.uc.edu> MIME-Version: 1.0 Content-Type: text/plain >>>>> On Sat, 9 Jan 93 23:32:18 PST, tribble@xanadu.com (E. Dean Tribble) said: E.> Date: Sat, 9 Jan 93 17:52:01 -0800 E.> From: uunet!netcom.com!norm (Norman Hardy) E.> I can imagine a system administrator choosing to require that E.> all mail originating from his machine include a signature that E.> correctly identifies the local name of the sender. E.> I can imagine it, but none exist. This is mostly because the From: ^^^^^^^^^^^ E.> field is supplied by the mailer and satisfies that requirement, E.> whereas requiring things in teh body of the mail message goes against E.> the grain of how the systems are used. *Bzzzzt* Wrong answer, thank you for playing. The public access bbs system running out of Chapel Hill, automatically appends the same signature to all outgoing messages, and other sites are considering the same measures. CrysRides From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Chael Hall) Date: Sun, 10 Jan 93 17:33:05 PST To: crys@eith.biostr.washington.edu (Crys Rides) Subject: Re: Politics of Rmailers In-Reply-To: <9301101621.AA12728@ucunix.san.uc.edu> Message-ID: <9301110129.AA09743@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain >E.> I can imagine it, but none exist. This is mostly because the From: > ^^^^^^^^^^^ >E.> field is supplied by the mailer and satisfies that requirement, >E.> whereas requiring things in teh body of the mail message goes against >E.> the grain of how the systems are used. >*Bzzzzt* Wrong answer, thank you for playing. The public access bbs >system running out of Chapel Hill, automatically appends the same signature >to all outgoing messages, and other sites are considering the same measures. I think what he's saying is that a signature that identifies which *user* on the system as well as the system name does not exist. I'm sure there are a couple, but I agree with your point that most BBS's on any mail network append an identifying "tagline" or signature. As a matter of fact, in many nets it is a requirement that your system append a tagline to all messages. Incidentally, it is preceded often by "--" on a line by itself. Chael Hall -- Chael Hall nowhere@bsu-cs.bsu.edu, 00CCHALL@LEO.BSUVC.BSU.EDU, CHALL@CLSV.Charon.BSU.Edu (317) 285-3648 after 3 pm EST From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Crys Rides Date: Sun, 10 Jan 93 17:44:13 PST To: nowhere@bsu-cs.bsu.EDU (Chael Hall) Subject: Re: Politics of Rmailers In-Reply-To: <9301101621.AA12728@ucunix.san.uc.edu> Message-ID: <9301110143.AA15332@ucunix.san.uc.edu> MIME-Version: 1.0 Content-Type: text/plain >>>>> On Sun, 10 Jan 93 20:29:47 EST, nowhere@bsu-cs.bsu.edu (Chael Hall) said: >E.> I can imagine it, but none exist. This is mostly because the From: > ^^^^^^^^^^^ >E.> field is supplied by the mailer and satisfies that requirement, >E.> whereas requiring things in teh body of the mail message goes against >E.> the grain of how the systems are used. >*Bzzzzt* Wrong answer, thank you for playing. The public access bbs >system running out of Chapel Hill, automatically appends the same signature >to all outgoing messages, and other sites are considering the same measures. Chael> I think what he's saying is that a signature that identifies which Chael> *user* on the system as well as the system name does not exist. I'm Chael> sure there are a couple, but I agree with your point that most BBS's on Chael> any mail network append an identifying "tagline" or signature. As a Chael> matter of fact, in many nets it is a requirement that your system append Chael> a tagline to all messages. Incidentally, it is preceded often by "--" Chael> on a line by itself. Evidently I mis-interpreted his exact meaning in his statement, but if I remember correctly, wasn't one of the original mail messages along this line stating that any mail system which included a signature or identification automatically was broken? The point being is this is a common example of how this is used, and that if an anonymous poster comes from such a site, his sig would close the search area greatly if not removed. So this appears to me to be a good point in favor of signature stripping. Chael> Chael Hall Chael> -- Chael> Chael Hall Chael> nowhere@bsu-cs.bsu.edu, 00CCHALL@LEO.BSUVC.BSU.EDU, CHALL@CLSV.Charon.BSU.Edu Chael> (317) 285-3648 after 3 pm EST CrysRides From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tribble@xanadu.com (E. Dean Tribble) Date: Sun, 10 Jan 93 22:30:18 PST To: Cypherpunks@toad.COM Subject: Politics of Rmailers In-Reply-To: <9301110143.AA15332@ucunix.san.uc.edu> Message-ID: <9301110548.AA14295@xanadu.xanadu.com> MIME-Version: 1.0 Content-Type: text/plain >E.> I can imagine it, but none exist. This is mostly because the From: > ^^^^^^^^^^^ >*Bzzzzt* Wrong answer, thank you for playing. The public access bbs Yes. Absolutes are almost always wrong. I've never encountered such a system, however. Chael> I think what he's saying is that a signature that identifies which Chael> *user* on the system as well as the system name does not exist. I'm There are lots of mailers that add the X-Organization: field, or some such. Evidently I mis-interpreted his exact meaning in his statement, but if I Now now. No need to be too sarcastic. :-) dean From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tribble@xanadu.com (E. Dean Tribble) Date: Sun, 10 Jan 93 22:30:05 PST To: cypherpunks@toad.com Subject: both stripping and not Message-ID: <9301110551.AA14300@xanadu.xanadu.com> MIME-Version: 1.0 Content-Type: text/plain With even current remailer architectures, it's trivial to simply have different services for normal remailing (which leaves body intact) and stripping services that grundge the message arbitrarily. When we really want anonymity, for instance, we will need message rewriting services that break the correlation between authors and writing style. A friend of mine looked into that material and claims that such analysis can do a depressingly good job at figuring out what messages were written byt he same author, even if the author tries to stilt his style. dean From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Chael Hall) Date: Sun, 10 Jan 93 20:22:10 PST To: crys@eith.biostr.washington.edu (Crys Rides) Subject: Re: Politics of Remailers In-Reply-To: <9301110143.AA15332@ucunix.san.uc.edu> Message-ID: <9301110419.AA14032@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain >Evidently I mis-interpreted his exact meaning in his statement, but if I >remember correctly, wasn't one of the original mail messages along this line >stating that any mail system which included a signature or identification >automatically was broken? The point being is this is a common example >of how this is used, and that if an anonymous poster comes from such a site, >his sig would close the search area greatly if not removed. So this >appears to me to be a good point in favor of signature stripping. > >CrysRides True, it will make tracing the mail extremely simple if nothing is done to strip the signature out. Where I disagree is where Hal appears to disagree--it is too simple to accidentally cut off the rest of your message by putting a line starting with "--" in your message. I think a "kill line" would be best. Anything after that line is ignored. Chael -- Chael Hall nowhere@bsu-cs.bsu.edu, 00CCHALL@LEO.BSUVC.BSU.EDU, CHALL@CLSV.Charon.BSU.Edu (317) 285-3648 after 3 pm EST From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl L. Barrus Date: Sun, 10 Jan 93 21:42:51 PST To: cypherpunks@toad.com Subject: No Subject Message-ID: <9301110542.AA20105@tree.egr.uh.edu> MIME-Version: 1.0 Content-Type: text/plain Hal <74076.1041@compuserve.com> said: >My understanding was that everyone who tried to talk to him would get >two aliases assigned automatically. Actually, what I expected to happen was this: the acknowledgement of an anonymous id on penet for the anonymous id on pax would be generated, and this ack would be sent via the chain back to me (barrus@tree) since I established the chain. That is, I had linked anon.435@pax to an5022@penet to barrus@tree. Then, upon mailing to anon.435@pax from my other account (which already has an anonymous id established, so another would not be generated), the mail would proceed to an5022@penet, which would create an id and send it back to anon.435@pax. Now I expected this ack to then be turned right around, send to an5022@penet and then on to barrus@tree. So I was expecting the creation of another anonymous id, but the acknowledgement didn't go to barrus@tree. My original thinking was that once I established the id's in both direction, when someone responded to anon.435@pax, they would be allocated an id if they didn't have one. And since penet had by this time seen anon.435@pax, no new id would be made, and the mail would proceed on the me. Anyway, that was an experiment that seems to lead to explosive anonymous id growth :-) I agree with Matthew that not mailing back an ack would help cut down the flurry of mail, but it still results in all sorts of extra id's. I was hoping the whole thing would be like a pointer: mail to id1@pax forwards to id2@penet and then on to me with no extraneous account manufactured. But since we have our own cryptographically protected remailers, we cypherpunks can make our own remailing chains (Hal's constructed anonymous addresses). This way, you can decided on the path of your outgoing mail and your return mail: create the appropriate header, and attach your message on the end. To receive responses, just send a response header with the return path encrypted along with instructions to your recipient to cut the response header into a new file, add a message to the bottom, and mail to the appropriate remailer. (Note: I've used this method successfully twice, so it isn't too hard to do). Just remember that if your recipient doesn't have pgp, don't route your mail through extropia or their message will be blocked. If I get a chance I'll work on a program that will generate the appropriate header given routing input. /-----------------------------------\ | Karl L. Barrus | | barrus@tree.egr.uh.edu (NeXTMail) | | elee9sf@menudo.uh.edu | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pmetzger@shearson.com (Perry E. Metzger) Date: Mon, 11 Jan 93 22:44:03 PST To: crys@eith.biostr.washington.edu Subject: Re: Politics of Rmailers Message-ID: <9301111556.AA03382@maggie.shearson.com> MIME-Version: 1.0 Content-Type: text/plain > From: Crys Rides > > >>>>> On Sat, 9 Jan 93 23:32:18 PST, tribble@xanadu.com (E. Dean Tribble) said: > > E.> Date: Sat, 9 Jan 93 17:52:01 -0800 > E.> From: uunet!netcom.com!norm (Norman Hardy) > > E.> I can imagine a system administrator choosing to require that > E.> all mail originating from his machine include a signature that > E.> correctly identifies the local name of the sender. > > E.> I can imagine it, but none exist. This is mostly because the From: > ^^^^^^^^^^^ > E.> field is supplied by the mailer and satisfies that requirement, > E.> whereas requiring things in teh body of the mail message goes against > E.> the grain of how the systems are used. > *Bzzzzt* Wrong answer, thank you for playing. The public access bbs > system running out of Chapel Hill, automatically appends the same signature > to all outgoing messages, and other sites are considering the same measures. Mr Rides; Your rudeness is exceeded only by your apparent incapacity to read. As has been stated, quite clearly, no one is doubting that such systems exist. The "none exist" in the last paragraph refers to REASONS FOR THIS PRACTICE, not to the number of sites practicing it. As was said, the "From:" field satisfies the stated requirement without the need for autosignatures. The notion of an automatic footer when automatic headers exist already that satisfy the identification requirement is without merit. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Mon, 11 Jan 93 09:03:28 PST To: CYPHERPUNKS Subject: Chaining Pax and Penet. Message-ID: <930111164804_74076.1041_DHJ37-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- From: Karl L. Barrus > My original thinking was that once I established the id's in both > direction, when someone responded to anon.435@pax, they would be > allocated an id if they didn't have one. And since penet had by this > time seen anon.435@pax, no new id would be made, and the mail would > proceed on the me. The problem is this: when someone responds to your anonymous ID anon.435@pax, their mail _from_ Pax does not come from anon.435. Anon.435 is _your_ id. Instead, their mail from Pax comes from their own anonymous ID (possibly a newly allocated one). Then, when the mail goes to Penet, it sees this new "From" ID and allocates one of its own. The same thing happened when you sent to anon.435@pax from your system which already had a Pax ID. When the mail was forwarded from Pax to Penet, it was not marked as coming from anon.435. Instead, it was marked as coming from this already-assigned Pax ID. (I don't think you ever said what that already-assigned ID was.) Penet had not seen that ID before, so it allocated an alias for it and sent back to that ID. Penet's mail-back would _not_ go to anon.435, but rather to the Pax ID which it was replying to. Hal -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK1F6D6gTA69YIUw3AQGMTAQAqXm7SdE6uyf+04J5GY3KU7dk7A2D7loC TeT+0UqpsSPOI+31YrJPww2h9XuwGylAZ9dqu/hPdolIzukjr+WiOKRyU34imezd iX9yYv3Ry3jCebcn9c79NY3zEQhjGh1LhqKmec5QLp3FjPB+gQZZypdaHz4GeDJF 4oDyArzKafc= =wZgY -----END PGP SIGNATURE----- Distribution: CYPHERPUNKS >INTERNET:CYPHERPUNKS@TOAD.COM From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Mon, 11 Jan 93 09:03:59 PST To: CYPHERPUNKS Subject: .Sig suppression Message-ID: <930111164833_74076.1041_DHJ37-2@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Chael> I'm Chael> sure there are a couple, but I agree with your point that most BBS's on Chael> any mail network append an identifying "tagline" or signature. As a Chael> matter of fact, in many nets it is a requirement that your system append Chael> a tagline to all messages. Incidentally, it is preceded often by "--" Chael> on a line by itself. I'd like to hear more about systems which do this. What is the rationale for adding the system name at the end? Do these networks not use Internet-style "From:" headers, so these automatic system-wide .sigs are used for the same effect? I guess there must be gateways between these bbs's and the internet, for this issue to arise. It's too bad that these gateways don't convert the .sig info into a more conventional RFC-822 style Internet header. Hal Finney -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK1F586gTA69YIUw3AQFNogP9FU2W3wrHTnfrZeKtrMOq4Zz5aTUN7+vv 04iMOdV975fCzqdmgR7O758qamewguYV8XHmPVloLSMwgnmbzBNs8zRZkVAwTKnB rpQqeahXPNeC1PVu/ezoiBvc26ujcN2Ga9OuGUWu9RFRvjwQ0rl51mTjHED1fJi+ 7I/TV4kT4Kk= =WeLq -----END PGP SIGNATURE----- Distribution: CYPHERPUNKS >INTERNET:CYPHERPUNKS@TOAD.COM From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ccat@netcom.com (Chris Beaumont) Date: Mon, 11 Jan 93 12:03:17 PST To: cypherpunks@toad.com Subject: Atari PGP -is it available.. Message-ID: <9301112002.AA13654@netcom2.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Does anyone know if there is a current version of PGP available for the Atari ST. Thanks! From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Richard Childers Date: Mon, 11 Jan 93 12:11:31 PST To: CYPHERPUNKS@TOAD.COM Subject: request digest format Message-ID: <9301112009.AA14251@rchilder.us.oracle.com> MIME-Version: 1.0 Content-Type: text/plain When is this going to be converted into a Digest format ? Without wishing to appear peckish, Christmas would have been a good opportunity ... -- richard ===== -- richard childers rchilder@us.oracle.com 1 415 506 2411 oracle data center -- unix systems & network administration ... whatever remains, however improbable, must be the truth. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mjr@netcom.com (Matthew Rapaport) Date: Mon, 11 Jan 93 16:09:41 PST To: cypherpunks@toad.com Subject: multiple aliases. It doesn't matter how many Message-ID: <9301112219.AA25430@netcom2.netcom.com> MIME-Version: 1.0 Content-Type: text/plain ***** Karl L. Barrus ***** >I agree with Matthew that not mailing back an ack would help cut down >the flurry of mail, but it still results in all sorts of extra id's. Yes, but so what? That is, why does it matter so long as all the conversion from one to the next takes place automatically. The process strengthens your security as well as that of any respondent. True this may not be necessary, but under the circumstances (the whole point of alias servers) isn't a "lets not take chances" approach best? Lets take an extreme case (not that I'm suggesting things be implemented this way). Imagine that every time you or anyone else originates mail through an Aserver you are given a NEW ID (not just the first time, but EVERY TIME). Again, so long as a relationship is maintained between all your ID's on a given server and their corresponding ID's on the next machine down or up the line, it shouldn't matter to you at all! After a few years you could end up with hundreds or thousands of IDs. What difference would it make? You don't need to know what *any* of them are... matthew rapaport Philosopher/Programmer At Large KD6KVH mjr@netcom.com 70371.255@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl L. Barrus Date: Mon, 11 Jan 93 13:03:35 PST To: cypherpunks@toad.com Subject: constructed anonymous addresses Message-ID: <9301112102.AA23795@tree.egr.uh.edu> MIME-Version: 1.0 Content-Type: text/plain Had sort of a slow day at work, so I had the chance to crank out this: Here is a rough script which will allow you to route your mail through the various remailers. (However, extropia is not yet supported...I'm working on it). You must have the public key for each remailer on your keyring. Save the file, run it, and it will prompt for 1) mail, or 2) header. Choose 1 to pick a path and send a file, choose 2 to create a header which can be used to reach you. I intend option 2 to be used as follows: create a message to someone you want to remain anonymous from, run the script, pick 2, follow the prompts, and then instruct the script to append the header to your letter. Then your recipient will be able to follow the directions and respond to you. When the script prompts for "And then to (1-3 or address)", to end the process, type the final address you want your mail sent to. Of course, if you are creating a header, you'll want to type your own address. Further improvements include supporting extropia; and rewriting in C, perl, awk, ksh, or any language with arrays! I've tested this script using the remailers at alumni and rosebud, because the turnaround time seems faster. But there is no reason that rebma shouldn't work as well. --------8<--cut here-->8-------- #!/bin/sh # support script for anonymous remailers # allows routing a message through various remailers # NOTE: extropia remailer not supported just yet #find out which mode user wants echo "Do you want to:" echo "1. Create routing and mail a file" echo " This will allow you to specify the route your message will take," echo " and mail a file through that route." echo "2. Create remailing header" echo " This creates an appropriate remailing header, with instructions." echo " Include the generated file in one of your own messages and" echo " someone else can use it to reply to you." read choice #declare remailers mail1=hal@alumni.caltech.edu mail2=remailer@rebma.mn.org mail3=elee7h5@rosebud.ee.uh.edu mail4=remail@extropia.wimsey.com #temporary files t1=.anon1 t2=.anon2 t3=.anon3 #set up header echo "::" > $t1 echo "Encrypted: PGP" >> $t1 echo "" >> $t1 #blank out .anon3 cat /dev/null > $t3 #print menu echo "" echo "1) $mail1" echo "2) $mail2" echo "3) $mail3" #echo "4) $mail4" echo "" #get hop echo "Mail to (1-3): " read to #convert from number to address if [ $to = "1" ] then to=$mail1 elif [ $to = "2" ] then to=$mail2 else to=$mail3 fi firsthop=$to notdone=true #begin loop while [ $notdone ] do #find out remailing request echo "And then to (1-3 or address): " read rto if [ $rto = "1" ] then rto=$mail1 elif [ $rto = "2" ] then rto=$mail2 elif [ $rto = "3" ] then rto=$mail3 fi echo "::" > $t2 echo "Request-Remailing-To: $rto" >> $t2 echo "" >> $t2 # echo "remailing to $rto; encrypted for $to" pgp -ea $t2 $to 2> /dev/null cat $t1 $t2.asc >> $t3 if [ $rto = $mail1 -o $rto = $mail2 -o $rto = $mail3 ] then to=$rto else notdone="" fi done if [ $choice = "1" ] then #now include message echo "Message to include? " read msg if [ ! -f $msg ] then echo "$msg not found" exit 1 fi cat $msg >> $t3 elm -s "anonymous mail" $firsthop < $t3 else echo "Append to file: " read msg echo "--------8<--cut here-->8--------" >> $msg cat $t3 >> $msg echo "" >> $msg echo "> $msg echo "> $msg echo "> $msg fi rm -rf $t1 $t1.asc $t2 $t2.asc #end of script---------------------------- /-----------------------------------\ | Karl L. Barrus | | barrus@tree.egr.uh.edu (NeXTMail) | | elee9sf@menudo.uh.edu | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Chael Hall) Date: Mon, 11 Jan 93 13:42:36 PST To: 74076.1041@compuserve.com (Hal) Subject: Re: .Sig suppression In-Reply-To: <930111164833_74076.1041_DHJ37-2@CompuServe.COM> Message-ID: <9301112135.AA21344@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain >Chael> I'm >Chael> sure there are a couple, but I agree with your point that most BBS's on >Chael> any mail network append an identifying "tagline" or signature. As a >Chael> matter of fact, in many nets it is a requirement that your system append >Chael> a tagline to all messages. Incidentally, it is preceded often by "--" >Chael> on a line by itself. > >I'd like to hear more about systems which do this. What is the rationale >for adding the system name at the end? Do these networks not use >Internet-style "From:" headers, so these automatic system-wide .sigs are >used for the same effect? The reason why they were created (IMHO) was because most PC-based BBS software only allows for a very limited space in the header for a From name and for a To name. For example, in ChaelBoard, a BBS package that I wrote, this limitation is 31 characters (in order to make the string 32 bytes long). Therefore, only names are used. This gets ambiguous if two John Smith's are sending messages to the same conference (similar to newsgroups). So, the systems started appending a line stating the origin of the message. Sometimes it's as simple as "X BBS - (222) 222-2222 Smalltown, USA" Other times it's more complex. Some nets have decided upon a specific type of tagline so that they all contain the same information in the same format. Usually they contain the phone number. RelayNet(tm) and other popular nets provide for "Receiver-only, Routed" messages. That is, the message is considered private and sent from your system to a hub and that hub only sends it on to other hubs or the appropriate node if it is connected to that hub. Unfortunately, every SYSOP between your system and the receiving system can read the message. That's why encryption is important. >I guess there must be gateways between these bbs's and the internet, >for this issue to arise. It's too bad that these gateways don't convert >the .sig info into a more conventional RFC-822 style Internet header. Yes, gateways exist for many systems. Most consider the tagline a part of the message. The de facto standard is to consider "--" on a line by itself to mark the end of the message body and the beginning of the tagline. Users often append their own tagline before the system tagline. Each mail reader has its own format, usually including the name of the program on the line. Chael Hall -- Chael Hall nowhere@bsu-cs.bsu.edu, 00CCHALL@LEO.BSUVC.BSU.EDU, CHALL@CLSV.Charon.BSU.Edu (317) 285-3648 after 3 pm EST From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: phr@napa.Telebit.COM (Paul Rubin) Date: Mon, 11 Jan 93 16:49:40 PST To: cypherpunks@toad.com Subject: share room at RSA conference Thursday? Message-ID: <9301120048.AA01484@napa.TELEBIT.COM> MIME-Version: 1.0 Content-Type: text/plain Does anyone have crash space, or need some, at the Sofitel hotel on Thursday night? (I'm not sure if it's all booked up or what the room rates are). I live fairly close to Redwood City but figure that staying at the conference hotel is the only way I'll have any chance of getting up early enough for the 9:00 A.M. session on Friday. I might also be interested in splitting up a room on Wednesday night but the interesting sessions on Thurs. don't start til 10:45 a.m. which is not quite as bad... Please reply by direct email, as I'm not on the list any more. Thanks. Paul From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: hugh@domingo.teracons.com (Hugh Daniel) Date: Tue, 12 Jan 93 13:10:47 PST To: cypherpunks@toad.com Subject: Crypto Bus is not going to happen it looks like... In-Reply-To: <9212300014.AA08503@domingo.teracons.com> Message-ID: <9301122108.AA03857@domingo.teracons.com> MIME-Version: 1.0 Content-Type: text/plain So far I have gotten three (3) positive replys to rideing the Crypto Bus to Usenix, thats about $800 each round trip. Unless I get an avalanche of riders in the next couple of days I am not even going to try to get a bus. If you need to know more about the idea of chartering a bus for bay area folks (and anyone along the way) to Usenix, contace me. ||ugh Daniel From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peter honeyman Date: Tue, 12 Jan 93 11:37:57 PST To: gnu@cygnus.com Subject: Re: Random number generators In-Reply-To: <9212310751.AA21888@cygnus.com> Message-ID: <9301121937.AA00359@toad.com> MIME-Version: 1.0 Content-Type: text/plain > Can someone get the paper(s) and/or talk to the researcher? got it! peter ------- Forwarded Message Date: Tue, 12 Jan 1993 14:14:39 -0500 From: amf@csp2.csp.uga.edu (Alan Ferrenberg) To: honey@citi.umich.edu Subject: Re: Phys. Rev. Let. paper Dear Dr. Honeyman, A postscript version of the paper is available on our anonymous ftp site (csp2.csp.uga.edu) in the /pub/documents/amf1 directory as rng.ps. Alan Ferrenberg PS: We are just beginning this ftp site, but have already collected a number of (hopefully) interesting preprints from several authors here, as well as from Japan and Israel. Please feel free to browse through the selection of papers, to upload any articles you feel might be interesting to simulational physicists and to spread the word about this new service. ------- End of Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: hugh@domingo.teracons.com (Hugh Daniel) Date: Tue, 12 Jan 93 14:39:03 PST To: cypherpunks@toad.com Subject: Cascading aliases with ID forwarding re-mailers In-Reply-To: <930109232813_74076.1041_DHJ76-1@CompuServe.COM> Message-ID: <9301122237.AA03911@domingo.teracons.com> MIME-Version: 1.0 Content-Type: text/plain I suspect that a ID creating forwarder should _never_ send the ID to the user, as someone might be looking (both the current plain text replys and traffic analsys are problems). If the user wishes to know their ID then they can send a message to themselvs, and read the ID off of that, right? ||ugh Daniel From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl L. Barrus Date: Tue, 12 Jan 93 20:00:31 PST To: cypherpunks@toad.com Subject: security of constructed addresses Message-ID: <9301130359.AA00390@tree.egr.uh.edu> MIME-Version: 1.0 Content-Type: text/plain Alert! Hal Finney has alerted me to a problem with the way my script builds an anonymous remailer chain. Simply saving eachheader portion into a seperate file and running pgp on the pieces reveals each link in the chain. The solution (also from Hal Finney) is: hide the intermediate hops until they get to the machine that needs them. (machine1, encrypt1(machine2, encrypt2(machine3, encrypt3(user@dest)))) Here, the entire header is decrypted at each remailer, revealing the next destination to that remailer only. No peeking ahead! The only remailer that will be revealed is the first one, where mail has to be sent anyway. I'll rework the script, provide a ksh version, and write a little help file ASAP. /-----------------------------------\ | Karl L. Barrus | | barrus@tree.egr.uh.edu (NeXTMail) | | elee9sf@menudo.uh.edu | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl L. Barrus Date: Tue, 12 Jan 93 20:12:55 PST To: cypherpunks@toad.com Subject: mental poker Message-ID: <9301130412.AA00436@tree.egr.uh.edu> MIME-Version: 1.0 Content-Type: text/plain Okay, anybody want to play mental poker with me??? A protocol involving bit committment was posted to sci.crypt recently, which we can use to play. There is an RSA protocol, but a commutative encryption/decryption is required, which I don't think PGP provides. So here is the protocol: 1) A shuffles cards, creates a message M1 that lists the cards by number. A appends a random bit stream, and computes the hash (using MD5). A sends hash MD5(M1) to B. 2) B composes message M2 that lists the cards he chooses by number. B appends a random bit stream, and computes the hash. B sends the hash MD5(M2) to A. 3) A sends B M1 so B can get his cards. 4) B shuffles the remaining 47 cards, lists them by number, appends a random bit stream to create M3, and computes the hash. B sends hash MD5(M3) to A. 5) A chooses cards by number, appends a random bit stream to create M4, and computes hash. A sends MD5(M4) to B. 6) B sends A M3 so A get get her cards. A and B can catch cheating by comparing the various message and hashes. Getting extra cards can be left as further extensions, as can multiple players (3 or more). Any takers? By the way, the hash function implementation I have is the sigfetch routine contained in tripwire. It includes md5, md4, md2, snefru, crc, and crc32. So before a game starts the players should verify their respective hashers. /-----------------------------------\ | Karl L. Barrus | | barrus@tree.egr.uh.edu (NeXTMail) | | elee9sf@menudo.uh.edu | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Tue, 12 Jan 93 23:17:59 PST To: CYPHERPUNKS Subject: Mental poker. Message-ID: <930113070548_74076.1041_DHJ40-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain Mental poker protocols are notorious for having sometimes subtle weaknesses. I missed the posting on sci.crypt which Karl mentioned but his description of the protocol seems to have a flaw: > 4) B shuffles the remaining 47 cards, lists them by number, appends a > random bit stream to create M3, and computes the hash. B sends hash > MD5(M3) to A. > [...] > 6) B sends A M3 so A get get her cards. If B in step 6 sends A message M3, which lists the 47 cards left after B has chosen his 5 from the 52 they started with, then A will be able to see which 5 B chose; those are the 5 not listed in M3. Am I missing something in the description of the protocol, or was the actual protocol perhaps a little different than this? Hal Finney 74076.1041@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl L. Barrus Date: Wed, 13 Jan 93 09:15:34 PST To: cypherpunks@toad.com Subject: re: mental poker protocol Message-ID: <9301131714.AA02844@tree.egr.uh.edu> MIME-Version: 1.0 Content-Type: text/plain Hal writes: >Am I missing something in the description of the protocol, or was the >actual protocol perhaps a little different than this? Oops. I typed too quickly; the posted protocol specified shuffling the entire deck to form message M3. Thus, each player draws from a full deck. While this isn't exactly poker, I'm still willing to play somebody. So Hal's right: the original protocol is different - it's not broken like the one I posted :-) The post to sci.crypt was in response to a bit commitment question. Here, players commit by making public their hashes. Later, everyone can verify when the messages are known. If anyone's interested, send me a notice to elee9sf@menudo.uh.edu. (The server for my other account is acting erratic and I'm considering moving my subscription). /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Chael Hall) Date: Wed, 13 Jan 93 13:36:56 PST To: cypherpunks@toad.com Subject: Re: bbs Message-ID: <9301132133.AA22203@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain >So they are using a whole bunch of accounts in an effort to conceal their >identity? And they hope that one of the accounts will be approved >for full access to adult material, without the sysop really knowing >who they are? Yes, the intention is to get one approved without the SYSOP really knowing who he approves. >Do you always check the phone number supplied as part of the registration >process or wait until the user abuses the BBS? It seems that someone >could simply start taking names out of the phone book if he wanted to >conceal who he really is... I used to check phone numbers, now I only check those of users with strange names or wait until they abuse the system. The first thing I check when someone abuses my system is their identity. If it's fraudulent, I put the account in the system kill file and they can no longer login. I use a pretty good method for allowing access to adult areas. A consent form must be filled out and signed. Then it is mailed to me with a photocopy of the same person's driver's license (SSN can be blacked out, I'm not concerned with it). I file it away and give them access if it looks correct. Generally, I detect system abuse pretty soon after it occurs. Then, I handle the situation as quickly and efficiently as possible. The same user rarely tries it again. I did voice validate all of my users, but that got to be tedious, so I just check when something happens. Many BBS's require that they be able to call a user back directly before granting full access. This would not work over the Internet, a University modem pool like many were using here, or long distance for the cheap SYSOP. There are, however, a flurry of programs that perform "automatic call-back telephone number verification." Chael Hall -- Chael Hall nowhere@bsu-cs.bsu.edu, 00CCHALL@LEO.BSUVC.BSU.EDU, CHALL@CLSV.Charon.BSU.Edu (317) 285-3648 after 3 pm EST From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: eric@parallax.com (Eric Messick) Date: Wed, 13 Jan 93 18:07:53 PST To: cypherpunks@toad.com Subject: Details on return envelopes Message-ID: <9301140202.AA22884@parallax.com> MIME-Version: 1.0 Content-Type: text/plain This is a long, complicated, and information dense message. You've been warned. I've been working out details of what would be required of an anonymous return envelope. To make sure I've thought of everything, I've filled in a matrix with the types of information that might need to be passed between the various participants during the sending of a message. The person who created the envelope is the ultimate recipient of the message (recv). The envelope has somehow been transmitted to a person (send) who wishes to send a message to recv. The message will be transmitted via several remailers, collectively referred to as hops. This results in nine potential transmission channels, several of which need not be possible for various reasons. Clearly, the sender does not need a special channel to communicate back to herself, and likewise the receiver does not need special provisions to communicate to herself either. The sender should be unable to receive information from the various hops, as that would compromise the path that the message takes. The various hops already communicate directly with their following neighbor through headers, and we want to prohibit communication back towards the sender. The remaining five cases are listed below: | from | send recv hops -------------+------------------------ send | - pneed (ack) to recv | msg - pdue hops | post addr - where: msg is the message being delivered post is postage paid by the sender addr is addressing info from the receiver pneed is info to help sender provide postage pdue is info on missing postage (ack) is info that is disallowed pneed is cleartext on the outside of the envelope. This leaves us with the message, and three parts of the envelope: the delivery address, postage paid, and postage due. Note that information other than what I'm describing here could be sent along these channels; I am simply using postage as a concrete example of information that might need to be transmitted. And now, let's trace a message through to its delivery. Being stuck with ascii, the notation is not wonderful. Groups of letters represent sets of similar things. Case is significant. Lower case letters r and v-z are public keys. Upper case letters preceded by & are the machines that know the associated secret keys (from the C address of operator). So machine &Y can decrypt something encrypted with public key y. Upper case letters A-F are conventional keys. Keys A-C are generated by the sender, keys D-F by the receiver. The symbols P, S, Q, $, and # are followed by lower case letters indicating who the item is associated with. Q and # are conventional keys, P and S form a public key-secret key pair, and $ is a digicash stamp. NOTATION: x(...) contents encrypted with public key x &X mail address for remailer using public key x A(...) contents encrypted with conventional key A Px public key for delivering postage to &X Sx secret key for delivering postage to &X Qx conventional key for postage due from &X $x a postage stamp for &X to cash Amt_x an amount of postage to deliver to &X Due_x postage still due to &X, plus a unique ID #x conventional key held by &X while postage is due pad random padding (see below) &R mail address of the final recipient Pr, Qr, $r stuff associated with &R M the actual message to be delivered to &R junk padding created by &R as a diversion ABOUT PADDING: K(stuff, pad) can be transformed into stuff by decrypting with key K. Since stuff has a length associated with it inside the encryption, an external viewer cannot tell the length of stuff. It is also possible to turn K(stuff) into K(stuff, pad) without knowing K. The encryption packet contains an external length as well as the internal length. The external length must be adjusted to cover the added padding, which is just a random bitstream appended to the cyphertext. Once this padding has been performed, it is impossible to determine the length of stuff without decrypting with K. In this manner, a portion of a message can be either lengthened or shortened at every step along the way, as long as a decryption is performed at each step. This is the motivation for the keys A..F in the exchange that follows. PGP should be augmented with a function to pad a message, and should explicitly accept padded data. I have tested PGP2.1 on Unix and it accepts padded data that I manually added. OK, here we go... The envelope provided by the receiver to the sender looks like this: Addr: &X, x, x(...) Pneed: [Px, Amt_x], [Py, Amt_y], [Pz, Amt_z], [Pr, Amt_r] Everything except the encrypted segment x(...) is considered public knowledge. The keys Px, etc... pose a slight problem: One of the hops can identify which envelope a message is associated with by comparing the postage key sealed inside the addressing info with this public string of keys. It's not clear how serious of an issue this is. The sender decides to send the message through hosts &V and &W before using the provided envelope. She sends the following message to &V: Addr: v(A), v(Sv, Qv, B, &W, w(B), w(Sw, Qw, C, &X, x(C), x(...)), pad) Post: A(Pv($v, Pw($w, Px($x, Py($y, Pz($z, Pr($r)))))), pad) Pdue: A(pad) Message: A(M, pad) She has created keys A-C, Pv, Sv, Pw, Sw, Qv, and Qw. She obtains the specified postage stamps and wraps them in the various postage keys. The keys and addresses get wrapped in public keys for the address field, and all of the other elements of the message are sealed with key A. The address field consists of two public key encrypted segments because the sender must create key C, but cannot seal it into the packet that the recipient has provided for host &X. If C were public knowledge, host &X could be monitored, and the plaintext of M revealed to an external watcher. As it is, M still occurs in plaintext within each remailer, so it should be protected by the recipient's public key (i.e. M = r(the real message) ). &V decrypts the v() encryptions to find all of the keys necessary for it to process the message. The padding is removed from the address field. The key A unlocks the message M, allowing the stripping of the padding, which is replaced with new padding before being encrypted with key B. It notes that the Pdue field is empty. Sv allows it to extract its postage stamp $v, and strip the padding. The message it sends to &W looks like this: Addr: w(B), w(Sw, Qw, C, &X, x(C), x(...), pad) Post: B(Pw($w, Px($x, Py($y, Pz($z, Pr($r))))), pad) Pdue: B(pad) Message: B(M, pad) &W does likewise, and sends the following to &X (we have revealed the encrypted part of the original envelope at this point): Addr: x(C), x(Sx, Qx, D, &Y, y(D), y(Sy, Qy, E, &Z, z(E), z(Sz, Qz, F, &R, r(junk), r(junk))), pad) Post: C(Px($x, Py($y, Pz($z, Pr($r)))), pad) Pdue: C(pad) Message: C(M, pad) Postage rates have gone up since the envelope was first issued, so &X, &W, and &Z will need to use the Pdue field. It works like this: Addr: y(D), y(Sy, Qy, E, &Z, z(E), z(Sz, Qz, F, &R, r(junk), r(junk)), pad) Post: D(Py($y, Pz($z, Pr($r))), pad) Pdue: D(Qx(Due_x), pad) Message: D(#x(M), pad) &Y then sends the following to &Z: Addr: z(E), z(Sz, Qz, F, &R, r(junk), r(junk), pad) Post: E(Pz($z, Pr($r)), pad) Pdue: E(Qy(Due_y, Qx(Due_x)), pad) Message: E(#y(#x(M)), pad) &Z sends the following to &R: Addr: r(junk), r(junk, pad) Post: F(Pr($r), pad) Pdue: F(Qz(Due_z, Qy(Due_y, Qx(Due_x)), pad) Message: F(#z(#y(#x(M))), pad) Now, &R (the receiver, who created the envelope in the first place) knows F, Sr, Qx, Qy, Qz, and thus finds out Due_x, Due_y, Due_z, #z(#y(#x(M))) [the message, with postage due], and gets a stamp $r. &R then generates a message that is designed to deliver #x, #y, and #z, and sends it to &X: Addr: x(C), x(Sx, Qx, D, &Y, y(D), y(Sy, Qy, E, &Z, z(E), z(Sz, Qz, F, &R, r(junk), r(junk))), pad) Post: C(Px($x, Due_x, Py($y, Due_y, Pz($z, Due_z, Pr(junk)))), pad) Pdue: C(pad) Message: C(pad) &X unwraps it and sends #x along: Addr: y(D), y(Sy, Qy, E, &Z, z(E), z(Sz, Qz, F, &R, r(junk), r(junk)), pad) Post: D(Py($y, Due_y, Pz($z, Due_z, Pr(junk))), pad) Pdue: D(Qx(#x), pad) Message: D(pad) And again: Addr: z(E), z(Sz, Qz, F, &R, r(junk), r(junk), pad) Post: E(Pz($z, Due_z, Pr(junk)), pad) Pdue: E(Qy(#y, Qx(#x)), pad) Message: E(pad) And back to &R: Addr: r(junk), r(junk, pad) Post: F(Pr(junk), pad) Pdue: F(Qz(#z, Qy(#y, Qx(#x))), pad) Message: F(pad) So &R now knows #x, #y, and #z, and so can recover M. To keep &Z from knowing it is the tail of the path, extra postage stamps are required of the sender. These are cashable by the receiver. The sender thus has no way of knowing the length of the path, but only has an idea of the upper bound on it. If the sender does not include sufficient postage on the steps she prepended to the path, the receiver will not be able to read the message, as there is no way for the receiver to find out Qv and Qw. Perhaps these could be affixed to the innermost stamp, along with &V and &W, but this is probably not a good idea. Since remailers wouldn't add extra encryption to the header fields of a postage due message (it would make paying the postage due a lengthy process), the postage due concept could be circumvented by placing the message in the Post or Pdue headers disguised as postage info. To discourage this, remailers would only allow postage due deliveries for a fixed period after a rate increase, and would still require the older rate be paid. Another use for postage due would be to disguise the use of an expensive remailer. Such a remailer would forward with postage due when paid the prevailing rate. Well, I've beaten this thing bloody now and can't find any more flaws. I admit it's a bit of a monster, but most of it goes away if you don't require postage. I think the system needs to be designed with postage in mind from the start, however. Anyway, it's time for you people to start ripping it apart. Perhaps we can have a discussion of this at the physical meeting this week if Eric Hughes can fit it into the schedule. -eric messick From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl L. Barrus Date: Wed, 13 Jan 93 17:42:17 PST To: cypherpunks@toad.com Subject: new remailing script Message-ID: <9301140141.AA05172@tree.egr.uh.edu> MIME-Version: 1.0 Content-Type: text/plain Here is the new sh version of the remailing script. Enjoy! #!/bin/sh # support script for anonymous remailers # allows routing a message through various remailers # NOTE: to use extropia remailer, uncomment the appropriate lines # see the documentation file #find out which mode user wants echo "Do you want to:" echo "1. Mail a file via anonymous remailers" echo "2. Create a remailing header and append to a file" echo "" echo -n "Your choice? " read choice if [ "$choice" = "" -o "$choice" -lt 1 -o "$choice" -gt 2 ] then echo "Error. Improper mode selected." exit 1 fi #declare remailers mail1=hal@alumni.caltech.edu mail2=remailer@rebma.mn.org mail3=elee7h5@rosebud.ee.uh.edu mail4=remail@extropia.wimsey.com #temporary files t1=.anon1 t2=.anon2 t3=.anon3 #set up encrypted pgp header echo "::" > $t1 echo "Encrypted: PGP" >> $t1 echo "" >> $t1 #blank out .anon3 cat /dev/null > $t3 #get final destination if [ "$choice" -eq 1 ] then echo -n "Final destination (user@host): " else echo -n "Your email address (user@host): " fi read to #exit if no final destination if [ ! "$to" ] then echo "Error. No destination specified." exit 1 fi #print menu echo "" echo "Mailing via:" echo "1) $mail1" echo "2) $mail2" echo "3) $mail3" #echo "4) $mail4" # uncomment to use extropia echo "" notdone=true #begin loop while [ $notdone ] do #find out remailing request echo -n "via (1-3 or q)? " read rto if [ "$rto" = "" -o "$rto" = q ] then notdone="" # exit while loop else #convert number to address case "$rto" in 1) rto=$mail1;; 2) rto=$mail2;; 3) rto=$mail3;; # 4) rto=$mail4;; # uncomment to use extropia *) echo "Invalid menu choice."; exit;; esac #set up remailing request header echo "::" > $t2 echo "Request-Remailing-To: $to" >> $t2 echo "" >> $t2 # echo "remailing to $rto; encrypted for $to" cat $t3 >> $t2 # append previous message pgp -ea $t2 $rto 2> /dev/null # do the encryption cat $t1 $t2.asc > $t3 # prepend header to encrypted message to=$rto # save last hop fi done if [ "$choice" -eq 1 ] then #now include message echo -n "Message to include? " read msg if [ ! -f "$msg" ] then echo "Error: $msg not found" exit 1 fi cat $msg >> $t3 mail -s "anonymous mail" $to < $t3 echo "Mail sent." elif [ "$choice" -eq 2 ] then echo -n "Append to file: " read msg echo "--------8<--cut here-->8--------" >> $msg cat $t3 >> $msg echo "" >> $msg echo "> $msg echo "> $msg echo "> $msg else echo "Error. Invalid choice." exit 1 fi #clean up some of the temporary files rm -rf $t1 $t1.asc $t2 $t2.asc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl L. Barrus Date: Wed, 13 Jan 93 17:46:04 PST To: cypherpunks@toad.com Subject: help file for remailing script Message-ID: <9301140145.AA05184@tree.egr.uh.edu> MIME-Version: 1.0 Content-Type: text/plain And here is a short help file I've written. I will try to write another version of this script (maybe in perl or something) and submit everything to be placed on the ftp site. To cut down on mail, I won't be mailing further versions, etc. to the list, so request it from me or get it via ftp (once I get around to submitting it). ------------------------------ hop.mail is a shell script that automates the process of using the cypherpunk cryptographically protected remailers. Briefly, it has two modes of operation: one is to send a file, the other is to create a header which can be used by someone else to send a file to you. WHAT YOU NEED TO HAVE Well, you need to have PGP installed. Also, you'll need the public keys of the various remailers on your keyring. SENDING A FILE Create the message you want to mail, and save it as a file. To send a file, choose option 1. You will then be prompted for the final destination of the file you would like to send (by final destination I mean email address). After that, the script will continue prompting you for routing information. Each remailer you specify routes your mail through that particular remailer. Note: due to the way the remailing headers are built up, the path your file will actually take is the reverse of what you specify. That is, the first remailer you route through will be the one you file will appear to come from. The last remailer you specify is actually the first hop in the chain. After routing your mail through as many remailers as you want (keep in mind that your mail will arrive slower the more hops you take), enter 'q' to exit. After you have set up your mail route, the script will ask what file you wish to send. The file is simply appended on to the header, and the whole thing is sent off. No encryption of the file takes place. If you wish, you may encrypt the file you want to mail with your destination's public key or some other encryption scheme. The advantage of not encrypting the message in with the remailing header is that you can use this script to mail to people who don't use pgp. CREATING A HEADER Create the message you wish to send and save it as a file. Choose option 2 to create a header. The steps are similar to sending a file, except remember that someone will use this to reply to you, so type in the address you want them to respond to. This can be your real mail address, or an anonymous id on one of the various anonymous services, or anything else. Route your mail like you want, and enter 'q' to exit. At this point, you will be prompted for a file to append to (the message you created). Enter the file you want the remailing header appended to. Now you have a file which contains the message you typed, as well as instructions on how whoever you mail it to can use the included header to reply to you. If you wish, you may mail this file via option 1! NOTES My first attempt at this script simply built each header separately. This worked, but was vulnerable: simply save each piece in a separate file, run pgp on them, and you will be told which remailer the header is encrypted for! This version nests the encryption, so that only the next destination is revealed to the current remailer. That is, the structure of the header is: encrypt1(address2, encrypt2(address3, encrypt3(message))) So when your file arrives at remailer1, the header is decrypted to reveal the next hop, and the rest of the header is mailed off the remailer2, where it is decrypted to reveal the next hop, etc. As I said above, the file you send is not encrypted. If it bugs you that your file is mailed plain text, then encrypt it first if the person you are sending to can decrypt. I purposely did not encrypt the file you want to send so you can use this procedure with people who don't have pgp. Or you can post to usenet via a email-to-usenet gateway. Or whatever. Also, the remailer at extropia is not supported yet. Not because I don't like it, but because encryption must be used there. This isn't bad or anything, but it causes difficulty building the remailing header separately. Extropia will not allow you to mail plain text through it, you must encrypt it with extropia's public key. So if you do that, then you should be able to use extropia, and you'll need to go through and uncomment the appropriate lines. Finally, the mail command I used in the script is mail -s "anonymous mail" Make the appropriate changes if you want to use another mailer or change the subject line BUGS Ug. :-) Send reports of problems to elee9sf@menudo.uh.edu, or barrus@tree.egr.uh.edu, and I'll look into them! Or, send any comments you might have. /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred account | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: eichin@cygnus.com (Mark Eichin) Date: Thu, 14 Jan 93 06:48:48 PST To: cypherpunks@toad.com Subject: pax anonymous remailer shutdown Message-ID: <9301141447.AA19074@cygnus.com> MIME-Version: 1.0 Content-Type: text/plain I include the article as it arrived here. _Mark_ Path: cambridge-news.cygnus.com!enterpoop.mit.edu!gatech!rpi!zaphod.mps.ohio-state.edu!howland.reston.ans.net!sol.ctr.columbia.edu!flash.pax.tpa.com.au!britt!dclunie From: dclunie@pax.tpa.com.au (David Clunie) Newsgroups: aus.aarnet,aus.news,alt.sexual.abuse.recovery,alt.sex,alt.sex.bondage,alt.sex.motss,alt.sex.stories,talk.politics.homosexuality,alt.personals,alt.personals.bondage,alt.security.pgp,comp.security.misc,talk.politics.guns Subject: PAX Anonymous & Encrypted Service shutdown Date: 14 Jan 1993 07:39:22 GMT Organization: PAX - Public Access Unix (Adelaide,South Australia) Lines: 30 Distribution: world Message-ID: <1j35baINNgm@flash.pax.tpa.com.au> Reply-To: dclunie@pax.tpa.com.au NNTP-Posting-Host: britt.pax.tpa.com.au Xref: cambridge-news.cygnus.com alt.sexual.abuse.recovery:1414 alt.sex:4689 alt.sex.bondage:2827 alt.sex.motss:243 alt.sex.stories:1172 alt.personals:2845 alt.personals.bondage:459 alt.security.pgp:800 comp.security.misc:657 talk.politics.guns:2223 The anonymous and encrypted mail service at PAX has been shutdown. The site that connects PAX has been told by someone from AARNet (the Australian Academic Research Network) that the service is unsuitable for AARNet, and that if it is not stopped then the feeding site will be disconnected from the net. There has been no communication from AARNet to me or anyone else at PAX, but I cannot allow the feeding site to put itself at risk hence the service is closed until further notice. I am lead to believe that this is not so much AARNet's policy, but the NSF Net's policy and the NSF have brought pressure to bear on AARNet, as they believe that all mail that crosses their network must be traceable to its origin, ipso facto no anonymous mailers. I have not been approached by either organization personally so I cannot confoirm this. I am extremely disappointed but c'est la vie. It was an interesting experiment, and proof that the concept of anonymous encrypted mail is feasible with simple tools. Hopefully someone somewhere outside the jurisdiction of these authorities will be able to continue the good work. david clunie (dclunie@pax.tpa.com.au) ex-anon.admin@pax.tpa.com.au :( From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl L. Barrus Date: Thu, 14 Jan 93 06:36:40 PST To: cypherpunks@toad.com Subject: anonymous service shutdown (pax) Message-ID: <9301141435.AA07332@tree.egr.uh.edu> MIME-Version: 1.0 Content-Type: text/plain This was posted to alt.security.pgp: (I trimmed the header) -------------------------------------------------------------- The anonymous and encrypted mail service at PAX has been shutdown. The site that connects PAX has been told by someone from AARNet (the Australian Academic Research Network) that the service is unsuitable for AARNet, and that if it is not stopped then the feeding site will be disconnected from the net. There has been no communication from AARNet to me or anyone else at PAX, but I cannot allow the feeding site to put itself at risk hence the service is closed until further notice. I am lead to believe that this is not so much AARNet's policy, but the NSF Net's policy and the NSF have brought pressure to bear on AARNet, as they believe that all mail that crosses their network must be traceable to its origin, ipso facto no anonymous mailers. I have not been approached by either organization personally so I cannot confoirm this. I am extremely disappointed but c'est la vie. It was an interesting experiment, and proof that the concept of anonymous encrypted mail is feasible with simple tools. Hopefully someone somewhere outside the jurisdiction of these authorities will be able to continue the good work. david clunie (dclunie@pax.tpa.com.au) ex-anon.admin@pax.tpa.com.au :( ------------------------------------------------------------------------ Uh oh, looks like anon.penet.fi is the only one left (besides the one at twwells, but it is more limited than pax or penet). I think this raises some important and scary issues for we cypherpunks. Does anybody have a printout of NSF guidelines about tracing mail back to its origin? This may affect our remailers (if word gets out!) in that logs might have to be kept...or worse :-( I run an anonymous remailer, and I depend upon people to not abuse the service. If somebody wants to use it to request the source code for the internet worm, fine. Or distribute virus source code, okay (but encrypt the code for heaven's sake :-) But don't threaten, libel, or insult somebody via anonymous mail (never mind that you can do all these things anonymously with the postal service, but the difference is everybody uses the post office). Like it says in the pgp docs, if everybody encrypted their mail, then it would be a right taken for granted, and people would scream bloody murder if it were taken away. If "everybody" routes their mail, then it too would become acceptable. So we need MORE remailers than the four I know of - alumni, rebma, rosebud, extropia (there was one at soda but it was shut down, right??) (subliminal hint: it's real easy to run one of the cypherpunk remailers, you just need unix, pgp, and perl) Comments? /-----------------------------------\ | Karl L. Barrus | | barrus@tree.egr.uh.edu (NeXTMail) | | elee9sf@menudo.uh.edu | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peter honeyman Date: Thu, 14 Jan 93 07:56:07 PST To: "Karl L. Barrus" Subject: Re: anonymous service shutdown (pax) In-Reply-To: <9301141435.AA07332@tree.egr.uh.edu> Message-ID: <9301141556.AA12838@toad.com> MIME-Version: 1.0 Content-Type: text/plain > Does anybody have a printout of NSF guidelines about > tracing mail back to its origin? karl, don't leap to conclusions -- david said he is led to believe that nsfnet pressure was brought to bear, but that he had no evidence to confirm this suspicion. personally, i doubt that there is any nsfnet policy regarding the ability to trace mail back to an individual, but i'll ask. peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Rusty_H._Hodge@horizon.amgen.com Date: Mon, 18 Jan 93 19:32:58 PST To: uunet!citi.umich.edu!honey@uunet.UU.NET (peter honeyman) Subject: Re: possible solution to the anonymous harrassment problem Message-ID: <1993Jan14.123843.1227@horizon.amgen.com> MIME-Version: 1.0 Content-Type: text/plain >for example, i can send postal mail with high confidence >of anonymity, and can make anonymous phone calls (with care, >e.g., by using phone booths and moving around). What about that little old ladie that watches the PO Box and Phone Booth from her window? What about the postman who sees you place the letter in the mailbox? >privacy and honesty are orthogonal. I've often accidentially overheard things I wasn't suppost to. If people were totally honest, we wouldn't need such good encryption... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Thu, 14 Jan 93 12:09:52 PST To: Subject: Re: Details on return envelopes Message-ID: <930114195927_74076.1041_DHJ54-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain I've been studying Eric Messick's message. It's pretty complicated and it will take more time to really understand it. I did spot one possible problem. Remailer &V sends to &W an address field that looks like: Addr: w(B), w(Sw, Qw, C, &X, x(C), x(...), pad) but I don't think &V has enough information to create the 2nd item here. The reason for the A, B, etc. keys is, I think, to allow new padding to be done as the message gets passed between each pair of remailers. I think that may need to be used here as well. &V can't put padding into the w(Sw,...) block. As a more general comment, I'd like to see some simpler examples. Eric has shown the most complex case in order to demonstrate that his scheme works for that, but I think more people would be able to comment on it if some simpler examples were provided. How about an anonymous address that is just one hop long, instead of 3, and which is used by the sender without going through any remailers first? I think that would be less intimidating. Another general point, which may be important. Chaum emphasized that his anonymous addresses should be use-once, because if two people send messages to the same anonymous address, someone who has access to the mail goig into and coming out of the remailer will see identical address fields coming out for the pair of messages. I think Eric's scheme has the same property. I have to admit that I don't see that a use-once anonymous address is very useful, but I think we should give this some consideration. I think Eric's use of padding is to defeat just such an attacker, so that there is no message-length correlation between incoming and outgoing messages. If we are going to worry about such attacks, it calls into question the whole approach to anonymous addresses. As one possible corollary, if anonymous addresses were used once then the postage could be supplied by the addressee. This might change the protocol very considerably. Hal Finney 74076.1041@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc.Ringuette@GS80.SP.CS.CMU.EDU Date: Thu, 14 Jan 93 12:14:24 PST To: dclunie@pax.tpa.com.au Subject: Re: anonymous service shutdown (pax) Message-ID: <9301142014.AA15788@toad.com> MIME-Version: 1.0 Content-Type: text/plain I think a large stink should be made at this point, to bring our legitimate privacy concerns to the attention of net admins, and to flush out who it was who threatened pax's net connection. I'm really uncomfortable with the way that the pax anon remailer was shut down on what seems to be pure hearsay. I think we need a little more guts from our anon administrators. Stick to your guns! Make them at least deliver an ultimatum to you so you know where the threat came from. A note on whether we cypherpunks should "lie low" -- it's always possible for us to go underground and hide from the authorities. I don't believe we should do this until it's absolutely necessary. As of now, we are legitimate net citizens. M. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Thu, 14 Jan 93 12:24:43 PST To: Subject: Re: anonymous service shutdown (pax) Message-ID: <930114200748_74076.1041_DHJ54-2@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain to: >internet:cypherpunks@toad.com I agree that the PAX shutdown is an ominous development. Nobody's internet access is perfectly free from the kinds of pressures that were brought against PAX. What steps can we take to keep the same thing from happening to us? I agree with Karl that a big step would be to spread remailers more widely. Eric Hollander is running three remailers in addition to the ones Karl mentioned - hh@soda.berkeley.edu, and two other machines which I don't have handy. They don't encrypt but they forward, and that's good enough for many purposes. Some time back, there was mention that the owner of the commercial Portal system would run one. Could someone follow up on that who knows him? PGP is gradually disappearing from U.S. sites where it used to be available. Recently it got taken off the EFF area on Compuserve. We can't afford to see encryption and remailers be slowly strangled. Hal 74076.1041@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: strat@intercon.com (Bob Stratton) Date: Thu, 14 Jan 93 12:57:07 PST To: cypherpunks@toad.com Subject: Persecution of anon remailers Message-ID: <9301142057.AA23582@intercon.com> MIME-Version: 1.0 Content-Type: text/plain Things like this are what organs like Computer Underground Digest, a.k.a CuD, are always crying for. It might not be bad to bounce a message or two to the RISKS Digest as well. The best way to fight this sort of quite strangulation is to bring it out into the light. People are starting to look at the Internet as a nascent version of the next ubiqitous telecommunications technology. If we speak from the stand of "we want to have privacy technology ready for the day the general public gets this technology, and these guys are getting in the way...", then we have an opportunity to get the libraries, researchers, and other current net users up in arms about these developments. Bob Stratton Engineer, InterCon Systems Corp. strat@intercon.com +1 703 709 5525 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wayner@cs.cornell.edu (Peter Wayner) Date: Thu, 14 Jan 93 14:06:54 PST To: cypherpunks@toad.com Subject: No Subject Message-ID: <9301142206.AA23922@brokk.cs.cornell.edu> MIME-Version: 1.0 Content-Type: text/plain I often find it useful to think about these matters by mapping them over to the real world. Anonymous remailers are really quite common. Here are a few common sources: 1) Academic journals which review papers. These often keep the names of the reviewers and the names of the paper authors hidden to allow people the chnace to speak freely. 2) Newspapers with personals sections offer both anonymous mailboxes and anonymous voiceboxes for obvious reasons. 3) The WSJ also offers these advertisements for executive searches. 4) The Police, in some cities, maintain anonymous tip lines. They also occasionaly offer cash rewards to these anonymous tipsters. I think the NYPD has a anonymity office set up to do just this. I realize that the cypherpunk mailing list likes to cloak itself in the romance of the counter culture, but in moments like this it might make sense to think about how mainstream and suburban and respectable the concept of anonymous mailers can be. In many cases, authority reacts to the perceived threat-- not to the threat itself. -Peter Wayner From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Thu, 14 Jan 93 15:49:51 PST To: Hal <74076.1041@CompuServe.COM> Subject: Re: anonymous service shutdown (pax) In-Reply-To: <930114200748_74076.1041_DHJ54-2@CompuServe.COM> Message-ID: <9301142348.AA00333@TLA.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain >> I agree that the PAX shutdown is an ominous development. Nobody's >> internet access is perfectly free from the kinds of pressures that were >> brought against PAX. What steps can we take to keep the same thing from >> happening to us? There's one very obvious thing, but it costs money (the real kind, not the stuff we've been playing with). Someone needs to *buy* a connection to the *commercial* internet and put an anonymous remailer where the NSF can't touch it. NEARnet recently signed an agreement with ANS and CIX to use ANS as a pipe between it and the CIX (note the lack of *any* government involvement here). If I understand this development correctly, this means a site on NEARnet with the Commercial Routing Service (it costs extra, numbers on request) can, I think, send packets anywhere without crossing the NSFnet. ANS simply leases bandwidth to the NSF. Most backbone bits cross this leased bandwidth, but now, it is possible to buy access to this *privately* owned network. Now, who has $16k annually (that's the number, I have a quote on my desk) to sink into the connection? Are we serious enough about this to form some sort of corporation (with legal ties that bind, and identify) to maybe set this up? There's enough people on this list to make this sort of thing cost < $10/month each if *everyone* participated. Of course, if we did this, we'd have to make it quite clear what we were planning on doing. Use of PGP makes this hard. A company set up for the purpose of making PGP easier to use would arouse the Wrath of RSA really quickly. FYI, the NEARnet AUP: NEARnet Primary Goals NEARnet, the New England Academic and Research Network, has been established to enhance educational and research activities in New England, and to promode access to regional and national innovation and competitiveness. NEARnet provides access to regional and national resources to its Members, and access to regional resources from organizations throughout the United States and the world. NEARnet Acceptable Use Policy 1. All use of NEARnet must be consistent with NEARnet's primary goals. 2. It is not acceptable to use NEARnet for illegal purposes. 3. It is not acceptable to use NEARnet to transmit threatening, obscene, or harassing materials. 4. It is not acceptable to use NEARnet so as to interfere with or disrupt network users, services or equipment. Disruptions include, but are not limited to, distribution of unsolicited advertizing, propagation of computer worms and viruses, and using the network to make unauthorized entry to any other machine accessible via the network. 5. It is assumed that information and resources accessible via NEARnet are private to the individuals and organizations which own or hold rights to those resources and information unless specifically stated otherwise by the owners or holders of rights. It is therefore not acceptable for an individual to use NEARnet to access information or resources unless permission to do so has been granted by the owners or holders of rights to those resources or information. Violation of Policy NEARnet will review alleged violations of Acceptable Used Policy on a case-by-case basis. Clear violations of policy which are not promptly remedied by Member organization may result in termination of NEARnet Membership and network services to Member. It seems to me that the user of possibly illegal software like PGP could be considered a violation of rule 2. The whole issue of anonymous harassing email brings up rule 3. I've send mail to one of the NEARnet discussion lists asking how encryption and anonymity affects the interpretation of rule 3. Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: eab@msc.edu (Edward Bertsch) Date: Thu, 14 Jan 93 16:53:28 PST To: whitaker@eternity.demon.co.uk Subject: re: quantum crypto/forwarded article In-Reply-To: <9147@eternity.demon.co.uk> Message-ID: <9301150052.AA05277@wc.msc.edu> MIME-Version: 1.0 Content-Type: text/plain ->For those who are interested, there is a short article in today's ->(14/1/93) New Scientist explaining how quantum uncertainties can be used ->to improve the security of exchanging cryptographic keys. Scientific American had this quite recently also. Or at least something very like it. I haven't seen the New Scientist article. If anyone has it in GIF, TIFF, ASCII or PostScript format, I'd like to see it. Ed -- Edward A. Bertsch (eab@msc.edu) Minnesota Supercomputer Center, Inc. Operations/User Services 1200 Washington Avenue South (612) 626-1888 work Minneapolis, Minnesota 55415 (612) 645-0168 voice mail From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Thu, 14 Jan 93 15:57:58 PST To: cypherpunks@toad.com Subject: possible solution to the anonymous harrassment problem Message-ID: <9301142356.AA26090@dun-dun-noodles.aktis.com> MIME-Version: 1.0 Content-Type: text/plain (I'm also marc@mit.edu. But composing over a 9600 baud line sucks :-) I just had an idea. Assume we have some sort of workable system for anonymous return addresses. What if every message were *required* to have one, and if the remailers verified their correctness (at least as far as we can, given the fakability of net mail)? Then, if someone received harassing email, she could ask the remailer maintainers to find the real name of the sender of a piece of mail. Assuming reasonable remailer maintainers (and we can use positive reputations to decide that), they'd be able to do this. The system has a built-in safety: All the remailer maintainers would have to agree that a message was indeed harassing to the recipient before they would use their private keys to follow the chain back. Unless all the maintainers agreed to trace the message, it would be impossible, and the sender's anonymity would be assured. I'm just trying to think of technical solutions to our societal woes, as hopeless as this may be. Remember, if people were honest, we wouldn't need encryption, either. Sigh. Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: whitaker@eternity.demon.co.uk (Russell Earl Whitaker) Date: Thu, 14 Jan 93 16:01:10 PST To: cypherpunks@toad.com Subject: Forwarded article. Message-ID: <9147@eternity.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain This article was forwarded to you by whitaker@demon.co.uk (Russell Earl Whitaker): --------------------------------- cut here ----------------------------- Newsgroups: demon.security Path: eternity.demon.co.uk!demon!visigoth.demon.co.uk!pettsj From: James Petts Subject: Public Key Exchange Message-ID: X-Xxmessage-Id: X-Xxdate: Thu, 14 Jan 93 09:54:44 GMT Sender: news@demon.co.uk Nntp-Posting-Host: visigoth.demon.co.uk Organization: No Affiliation X-Useragent: Nuntius v1.1.1d13 Date: Thu, 14 Jan 1993 09:55:42 GMT For those who are interested, there is a short article in today's (14/1/93) New Scientist explaining how quantum uncertainties can be used to improve the security of exchanging cryptographic keys. ===> James Petts <=== *** CAUTION - READ THIS .sig AT YOUR OWN RISK! *************************** * * NOTE! VISIGOTH HAS NO * * Q. Wenn ist das Nunstueck git und Slotermeyer? * CONNECTION WITH ANY * * A. Ja!... Beiherhund das Oder die Flipperwaldt * OTHER SITE AT * * gersput! * DEMON.CO.UK * * * * ************************************************************************** * pettsj@visigoth.demon.co.uk (preferred), pettsj@cix.compulink.co.uk * ************************************************************************** --------------------------------- cut here ----------------------------- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peter honeyman Date: Thu, 14 Jan 93 19:44:54 PST To: marc@mit.edu Subject: Re: possible solution to the anonymous harrassment problem In-Reply-To: <9301142356.AA26090@dun-dun-noodles.aktis.com> Message-ID: <9301150344.AA22546@toad.com> MIME-Version: 1.0 Content-Type: text/plain the remailer of my dreams would offer ironclad guarantees of anonymity. call me a cynic, but asking me to place my trust in the hands of ... well, just about anybody! leaves me cold. i recognize that social issues will surely arise, but society has managed to deal with anonymity in other contexts. for example, i can send postal mail with high confidence of anonymity, and can make anonymous phone calls (with care, e.g., by using phone booths and moving around). something tells me that the difference here is that we are getting remailer services for free. how's the cypherpunks bank coming along? i have an application in mind ... a final comment: > Remember, if people were honest, we > wouldn't need encryption, either. forgive me if i'm coming on too strong, but that is total bullshit. privacy and honesty are orthogonal. peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Messick Date: Fri, 15 Jan 93 01:40:12 PST To: cypherpunks@toad.com Subject: Re: Details on return envelopes Message-ID: <9301150713.AA29658@parallax.com> MIME-Version: 1.0 Content-Type: text/plain As per Hal's suggestions, I've come up with a simpler example. I've also hardened it against an attack that he noticed, which has considerably changed the protocol. Hal writes: > Another general point, which may be important. Chaum emphasized that his > anonymous addresses should be use-once, because if two people send messages > to the same anonymous address, someone who has access to the mail going > into and coming out of the remailer will see identical address fields > coming out for the pair of messages. I think Eric's scheme has the same > property. While thinking about this weakness, I realized that everything gets a lot easier if each (re)mailer knows the public key of the next. This is public knowledge, so there's no need to hide the key once the next destination is known. If there was a complete database of public keys of remailers that each remailer had, the key could be found from the address. Since that database might not be up to date, the public key is transmitted along with the address. Consequently, I was able to remove all of the conventional keys from the protocol. All encryptions are now done with public keys. Of course, there is still the conventional encryption done for each public key encrypted packet. The protocol is strengthened against this attack by fresh encryptions at each stage which hide the constant string. Note that the remailer itself can still identify the set of messages that were sent using the same envelope. It would be nice to fix this, but it seems unlikely at this point. Any ideas anyone? --------------------------------------------------------------------- I've got two examples here: a paired down one, and a slightly fuller one. The first has no postage, which cuts down considerably on the excess. The second example is just the first with the postage added back in (just to show that it still works). The envelope specifies hosts &Z and &R. The sender routes the message through &Y before using the envelope. So, the message goes from &S to &Y to &Z to &R where it is delivered. The complete simplified transaction is reproduced below, starting with the initial envelope: Addr: &Z, z, z(&R, r, r(junk)) To: &Y Addr: y(y(&Z, z, z(&R, r, r(junk))), pad) Message: y(M, pad) To: &Z Addr: z(z(&R, r, r(junk)), pad) Message: z(M, pad) To: &R Addr: r(r(junk), pad) Message: r(M, pad) The sender basically ignores the contents of the envelope, but wraps it in the public key y for safe delivery to &Y. The message and the address info are both then padded and encrypted with y. The reason for encrypting the address info with y twice will become clear shortly. &Y receives the message labeled To: &Y above. The outer y encryptions are removed, followed by the inner y encryption on the address field. The message M, and the original envelope are thus revealed to &Y. &Y now knows to send the message to &Z, and knows the public key z. The message M is then padded and encrypted with z. There is already a portion of the address field that is encrypted with z. That portion contains all of the info that &Z needs to know, but this info, as Hal pointed out, is a constant string; an external observer could use this to associated a group of messages with a single envelope. To obscure this, the string is encrypted a second time with z. Recall that a random conventional key is generated each time a public key encryption is done, so a constant plaintext string will encrypt to a different cyphertext string each time. The padding helps keep the string from being identified by its length. To keep the protocol consistent, the original envelope had to be encrypted with y twice. The resulting message is sent to &Z, where the same processing is done. Let's trace it in detail this time, but without the extraneous padding. &Z has received: Addr: z(z(&R, r, r(...))) Message: z(M) Which looks to the outside world like: Addr: z(...) Message: z(...) But &Z can decrypt those z(...)'s to obtain, first: Addr: z(&R, r, r(...)) Message: M And then: Addr: &R, r, r(...) Message: M With r thus exposed, &Z can encrypt both M and r(...) with it to obtain: To: &R Addr: r(r(...)) Message: r(M) Which to the outside world looks like: To: &R Addr: r(...) Message: r(...) With everything nicely hidden. This is what gets sent to &R. Knowing r, &R can recover M. We're done. -------------------------------------------------------------------- I'll present the postage example without further comment, except to note that at each step, all fields are freshly encrypted with the next hop's public key. Addr: &Z, z, z(Sz, Qz, &R, r, r(junk)) Pneed: Pz, Amt_z, Pr, Amt_r To: &Y Addr: y(y(Sy, Qy, &Z, z, z(Sz, Qz, &R, r, r(junk))), pad) Post: y(Py($y, Pz($z, Pr($r))), pad) Pdue: y(Qs(stuff_s), pad) Message: y(M, pad) To: &Z Addr: z(z(Sz, Qz, &R, r, r(junk)), pad) Post: z(Pz($z, Pr($r)), pad) Pdue: z(Qy(stuff_y, Qs(stuff_s)), pad) Message: z(M, pad) To: &R Addr: r(r(junk), pad) Post: r(Pr($r), pad) Pdue: r(Qz(stuff_z, Qy(stuff_y, Qs(stuff_s))), pad) Message: r(M, pad) -eric messick From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Messick Date: Fri, 15 Jan 93 01:40:12 PST To: cypherpunks@toad.com Subject: Re: Details on return envelopes (padding) Message-ID: <9301150753.AA29918@parallax.com> MIME-Version: 1.0 Content-Type: text/plain Hal writes: > I did spot one possible problem. Remailer &V sends to &W an address > field that looks like: > > Addr: w(B), w(Sw, Qw, C, &X, x(C), x(...), pad) > > but I don't think &V has enough information to create the 2nd item here. > The reason for the A, B, etc. keys is, I think, to allow new padding to > be done as the message gets passed between each pair of remailers. > I think that may need to be used here as well. &V can't put padding into > the w(Sw,...) block. It may not be at all obvious or intuitive, but &V *CAN* put padding into the w(...) block. I'm no longer trying to do this (see my previous posting), but it could still be useful in some situations, so I'll try to explain it more clearly. PGP uses binary structures for all of this, but I'm going to pretend that it's all ascii, just so we can see what's going on easier. That block w(...) looks something like this: CTB: RSA <-- that's *C*ypher *T*ype *B*yte Length: 12345 bytes Key_ID: w IDEA_key: RSA(w, random_key) CTB: IDEA Length: 12315 CTB: Plain Text Length: 12300 Here we have 12300 characters. Note that all of the lines that are indented are encrypted with random_key using the IDEA cypher. ...End of the encrypted text. To add padding to this, simply append some cryptographically strong random bytes to the end, and adjust the unencrypted lengths by that much. No one can tell that your new bogus lengths don't match the length on the plaintext packet without actually being able to see the plaintext packet length field. The decryptor believes the plaintext packet length, and automatically throws away the bogus bytes that were decrypted. While writing this, I realized that when I tested this, I may have only changed the outermost length. It is possible (but I think it is highly unlikely) that PGP would get sick if you changed the second length value. Since I no longer need to do this, I don't have any incentive to check this out again. It's not that difficult, but I hate editing binary files... -eric messick From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Thu, 14 Jan 93 23:08:10 PST To: Subject: Re: possible solution to the anonymous h Message-ID: <930115065840_74076.1041_DHJ55-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain I have to agree with Peter Honeyman that Marc Horowitz's proposal that remailers reveal message sources under certain conditions wouldn't work well. Remailer users will prefer remailers which won't do this. So reputations and such will tend to push things in the opposite direction. Also, I'd point out that the Pax remailer actually did maintain a database of anonymous addresses with the corresponding real addresses. So it already worked much as Marc suggested. You can actually send mail to someone who posts anonymously through Pax just as easily as you could send to someone who posted non-anonymously. So if you want to complain about some offensive posting or email to the person who did it, you still could with Pax. These features didn't stop Pax from getting shut down. Marc's suggestion that commercial users could run remailers without pressure from NSF sounds good in theory, but it's not clear how well it would work in practice. I don't think Cypherpunks could run such a remailer, even if Marc is right and it would cost $10 per Cypherpunks reader per month. I doubt that many people would be willing to make this charitable contribution for what would be a public good - a remailer that anyone could use. Even if it could be done, one remailer isn't enough. We need many remailers so that no one remailer can expose users. I think the best bet would be a commercial site which has a connection for other reasons, and which is willing to run a remailer on the side. I don't know what kinds of sites use these commercial connections. The commercial Internet access that I am aware of is through companies like Compuserve, Portal, Netcom, the WELL, and so on, and I think they all have to abide by the NSF acceptable use policies. At least, I had to agree to those on Portal and I think on Compuserve. What would be an example of a site with commercial Internet access which would be free of NSF pressure? One other point I'd make with regard to Marc's message is that if PGP itself is the problem, there's no reason the remailers can't use RIPEM. That's legal in the U.S., so the legality issue would not arise. This might be a good approach to take in broaching the subject with administrators. I haven't looked at RIPEM much but I'm sure the remailers could use it just as easily as PGP. Even non-encrypting remailers can provide basic anonymous posting and mail, if those would be more acceptable. A final point is that forwarding mail for another person can hardly be made illegal in general. If I receive a message from person A asking me to forward it on to person B, and I do so, this is clearly a legitimate email message that I choose to send. To try to disallow this would be to put intolerable restrictions on email content. So, if this is allowed, it seems to me that I should be able to write a program to do what I am allowed to do manually. If these remailers could be made widespread, with tens of thousands of people running them as a routine service, I think a crackdown would be much more difficult. I think we need to educate users about the value of privacy and anonymity in order to encourage more people to run remailing software. Can anyone suggest a newsgroup where these kinds of discussions would be appropriate? Hal Finney 74076.1041@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Thu, 14 Jan 93 23:19:06 PST To: Subject: Electronic money legality Message-ID: <930115071353_74076.1041_DHJ55-2@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain The question came up here some time ago as to whether it would be legal to issue electronic money, or regular money, for that matter. I got a couple of books out of the library to try to learn something of the history of private bank notes. It seems that private bank notes were the rule rather than the exception in the U.S. up until around the time of the Civil War. However, the notes were issued by banks which generally had a charter or license from the state government. I'm not sure whether a private individual could have legally issued his own banknotes without state permission. Around the time of the Civil War the Federal government levied a 10% tax on all issues of banknotes. This was intended to drive them out of use, and it did. Apparently this tax is still in effect today. George Selgin's book, The Theory of Free Banking, is a call to return to a situation of competitive note issue, where each bank would print its own "money" and people would use all these different monies freely according to their preferences. Regardless of the pros and cons of this idea, he does mention the legal situation briefly in footnote 7 of chapter 11: "Strictly speaking, issue of bank notes by commercial banks is not presently illegal; however, such issue must still meet the bond-deposit requirements established under the National Banking System or the 10 percent tax on state bank notes. Since all bonds eligible as security for circulating notes were retired before 1935 (or had the circulation privilege conferred upon them withdrawn), note issue, while not illegal, is nevertheless impossible under existing law. Restoration of commercial bank note-issuing privileges merely requires repeal of the bond deposit provisions of the original National Banking statutes and of the prohibitive tax on bank notes." One other point I learned was about the nature of "legal tender" laws. If a money is a legal tender, a creditor cannot turn down an offer by a debtor to repay using that money. If he does turn it down, the debt is void (roughly). So, legal tender laws don't forbid repayment of a debt in some other form (I can give you a bike in place of the $100 I owe you), (if we both agree), but they may specify that even if a debt is denominated in some other units, I can repay using federal reserve notes. This is what happened when the U.S. stopped redeemin for gold during the 1930's - long-term contracts had routinely been denominated in gold, but the courts held that dollars could still be used to pay them off. So, legal tender laws don't appear relevant to the use of digital money, except that contracts based on digicash could still be paid off by dollar bills if the debtor wants. Hal Finney 74076.1041@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Thu, 14 Jan 93 23:40:28 PST To: Hal <74076.1041@CompuServe.COM> Subject: Re: possible solution to the anonymous h In-Reply-To: <930115065840_74076.1041_DHJ55-1@CompuServe.COM> Message-ID: <9301150739.AA02931@deathtongue.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain >> One other point I'd make with regard to Marc's message is that if PGP itself >> is the problem, there's no reason the remailers can't use RIPEM. That's >> legal in the U.S., so the legality issue would not arise. This might be >> a good approach to take in broaching the subject with administrators. I >> haven't looked at RIPEM much but I'm sure the remailers could use it just >> as easily as PGP. Even non-encrypting remailers can provide basic >> anonymous posting and mail, if those would be more acceptable. I thought about this. The major problem is that once the PEM beta-testing period ends, all keys must be registered with "approved" (by RSA) central authorities. I highly doubt they'd issue pseudonymous keys, but maybe they would allow someone to set up a heirarchy especially for that purpose. I'm not convinced. Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Fri, 15 Jan 93 00:32:18 PST To: dclunie@pax.tpa.com.au (David Clunie) Subject: Re: possible solution to the anonymous h In-Reply-To: <9301150805.AA01054@britt> Message-ID: <9301150831.AA02997@deathtongue.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain >> Who says ? RSA may wish this to happen, but surely anyone who wants to can >> set up their own key service. RSA has a patent on their algorithm. It's quite likely that I can't even create a key pair without their permission, let alone use it. Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc.Ringuette@GS80.SP.CS.CMU.EDU Date: Fri, 15 Jan 93 00:56:06 PST To: cypherpunks@toad.com Subject: Re: possible solution to the anonymous harrassment problem Message-ID: <9301150856.AA27483@toad.com> MIME-Version: 1.0 Content-Type: text/plain > RSA has a patent on their algorithm. It's quite likely that I can't > even create a key pair without their permission, let alone use it. You're poorly informed. As a condition of a grant from DARPA to RSADSI, RSAREF may be used noncommercially, for free, to do any of the following: - RSA encryption and key generation, as defined by RSA Data Security's Public-Key Cryptography Standards (PKCS) [4] - MD2 and MD5 message digests [3,5,6] - DES (Data Encryption Standard) in cipher-block chaining mode [7,8] Moreover, I believe you'll find that RSADSI has become much more helpful recently. For more information, anonymous ftp to rsa.com and look around. I've just gone over the RSAREF license agreement again. It seems to permit any sort of not-for-profit operation, including a public key service. -- Marc Ringuette (mnr@cs.cmu.edu) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Daniel Ray Date: Fri, 15 Jan 93 03:36:22 PST To: cypherpunks@toad.com Subject: need for more anon remailer sites Message-ID: <9301150402.AA07973@tnl.com> MIME-Version: 1.0 Content-Type: text/plain With the shutdown of PAX, if we are not going to roll over and let this type of site go away, what we need is a large new group of such sites. 20-50 or more anonymous remailer sites that each gets used randomly and occaisionally, with usernames that are not obvious such as "anon432", both in the U.S. and elsewhere in the world, are whats needed. the list of sites must remain fluid and unpredictable, and formats and conventions must also variate so that no one can get "a fix" on it. A person that wants to anonymously mail something can choose different sites each time, or perhaps there may be a subsystem that chooses this for them, WITHOUT the mail actually going there first, if a site is in charge of "ran- domizing" the traffic. I suggest using a truly covert approach of using non-account first names and other interesting words that are indistinguishable from regular usernames as anonymous temporary mailing names. This obviously is very tricky and would have to be worked out carefully, since it may, even in the future, conflict with an actual choice of a valid username for an anonymous site. But it can be done. and we need to spare the .sig at the bottom that advertises the anon service. that should be left to separate ads, not mixed in covert email itself. One of the things that has gotten to me is to do secret acts in overt ways, almost asking the Government to defy them! Secret things should be done secretly. Once, if in the future, cryptographic email is so common as to make this unnecessary, then we can relax it. But not completely. Secret should still always be DONE IN A SECRET WAY. I.e. using steganography and other covert procedures, fluid, nonfixed proce- dures, to ensure no disturbance with rerouted and/or encrypted email traffic. Yes this is security-by-obscurity, but it can work if it is just an adjunct to other strong methods such as good ciphers and procedures that use proper contingency planning. PAX, most likely, did no contingency planning for what happened to it. All things of this type need "what ifs" for every possible interference that can happen, not that all possibilities would be addressed. But they should all be looked at, if they can be thought of. Suppose the ante goes up and all this stuff becomes actively illegal. What then? If a large network is *already* in place, the risk is much lower than trying to do something after the fact. And it would be a more mature network of rerouting and encrypting sites, that have already learned from their mis- takes. we need --all--this-- to survive. otherwise it is all just a toy application of covert technology. norstar The Northern Lights, Troy NY | tnl dialins: +1 518 237-2163 @ 1200-2400 bps 8N1 $free ` | / ------------------------------------------------------- --- * --- Internet: norstar@tnl.com / | . Sysop of TNL Public Access UNIX | From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Daniel Ray Date: Fri, 15 Jan 93 03:36:26 PST To: cypherpunks@toad.com Subject: more on security/obscurity/reality Message-ID: <9301150610.AA09544@tnl.com> MIME-Version: 1.0 Content-Type: text/plain Thinking about everything some more, I have a few more things to say regarding my previous message stating the need for 20-50 new networked and "randomized" anon remailer sites, and the need to keep secret things secret. One thing I've really noticed over the 5 or 6 years I've been on the net is the real hatred people have for what is coined "security by obscurity." I think it is because of the terrible way people have gotten burned by relying on conceiled methods only, or secret algorithms as ciphers to protect their material. The method is discovered one way or another, and everything caves in on itself! Quite understandable. Yet I cringe at the way people have just turned their backs on the whole meta-philosophy of "coversion." If, for instance, you are to do battle with an unbearable, overwhelming power, such as the Government, then what is the only real way to "win?" Besides convincing them not to do battle with you? It is by staying conceiled, secret, untargetable. If they don't know to fight you, or, if they do know, but cannot find you, then you stay all right. Once it gets to a face-to-face confrontation, however, you lose, and you lose immediately, there is nothing you can bring to bear, since it is now just a force equation, and they have over 10,000 times the force you do. Or more... This is one of the applications of the secret side of life. Modern crypto- graphy has advanced, I think, by declaring all coversion as eventually discoverable, and only seeking algorithms that will suffice even if the enemy knows your methods. I agree with this. I guess I part company, however, when people totally throw out being secretive as a partial or adjunctive solution to something that is intrinsicly secret to begin with. The addition of conceilment, disinformation, invisibility, etc. can be a tremendous advantage when combined with strong methods (good ciphers that don't rely on coversion). It is a multilayered approach that first tries to not become a target, and, if it is a target is still hard to crack. When us little people try to maintain privacy against a Govt. that is REALLY PISSED OFF BY EVEN THE IDEA WE WANT TO STRONGLY PROTECT OURSELVES, a multi- layered, contingency-based approach is required. The most important part of it is not a strong cipher, but, not to become a detectable or locatable target. i.e. coversion and secrecy. People, in response to the PAX snafu, have advocated some kind of protest and demonstration as a solution. Sure, these can be tried. But no Govt. in its right mind will let this powerful privacy go on. It just cancels them out, and they will not have it. It'll get worse as time goes on. It applies equally to "free" and non-democratic Governments. To the world community itself. They will not have it. And we will not have them. So there you are. What to do? Create a fluid, "night"-based, invisible and unfixable multi- system of coversion and strong ciphers. So, if they get a part, the rest goes on as before. All parts of it well thought out. Everything subject to evolution, but, a base assumption that things are already quite bad. They are. I wish more of you actually lived an illegal life...you would know what I am saying without the need to say it. You need to have really faced a real risk against authority, with YOUR life on the line. And no amount of talk substitutes for experience here. Oh well. norstar The Northern Lights, Troy NY | tnl dialins: +1 518 237-2163 @ 1200-2400 bps 8N1 $free ` | / ------------------------------------------------------- --- * --- Internet: norstar@tnl.com / | . Sysop of TNL Public Access UNIX | From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "DrZaphod" Date: Fri, 15 Jan 93 07:48:00 PST To: CypherPunks@Toad.Com Subject: If People Were Honest Message-ID: <23669.drzaphod@ncselxsi> MIME-Version: 1.0 Content-Type: text/plain In Message Thu, 14 Jan 1993 18:56:47 -0500, Marc Horowitz writes: > Remember, if people were honest, we wouldn't need encryption, > either. Sigh. Being honest has nothing to do with wanting privacy. Every mail system should have, and NEEDS a way to be anonymous. That is all. TTFN! DrZaphod [AC/DC] / [DnA][HP] [drzaphod@ncselxsi.uucp] Technicolorized From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "DrZaphod" Date: Fri, 15 Jan 93 07:48:00 PST To: cYPHERpUNKS@tOAD.cOM Subject: Fans!? Message-ID: <23683.drzaphod@ncselxsi> MIME-Version: 1.0 Content-Type: text/plain In Message Fri, 15 Jan 1993 09:30:37 +0000 (GMT), Mark Turner writes: >> For your newsgroups file: >> alt.fan.david-sternlight David Sternlight, sci.crypt crusader >> The David Sternlight Fanclub Joke, Right???? DrZaphod [AC/DC] / [DnA][HP] [drzaphod@ncselxsi.uucp] Technicolorized From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: BRIAN MCBEE Date: Fri, 15 Jan 93 08:43:25 PST To: CYPHERPUNKS@TOAD.COM Subject: pax shutdown Message-ID: <00966A38.A1B67300.22879@OPAC.OSL.OR.GOV> MIME-Version: 1.0 Content-Type: text/plain > I agree that the PAX shutdown is an ominous development. Nobody's > internet access is perfectly free from the kinds of pressures that were > brought against PAX. What steps can we take to keep the same thing from > happening to us? > > I agree with Karl that a big step would be to spread remailers more widely. > Eric Hollander is running three remailers in addition to the ones Karl > mentioned - hh@soda.berkeley.edu, and two other machines which I don't > have handy. They don't encrypt but they forward, and that's good enough > for many purposes. > > Some time back, there was mention that the owner of the commercial Portal > system would run one. Could someone follow up on that who knows him? > > PGP is gradually disappearing from U.S. sites where it used to be > available. Recently it got taken off the EFF area on Compuserve. > We can't afford to see encryption and remailers be slowly strangled. > > Hal > 74076.1041@compuserve.com If it turns out that pressure to shut down really did come from the official net hierarchy, there are other places on the net which should be nearly immune from that kind of pressure. There are thousands of UUCP sites which predate the Internet. And anyone getting their connectivity from one of the commercial providers (PSI, UUNET, ANS, etc.) can theoretically use those networks for whatever purposes they choose. ----- Brian McBee ----- (503)378-4276 ----- brian@opac.osl.or.gov ----- ----- Oregon State Library, State Library Building, Salem, OR 97310 ----- Plan globally, attack locally From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Fri, 15 Jan 93 09:15:32 PST To: Daniel Ray Subject: Re: need for more anon remailer sites In-Reply-To: <9301150402.AA07973@tnl.com> Message-ID: <9301151715.AA06478@toad.com> MIME-Version: 1.0 Content-Type: text/plain I suggest using a dictionary to come up with "names" of anonymous users: aback abacus abalone abandon abase abash abate abater abbas ... You could pick them in random order, or sequentially. > Suppose the ante goes up and all this stuff becomes actively illegal. What > then? If a large network is *already* in place, the risk is much lower than > trying to do something after the fact. And it would be a more mature network This technology is sufficiently cheap to replicate that it doesn't matter whether we set up a "covert" network before or after it becomes illegal (if ever). What matters is that we have experience at running such a network. Such experience is much easier to come by in the open -- since you can talk about it! While I applaud the efforts of some people to set up contingencies for "after we lose our liberties and need to actively oppose the government", please don't forget to actively oppose poor government policies *now*, before the loss of that liberty. In other words, there's plenty of work to be done today to *keep* this an open society. And it's much easier to keep one than to get one back. John Gilmore From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Fri, 15 Jan 93 09:28:27 PST To: cypherpunks Subject: Re: If People Were Honest In-Reply-To: <23669.drzaphod@ncselxsi> Message-ID: <9301151728.AA06697@toad.com> MIME-Version: 1.0 Content-Type: text/plain A few days ago I had a personal illustration of how even honest people need privacy. The Board of Directors of EFF had met to make some decisions. Some of these involved firing employees, closing offices, etc. (See comp.org.eff.news and .talk for all the details). It took a few days to finalize everything, though. During that time, we needed privacy in order to not hurt people (they might hear a false rumor that was the result of an intermediate stage in the decision; they might hear from some source other than us that they were losing their jobs, etc). We seriously had to consider whether to use email to work out the final details, since the system administrators had not yet been told. Cellular phones were right out. As it worked out, it was fine. The announcement was posted to the net slightly after the meeting in which we told all the employees what was happening. I won't say nobody was hurt -- we all were -- but we were all a lot less hurt than if the staff had "accidentally" found out, before anyone responsible for the decision had told them personally. John From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mark Turner Date: Fri, 15 Jan 93 01:32:56 PST To: ecfp@demon.co.uk Subject: /usr/lib/newsbin/ctl/newgroup: `news@math.fu-berlin.de (Math Department)' tried (fwd) Message-ID: <9301150930.aa08405@demon.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain You may be interested in this recent attempt to create a bogus newsgroup, especially if you've been following recent discussion in sci.crypt. Regards, Mark. According to news@dis.demon.co.uk.... > From dis.demon.co.uk!news Fri Jan 15 00:38:27 1993 > To: usenet@dis.demon.co.uk > Subject: /usr/lib/newsbin/ctl/newgroup: `news@math.fu-berlin.de (Math Department)' tried > Date: Fri, 15 Jan 93 0:33:57 GMT > From: news@dis.demon.co.uk > Sender: news@dis.demon.co.uk > Message-ID: <9301150033.aa12907@dis.demon.co.uk> > > /usr/lib/newsbin/ctl/newgroup: `news@math.fu-berlin.de (Math Department)' tried > to create newsgroup `alt.fan.david-sternlight'. > Request was refused: component exceeds 14 characters. > === > Control: newgroup alt.fan.david-sternlight > Newsgroups: alt.fan.david-sternlight.ctl,control > Path: demon!pipex!bnr.co.uk!bnrgate!nott!torn!spool.mu.edu!yale.edu!ira.uka.de!math.fu-berlin.de!lkdfjilu!sternlight.com!nobody > From: dsfc@sternlight.org > Subject: newgroup alt.fan.david-sternlight > Message-ID: > Sender: news@math.fu-berlin.de (Math Department) > Organization: J. Random Site > Date: Wed, 13 Jan 1993 20:14:32 GMT > Approved: news > Lines: 21 > > > one mo' time... > > For your newsgroups file: > alt.fan.david-sternlight David Sternlight, sci.crypt crusader > > > This group is designed for the praise of the wit and wisdom of our > leader, David Sternlight, the man battling the evil use of > cryptography wherever it may lie. > > The group is being created entirely for the use of the David > Sternlight Fanclub, which holds the patent on this newsgroup and would > be forced to sue if anyone else tried to use it. Indeed, we would be > disgusted by the implicit lack of respect for intellectual property. > Also, this newsgroup may not be imported or exported from any eastern > block country in contravention of the ITARs. > > Thank you, > > The David Sternlight Fanclub > === -- /\/\ark Turner Demon Systems / Demon Internet Office: mark@demon.co.uk (+44 81 349 0063) 42 Hendon Lane, London Home: mt@kram.org (+44 831 823 212) N3 1TT, England ------------------ PGP version 2.0 Public Key available ------------------- *** IP level dial-up connectivity to the Internet for a tenner a month! *** From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu@cygnus.com Date: Fri, 15 Jan 93 09:36:17 PST To: cypherpunks@toad.com Subject: Whitfield Diffie gets award Message-ID: <9301151735.AA17487@cygnus.com> MIME-Version: 1.0 Content-Type: text/plain SUN ENGINEER RECEIVES INTERNATIONAL AWARD; FOUNDED NEW FIELD OF SCIENTIFIC RESEARCH MOUNTAIN VIEW, Calif. -- January 13, 1993 -- Whitfield Diffie, 48, Distinguished Engineer at Sun Microsystems Computer Corporation (SMCC), was recently awarded the degree of Doctor of Technical Sciences, Honoris Causa, by the Swiss Federal Institute of Technology. The award was given for founding a new field of scientific research, public key cryptography, which grew out of discoveries Diffie made at Stanford University in 1975. The Swiss Federal Institute of Technology, or ETH after the initials of its German name, is one of the most prestigious technical universities in the world. It counts among its alumni some of the foremost scientists of the 20th century, including Albert Einstein and John VonNeuman. Doctorates "by reason of honor" make up less than one tenth of the total number of doctoral degrees awarded by the ETH. They are granted for major scientific or engineering achievements and are given only after a nomination and review process taking two to three years. In conventional cryptography, encrypting and decrypting messages were inseparable; anyone who could create an encrypted message could also read it and vice versa. By separating these functions, public key cryptography allows people to guarantee the privacy of conversations with people they have never met before and to apply unforgeable "digital signatures" to their messages. In Diffie's words: it does what signatures and envelopes do for ordinary mail. At the time Diffie began his work in cryptography, he was one of only a handful of people not employed by government intelligence agencies who took a serious interest in the field. Today, the International Association for Cryptologic Research, of which he is one of the founding directors, has hundreds of members from industry and academia worldwide. Diffie joined Sun in the summer of 1991 with the title of Distinguished Engineer, although one of his inventions had already been used in the company's security products since 1987. In hiring Diffie, Sun recognized both the rising importance of security in computer communications and the critical role of cryptography in achieving that security. In the latest Sun(TM) Solaris(R) operating system, the original "secure RPC" has been improved, while more comprehensive applications of cryptography are planned for future versions of Solaris. Sun Microsystems Computer Corporation (SMCC) is the world's leading supplier of open client-server computing solutions. With headquarters in Mountain View, Calif., SMCC is an operating company of Sun Microsystems, Inc. ### Sun Microsystems, Sun Microsystems Computer Corp., Sun, the Sun logo, are trademarks or registered trademarks of Sun Microsystems, Inc. Solaris is a registered trademark of Sun Microsystems, Inc. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tribble@xanadu.com (E. Dean Tribble) Date: Fri, 15 Jan 93 11:35:19 PST To: cypherpunks@toad.com Subject: random remailers Message-ID: <9301151822.AA13343@xanadu.xanadu.com> MIME-Version: 1.0 Content-Type: text/plain Has anyone thought about the consequence of randomly picking a remailing path instead of using the same one? It occurred to me yesterday that randomly picked paths could reveal more information to the remailer sites so that they could figure out the connection between a pseudonym and the eventual destination pretty well. It's just an intuition at this point, though. dean From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dclunie@pax.tpa.com.au (David Clunie) Date: Thu, 14 Jan 93 16:03:48 PST To: cypherpunks@toad.com Subject: Re: anonymous service shutdown (pax) Message-ID: <9301150003.AA00743@britt> MIME-Version: 1.0 Content-Type: text/plain I have had a fairly long discussion via email with the AARnnet administrator involved. He points out that wrongly or rightly (he believes wrongly) the AARNet does not have an "open access" policy, and the network is setup exclusively to service the university community. Public access systems are tolerated, but barely, and mainly through the grace of those who administer the system rather than those who fund it. The complaint in question was actually not at all specific, and came not from the NSF but from one of the NASA Internet officers who is responsible for the US end of the link to Australia (and pay for some of it). Essentially the complaint was one of increasing mail traffic on an already congested link to the US, as well as concern about the "hiding people's identities so they cannot be responsible for what they say". Personally I disagree with the second complaint, but cannot dispute the first, without statistsics about what component of the link was being consumed by the posting service. I suspect it was very small but these things all add up. It seems a shame that the anonymous system is being terminated "on principle" but the AARNet person has been friendly about it, in fact positively graceful in view of my somewhat inflammatory post, and so I guess I just have to leave it there. Hopefully eventually commercial vendors will provide an alternative channel to the university-based network here currently, much as has happened in the US over the years, and these questions will be less of a concern. david From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: BRIAN MCBEE Date: Fri, 15 Jan 93 12:57:34 PST To: CYPHERPUNKS@TOAD.COM Subject: use of ripem instead of pgp Message-ID: <00966A50.87B655C0.23058@OPAC.OSL.OR.GOV> MIME-Version: 1.0 Content-Type: text/plain > RIPEM is Mark Riordan's public-key program. It is similar to PEM, but does > not use the PEM certificates and therefore does not require people to have > their keys signed by an agency. It is not really PEM compatible. It does > use the RSAREF public-domain encryption package, so it is legal for non- > commercial use in the U.S. and Canada. > > What I suggested was the use of RIPEM since it is available now, is legal, > and is free. > > Note, though, that whether RIPEM or PGP is used, they are only for non- > commercial use. A remailer that wanted to charge, such as the ones that > Eric Messick is discussing, would probably have to license the technology > from PKP directly to be legal. (I'm not sure whether PEM also is limited > to non-commercial use.) > > Hal Finney > 74076.1041@compuserve.com Since the only reason we are talking about RIPEM is because of legality concerns about PGP, I thought I'd mention that it is (at least theoretically) illegal to export RIPEM from the US, annd therefore could not be legally used to correspond with persons overseas. I don't know if there is a legal way to do public key cryptography between persons inside the US and persons outside the US. ----- Brian McBee ----- (503)378-4276 ----- brian@opac.osl.or.gov ----- ----- Oregon State Library, State Library Building, Salem, OR 97310 ----- Plan globally, attack locally From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uri@watson.ibm.com Date: Fri, 15 Jan 93 09:27:02 PST To: marc@MIT.EDU Subject: Re: possible solution to the anonymous... In-Reply-To: <9301150739.AA02931@deathtongue.MIT.EDU> Message-ID: <9301151725.AA12991@buoy.watson.ibm.com> MIME-Version: 1.0 Content-Type: text/plain Marc Horowitz says: > >> I haven't looked at RIPEM much but I'm sure the remailers could use it > >> as easily as PGP. Even non-encrypting remailers can provide basic > >> anonymous posting and mail, if those would be more acceptable. > I thought about this. The major problem is that once the PEM > beta-testing period ends, all keys must be registered with "approved" > (by RSA) central authorities. Oh, NO! RSADSI will CERTIFY you keys, IF YOU WISH; and they'll certify your PERSONAL keys for free (unlike any other level of "confidence", which MAY cost money :-)... Where did you get this idea from? [Also it's my understanding, that one could use other certifying authorities besides RSADSI]. -- Regards, Uri uri@watson.ibm.com scifi!angmar!uri N2RIU ----------- From cypherpunks-request Fri Jan 15 09:38:17 1993 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pfarrell@cs.gmu.edu (Pat Farrell) Date: Fri, 15 Jan 93 09:30:59 PST To: 74076.1041@CompuServe.COM Subject: shrinking availability of PGP Message-ID: <9301151728.AA20322@cs.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain On 14 Jan, Hal wrote: > >PGP is gradually disappearing from U.S. sites where it used to be >available. Recently it got taken off the EFF area on Compuserve. >We can't afford to see encryption and remailers be slowly strangled. > I agree that this would be terrible. Do you have any grounding for this generalized statement? I can understand CI$ backing off, as they were the only organization in the US making a profit from PGP. And they have the resources and assetts that could be a target if PKP wanted a test case. I just had archie look arround, and to me the number of places was about the same. For some reason, archie doesn't find it in two places I know it is: soda.berkeley.edu and phil.utmb.edu Archie did report that it is on wuarchive. I'm affraid that the legal cloud will remain over PGP for quite some time, and that the flawed PEM implementations will become the standard. Until there is someone with real assetts using PGP, PKP's lawyers will not bother to expose their patent to the possibility of being invalidated. I also don't expect to see those of us who are assett free changing from PGP to RIPEM/PEM just because it is free of the cloud. This cloud will make folks who are nervous about the changes that netwroks, communications, and encryption will bring more cautious. I expect that PGP will continue to move from site to site. Which is why archie and gopher are so important to all of us. Pat Pat Farrell, Grad Student pfarrell@cs.gmu.edu Department of Computer Science, George Mason University, Fairfax, VA PGP key available via finger or request #include standard.disclaimer From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uri@watson.ibm.com Date: Fri, 15 Jan 93 09:58:13 PST To: cypherpunks@toad.com Subject: Re: possible solution to the anonymous... In-Reply-To: <9301150837.AA01096@britt> Message-ID: <9301151731.AA13017@buoy.watson.ibm.com> MIME-Version: 1.0 Content-Type: text/plain David Clunie says: > > RSA has a patent on their algorithm. It's quite likely that I can't > > even create a key pair without their permission, let alone use it. > > I am not familiar with the legal status of patents and software packages, > but it seems to me that they can sell you a program and license you to > use it, but forcing you to use one of their key servers instead of your > own seems pretty far fetched. Anyway, RSADSI released RSAREF toolkit free for non-commercial use. RIPEM (with RSAREF bundled in :-) allows you to create as many key pairs as your soul wishes. And surprise, you are allowed to use them... So let's face real problems, rather than RSA patent (which hopefully will expire by itself :-). -- Regards, Uri uri@watson.ibm.com scifi!angmar!uri N2RIU ----------- From cypherpunks-request Fri Jan 15 15:51:35 1993 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Messick Date: Fri, 15 Jan 93 15:45:21 PST To: cypherpunks@toad.com Subject: Re: random remailers In-Reply-To: <9301151822.AA13343@xanadu.xanadu.com> Message-ID: <9301152057.AA03932@parallax.com> MIME-Version: 1.0 Content-Type: text/plain I've been thinking about random remailing paths for a while now, and I must admit that I don't know if it's on the balance a positive or negative thing. My view is: give the user the option. The positive points: Traffic analysis *MAY* be more difficult. If you are receiving a large quantity of traffic, it won't all follow the same path, so it won't show up as a big spike in traffic between any two hosts. On the other hand, it will all need to converge on you anyway. You just need to hide the incoming traffic with bogus outgoing traffic. If you intend to receive a large amount of anonymous mail, it would be wise to run a popular remailer. New remailers get up to speed faster. With the remailer network handling the addition of new remailers automatically, an announcement of a new remailer could result in sufficient cover traffic quickly. If you have to wait for PEOPLE to decide to use the new remailer, it will ramp up much more slowly. On the other hand, cover traffic could be handled randomly, even with real messages always being staticly routed by people. Negative points: Your messages travel through more hosts, increasing the likelihood of having them encounter a compromised host. This is more pronounced since it is difficult to evaluate the reputations of hosts when you have only indirect control of their selection. On the other hand, we would like our systems to be immune to the compromise of even a moderately large portion of the remailers. A difficult question to be sure. That's why I advocate giving the choice to the user. -eric messick From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Fri, 15 Jan 93 10:13:47 PST To: Subject: RIPEM vs PEM Message-ID: <930115175946_74076.1041_DHJ57-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain There is a little confusion here between RIPEM and PEM. PEM is the "official" Internet standard for Privacy Enhanced Mail. An implementation is in beta test right now, and uses a centralized certificate hierarchy for all keys. Everyone has to have their keys signed by an agency which is authorized by RSADSI (at least according to the Internet drafts I have, which are several months old). Typically, that agency would be your company or your school, because they are in a position to vouch for your identity. There is a provision, though, for pseudonymous keys to be issued, although they would be clearly marked as such. RIPEM is Mark Riordan's public-key program. It is similar to PEM, but does not use the PEM certificates and therefore does not require people to have their keys signed by an agency. It is not really PEM compatible. It does use the RSAREF public-domain encryption package, so it is legal for non- commercial use in the U.S. and Canada. What I suggested was the use of RIPEM since it is available now, is legal, and is free. Note, though, that whether RIPEM or PGP is used, they are only for non- commercial use. A remailer that wanted to charge, such as the ones that Eric Messick is discussing, would probably have to license the technology from PKP directly to be legal. (I'm not sure whether PEM also is limited to non-commercial use.) Hal Finney 74076.1041@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jordan@imsi.com (Jordan Hayes) Date: Fri, 15 Jan 93 11:18:55 PST To: cypherpunks@toad.com Subject: Re: pax shutdown Message-ID: <9301151813.AA26738@IMSI.COM> MIME-Version: 1.0 Content-Type: text/plain From: BRIAN MCBEE If it turns out that pressure to shut down really did come from the official net hierarchy ... There is no question: those who were paying for the (quite expensive, relatively low bandwidth) connection between the US & Australia found themselves with a saturated link and looked for a "good candidate" to shut off. It turns out that lots of the packets are mail, and a good number of the mail messages were going to/from the anonymous service. This was not a move against anonymous e-mail or the research into it. This was just an abuse of "someone elses money" that was easy to target. Next topic please ... this is getting tired. /jordan From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Fri, 15 Jan 93 10:39:53 PST To: Subject: more on security/obscurity/reality Message-ID: <930115183334_74076.1041_DHJ45-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain I can understand Daniel Ray's proposing to keep a low profile in running remailers, using encryption and such. Pax was probably the highest profile service, at least in the Usenet groups I use, and look what happened to it. The problem is, how can a remailing service be secret? Its address has to be known in order for it to be used! The only way it could be secret that I can see would be for it to have only a small, select group of "clients" who use it, and who keep the address to themselves. But there is no such group; it's not like there's some kind of ring of privacy lovers out there who will want to use such services but who will be willing to keep the servers secret. If remailers are going to be useful, they _have_ to be public. People have to know how to reach them in order to use them. The real task, it seems to me, is to justify anonymous mail to the Internet public, so that people will not support these shutdowns, and, even better, so that people will routinely use encryption and even remailing when they communicate. Eric Hughes made the point here some time back that we should aim for a society where sending non-encrypted remail is considered rather eccentric: "What? You send your mail _exposed_? You don't mind if everyone reads it?" In the same way, sending mail in such a way that everyone can see who you are communicating with, and that everyone you send to can see your true address automatically, could become equally unusual. One other point I'd make regards the use of pseudonyms for replying. The Pax service created a pseudonym for each person who used the service which was put into the "From:" line of outgoing mail. Then people could reply to that pseudonym and it would go back to the original sender. The problem with this approach, as far as spreading remailers, is that you have to have privileges on your machine in order to create new user ID's. An individual user who doesn't own or run a machine is generally not able to create such pseudonyms. This means that the number of people who can run remailers which use such features is much smaller than the number who can run the simpler Cypherpunks remailers in their current versions. The Cypherpunks remailers do allow for anonymous return addresses, but they are quite cumbersome to use, not automatic like the Pax type. But they do have the advantage that anyone who has access to Unix, PGP and Perl can run them. This is probably a much larger population. Hal From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Derek Atkins Date: Fri, 15 Jan 93 11:19:09 PST To: Marc.Ringuette@GS80.SP.CS.CMU.EDU Subject: Re: possible solution to the anonymous harrassment problem In-Reply-To: <9301150856.AA27483@toad.com> Message-ID: <9301151918.AA06316@toxicwaste.MEDIA.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain > You're poorly informed. As a condition of a grant from DARPA to RSADSI, > RSAREF may be used noncommercially, for free, to do any of the following: > - RSA encryption and key generation, as defined by RSA Data > Security's Public-Key Cryptography Standards (PKCS) [4] > - MD2 and MD5 message digests [3,5,6] > - DES (Data Encryption Standard) in cipher-block chaining mode > [7,8] > Moreover, I believe you'll find that RSADSI has become much more helpful > recently. For more information, anonymous ftp to rsa.com and look around. > > I've just gone over the RSAREF license agreement again. It seems to permit > any sort of not-for-profit operation, including a public key service. Uhh, this is not quite true. If you read closer, you will see that you need "special permission from RSADSI" to use non-published interfaces to RSAREF. At the end is an exerpt from the RSAREF documentation about its interface. If you want more functionality, you have to ask special permission! This means that without this permission, you CANNOT use "RSA encryption" in-and-of itself. -derek ---------- begin exerpt -------------- RSAREF is written entirely in C. Its application interface includes the following routines: R_SignPEMBlock computes a digital signature on a message R_VerifyPEMSignature verifies a digital signature on a message R_VerifyBlockSignature verifies a digital signature on a block of data such as a certificate R_SealPEMBlock computes a digital signature and encrypts a message R_OpenPEMBlock decrypts an encrypted message and verifies a digital signature R_DigestBlock computes a message digest on a message R_GeneratePEMKeys generates an RSA public/private key pair R_RandomInit initializes a random structure R_RandomUpdate mixes bytes into a random structure R_GetRandomBytesNeeded computes the number of mix-in bytes still needed to seed a random structure R_RandomFinal zeroizes a random structure From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: matt@oc.com (Matthew Lyle) Date: Fri, 15 Jan 93 12:40:13 PST To: cypherpunks@toad.com Subject: resource for writing corp e-mail policy? Message-ID: <199301152036.AA27269@ra.oc.com> MIME-Version: 1.0 Content-Type: text/plain Can anybody out there point me towards some resources that could be used to write a good corporate e-mail privacy policy? -- Matthew Lyle (214) 888-0474 OpenConnect Systems matt@oc.com Dallas, TX "...and once you have tasted flight, you will walk the earth with your eyes turned skyward, for there you have been, and there you long to return..." From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uri@watson.ibm.com Date: Fri, 15 Jan 93 12:19:29 PST To: warlord@MIT.EDU (Derek Atkins) Subject: Re: possible solution to the anonymous harrassment problem In-Reply-To: <9301151918.AA06316@toxicwaste.MEDIA.MIT.EDU> Message-ID: <9301152018.AA12839@buoy.watson.ibm.com> MIME-Version: 1.0 Content-Type: text/plain Derek Atkins says: > > I've just gone over the RSAREF license agreement again. It seems to permit > > any sort of not-for-profit operation, including a public key service. > Uhh, this is not quite true. If you read closer, you will see that > you need "special permission from RSADSI" to use non-published > interfaces to RSAREF. If you want more functionality, > you have to ask special permission! Well, their license says, that "they will grant permission for any reasonable request" for modification to RSAREF, or to access to those unpublished routines. I guess until somebody asks about such a permission and gets rejected, or granted - we'll never know... [BTW, I aske and got such permission for my own private needs...] Now, who's willing to volunteer? (:-) > This means that without this permission, you CANNOT use "RSA > encryption" in-and-of itself. Legally, you mean (:-). -- Regards, Uri uri@watson.ibm.com scifi!angmar!uri N2RIU ----------- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc.Ringuette@GS80.SP.CS.CMU.EDU Date: Fri, 15 Jan 93 12:30:20 PST To: cypherpunks@toad.com Subject: Re: possible solution to the anonymous harrassment problem Message-ID: <9301152030.AA10201@toad.com> MIME-Version: 1.0 Content-Type: text/plain > If you read closer, you will see that you need "special permission from > RSADSI" to use non-published interfaces to RSAREF. I thought their interface was good enough to do all of the obvious operations -- RSA block encrypt and decrypt being the most important -- and that this restriction was just to prevent bizarrelly hacked versions of their code from being confused with the original. > R_SignPEMBlock computes a digital signature on a message > R_VerifyBlockSignature verifies a digital signature on a block of > data such as a certificate Let me know if I'm wrong, but I don't think I am. -- Marc Ringuette (mnr@cs.cmu.edu) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: eab@msc.edu (Edward Bertsch) Date: Fri, 15 Jan 93 13:34:11 PST To: cypherpunks-request@toad.com Subject: unsubscribe Message-ID: <9301152133.AA05997@wc.msc.edu> MIME-Version: 1.0 Content-Type: text/plain unsubscribe please From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uri@watson.ibm.com Date: Fri, 15 Jan 93 13:26:42 PST To: opac!brian%OPAC.osl.or.gov@CS.ORST.EDU (BRIAN MCBEE) Subject: Re: use of ripem instead of pgp In-Reply-To: <00966A50.87B655C0.23058@OPAC.OSL.OR.GOV> Message-ID: <9301152125.AA19820@buoy.watson.ibm.com> MIME-Version: 1.0 Content-Type: text/plain BRIAN MCBEE says: > Since the only reason we are talking about RIPEM is because of legality > concerns about PGP, I thought I'd mention that it is (at least theoretically) > illegal to export RIPEM from the US, annd therefore could not be legally used > to correspond with persons overseas. RSAREF isn't legally exportable - that's correct. But RIPEM certainly is. And there's nothing to prevent those overseas from using RIPEM with whatever RSA and DES implementations they wish (they have at least three good ones to choose from :-). > I don't know if there is a legal way to do public key cryptography between > persons inside the US and persons outside the US. a) If "they" teach PGP to understand PEM - we could use RIPEM here to talk to them (they will use PGP, naturally). b) If they get legal RIPEM and marry it with RSA/DES - we could talk with them using RIPEM on both ends. -- Regards, Uri uri@watson.ibm.com scifi!angmar!uri N2RIU ----------- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jthomas@kolanut.mitre.org (Joe Thomas) Date: Fri, 15 Jan 93 13:35:21 PST To: cypherpunks@toad.com Subject: Re: use of ripem instead of pgp Message-ID: <9301152131.AA01479@kolanut> MIME-Version: 1.0 Content-Type: text/plain BRIAN MCBEE writes: >Since the only reason we are talking about RIPEM is because of legality >concerns about PGP, I thought I'd mention that it is (at least theoretically) >illegal to export RIPEM from the US, annd therefore could not be legally used >to correspond with persons overseas. >I don't know if there is a legal way to do public key cryptography between >persons inside the US and persons outside the US. What is illegal to export is the software implementations of strong cryptography, not messages encrypted with them, or even detailed specifications of how to implement compatible software. So, theoretically, if a group in each COCOM-complying country and a group out of the reach of COCOM each independently implemented software to do the public-key cryptography (the U.S. group is the only one that will have to worry about licensing PKP's patents), then trading encrypted mail would be unquestionably legal. It would also be a lot of wasted work and duplicated effort, and I don't see any reason to respect the laws that make exporting or importing this software illegal. RIPEM has no doubt escaped the U.S. since RSADSI put it up for anonymous FTP last week, and PGP is everywhere. Joe From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc.Ringuette@GS80.SP.CS.CMU.EDU Date: Fri, 15 Jan 93 13:39:48 PST To: cypherpunks@toad.com Subject: Re: use of ripem instead of pgp Message-ID: <9301152139.AA11168@toad.com> MIME-Version: 1.0 Content-Type: text/plain Bear in mind that many countries have restrictions about shipping encrypted traffic across their borders. These restrictions will be almost impossible to enforce, true, but do exist. M. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Derek Atkins Date: Fri, 15 Jan 93 13:41:59 PST To: Marc.Ringuette@GS80.SP.CS.CMU.EDU Subject: Re: possible solution to the anonymous harrassment problem In-Reply-To: <9301152030.AA10201@toad.com> Message-ID: <9301152141.AA07098@toxicwaste.MEDIA.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain > I thought their interface was good enough to do all of the obvious > operations -- RSA block encrypt and decrypt being the most important -- > and that this restriction was just to prevent bizarrelly hacked > versions of their code from being confused with the original. > > > R_SignPEMBlock computes a digital signature on a message > > R_VerifyBlockSignature verifies a digital signature on a block of > > data such as a certificate > > Let me know if I'm wrong, but I don't think I am. You are wrong. The interface does *not* give you RSA Block De/Encrypt. -derek From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dclunie@pax.tpa.com.au (David Clunie) Date: Fri, 15 Jan 93 00:05:55 PST To: cypherpunks@toad.com Subject: Re: possible solution to the anonymous h Message-ID: <9301150805.AA01054@britt> MIME-Version: 1.0 Content-Type: text/plain > I thought about this. The major problem is that once the PEM > beta-testing period ends, all keys must be registered with "approved" > (by RSA) central authorities. I highly doubt they'd issue > pseudonymous keys, but maybe they would allow someone to set up a > heirarchy especially for that purpose. I'm not convinced. Who says ? RSA may wish this to happen, but surely anyone who wants to can set up their own key service. david From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dclunie@pax.tpa.com.au (David Clunie) Date: Fri, 15 Jan 93 00:38:16 PST To: cypherpunks@toad.com Subject: Re: possible solution to the anonymous h Message-ID: <9301150837.AA01096@britt> MIME-Version: 1.0 Content-Type: text/plain > RSA has a patent on their algorithm. It's quite likely that I can't > even create a key pair without their permission, let alone use it. I am not familiar with the legal status of patents and software packages, but it seems to me that they can sell you a program and license you to use it, but forcing you to use one of their key servers instead of your own seems pretty far fetched. I would be very surprised if the law is clear cut on this issue, or has ever been tested. I gather software licenses are pretty hazy territory at the best of times without getting involved in patent law as well !@#$ david From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peter honeyman Date: Fri, 15 Jan 93 17:18:58 PST To: tribble@xanadu.com (E. Dean Tribble) Subject: Re: random remailers In-Reply-To: <9301151822.AA13343@xanadu.xanadu.com> Message-ID: <9301160118.AA14215@toad.com> MIME-Version: 1.0 Content-Type: text/plain > Has anyone thought about the consequence of randomly picking a > remailing path instead of using the same one? what if the remailer flips a coin, choosing between final delivery and remailing through another of its ilk. "message delivery with probability one ..." imho, this beats source routing big time. easy to hack into the scripts, too. > It occurred to me > yesterday that randomly picked paths could reveal more information to > the remailer sites so that they could figure out the connection > between a pseudonym and the eventual destination pretty well. not sure what you mean. peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Al Billings Date: Fri, 15 Jan 93 23:16:32 PST To: Hal <74076.1041@CompuServe.COM> Subject: Re: more on security/obscurity/reality In-Reply-To: <930115183334_74076.1041_DHJ45-1@CompuServe.COM> Message-ID: MIME-Version: 1.0 Content-Type: text/plain On 15 Jan 1993, Hal wrote: > One other point I'd make regards the use of pseudonyms for replying. > The Pax service created a pseudonym for each person who used the > service which was put into the "From:" line of outgoing mail. Then > people could reply to that pseudonym and it would go back to the > original sender. Does anyone have a copy of the software PAX used? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Dave Banisar Date: Fri, 15 Jan 93 20:25:16 PST To: CPSR@gwuvm.gwu.edu Subject: Released GSA Docs Slam FBI Wiretap Proposal Message-ID: <9301152322.AA47734@hacker2.eff.org> MIME-Version: 1.0 Content-Type: text/plain "GSA Memos Reveal that FBI Wiretap Plan was Opposed by Government's Top Telecomm Purchaser" The New York Times reported today on a document obtained by CPSR through the Freedom of Information Act. ("FBI's Proposal on Wiretaps Draws Criticism from G.S.A.," New York Times, January 15, 1993, p. A12) The document, an internal memo prepared by the General Services Administration, describes many problems with the FBI's wiretap plan and also shows that the GSA strongly opposed the sweeping proposal. The GSA is the largest purchaser of telecommunications equipment in the federal government. The FBI wiretap proposal, first announced in March of 1992, would have required telephone manufacturers to design all communications equipment to facilitate wire surveillance. The proposal was defeated last year. The FBI has said that it plans to reintroduce a similar proposal this year. The documents were released to Computer Professionals for Social Responsibility, a public interest organization, after CPSR submitted Freedom of Information Act requests about the FBI's wiretap plan to several federal agencies last year. The documents obtained by CPSR reveal that the GSA, which is responsible for equipment procurement for the Federal government, strongly opposed two different versions of the wiretap plan developed by the FBI. According to the GSA, the FBI proposal would complicate interoperability, increase cost, and diminish privacy and network security. The GSA also stated that the proposal could "adversely _affect national security._" In the second memo, the GSA concluded that it would be a mistake to give the Attorney General sole authority to waive provisions of the bill. The GSA's objections to the proposal were overruled by the Office of Management and Budget, a branch of the White House which oversees administrative agencies for the President. However, none of GSA's objections were disclosed to the public or made available to policy makers in Washington. Secrecy surrounds this proposal. Critical sections of a report on the FBI wiretap plan prepared by the General Accounting Office were earlier withhold after the FBI designated these sections "National Security Information." These sections included analysis by GAO on alternatives to the FBI's wiretap plan. CPSR is also pursuing a FOIA lawsuit to obtain the FBI's internal documents concerning the wiretap proposal. The GSA memos, the GAO report and others that CPSR is now seeking indicate that there are many important documents within the government which have still not been disclosed to the public. Marc Rotenberg CPSR Washington office rotenberg@washofc.cpsr.org Note: Underscores indicate underlining in the original text. Dashes that go across pages indicate page breaks. [Computer Professionals for Social Responsibility is a non- profit, public interest membership organization. For membership information about CPSR, contact cpsr@csli.stanford.edu or call 415/322-3778. For information on CPSR's FOIA work, contact David Sobel at 202/544-9240 (sobel@washofc.cpsr.org).] ------------------------------------------------------------- (#4A) Control No. X92050405 Due Date: 5/5/92 Brenda Robinson (S) After KMR consultations, we still _"cannnot support"_ Draft Bill. No. 118 as substantially revised by Justice after its purported full consideration of other agencies' "substantive concerns." Aside from the third paragraph of our 3/13/92 attachment response for the original draft bill, which was adopted as GSA's position (copy attached), Justice has failed to fully address other major GSA concerns (i.e., technological changes and associated costs). Further, by merely eliminating the FCC and any discussion of cost issues in the revision, we can not agree as contended by Justice that it now " ... takes care of kinds of problems raised by FCC and others ...." Finally, the revision gives Justice sole unilateral exclusive authority to enforce and except or waive the provisions of any resultant Iaw in Federal District Courts. Our other concerns are also shown in the current attachment for the revised draft bill. Once again OMB has not allowed sufficient time for a more through review, a comprehensive internal staffing, or a formal response. /Signature/ Wm. R. Loy KMR 5/5/92 Info: K(Peay),KD,KA,KB,KE,KG,KV,KM,KMP,KMR,R/F,LP-Rm.4002 (O/F) - 9C1h (2) (a) - File (#4A) ------------------------------------------------------------- ATTACHMENT REVISED JUSTICE DRAFT BILL DIGITAL TELEPHONY The proposed legislation could have a widespread impact on the government's ability to acquire _new_ telecommunications equipment and provide electronic communications services. _Existing_ Federal government telecommunications resources will be affected by the proposed new technology techniques and equipment. An incompatibility and interoperability of existing Federal government telecommunications system, and resources would result due to the new technological changes proposed. The Federal Communications Commission (FCC) has been removed from the legislation, but the Justice implementation may require modifications to the "Communications Act of 1934," and other FCC policies and regulations to remove inconsistencies. This could also cause an unknown effect on the wire and electronic communications systems operations, services, equipment, and regulations within the Federal government. Further, to change a major portion of the United States telecommunications infrastructure (the public switched network within eighteen months and others within three years) seems very optimistic, no matter how trivial or minimal the proposed modifications are to implement. In the proposed legislation the Attorney General has sole _unilateral exclusive_ authority to enforce, grant exceptions or waive the provisions of any resultant law and enforce it in Federal District Courts. The Attorney General would, as appropriate, only "consult" with the FCC, Department of Commerce, or Small Business Administration. The Attorney General has exclusive authority in Section 2 of the legislation; it appears the Attorney General has taken over several FCC functions and placed the FCC in a mere consulting capacity. The proposed legislation would apply to all forms of wire and electronic communications to include computer data bases, facsimile, imagery etc., as well as voice transmissions. The proposed legislation would assist eavesdropping by law enforcement, but it would also apply to users who acquire the technology capability and make it easier for criminals, terrorists, foreign intelligence (spies) and computer hackers to electronically penetrate the public network and pry into areas previously not open to snooping. This situation of easier access due to new technology changes could therefore affect _national security_. (1) ------------------------------------------------------------- The proposed legislation does not address standards and specifications for telecommunications equipment nor security considerations. These issues must be addressed as they effect both the government and private industry. There are also civil liberty implications and the public's constitutional rights to privacy which are not mentioned. it must be noted that equipment already exists that can be used to wiretap the digital communications lines and support court- authorized wiretaps, criminal investigations and probes of voice communications. The total number of interception applications authorized within the United States (Federal and State) has been averaging under nine hundred per year. There is concern that the proposed changes are not cost effective and worth the effort to revamp all the existing and new telecommunications systems. The proposed bill would have to have the FCC or another agency approve or reject new telephone equipment mainly on the basis of whether the FBI has the capability to wiretap it. The federal- approval process is normally lengthy and the United States may not be able to keep pace with foreign industries to develop new technology and install secure communications. As a matter of interest, the proposed restrictive new technology could impede the United States' ability to compete in digital telephony and participate in the international trade arena. Finally, there will be unknown associated costs to implement the proposed new technological procedures and equipment. These costs would be borne by the Federal government, consumers, and all other communications ratepayers to finance the effort. Both the Federal government and private industry communications regular phone service, data transmissions, satellite and microwave transmissions, and encrypted communications could be effected at increased costs. (2) ============================================================= Documents disclosed to Computer Professionals for Social Responsibility (CPSR), under the Freedom of Information Act December 1992 ============================================================= From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tony@morgan.demon.co.uk (Tony Kidson) Date: Fri, 15 Jan 93 19:27:50 PST To: cypherpunks@toad.com Subject: Re: more on security/obscurity/reality (fwd) Message-ID: <1414@morgan.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain In message <9218@eternity.demon.co.uk> you write: > Forwarded message follows: > > > From cypherpunks-request%toad.com@relay2.uu.net Fri Jan 15 12:52:47 1993 > > One thing I've really noticed over the 5 or 6 years I've been on the net > is the real hatred people have for what is coined "security by obscurity." > I think it is because of the terrible way people have gotten burned by > relying on conceiled methods only, or secret algorithms as ciphers to > protect their material. The method is discovered one way or another, and > everything caves in on itself! Quite understandable. > > Yet I cringe at the way people have just turned their backs on the whole > meta-philosophy of "coversion." If, for instance, you are to do battle with > an unbearable, overwhelming power, such as the Government, then what is the > only real way to "win?" Besides convincing them not to do battle with you? > > It is by staying conceiled, secret, untargetable. If they don't know to fight > you, or, if they do know, but cannot find you, then you stay all right. > Once it gets to a face-to-face confrontation, however, you lose, and you > lose immediately, there is nothing you can bring to bear, since it is now > just a force equation, and they have over 10,000 times the force you do. > Or more... > > This is one of the applications of the secret side of life. Modern crypto- > graphy has advanced, I think, by declaring all coversion as eventually > discoverable, and only seeking algorithms that will suffice even if the > enemy knows your methods. I agree with this. I guess I part company, however, > when people totally throw out being secretive as a partial or adjunctive > solution to something that is intrinsicly secret to begin with. The addition > of conceilment, disinformation, invisibility, etc. can be a tremendous > advantage when combined with strong methods (good ciphers that don't rely > on coversion). It is a multilayered approach that first tries to not become > a target, and, if it is a target is still hard to crack. > > When us little people try to maintain privacy against a Govt. that is REALLY > PISSED OFF BY EVEN THE IDEA WE WANT TO STRONGLY PROTECT OURSELVES, a multi- > layered, contingency-based approach is required. The most important part of > it is not a strong cipher, but, not to become a detectable or locatable > target. i.e. coversion and secrecy. While what you say is certainly true, it won't survive any kind of detailed attack. I'm all for the sentiment, but while there are so many mundane things going on round about, the best way to remain undetected is to remain undecipherable and to make sure that there is enough traffic about of the same sort. Press for encipherment of e-mail, that way, if everybody is doing it, who's to know what the underworld is doing? This is especially useful if you are not actually interested in violent revolution. You can then convince the powers that be that you are not worth monitoring. regards Tony ------------------+-------------------------------+--------------------------+ | Tony Kidson |`morgan' is an 8MB 486/33 Cat-| Voice +44 81 466 5127 | | Morgan Towers, |Warmer with a 670 MB Hard Disk.| E-Mail | | Morgan Road, |It resides at Morgan Towers in| tony@morgan.demon.co.uk | | Bromley, |Beautiful Down Town Bromley. | tny@cix.compulink.co.uk | | England BR1 3QE | -=<*>=- | 100024.301@compuserve.com| +=================+===============================+==========================+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Chris Hibbert Date: Sat, 16 Jan 93 14:55:14 PST To: Hal Subject: Re: possible solution to the anonymous h In-Reply-To: <930115065840_74076.1041_DHJ55-1@CompuServe.COM> Message-ID: <9301162240.AA18137@entropy.xanadu.com> MIME-Version: 1.0 Content-Type: text/plain > A final point is that forwarding mail for another person can hardly be > made illegal in general. If I receive a message from person A asking me > to forward it on to person B, and I do so, this is clearly a legitimate > email message that I choose to send. To try to disallow this would be to > put intolerable restrictions on email content. So, if this is allowed, it > seems to me that I should be able to write a program to do what I am > allowed to do manually. I don't believe the analogy holds up. In dealing with it manually, police would expect that there's a chance that they could haul you into court and ask you for names and dates. In the manual situation, you are responsible as editor, a responsibility you're looking to get away from. The law would prefer that someone is responsible, so they may try to find a way to hold someone responsible. Chris From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Sat, 16 Jan 93 17:48:21 PST To: CYPHERPUNKS Subject: Digital cash legality... Message-ID: <930117014230_74076.1041_DHJ26-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain I've continued to try to learn about what laws might restrict the issuing of electronic money. Banking is controlled at both the state and the federal level. One question was whether one could engage in bank-like activities without calling yourself a bank. Denning's California Codes, Financial, has this definition: ------ Section 102. "Bank" The word "bank" as used in this division means any incorporated banking institution which shall have been incorporated to engage in commercial banking business or trust business. The soliciting, receiv- ing, or accepting of money or its equivalent on deposit as a regular business shall be deemed to be doing a commercial banking business whether such deposit is made subject to check or is evidenced by a certificate of deposit, a passbook, a note, a receipt, or other writing; provided, that nothing herein shall apply to or include money or its equivalent left in escrow, or left with an agent pending investment in real estate or securities for or on account of his principal. It shall be unlawful for any corporation, partnership, firm, or individual to engage in or transact a banking business within this state except by means of a corporation duly organized for such purpose. ------ This seems to say that it's illegal to do these bank-like activities unless you either are a corporation specifically chartered to be a bank (in which case the many banking laws apply to you), or unless you are an escrow agent or a real estate or securities agent (in which case many other laws apply to you). The California financial codes are three volumes long, so there is a considerable body of law that one would have to be familiar with to consider engaging in such activies. Another approach I have thought of would be to buy and sell digital cash, calling it something else. It's legal to buy and sell other bit patterns, such as computer-readable pictures and software, so it should be legal to buy and sell these cryptographic items. The idea would be that for $1.00 you will sell someone a #1.00 crypto- cash file, either through email or over the counter if you wanted (on a floppy). Then, if someone comes to you with one of these #1.00 digital cash files, you will buy it back for $1.00. At one level you are simply buying and selling items just like the local dealer in baseball cards, but at another level you are a "money changer", converting between U.S. dollars and crypto-credits. The credits thus receive backing through your willingness to redeem them for dollars at any time. One issue is how certain people can be that you actually will buy back this crypto-cash for its "face value". Given that you're not actually a bank, not actually a money dealer, and therefore not bound by any regulations, there is nothing to compel you to continue to accept the crypto money. You could arbitrarily decide at any time not to buy it back any more, just like the local baseball card dealer. This, I think, is what makes this whole activity legal - you're not making any promises to "depositers" that they can get their money back. But, by the same token, it may prevent the digicash from being accepted. It would basically come down to your reputation for being trustworthy and committed. Another problem is the issue of sales tax. Using this "seller of bit patterns" model, you will have to collect sales tax from your customers who are within the state. From my experience selling software, you don't have to collect it for out-of-state customers. I don't know whether the state would also expect another "cut" when you buy the bit patterns back. But it sounds like there will be at least a 7% transaction cost to turn dollars into digital cash, which is probably prohibitive. One solution might be to do this from a state which doesn't collect sales tax. (Coin dealers here in California have some exemptions from the sales tax requirements, but I doubt whether these exemptions could be stretched to cover what I am proposing here. In other respects, though, that business is rather similar to what I am talking about, in that they do a lot of selling and buying back.) A related issue is whether this should be thought of as a business at all, or whether it could be a hobby. The fact is, you could actually make a lot of money at this, even though you buy and sell at the same price, by investing the dollars you are paid until you have to use them to buy the digital cash back. Still, given the apparent need to infringe or license both RSA's and Chaum's patents, I think running it on a "non-commercial" basis would be more acceptable, if that could be done. I suppose if you were careful to segregate the dollars used to purchase crypto-cash into a non-interest-bearing account, so you didn't make any money on them, you could call it non- commercial. (Actually, it's not 100% clear to me that RSA's patents would apply to a digital cash implementation, since their patent is for a communications machine, even though the algorithm is the same.) I'll let people know as I continue to learn more. Hal From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Sat, 16 Jan 93 23:45:44 PST To: cypherpunks@toad.com Subject: Ideal Remailers In-Reply-To: <9301151822.AA13343@xanadu.xanadu.com> Message-ID: <9301170742.AA11487@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain SOME PROPERTIES OF IDEAL REMAILERS Cypherpunks, It's been exciting seeing the work being done by so many of you on remailers! Not being either a PERL user or a UNIX box owner, I haven't had much to add to the debate these past several weeks. But on the issue of basic, primitive features of remailing networks, I want to make some points. I'll use Dean's message as a starting point. Dean Tribble writes: > Has anyone thought about the consequence of randomly picking a > remailing path instead of using the same one? It occurred to me > yesterday that randomly picked paths could reveal more information to > the remailer sites so that they could figure out the connection > between a pseudonym and the eventual destination pretty well. It's > just an intuition at this point, though. I assume Dean means that by analyzing some kind of characteristic of the message and enough of the routings, some "common factor" analysis might reveal the sender. This may be true in cases where the routing path is _visible_ (unencrypted at some or all nodes) to some or all of the remailer nodes. However, I think we all expect remailers to (eventually) have most or all of these properties: * All packets are encrypted to the public key of the remailer node: only the previous (n - 1) and next (n + 1) nodes in a remailer path are known to node n, except by collusion between remailers. * Some number of incoming messages are collected together before remailing in an order that gives no clues about the order received, e.g., lexicographic order. (I realize that at this stage of experimentation, such "accumulation" may not be practical.) * The remailer node n should "forget" the connection between incoming and outgoing paths. The Chaum "digital mix" idea, when implemented with tamper-resistant hardware, means a remailer can explicitly keep no record of the incoming and outgoing paths, making collusion at a later time (perhaps demanded by authorities) unproductive. * The tamper-resistant, fully-automated nature is very important. Running remailers on insecure boxes, or large Unix machines at corporate and university sites, is not a long-term situation! * Each originator of a piece of mail should, ideally, also operate a remailing service (at least at some low level). This will allow any message "traced back" (somehow) to a person to be "deniable"..."But I didn't write that message, I just remailed it! And, no, my remailer box doesn't keep any records." * Payment for remailing services can be done in several ways. Eventually, digital money can be used. A more immediately doable scheme may to use the equivalent of "stamps." Since "digital stamps" is confusing, call it "digtial postage." It may work as follows: -Tim's Remailing Service sells "rolls" (lists) of 50-digit numbers (large enough to make guessing unproductive) for perhaps $0.29 per number. Each number is a "promise to remail" for some typical-sized message, with more stamps needed for longer messages. - No crypto protocols are really needed. Forgery by copying is handled by simply saying that the first use of number is the only use...the buyer of numbers must keep his numbers secure (at his site, and in the remailing chain). The seller of numbers (e.g., Tim's Remailing Service) is not likely to try to cheat purchasers of stamps by denying he issued them (by standard reputation-based systems, independent auditing services, etc.). * Return envelopes can be handled by enclosing prepaid envelopes as part of the message. (No record need be kept of the path, obviously, as the return path through a web of remailers is independent of the initial path.) * It is very likely--almost certain, in fact--that various remailing services will have have various policies, prices, reputations, etc. Some will be cheap-but-not-secure, others will be secure-but-slow, and so on. As our "Crypto Game" revealed so clearly last September at our first Cypherpunks meeting, some remailer sites will be "narcs," some will sell their knowledge to others, and so on. This is to be expected, especially given that we will be operating in a nearly pure anarchocapitalist situation, with no "enforcement" by authorities...fortunately, free markets are quite efficient in correcting such problems (the topic of another essay, perhaps). But such a market will allow a user to select a remailing path, known only to him (if collusion is avoided, and if the remailers have the robust properties mentioned already). I mention these robust properties--what we can call the "ideal remailer"--because some of the existing or planned remailers do various "non-ideal" things, like keep logs of all mail, run on nonsecure machines, don't have strong encryption, and so on. These imperfect remailers are still useful, especially at this early, experimental stage. And they may exist even after more ideal remailers come into use. Of course, there "market value" is likely to be fairly low... The robust, ideal remailers are what we should be shooting for. And I think we're making amazingly fast progress. -Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | PGP Public Key: by arrangement. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: k.campbell14@genie.geis.com Date: Sun, 17 Jan 93 09:12:47 PST To: cypherpunks@toad.com Subject: No Subject Message-ID: <9301171714.AA14822@relay1.geis.com> MIME-Version: 1.0 Content-Type: text/plain i want to join the revolution. return to bablon. appreciated... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Sun, 17 Jan 93 10:53:20 PST To: CYPHERPUNKS Subject: Poor Man's Cash. Message-ID: <930117184744_74076.1041_DHJ40-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain Tim May's message about remailers mentioned the possibility of a simple way of handling digital postage. This can be extended to be a replacement for digital cash which doesn't use any cryptography. As in Tim's suggestion, the "banker" (or "money changer" in the model I described yesterday) simply creates 50-bit numbers, each of which is a "piece of digital cash". The banker keeps a list of the specific numbers that are circulating. When someone presents one for payment, he checks to see if the number is on the list. If so, he honors it and then removes it from the list. As with regular digital cash, withdrawers keep the numeric values secret. Nobody can forge the cash because no one can create numbers which are on the banker's (secret) list. There are two problems with this system. The first is that there is no way for the seller in a seller/buyer transaction to verify that the random 50-bit numbers the buyer is offering him are actually valid pieces of digital cash. The only thing he could do is to send them to the bank and have the bank report back as to whether they are valid or not. But in at least the simpler cryptographic protocols, the same problem exists. In those protocols, it may be possible to use digital signatures to recognize that a particular piece of cash originally came from the bank, but you still have the problem that this cash may have been "spent" before. Digital cash can be reproduced trivially, so any seller must again check with the bank to make sure that the cash he is offered is still valid. (More complex schemes are intended to allow "incrimination" of a buyer who reuses cash, but I feel that they have problems as well.) So this problem is no worse than at least the simpler cryptographic schemes. The other problem is that this cash is not anonymous. When a seller sends in some cash he received from a buyer, the banker can recognize which buyer that cash came from. But there are several reasons why this might not be as bad as it seems. First, the buyer and seller may themselves be anonymous to the bank. The bank may know them only through an anonymous address of the type we have been discussing here. So, at best, the banker could deduce things like "account 1234 seems to be buying a lot from account 5678." This is not a direct loss of anonymity. Second, our own paper cash already has this problem, through the serial numbers printed on each bill. Although this is used occasionally by law enforcement to track criminals, it is not considered in general to be a threat to anonymity. And third, the banker could have a policy of not remembering which buyer received each outgoing digital cash number. This could be done by having the banker publicize the software which he is running, so that people can see that these records are not being kept, along with occasional audits by some third party to verify that the banker is actually running that software. There would still be an element of trust involved, but trust will always be a part of such relationships, and reputations will be important. This "poor man's digital cash" is not that interesting technically, because no cryptography is involved. But it does provide most of the features of crypto-cash, and it does so in a manner which is easy to understand and explain. It also violates no one's patents, so it would be that much easier to start experimenting with it safely. Hal From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Sun, 17 Jan 93 10:53:24 PST To: CYPHERPUNKS Subject: Crypto trading cards. Message-ID: <930117184802_74076.1041_DHJ40-2@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain Giving a little more thought to the idea of buying and selling digital cash, I thought of a way to present it. We're buying and selling "cryptographic trading cards". Fans of cryptography will love these fascinating examples of the cryptographic arts. Notice the fine way the bit patterns fit together - a mix of one-way functions and digital signatures, along with random blinding. What a perfect conversation piece to be treasured and shown to your friends and family. Plus, your friends will undoubtedly love these cryptographic trading cards just as much. They'll be eager to trade for them. Collect a whole set! They come in all kinds of varieties, from the common 1's, to the rarer 50's, all the way up to the seldom-seen 1000's. Hours of fun can be had for all. Your friendly cryptographic trading card dealer wants to join the fun, too. He'll be as interested in buying your trading cards back as in selling them. Try this fascinating and timely new hobby today! Hal From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Sun, 17 Jan 93 20:48:33 PST To: CYPHERPUNKS Subject: Return envelopes. Message-ID: <930118044221_74076.1041_DHJ53-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain I looked at Eric Messick's improved ideas for remailing with digital postage, and they look pretty good. I think it's especially good that Eric has been able to show that anonymous addresses can be used by more than one person without being incriminating. But there is still an attack which they are vulnerable to, which Eric mentions. The "Pneed" field of the anonymous address has information about the postage amounts which will be needed by each remailer in the chain. (But it doesn't reveal which specific remailers to use, of course.) It also has public keys to encrypt these amounts with, which are matched by secret keys hidden in the encrypted address. But the remailers themselves each see their corresponding postage secret keys as they process the message. This means that they know which envelope was used to send each message. That means that each remailer can find out if it is part of a given anonymous address, and it can find out what remailers are before and after it in the chain. It is especially unnerving that the last remailer in the chain can learn this information, as it will see your true address. The one consolation is that it won't _know_ that it is the last remailer in the chain, so it won't realize that it has actually broken the code and is seeing the true correspondance between the anonymous address and the real address. But if most anonymous addresses only go through no more than a handful of remailers, say 10, then that remailer must figure that it has at least a 10% chance of having "broken" your address. This degree of information is more than I would like to have revealed about my anonymous address. Based on this, I would be inclined to use non-postage-charging remailers. But even the non-postage remailers have the same flaw using Eric's protocol. Each remailer sees the "clear text" of the message M being passed along. If a remailer sent the message in the first place, it created M, so if it then sees message M come through later, it again knows the correspondance between an anonymous address and its own forwarding activities. Chaum's scheme avoided this problem by having M get encrypted at each point. Using Eric's notation, an anonymous address might be: Addr: &Z, z, z(&R, r, A, r(junk)) The new addition is A, a random conventional key. Z gets sent: To: &Z Addr: z(z(&R, r, A, r(junk)), pad) Message: z(M, pad) This is just like Eric's example. What Z sends is: To: &R Addr: r(r(junk), pad) Message: r(A(M), pad) The new feature is that Z encrypted M with A as it passed through. In this case we only had a one-step anonymous address, but if there were more than one step, each would use a different conventional key A, B, C, .... This way even a remailer which created M wouldn't recognize it when it passed through after at least one step. Using this idea along with Eric's idea of random padding and double encryption at each step, we have multiple-use return addresses for which no information can be learned at any point about the correspondence between anonymous and real addresses, as long as the return addresses use at least two hops. Hal From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jay Prime Positive Date: Mon, 18 Jan 93 21:47:16 PST To: CYPHERPUNKS@toad.com Subject: Poor Man's Cash -> Poor Man's Wallet Message-ID: <9301182145.aa03856@hermix.markv.com> MIME-Version: 1.0 Content-Type: text/plain From: jpp@hermix To: CYPHERPUNKS@TOAD.COM In-reply-to: Hal's message of 17 Jan 93 13:47:45 EST <930117184744_74076.1041_DHJ40-1@CompuServe.COM> Subject: Poor Man's Cash -> Poor Man's Wallet Here is a minor change which can be used with the Poor Man's Cash protocol to increase the burden on banks which wish to trace transactions. I will call it Poor Man's Wallet protocol. Rather than maintain accounts, have the bank maintain only a map from bills to values. The bank will support three kinds of transactions: Combine, Split, Validate. To check that a bill is good, I ask the bank to VALIDATE b1. It responds with v and b2. V is the value of b1, and b2 is a new bill that has the value of b1 (- bank fee). (Naturaly the new value of b1 will be 0.) Worthless bills b1 could result in either a b2 with a value of 0 (thus issueing a new 0 worth bill) or with no bill at all. To add money to my wallet, I ask the bank to COMBINE a bill b1 from somewhere else, to a bill b2 from my wallet. Both b1's and b2's value get zeroed, and a new bill b3 with value = to v(b1) + v(b2) (- bank fee) is returned to me. To break a bill down to more convinient sizes (perhaps when I wish to pay some one), I ask the bank to SPLIT a bill b1 into b2 and b3, where v(b3) = v(b1) - v(b2) (- bank fee). It may be better (as far as anonymity goes) to require the bank fees be paid with a seperate bill. It will be better to have many banks, and to have the banks each validate bills of other banks. Since in this case your anonymity is the maximum of the anonymities of the chain of banks involved. j' From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peter honeyman Date: Mon, 18 Jan 93 20:29:00 PST To: rusty_h._hodge@uunet.uu.net Subject: Re: possible solution to the anonymous harrassment problem In-Reply-To: <1993Jan14.123843.1227@horizon.amgen.com> Message-ID: <9301190428.AA18683@toad.com> MIME-Version: 1.0 Content-Type: text/plain > >for example, i can send postal mail with high confidence > >of anonymity, and can make anonymous phone calls (with care, > >e.g., by using phone booths and moving around). > > What about that little old ladie that watches the PO Box and Phone Booth > from her window? What about the postman who sees you place the letter in > the mailbox? like i said, with care. just as i have to be careful that my sys admin isn't snoopy. but that's not my point. if you do exercise care, you can send anonymous mail, just like you can communicate anonymously with other media (if you are careful). remailers institutionalize anonymity, nothing more. > >privacy and honesty are orthogonal. > > I've often accidentially overheard things I wasn't suppost to. If people > were totally honest, we wouldn't need such good encryption... if your point is that dishonesty makes privacy necessary, i agree. but i do *not* agree that total honesty makes privacy unnecessary. peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "DrZaphod" Date: Tue, 19 Jan 93 07:32:36 PST To: CypherPunks@toad.com Subject: This Honesty Thing Again Message-ID: <25637.drzaphod@ncselxsi> MIME-Version: 1.0 Content-Type: text/plain In Message Thu, 14 Jan 1993 12:38:43 PST, horizon.amgen.com!Rusty_H._Hodge@netcomsv.netcom.com writes: > If people were totally honest, we wouldn't need such good encryption... I think we've gone over this b4. DrZaphod [AC/DC] / [DnA][HP] [drzaphod@ncselxsi.uucp] Technicolorized From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Daniel Ray Date: Tue, 19 Jan 93 16:35:51 PST To: cypherpunks@toad.com Subject: Re: need for more anon remailer sites Message-ID: <9301190731.AA07288@tnl.com> MIME-Version: 1.0 Content-Type: text/plain > >I suggest using a dictionary to come up with "names" of anonymous users: > >aback >abacus >abalone >abandon >abase >abash >abate >abater >abbas >... > >You could pick them in random order, or sequentially. > > ... > John Gilmore > certainly dictionary words are good, randomly, not in sequential order. But also usernames such as cs135 and anything else. The point is not to form any pattern distinguishable from the actual distribution of usernames in the real world. So some would even look like univ. course accounts, even with a couple "anon"-looking usernames thrown in! an analysis of actual usernames should be in order for this, and the actual types and probabilities.... in other words, take this situation full throttle! and of course, we need not give up our legal rights to use email. but we must, IN ADVANCE, be prepared and be already fully set for anything! dan From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Daniel Ray Date: Tue, 19 Jan 93 16:34:37 PST To: cypherpunks@toad.com Subject: no to DES Message-ID: <9301190748.AA07434@tnl.com> MIME-Version: 1.0 Content-Type: text/plain Maybe the general swing of some of you is to go with the "safer" RIPEM since it is less legally contested... But I won't trust it til it uses IDEA or triple DES or something much sounder than a 56 bit cipher. It is just too likely that this is readable by our big brother Nat Samuel Adams. dan From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Daniel Ray Date: Tue, 19 Jan 93 16:34:46 PST To: cypherpunks@toad.com Subject: Re: random remailers Message-ID: <9301190827.AA08003@tnl.com> MIME-Version: 1.0 Content-Type: text/plain >... >A difficult question to be sure. That's why I advocate giving the >choice to the user. > >-eric messick > DEFINATELY! Have a good, redundant system in place. Then let the chips--the users--and the usage--fall where it may... This makes things far more complex than any singularly organized method. dan From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Daniel Ray Date: Tue, 19 Jan 93 16:36:16 PST To: cypherpunks@toad.com Subject: Re: more on security/obscurity/reality Message-ID: <9301190839.AA08188@tnl.com> MIME-Version: 1.0 Content-Type: text/plain > >While what you say is certainly true, it won't survive any kind >of detailed attack. I'm all for the sentiment, but while there >are so many mundane things going on round about, the best way to >remain undetected is to remain undecipherable and to make sure >that there is enough traffic about of the same sort. Press for >encipherment of e-mail, that way, if everybody is doing it, who's >to know what the underworld is doing? This is especially useful >if you are not actually interested in violent revolution. You can >then convince the powers that be that you are not worth >monitoring. > >regards > >Tony this is dead on true. the whole problem of all this is our "transition period" until encryption is matter-of-course. and the possibility that serious opposition will actually arise to delay that day even further. once everyone does it, most of (but not all of) the special contingencies are unnecessary. what I am trying to address is how things are now, and how they may change one way, or another. and to find the best multi-solution for most of these possibilities....until that happy day you speak of. dan From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pmetzger@shearson.com (Perry E. Metzger) Date: Tue, 19 Jan 93 08:40:09 PST To: cypherpunks@toad.com Subject: Re: possible solution to the anonymous harrassment problem Message-ID: <9301191535.AA05047@maggie.shearson.com> MIME-Version: 1.0 Content-Type: text/plain > From: Rusty_H._Hodge@horizon.amgen.com > > >for example, i can send postal mail with high confidence > >of anonymity, and can make anonymous phone calls (with care, > >e.g., by using phone booths and moving around). > > What about that little old ladie that watches the PO Box and Phone Booth > from her window? What about the postman who sees you place the letter in > the mailbox? Any postman who can distinguish your plain white envelope at a distance from the five thousand other plain white envelopes going into the mailbox likely has sufficient psychic powers that he doesn't need to watch at all. As for the compulsive payphone watchers, well, wear a disguise. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Tue, 19 Jan 93 11:36:09 PST To: Eric.Fogleman@analog.com (Eric Fogleman) Subject: Re: Q: What's happening in cryptography? In-Reply-To: <9301191846.AA21685@ack.adstest.analog.com> Message-ID: <9301191933.AA11035@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Eric Fogleman writes: > I'm interested in finding out what is currently happening in > cryptography. My (basement-level) knowledge of it has come from heavy > mathematics-oriented texts; these books and articles make it seem as > though all of the work in cryptography is done by Ph.Ds at > universities. I suspect that's not the whole story... Well, you're on this list now, so you'll hear about some things that are happening. You should also read sci.crypt for miscellaneous news and chitchat about crypto technology and policy. > Questions: > > - What companies, universities are doing work in cryptography? Are > there people who get paid to "do cryptography" that don't work for the > NSA? If so, where do they work? RSA Data Security, Cylink, BBN, GE, Trusted Information Systems, M.I.T., Berkeley, Stanford, Montreal, are just a few of the many companies and universities doing crypto work. The list is really too long to go into. Many crypto functions lie outside the domain of the NSA (though not necessarily by their choice!): computer security, ATM machines and banking networks, personal indentification systems, electronic documents, locks and keys, etc. > - Does cryptography fall under mathematics or computer science at most > universities? Some of each, and sometimes under Electrical Engineering. Number theory, elliptic functions, etc., is generally in math, while complexity theory, algorithm analysis, etc. is generally under CS. > - Are the real developments in cryptographic algorithms coming from the > universities, from companies or from cypherpunks? Again, a mixture. "Cypherpunks" cannot claim, yet, to have had any breakthroughs. Perhaps someday. > - Any suggestions on what to read, who to talk to, what to experiment > with to move up from basement-level knowledge of cryptography? 1. This list and its FAQ (coming soon). 2. sci.crypt 3. The several articles on crypto that have appeared in IEEE Spectrum, Communications of the ACM, Scientific American, and so on. Use your library's resources to find them. 4. More than a dozen good crypto books exist. One recent one, "Contemporary Cryptology," edited by Gus Simmons, has good review articles in many of the new areas. Good luck. -Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | PGP Public Key: by arrangement. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Fogleman Date: Tue, 19 Jan 93 10:48:46 PST To: cypherpunks@toad.com Subject: Q: What's happening in cryptography? Message-ID: <9301191846.AA21685@ack.adstest.analog.com> MIME-Version: 1.0 Content-Type: text/plain I'm interested in finding out what is currently happening in cryptography. My (basement-level) knowledge of it has come from heavy mathematics-oriented texts; these books and articles make it seem as though all of the work in cryptography is done by Ph.Ds at universities. I suspect that's not the whole story... Questions: - What companies, universities are doing work in cryptography? Are there people who get paid to "do cryptography" that don't work for the NSA? If so, where do they work? - Does cryptography fall under mathematics or computer science at most universities? - Are the real developments in cryptographic algorithms coming from the universities, from companies or from cypherpunks? - Any suggestions on what to read, who to talk to, what to experiment with to move up from basement-level knowledge of cryptography? Thanks... Eric Fogleman From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: shipley@tfs.COM Date: Tue, 19 Jan 93 20:57:02 PST To: deltorto@aol.com Subject: Re: Who Me? Paranoid? Naaaah... In-Reply-To: <9301192229.tn56425@aol.com> Message-ID: <9301200455.AA17238@edev0.TFS> MIME-Version: 1.0 Content-Type: text/plain >Hmmmm... > >I'm beginning to wonder if we shouldn't someday be able to run public email >in a sort of "parallel universe," an entirely separate mail system complete >with built-in RSA encryption on every piece of mail. That way, we would no >longer rely on the Internet, which, unless I am completely off the mark, >basically still exists at the pleasure of ARPA and could be completely >infiltrated and controlled by the NSA for all we know. Personaly (mostly before pgp) I used to set up direct uucp connections to people I *had* have secure email with (I once had some sensitive email intercepted thus causing *much* trouble for me). Since alot of my friends have unix boxes (Sun/SCO/386bsd/etc...) uucp is alot easer. -Pete PS: If anyone wants a uucp connection send me email PPS: once I get my sendmail.cf cleaned up I can add people to my domain and I will set up a remailer. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: deltorto@aol.com Date: Tue, 19 Jan 93 19:32:35 PST To: cypherpunks@toad.com Subject: Who Me? Paranoid? Naaaah... Message-ID: <9301192229.tn56425@aol.com> MIME-Version: 1.0 Content-Type: text/plain Hmmmm... I'm beginning to wonder if we shouldn't someday be able to run public email in a sort of "parallel universe," an entirely separate mail system complete with built-in RSA encryption on every piece of mail. That way, we would no longer rely on the Internet, which, unless I am completely off the mark, basically still exists at the pleasure of ARPA and could be completely infiltrated and controlled by the NSA for all we know. Along similar lines, has anyone heard the latest status on the gigabytes of email generated by the Bush White House which are currently in danger of being erased before anyone can get a peek at them? Imagine the damning evidence that exists in those documents! I had heard something about a voluntary freeze on the erasure until the matter can be decided in some Federal Court, but that strikes me like suing your local City Government in Municipal Court after being hit by a Municipal Bus - Bush's cronies will probably invoke some executive priviledge and weasel off with 'em. I wonder if such stuff will ever be released under the Freedom of Information Act (probably not in our lifetimes, but just the threat would make me happy)? Hey, a guy can _dream_ can't he? dave From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@pmantis.berkeley.edu Date: Wed, 20 Jan 93 00:13:14 PST To: cypherpunks@toad.com Subject: ILF Brings You Gilmore in Sci Am Message-ID: <9301200813.AA13985@pmantis.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain The Information Liberation Front brings you this article from the February, 1993 "Scientific American." Electronic Envelopes? The uncertainty of keeping e-mail private Recent legislative efforts to mandate remote wiretapping attachments for every telephone system and computer network in the U.S. may have been the best thing that ever happened for encryption software. "We have mostly the FBI to thank," says John Gilmore of Cygnus Support in Palo Alto, Calif. Gilmore is an entrepreneur, hacker and electronic civil libertarian who helped to found the Electronic Frontier Foundation (EFF). He is now watching closely the development of two competing techniques for keeping electronic mail private. As matters now stand, computers transmit messages from one user to another in plain text. If a geneticist m Boston sends e-mail to a molecular biologist in San Diego, any of the half a dozen or so intermediary machines that forward the letter could siphon off a copy- -and so could any of the dozens of workstations that might be attached to the local-area network at the sender's or recipient's university or company. The Electronic Privacy Act of 1986 prohibits snooping by public e- mail carriers or law-enforcement officials, except by court order. Nevertheless, many people are becoming uncomfortable with the electronic equivalent of mailing all their correspondence on postcards and relying on people to refrain from reading it. They are turning to public-key encryption, which allows anyone to encode a message but only the recipient to decode it. Each user has a public key, which is made widely available, and a closely guarded secret key. Messages encrypted with one key can be decrypted only with the other, thus also making it possible to "sign" messages by encrypting them with the private key [see "Achieving Electronic Privacy," by David Chaum; SCIENTIFIC AMERICAN, August 1992]. Two programs--and two almost diametrically opposed viewpoints embodied in them--are competing for acceptance. Privacy Enhanced Mail (PEM) is the long-awaited culmination of years of international standard setting by computer scientists. Pretty Good Privacy (PGP) is a possibly illegal work of "guerrilla freeware" originally written by software consultant Philip Zimmermann. The philosophies of PEM and PGP differ most visibly with respect to. key management, the crucial task of ensuring that the public keys that encode messages actually belong to the intended recipient rather than a malevolent third party. PEM relies on a rigid hierarchy of trusted companies, universities and other institutions to certify public keys, which are then stored on a "key server" accessible over the Internet. To send private mail, one asks the key server for the public key of the addressee, which has been signed by the appropriate certification authorities. PGP, in contrast, operates on what Zimmermann calls "a web of trust": people who wish to correspond privately can exchange keys directly or through trusted intermediaries. The intermediaries sign the keys that they pass on, thus certifying their authenticity. PGP's decentralized approach has gained a wide following since its initial release in June 1991, according to Hugh E. Miller of Loyola University in Chicago, who maintains an electronic mailing list for discussion among PGP users. His personal "keyring" file contains public keys for about 100 correspondents, and others have keyrings containing far more. As of the end of 1992, meanwhile, a final version of PEM had not been officially released. Gilmore, who subscribes to the electronic mailing list for PEM developers, says he has seen "only five or 10" messages actually encrypted using the software. Although PGP's purchase price is right--it is freely available over the Internet and on electronic bulletin boards throughout the world--it does carry two liabilities that could frighten away potential users. First, U.S. law defines cryptographic hardware and software as "munitions." So anyone who is caught making a copy of the program could run afoul of export-control laws. Miller calls this situation "absurd," citing the availability of high-quality cryptographic software on the streets of Moscow. Worse yet, RSA Data Security in Redwood City, Calif., holds rights to a U.S. patent on the public-key encryption algorithm, and D. James Bidzos, the company's president, asserts that anyone using or distributing PGP could be sued for infringement. The company has licensed public-key software to corporations and sells its own encrypted-mail package (the algorithm was developed with federal support, and so the government has a royalty-free license). When Bidzos's attorneys warned Zimmermann that he faced a suit for developing PGP, he gave up further work on the program. Instead PGP's ongoing improvements are in the hands of an international team of software developers who take advice from Zimmermann by e-mail. The U.S. is the only nation that permits the patenting of mathematical algorithms, and so programmers in the Netherlands or New Zealand apparently have little to fear. U.S. residents who import the program could still face legal action, although repeated warnings broadcast in cryptography discussion groups on computer networks have yet to be superseded by legal filings. Meanwhile, Gilmore says, the only substantive effect of the patent threat is that development and use of cryptographic tools have been driven out of the U.S. into less restrictive countries. --Paul Wallich -- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Tue, 19 Jan 93 21:29:07 PST To: deltorto@aol.com Subject: Re: Who Me? Paranoid? Naaaah... In-Reply-To: <9301192229.tn56425@aol.com> Message-ID: <9301200528.AA23701@portnoy.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain >> That way, we would no longer rely on the Internet, which, unless I am >> completely off the mark, basically still exists at the pleasure of >> ARPA and could be completely infiltrated and controlled by the NSA for >> all we know. You are completely off the mark. Much of the Internet is privately owned and controlled, and most of what is government controlled (including the backbone) is controlled by the NSF, not DARPA. What is military controlled is essentially an island. None of our packets traverse that part of the net. (Of course, the NSA could still be watching our packets, and there is much speculation that they actively do so on international links. But the domestic links are not owned by the DoD directly.) And what parallel universe would you use. The Telcos? The FBI wiretap proposal should show you how good an idea that is. Unless you want to run your own physically secure wire (intractable), you need encryption, so you might as well use the Internet. Even if it is NSA-controlled, which I doubt. Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Wed, 20 Jan 93 00:04:41 PST To: CYPHERPUNKS Subject: Digital cash legality... Message-ID: <930120075819_74076.1041_DHJ46-2@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain Continuing my research on the legality of digital cash... I found something interesting. As I posted before, one of the obstacles to free printing of private bank notes is a 10% per year tax on the circulation of bank notes from state-chartered banks. This law took effect on July 1, 1866. According to "Monetary Decisions of the Supreme Court", by Dunne, "The tax has become a permanent fixture in federal law. Its latest form is sections 4881-4886 of the Internal Revenue Code of 1954." That book is a little old, so I went tonight to look up these sections of the 1992 IRC. They don't exist. There is a note saying: "Prior sections 4881 to 4886, Act Aug. 16, 1954, c. 736, 68A Stat. 587-589, imposed a tax on the circulation of banks. "Repeal effective on the first day of the first month which begins more than 90 days after Oct. 4, 1976." So, it appears that these provisions have been repealed! It's possible that the same requirement has been re-enacted in some other form, but I looked around a bit in the index and contents and although there are many unusual taxes I could not find anything similar to this. ----- I also got an email suggestion to look up the codes related to barter exchanges. It does appear that many of these suggestions for digital cash could be construed to be covered by such laws. Here is an excerpt from the Code of Federal Regulations, 1.6045-1(f5): "(i) A credit is an amount on the books of the barter exchange that is transferable from one member or client of the barter exchange to another such member or client, or to the barter exchange, in payment for property or services; "(ii) Scrip is a token issued by the barter exchange that is transferable from one member or client of the barter exchange to another such member or client, or to the barter exchange, in payment for property or services; and "(iii) Property does not include a credit or scrip." The "credit" provision seems to cover "digital checking accounts", and the "scrip" definition seems to cover digital cash. A barter exchange itself is defined in 1.6045-1(a): "(4) The term 'barter exchange' means any person with members or clients that contract either with each other or with such person to trade or barter property or services either directly or through such person. The term does not include arrangements that provide solely for the informal exchange of similar services on a noncommercial basis." Even though the crypto banker/money-changer may not be trading property or services (just exchanging scrip for dollars), the larger system composed of the banker and the users of digital cash (who presumably are buying and selling property and services from each other using the cash/scrip) seems to match this definition pretty closely. I noticed the exception for noncommercial use, but the only example they give is for people in a carpool, who exchange the service of driving each other to work. It's not clear whether a digital cash money exchange, even if not operated for profit, would qualify. If you are a barter exchange, and there are more than 100 transactions occuring per year, you have to keep the taxpayer ID number of all the customers on file, and send them all a form 1099 describing their transactions and the market value of the transfers, as well sending information directly to the IRS. This doesn't sound like it will lead to much anonymity, crypto or otherwise. Hal 74076.1041@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: norm@xanadu.com (Norm Hardy) Date: Wed, 20 Jan 93 17:56:08 PST To: cypherpunks@toad.com Subject: Communications Policy Message-ID: <9301210133.AA08802@xanadu.xanadu.com> MIME-Version: 1.0 Content-Type: text/plain I hear concern over privacy and also over erasure of White House tapes. I pose the following question: Should an institution have the right to private communication? Is the White House an institution? Notice that I say "should" not "does". Which sort of world would you rather live in. I have mixed feelings. If we say that all computer communications should be accessible to courts then the effect will be to displace some communications from computers. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Thu, 21 Jan 93 00:33:49 PST To: cypherpunks@toad.com Subject: Re: Communications Policy In-Reply-To: <9301210133.AA08802@xanadu.xanadu.com> Message-ID: <9301210830.AA21995@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Norm Hardy raises an important issue: > I hear concern over privacy and also over erasure of White House tapes. > I pose the following question: Should an institution have the right > to private communication? Is the White House an institution? > Notice that I say "should" not "does". > Which sort of world would you rather live in. I have mixed feelings. > If we say that all computer communications should be accessible to courts > then the effect will be to displace some communications from computers. Individuals, corporations, clubs, and perhaps even government agencies should have the right to secure and private communications. The only caveat with the "perhaps" for the government is that it, in theory, belongs to "us." I find it unsettling when people of one political party are screaming for access to the private diaries and papers of members of the other party. Citing Ollie North's crimes is no excuse. If e-mail records are automatically seized and subject to archiving and dissection, then e-mail just won't be used. Historians are already becoming apoplectic at the vanishing of written records, letters, notes, and the like...this may reduce even electronic records. Strong crypto means even Ollie North can fully protect his records. (Of course, he presumably already had access to reasonably strong crypto, had he chosen to use it. And his e-mail was uncovered through the very common method of finding the archived copies of IBM's "PROFS" e-mail system kept by sysadmins. Sort of like the archives being kept by some of the so-called anonymous remailers!) -Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | PGP Public Key: by arrangement. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: david.brooks@cutting.hou.tx.us (David Brooks) Date: Thu, 21 Jan 93 04:04:28 PST To: cypherpunks@toad.com Subject: PGP on BBS Message-ID: <10417.143.uupcb@cutting.hou.tx.us> MIME-Version: 1.0 Content-Type: text/plain I have been mulling over the idea of a BBS door which allows users to send PGP encrypted messages to other users using a system pubkey file. The implimentation seems easy enough except for the problem of the secret key. I don't see a way to do it without the sender having to transfer (at least temporarily) his secret key to the host system. Obviously no one in his right mind would ever consider doing such a thing. Has this kind of a program been tried before? If so, how? If not, does anyone have any ideas? Seems to me it would be a handy door for a BBS to have, but not at the expense of compromised privacy... David david.brooks@cutting.hou.tx.us * Q-Blue v0.7 [NR] * ---- +---------------------------------------------------------------------+ | The Cutting Edge BBS (cutting.hou.tx.us) A PCBoard 14.5a system | | Houston, Texas, USA +1 713 466 1525 running uuPCB | +---------------------------------------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 21 Jan 93 08:14:31 PST To: david.brooks@cutting.hou.tx.us Subject: PGP on BBS In-Reply-To: <10417.143.uupcb@cutting.hou.tx.us> Message-ID: <9301211612.AA01687@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain The scenario David Brooks outlines is extremely common: one host computer providing information services to another computer which acts as a terminal. This may be a BBS, Compuserve, Lexis, or any number of other services. If there exists an implementable mechanism which does not require trust of the host, then it should be implemented. In the case of cryptography, this means that secret information should not be transmitted to the host. Hence all operations which use secret information must be performed on the terminal computer. These operations include session key generation and signing of messages. The solution is cooperative processing systems, where both the host and the terminal cooperate to perform some task. Unfortunately, there is precious little software infrastructure to support such a development. Terminal programs on PC's are still for the most part acting as dumb terminals, with the notable exception of file transfer protocols such as zmodem. I believe that cooperative communication software will be necessary for widespread use of cryptography--not just pleasant, but a precondition to large scale deployment. Although this topic is not directly related to cryptology, it is certainly appropriate for discussion on this list. It is the cypherpunk goal for widespread use of crypto by the masses, and the exact nature of the infrastructure necessary for that task should be debated, then implemented, then deployed. Onward. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl L. Barrus Date: Thu, 21 Jan 93 06:15:39 PST To: david.brooks@cutting.hou.tx.us Subject: PGP on BBS In-Reply-To: <10417.143.uupcb@cutting.hou.tx.us> Message-ID: <9301211414.AA02759@tree.egr.uh.edu> MIME-Version: 1.0 Content-Type: text/plain David Brooks writes: > I have been mulling over the idea of a BBS door which allows users to >send PGP encrypted messages to other users using a system pubkey file. The >I don't see a way to do it without the sender having to transfer (at least >temporarily) his secret key to the host system. Obviously no one in his Well, you could always allow the users to download the public key file and do the encryption on their home machine, and then upload the mail file. That way their secret key stays off the BBS... /-----------------------------------\ | Karl L. Barrus | | barrus@tree.egr.uh.edu (NeXTMail) | | elee9sf@menudo.uh.edu | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 21 Jan 93 08:38:55 PST To: cypherpunks@toad.com Subject: random remailers In-Reply-To: <9301160118.AA14215@toad.com> Message-ID: <9301211636.AA02255@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >> Has anyone thought about the consequence of randomly picking a >> remailing path instead of using the same one? >what if the remailer flips a coin, choosing between final delivery >and remailing through another of its ilk. "message delivery with >probability one ..." This is an excellent suggestion. I have to think about the mathematical properties some more, but a few spring to mind. Assume, for discussion, that there is constant probability of delivery at each hop, say p. First, the expected number of hops is 1/p. To see this just sum the following series. $ E(p) = \Sum_{n=1}^{\infinity} n p (p-1)^{n-1} $ Thus the syntax for routing can be extremely simple, just specifying the expected number of hops wanted. If you want to have guaranteed minimum delivery, you can manually route through a few hops, then randomize. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 21 Jan 93 08:44:20 PST To: cypherpunks@toad.com Subject: possible solution to the anonymous harrassment problem In-Reply-To: <9301151918.AA06316@toxicwaste.MEDIA.MIT.EDU> Message-ID: <9301211642.AA02369@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >If you read closer, you will see that >you need "special permission from RSADSI" to use non-published >interfaces to RSAREF. I asked Jim Bidzos about this last Friday. He states that the purpose of this clause is to avoid the situation where modifications to the package decrease its cryptographic security. I gather that such special permission should not be too hard to get. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tribble@xanadu.com (E. Dean Tribble) Date: Thu, 21 Jan 93 09:21:13 PST To: uunet!penet.FI!julf@uunet.UU.NET Subject: Communications Policy In-Reply-To: <9301211119.aa20785@penet.penet.FI> Message-ID: <9301211642.AA10997@xanadu.xanadu.com> MIME-Version: 1.0 Content-Type: text/plain Date: Thu, 21 Jan 93 11:38:45 +0200 From: Johan Helsingius > by some of the so-called anonymous remailers!) Hmmmm.... I find the accusation about anonymous remailers pretty strong. If you have proof of stuff like that happening, or even reasonable cause for suspicions, I feel the accusations and names of the sites should be published as widely as possible. That is the only way we can stop such unethical behavior. The service of anonymous remailing is separate from the the guaranteed anonymity of a remailers that don't keep logs. You'll note that the remailing aspects can be observed externally, whereas guaranteeing that logs are not being kept is extremely hard. One remailer operator I know keeps logs because you have to assume that everyone keeps logs, and try to be secure anyway. You can be sure that the NSA remailers will keep logs :-) The right thing to do is run a remailer of your own, and send everything encrypted through remailers, etc. dean From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 21 Jan 93 08:48:34 PST To: cypherpunks@toad.com Subject: RIPEM vs PEM In-Reply-To: <930115175946_74076.1041_DHJ57-1@CompuServe.COM> Message-ID: <9301211646.AA02423@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Hal writes: >A remailer that wanted to charge, such as the ones that >Eric Messick is discussing, would probably have to license the technology >from PKP directly to be legal. A note on licensing: PKP is the holder of the patents. The Partners are RSA Data Security, Cylink, MIT, and Stanford. PKP has a staff of two. RSADSI is also entitled to license the technology. Most people go through them. IBM dealt with PKP directly, evidently. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 21 Jan 93 08:52:29 PST To: cypherpunks@toad.com Subject: possible solution to the anonymous h In-Reply-To: <9301150739.AA02931@deathtongue.MIT.EDU> Message-ID: <9301211650.AA02533@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >I thought about this. The major problem is that once the PEM >beta-testing period ends, all keys must be registered with "approved" >(by RSA) central authorities. I highly doubt they'd issue >pseudonymous keys, but maybe they would allow someone to set up a >heirarchy especially for that purpose. I'm not convinced. I found out last Friday at the RSA conference that RSADSI itself is going to issue "persona" (i.e. no attempt to find out who it really is) certificates for free. That's right. No charge. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Fogleman Date: Thu, 21 Jan 93 05:57:24 PST To: norm@xanadu.com Subject: Re: Communications Policy Message-ID: <9301211355.AA27670@ack.adstest.analog.com> MIME-Version: 1.0 Content-Type: text/plain Responding to the following from Norm Hardy: > I hear concern over privacy and also over erasure of White House tapes. > I pose the following question: Should an institution have the right > to private communication? Is the White House an institution? > Notice that I say "should" not "does". > Which sort of world would you rather live in. I have mixed feelings. > If we say that all computer communications should be accessible to courts > then the effect will be to displace some communications from computers. Institutions -- individuals, groups of individuals, companies -- should have the right to private communication. (In terms of e-mail, this means that one knows where all copies of their letters are and has the power to erase them?) The right of government employees to private communication is limited by one important factor: many of these individuals are empowered to use force against citizens, and they responsibile for justifying the use of this force. (Examples of what I mean by force: arresting and putting people in jail, searching, seizing, impounding, levying taxes, wiretapping, shooting alleged criminals). Anyone given this kind of power has a heavy burden of proof and had better be able to prove beyond a shadow of doubt that their actions are justified. The burden should not be on individuals to constantly be open to scrutiny to demonstrate their innocence, but on those with the power to suspend individual rights. =================================================================== Eric Fogleman eric.fogleman@analog.com Analog Devices Semiconductor Voice: (617) 937-2275 804 Woburn Street Fax: (617) 937-2024 Wilmington, MA 01887-3462 =================================================================== From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tribble@xanadu.com (E. Dean Tribble) Date: Thu, 21 Jan 93 09:56:24 PST To: uunet!soda.berkeley.edu!hughes@uunet.UU.NET Subject: PGP on BBS In-Reply-To: <9301211612.AA01687@soda.berkeley.edu> Message-ID: <9301211702.AA11275@xanadu.xanadu.com> MIME-Version: 1.0 Content-Type: text/plain The solution is cooperative processing systems, where both the host and the terminal cooperate to perform some task. Unfortunately, there is precious little software infrastructure to support such a development. Terminal programs on PC's are still for the most part acting as dumb terminals, with the notable exception of file transfer protocols such as zmodem. What would the two systems be cooperating about? I'm not sure to what you are pointing. Although this topic is not directly related to cryptology, it is certainly appropriate for discussion on this list. It is the cypherpunk goal for widespread use of crypto by the masses, and the exact nature of the infrastructure necessary for that task should be debated, then implemented, then deployed. I of course map these suggestions into Joule (the language I'm developing). Does that resemble what you're thinking of? dean From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Thu, 21 Jan 93 09:19:04 PST To: cypherpunks@toad.com Subject: Re: Communications Policy In-Reply-To: <9301211119.aa20785@penet.penet.FI> Message-ID: <9301211716.AA27162@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Johan Helsingius writes: > Tim May writes: > > > crypto, had he chosen to use it. And his e-mail was uncovered through > > the very common method of finding the archived copies of IBM's "PROFS" > > e-mail system kept by sysadmins. Sort of like the archives being kept > > by some of the so-called anonymous remailers!) > > Hmmmm.... I find the accusation about anonymous remailers pretty strong. > If you have proof of stuff like that happening, or even reasonable cause > for suspicions, I feel the accusations and names of the sites should be > published as widely as possible. That is the only way we can stop > such unethical behavior. > > Julf (an0@anon.penet.fi) This was well-debated about a month or so back. Some remailers are archiving mail for debugging, others for legal protection (in case threats, blackmail, etc., used), and others are simply automatically archiving by site policies. In a note I wrote back then, which did not name the particular site involved, I reported that after sending a piece of "anonymous" mail, I got a letter of "support" for my position from the remailer operator! After I mentioned this to the Cypherpunks list, it came out that other sites were also keeping various forms of archives (for some or all of the reasons listed above). Anyway, such human-operated remailers, running on UNIX boxes in unsecure conditions, have many nonideal characteristics. -Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | PGP Public Key: by arrangement. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Thu, 21 Jan 93 09:58:24 PST To: cypherpunks@toad.com Subject: Re: Communications Policy (fwd) Message-ID: <9301211755.AA27771@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain After sending the attached message to Johan Helsingius, I decided it might be of general interest to the Cypherpunks list. It's a message I sent out in December, originally, and which got debated. Johan's concern about my "accusations" suggests there may be enought newcomers to the list to justify republication of posts. --Tim From: tcmay (Timothy C. May) Subject: Re: Communications Policy To: julf@penet.FI (Johan Helsingius) Date: Thu, 21 Jan 93 9:49:00 PST > > e-mail system kept by sysadmins. Sort of like the archives being kept > > by some of the so-called anonymous remailers!) > > Hmmmm.... I find the accusation about anonymous remailers pretty strong. > If you have proof of stuff like that happening, or even reasonable cause > for suspicions, I feel the accusations and names of the sites should be > published as widely as possible. That is the only way we can stop > such unethical behavior. Johan, Attached below is the message I sent to the Cypherpunks list in December, about remailers keeping logs. As I said in my message today to the list, there was a debate about this, and an admission by several remailers that they keep archives. From: tcmay@netcom.com (Timothy C. May) Message-Id: <9212140649.AA12228@netcom.netcom.com> Subject: A minor experimental result To: cypherpunks@toad.com Date: Sun, 13 Dec 92 22:49:45 PST One of the purposes of setting up remailers is to experiment with them, see what kind of emergent behavior appears, see what kind of flaws and obstacles arise, see how they break, etc. Here's one: the compromise of my "anonymity" by one of the folks running a remailer. (Who and where don't matter, just the phenomenon itself.) I used a single bounce without any encryption to send a message and got a query from the owner of the remailer saying "I couldn't help looking through my remailer archives and noticing...." and requesting more information from me!! Hoist by my own petard! Several lessons: * Multiple bounces help, even without encryption, as then the remailer sysop can't be sure who originated the message. * Encryption is of course even more desirable, though a hassle (especially for Mac users). * Remailer sysops should make a point to _not_ look at their remailer archives. In fact, they should discard them immediately (for their own legal protection, and for slightly greater trust amongst users, though this is a hazy area...). (Recall that the "mix" on which our software-based remailers are loosely patterned are "memoryless," i.e., the tamper-resistant modules that implement the receive-decrypt-store-forward protocol have no memory of the mapping between incoming and outgoing messages. In fact, the outside world cannot possibly compromise the protocols to get at this information.) So, my laziness in using only a single bounce, combined with the curiosity of a remailer sysop, breaks the anonymity. Neither surprising nor profound, but I thought you folks would like to know. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | PGP Public Key: by arrangement. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Thu, 21 Jan 93 01:47:25 PST To: "Timothy C. May" Subject: Re: Communications Policy In-Reply-To: <9301210830.AA21995@netcom3.netcom.com> Message-ID: <9301211119.aa20785@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain Tim May writes: > crypto, had he chosen to use it. And his e-mail was uncovered through > the very common method of finding the archived copies of IBM's "PROFS" > e-mail system kept by sysadmins. Sort of like the archives being kept > by some of the so-called anonymous remailers!) Hmmmm.... I find the accusation about anonymous remailers pretty strong. If you have proof of stuff like that happening, or even reasonable cause for suspicions, I feel the accusations and names of the sites should be published as widely as possible. That is the only way we can stop such unethical behavior. Julf (an0@anon.penet.fi) Johan Helsingius Kuusikallionkuja 3 B 25 02210 Espoo Finland Yourp net: julf@penet.fi bellophone: int. +358 0400 2605 fax: int. +358 013900166 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Messick Date: Thu, 21 Jan 93 13:32:16 PST To: cypherpunks@toad.com Subject: Re: random remailers Message-ID: <9301212047.AA04073@parallax.com> MIME-Version: 1.0 Content-Type: text/plain >> Has anyone thought about the consequence of randomly picking a >> remailing path instead of using the same one? > >what if the remailer flips a coin, choosing between final delivery >and remailing through another of its ilk. "message delivery with >probability one ..." The problem with this is that every site along the way has to know the final delivery address, at least of this subset of the address chain. Better to just send it directly, and add some load balancing traffic. -eric messick From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric.Forste@f33.n125.z1.FIDONET.ORG (Eric Forste) Date: Sat, 23 Jan 93 14:49:39 PST To: cypherpunks@toad.com Subject: digicash fundamentals Message-ID: <4565.2B601C59@fidogate.FIDONET.ORG> MIME-Version: 1.0 Content-Type: text/plain I came into this discussion fairly late and most of what I've been able to read has been good stuff about anonymous remailers. However, there are many tantalizing bits dropped here and there about digital cash, including some recent discussion of a form that requires no encryption. However, I missed all the groundwork discussion on digicash, and I'd really like to understand the digital cash protocols more thoroughly. Can someone here please direct me to a text file with the basics of Chaum's digital-cash ideas presented in it? I am not a cryptographer, but I consider myself proficient in the use of PGP and I've read PGP's docs thoroughly and understand them, and have pretty good background in LAN communication protocols, so that's about the technical level I'm at. Thanks. -- Eric Forste - via FidoNet node 1:125/555 UUCP - ...!uunet!hoptoad!kumr!fidogate!33!Eric.Forste INTERNET - Eric.Forste@f33.n125.z1.FIDONET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "John Coryell." Date: Thu, 21 Jan 93 15:43:41 PST To: cypherpunks@toad.com Subject: Re: possible solution to the anonymous harrassment problem In-Reply-To: <9301211642.AA02369@soda.berkeley.edu> Message-ID: <9301212343.AA21192@toad.com> MIME-Version: 1.0 Content-Type: text/plain Are there any citations of instances of this happening? John Coryell. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: deboni@diego.llnl.gov (Tom DeBoni) Date: Thu, 21 Jan 93 14:59:21 PST To: cypherpunks@toad.com Subject: privacy vs. public servants Message-ID: <9301212254.AA01411@diego.llnl.gov> MIME-Version: 1.0 Content-Type: text/plain This is a very interesting thread. But should university academicians working for state-supported institutions be subject to the same constraints on privacy and freedom from arbitrary search and seizure in their email and computer files as high federal governmental officials? I submit that the amount of (real or potential) oversight should be somehow proportional to the potential for harm or abuse of power available to the individual involved. Surely Ollie North or Richard Nixon had much greater abilities to subvert the democratic process or otherwise break the law than Professor Smith of the Chemistry Dept. of State U. Tom DeBoni (a state and federal employee with no power whatsoever) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: deltorto@aol.com Date: Thu, 21 Jan 93 14:37:37 PST To: cypherpunks@toad.com Subject: public servant privacy Message-ID: <9301211631.tn66179@aol.com> MIME-Version: 1.0 Content-Type: text/plain In response and affirmation of Eric Fogleman's note on Communications Policy, I have to concur. ALL documents produced by a public official operating an email system on public time and in pursuit of public policy (e.g. a White House official) should be subject to scrutiny and should not be considered as that person's private property. If such a person wants to have private communications with other private citizens, they should do it on their OWN time and with their OWN money. HOWEVER, if such persons then turn around and abuse this freedom by abusing the public trust in those contexts (i.e. if Ollie North started communicating with NSA officials through CompuServe to order illegal shipments of money to CIA agents in Peruvian cocaine cartels), they should, by virtue of their positions of public trust be subject to the same (presumably high) levels of scrutiny as they are now - Congressional, OMB, GSA, FBI investigations, etc. >>The burden should not be on individuals to constantly be open to scrutiny to >>demonstrate their innocence, but on those with the power to suspend individual >>rights. Yes, private citizens should not be subject to the same sorts of investigations unless there is direct evidence of criminal intent or activity in which case there should be a search warrant and notification of intent to search. Tim May notes (appropriately) that: >>Strong crypto means even Ollie North can fully protect his records. Yes, but shouldn't he be _required_ to "open" his files if he is under criminal investigation just like a drug-dealer who's required to open the locked trunk of his car? I'm sure my opinion is open to development, but this is my gut-level response. dave From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: thug@phantom.com (Murdering Thug) Date: Thu, 21 Jan 93 15:20:09 PST To: cypherpunks@toad.com Subject: Re: public servant privacy In-Reply-To: <9301211631.tn66179@aol.com> Message-ID: MIME-Version: 1.0 Content-Type: text/plain deltorto@aol.com writes: > > Yes, private citizens should not be subject to the same sorts of > investigations unless there is direct evidence of criminal intent or activity > in which case there should be a search warrant and notification of intent to > search. > > Tim May notes (appropriately) that: > >>Strong crypto means even Ollie North can fully protect his records. > > Yes, but shouldn't he be _required_ to "open" his files if he is under > criminal investigation just like a drug-dealer who's required to open the > locked trunk of his car? Well, there are really two conflicting issues here: 1) The Fifth Amendment - the right not to testify against yourself, hence the Miranda warning when you're arrested. You can claim that being forced to decrypt your hard disk by the cops violates your Fifth Amendment rights, and refuse to decrypt it. 2) Obstruction of Justice - by not handing over the key to your hard disk, you may be obstructing an investigation. By not decrypting your hard disk under court order, you maybe be held in contempt of court. Number 2 may work for law enforcement if they are investigation a third party and ask to see your hard disk in order to help their investigation. A good example is an Internet site that is being used as a telnet launch-pad by some hacker. If that site refuses to cooperate and keeps their files encrypted, the police/court may charge you with obstruction of justice or contempt of court. HOWEVER, if you feel that by decrypting these files, you would be providing testimony/evidence against yourself, you can plead the 5th, and tell them to go screw themselves. Thug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Joe Thomas Date: Thu, 21 Jan 93 17:03:28 PST To: Murdering Thug Subject: Re: public servant privacy In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Thu, 21 Jan 1993, Murdering Thug wrote: > deltorto@aol.com writes: > > > > Tim May notes (appropriately) that: > > >> > > >>Strong crypto means even Ollie North can fully protect his records. [Jeez, I feel like taking this to alt.cascade...] > > > > Yes, but shouldn't he be _required_ to "open" his files if he is under > > criminal investigation just like a drug-dealer who's required to open the > > locked trunk of his car? > > Well, there are really two conflicting issues here: > > 1) The Fifth Amendment - [legal summary elided] > > 2) Obstruction of Justice - [again] . . . > > Number 2 may work for law enforcement if they are investigation a third > party and ask to see your hard disk in order to help their investigation. > A good example is an Internet site that is being used as a telnet launch-pad > by some hacker. If that site refuses to cooperate and keeps their files > encrypted, the police/court may charge you with obstruction of justice or > contempt of court. HOWEVER, if you feel that by decrypting these files, > you would be providing testimony/evidence against yourself, you can plead > the 5th, and tell them to go screw themselves. I believe the only way for the autorities to get around that is to grant you immunity for whatever you reveal (if giving crypto keys is held to be more like giving testimony against one's self than like opening a car trunk). They did it for Ollie North, and he used that to get a later conviction thrown out. To bring this back to crypto, the ability of authorities to compel testimony from people by granting them immunity is a _great_ argument for remailers not even keeping records. Joe From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "DrZaphod" Date: Thu, 21 Jan 93 20:47:20 PST To: CypherPunks@toad.com Subject: Re: random remailers Message-ID: <73148.drzaphod@ncselxsi> MIME-Version: 1.0 Content-Type: text/plain In Message Thu, 21 Jan 93 12:47:35 PST, Eric Messick writes: >The problem with this is that every site along the way has to know the >final delivery address, at least of this subset of the address chain. >Better to just send it directly, and add some load balancing traffic. > >-eric messick What about letting every remailer see the second to last system in the remailing process, another remailer. Other remailers would route the message around for a specified # of times +/- a small random # [users choice with a max. limit set by remailers]. The second to last remailer would recognize the last remailer from it's public key encrypted message [::Request-Remailing-To: FinalDestination] and send it on down to the last remailer which would decrypt the final remailing block using it's secret key and send the intended message to it's final destination. This would provide random remailing routes without compromising the ending not originating location. The first remailer wouldn't know if it had just received a message from a person, or another remailer. TTFN! DrZaphod [AC/DC] / [DnA][HP] [drzaphod@ncselxsi.uucp] Technicolorized From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: parish@cactus.org (Tom Parish) Date: Thu, 21 Jan 93 21:35:17 PST To: cypherpunks@toad.com Subject: unsubscribe Message-ID: <9301220516.AA15042@cactus.org> MIME-Version: 1.0 Content-Type: text/plain Please remove me from the mailing list. Thank you Tom From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: david.brooks@cutting.hou.tx.us (David Brooks) Date: Sat, 23 Jan 93 18:33:50 PST To: cypherpunks@toad.com Subject: Re: PGP on BBS Message-ID: <10496.143.uupcb@cutting.hou.tx.us> MIME-Version: 1.0 Content-Type: text/plain David Brooks writes: DB> > I have been mulling over the idea of a BBS door which allows users DB> to DB> >send PGP encrypted messages to other users using a system pubkey file. DB> >I don't see a way to do it without the sender having to transfer (at DB> least DB> >temporarily) his secret key to the host system. Karl L. Barrus responds: KLB> Well, you could always allow the users to download the public key file KLB> and do the encryption on their home machine, and then upload the mail KLB> file. KLB> That way their secret key stays off the BBS... Well, yeah, that's the way we do it now, use the BBS as a Public Key Certification office...) I was sort of hoping for something a bit more direct... David david.brooks@cutting.hou.tx.us * Q-Blue v0.7 [NR] * ---- +---------------------------------------------------------------------+ | The Cutting Edge BBS (cutting.hou.tx.us) A PCBoard 14.5a system | | Houston, Texas, USA +1 713 466 1525 running uuPCB | +---------------------------------------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: david.brooks@cutting.hou.tx.us (David Brooks) Date: Sat, 23 Jan 93 18:34:09 PST To: cypherpunks@toad.com Subject: Re: PGP on BBS Message-ID: <10497.143.uupcb@cutting.hou.tx.us> MIME-Version: 1.0 Content-Type: text/plain Eric Hughes speaks: EH> The solution is cooperative processing systems, where both the host EH> and the terminal cooperate to perform some task. Unfortunately, there EH> is precious little software infrastructure to support such a EH> development. Terminal programs on PC's are still for the most part EH> acting as dumb terminals, with the notable exception of file transfer EH> protocols such as zmodem. EH> I believe that cooperative communication software will be necessary EH> for widespread use of cryptography--not just pleasant, but a EH> precondition to large scale deployment. You've hit the nail on the head here, Eric. If public key encryption is REALLY going to be for the masses, we are going to need something like this... But it seems I'm going to have to code the damned thing myself, eh? Anyone want to help? EH> Onward. Indeed! David david.brooks@cutting.hou.tx.us * Q-Blue v0.7 [NR] * ---- +---------------------------------------------------------------------+ | The Cutting Edge BBS (cutting.hou.tx.us) A PCBoard 14.5a system | | Houston, Texas, USA +1 713 466 1525 running uuPCB | +---------------------------------------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: thug@phantom.com (Murdering Thug) Date: Thu, 21 Jan 93 21:52:44 PST To: cypherpunks@toad.com Subject: the bill of rights hasn't been revoked. not yet, anyway. Message-ID: MIME-Version: 1.0 Content-Type: text/plain I've been thinking about this a bit, and it seems that the Constitution's Bill of Rights has all the provisions required to implement and legally use digital money, secure encryption, and anonymous communication networks. Specifically, the First, Fourth, and Fifth Ammendments can be used as one's defense in implementing any of the above. The First Ammendment can be seen as allowing encryption. Freedom of Speech does not preclude the government or anybody for that matter having to understand what I am saying. I can just as easly say "blardi blahr oof aarf bloo arrr foo barr arrh blard foobaaaaah" or "010110101101101011101.." to anyone I like and be protected by the First Amendment. Only those that can decode my speech will understand it, those that can't won't. I am free to speak to whoever I like (freedom of association / assembly). I am free to speak anonymously provided I break no law (copyright, slander/libel, etc.). Even if I do break a law, the next two paragraphs will show that I cannot be prosecuted for such a crime very easily. The Fourth Ammendment protects us from illegal search and siezure. If the government can get a warrant, they can search my place and sieze all my encrypted files. They can intercept my encrypted communications. They can have them, it won't do them any good. But it is their duty to decode it, not mine, and the Fifth Amendment basically says that.. The Fifth Ammendment is the tastiest one of all when it comes to encryption. By pleading the Fifth, you do not have to decrypt anything for the prosecution. The Fifth Ammendment gives you the right not to testify or provide evidence that would incriminate you. Providing a key to decrypt your hard disk would incriminate you, and you don't have to do it. In short the 1st & 5th ammendments + Secure Encryption can be used make even a completely legal search or wiretap warrant against one self worthless. Hence, not enough evidence for prosecution, hence no prosecution. They can't force you to decrypt any of your communcations or stored files, because you merely plead the Fifth amendment. This is assuming one encrypts everything, and has no accomplices/conspiritors who offer to testify for the prosecution. Even then, with public key encryption, the most that people who rat on you can give to the prosecutors are messages that you sent to them (the rat). And assuming all messages that you have sent out are sufficiently vague/obscure as to be non-incriminating, you are fairly safe there too. Assuming all messages from you were sent anonymously to a list, they can't even prove you sent them. Thus if they cannot force you to decrypt your hard disk, you should be relatively safe from successful prosecution for whatever, whether it be drug running or running a anonymous digital money bank / barter house. I guess now you can see why the government is so scared of encryption. Widespread use of encryption on the part of the criminal class would simultaneously obsolete all police, the FBI, CIA, Secret Service, and Department of Justice, or at the very least make their jobs several thousand orders of magnitude more difficult. For example, a child pornography ring that trades anonymously in encrypted .gifs using truly anonymous remailers would be impossible to take down by just taking down one member of the ring. Furthermore, it may be impossible to prosecute even that one member. Thug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Thu, 21 Jan 93 15:48:46 PST To: "Timothy C. May" Subject: Re: Communications Policy In-Reply-To: <9301211716.AA27162@netcom3.netcom.com> Message-ID: <9301220100.aa01285@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain Tim May writes: > This was well-debated about a month or so back. Ooops. Sorry. Must have been just before I joined the list. Always putting my foot in the wrong place... > In a note I wrote back then, which did not name the particular site > involved, I reported that after sending a piece of "anonymous" mail, I > got a letter of "support" for my position from the remailer operator! Urgh! > After I mentioned this to the Cypherpunks list, it came out that other > sites were also keeping various forms of archives (for some or all of > the reasons listed above). Double urgh! > Anyway, such human-operated remailers, running on UNIX boxes in > unsecure conditions, have many nonideal characteristics. Agree. Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: deltorto@aol.com Date: Thu, 21 Jan 93 22:36:26 PST To: cypherpunks@toad.com Subject: ...and other Trials Message-ID: <9301220135.tn69465@aol.com> MIME-Version: 1.0 Content-Type: text/plain >> Tom DeBoni adds: >>should university academicians working for state-supported institutions be subject >>to the same constraints on privacy and freedom from arbitrary search and seizure in >>their email and computer files as high federal governmental officials? That's a tough one. I suppose there would have to be a body that decided on a case by case (or a class by class) basis what accounts would be subject to heavy scrutiny. Unfortunately, this begins to create a overseeing body so huge and convolute as to render the entire process unwieldly approaching on the absurd. I read Kafka's "The Trial" and I don't want to face that sort of Juggernaut any time soon. On the other hand, if you don't lump _every_ friggin' state and federal employee (and I didn't) into the picture and only consider those persons with a dangerous largesse inherent in their positions (sorry, but that swell fella Ollie North somehow once again comes to mind), the whole thing takes on a more manageable (notice I said "more") appearance. Hey, this is a tough ethical dilemma. I ain't got all the answers, just an opinion (just like assholes... everyone's got one, right?). Basically, I worry about abuse of email systems by knowledgable/sinister government officials. When you consider how hard it is for the general public to conceive of abuse on paper memos, imagine how much damage and subversion a savvy individual could do with a "computer" (gwarsh, Mickey! Whut's a kum-pee-you-ter?) to the democratic process before anyone would pay attention to a cypherpunk crying "wolf!" Encryption to the Masses! dave From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: deltorto@aol.com Date: Thu, 21 Jan 93 22:36:27 PST To: cypherpunks@toad.com Subject: Preferably a screw with BIG threads Message-ID: <9301220135.tn69466@aol.com> MIME-Version: 1.0 Content-Type: text/plain I dig Thug's comment about the "two conflicting issues here" (The Fifth Amendment & Obstruction of Justice). Especially the part about "tell[ing] them to go screw themselves." : ) I suppose that certain "specially designated' accounts belonging to certain "specially designated" officials should be open to complete scrutiny by the 'balancing' arms of Government, i.e. the Executive Branch should be 'checkable' by the Legislative, etc, etc. That begins to sound more Democratic, don't it? At least it sounds "democratic" as we hope it would be (maybe not as we know it to be). dave From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc.Ringuette@GS80.SP.CS.CMU.EDU Date: Thu, 21 Jan 93 23:08:40 PST To: cypherpunks@toad.com Subject: Re: the bill of rights hasn't been revoked. not yet, anyway. Message-ID: <9301220708.AA26798@toad.com> MIME-Version: 1.0 Content-Type: text/plain > I've been thinking about this a bit, and it seems that the Constitution's > Bill of Rights has all the provisions required to implement and legally > use digital money, secure encryption, and anonymous communication networks. I agree, but only if you do all the public key encryption inside your head. :-) :-( You're interpreting the first amendment much more liberally than current legal practice would warrant. Just because something is an act of communication doesn't mean it's protected speech under the first amendment. -- Marc Ringuette (mnr@cs.cmu.edu) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jgarner@netcom.com (Jason Garner) Date: Fri, 22 Jan 93 03:08:33 PST To: cypherpunks@toad.com Subject: Does anyone know of any specific cases Message-ID: <9301221108.AA14072@netcom2.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Does anyone know of any specific legal cases which have tested or are testing this issue of a conflict between the 5th amendment and Obstruction of Justice? Seems I read about something like this recently in a California newspaper but I cant seem to remember the case. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Fri, 22 Jan 93 07:48:48 PST To: cypherpunks@toad.com Subject: crypto, NSA, gnu, and cypherpunks in Boardwatch magazine Message-ID: <9301221546.AA24473@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Jack Rickard was kind enough to send me the following. A new member of the list told me he had found out about the list from this article. Eric ----------------------------------------------------------------------------- From: jack.rickard@boardwatch.com Date: Wed Jan 20 09:57:55 1993 Subject: CYPHERPUNKS COVERAGE The following article appeared in the February, 1993 issue of Boardwatch Magazine, a monthly publication covering electronic bulletin boards, online information services, and networking issues. Boardwatch Magazine is published monthly at an annual subscription rate of $36. Boardwatch Magazine, 7586 West Jewell Ave., Suite 200, Lakewood CO 80232; (303)973-6038 voice; (303)986-8754 fax; (303)973-4222 data. Internet: jack.rickard@boardwatch.com. FRONTAL ATTACK ON THE PUZZLE PALACE by Lance Rose A privately funded attack is underway against a little-known government agency that has devoted itself to the control of privacy in this country (who gets to have privacy, who doesn't, and how much privacy can anyone have?). If successful, it may begin to unravel decades of surreptitious information control so effective most of us have not been aware of its operation. The agency in question is the National Security Agency, or NSA. It was established in 1952 by President Harry Truman to monitor signal transmissions that might affect the security of the United States. Since that time, the NSA has steadily cast a pall over public use and knowledge of cryptography, and generally regulated the limits of privacy in this country. It has done so with 40,000 or more active employees, and funding not readily discernible from inspecting Congressional budget lines. Those not already familiar with the NSA might be surprised at the depth and extent of its influence. For instance, rumor has it that NSA monitors much of the digital telephone activity in this country, even though it is authorized only to monitor foreign transmissions. NSA is also in charge of regulating the export of cryptographic devices to other countries, which are officially deemed such a great security risk they are dealt with as "munitions" under the U.S. export control laws. Any device or software intended for export and using encryption techniques (which are usually included to aid in the privacy or security of personal or business communications, such as in cellular phones) must be reviewed by the State Dept., which generally passes on the review to the NSA. These review processes are so slow and nitpicking that they choke off almost all international trade in effective encryption devices from the U.S. The ultimate effect of this process, as pointed out by John Barlow of the EFF, is to inhibit development of strong encryption devices even within the U.S., since manufacturers are often reluctant to make two different versions of their goods, one for domestic use and one for export. Well-known, powerful encryption techniques subject to close NSA export control include devices based on the DES algorithm, and public key devices based on the RSA algorithm. In addition, NSA is actively involved, along with such cohorts as the FBI and the Justice Department, in ongoing legislative efforts to keep effective new cryptography and privacy techniques out of the public's hands. Last year, proposed Senate Bill 266 would have made it illegal to use a cryptographic technique unless the government had been provided a "back door" enabling it to easily extract the plain text from any message encrypted through that technique. Apparently, brute force cipher-cracking by the NSA was wasting a little too much of the taxpayers' dollars (albeit through untraceable budget lines) so we would all get a break if the government's obligatory snooping and code-cracking activities cost a lot less. Luckily, this bill was kept from enactment, in large part through the efforts of the Electronic Frontier Foundation. NSA and FBI came back this year with a new variation - a bill that would require all phone companies to set up special wiretap stations for official eavesdropping, so agents would not have to waste taxpayer dollars figuring out how to tap those nasty optical fiber lines without being detected. It's ironic that in the face of a federal statute (the Electronic Communications Privacy Act) with strong legal obstacles to discourage officials who seek to monitor private telephone activities, those same officials want to install facilities giving them the practical ability to wiretap as easily as you or I might open the faucet for a glass of water. Another NSA tactic has been massive removal of texts on cryptography from public access through classifying them as secret government documents. Again, slowing down the transmission of knowledge on cryptography in this manner has placed a drag on development of publicly useful encryption methods. The advent of the Freedom of Information Act (FOIA) threatened this regime, with its provisions for requesting declassification of government documents. However the NSA, like many other federal agencies, discovered a fairly effective antidote to FOIA requests: ignore the requests, and when it could ignore them no longer, make the requesting party drag the NSA bodily into court over and over in escalating legal procedures to compel production of the requested documents. This process was such a burden on the requesting parties that it weeded out all but the most dedicated and well-financed attempts to fetch documents on cryptography out of the black hole of NSA classification. Such conduct was also literally illegal, since it involved failure to meet statutory time limits to respond to FOIA document requests. The NSA appeared to be deliberately not meeting the time limits, and basically thumbing its nose at those who sought the documents under its control. One of those who encountered the NSA's monumental heel- dragging in releasing cryptography-related documents was John Gilmore. Gilmore runs a software house named Cygnus Support, was one of the founders of the Electronic Frontier Foundation, and is a vocal and impassioned supporter of individual privacy rights against the modern encroachments of the state. Gilmore and his attorney, Lee Tien, decided to challenge certain NSA practices head-on, specifically the practices of overclassifying documents in the area of cryptography, and the NSA's unwillingness to release cryptographic materials into the public domain regardless of whether the materials actually have strategic military value justifying their classification. In July, 1992, Gilmore requested, under the FOIA, copies of the books "Military Cryptanalysis" by Friedman, volumes 3-4 (earlier volumes were already declassified) and "Military Cryptanalytics" by Friedman and Callimahos, volume 3 onward (the exact number of volumes is not publicly known). The Friedman books dated from the 1930's, the ones with Callimahos from the 1950's - not likely state of the art stuff. To add a little irony, Friedman had been one of the founders of the NSA. To no one's surprise, the NSA did not respond to Gilmore's FOIA request for the books. Gilmore appealed the decision administratively, but again was unable to obtain the materials, forcing him to the next step of filing a suit against NSA in federal court in the Northern District of California. Here is an example of an administrative setup ripe for abuse, being played for all it's worth by the NSA. In an ordinary court action, a party who does not respond within a time limit set by statute can lose the case by default. Here, however, the NSA did not lose anything by not responding to the FOIA requests in the administrative agency setting. In fact it actually gained an advantage, forcing Gilmore to put more energy and resources first into a pointless administrative appeal, and then finally starting a federal court action from scratch. Some time after beginning the FOIA procedure, Gilmore tracked down the Friedman volumes from the '30's at a couple of public repositories in California. Amazingly, when the NSA found out he had the books, they told him the books were still classified or should be classified, and threatened him with a criminal action if he dared to show the books to anyone else. This received some press attention in the S.F. Examiner and elsewhere, to the NSA's great displeasure. Not only was the NSA getting publicity, which it shuns, but it looked like NSA was trying to bury ancient materials already fully accessible to the public, and threatening to jail someone who dared assert the public had a right to such materials. The attention had a salutary effect on the NSA's actions, however. They recently declassified the old Friedman volumes, making it perfectly legal for Gilmore to distribute them. Score one for the libertarians. They have started the NSA backpedalling. As we go to press, Gilmore's case against the NSA is still proceeding for purpose of obtaining the remaining Military Cryptanalytics volume(s), as well as a "pattern and practice" claim against the NSA. This last legal claim is particularly important. As described above, the NSA drags its heels on FOIA requests, outlasting all but the most resolute opponents. But any time a hardy soul manages to push his case close to a court decision, the NSA can turn around at the last moment and say, "here are the materials you requested." The case would then officially become moot because the request was finally honored, and no court decision stating that the NSA engages in obstructive and delaying practices would ever issue. This sorry result can be avoided by the claim that NSA engages in a "pattern and practice" of obstructing and delaying FOIA requests for cryptographic materials. It will survive any such "mooting" move by the NSA, and if Gilmore perseveres, may result in a judicial decision laying some of the NSA's practices bare on the public record. If Gilmore and his attorney Lee Tien succeed, they could end up chipping off a big piece of the NSA wall of darkness. From the look of things, they may still have some arduous going ahead. No matter the decision on the trial court level, the NSA will have many court appeals left, and doubtless ot getting to UUCICO:USERLOG:d:\tbbs\userlog.inx Those interested in cryptography issues may find a new Internet mailing list of interest. A group is physically meeting in John Gilmore's Silicon Valley facilities and has started a mailing list under moderation of Timothy C. May (tcmay@netcom.com). The group includes John Draper (Cap'n Crunch), Tom Jennings, and others interested in cryptography, anonymous mail forwarding techniques, encryption, the Pretty Good Privacy program, and other privacy issues. You can join this mailing list from any service allowing Internet e-mail by sending a message to CYPHERPUNKS-REQUEST@TOAD.COM. [Lance Rose is an attorney practicing high-tech, computer and intellectual property law in the New York City area, and is available on the Internet at elrose@well.sf.ca.us and on CompuServe at 72230,2044. He works with shareware publishers, software authors, system operators, technology buyers, interactive media developers, on-line database services and others in the high technology area. He is also author of the book SYSLAW, a legal guide for bulletin board system operators, available from PC Information Group (800)321-8285. - Editor]  From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Fri, 22 Jan 93 08:11:25 PST To: cypherpunks@toad.com Subject: PGP on BBS In-Reply-To: <9301211702.AA11275@xanadu.xanadu.com> Message-ID: <9301221609.AA24776@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain I wrote: >>The solution is cooperative processing systems, where both the host >>and the terminal cooperate to perform some task. Dean asks: >What would the two systems be cooperating about? I'm not sure to what >you are pointing. Here are two basic examples: 1. Session key creation. I regularly log in remotely to my account at soda. I'd like to have that modem link encrypted, with session keys generated on the fly. So I'll want to use some implementation of Diffie-Hellman key exchange to make a session key. The nature of this protocol means that both my terminal program and my host have to do calculations and exchange data. Therefore I need software on my PC at home and software on the host that work together. 2. Digital signatures. I read and send my e-mail on the host. When I send PGP-encrypted mail, I have to compose the message on the PC, encrypt it with a PGP command line, upload it to the host with zmodem, and read it in to my mailer. I'm certainly not going to put my secret key on the host. What would be ideal is a cooperative protocol that initiated (in the background, away from my main connection) a channel, sent just the data to be signed (an IDEA key, for example), have my PC sign the data and send it back. This not only entails software on each end, but also a line multiplexer so that the signing can take place on a separate channel. If it doesn't occur on a separate channel, then I have to see it, probably move to the shell in order to start it properly, and in general make it non-automatic. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fen@genmagic.genmagic.com (Fen Labalme) Date: Fri, 22 Jan 93 10:22:09 PST To: cypherpunks@toad.com Subject: Re: the bill of rights hasn't been revoked. not yet, anyway. Message-ID: <9301221821.AA12809@> MIME-Version: 1.0 Content-Type: text/plain > Murdering Thug writes: > If you conduct EVERYTHING via encrypted and anonymous communications and > keep all records encrypted, they really cannot touch you. > > Don't you just love crypto-anarchy? I know I do. So do I! I get the feeling that MT is attempting to display some of the dangers of crypto-anarchy via sarcasm. (I really can't be sure, as such intonations are really difficult to convey or pick up on in ascii.) While it is true that in a free society, someone could buy a gun and kill all their neighbors and possible even get away without a trace, I would rather live in that free society than one that disallows the purchase of the gun to begin with. (The fact that I support strong gun control measures is not contradictory to this.) In the same way, I would like to encourage everyone, even the Ollie Norths, to encrypt their communications. Sure, there will be conspiracies that take their toll upon society, but I feel that one of the biggest causes of violence is the feeling of dis-empowerment caused by conventional laws. Note, for example, that the countries that are less uptight about nudity generally have less sex crimes. Laws take power away from people. Encryption affords people the capability to gain access to the information they want and disseminate it to those they want to without fear of recrimination. This empowering technology will, imho, empower the many to cause less harm to the few, and empower the few to get what they want while protecting themselves from the wrath of the many. Hope that you find some of these ideas worthwhile... Fen From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: thug@phantom.com (Murdering Thug) Date: Fri, 22 Jan 93 09:39:03 PST To: cypherpunks@toad.com Subject: Re: the bill of rights hasn't been revoked. not yet, anyway. In-Reply-To: <199301221440.AA05524@ra.oc.com> Message-ID: MIME-Version: 1.0 Content-Type: text/plain Matthew Lyle writes: > In a recent message, Murdering Thug said: > | The Fifth Ammendment is the tastiest one of all when it comes to > | encryption. By pleading the Fifth, you do not have to decrypt anything > | for the prosecution. The Fifth Ammendment gives you the right not to > | testify or provide evidence that would incriminate you. Providing a > | key to decrypt your hard disk would incriminate you, and you don't > | have to do it. > > What the government has to do in this case is to give you immunity from > prosecution. They can then order you to decrypt your hard disk. You can't > refuse based on the 5th ammendment because you have been given immunity from > prosecution. They can't use the hard drive against you, but they then can > in anybody elses prosecution. Agreed. I guess if you refuse after that point, they can hold you in contempt of court or cite you for obstruction of justice. BUT, what if they "crime" involves only you. Then they (the prosecutors) are up shit's creek, pardon the language. You're immune, and there's no one left to prosecute. Okay, let's assume the crime involves a conspiracy, and they give you immunity and force you to decrypt your hard disk. What good would this do them if all your communications between your conspirators took place anonymously and the messages from your conspirators are so vague/obscure as to be worthless as evidence. Now, they have already given you immunity, and now they can't even go after your conspirators because they may not even know who those conspirators are or even what the hell those conspirators were talking about in their vague/obscure messages to you. Even if the prosecutors know what the messages are in reference to, they still have to prove that in a court of law, beyond a reasonable doubt. Since they cannot go back on their promise of immunity to you, the prosecutors are again up shit's creek. All this will only work providing the prosecutors have no other evidence against you (ie: voice wire taps, physical evidence (notes, cancelled checks, survielance video, stashed cash, etc.)). If you conduct EVERYTHING via encrypted and anonymous communications and keep all records encrypted, they really cannot touch you. Don't you just love crypto-anarchy? I know I do. Thug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Fri, 22 Jan 93 10:26:42 PST To: thug@phantom.com (Murdering Thug) Subject: Re: the bill of rights hasn't been revoked. not yet, anyway. In-Reply-To: Message-ID: <9301221825.AA23938@tla.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain The major problem is that in any case which the government will be interested, money is involved. The problem with anonymous banking is that it can't look like banking, because the reporting laws for banks are extrememly tight. No matter what the bill of rights says, certain things (such as cash transactions over a certain amount) must be reported. Interest must be reported by federal taxpayer ID. (Ok, we don't pay interest. This is the cost of privacy, I guess.) And I'm not convinced that if the banks records were seized, that you could avoid being traced. you have to get the money to and from them somehow. And even if I'm unkown by name to them, I'll be damned if I'm going to put *money* into a bank which I (or my agent) can't walk up to and do business if I so choose. Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc.Ringuette@GS80.SP.CS.CMU.EDU Date: Fri, 22 Jan 93 10:33:25 PST To: cypherpunks@toad.com Subject: Re: the bill of rights hasn't been revoked. not yet, anyway. Message-ID: <9301221833.AA06301@toad.com> MIME-Version: 1.0 Content-Type: text/plain > Agreed. I guess if you refuse [ to decrypt your files] after that > point, they can hold you in contempt of court or cite you for > obstruction of justice. Oh yeah, this reminds me of a scheme by my friend Fuzzy. Create an encryption system which compresses and encrypts two files in the space of one (more or less) using two different keys, the "real" one and the "innocent" one. When you encrypt something, you also encrypt a similar-sized hunk of innocuous text. When they ask for the key, you give them the one that spits out the fake stuff. True, it's security by obscurity. But I thought you might be interested. -- Marc Ringuette (mnr@cs.cmu.edu) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Fogleman Date: Fri, 22 Jan 93 10:50:13 PST To: deltorto@aol.com Subject: Re: privacy vs. public servants Message-ID: <9301221847.AA01967@ack.adstest.analog.com> MIME-Version: 1.0 Content-Type: text/plain Responding to Tom DeBoni's message concerning whether or not government officials should have a right to secure communications. > I submit that the amount of (real or potential) oversight should be > somehow proportional to the potential for harm or abuse of power > available to the individual involved. Surely Ollie North or Richard > Nixon had much greater abilities to subvert the democratic process or > otherwise break the law than Professor Smith of the Chemistry Dept. of > State U. Agreed! I agree with Dave Deltorto's idea about "a body that decided on a case by case (or a class by class) basis what accounts would be subject to heavy scrutiny". Or perhaps limiting certain public servants (the chief executive, Oliver North's successor, etc) to a set of "open" computing systems and communication paths. (Similar to limiting people with security clearances to sets of closed computing systems, communication paths.) Dave says: > Unfortunately, this begins to create a overseeing body so > huge and convolute as to render the entire process unwieldly > approaching on the absurd. I read Kafka's "The Trial" and I don't > want to face that sort of Juggernaut any time soon. Unwieldy? Kafka-esque? Expensive? Possibly, but it doesn't have to be that way. As Bongo says: "The price of freedom is eternal vigilance." How much do you want to pay? Eric Fogleman From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ld231782@longs.lance.colostate.edu Date: Fri, 22 Jan 93 15:24:53 PST To: thug@phantom.com (Murdering Thug) Subject: Re: the bill of rights hasn't been revoked. not yet, anyway. In-Reply-To: Message-ID: <9301222323.AA05827@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain The Thug brings up some useful ideas of the constitution guaranteeing the right to encryption. The point that communication and encryption are very similar is a very crucial idea. However, he goes astray: >I guess now you can see why the government is so scared of encryption. >Widespread use of encryption on the part of the criminal class would >simultaneously obsolete all police, the FBI, CIA, Secret Service, and >Department of Justice, or at the very least make their jobs several >thousand orders of magnitude more difficult. For example, a child >pornography ring that trades anonymously in encrypted .gifs using >truly anonymous remailers would be impossible to take down by just >taking down one member of the ring. Furthermore, it may be impossible >to prosecute even that one member. This makes it sound as if criminals will suddenly find no obstacle to their deviant behavior with the use of cryptography, a ridiculous assertion. Law enforcement will be made more difficult but arguably the government has never legitimately had the "right" to wiretap, and law enforcement will of course will never be "obsoleted" by technology. We must separate the activity of spying from the activity of law enforcement (the agencies noted are in both categories). The former will be perhaps "thousand orders of magnitude more difficult" but the latter will not be significantly affected, I'd wager (most criminals are low tech). A Murdering Thug will be caught, eventually, when he murders somebody regardless of his use of cryptography. BTW, it annoys me that anyone thinks that law enforcement will be made impossible when cryptography becomes widespread. This extreme idea is absolutely absurd. Definitely, it will be affected, and perhaps some "criminals" will not be caught that once might have. But I suspect that the criminals perpetrating the worst crimes, the ones civilized people find most abhorrent and heinous, will be largely unaffected. There are far better ways to improve the currently inefficient and often ineffective law enforcement techniques than by improving wiretapping techniques. Its funny how totalitarian governing systems (the logical extent of completely outlawing cryptography) often manage to find "criminals" where previously none existed. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: lefty@apple.com Date: Fri, 22 Jan 93 16:28:59 PST To: cypherpunks@toad.com Subject: Re: Communications Policy Message-ID: <9301230027.AA13100@apple.com> MIME-Version: 1.0 Content-Type: text/plain >I hear concern over privacy and also over erasure of White House tapes. >I pose the following question: Should an institution have the right >to private communication? Is the White House an institution? A _private_ institution should have a right to private communications. The White House is _not_ a _private_ institution. -- Lefty (lefty@apple.com) C:.M:.C:., D:.O:.D:. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ld231782@longs.lance.colostate.edu Date: Fri, 22 Jan 93 16:02:13 PST To: cypherpunks@toad.com Subject: public privacy, NSA resources In-Reply-To: <9301221546.AA24473@soda.berkeley.edu> Message-ID: <9301230001.AA06625@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain Some ideas on just how "public" public servants' communication is have been raised here. >I have to concur. ALL documents produced by a public official operating an >email system on public time and in pursuit of public policy (e.g. a White >House official) should be subject to scrutiny and should not be considered as >that person's private property. (deltorto@aol.com) I'd like to take this a bit further. The new emerging technology of global networking is a means for previously uninfluential citizens to take back control of our governments. Is it just me, or does it seem like the US version is way out of control? Growing uncontrollably like a cancerous tumor? As a citizen of this country I am vehemently irate at public servants who use their positions and influence to thwart their own laws (e.g. Congress is exempt from many laws it passes). There seems to be a real undercurrent of stonewalling everywhere, and the insideous attitude that the public is not who you serve, but who you mislead to get more money or power. Why shouldn't every budget of every federal agency be public knowledge? I could see where MY TAX MONEY is being spent. Why shouldn't I be able to determine what any given US public official (elected or unelected) is doing on a given day? What a given agency is accomplishing? Because its impractical? Because it's not my business? HAH! It is not only practical, but will eventually happen. Imagine if all this information were stored in a single unified public database...! As accessable as a library book? Imagine the horrors we would uncover! (Interesting: technology will greater polarize the distinctions of "public" and "private" information.) The possibility of greater control over tax money is here too. Some presidential candidate (I forget who, Perot?) suggested having a box on the tax form that would allow constituents to direct money directly to the federal deficit. Of course, in today's atmosphere of complete fiscal irresponsibility and obfuscation such an idea is completely meaningless. But in the government of tomorrow, we will have must broader control over directing where our tax money will go. Imagine that I was required to spend a certain amount of money on government services (my total taxes) but that I could redirect the actual amounts to agencies (in broad categories) that serve me best. Suppose that even *private companies* could compete for this money on my tax form! It would almost be as if the federal government didn't even exist--our government would be nothing but a method of reallocating money in the most efficient way possible. (Hm, I think I'll give $0.001 to the NSA this year, hehe.) Regarding inefficiency, note the sheer obstacles that "whistleblowers" encounter in our government. Most are lucky to just be demoted. Others are harassed and threatened and fired, or worse. All this for potentially saving money and making an organization more efficient! We need to elevate the whistleblower to heroic status, and encourage every member of the US population to be one if possible. I'm not advocating paranoia or violent revolution, just that we increase our vigilance by increasingly exercising our rightful control with the aid of fresh technological developments. - - - >FRONTAL ATTACK ON THE PUZZLE PALACE >by Lance Rose >Since that time, the NSA >has steadily cast a pall over public use and knowledge of cryptography, and >generally regulated the limits of privacy in this country. It has done so with >40,000 or more active employees, and funding not readily discernible from >inspecting Congressional budget lines. 40,000? Is this for real? Does anyone know how this would compare to FBI or CIA? Also, does anyone have a clue on the black budget? The author seems to hint here that while it is not "readily discernible" it might be inferrable. There were a lot of files maintained by the FBI on suspected communists during the McCarthy era. I wonder what delicious little morsels have been squirreled away in the bowels of our massive behemoth? Esp. with the scarily massive capabilities of archival possible with today's storage technologies... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jay Prime Positive Date: Fri, 22 Jan 93 20:01:10 PST To: cypherpunks@toad.com Subject: An ebank's vulnerability. Message-ID: <9301221959.aa06199@hermix.markv.com> MIME-Version: 1.0 Content-Type: text/plain From: jpp@hermix To: cypherpunks@toad.com Subject: An ebank's vulnerability. I think that the physical location of an ebank's value reserve (be it gold, corn, stock certificates, whatever) is really the trickyest problem. At that location the bank can be attacked by governments (or other crooks). [enter fantasy... Person with gun says "Well, if all this money is your's, then you sure owe us taxes (protection). Don't pay and you're going to jail (to the bottom of the river). If it ain't your's, then (I'll just take it for myself) you're a bank, and you're going to jail." ...leave fantasy] One solution I see is to not have any physical deposit at all. This is what most governments do isn't it? But without a physical resource for reference the question of the value, or the origin of ecreds becomes tricky (at least for my limited economic knowledge). Suppose I create a really great joke and try to sell it. Where does the buyer get the ecreds from? If I wanted to buy a taco, would the vendor take ecreds? Would they take ecreds *I* printed up? Another solution is to use the banking system of a country which *ALREADY* has anonymous value storage as a comodity for sale. Supose some enterprising Swiss citizen wanted to set up ebanking, I bet they could do it. I wouldn't mind my ecreds being denominated in Swiss francs either. But I suspect the Swiss government might drop by the bank every year to collect some taxes from the accounts. At what tax rate would this become unacceptable? Someone could always set up an ungoverned value storage location. Smuggling gold (or other valuables) into, with in, and out of governed areas shouldn't cost too much, since valuables generaly have at least the value/weight and value/volume than marijuana has. The cost of smuggling, and defending the valuables becomes the limiting factor. How much could be "lost" to smuggling and defense befor this becomes unacceptable? j' From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pfarrell@cs.gmu.edu (Pat Farrell) Date: Fri, 22 Jan 93 17:44:33 PST To: ld231782@longs.lance.colostate.edu Subject: Re: public privacy, NSA resources Message-ID: <9301230140.AA12628@cs.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain A fellow cypherpunk lister says about the number of employees at NSA: >40,000? Is this for real? Does anyone know how this would compare to >FBI or CIA? Also, does anyone have a clue on the black budget? The >author seems to hint here that while it is not "readily discernible" it >might be inferrable. > The number of employees at the FBI is public info. I don't have it at hand. CIA employment used to be secret, and may still be. Of course you can buy a picture from SPOT and count the cars for an estimate. At both agencies, there are a significant number of contract employees, who are not on the employment rolls, but are efectively the same as government employees. They aren't counted in public info. I can't guess at the number of NSA folks. But I can relate an story.... I gave a paper at this year's National Computer Security Conference, in Baltimore. Like all conferences, it had a registration area, vendor's booths, etc. Following form, it had nice folks behind counters with signs over the top, with the usual: Prepaid A-F | Prepaid G-M | .... | Walkup | Press | ... sections. What surprized me was the row of counters labeled: NSA A-E | NSA F-H | ..... NSA W-Z There were as many NSA booths as all the rest combined. (ok, +- 10%) Another aside. The NCSC is essentially a front for the NSA. NCSC exists but has no more than two employees, one is the secretary to an NSA official. Pat Pat Farrell, Grad Student pfarrell@cs.gmu.edu Department of Computer Science, George Mason University, Fairfax, VA PGP key available via finger or request #include standard.disclaimer From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Fri, 22 Jan 93 21:04:06 PST To: cypherpunks@toad.com Subject: Re: crypto, NSA, gnu, and cypherpunks in Boardwatch magazine In-Reply-To: <9301221546.AA24473@soda.berkeley.edu> Message-ID: <9301230501.AA07629@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Eric Hughes passed along an article he got, which originally appeared in "Boardwatch": (lots of stuff elided) > FRONTAL ATTACK ON THE PUZZLE PALACE > by Lance Rose (and if you read all the way to the end...) > Those interested in cryptography issues may find a new Internet mailing list of > interest. A group is physically meeting in John Gilmore's Silicon Valley > facilities and has started a mailing list under moderation of Timothy C. May ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > (tcmay@netcom.com). The group includes John Draper (Cap'n Crunch), Tom > Jennings, and others interested in cryptography, anonymous mail forwarding > techniques, encryption, the Pretty Good Privacy program, and other privacy > issues. You can join this mailing list from any service allowing Internet > e-mail by sending a message to CYPHERPUNKS-REQUEST@TOAD.COM. > > [Lance Rose is an attorney practicing high-tech, computer and intellectual Needless to say to all of you, I don't moderate the list! Jeez, where do they get this stuff? I haven't talked to this guy, so I have no idea where he got this idea. Perhaps he thought my posts were more moderate than others? Obviously he never saw my "Crypto Anarchist Manifesto"! -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: waiting for the dust to settle. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Fri, 22 Jan 93 23:40:06 PST To: pfarrell@cs.gmu.edu (Pat Farrell) Subject: Re: perl scripts for PGP In-Reply-To: <9301221257.AA10121@cs.gmu.edu> Message-ID: <9301230738.AA01650@deathtongue.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain >> Marc, >> when you were here in DC, you mentioned some perl scripts that processed >> PGP output. Can you please send me a copy? yeah, and I'm cc'ing cypherpunks, since I think you all might be interested, too. This script has three functions. All take the output of pgp -kvv as input. 1) it "inverts" a pgp file, listing all the keys signed by a given key, as compared to giving all the keys which have signed a given key. 2) given -kvv output (and it can merge several files of input automatically, since it hashes on key id), it lists all the keys which you (or any other key) have a path of signatures to, and the length of the shortest such path. So, the specified key has a path length 0. All keys signed by that key have a path length 1, all keys signed by those keys have path length 2, etc. 3) Optionally, it will list one of these paths for each key you can reach. There may be many paths, so this is only for interest; to enumerate all paths would be painful. The most interesting use for this script is to see what your "radius" is (maximum distance to any key), and to see how big your "world" is. Needless to say, I wouldn't trust keys which have a long path length too much, if at all. There are 155 keys in my "world" (out of a keyring of about 350). My current radius is 7. Tom, if you're in Boston anytime, my radius would decrease to 5 if I signed your key. That would be cool :-) Marc #!/afs/athena/contrib/perl/perl # # $Id: pgputil.pl,v 1.7 1993/01/23 07:29:27 marc Exp $ # ## pgputil.pl. Copyright 1993, Marc Horowitz ## ## This program may be freely redistributed and used as long as the RCS ## Id, copyright, and this message are left intact. It may also be used ## as the basis for other programs, as long as this program is ## acknowledged in the code and documentation, and it is made clear that ## the new program is a derivative work, and not the original. Although ## not required, it would be nice if any modifications were sent back to ## me. $save = ""; sub next { local($ret); return() if !defined($save); while(1) { $_ = $save || <>; $save = ""; if (! $_) { undef $save; return($ret); } elsif (/^\s/) { $ret .= $_; } elsif ($ret) { $save = $_; return($ret); } else { $ret = $_; } } } sub parsekvv { local($keyid,$ring,$lastpub); while($_ = &next()) { if (/^Key ring:\s+'(.*)'$/) { $ring = $1; } elsif (m!^pub\s+\d+/([0-9A-F]+)\s+\d+/\d+/\d+\s+!) { $lastpub = $1; $publine{$lastpub} = $_; ($pubindent{$lastpub} = $_) =~ s!\d{4}/\d\d/\d\d!$& !; } elsif (/^sig\s+([0-9A-F]+)/) { $keyid = $1; $sigindent{$keyid} = $_; ($sigline{$keyid} = $_) =~ s/^(sig\s+[0-9A-F]{6})\s\s/$1/; $siglist{$keyid} .= $lastpub." " if $siglist{$keyid} !~ /$lastpub/; } } } sub findsigned { local($level,@from) = @_; local($tmp,@next); foreach $hash (@from) { next if (defined $depth{$hash}); $depth{$hash} = $level; for $nexth (split(' ',$siglist{$hash})) { push(@next,$nexth); $signedby{$nexth} = $hash if !defined $signedby{$nexth}; } } if (@next) { &findsigned($level+1,@next); } } ($zero = $0) =~ s!^.*/([^/]+)$!$1!; sub usage { die "usage: $zero signators [ file ... ]\n" ," $zero recurse [ -v ] [ file ... ]\n"; } sub signators { &parsekvv(); print "Type bits/keyID Date User ID\n"; foreach $hash (keys %siglist) { next if ($sigline{$hash} =~ /Unknown signator/); print $sigline{$hash}; foreach $pubhash (split(' ',$siglist{$hash})) { print $pubindent{$pubhash}; } } } sub recurse { for (@ARGV) { if (/^-v/) { $verbose++; } else { push(@newargv, $_); } } @ARGV = @newargv; $keyid = shift(@ARGV); if ($keyid !~ /^[0-9A-F]{6}$/) { &usage; } &parsekvv(); $signedby{$keyid} = ""; &findsigned(0, $keyid); foreach $pubhash (keys %depth) { $out{sprintf("%02d%s",$depth{$pubhash},$pubhash)} = sprintf("%2d %s",$depth{$pubhash},$publine{$pubhash}); } foreach $k (sort keys %out) { print $out{$k}; if ($verbose) { $sig = $signedby{substr($k,2,6)}; while($sig) { ($x = $pubindent{$sig}) =~ print " ",$x; $sig = $signedby{$sig}; } } } } ## dispatch $cmd = shift(@ARGV) || &usage(); if ($cmd =~ /^s/) { &signators(); } elsif ($cmd =~ /^r/) { &recurse(); } else { &usage(); } From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Juggler Date: Sat, 23 Jan 93 13:21:37 PST To: Subject: No Subject Message-ID: <23JAN93.15495907.0008.MUSIC@UTEP> MIME-Version: 1.0 Content-Type: text/plain COuld you sub me to the cypherpunk list? Thanks. -Juggler -------------------------------------------- | Juggler | Insert cool | | IH23@utep.BITNET | saying here. | | IH23@utepvm.ep.utexas.edu|Long live sigs!| |******************************************| | Sysop of Three Ring Circus (915)564-0026 | -------------------------------------------- My school doesn't have opinions.... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: deltorto@aol.com Date: Sat, 23 Jan 93 13:27:32 PST To: cypherpunks@toad.com Subject: a few good weasels Message-ID: <9301231627.tn05014@aol.com> MIME-Version: 1.0 Content-Type: text/plain Eric.Fogleman@analog.com contributes his view that: >>I agree with Dave Deltorto's idea about "a body that decided on a case >>by case (or a class by class) basis what accounts would be subject to >>heavy scrutiny". Or perhaps limiting certain public servants (the >>chief executive, Oliver North's successor, etc) to a set of >>"open" computing systems and communication paths. (Similar to limiting >>people with security clearances to sets of closed computing systems, >>communication paths.) >> >>Dave says: >> >>> Unfortunately, this begins to create a overseeing body so >>> huge and convolute as to render the entire process unwieldly >>> approaching on the absurd. I read Kafka's "The Trial" and I don't >>> want to face that sort of Juggernaut any time soon. >> >>Unwieldy? Kafka-esque? Expensive? Possibly, but it doesn't have to >>be that way. As Bongo says: "The price of freedom is eternal >>vigilance." How much do you want to pay? Well, Eric, I take your point, and I'm willing to 'pay' quite a bit for freedom, especially if I have pals like you to help out in the biz of watchfulness. :-) I guess what I was trying to get at here was that the process could become so convolute that it would no longer be _technically feasible_ to keep an eye on the dangerous character(s) such as the President's National Security Advisor, the Joint Chiefs of Staff, the twisted geeks at the CIA, their cronies at the FBI, Hillary Clinton (whoops, she's probably OK) etc, etc, ad nauseam. This doesn't mean I wouldn't _like_ to make sure they're carefully monitored, I just look at the volume of paperwork/electronic files generated by even the most lowly federal agencies and imagine that such a watchdog agency might be logistically incapable of doing the job properly, assuming it could do it in an unobstructed and non-compromised way in the first place. There would have to be a highly selective, maybe viciously random way of keeping potential abusers in line. And who watches the watchdog? Kevin Costner? Speaking of which, has anyone seen this movie "A Few Good Men?" Jack Nicholson plays this meansumnabitch Marine Colonel who basically takes the law into his own hands, blinded by his self-righteous view of his job to protect "us" to the point where he has a young Marine murdered (Jack's great in this one, guys, go check out the bargain matinee). Now, I'm not saying that all government agents are that sick and perverse in the zealous pursuit of their goals, but I acknolwedge that such people can and probably do exist and that if we remain divided and unguarded, we all live at their mercy. I figure the only things that keep us safe at night are pure luck and the few government dudes who let a few details slip into the hands of say, the few crypto-anarchists who can balance things out. A world of absolutes is not a fun world and it's not a safe world. Someone's gotta break the rules every once in a while or we all go down the tubes. Of course, I _personally_ would _never_ break any of the fine laws of our beloved nation, but I know deep in my heart (but not anywhere on my hard disks) that such brave people exist and that the effect of their less-than-legal efforts is the delicate equilibrium in which we continue to prosper and innovate. I have more to say in this, but it's almost dawn and I have to flitter back to my coffin. dave From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ghsvax!hal@uunet.UU.NET (Hal Finney) Date: Sat, 23 Jan 93 17:29:09 PST To: cypherpunks@toad.com Subject: Digital cash redux Message-ID: <9301240115.AA11642@nano.noname> MIME-Version: 1.0 Content-Type: text/plain Here is an excerpt from a description of one version of Chaum's digital cash, which I posted on Nov. 25: > There are lots of proposals for electronic cash in the literature, > mostly very complex. I think one of Chaum's simpler proposals would be > adequate for email "banking". This proposal, from the beginning of > his paper "Untraceable Electronic Cash" in Crypto 88(?), goes like > this: > > 1. Alice chooses a random x and r, and supplies the bank with > B=r^3*f(x) mod n, where f is a one-way function (like MD5), and n is > the modulus for the bank's public key. > > 2. The bank takes the third root of B (e.g. via an RSA decryption) and > sends it back to Alice: D = r * f(x)^(1/3), and withdraws one dollar from > her account. > > 3. Alice extracts C = f(x)^(1/3) by dividing D by r. (Note that > division can be done mod n without knowing the factors of n, but it's > rather complicated.) > > 4. To pay Bob one dollar, Alice gives him (x, C). > > 5. Bob can verify that C = f(x)^(1/3), but he still has to send (x, C) > to the bank in order to make sure that x hasn't been used before. > Otherwise Alice could spend (x, C) twice. The bank increases Bob's > account by one dollar. > > This scheme is pretty simple and provides untraceability - the bank > saw B and D but not C, so although it can verify that (x, C) is legit, > it can't correlate that with Alice's withdrawal. > > The main disadvantage of this approach is that Bob has to send (x, C) > to the bank right away (or at least before sending Alice anything in > return for her cash) to verify that the cash hasn't been used before. > But in email, where turnarounds of a day or more aren't unusual, this > should be tolerable. > > Alice and Bob could be pseudonyms, using anonymous addresses to > communicate with each other and with the bank. > > Different denominations of cash could correspond to different > exponents than "3" in the example above. (That is, $1 would use > C=f(x)^(1/3), $2 would use C=f(x)^(1/5), $4 would use C=f(x)^(1/7), > and so on.) > > Technically, this would be quite easy to implement, using the code in > PGP for the arithmetic, and MD5 for the one-way function. We'd need > to define a few message formats. The RFC1113 ascii encoding from PGP > could be used as well. > > The "social" problems are more challenging, it seems to me. What is > the backing for this electronic money? Why do people care what their > bank balances are? Is this stuff really worth anything? > > One possibility is to base digital cash on real money. People would > open a pseudonymous account via email, then postal-mail dollars to the > bank, enclosing their account number so the bank would know whom to > credit with the deposit. Later, if someone wanted to withdraw "real > money" from their account they would have to give a real postal > address where it could be mailed. Now the electronic money is worth > real dollars. Even if people didn't deposit or withdraw very often, > it still has value because of the backing. > > Unfortunately, this approach would currently be illegal (at least, > unless you actually were a real bank!). If there were some way the > bank itself could be anonymous, it might survive, but I don't see how > to mail it money while keeping the anonymity. Still, we could > consider experimenting with this on a small scale with accounts of no > more than a few dollars. As long as it was clearly an experiment I > doubt that any prosecutions would result even if it attracted > government attention, because the expense involved in court costs > would be so disproportionate to the few dollars involved in this > technically illegal act. > > Another approach would be not to try backing the digital cash at all, > or rather backing it implicitly by the determination of various people > to accept it and perform services or supply goods in return for it. > Tim's offer to Xerox papers in return for digital cash would be one > example. Perhaps others could provide some other services. It would > be great if some shareware author would accept digital cash as a > symbol of support for crypto anonymity. > > One problem that I see with this approach is how you determine the > size of the money supply. Or, in other words, how does new digital > cash get started circulating? How do people get new accounts, and how > much money is in them? > > If these problems can be solved, a big advantage of this approach is > that the banker can be anonymous. He would be known only by his > anonymous address and his public key(s). This would provide some > safety in the event that even a small-scale experiment like this > was targetted for a crackdown. > > Another issue is the prospect of multiple "banks", each issuing their > own (incompatible) cash. How would they compete? Perhaps in terms of > rapid turnaround? Some might choose to be anonymous, others would go > public. The latter would have the advantage that people might trust > them more, but OTOH there is more chance of your bank account > disappearing after a crackdown for a public bank than an anonymous > one. > > Lots to think about here! > > Hal > 74076.1041@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ld231782@longs.lance.colostate.edu Date: Sat, 23 Jan 93 16:24:21 PST To: pfarrell@cs.gmu.edu (Pat Farrell) Subject: Re: public privacy, NSA resources In-Reply-To: <9301230140.AA12628@cs.gmu.edu> Message-ID: <9301240022.AA21591@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain >Another aside. The NCSC is essentially a front for the NSA. >NCSC exists but has no more than two employees, one is the >secretary to an NSA official. Extremely interesting. What does NCSC stand for? I am doubtful of the 40,000 figure even with contract employees. That's a small army. What the hell could keep that many people busy? (shudder) Do you know much about MITRE? It has a high net profile and I was wondering if it is a cover for something else too. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jim@tadpole.com (Jim Thompson) Date: Sat, 23 Jan 93 16:53:57 PST To: pfarrell@cs.gmu.edu Subject: Re: public privacy, NSA resources Message-ID: <9301240052.AA18559@tadpole.tadpole.com> MIME-Version: 1.0 Content-Type: text/plain > >Another aside. The NCSC is essentially a front for the NSA. > >NCSC exists but has no more than two employees, one is the > >secretary to an NSA official. > > Extremely interesting. What does NCSC stand for? tadpole 11 whois -h nic.ddn.mil ncsc.mil. National Computer Security Center (NCSC-DOM1) 9800 Savage Road Fort George G. Meade, MD 20755-6000 Fort Meade *is* the main NSA campus. docmaster.arpa (nee: docmaster.ncsc.mil) is one of the infamous Internet spook hangouts. :-) > I am doubtful of the 40,000 figure even with contract employees. That's > a small army. What the hell could keep that many people busy? (shudder) You should take a look at the campus sometime, its big. Lots of big-sheilded buildings. Lots of big satellite antennas. I have no trouble accepting the 40k figure, it is, after all a bureaucracy. Jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Sat, 23 Jan 93 21:23:07 PST To: Cypherpunks Subject: Re. PGP on BBS Message-ID: <930124051435_74076.1041_DHJ67-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain One thing I didn't follow about this was the supposed need to put the private key onto the BBS in order to send encrypted mail. This is not necessary. The private key is only used for signing messages. For privacy purposes in many cases encryption is sufficient. PGP could be run on the BBS to do encryption. Of course, the local sysop could see your message as you compose it or upload it to the BBS, but if you're then sending it through a BBS network it can travel privately. Hal 74076.1041@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phiber Optik Date: Sat, 23 Jan 93 21:55:16 PST To: cypherpunks@toad.com Subject: This list... Message-ID: <199301240554.AA16927@eff.org> MIME-Version: 1.0 Content-Type: text/plain I'm not one to overlook the obvious. Is it desireable that any Tom, Dick, or Harry can telnet to toad's SMTP port, and use the sendmail expand command to list everyone on this mailing list? I'm sure less net-savvy users on this list are unaware, and it should be said. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Sat, 23 Jan 93 22:58:53 PST To: david.brooks@cutting.hou.tx.us (David Brooks) Subject: Re: PGP on BBS In-Reply-To: <10497.143.uupcb@cutting.hou.tx.us> Message-ID: <9301240657.AA14069@m16-034-15.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain What you are all talking about here is a solved problem. Many such network protocols exist. SLIP is probably the best example. If you use SLIP to connect to the BBS instead of a dumb terminal connection, you get a real network link which supports multiple connections to multiple destinations. And free SLIP implementations exist. The author of one of the most popular is on this list, in fact. Of course, this requires that your "terminal" be somewhat intelligent, but even a lowly 8088 PC running DOS can run SLIP. If you do this, all you need is a BBS which supports network services, instead of the current menu-based sort of systems we have now. If you want to encrypt, you do so locally. In fact, you'd probably do almost everything locally. Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Sun, 24 Jan 93 12:25:25 PST To: ld231782@longs.lance.colostate.edu Subject: Re: public privacy, NSA resources In-Reply-To: <9301240022.AA21591@longs.lance.colostate.edu> Message-ID: <9301242022.AA12398@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain someone with a long net address, included in the "To:" field, writes: (quoting someone else) > >Another aside. The NCSC is essentially a front for the NSA. > >NCSC exists but has no more than two employees, one is the > >secretary to an NSA official. > > Extremely interesting. What does NCSC stand for? National Computer Security Center. Send a letter requesting to be added to the distribution list of the "Orange Book"-related materials (frequent updates to a set of guidelines on computer security protocols, the most famous being one with an orange cover, hence the name), and you will start receiving a lot of stuff from them. The address: The INFOSEC Awareness Office can be reached at: Department of Defense National Security Agency ATTN: S332 9800 Savage Road Ft. George Meade, MD 20755-6000 or phone 301-766-8729 (these are the numbers I used a couple of years ago...your mileage may vary.) > I am doubtful of the 40,000 figure even with contract employees. That's > a small army. What the hell could keep that many people busy? (shudder) NSA occupies two very large office buildings, including the longest corridor in the world (a mile, if I recall correctly, but my copy of "The Puzzle Palace" is not handy). I went and took a look, and can confirm the parking lot is _huge_. The 40,000 figure may or may not be accurate, as the NSA won't say. Some say the employment is closer to 100,000. Certainly it is much higher than that of the CIA. Bear in mind that they are the nation's primary SIGINT facility, operating the various listening posts in conjunction with military personnel (via Army Security Agency, Naval Security Group, Air Forc, etc.). As always, read James Bamford's "The Puzzle Palace," which gets referred to a lot on this list. > Do you know much about MITRE? It has a high net profile and I was > wondering if it is a cover for something else too. MITRE, derived from "MIT REsearch," is one of several defense-oriented think tanks, the others being RAND Corporation ("R & D," not Ayn Rand!), Institute for Defense Analysis (IDA), etc. The Communications Research Division of IDA, located at Princeton, was formed in 1956 to help the NSA. Lots of famous mathematicians, including Barkley Rosser, Andrew Gleason, and others. This shadowy world of defense think tanks is a subject unto itself. -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: waiting for the dust to settle. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pfarrell@cs.gmu.edu (Pat Farrell) Date: Sun, 24 Jan 93 10:00:14 PST To: david.brooks@cutting.hou.tx.us Subject: NUpop is the answer was Re: PGP on BBS Message-ID: <9301241756.AA14778@cs.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain I don't know if the sources are available, NorthWestern's NUpop is the key to making PGP acceptable to masses of not-very-computer-literate users. Ask archie for nupop103.zip NUpop is a PC (MS-DOS) program that uses the PC as a computer. It uses SMTP to send mail and receives mail via POP. It works on networks and thru dialup. It works with SLIP and more simply over a reliable ASCII connection. It is a great program. CUA, mouse, folders, auto sigs, etc. All it needs is to have a "encryption outgoing" flag in its "group" (alias) directory, and pump the message thru PGP in filter mode. On receipt, find the PGP headers, push thru the filter, and show the clear text. I haven't looked for either the PGP or NUpop sources, but I'd expect this to be a near trivial hack. It may even be already done. NUpop (and its Mac equivalent Eudora) are the right way to get users on the net. Using a PC as a VT100 to login to a full blown Unix system, using vi to edit mail, etc. is near criminal. NUpop makes it easy enuff for econ profs. (Seriously, I set up NUpop for an econ prof here last weekend. He loves it. He is definitely not a Unix wizard.) If NUpop source is not available, then we'll have to reverse engineer something similar. I've learned how NUpop does the communications, and it is straight-forward (also in the RFCs if you care to look) I thought about doing a Windows-only program, but wonder if we really have to support diehard DOS users on ATs and less. I've been meaning to ask about source availablity. I'll do so now, and probably have an answer tomorrow. Pat Farrell, Grad Student pfarrell@cs.gmu.edu Department of Computer Science, George Mason University, Fairfax, VA PGP key available via finger or request #include standard.disclaimer Write PKP. Offer money for a personal use license for RSA. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pfarrell@cs.gmu.edu (Pat Farrell) Date: Sun, 24 Jan 93 11:40:23 PST To: marc@MIT.EDU Subject: Rational PC mail , was Re: PGP on BBS Message-ID: <9301241935.AA14956@cs.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain Marc@mit.edu writes: > >What you are all talking about here is a solved problem. Many such >network protocols exist. SLIP is probably the best example. If you >use SLIP to connect to the BBS instead of a dumb terminal connection, >you get a real network link which supports multiple connections to >multiple destinations. And free SLIP implementations exist. The >author of one of the most popular is on this list, in fact. It is a solved problem. It doesn't even require SLIP. I spent lots of hours over the past year trying to get SLIP to work with the GMU computers. it is officially "not supported" With NUpop and Eudora, SLIP is optional. The NUpop docs say that SLIP slows down the transfer, and recommends simple ASCII async connection using a reliable modem (MNP or V42/V.42bis) >Of course, this requires that your "terminal" be somewhat intelligent, >but even a lowly 8088 PC running DOS can run SLIP. > >If you do this, all you need is a BBS which supports network services, >instead of the current menu-based sort of systems we have now. If you >want to encrypt, you do so locally. In fact, you'd probably do almost >everything locally. Using a computer as a computer is clearly the way to go. There are a number of low-cost or free Unix providers, I expect that they do, or can be talked into supporting POP. I expect that current terminal/menu based BBSes will disapear once folks realize how much better easier, faster, and all around better programs that use computers as computers work. Pat Pat Farrell, Grad Student pfarrell@cs.gmu.edu Department of Computer Science, George Mason University, Fairfax, VA PGP key available via finger or request #include standard.disclaimer From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Matt Willis Date: Sun, 24 Jan 93 13:32:05 PST To: cypherpunks@toad.com Subject: Neuvo-Crypto Message-ID: <01GTWJC6AX9S0000HM@stetson.bitnet> MIME-Version: 1.0 Content-Type: text/plain I'm researching fractals here at glorious Stetson University and it crossed my mind that there are possibilities in the combination of fractals with current encryption standards... for instance, using a piece of the mandelbrot set as a key or a Julia set with a standard center and radius, thereby reducing a key to a sort of x,y,z,F() coordinate... And if you and a friend established a standard equation... that would make it a sort of three-key system. On a simpler level, couldn't the RSA method be converted to use the Complex number system... (which is the base of fractal mathematics) Anyone follow? +-------Matt-Willis--------------------------------+ | Matt Willis ASTMWILL@STETSON.BITNET | elsewhere: | Matt Willis Head of the Underground | mwill@mindvox.phantom.com | Matt Willis Robotech PBM List | +-------Matt-Willis--------------------------------+ "Absolutely alone in awareness of the mechanism." -Agrippa by WG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Chael Hall) Date: Sun, 24 Jan 93 19:12:03 PST To: pfarrell@cs.gmu.edu (Pat Farrell) Subject: Re: Rational PC mail , was Re: PGP on BBS In-Reply-To: <9301241935.AA14956@cs.gmu.edu> Message-ID: <9301250307.AA18287@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain >Using a computer as a computer is clearly the way to go. There >are a number of low-cost or free Unix providers, I expect that >they do, or can be talked into supporting POP. I agree that it's the best way to go, but as you will see below it's not (IMHO) what's best for everyone. >I expect that current terminal/menu based BBSes will disapear >once folks realize how much better easier, faster, and all >around better programs that use computers as computers work. I think a wide variety of services need to be provided in order to allow each person to use computer systems in their own way. For example, the following are all popular types of systems that each have a large following: CompuServe, Prodigy, GEnie, etc. Bulletin Board Systems (dial-up, non-Internet related) VMS UNIX If BBSes were eliminated in the long run, many users would have to learn the more difficult UNIX or resort to CI$ et al or VMS. I personally use BBSes, UNIX, and VMS (in no particular order) and enjoy each for its special abilities. BBSes are a totally different environment than UNIX, thus I think they will stick around for quite a while. They allow the sysadm to provide much more personality and creativity than UNIX with very little knowledge of the underlying operating system by comparison. Chael Hall -- Chael Hall nowhere@bsu-cs.bsu.edu, 00CCHALL@LEO.BSUVC.BSU.EDU, CHALL@CLSV.Charon.BSU.Edu (317) 285-3648 after 4 pm EST From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phiber Optik Date: Sun, 24 Jan 93 20:33:57 PST To: cypherpunks@toad.com Subject: e-mail... Message-ID: <199301250432.AA07927@sun.Panix.Com> MIME-Version: 1.0 Content-Type: text/plain To the genius (Matthew Sean Pardo, mpaf1216@pelham.med.unc.edu), who thought he was being clever by sending what he thought was "anonymous" mail to me (by telnetting to port 25), you missed my point. There's no need for the EXPN command to be used remotely. I can only suggest that John Gilmore disable it at toad, though it probably doesn't matter anymore. If anonymity and privacy are as key as people are making them out to be on this list, I find it ironic that privacy is lacking on such a simple level. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Sun, 24 Jan 93 21:12:41 PST To: cypherpunks@toad.com Subject: signature trades Message-ID: <9301250511.AA09784@deathtongue.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain I'm going to be in New York City on Wednesday, January 27. I'll be available in the evening if people want to get together somewhere and trade signatures face-to-face. I know some people on this list are in that area. Email me personally; I'll coordinate and send mail to everyone who expresses an interest. If you have a good idea for a place to meet, please make a suggestion, since I don't know all that many places to meet. Marc PGP key in case you want to encrypt: -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.1 mQBNAirbf1kAAAEB/jCF0mjoZe7YYWpSxOJFlfr6F+39KvuL0k5DptL4A0C95Pqh dpkbGbD3kolxy469SyQiB6Xlx2V5zIvlrIy0uVEABRG0HE1hcmMgSG9yb3dpdHog PG1hcmNAbWl0LmVkdT6JAI0CBRArV5t3QvCl/Jcp1JsBAW75A79O9ZXpSCIAlk/V bVmdFJ2uXBpmJj1KdP8FInk+6zTwFSVjphtZ8WCGo0U8UPP509zeOpk9Pd+0FVv0 9j9vnJcFjCrXJq4rbxCimFpqpXZaMsF4AQ0ry6wi7MdhOZXrkTTEsKRo1MPhAQg6 yUFb95nKrl1Ub5STZ7OJAJUCBRArV5thVN1fojxmJGcBAZKzA/9gobjB0g2ECwhO wZweiGu0oivh2u++njPW5VgLtHgqLU4blTew1YdOgIe053pifdEblTBnXPri8vDs 0GBoPjXNlhPz/l/JZvhaPYnAPpJ2Q3sE8La4pcs1o5UTlKmOE8rtu8fIMB6Lz5gC v6jo0KhRQpcGepkJGEk8gdKzdmVY2okAVQIFECsztFcfWxp2jm/yjQEBDwoCAINK AcYmW1lm4F5T/pegjD+CZHyrlGDwDGRKOMMbLhBuZbxbBlQsFGO5bcviiJSMyLIE UUQcbDUC+uKU6zpIEhSJAJYCBRArKWOyr3CNl7EvuMEBAeaWBAICCWysNgLatvry zPnAxZICFQP4Qwm8JuP5x/uguyqDEnpnD6g+iZEV6NKsL8Z09XAec2/8KAg7yKYu it8oQe8/yMJH26Iv1BLCjXN6kgFkeCt3usezBH22/yBQ6vsU9KMIRCfx30XD9MpV jUle75y3B8IN0vEQVPGQSs7KBJKeowKJAJUCBRArFJoTpsOAT/N2gT0BAQrYA/0c BKMxFlvQMacpPR2/O7ZNlJhRoTp8q3mQNl5fW2+gY6uOEfR3Q5OmgR/HQOQmx01+ PmmqrCpeDYE4hNZN+KnHw8OQlTwe7RCtNisl+0HcSxweprbSJgVEUAWMCLwkg3bF 2NP9kXO+btZBFXtaF2FFHu7Sd11Ud4qllY6eix95TIkAdQIFECruHvx1Eb4Sc5bT twEBTXsC/i3l36A4j5OwBsTUBOcRCCZaGtwOMVR/Gf1LKkzbDQK4MMbKWeNCeDrr p9WMad2sPzgn3qb1xPxW2TJs7KPzaKY/44NJNRTaUedNTok1/g+JECl8kO5hlcxF 5GBIpasyc4kAlQIFECsMey1cv+w5Zs6JtwEB+VAD/ReV12oKmYPDGoYdmi18EZ6E bBF67LlQYVzeTAj1gX+QZOI8cqsHeiKTpY2UUSaTVtmXD8bzKW7RQrlK4eT5YPBS 9UF4czyhYh3ZVcVQzjDRLP29x0+yUX7o0l9VhMO9JMNaTlsfuwZoNY6gabHN7bMu JdyB9JC41CU82xw2zAGEiQBVAgUQKwx5YQeIzKyfnzi7AQH2cwH/cpWg2vHeJJL4 ZzFDg/+3ijvxjHDQCmvF9F2SjEX9IVAeBAy+AShkcD+adce0nLxdKCYBWYPb0xtZ iI3PFgDPa4kAlQIFECsKculuC7y+W0FWIQEBAU0D/0uhXjhGgHP0P3Bjq8onmN7H goLQHjZML0kzinLzGsa7tWJzNafEDnEsxZX1XrTeV6JEsf31T7EN09vSHtcJEjSy IyTHIWnXqgTnvoBmBQNSzEIDF1XVUdTa95SG8HU0os98exo64hutBCP8yVihe/1J PpGBtEMQWuh1UbAP1iWxiQBuAgUQKtxRRDh0K1zBsGrxAQE2UwLFF7GJeCwfBJg4 ILXqll0zRmLnBIx42RG5fJwHs5m/uZt8qp7qYXK0D6pqgtypFJavdfVGbC+A4Dhh Vw7WKjSQRuXrvhd5Yje+qal6aEpTOD+zDaOZxccTosmJAFUCBRAq24DnVQVm+k0M TuEBAflaAf9M33fLLs1VFZLjDAZWQzkFMl5toykd32uRQBW55REMIRWO1A+mQBmn IcOHC7RL9wdWwmKGkC0YxFGnCRRdSZi0iQBVAgUQKtuCsMyL5ayMtLlRAQF8nAH9 GVgelMbV7O1oUqop644DSoeoGHgWU2koqshXLta/55dx43Lw9o1PVY90Oap+oCVs Ys0xE5TlSQOc4GGJP/HtoQ== =37CN -----END PGP PUBLIC KEY BLOCK----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: avalon@coombs.anu.edu.au (Darren Reed) Date: Sun, 24 Jan 93 16:08:48 PST To: cypherpunks@toad.com Subject: no subject (file transmission) (fwd) Message-ID: <9301250007.AA00793@coombs.anu.edu.au> MIME-Version: 1.0 Content-Type: text/plain CFP'93 The Third Conference on Computers, Freedom and Privacy 9-12 March 1993 San Francisco Airport Marriott Hotel, Burlingame, CA The CFP'93 will assemble experts, advocates and interested people from a broad spectrum of disciplines and backgrounds in a balanced public forum to address the impact of computer and telecommunications technologies on freedom and privacy in society. Participants will include people from the fields of computer science, law, business, research, information, library science, health, public policy, government, law enforcement, public advocacy and many others. Some of the topics in the wide-ranging CFP'93 program will include: ELECTRONIC DEMOCRACY - looking at how computers and networks are changing democratic institutions and processes. ELECTRONIC VOTING - addressing the security, reliability, practicality and legality of automated vote tallying systems and their increasing use. CENSORSHIP AND FREE SPEECH ON THE NET - discussing the problems of maintaining freedom of electronic speech across communities and cultures. PORTRAIT OF THE ARTIST ON THE NET - probing the problems and potential of new forms of artistic expression enabled by computers and networks. DIGITAL TELEPHONY AND CRYPTOGRAPHY - debating the ability of technology to protect the privacy of personal communications versus the needs of law enforcement and government agencies to tap in. HEALTH RECORDS AND CONFIDENTIALITY - examining the threats to the privacy of medical records as health care reform moves towards increasing automation. THE MANY FACES OF PRIVACY - evaluating the benefits and costs of the use of personal information by business and government. THE DIGITAL INDIVIDUAL - exploring the increasing capabilities of technology to track and profile us. GENDER ISSUES IN COMPUTING AND TELECOMMUNICATIONS - reviewing the issues surrounding gender and online interaction. THE HAND THAT WIELDS THE GAVEL - a moot court dealing with legal liability, responsibility, security and ethics of computer and network use. THE POWER, POLITICS AND PROMISE OF INTERNETWORKING - covering the development of networking infrastructures, domestically and worldwide. INTERNATIONAL DATA FLOW - analyzing the issues in the flow of information over the global matrix of computer networks and attempts to regulate it. The conference will also offer a number of in-depth tutorials on subjects including: * Information use in the private sector * Constitutional law and civil liberties * Investigating telecom fraud * Practical data inferencing * Privacy in the public and private workplace * Legal issues for sysops * Access to government information * Navigating the Internet INFORMATION For more information on the CFP'93 program and advance registration call, write or email to: CFP'93 INFORMATION 2210 SIXTH STREET BERKELEY, CA 94710 (510) 845-1350 cfp93@well.sf.ca.us A complete electronic version of the conference brochure with more detailed descriptions of the sessions, tutorials, and registration information is also available via anonymous ftp from sail.stanford.edu in the file: /pub/les/cfp-93 or from sunnyside.com in the file: /cfp93/cfp93-brochure or via email from listserv@sunnyside.com by sending email with this text: GET CFP93 CFP93-BROCHURE From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mjr@netcom.com (Matthew Rapaport) Date: Mon, 25 Jan 93 12:34:55 PST To: cypherpunks@toad.com Subject: Coupled programs and security by obfuscation Message-ID: <9301252034.AA21595@netcom2.netcom.com> MIME-Version: 1.0 Content-Type: text/plain **** Pat Farrel writes >I expect that current terminal/menu based BBSes will disapear >once folks realize how much better easier, faster, and all >around better programs that use computers as computers work. I hope not... At least not until the BBS operators and writers agree on some standardized API so people like me and other third parties can write PC based interfaces in a language of our choice. The problem with current "coupled systems" (for example the Coconet BBS software) is that they all rely on proprietary interface programs on the PC. If I communicate with 10 BBS systems (large or small), I must have 10 different communications programs... No thanks... Also keep in mind that much of the value of these systems comes from their availability to the widest possible audience. There are people in many parts of the world who still have nothing better then 1970's style glass tty's and even paper-output type terminals! ****** Back on the issue of privacy and anonymity, I don't understand the lure of all these schemes for hiding mail paths, etc. If encrypted messages pass through one aliaser, and get decrypted (and aliased again) on another machine, you are protected. The machine that knows who you are can't read your material, and the machine that can read you doesn't know who you are. Any further obfuscation adds little (IMHO) to your security. Revelation of your identity (in either case) depends on collusion between system administrators on the different hosts. True this might be even less likely where 3 or more hosts are involved, but how much less so? If some agency is powerful enough to force two systems in different parts of the world (and the net) to reveal what they know about you, the chances are they can force three or four, etc. matthew rapaport Philosopher/Programmer At Large KD6KVH mjr@netcom.com 70371.255@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: edgar@spectrx.Saigon.COM (Edgar W. Swank) Date: Mon, 25 Jan 93 14:58:27 PST To: Cypherpunks Subject: Re: public servant privacy Message-ID: MIME-Version: 1.0 Content-Type: text/plain My friend Dave del Torto said recently: Tim May notes (appropriately) that: >>Strong crypto means even Ollie North can fully protect his >>records. Yes, but shouldn't he be _required_ to "open" his files if he is under criminal investigation just like a drug-dealer who's required to open the locked trunk of his car? Actually, the drug dealer is *not* required to open his locked car trunk. But he might as well, otherwise the police (with search warrent) will force it open, probably causing some damage which they will not pay to repair. There doesn't seem to be any practical way to "force open" a (strongly) encrypted message without the key. Failure to produce the key when ordered might be an excuse for firing a govt. employee, but it can't be the basis for a criminal prosecution (5th Amendment). "Murdering Thug" further commented: Well, there are really two conflicting issues here: 1) The Fifth Amendment - the right not to testify against yourself, hence the Miranda warning when you're arrested. You can claim that being forced to decrypt your hard disk by the cops violates your Fifth Amendment rights, and refuse to decrypt it. 2) Obstruction of Justice - by not handing over the key to your hard disk, you may be obstructing an investigation. By not decrypting your hard disk under court order, you maybe be held in contempt of court. Number 2 may work for law enforcement if they are investigation a third party and ask to see your hard disk in order to help their investigation. A good example is an Internet site that is being used as a telnet launch-pad by some hacker. If that site refuses to cooperate and keeps their files encrypted, the police/court may charge you with obstruction of justice or contempt of court. HOWEVER, if you feel that by decrypting these files, you would be providing testimony/evidence against yourself, you can plead the 5th, and tell them to go screw themselves. Pleading the 5th will fail if you are offered *immunity* from prosecution for anything you reveal (as Ollie North was, recall, for his testimony before Congress). If you still don't want to testify (to avoid providing damaging evidence against your friends, for example) your next line of defense is "I forget". Very hard for the prosecutor to prove beyond reasonable doubt that you really remember that secret key. -- edgar@spectrx.saigon.com (Edgar W. Swank) SPECTROX SYSTEMS +1.408.252.1005 Silicon Valley, Ca From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pmetzger@shearson.com (Perry E. Metzger) Date: Mon, 25 Jan 93 12:20:09 PST To: phiber@eff.org Subject: This list... In-Reply-To: <199301240554.AA16927@eff.org> Message-ID: <9301251834.AA07145@maggie.shearson.com> MIME-Version: 1.0 Content-Type: text/plain >From: Phiber Optik >I'm not one to overlook the obvious. Is it desireable that any Tom, Dick, or >Harry can telnet to toad's SMTP port, and use the sendmail expand command to >list everyone on this mailing list? Welcome to TCP/IP. You've told us what most of us already know. (By the way, its the SMTP EXPN command, not the "sendmail" one, as sendmail is just one MTA -- there are many other implementations). The whole point of this list is to develop techniques to ensure privacy -- most of us understand that there isn't much right now. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ld231782@longs.lance.colostate.edu Date: Mon, 25 Jan 93 13:20:00 PST To: cypherpunks@toad.com Subject: anonymous server compilation? Message-ID: <9301252119.AA27366@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain Hello. To my knowledge no public listing of known anonymous servers has been compiled. I'd like to start one. This could possibly turn into a FAQ if response is good. I will put in this newbie-type introductory information at the end of this document for review. Please help me improve this by sending constructive/informative feedback, esp. sections flagged with (?). This all is very weak right now but with your help it could become very thorough and valuable. pax.tpa.com.au -------------- The most sophisticated anonymous posting system to my knowledge. Uses public key encryption for traffic in both ways (to/from) the server. No anonymous remailing capabilities yet but dclunie@pax.tpa.com.au, the administrator, says he's considering it. Had a serious bug recently fixed that caused a reassignment of previously allocated anonymous addresses. Located in Australia. anon.post.g@pax.tpa.com.au for anonymous USENET posting where `g' is the group anon.info@pax.tpa.com.au for information anon.subscribe@pax.tpa.com.au to subscribe to the mailing list acs@n7kbt.rain.com ------------------ no info (?). given to me by dclunie@pax.tpa.com.au godiva.nectar.cs.cmu.ed ----------------------- operated by Karl_Kleinpaste@cs.cmu.edu. Mentioned by julf@penet.fi in an introductory information. This person has posted code to alt.sources that implements anonymous server capabilities. (?) anon.penet.fi ------------- operated by julf@penet.fi. Both anonymous posting and remailing capabilities. (?) hh@pmantis.berkeley.edu ----------------------- no info (?). given to me by tcmay@netcom.com Anonymity and Identity on the Internet ====================================== Generally, identity is amorphous and almost nonexistent on the Internet for a variety of reasons. One is the inherent fluidity of "cyberspace" where people emerge and submerge frequently, and absences are not readily noted in the "community". You currently do not really have any great assurance that the messages you get in mail and the messages you see on USENET are from the people they appear to be from, nor do others have of you. Be careful not to be led astray; gullibility is perhaps the greatest crime here, and skepticism the most useful virtue. Neither are there currently good assurances of privacy in your personal email, and cases where it has been compromised are not uncommon. New encryption technologies are slowly gaining acceptance and penetration into systems that make possible digital encryption and authentication that will make the systems more trustworthy. These can also protect your identity and privacy by offering anonymous posting and mailing capabilities. USENET USENET is a worldwide decentralized news distribution system, adhering to Internet standards described in RFC977 (?). MAIL The characters that you are reading are almost certainly encoded in ASCII, the American Standard Code for Information Interchange that maps alphabetic and symbolic characters onto numeric codes and vice versa. Virtually every computer system uses this code, and if not, has ways of converting to and from it. When you write a mail message, it is being sent in ASCII, and since the standard is virtually universal, there is no intrinsic privacy. Anyone with access to hardware involved in forwarding the message can theoretically read it. Internet mail standards, described in RFC (?), are still evolving rapidly and not entirely orderly. For example, standards for mail address `munging' or `parsing' tend to vary slightly between sites and frequently mean the difference between finding addresses and bouncing mail. New standards are calling for uniform introduction of "privacy enhanced mail" (PEM) which uses encryption technologies to ensure privacy. The current internet mailing protocol is slightly anachronistic in that it was created when the system was somewhat obscure and not widespread, with only a fraction of the traffic it now sees. Today about (?) of internet traffic is mail, comprising about (?) messages. (Source: (?)) A person's mailing address is far from an identification of an individual. First, anyone with access to the account, e.g. they know the password, either legitimately or otherwise, can send mail with that address in the From: line. Secondly, as part of current mailing protocol standards, forging the From: line is a fairly trivial operation for many hackers. Much less forgable is the status and path information prepended to messages by intermediate hosts. Note that bounced messages go to postmasters at a given site in their entirety. This means that if you address mail with an incorrect address it has a good chance of being seen by a human other than the recipient. Theoretically people at any site in the chain of sites that forwards a given mail message over the Internet (about a half-dozen (?) on average, depending on the distances) could potentially compromise the privacy of that message and read it. In practice, this appears to be rare or unheard of. Something more common is instances of immature and unscrupulous system operators reading private mail at a local site, such as a university. The requirements and screening for getting a system administration job (and access to *all* information on a system) vary widely between sites and are sometimes frighteningly lax. ANONYMOUS MAILING ----------------- Some people find it useful to send anonymous mail to others. Examples of this include (?). Here the distinction should be made between sort of "hit and run" mail, where the sender does not want to carry on any further communication, and anonymized mail, where the recipient can respond but has no idea of the sender or origination of a message. The servers listed above allow for the latter type of communication. The former type is now largely confined to hackers who find it convenient for scurrilous threats or whatever, but probably has legitimate uses as well (?). Another category is people who want to appear to have regular but not traceable appearances, i.e. the userid and site origination do not obviously flag their mail as anonymous. Unfortunately, no set of standards is in place to handle the procedures for anonymous posting. Typically the approach is to set up an "anonymous server" that, when activated by email to its address, responds by allocating and supplying an "anonymous ID" that is unique to the person requesting it (based on his email address). This will vary for the same person for different machine address email originations. To send anonymous mail, the user sends email directed to the server containing the final destination. The server "anonymizes" the message by stripping of identification information and forwards the message, which appears to originate from the anonymous server only from the corresponding anonymous user id. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Mon, 25 Jan 93 15:09:59 PST To: cypherpunks@toad.com Subject: Coupled programs In-Reply-To: <9301252034.AA21595@netcom2.netcom.com> Message-ID: <9301252308.AA11480@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Matthew Rapaport writes: >At least not until the BBS operators and writers agree >on some standardized API so people like me and other third parties >can write PC based interfaces in a language of our choice. This is exactly the goal. For example, zmodem has a widespread deployment and a public specification. What needs to happen for cryptography is the development of such protocols for key exchange, signatures, and other cryptographic entities. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Mon, 25 Jan 93 15:20:38 PST To: cypherpunks@toad.com Subject: security by obfuscation In-Reply-To: <9301252034.AA21595@netcom2.netcom.com> Message-ID: <9301252318.AA12294@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Matthew Rapaport writes: >[...] I don't understand the lure >of all these schemes for hiding mail paths, etc. The disambiguating question is "What is the capability of your opponent?" Some opponents have only access to their own machine as users, and some have access as root. Others have access to all traffic on the local network and can thus see all mail entering and leaving a system. Others, we might assume, have access to all traffic on any non-local network. The rule is the following. If it's cheap enough to defend against even the strongest opponent, deploy it. Cryptography, with its presumably exponential difference between the costs of defense (encryption) and offense (cryptanalysis), allows for economical solutions against even the largest of opponents. Cryptography is a greater leveler than the Colt .45 revolver. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peter honeyman Date: Mon, 25 Jan 93 12:43:13 PST To: pmetzger@shearson.com Subject: Re: This list... In-Reply-To: <9301251834.AA07145@maggie.shearson.com> Message-ID: <9301252043.AA20045@toad.com> MIME-Version: 1.0 Content-Type: text/plain > The whole point of this list is to develop techniques to ensure privacy -- > most of us understand that there isn't much right now. but but but ... sendmail already offers an easy way to hide the membership of a mailing list. why not use it? peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: John.Nieder@f33.n125.z1.FIDONET.ORG (John Nieder) Date: Mon, 25 Jan 93 22:53:33 PST To: cypherpunks@toad.com Subject: NSA STRENGTH Message-ID: <4625.2B64DAF7@fidogate.FIDONET.ORG> MIME-Version: 1.0 Content-Type: text/plain from: john.nieder@f33.n125.z1.fidonet.org >> I am doubtful of the 40,000 figure even with contract employees. That's >> a small army. What the hell could keep that many people busy? (shudder) >NSA occupies two very large office buildings, including the longest >corridor in the world (a mile, if I recall correctly, but my copy of >"The Puzzle Palace" is not handy). I went and took a look, and can >confirm the parking lot is _huge_. As is the case with a good many other gov't. agencies, one can be sure that all the crew are not 9-to-5ers showing up at one office. >The 40,000 figure may or may not be accurate, as the NSA won't say. >Some say the employment is closer to 100,000. Certainly it is much >higher than that of the CIA. It has been a good many years since I traveled in the lower strata of these circles, but it was my information that the NSA, at least at that time, had a manpower pool "hugely greater than the CIA's." It is my understanding that the NSA budget is highly classified - unavailable even to most members of Congress. >Bear in mind that they are the nation's >primary SIGINT facility... I believe you'll find that the NSA also is involved in SATINT & ELINT as well. Never Say Anythings are busy little bees. >operating the various listening posts in >conjunction with military personnel (via Army Security Agency, Naval >Security Group, Air Forc, etc.). It is my belief from personal experience that the NSA requests & receives operational assistance from those innocuous agencies in positions to gather information of use to the NSA in the course of their routine duties. >As always, read James Bamford's "The Puzzle Palace," which gets >referred to a lot on this list. I've tried to read this famous tome a couple of times, but have been unable to hack its turgid prose. Someday. perhaps... > Public Key: waiting for the dust to settle. Excuse me, Tim? JN -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.1 mQCNAitWeuoAAAEEAN2DcLjYiri8Th9HlUFfCxSyxt/FZLjIX121kWoGax9hb8wM QRTtjeN+FKHdkdzD8zr7P+GbExF0X5DhZp02O1te6/2fuHDESHYUsymQpyDqoJpH wd7xZ/VraYhEX6eQzbbS4k5jbdQLzzIdgD8URzAMXYmTkvLrXhAm8ppE4nk3AAUR tDFKb2huIE5pZWRlciA8am9obi5uaWVkZXJAZjMzLm4xMjUuejEuZmlkb25ldC5v cmc+ =237u -----END PGP PUBLIC KEY BLOCK----- ... Who has the USSR's BIOWAR contageous snakebite virus? --- Blue Wave/Opus v2.12 [NR] -- John Nieder - via FidoNet node 1:125/555 UUCP - ...!uunet!hoptoad!kumr!fidogate!33!John.Nieder INTERNET - John.Nieder@f33.n125.z1.FIDONET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: John.Nieder@f33.n125.z1.FIDONET.ORG (John Nieder) Date: Mon, 25 Jan 93 22:53:35 PST To: cypherpunks@toad.com Subject: 5th AMENDMENT & DECRYPTION Message-ID: <4627.2B64DAF9@fidogate.FIDONET.ORG> MIME-Version: 1.0 Content-Type: text/plain from: john.nieder@f33.n125.z1.fidonet.org > In a recent message, Murdering Thug said: > | The Fifth Ammendment is the tastiest one of all when it comes to > | encryption. By pleading the Fifth, you do not have to decrypt anything > | for the prosecution. The Fifth Ammendment gives you the right not to > | testify or provide evidence that would incriminate you. Providing a > | key to decrypt your hard disk would incriminate you, and you don't > | have to do it. I should like to see the body of case law on which this opinion is based, if any. . Recently this question came up in another forum on encryption & an "authority" on communications law claimed the probable scenario would be that the arresting agency would have the encrypted material decrypted by a competent government or academic agency & the costs of said decryption would eventually be recovered from the defendant through civil suits, presuming the defendant had sufficient assets. It is my memory of the thread that he claimed this had been done in previous cases. JN ... Gun control: It ain't about guns, it's about *control*. --- Blue Wave/Opus v2.12 [NR] -- John Nieder - via FidoNet node 1:125/555 UUCP - ...!uunet!hoptoad!kumr!fidogate!33!John.Nieder INTERNET - John.Nieder@f33.n125.z1.FIDONET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: The Phantom Date: Mon, 25 Jan 93 16:41:42 PST To: cypherpunks@toad.com Subject: New Anonymous Remailer site avail. Message-ID: MIME-Version: 1.0 Content-Type: text/plain After the forcing down of the penet site, with the help of Hal Finney I've set up a remailer located at phantom@mead.u.washington.edu. Mail is not cc'ed or kept track of, unless I start getting complaints about abuse, which I will investigate. PGP public key available via finger at phantom@mead.u.washington.edu. I'm pretty sure if all of the encryption bugs are worked out, but I would much appreciate someone helping me out on this; If you do send a message through it and have problems, let me know. Aw, heck, here's the public key - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.1 mQCNAitcsHIAAAEEAPZ3Ex1rEwKLeANRoaRyTA72htDFGiGPmWkowByZyUtRkTRp Vs/WdhgoJ1VLz76Chyb63I+ejpekeJfOud98gMh2HtVoTjNGYAawpCKo15tFyzYn BFYVy0NjroyxwM6YnPCsYfYMpvyjEa5mfgrlyzvYBBeTDRD89vYoe7Eue0fDAAUR tDJBbm9ueW1vdXMgUmVtYWlsZXIgPHBoYW50b21AbWVhZC51Lndhc2hpbmd0b24u ZWR1PokAlQIFECtcqWpkhnxaNc7AOQEBZ+8EAIOOvsFf/niUrWw0BRvPhSEmtzrA kQJt3q7kPXutjj3IsJ1/oR8oGhv4iPQ5BmNvvd5dnsbbCqOurhaftVgzlSpyQcYi VryeNVvpdeX1+VTS7N+lAHVAlqnimoaEtUUIftDoDIjNNKRDi+nU4GbbL+1MqveC 1LKQMIi1WPjr6Wpw =1XNo -----END PGP PUBLIC KEY BLOCK----- Matt Matt Thomlinson University of Washington, Seattle, Washington. Internet: phantom@u.washington.edu phone: (206) 528-5732 PGP 2.0 key availaible via email or finger phantom@hardy.u.washington.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pmetzger@shearson.com (Perry E. Metzger) Date: Mon, 25 Jan 93 14:17:36 PST To: honey@put-in-bay.citi.umich.edu Subject: This list... In-Reply-To: <9301252040.AA26396@uu5.psi.com> Message-ID: <9301252142.AA12706@maggie.shearson.com> MIME-Version: 1.0 Content-Type: text/plain >From: peter honeyman >> The whole point of this list is to develop techniques to ensure privacy -- >> most of us understand that there isn't much right now. >but but but ... sendmail already offers an easy way to hide the membership >of a mailing list. why not use it? Prehaps that would be of value, but its best not to think of it as worth too much. After all, the bad guys can likely just subscribe to the list, and they could always just eavesdrop on the outgoing mail. Fixing this "hole" is o.k. so long as no one believes that it has actually added to security in any substantial way. Its best that no false sense of security be engendered. Everyone should know and understand that the structures as they exist are almost completely insecure. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: The Phantom Date: Mon, 25 Jan 93 17:27:22 PST To: Peter Honeyman Subject: Re: New Anonymous Remailer site avail. In-Reply-To: <9301260103.AA00955@bashful.u.washington.edu> Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Mon, 25 Jan 1993, Peter Honeyman wrote: > > After the forcing down of the penet site ... > > you mean pax, not penet, right? > > peter Yes -- sorry. Matt Thomlinson University of Washington, Seattle, Washington. Internet: phantom@u.washington.edu phone: (206) 528-5732 PGP 2.0 key availaible via email or finger phantom@hardy.u.washington.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Honeyman Date: Mon, 25 Jan 93 16:54:56 PST To: pmetzger@shearson.com Subject: Re: This list... Message-ID: <9301260054.AA23403@toad.com> MIME-Version: 1.0 Content-Type: text/plain eavesdropping on the list would not reveal lurkers. peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Honeyman Date: Mon, 25 Jan 93 16:58:57 PST To: edgar@spectrx.Saigon.COM Subject: Re: public servant privacy Message-ID: <9301260058.AA23462@toad.com> MIME-Version: 1.0 Content-Type: text/plain i believe there is a special exception related to automobiles that makes them subject to search without a warrant when the driver is placed under arrest. but check with a lawyer. peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Honeyman Date: Mon, 25 Jan 93 17:01:57 PST To: dclunie@pax.tpa.com.au Subject: Re: anonymous server compilation? Message-ID: <9301260101.AA23509@toad.com> MIME-Version: 1.0 Content-Type: text/plain > Unfortunately, the anonymous sytem at pax has been closed, as the local > network in Australia was considered unsuitable for this kind of thing, > partly due to the narrow bandwidth of the link to the US, and partly because > of the prevailing attitude at the US end that anonymous mail is generally > a bad thing. i thought the latter theory was debunked -- ? peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Honeyman Date: Mon, 25 Jan 93 17:03:57 PST To: phantom@u.washington.edu Subject: Re: New Anonymous Remailer site avail. Message-ID: <9301260103.AA23559@toad.com> MIME-Version: 1.0 Content-Type: text/plain > After the forcing down of the penet site ... you mean pax, not penet, right? peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Al Billings Date: Mon, 25 Jan 93 23:34:45 PST To: ld231782@longs.lance.colostate.edu Subject: Re: anonymous server compilation? In-Reply-To: <9301252119.AA27366@longs.lance.colostate.edu> Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Mon, 25 Jan 1993 ld231782@longs.lance.colostate.edu wrote: > > pax.tpa.com.au > -------------- > The most sophisticated anonymous posting system to my knowledge. Uses > public key encryption for traffic in both ways (to/from) the server. > No anonymous remailing capabilities yet but dclunie@pax.tpa.com.au, the > administrator, says he's considering it. Had a serious bug recently > fixed that caused a reassignment of previously allocated anonymous > addresses. Located in Australia. This is down and gone. They had problems with the net. I asked earlier if anyone had copies of the code used to run it (as I liked their set-up) but I received no replies. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Tue, 26 Jan 93 00:04:51 PST To: cypherpunks@toad.com Subject: Re: 5th AMENDMENT & DECRYPTION In-Reply-To: <4627.2B64DAF9@fidogate.FIDONET.ORG> Message-ID: <9301260801.AA18233@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain > from: john.nieder@f33.n125.z1.fidonet.org (commenting on the strategy of "taking the 5th" on the matter of decrypting one's files) > . Recently this question came up in another forum on encryption & an > "authority" on communications law claimed the probable scenario would be > that the arresting agency would have the encrypted material decrypted by > a competent government or academic agency & the costs of said decryption > would eventually be recovered from the defendant through civil suits, > presuming the defendant had sufficient assets. It is my memory of the > thread that he claimed this had been done in previous cases. With strong crypto, e.g., with 300 decimal digit moduli, the "costs" of decryption by brute force could easily exceed the GNP/GDP of the U.S. So taking the 5th, or claiming to have "forgotten" the key, should work, all other things being equal. But all other things are not equal...perhaps they eavesdropped as the private key was being typed in (and it was stored somewhere, presumably), perhaps they "black bagged" the house, perhaps a simple pass phrase was used in lieu of memorizing 300 digits, and so on. A lot of work lies ahead. -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: waiting for the dust to settle. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Tue, 26 Jan 93 01:55:10 PST To: cypherpunks@toad.com Subject: Re: 5th AMENDMENT & DECRYPTION Message-ID: <9301260954.AA09481@servo> MIME-Version: 1.0 Content-Type: text/plain Mike Godwin (formerly, I understand) of EFF and I had a lively discussion on precisely this topic back at the Hackers' Conference. Mike insists that there is no firm legal theory or case law on which to base an assertion that the 5th amendment would shield you from being compelled to divulge an encryption key that could then be used to decrypt information to be used as evidence against you. He says that the closest the Supreme Court came to this issue was an offhand remark in a 5th amendment case to the effect that "of course, we couldn't compel the defendant to, say, reveal the combination on a lock". I forget the precise legal term that Mike used to refer to this comment, but he said it didn't establish a binding legal precedent because it didn't relate directly to an issue in the case at hand. On the other hand, several other lawyers I've asked have responded "of course!" when I ask them whether the 5th amendment would protect a defendant from being compelled to divulge an encryption key without immunity for the evidence it might decrypt. My own opinion, given that I seem unable to get a complete consensus from the lawyers, (has this *ever* been possible?) is that the issue is as yet untested in court and could go either way depending on the actual case. But Mike seems much more pessimistic, and he *is* a lawyer. I'm not. Don't give up working on those steganographic schemes just yet. And wherever practical (e.g., for communications as opposed to storage), use a key management scheme that doesn't leave anything around that can be seized or subpeonaed after the fact (e.g., Diffie's "perfect forward secrecy" scheme.) Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mitra Date: Mon, 25 Jan 93 18:57:10 PST Subject: Re: Coupled programs In-Reply-To: <9301252308.AA11480@soda.berkeley.edu> Message-ID: MIME-Version: 1.0 Content-Type: text/plain Eric Hughes (hughes@soda.berkeley.edu) wrote: : This is exactly the goal. For example, zmodem has a widespread : deployment and a public specification. What needs to happen for : cryptography is the development of such protocols for key exchange, : signatures, and other cryptographic entities. I thought that was the point of PEM? Why not integrate the PGP encryption protocol into the PEM structure? - Mitra From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phiber Optik Date: Tue, 26 Jan 93 01:30:08 PST To: cypherpunks@toad.com Subject: Re: This list... Message-ID: <199301260929.AA16274@eff.org> MIME-Version: 1.0 Content-Type: text/plain > > The whole point of this list is to develop techniques to ensure privacy -- > > most of us understand that there isn't much right now. > > but but but ... sendmail already offers an easy way to hide the membership > of a mailing list. why not use it? > > peter > Thank you. Welcome to the world of common sense. It's a given that certain things you just can't be secure against. But when you don't take every precaution, no matter how small, it's called laziness. Not fixing it with the excuse that people have to understand or accept the overall insecurity of things in general sounds pretty idiotic to me. It isn't such a big deal. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: veritas!u.washington.edu!news@markv.com Date: Tue, 26 Jan 93 06:42:10 PST Subject: No Subject Message-ID: MIME-Version: 1.0 Content-Type: text/plain From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tony@morgan.demon.co.uk (Tony Kidson) Date: Tue, 26 Jan 93 04:51:23 PST To: cypherpunks@toad.com Subject: Re: 5th AMENDMENT & DECRYPTION Message-ID: <1726@morgan.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain Well, the autorities trying to decrypt somebody's files would make an 'interesting' test for PGP. Although, they'd only have to crack the 'conventional' cypher to find your secret key. Tony +-----------------+-------------------------------+--------------------------+ | Tony Kidson |`morgan' is an 8MB 486/33 Cat-| Voice +44 81 466 5127 | | Morgan Towers, |Warmer with a 670 MB Hard Disk.| E-Mail | | Morgan Road, |It resides at Morgan Towers in| tony@morgan.demon.co.uk | | Bromley, |Beautiful Down Town Bromley. | tny@cix.compulink.co.uk | | England BR1 3QE |Honda ST1100 ==*== DoD# 0801 | 100024.301@compuserve.com| +=================+===============================+==========================+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tony@morgan.demon.co.uk (Tony Kidson) Date: Tue, 26 Jan 93 04:52:57 PST To: cypherpunks@toad.com Subject: Re: 5th AMENDMENT & DECRYPTION Message-ID: <1727@morgan.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain In message <9301260801.AA18233@netcom3.netcom.com> you write: > > > from: john.nieder@f33.n125.z1.fidonet.org > > (commenting on the strategy of "taking the 5th" on the matter of > decrypting one's files) .................. > > With strong crypto, e.g., with 300 decimal digit moduli, the "costs" > of decryption by brute force could easily exceed the GNP/GDP of the > U.S. ........ > bagged" the house, perhaps a simple pass phrase was used in lieu of > memorizing 300 digits, and so on. But what is encrypted with the 'simple phrase' is quite short and does not provide much material for cryptanalysis. Tony +-----------------+-------------------------------+--------------------------+ | Tony Kidson |`morgan' is an 8MB 486/33 Cat-| Voice +44 81 466 5127 | | Morgan Towers, |Warmer with a 670 MB Hard Disk.| E-Mail | | Morgan Road, |It resides at Morgan Towers in| tony@morgan.demon.co.uk | | Bromley, |Beautiful Down Town Bromley. | tny@cix.compulink.co.uk | | England BR1 3QE |Honda ST1100 ==*== DoD# 0801 | 100024.301@compuserve.com| +=================+===============================+==========================+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Tue, 26 Jan 93 10:31:31 PST To: cypherpunks@toad.com Subject: Re: Computerized OTP (was 5th AMENDMENT & DECRYPTION) In-Reply-To: Message-ID: <9301261828.AA25565@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Murdering Thug (not his real name) writes, quoting me: > > With strong crypto, e.g., with 300 decimal digit moduli, the "costs" > > of decryption by brute force could easily exceed the GNP/GDP of the > > U.S. > > Since none of us have ever been inside the NSA, we cannot underestimate > their power and resources. For all we know they may have 500 Intel Delta > supercomputers linked together, each having 65,536 i860-XP/50mhz chips. > We really don't know what kind of iron they possess. Thus we can't assume > that they can't factor extremely large numbers easily. Doubtful. That's why I cited 300 decimal digit moduli...the current factoring record is, I believe, a 105 digit number, and this took a network of Sun workstations a year or so (this was big news some months back). As a former Intel employee and current Intel stockholder (yeah!), I certainly hope the NSA is consuming large numbers of Touchstone Deltas, but they won't do much good against strong crypto. A bigger effect would be a breakthrough in factoring. No evidence of this, though. > The only way to thwart the NSA is to use an encryption scheme which has > been _proven_ uncrackable. The only one I know of is the One Time Pad. > A person I know is working on a computerized version of the OTP that ....rest elided... Sure, one-time pads are information-theoretically secure. The problem is the key distribution problem, as well as the storage of one-time pads. For example, for the couple of hundred folks on this list to communicate securely will other members, each would have to meet in person or deliver by trusted courier a one-time pad to _each_ of the others! A very tough logistical problem, fraught with potential weaknesses, and much easier to spoof or break than, for example, factoring very large numbers. This is the problem, the key distribution problem, that public key methods solve. -Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: waiting for the dust to settle. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl Barrus Date: Tue, 26 Jan 93 08:55:07 PST To: cypherpunks@toad.com Subject: digital bank Message-ID: <199301261654.AA04341@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Fellow cypherpunks: I have been working on a digital bank, implementing Hal Finney's simple bank protocol (random account number and random digicash - not Chaum's more sophisticated system based on RSA encryption, decryption, blinded messages, etc.) The enhancement posted by ?? - I can't remember right now - (having to do with wallets) is not implemented. I beleive it is ready to enter the next test phase: everyone on the list may apply for an account. Send a message of this form to the anonymous remailer I run (elee7h5@rosebud.ee.uh.edu) : :: command: help user@host Be sure to include your real mail address in the user@host line, because that's where the bank will send back the information. /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK2VsWoOA7OpLWtYzAQGCTQQAlM3qhbcO2DvAAIGunmoVMYdHhTISS+7w YOq7oUoWU9Ys8kSaQMIHEmoaNITnaK5VZBIEbOdbI8oWzyUBkuKmPk+n8+SBr8PD KCs2ULSm6fqQ9nOe0sqOa8U0F6Q8Pij7YLjbdApeSjKA32XcnT4PcVq/iCP0HhBn svCTwLiXXIA= =9mlF -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dclunie@pax.tpa.com.au (David Clunie) Date: Mon, 25 Jan 93 16:33:25 PST To: ld231782@longs.lance.colostate.edu Subject: Re: anonymous server compilation? Message-ID: <9301260030.AA03959@britt> MIME-Version: 1.0 Content-Type: text/plain > Hello. To my knowledge no public listing of known anonymous servers has > been compiled. > pax.tpa.com.au > -------------- Unfortunately, the anonymous sytem at pax has been closed, as the local network in Australia was considered unsuitable for this kind of thing, partly due to the narrow bandwidth of the link to the US, and partly because of the prevailing attitude at the US end that anonymous mail is generally a bad thing. david From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jim@tadpole.com (Jim Thompson) Date: Tue, 26 Jan 93 09:18:43 PST To: pfarrell@cs.gmu.edu Subject: Re: Rational PC mail , was Re: PGP on BBS Message-ID: <9301261717.AA13492@tadpole.tadpole.com> MIME-Version: 1.0 Content-Type: text/plain > From: pfarrell@cs.gmu.edu (Pat Farrell) > > With NUpop and Eudora, SLIP is optional. The NUpop docs say > that SLIP slows down the transfer, and recommends simple ASCII > async connection using a reliable modem (MNP or V42/V.42bis) I don't understand how the authors of this document can do so. Modern compressed-header SLIP implementations will compress the TCP/IP/SLIP headers down to 5 or 6 'bytes' (octets), on the average. In theory, I suppose its true, but in practice, it makes little difference. Even without header compression, and assuming minimal-sized datagrams, you end up with an overhead of 41/576. 93% of your bandwidth is still yours. A simple ASCII async connection using MNP or V.42 still violates the end-to-end argument. Serial ports can, and do loose characters. Leaving your encrypted message, or even your key, to the whims of a cheap modem, (you'll never know what the other guy has), or back serial drivers seems a bad idea to me. Jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jim@tadpole.com (Jim Thompson) Date: Tue, 26 Jan 93 09:34:03 PST To: thug@phantom.com Subject: Re: Computerized OTP (was 5th AMENDMENT & DECRYPTION) Message-ID: <9301261732.AA13574@tadpole.tadpole.com> MIME-Version: 1.0 Content-Type: text/plain > From: thug@phantom.com (Murdering Thug) > Since none of us have ever been inside the NSA, we cannot underestimate > their power and resources. For all we know they may have 500 Intel Delta > supercomputers linked together, each having 65,536 i860-XP/50mhz chips. > We really don't know what kind of iron they possess. Thus we can't assume > that they can't factor extremely large numbers easily. Um, I've been inside the NSA, (and I don't have a clearence.) They have a very nice visitors center, where they display some of their more arcane technology, along with little placards explaining what the hardware does. For instance, they display a very nice looking u-wave radio-based computer (complete with wax lenses), and a light-based floating-point engine that develops God-only-knows how many hundres Gflops, and yes, it can be custom programmed. They display a RISC core (of their own design) than also has a custom crypto unit on-chip, said unit can be field re-programmed. Also displayed are various arcane (antique) crypto devices. Jim P.S. Admittedly, I didn't get very far inside.. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pmetzger@shearson.com (Perry E. Metzger) Date: Tue, 26 Jan 93 09:01:32 PST To: cypherpunks@toad.com Subject: Re: This list... Message-ID: <9301261633.AA17497@maggie.shearson.com> MIME-Version: 1.0 Content-Type: text/plain > From: Peter Honeyman > To: pmetzger@shearson.com > > eavesdropping on the list would not reveal lurkers. > > peter But eavesdropping on the mail coming out of toad.com would. In any case I think I've made my point -- its fine to patch holes, so long as one is aware that one hasn't given people a sense of false security in so doing. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: thug@phantom.com (Murdering Thug) Date: Tue, 26 Jan 93 08:49:57 PST To: cypherpunks@toad.com Subject: Re: Computerized OTP (was 5th AMENDMENT & DECRYPTION) In-Reply-To: <9301260801.AA18233@netcom3.netcom.com> Message-ID: MIME-Version: 1.0 Content-Type: text/plain tcmay@netcom.com writes: > > from: john.nieder@f33.n125.z1.fidonet.org > > (commenting on the strategy of "taking the 5th" on the matter of > decrypting one's files) > > > . Recently this question came up in another forum on encryption & an > > "authority" on communications law claimed the probable scenario would be > > that the arresting agency would have the encrypted material decrypted by > > a competent government or academic agency & the costs of said decryption > > would eventually be recovered from the defendant through civil suits, > > presuming the defendant had sufficient assets. It is my memory of the > > thread that he claimed this had been done in previous cases. > > With strong crypto, e.g., with 300 decimal digit moduli, the "costs" > of decryption by brute force could easily exceed the GNP/GDP of the > U.S. Since none of us have ever been inside the NSA, we cannot underestimate their power and resources. For all we know they may have 500 Intel Delta supercomputers linked together, each having 65,536 i860-XP/50mhz chips. We really don't know what kind of iron they possess. Thus we can't assume that they can't factor extremely large numbers easily. The only way to thwart the NSA is to use an encryption scheme which has been _proven_ uncrackable. The only one I know of is the One Time Pad. A person I know is working on a computerized version of the OTP that extracts a truly random stream of bits from TV/RF static and massages it using a DSP to be highly variable (e.g.: no runs of 0's or 1's longer than 5 bits). This stream is then XOR'd in one time pad fashion with an LZW compressed version of a plaintext message. The key stream is never re-used and after a byte from the key stream is used, it is erased (crossed off the digital pad). Since no bit in the key stream has any known relationship to any other bit (unlike in pseudo-random-number generators), the goal of extracting either the key or the plain text is intractable. If the NSA can crack the OTP, then they must have God himself on their salary. Read the sci.crypt FAQ on more info about the one time pad. The only problem with the whole OTP scheme is that it can only be used for provably secure communications over unsecure channels. It is much more difficult to use a OTP to encrypt one's hard disk without having to memorize 50 million bits of TV/RF static. Then again 50 million bits of TV/RF static can be stored on a totally-self-destructing memory device. For instance a memory card with battary backed RAM that fits in my pocket. If the law busts in, I merely have to pull out the lithium battary from the card and the key is destroyed beyond all possible recovery. If the NSA can extract bits from the proverbial bit bucket in the sky (also known as write once memory (WOM)), then they truly must have God working on their side. Thug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jthomas@kolanut.mitre.org (Joe Thomas) Date: Tue, 26 Jan 93 09:24:19 PST To: cypherpunks@toad.com Subject: Re: Computerized OTP (was 5th AMENDMENT & DECRYPTION) Message-ID: <9301261719.AA00224@kolanut> MIME-Version: 1.0 Content-Type: text/plain From: thug@phantom.com (Murdering Thug) tcmay@netcom.com writes: > > from: john.nieder@f33.n125.z1.fidonet.org > > (commenting on the strategy of "taking the 5th" on the matter of > decrypting one's files) > > > . Recently this question came up in another forum on encryption & an > > "authority" on communications law claimed the probable scenario would be > > that the arresting agency would have the encrypted material decrypted by > > a competent government or academic agency & the costs of said decryption > > would eventually be recovered from the defendant through civil suits, > > presuming the defendant had sufficient assets. It is my memory of the > > thread that he claimed this had been done in previous cases. > > With strong crypto, e.g., with 300 decimal digit moduli, the "costs" > of decryption by brute force could easily exceed the GNP/GDP of the > U.S. Since none of us have ever been inside the NSA, we cannot underestimate their power and resources. For all we know they may have 500 Intel Delta supercomputers linked together, each having 65,536 i860-XP/50mhz chips. We really don't know what kind of iron they possess. Thus we can't assume that they can't factor extremely large numbers easily. The only way to thwart the NSA is to use an encryption scheme which has been _proven_ uncrackable. The only one I know of is the One Time Pad. True, but impractical. I can't conceive of any rational one-time-pad key distribution over the net. Key distribution has to be over a guaranteed secure channel. For RSA, the channel only has to be authenticated. And if NSA can crack RSA, it would be worth having one cypherpunk lose one court case to find that out (yup, even if it's me...). Joe From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pmetzger@shearson.com (Perry E. Metzger) Date: Tue, 26 Jan 93 10:12:27 PST To: karn@qualcomm.com Subject: Re: 5th AMENDMENT & DECRYPTION Message-ID: <9301261731.AA19162@maggie.shearson.com> MIME-Version: 1.0 Content-Type: text/plain > From: karn@qualcomm.com (Phil Karn) > > On the other hand, several other lawyers I've asked have responded "of > course!" when I ask them whether the 5th amendment would protect a > defendant from being compelled to divulge an encryption key without > immunity for the evidence it might decrypt. > > My own opinion, given that I seem unable to get a complete consensus > from the lawyers, (has this *ever* been possible?) is that the issue > is as yet untested in court and could go either way depending on the > actual case. But Mike seems much more pessimistic, and he *is* a > lawyer. I'm not. One might, of course, validly ask what the potential penalty would be for failing to divulge the key. Presumably, you would be held to be in contempt of court and sent off to jail until you divulged the key -- but at best you are likely to be locked up for a few months before the judge gives up. Given that, one can make a decision on whether the data you had encrypted is worth the loss of a few months of your life. (Remember, by the way, that merely having been in contempt is not nearly the same as having, say, a felony conviction on your record.) So even if they might have an argument for why they should be able to order you to give them a key, that doesn't mean that they have any real way to get it -- you can still fail to hand it over if you are willing to pay the price. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fnerd@smds.com (FutureNerd Steve Witham) Date: Tue, 26 Jan 93 08:59:23 PST To: cypherpunks@toad.com Subject: Hash Cash and Ripped Checks Message-ID: <9301261617.AB12479@smds.com> MIME-Version: 1.0 Content-Type: text/plain Here's a form of digital cash and checks that takes off from Tim May's and Hal's ideas, and might have advantages, but uses crypto. I find it easier to understand than Chaum's method (but maybe the complexity vs. benefits make it the worst of all possible worlds...lemme know). Consider: This message can be exchanged for $x at Fred's Bank by the first person to present it along with a message whose MD5 hash is: h (Serial number: n) Digitally Signed, Fred's Bank Think of this as the right half of a $x bill that's been ripped in half. The hash is the shape of the rip. The bill is valid if you're the first one with both matching halves. The left half is blank (a random message that hashes to h). TO VERIFY: take a new piece of paper, rip it in half (generate a random number, take its hash). Send both halves of the old bill, plus the right half of the piece of paper (the new hash), to the bank. The bank either says the old bill was spent*, or sends back the right half with the same amount and their signature. Now only you have the whole new bill. CHECKS: ask the payee to give you a blank right half. Pay the bank to fill it in. The payee can verify that it's good without taking it to the bank. STAMPS/TOKENS/GIFT CERTIFICATES: The payee gives you a pack of right halves. You turn them to checks later. They might include a serial number with each one and ask you to give it back with the check so they can look up (or regenerate!) the left halves easily. They might even insist that you use the hash/serial # pairs in sequence! (Or is crypto- strong hashing of serial numbers too much to ask?) There are even more compromises of anonymity here than with Tim and Hal's ideas--I assume some compensation with remailers, as Hal suggested. I was thinking you could launder money by buying checks from Bank B with checks to Bank B that are drawn on Bank A, etc. A similar form would be something that said: This message can be exchanged for $x at Fred's Bank by the first person to present it signed with the private key that matches this public key: k (Serial number: n) (pad) Digitally Signed, Fred's Bank This would let you buy checks to random strangers without having to transact anything with them first, but it's sure obvious who the check is to. *Maybe you'd send the right half, then the bank would either prove that it already had the left half, or you'd proceed as above. -fnerd quote me fnerd@smds.com (FutureNerd Steve Witham) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: P30TMR8%NIU.bitnet@UICVM.UIC.EDU Date: Tue, 26 Jan 93 11:12:12 PST To: cypherpunks@toad.com Subject: manifesto Message-ID: <9301261912.AA09570@toad.com> MIME-Version: 1.0 Content-Type: text/plain how would I get a copy of the manifesto? Thanks, Micheal Roberts From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pfarrell@cs.gmu.edu (Pat Farrell) Date: Tue, 26 Jan 93 10:29:30 PST To: jim@tadpole.com Subject: Re: Rational PC mail , was Re: PGP on BBS Message-ID: <9301261824.AA23577@cs.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain Jim, While serial ports do lose characters, especially if you don't have a 16550afn serial chip, I don't see this as a major hassle. In a pure DOS space, you really arn't likely to lose the characters, and this is the initial space of NUpop. With Windows, you have to learn to play with the priorities to make it work well, or get one of the intellegent serial driver DLLs that make it transparent. It is possible that the authors of the NUpop document don't worry too much about single character dropouts. There is plenty of redundancy in english. PGP will complain, but I can see retransmitting a message half a dozen times to get it thru cleanly will lose. I never allow my private key anywhere near a serial port. The public keys are checksummed, so it is easy to see that a character is wrong. I'd love to be able to use CSLIP. We (a bunch of folks on this campus) have just convinced the admin to allow POP services. It will take a while before we can convince them to allow SLIP, CSLIP, and PPP. In the meantime, I'll happily live with NUpop's serial support. Pat From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pmetzger@shearson.com (Perry E. Metzger) Date: Tue, 26 Jan 93 11:25:54 PST To: jthomas@kolanut.mitre.org Subject: Re: Computerized OTP (was 5th AMENDMENT & DECRYPTION) Message-ID: <9301261853.AA21329@maggie.shearson.com> MIME-Version: 1.0 Content-Type: text/plain > From: thug@phantom.com (Murdering Thug) > Since none of us have ever been inside the NSA, we cannot > underestimate > their power and resources. For all we know they may have 500 Intel > Delta > supercomputers linked together, each having 65,536 i860-XP/50mhz > chips. > We really don't know what kind of iron they possess. Thus we can't > assume > that they can't factor extremely large numbers easily. Mr. Thug doesn't seem to understand the issue here. Your fear should be that the NSA knows something about number theory we don't, not that they possess a huge number of supercomputers. Consider that we believe the factoring problem to be exponential in the number of digits. That means that doubling the number of digits doesn't double the size of the problem -- it makes it far, far, far worse. Indeed, I suspect that it could be shown that using a key of only a few thousand digits, barring a change in factoring algorithm there would be no way to factor the number in the lifetime of the universe even were all the matter and energy in the universe given over to the factoring problem. There are problems that are known to be that size, by the way -- such as trying to do a complete search on the game tree for chess. So, if you are worried that the NSA might have 10,000 times the resources you suspected, you can just add a few more digits on to your key and defeat that possibility. Myself, I always use a key thats as long as possible to be safe, but I think that paranoia about their HARDWARE is wholely misplaced. The thing to be paranoid about is that they know something about factoring algorithms that we do not. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jim@tadpole.com (Jim Thompson) Date: Tue, 26 Jan 93 12:35:45 PST To: pfarrell@cs.gmu.edu Subject: Re: Rational PC mail , was Re: PGP on BBS Message-ID: <9301262034.AA14699@tadpole.tadpole.com> MIME-Version: 1.0 Content-Type: text/plain > From pfarrell@cs.gmu.edu Tue Jan 26 12:28:05 1993 > > While serial ports do lose characters, especially if you don't have > a 16550afn serial chip, I don't see this as a major hassle. In a pure > DOS space, you really arn't likely to lose the characters, and this > is the initial space of NUpop. With Windows, you have to learn to play > with the priorities to make it work well, or get one of the intellegent > serial driver DLLs that make it transparent. Let me try to put it another way. The higher you drive the DTE rate, the more likely you are to loose characters. At the same time, you start to care less about the (small) protocol overheads involved. > It is possible that the authors of the NUpop document don't worry too > much about single character dropouts. There is plenty of redundancy in > english. PGP will complain, but I can see retransmitting a message > half a dozen times to get it thru cleanly will lose. But if characters change during transmit, how can you tell that the message wasn't altered by some agent other than the device/driver? Further, if it happens only occasionally, won't you react with mistrust of the original message? "Hey, this message doesn't check with the author's key!" If it happens a lot, aren't you more likely to say, "Well, he must have meant $10,000, not $1000, the serial port must be loosing again." rather than resending some number of times? > I never allow my private key anywhere near a serial port. The public keys > are checksummed, so it is easy to see that a character is wrong. > I'd love to be able to use CSLIP. We (a bunch of folks on this campus) have > just convinced the admin to allow POP services. It will take a while before > we can convince them to allow SLIP, CSLIP, and PPP. The older I get, the more I understand, "Power to the people." Cheers, Jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc.Ringuette@GS80.SP.CS.CMU.EDU Date: Tue, 26 Jan 93 11:46:37 PST To: cypherpunks@toad.com Subject: Re: Computerized OTP (was 5th AMENDMENT & DECRYPTION) Message-ID: <9301261946.AA09982@toad.com> MIME-Version: 1.0 Content-Type: text/plain thug@phantom.com (Murdering Thug) writes, > A person I know is working on a computerized version of the OTP that > extracts a truly random stream of bits from TV/RF static and massages it > using a DSP to be highly variable (e.g.: no runs of 0's or 1's longer than > 5 bits). Cool! You've managed to weaken the one time pad enough for someone to crack it! [ I can collect statistics on the plaintext based on the fact that if five zeroes occur in the OTP then the next bit is constrained to be one. Of course, I don't have complete access to the OTP, but it's an extremely useful statitistical foot-in-the-door. ] This failure occurred because your friend tried to create a number sequence that is somehow "more random than random". Such a sequence is, by definition, weak. -- Marc Ringuette (mnr@cs.cmu.edu) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Vincent Dileonardo Date: Tue, 26 Jan 93 12:06:56 PST To: cypherpunks@toad.com Subject: withdraw Message-ID: <199301262005.AA22494@ravel.udel.edu> MIME-Version: 1.0 Content-Type: text/plain I would like to request that I be removed from your mailing list as soon as possible. Thank you. Vinnie DiLeonardo From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: thug@phantom.com (Murdering Thug) Date: Tue, 26 Jan 93 12:46:59 PST To: cypherpunks@toad.com Subject: Re: Computerized OTP (a clarification) In-Reply-To: <9301261828.AA25565@netcom3.netcom.com> Message-ID: MIME-Version: 1.0 Content-Type: text/plain tcmay@netcom.com writes: > Sure, one-time pads are information-theoretically secure. > > The problem is the key distribution problem, as well as the storage of > one-time pads. For example, for the couple of hundred folks on this > list to communicate securely will other members, each would have to > meet in person or deliver by trusted courier a one-time pad to _each_ > of the others! A very tough logistical problem, fraught with potential > weaknesses, and much easier to spoof or break than, for example, > factoring very large numbers. > > This is the problem, the key distribution problem, that public key > methods solve. > I never recommended the digital OTP as a replacement for public key cryptography. Clearly the logistics of using OTPs on a large scale are clearly dismal. While public key solutions like PGP are good for mass communication systems, they are not secure as far as I am concerned. I am sure the NSA has plenty of tricks up their sleeve for dealing with PGP & RSA. OTP is an excellent solution for small groups (5 people or less) who MUST have completely secure communications. It would be quite easy for a small group like this to physically meet once a year and exchange their fresh 250mb pads (stored on magnetic reel tape which is incrementaly shreaded & burned on the way out of a OTP decoding machine). In fact only one trusted individual is needed to operate an OTP pad generating machine to create the fresh pad tapes from RF noise and only once a year. This could be the ring leader of the group and tape distributor. A 250mb pad is enough for each individual to send 250,000 one kilobyte messages to his conspirators, surely enough pad material to require physical pad exchange only once a year, perhaps even less frequently. A terrorist group or drug ring could use OTPs quite easily from a logistical and key distribution point of view and never have to worry about their messages (e-mail or telex) being decrypted by any agency on the face of the earth. The costs of such a method are minimal for a group of 5 terrorists, a 5-node system like this could be built and set up for around $5000. Of course an OTP scheme must insure physical security as well. Used up key stream tape must be incrementally shredded and burned beyond recovery. And plaintext messages should be displayed to CRT, never be stored. After each message is read or sent, it is destroyed by being overwritten in RAM by nulls. The screen should either by an LCD display or a Tempest proof CRT. Unused pad tape must be quickly removable so that it can be dropped into a near by barrel of sulfuric acid should the law bust through your door. This would prevent the capture of the unused pad tape and prevent the law from spoofing your conspirators by sending and decoding messages as you. A ventilation system must be put in place to suck out the fumes from the barrel of acid out of the room. A wireless alarm system must be in place to allow the detection of a law enforcement assault and allow the quick acid bath destruction of unused pad material. Note, this scheme comes directly from my mind as I speak and does not fly out of anything. It could be refined into a very secure and inexpensive set up. A well implemented OTP scheme makes the interception of plaintext impossible and the capture of messages by physical raids also impossible. This is what I believe to be the only provably secure communication method. If I was a drug king pin, this is what I would use. Thug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: The Phantom Date: Tue, 26 Jan 93 16:24:02 PST To: cypherpunks@toad.com Subject: weak point of PGP implementation Message-ID: MIME-Version: 1.0 Content-Type: text/plain tcmay says: ---- With strong crypto, e.g., with 300 decimal digit moduli, the "costs" of decryption by brute force could easily exceed the GNP/GDP of the U.S. ... bagged" the house, perhaps a simple pass phrase was used in lieu of memorizing 300 digits, and so on. ---- I've been wondering about this. It seems as though the weak point of PGP is one of three possible things: 1) RSA key length (a key length of 10 digits might be a good target, but noone using pgp uses anything so absurdly small, so this can be all but ruled out barring any huge jumps in factoring .. 2) 'conventional cryptography' used for encoding the secring.pgp files, etc. What crypto, exactly, is used? How strong is it? If the NSA knocked on the door and demanded your computer, would it try to crack your key, or would it go directly for the secring.pgp file? 3) length/triviality of pass phrase. This is, I would think, the weakest point mentioned yet. How long does the pass phrase have to be until this point becomes as secure as the weaker of the above two? If all bits of your passphrase were random, how long would an exhaustive search take? matt Matt Thomlinson University of Washington, Seattle, Washington. Internet: phantom@u.washington.edu phone: (206) 528-5732 PGP 2.0 key availaible via email or finger phantom@hardy.u.washington.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: hugh@domingo.teracons.com (Hugh Daniel) Date: Tue, 26 Jan 93 18:37:41 PST To: nowhere@bsu-cs.bsu.edu Subject: Remailer Changes In-Reply-To: <9301270115.AA24665@bsu-cs.bsu.edu> Message-ID: <9301270235.AA01717@domingo.teracons.com> MIME-Version: 1.0 Content-Type: text/plain Why are you retaining the Subject: headder line? If I want a Subject: line I should include inside the encrypted block. ||ugh Daniel hugh@toad.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 26 Jan 93 19:29:55 PST To: cypherpunks@toad.com Subject: weak point of PGP implementation In-Reply-To: Message-ID: <9301270327.AA17865@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Matt mentions three potential weaknesses in PGP: RSA key length, the IDEA cypher, the pass phrase. Let me add: 4. The random number generator used to make session keys. If this is weak, then an opponent might be able to guess them feasibly. This attack does not require breaking the underlying cryptography. 5. Weak random numbers for RSA key generation. If the numbers in the random number pool are not as random as they should be, then one might simply simulate the prime generation algorithm and compile a table of potential PGP primes. Simply running trial division on this list versus a storehouse of public keys might reveal common factors. Even running Euclid's algorithm to find g.c.d.'s on a such a storehouse versus itself might produce factorizations. From my quick reading of genprime.c, the PGP key generation algorithm searches sequentially from a random starting point. Thus it will tend to find primes that are preceded by large blocks of composite numbers. This alone reduces the search space some, possibly considerably. Has anybody measured how good the keystroke timings are, anyway? Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 26 Jan 93 19:36:42 PST To: cypherpunks@toad.com Subject: Computerized OTP (was 5th AMENDMENT & DECRYPTION) In-Reply-To: <9301261946.AA09982@toad.com> Message-ID: <9301270334.AA18297@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >thug@phantom.com (Murdering Thug) writes, >> (e.g.: no runs of 0's or 1's longer than >> 5 bits). >Cool! You've managed to weaken the one time pad enough for someone to >crack it! Taking 6-graph statistics, we seen that the entropy is 5.95, where it should be 6.00. Or in other words, .992 bits of entropy per bit symbol. That's not good. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 26 Jan 93 19:41:31 PST To: cypherpunks@toad.com Subject: Coupled programs In-Reply-To: Message-ID: <9301270339.AA18743@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >Eric Hughes (hughes@soda.berkeley.edu) wrote: >: What needs to happen for >: cryptography is the development of such protocols for key exchange, >: signatures, and other cryptographic entities. Mitra writes: >I thought that was the point of PEM? Why not integrate the PGP >encryption protocol into the PEM structure? I am talking about interactive protocols. To generate a session key for communication with some remote host will require both parties to cooperate. PEM is a standard for "privacy enchanced" electronic email formats and encryption methods. PEM is not a standard for interacting protocols. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Chael Hall) Date: Tue, 26 Jan 93 17:18:54 PST To: cypherpunks@toad.com Subject: Remailer Changes Message-ID: <9301270115.AA24665@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain The following changes have been made to the remailer running here at bsu-cs. Note that they are effective immediately. If some of you would please just try sending a few messages through the remailer so I can be sure it is working (I don't care if you remail it to yourself, but I want to look at the debug output so that I can turn off the logs. Changes: - Thanks to a suggestion on here, I have changed to the more standard "::" format. If and only if the first line of the message after the header contains "::" will the lines following it up until a blank line *OR* another "::" on a line by itself be parsed as though they are part of the header. - Any "X-Anon-To," "X-Anonymously-To," or "Request-Remailing-To," lines in the main header or the secondary header will cause the recipient's name to be set to its value. The last one listed will be the one to which the mail is sent (I haven't decided whether or not multiple recipients are going to be supported yet) - Any "From" line in either header will be stripped. - Any line except the "Subject" line will be stripped from the main header before being sent. - Any lines aside from those already described above that are contained in the secondary header will be appended to the header before the message is sent out. - No X-Anon-To, X-Anonymously-To, or Request-Remailing-To header lines will be passed on in case this remailer is being chained onto another remailer (which would cause an endless loop if it found its own address as the X-Anon-To field and didn't strip it on outbound mail). Please let me know what you think. Once again, this software is written in C and I plan to release source code when the project is completed. Chael Hall -- Chael Hall nowhere@bsu-cs.bsu.edu, 00CCHALL@LEO.BSUVC.BSU.EDU, CHALL@CLSV.Charon.BSU.Edu (317) 285-3648 after 4 pm EST From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jay Prime Positive Date: Tue, 26 Jan 93 22:23:17 PST To: cypherpunks@toad.com Subject: [veritas!u.washington.edu!news@markv.com: ] Message-ID: <9301262221.aa12202@hermix.markv.com> MIME-Version: 1.0 Content-Type: text/plain From: jpp@hermix To: cypherpunks@toad.com Subject: [veritas!u.washington.edu!news@markv.com: ] Interesting message I recieved... Twice... j' From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: John.Nieder@f33.n125.z1.FIDONET.ORG (John Nieder) Date: Wed, 27 Jan 93 02:58:45 PST To: cypherpunks@toad.com Subject: PRACTICAL DECRYPTION Message-ID: <4652.2B66598A@fidogate.FIDONET.ORG> MIME-Version: 1.0 Content-Type: text/plain from: john.nieder@f33.n125.z1.fidonet.com > (commenting on the strategy of "taking the 5th" on the matter of > decrypting one's files) > > > . Recently this question came up in another forum on encryption & an > > "authority" on communications law claimed the probable scenario would be > > that the arresting agency would have the encrypted material decrypted by > > a competent government or academic agency & the costs of said decryption > > would eventually be recovered from the defendant through civil suits, > > presuming the defendant had sufficient assets. It is my memory of the > > thread that he claimed this had been done in previous cases. > > With strong crypto, e.g., with 300 decimal digit moduli, the "costs" > of decryption by brute force could easily exceed the GNP/GDP of the > U.S. # Since none of us have ever been inside the NSA, we cannot underestimate # their power and resources. For all we know... This is somewhat beside the point. In actual fact, much of the seized encrypted evidence in criminal cases employs built-in encryption programs in major software packages (WordPerfect is a good example) rather than obscurer stuff like PGP/IDEA/RSA. Even highly-touted commercial programs like Norton Utilities DiskReet w/DES use simple passwords of a maximum ten-character size. . Much of this decryption may be trivially accomplished, though many "experts" charged law enforcement agencies stout fees for the service. It is now known that those specializing in WordPerfect files were using a simple program available on most BBS file bases which will crack the "secret" WordPerfect password in seconds on an old XT. . Apparently, the consulting fees for breaking bad crypto in most cases is not prohibitive. . Tim's objections about high-end decryption are indeed valid, at least theoretically, but we can not tell if a given encryption program has been backdoored or if a fatal flaw has been uncovered that reduces the security of the cyphertext. If any cryptanalysts might find such flaws, they would probably be those in no position to reveal their findings. . Jean-Loup Gailly [an original PGP team member in France] informs me that the same general criticisms of PGP soundness voiced in the Moscow State University report have been independently suggested in sci.crypto, though he is aware of no instance of these alleged weaknesses being exploited to break a PGP message. The jury is still out on PGP's ultimate security, I suppose. . Personally, I am not counting on PGP's brute-force decryption being a task of the magnitude Tim suggests, though I _hope_ he's right. I sure wish some well-equipped crypto labs like Marty Hellman's would turn their attentions to an evaluation of PGP... JN --- Blue Wave/Opus v2.12 [NR] -- John Nieder - via FidoNet node 1:125/555 UUCP - ...!uunet!hoptoad!kumr!fidogate!33!John.Nieder INTERNET - John.Nieder@f33.n125.z1.FIDONET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@alumni.cco.caltech.edu Date: Tue, 26 Jan 93 22:57:43 PST To: cypherpunks@toad.com Subject: Re: Computerized OTP (was 5th AMENDMENT & DECRYPTION) Message-ID: <9301270659.AA10471@alumni.cco.caltech.edu> MIME-Version: 1.0 Content-Type: text/plain Murdering Thug wrote: > Yes I do think the idea of making a "more random than random" stream > by filtering out long runs of 0's or 1's weakens the the key stream > in theory, but in practical use it strengthens it, because if the stream > is left alone, runs of 500 bits of 0's or 1's can come through, and any > fool can then extract plain text using XOR in this area of the cyphertext. Thug is wrong about this, but it's a common mistake. It does seem like those runs of 0's (and, to a lesser extent, 1's) are dangerous - there's your plaintext, totally exposed to the prying eyes of strangers! But, what is forgotten is this: for every run of 0's which would reveal your plaintext, there is an equally likely pattern of 1's and 0's which transforms your plaintext into one of Shakespeare's plays. Or into the Declaration of Independence. Or into anything else you like. You see, xor'ing your message with a random stream means that the resulting output is equally likely to be _any_ original message. There is no way in theory or in practice to determine what the message originally was; that is, all bit patterns are equally likely to be the original message. To see an example of this, suppose you had one of the simplest possible original messages: all 1's. Now you xor this with a random pattern. To your dismay, your random stream happens to come up with a large block of 0's. This is what would happen: Original message: 1111111111111111111111111111111111 Random stream: 0011010010000000110111010111001010 Resulting output: 1100101101111111001000101000110101 Look at that big block of 1's in there. Won't that give it away? No. Such a block of 1's is expected to occur occasionally no matter what the original message. It's just as likely that the original message and random stream looked like: Original message: 1010101010101010101010101010101010 Random stream: 0110000111010101100010000010011111 Resulting output: 1100101101111111001000101000110101 There is no way to tell what the original message was, even when you see a block of output which seems to match some pattern. It doesn't tell you anything. Hal 74076.1041@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: thug@phantom.com (Murdering Thug) Date: Tue, 26 Jan 93 20:14:48 PST To: cypherpunks@toad.com Subject: Re: Computerized OTP (was 5th AMENDMENT & DECRYPTION) In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: text/plain Timothy Newsham wries: > Murdering Thug writes: > > The only way to thwart the NSA is to use an encryption scheme which has > > been _proven_ uncrackable. The only one I know of is the One Time Pad. > > didnt shannon prove that the only "unbreakable" encryptions (or > encryptions with "zero knowledge") have to have a key at least > as long as the message? The key stream for a OTP system is infinitely long, and if a real random source is used (e.g. RF noise/static) no bit in the key stream has any relationship to any other bit in the key stream, unlike a pseudo-random-gen key stream where there is a relationship and this relationship can be found and the seed for the PRNG extracted and thus the key is broken. Since TV static on unused channels is basically amplified RF garbage coming in from outer space radio sources and is in fact "white noise", it makes the perfect encoding stream for a one time pad system, it's infinitely long, never repeats, and is never reused. Yes I do think the idea of making a "more random than random" stream by filtering out long runs of 0's or 1's weakens the the key stream in theory, but in practical use it strengthens it, because if the stream is left alone, runs of 500 bits of 0's or 1's can come through, and any fool can then extract plain text using XOR in this area of the cyphertext. LZW compression of the plaintext helps, but I feel that it is far better to reduce the possibility of a key stream containing long runs of 0's or 1's, than to leave it alone. The other possibility is to find a truly random RF source that has all the properties you want, the more important being that the >average< length of a homogenous bit run (0's or 1's) is around 4 or 5 bits. Of course you should let run lengths of 12 bits come through to screw the stat guys, but the >average< run length should be below 8 bits. Such a highly variable stream of white noise makes the perfect key stream in my opinion. Thug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uri@watson.ibm.com Date: Tue, 26 Jan 93 20:39:33 PST To: cypherpunks@toad.com (cypherpunks) Subject: Re: weak point of PGP implementation In-Reply-To: <9301270327.AA17865@soda.berkeley.edu> Message-ID: <9301270438.AA15194@buoy.watson.ibm.com> MIME-Version: 1.0 Content-Type: text/plain Eric Hughes says: > Matt mentions three potential weaknesses in PGP: RSA key length, the > IDEA cypher, the pass phrase. Probably the first two even a paranoid person won't call "weaknesses". The pass-phrase - th docs should give some guidelines, as to how one must choose his pass-phrase (if it's already there - apologies :-). > Let me add: And now you're talking! (:-) > 4. The random number generator used to make session keys. If this is > weak, then an opponent might be able to guess them feasibly. This attack > does not require breaking the underlying cryptography. > > 5. Weak random numbers for RSA key generation. If the numbers in the > random number pool are not as random as they should be, then one might > simply simulate the prime generation algorithm and compile a table of > potential PGP primes. It looks like that [former] Soviet professor found and pointed out exactly those weaknesses: poor RSA keys (making factoring about two orders of magnitude easier) and poor something else (I couldn't understand what he meant, sorry :-). Quite possible he hit session keys (as likely as not)... -- Regards, Uri uri@watson.ibm.com scifi!angmar!uri N2RIU ----------- From cypherpunks-request Tue Jan 26 21:28:06 1993 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc.Ringuette@GS80.SP.CS.CMU.EDU Date: Tue, 26 Jan 93 21:19:45 PST To: cypherpunks@toad.com Subject: Re: Computerized OTP (was 5th AMENDMENT & DECRYPTION) Message-ID: <9301270519.AA17681@toad.com> MIME-Version: 1.0 Content-Type: text/plain Thug writes, > The other possibility is to find a truly random RF source that has all > the properties you want, the more important being that the >average< > length of a homogenous bit run (0's or 1's) is around 4 or 5 bits. "All the properties you want?" What you want is random, and nothing else! Random isn't "average bit runs of 4 or 5 bits". It isn't "nice white noise". It is TRULY RANDOM! You need to understand that the absolutely critical property for a one time pad bit-stream to have is this: given all previous bits seen, the probability that the next bit seen will be zero or one is exactly 0.5. What you need is a method for converting a biased random number stream (say, one where after a run of zeroes, another zero has high probability) into an unbiased one where the probability of the next bit being zero is exactly 0.5. Truncating runs to length 5 is an attempt at this, but a VERY BAD and cryptographically useless attempt. Does anybody remember a good recipe for converting a biased RNG into an unbiased one? I can't think of one off the top of my head, and that's what Thug's friend seems to need. This has been discussed at length in the literature. -- Marc Ringuette (mnr@cs.cmu.edu) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tribble@xanadu.com (E. Dean Tribble) Date: Wed, 27 Jan 93 00:50:22 PST To: uunet!GS80.SP.CS.CMU.EDU!Marc.Ringuette@uunet.UU.NET Subject: Computerized OTP (was 5th AMENDMENT & DECRYPTION) In-Reply-To: <9301270519.AA17681@toad.com> Message-ID: <9301270816.AA08283@xanadu.xanadu.com> MIME-Version: 1.0 Content-Type: text/plain "All the properties you want?" What you want is random, and nothing else! all previous bits seen, the probability that the next bit seen will be zero or one is exactly 0.5. Note that in practice, the length of a string of 1's or 0' is irrelevant: The chance of a string of length N being all the same is O(2^N), so becomes unlikely for reasonably short strings of bits (1 in 1024 for 10 bits), and virtually impossible for interesting sizes of N (1 in 4 billion for 32 bits). This doesn't even strike as being worht the effort of figuring out how badly the OTP is compromised by shortening such runs. Remember how badly our intuitions are on things like security. Believe the numbers, not your gut feel. dean From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: edgar@spectrx.Saigon.COM (Edgar W. Swank) Date: Wed, 27 Jan 93 03:42:17 PST To: Cypherpunks Subject: Re: a few good weasels Message-ID: MIME-Version: 1.0 Content-Type: text/plain Dave del Torto said here: A world of absolutes is not a fun world and it's not a safe world. Someone's gotta break the rules every once in a while or we all go down the tubes. Of course, I _personally_ would _never_ break any of the fine laws of our beloved nation, but I know deep in my heart (but not anywhere on my hard disks) that such brave people exist and that the effect of their less-than-legal efforts is the delicate equilibrium in which we continue to prosper and innovate. I agree completely. So would Ollie North, who is a fine example of "such brave people". -- edgar@spectrx.saigon.com (Edgar W. Swank) SPECTROX SYSTEMS +1.408.252.1005 Silicon Valley, Ca From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Wed, 27 Jan 93 01:36:14 PST To: cypherpunks@toad.com Subject: SunExpress to expand "unlockable" software distribution Message-ID: <9301270936.AA24007@toad.com> MIME-Version: 1.0 Content-Type: text/plain It would probably be a public service if some interested parties were to determine the ``encryption'' method that Sun Express, the standard Sun ``license manager'', and other packages use. At the moment, the details of these technologies are not described in the public literature (as far as I know). Rather than have these companies discover years too late that their "unlockable" software is really unlockable by anyone who understands cryptography, it'd be better for them to learn it this year, while they are still handling low volumes of programs that way. Also maybe they will stop dumping these programs-that-you-have-but-must-pay-to-run on us. John ---------------------------------------------------------------------------- The Florida SunFlash SunExpress Unveils One-Stop Shopping From the Desktop SunFLASH Vol 49 #21 January 1993 ---------------------------------------------------------------------------- New CD-ROM and facsimile services make it easier than ever to select and purchase products CHELMSFORD, Mass. --January 26, 1993-- SunExpress, a subsidiary of workstation industry leader Sun Microsystems, Inc., today announced two new customer services which simplify information retrieval and product ordering. FaxInfo(SM), which allows SunExpress customers to access product information and order product through their fax machine, is available now. A second program will allow SunExpress customers to "unlock" software applications directly from SunSoft's Catalyst CDware(TM), the most widely-distributed demo CD for users of the UNIX(R) operating system. The CD-ROM program is being implemented in twenty customer sites on a trial basis and will be generally available later this year with Catalyst CDware Volume 5.0. The integration of these technologies, coupled with other electronic ordering innovations planned for release later in 1993, will allow SunExpress to process orders more efficiently and provide a higher level of customer satisfaction. Eventually, these process innovations will result in drastically fewer written orders, smaller inventories, less postage, phone and freight costs, resulting in reduced costs for SunExpress customers. "SunExpress is committed to providing its customers with leading-edge technologies that will make it easier than ever for them to select and purchase products. The new programs announced today are just the beginning," said Dorothy Terrell, president of SunExpress. "In the near future, our customers will be able to browse through full color on-line catalogs, watch video demonstrations and try out software all without leaving their workstation." FaxInfo The FaxInfo program allows SunExpress customers to access detailed product information about catalog offerings within minutes. By calling into the regular SunExpress ordering and information number (800-USE-SUNX), customers can access FaxInfo and have technical data sheets faxed back to the location of their choice by using the touch-tone keypad on their phone. SunExpress maintains up-to-date datasheets on all of the products that it offers and makes revisions to product specs as they are made available. SunExpress joins with SunSoft's Catalyst CDware Program Sun(TM) workstation users currently have access to SunSoft's Catalyst CDware program which allows them to run demo versions of a range of UNIX software applications from several major ISV's and decide whether it is something they would like to buy. With SunExpress' participation in the program, interested customers can purchase and obtain a fully-functional version of their chosen software -- all in one toll-free phone call. Currently this program is being tried out at twenty customer sites with limited software product offerings including: Clarity's Rapport(TM), and Ta-Dah!(TM) and SimCity(TM) from Dux Software. The program is targeted for full implementation with many more titles this summer, and will be attractive to ISVs who are already marketing their product through Catalyst CDware from SunSoft. Catalyst CDware currently carries 73 product presentations from 54 different vendors. "We feel that this service from SunExpress can only enhance the effectiveness and impact of our Catalyst CDware program," said Peter Schakow, Manager of CD programs at SunSoft. "We look forward to providing this added service to our Catalyst CDware partners." ISVs are interested in the SunExpress distribution strategy as a new sales channel. "This program will greatly facilitate our marketing efforts into the Sun installed base," said Bob Adams of DUX Software. "In addition to assisting with new product sales, it will be extremely useful and cost effective for distributing product enhancements and upgrades." SunExpress, a subsidiary of Sun Microsystems, Inc. provides customers with easy access to a wide range of Sun and innovative 3rd party products at low competitive prices and same day shipping. SunExpress supports SPARC(R), Solaris(R), and other computing environments based on the UNIX operating system. The company offers a 30-day no fault return policy and is currently serving customers in the United States, Europe and Japan. SunExpress can be reached at 1 (800) USE-SUNX and is headquartered in Chelmsford, MA. Press Contact: Hi-Tech Communications Mark Lederhos (508) 251-8278 Kathryn Lang (415) 904-7000 x204 Sun Lisa Ganier (415) 336-5637. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ For information send mail to info-sunflash@Sun.COM. Subscription requests should be sent to sunflash-request@Sun.COM. Archives are on solar.nova.edu, uunet.uu.net, sunsite.unc.edu, src.doc.ic.ac.uk and ftp.adelaide.edu.au All prices, availability, and other statements relating to Sun or third party products are valid in the U.S. only. Please contact your local Sales Representative for details of pricing and product availability in your region. Descriptions of, or references to products or publications within SunFlash does not imply an endorsement of that product or publication by Sun Microsystems. John McLaughlin, SunFlash editor, flash@Sun.COM. (305) 776-7770. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: strat@intercon.com (Bob Stratton) Date: Tue, 26 Jan 93 22:42:12 PST To: cypherpunks@toad.com Subject: 5th Amendment and keys Message-ID: <9301270641.AA08281@intercon.com> MIME-Version: 1.0 Content-Type: text/plain It might be worth pinging Mike Godwin for a summary of his current assessment. I was at a meeting with him over the weekend, and he said he's slowly growing more optimistic with regard to this very issue, as a result of some precedents he found. He'd probably be honored to know that a whole list was hanging on his every word. :-) --Strat From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Douglas Sinclair Date: Wed, 27 Jan 93 05:37:20 PST To: cypherpunks@toad.com Subject: Random OTP sources Message-ID: <9301271305.AA25910@acs1.acs.ucalgary.ca> MIME-Version: 1.0 Content-Type: text/plain Much discussion has been going on about creating a truly random OTP key by tuning in to dead TV channels, etc. There is a much simpler, and more secure way. Look at the decay of a small radioactive source. Find a time period in which there is a 50% chance of seeing an event, and then clock a 1 if you do, or a 0 of you don't. Radioactive sources and detectors are easily obtained from smoke detectors, and it should be fairly easy to set up (though I havn't done it). If our understanding of quantum mechanics are correct, the resulting bitstream is truly random. RF noise may be random. Also, if the NSA or other Big Brother organization knows what you are doing, they can try listening in on the same channel and deducing your key. To my knowledge, there is no way to see what is going on in a small Californium source if you have more than a few meters between the source and detector. Anyhow, a given event will probably only produce one particle, or maybe two, so your point detector will only see a portion of the events and knowledge of particles in another direction doesn't tell you anything. Hm. I hope that was coherent. Any comments? -- Vercotti: I was terrified of him. Everyone was terrified of Doug. I've seen grown men pull their own heads off rather than see Doug. Even Dinsdale was frightened of Doug. Interviewer: What did he do? Vercotti: He used sarcasm. He knew all the tricks, dramatic irony, metaphor, bathos, puns, parody, litotes and satire. -- Monty Python, Episode 14 PGP 2.1 Key by finger From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peter honeyman Date: Wed, 27 Jan 93 07:08:01 PST To: cypherpunks@toad.com Subject: Re: Computerized OTP (was 5th AMENDMENT & DECRYPTION) In-Reply-To: <9301270659.AA10471@alumni.cco.caltech.edu> Message-ID: <9301271507.AA12215@toad.com> MIME-Version: 1.0 Content-Type: text/plain Murdering Thug wrote: > Yes I do think the idea of making a "more random than random" stream > by filtering out long runs of 0's or 1's weakens the the key stream > in theory, but in practical use it strengthens it, because if the stream > is left alone, runs of 500 bits of 0's or 1's can come through, and any > fool can then extract plain text using XOR in this area of the cyphertext. this is a one in 2^500 event. just to remind you, 2^500 is 3,273,390,607,896,141,870,013,189,696,827,599,152,216,642,046,043,064,789,483,291,368,096,133,796,404,674,554,883,270,092,325,904,157,150,886,684,127,560,071,009,217,256,545,885,393,053,328,527,589,376 (sorry to those folks whose screens get bugged by looooong lines.) i wouldn't worry about a 1 in 2^500 event occurring too often ... peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Scott Collins" Date: Wed, 27 Jan 93 10:40:15 PST To: "Cypher Punks" Subject: Randomness and RE>OTPs Message-ID: <9301271839.AA25190@> MIME-Version: 1.0 Content-Type: text/plain Subject: Randomness and RE>OTPs >Does anybody remember a good recipe for converting a biased RNG into an >unbiased one? I can't think of one off the top of my head, and that's >what Thug's friend seems to need. This has been discussed at length in >the literature. 1. If you want randomness, introducing order is bad. As Eric Hughes pointed out, trimming runs reduces the entropy of the sequence. You want to increase the entropy i.e. maximize the surprise. One good way to increase the entropy is to compress the 'random' sequence. The output of a good compressor has greater entropy than the input. If the input is already random, no harm done (again, with a GOOD compressor... otherwise it is easy to accidentally introduce order). If the input has some subtle bias or regularity, the compressor will get rid of it (at the cost of reducing the total volume of the sequence). Good compressors are much better at detecting regularity (and eliminating it) than human beings. 2. Of course (as Thug stated) you are (also) compressing the plaintext before you encrypt it. It is best to do this with an adaptive scheme and an arithmetic encoder so that a) the entropy of the plaintext is maximized and so that b) accidentally decrypting something correctly in the middle of the stream is useless. My recommendation for a good binary scheme is DMC (dynamic markov compression) feeding into almost any binary arithmetic encoder (e.g. the Q-coder, et. al.). I would use this to compress both the plaintext stream before encryption, and a 'suspect' random number stream. If there is interest, I will post a bibliography of papers and books relating to this. Scott Collins (Scott_Collins@genmagic.com) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: surfpunk@osc.versant.com (gubhtug gb ribxr fpvrapr svpgvba engure guna fpvrapr) Date: Wed, 27 Jan 93 10:33:43 PST To: surfpunk@osc.versant.com (SURFPUNK Technical Journal) Subject: [surfpunk-0036] CRYPT: Sci Am on Public Key Cryptosystems Message-ID: MIME-Version: 1.0 Content-Type: text/plain + + Cypherpunks don't care if you don't like the + software they write. Cypherpunks know that + software can't be destroyed. Cypherpunks know + that a widely dispersed system can't be shut + down. + -- the cypherpunk manifesto + (cypherpunks-request@toad.com) ++++++++++++++++++++++++++++++++++++++++++++++++ Here's a short piece from Scientific American on RSA, PEM, PGP etc. Notice towards the end this article says "The U.S. is the only nation that permits the patenting of mathematical algorithms." That threw me at first -- it's not *supposed* to be permitted, but in practice, it is. So I suppose this is a true statement. (The cover article of this Sci Am is on a team at the Science Museum in London that did a 3-ton implementation of Babbage's Difference Engine.) -- strick ________________________________________________________________________ ________________________________________________________________________ Source: Scientific American, February 1993, beginning at the 30th page. For fair use only. Electronic Envelopes? The uncertainty of keeping e-mail private Recent legislative efforts to mandate remote wiretapping attachments for every telephone system and computer network in the U.S. may have been the best thing that every happened for encryption software. "We have mostly the FBI to thank," says John Gilmore of Cygnus Support in Palo Alto, Calif. Gilmore is an entrepreneur, hacker and electronic civil libertarian who helped to found the Electronic Frontier Foundation (EFF). He is now watching closely the development of two competing techniques for keeping electronic mail private. As matters now stand, computers transmit messages from one user to another in plain text. If a geneticist in Boston sends e-mail to a molecular biologist in San Diego, any of the half a dozen or so intermediary machines that forward the letter could siphon off a copy -- and so could any of the dozens of workstations that might be attached to the local-area network at the sender's or recipient's university or company. The Electronic Privacy Act of 1986 prohibits snooping by public e-mail carriers or law-enforcement officials, except by court order. Nevertheless, many people are becoming uncomfortable with the electronic equivalent of mailing all their correspondence on postcards and relying on people to refrain from reading it. They are turning to public-key encryption, which allows anyone to encode a message but only the recipient to decode it. Each user has a public key, which is made widely available, and a closely guarded secret key. Messages encrypted with one key can be decrypted only with each other, thus also making it possible to "sign" messages by encrypting them with the private key [see "Achieving Electronic Privacy," by David Chaum; Scientific American, August 1992]. Two programs -- and two almost diametrically opposed viewpoints embodied in them -- are competing for acceptance. Privacy Enhanced Mail (PEM) is the long-awaited culmination of years of international standard setting by computer scientists. Pretty Good Privacy (PGP) is a possibly illegal work of "guerilla freeware" originally written by software consultant Philip Zimmermann. The philosophies of PEM and PGP differ most visibly with respect to key management, the crucial task of ensuring that the public keys that encode messages actually belong to the intended recipient rather than a malevolent third party. PEM relies on a rigid hierarchy of trusted companies, universities and other institutions to certify public keys, which are then stored on a "key server" accessible over the Internet. To send private mail, one asks the key server for the public key of the addressee, which has been signed by the appropriate certification authorities. PGP, in contrast, operates on what Zimmermann calls "a web of trust": people who wish to correspond privately can exchange keys directly or through trusted intermediaries. The intermediaries sign the keys that they pass on, thus certifying their authenticity. PGP's decentralized approach has gained a wide following since its initial release in June 1991, according to Hugh E. Miller of Loyola University in Chicago, who maintains an electronic mailing list for discussion among PGP users. His personal "keyring" file contains public keys for about 100 correspondents, and others have keyrings containing far more. As of the end of 1992, meanwhile, a final version of PEM has not been officially released. Gilmore, who subscribes to the electronic mailing list for PEM developers, says he has seen "only five or 10" messages actually encrypted using the software. Although PGP's purchase price is right -- it is freely available over the Internet and on electronic bulletin boards throughout the world -- it does carry two liabilities that could frighten away potential users. First, U.S. law defines cryptographic hardware and software as "munitions." So anyone who is caught making a copy of the program could run afoul of export-control laws. Miller calls this situation "absurd," citing the availability of high-quality cryptographic software on the streets of Moscow. Worse yet, RSA Data Security in Redwood City, Calif., holds rights to a U.S. patent on the public-key encryption algorithm, and D. James Bidzos, the company's president, asserts that anyone using or distributing PGP could be sued for infringement. The company has licensed public-key software to corporations and sells its own encrypted-mail package (the algorithm was developed with federal support, and so the government has a royalty-free license). When Bidzos's attorneys warned Zimmermann that he faced a suit for developing PGP, he gave up further work on the program. Instead PGP's ongoing improvements are in the hands of an international team of software developers who take advice from Zimmermann by e-mail. The U.S. is the only nation that permits the patenting of mathematical algorithms, and so programmers in the Netherlands or New Zealand apparently have little to fear. U.S. residents who import the program could still face legal action, although repeated warnings broadcast in cryptography discussion groups on computer networks have yet to be superseded by legal filings. Meanwhile, Gilmore says, the only substantive effect of the patent threat is that development and use of cryptographic tools have been driven out of the U.S. into less restrictive countries -- Paul Wallich ________________________________________________________________________ ________________________________________________________________________ The SURFPUNK Technical Journal is a dangerous multinational hacker zine originating near BARRNET in the fashionable western arm of the northern California matrix. Quantum Californians appear in one of two states, spin surf or spin punk. Undetected, we are both, or might be neither. ________________________________________________________________________ Send postings to , subscription requests to . MIME encouraged. Xanalogical archive access soon. Cypherpunks love to practice. ________________________________________________________________________ ________________________________________________________________________ #define DA_MD2 3 #define DA_MD5 5 #define MIN_RSA_MODULUS_BITS 508 #define MAX_RSA_MODULUS_BITS 1024 #define MAX_RSA_MODULUS_LEN ((MAX_RSA_MODULUS_BITS + 7) / 8) #define MAX_RSA_PRIME_BITS ((MAX_RSA_MODULUS_BITS + 1) / 2) #define MAX_RSA_PRIME_LEN ((MAX_RSA_PRIME_BITS + 7) / 8) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pmetzger@shearson.com (Perry E. Metzger) Date: Wed, 27 Jan 93 09:24:28 PST To: thug@phantom.com Subject: Randomness Message-ID: <9301271622.AA02754@maggie.shearson.com> MIME-Version: 1.0 Content-Type: text/plain > From: thug@phantom.com (Murdering Thug) > > Yes I do think the idea of making a "more random than random" stream > by filtering out long runs of 0's or 1's weakens the the key stream > in theory, but in practical use it strengthens it, because if the stream > is left alone, runs of 500 bits of 0's or 1's can come through, and any > fool can then extract plain text using XOR in this area of the cyphertext. The odds against a run of 500 1's is one in 2^500th, which is a number so large I can't imagine a real random number source creating it in the lifetime of our universe. Presumably, your problem is that your random number source is crap. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Fogleman Date: Wed, 27 Jan 93 14:51:10 PST To: thug@phantom.com Subject: Limiting "white" noise runlength Message-ID: <9301272248.AA18636@ack.adstest.analog.com> MIME-Version: 1.0 Content-Type: text/plain Mr. Thug, In talking about "white" noise, you mentioned: > Yes I do think the idea of making a "more random than random" stream > by filtering out long runs of 0's or 1's weakens the the key stream > in theory, but in practical use it strengthens it, because if the stream > is left alone, runs of 500 bits of 0's or 1's can come through, and any > fool can then extract plain text using XOR in this area of the cyphertext. > LZW compression of the plaintext helps, but I feel that it is far better > to reduce the possibility of a key stream containing long runs of 0's or > 1's, than to leave it alone. Why not feed back the previously encrypted bits to perform the "present" encryption (something like cipher block chaining) to keep this from happening? Then any particular encrypted character will depend on *all* previous characters and break up runs of "plaintext". That seems much better than un-whitening your white noise... Eric Fogleman From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Wed, 27 Jan 93 19:41:55 PST To: cypherpunks@toad.com Subject: (fwd) RISKS DIGEST 14.29 Message-ID: <9301280338.AA09001@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain I found this in RISKS. Apparently, law enforcement types are approaching software vendors and seeking backdoors and other compromises. Note that Lotus is a licensee of RSA, so the encryption algorithms worrying the FBI are probably the main RSA algorithms. Cypherpunk activities are becoming more important than ever. -Tim May From: risks@CSL.SRI.COM (RISKS Forum) Subject: RISKS DIGEST 14.29 Date: 27 Jan 93 22:05:31 GMT ------------------------------ Date: Wed, 20 Jan 93 17:58:49 EST From: joltes@husc.harvard.edu Subject: The FBI and Lotus cc:Mail An interesting tidbit came to light while I was attending a demonstration of Lotus' cc:Mail and Notes products at the Boston NetWorld this month. During the Notes portion of the presentation someone asked how secure the information in the various databases was, and how the encryption was done. The presenter said that the data was considered very secure, so much so that the FBI had approached Lotus to ask that a "back door" be left in the software in order to give the Bureau a method for infiltrating suspects' filesystems. She said they were specifically targeting "drug dealers and other bad people." Given this backdoor, what was to stop the Bureau from inspecting confidential materials on any system? The risks seem obvious. Additionally, it makes one wonder how many other vendors of supposedly "secure" software have been similarly approached by various Federal organizations, and how many have agreed to create the back doors as requested. Happily, the presenter said that Lotus refused to honor the FBI's request. Bravo! Dick Joltes, Manager, Networks and Hardware, Harvard University Science Center joltes@husc.harvard.edu ------------------------------ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jay Prime Positive Date: Wed, 27 Jan 93 20:45:22 PST To: cypherpunks@toad.com Subject: thresholding to enhance secrecy Message-ID: <9301272043.aa08979@hermix.markv.com> MIME-Version: 1.0 Content-Type: text/plain Summary: You can improve the secrecy of weak cypher systems by using thresholding. You can gain linear (or better) improvements for linear increase in the cyphertext size. No claim for change in signature strength is made. Thresholding is the name for a way of breaking up a peice of information into X peices so that Y <= X peices are needed to recover the information. If even Y-1 peices recovered, you still have no idea what the original information is. A simple thresholding system which requires 2 out of 2 peices to recover the original is to transform M into R and R+M where R is a random bit stream, and R+M is the same random bit stream xored with the message. Concider the weak cypher systems S1, S2, S3... where each has a probability of being 'broken' X1, X2, X3... requireing the (expected) expense of E1, E2, ... EN effort. Threshold your message P into N peices, P1, P2, P3, PN, such that all N are required to recover the message. Send S1(P1), S2(P2), S3(P3)... SN(PN). I belive that the probability of breaking this system should be (1-X1)*(1-X2)*(1-X3)* ...*(1-XN) and that the effort to break it to be E1+E2+...EN (with a smaller deviation that the sum of the deviations of Ei). This is only a linear increase in effort, but more than linear increase in the probability of secrecy. (right?) If people fear that PGP doesn't provide strong enough secrecy, we could switch to PGP^3, or even PGP^10. And if people are going to compress their messages anyway, there doesn't seem to be any good reason NOT to switch to PGP^2. There is probably a similar system which increases the strength of signatures too. Any ideas? (I suspect the naive aplication of thresholding here will DECREASE signature strength.) How about a way to *exponentialy* increase the effort and probability? Then it wouldn't matter much how weak our cyphers were! j' From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Wed, 27 Jan 93 20:50:44 PST To: cypherpunks@toad.com Subject: Computerized OTP (was 5th AMENDMENT & DECRYPTION) In-Reply-To: Message-ID: <9301280448.AA02108@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain At risk of belaboring the point about random numbers, I have some more, hopefully different comments. Let me at least make the following point clear. Making random numbers is a hard problem. It is hard on the scale of designing a good cryptographic hash function. >if a real >random source is used (e.g. RF noise/static) It is unwise to conclude that a source is random merely because it looks like noise. Electrical noise is often a poor source of randomness because much noise comes from unshielded oscillators of one sort or another. Even a source based on thermal noise must be carefully designed, since solid state effects such as avalanching can generate characteristic contributions. I would suggest that everyone look and volume 2 of Knuth for the difficulty of designing pseudorandom number generators in software. Making hardware random numbers is harder than that, since it requires all that knowledge and then some. The difficulty is in knowing that your numbers are random, not in making noise. >no bit in the key stream >has any relationship to any other bit in the key stream, This is not sufficient for a stream to be random. I can have this property and still have a very non-random stream. For example, suppose I have a random stream. If for every two bits I output those two bits and their xor (sum mod 2), then no two bits have any relation to each other, but looking at bits three at a time shows awful statistics. The actual statement is that the every conditional probability that a configuration of size n occur given any other independent configuration is 1/n. In others words, every combination of bits must be independent from every other combination. This is much stronger than requiring mere bit independence. And as an aside, long runs of bits can be removed (as Scott Collins mentioned) by compression, and short configurations of bits can be removed by hashing. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Chael Hall) Date: Wed, 27 Jan 93 20:51:20 PST To: hugh@toad.com Subject: Re: Remailer Changes In-Reply-To: <9301270235.AA01717@domingo.teracons.com> Message-ID: <9301280448.AA22419@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain > Why are you retaining the Subject: headder line? If I want a >Subject: line I should include inside the encrypted block. > > ||ugh Daniel > hugh@toad.com Taking Hugh's advice, I made the remailer strip subject lines from the original header. By the way, I could use a few more messages sent through here for testing. Please remember, it only gets remailed if: X-Anon-To: user@host X-Anonymously-To: user@host Request-Remailing-To: user@host Subject: Request Remailing One of the above lines *MUST* be in the header or else it won't get remailed. (it goes to my in box) Thanks. Chael Hall -- Chael Hall nowhere@bsu-cs.bsu.edu, 00CCHALL@LEO.BSUVC.BSU.EDU, CHALL@CLSV.Charon.BSU.Edu (317) 285-3648 after 5 pm EST From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Scott Collins" Date: Thu, 28 Jan 93 14:46:48 PST To: "Cypher Punks" Subject: Biblio re>randomness and OT Message-ID: <9301282246.AA28614@> MIME-Version: 1.0 Content-Type: text/plain Subject: Biblio re>randomness and OTPs Response was sufficient to merit posting this (brief and specific) bibliography pertaining to a) randomness; b) testing for randomness; and c) compression and coding as it relates to privacy and maximizing entropy. The items are listed in the order that *I* think represents their helpfulness on this topic. Two interesting quotes from Knuth (book [1] below): (sec3.2.2 para2 p25) One of the common fallacies encountered in connection with random number generation is the idea that we can take a good generator and modify it a little, in order get and "even-more-random" sequence. (sect3.3 para4 p38) ...The point of these remarks is that we cannot be trusted to judge by ourselves whether a sequence of numbers is random or not. Some unbiased mechanical tests must be applied. Books ========== [1] "The Art of Computer Programming, vol 2: Seminumerical Algorithms" by Donald Knuth. ISBN 0-201-03822-6 Sections of interest: (3) Random Numbers [2] "Text Compression" by Bell, Cleary and Witten. ISBN 0-13-911991-4 Sections of interest: (5) From Probablilities to Bits, especially (5.2) Arithmetic Coding (7.3) Dynamic Markov Modeling (10.1.5) Privacy and Compression [3] "Adaptive Data Compression" by Ross N. Williams. ISBN 0-7923-9085-7 Sections of interest: (1.9) Arithmetic Coding (1.10.6.8) DMC (1.16) Error Correction, Data Compression and Cryptography [4] "Image and Text Compression" edited by Storer. ISBN 0-7923-9243-4 Sections of interest: (4) 'Practical mplementations of Arithmetic Coding' by Howard and Vitter. Papers ========== [5] "A note on the DMC data compression scheme" by Bell and Moffat. [6] "Universal Coding, Information, Prediction, and Estimation" by Rissanen. [7] "Linear Time Adaptive Arithmetic Coding" by Moffat. [8] "A Simple General Binary Source Code" by Langdon and Rissanen. [9] "An overview of the basic principles of the Q-Coder adaptive binary arithmetic coder" by Pennebaker, Mitchell, Langdon and Arps. [10] "Software implementations fo the Q-Coder" by Mitchell and Pennebaker. [11] "Optimal hardware and sofware arithmetic coding procedures for the Q-Coder" by Mitchell and Pennebaker. [5] "Probability estimation for the Q-Coder" by Pennebaker and Mitchell. I hope you find this information helpful. Scott Collins (Scott_Collins@genmagic.com) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Fan Li TAI Date: Thu, 28 Jan 93 21:22:56 PST To: cypherpunks@toad.com Subject: is this true??? Message-ID: <9301290522.AA17978@toad.com> MIME-Version: 1.0 Content-Type: text/plain Hiya.... I found this post in a newsgroup that I try to follow. Don't know about etiquette about how this should have been edited, so it's all here, headers and all. Anyway, I would like to know if the info is accurate, bull or what? FYI, the ISA means Internal Security Act (back in Malaysia) and they have had UUCP for a few years (but UUCP's hardly enough for the kinds of traffic they are talking about, but then a few private companies *did* have full Internet, so..... it's possible that the "thingy" was there without public knowledge.... ________begin reposting________ X-NEWS: msuvx1 soc.culture.asean: 11533 Relay-Version: VMS News - V6.1B5 17/9/92 VAX/VMS A5.5-2; site memstvx1.memst.edu Path: memstvx1!cs.utk.edu!gatech!swrinde!zaphod.mps.ohio-state.edu!darwin.sura.n et!haven.umd.edu!uunet!mcsun!fuug!anon Newsgroups: soc.culture.asean Subject: ?? Electronic Monitoring ?? [The article] Message-ID: <1993Jan20.211138.20587@fuug.fi> From: an3284@anon.penet.fi (legend) Date: Wed, 20 Jan 1993 19:40:25 GMT Sender: anon@fuug.fi (The Anon Administrator) Organization: Anonymous contact service X-Anonymously-To: soc.culture.asean Lines: 181 sorry about the previous post. The mailer cut off everything after any "--" line, which I used to separate the forwarded message. Here'e the complete message. legend. In article <1993Jan20.041347.19567@husc3.harvard.edu>, on@husc.harvard.edu writes: |> |> Now with Malaysia officially on Internet, I wonder if the ISA patrol |> will be monitoring this (and maybe s.c.malaysia) newsgroup. If so, then |> I guess there'll be no more criticizing the government -- that could |> get you detained without a trial. And since posting here could be |> interpreted as publishing, I guess there'll be no more talk on "sensitive" |> issues or you'll be in hot soup under the Seditions Act. Of course, now |> we can't talk about freedom or basic human rights either because Mr. |> what's-his-name here has declared that it has no place in Malaysian |> society; therefore it has no place in s.c.a or s.c.m too! |> |> SIGH! Soc.culture.asean will never be quite the same again... But hey, |> look on the bright side... we can always talk about food. |> |> Goodnight... |> |> Ahmad Zulqarnain b. Che On GO HOOSIERS!! |> on@husc.harvard.edu NO MORE DOOK... NO MORE DOOK... NO MORE DOOK ! When in doubt, assume they will (or for that matter, have been). In fact, Malaysia has *ALWAYS* been capable of monitoring Usenet news since a long time ago, since Malaysia has long been connected via UUCP, which is capable of providing a news feed. Included below is an article that appeared in alt.bbs.allsysop. It's source has NOT been validated. It is included here for your pondering only. PLEASE TREAT IT ONLY AS A RUMOR UNTIL THERE IS EVIDENCE. The possibility of the scenerio described in the article happening is up for debate. Again, the article is included for discussion purposes only. Please use your own discretion in deciding the truthfulness/falsefulness of the content. I am only forwarding an article that appeared in another newsgroup. This article was NOT originated from me. legend. ************************************************************************ * ************************************************************************ * *** ** * *** IF YOU WISH TO QUOTE/RE-QUOTE PART/ALL OF THE FOLLOWING ARTICLE, ** * *** PLEASE ALWAYS INCLUDE THIS DISCLAIMER/WARNING WITH IT. THANKS. ** * *** ** * *** The following article appeared in alt.bbs.allsysop in ** * *** September '92 and is re-post here without permission. ** * *** It has been included here for DISCUSSION PURPOSES ONLY. ** * *** The validity of the information included has NOT BEEN ** * *** VERIFIED. The reader should at best treat it as a RUMOR ** * *** at this point, and conduct his/her own investigation if ** * *** felt necessary. ** * *** ** * ************************************************************************ * ************************************************************************ * ORIGINAL POST FOLLOWS: Newsgroup: alt.bbs.allsysop In article <1992Sep30.033757.24139@bnlux1.bnl.gov>, foxworth@bnlux1.bnl.gov (Bob Foxworth) writes: |> |> The following message was received over our local Amateur Radio TCP/IP |> VHF Radio network on 26 Sept. It came there from the Amateur AX.25 protocol |> Packet Radio network, the originating radio BBS station (at Canton Ohio) |> entered it into the Amateur packet network on 16 Sept. I am passing it |> on "as received". I am not vouching for, nor am I disclaiming any statements |> in this message. I hope it is not a repeat of anything...any replies, post |> to the net, not to me. I tried to post it 3 days ago but it never |> appeared here. It did also go to a moderated group who rejected it, however. |> |> [begin included tex] |> - From n8ecw%kc2fd@kc2fd.ampr.org Sat Sep 26 14:05:28 1992 |> - Received: from n2mdq.ampr.org by k2euh.ampr.org with SMTP |> id AA9736 ; Sat, 26 Sep 92 13:59:54 UTC |> - Received: from kc2fd.ampr.org by n2mdq.ampr.org |> - (n2mdq@n2mdq.ampr.org) with SMTP |> - id AA10034 ; Tue, 22 Sep 92 13:49:44 UTC |> - Date: 26 Sep 92 13:51:00 UTC |> - Message-Id: <6087@kc2fd.ampr.org> |> - From: n8ecw@kc2fd.#nli.ny.usa.na |> - To: nli@n2mdq |> - Subject: CP KC2FD: BBSs, Privacy, and You! |> - X-BBS-Msg-Type: P |> - Status: R |> |> - R:920926/1351Z @:KC2FD.#NLI.NY.USA.NA [Coram, LI, NY] FBB5.14d #:18091 |> |> - From: N8ECW@KC2FD.#NLI.NY.USA.NA |> - To : NLI@N2MDQ |> |> - Original from N8ECW to ALL@USBBS |> - R:920926/0848Z @:N2BQF.#NLI.NY.USA.NOAM [Copiague] FBB5.14d TELINK #:18005 |> - intermediate headers deleted |> - R:920916/1944z @:KA8Z.OH.USA Canton, Oh. #:26846 Z:44705 |> |> I found the following message on a land line BBS. Since many packet users |> also have modems and call land line BBSs, and many sysops also run such |> BBSs I think that the information in the following message is something |> we should all be aware of. |> |> *** |> |> As someone involved in the telephone industry on the level of security |> and data integrity... I would like to inform everyone that uses modems |> and/or are bbs operators of some information. |> |> The first thing that everyone that uses a modem should know is that |> every time you fire up your modem your activating monitoring equipment |> somewhere in the U.S. I have worked for several large telephone |> networks that routinely monitor and reroute modem and fax transmissions |> through devices that allow them to view what is being transmitted and |> even decodes encrypted data and fax packets used by major corporations |> and governmental agencies. This is allowed under the heading of |> "Maintenance Monitoring" and may be continued for up to 6 months without |> the need of any legal paperwork being generated. Under an obscure |> pre-WWII ruling by the agency that is now the FCC... "No information may |> be encoded or transmitted over PUBLIC or PRIVATE forms of telephony or |> radio with the exception of those agencies involved in the National |> Security" a further designation goes on to say "with the exception of |> the MORSE system of 'transmittal', any communication that is not |> interpretable by the human ear is forbidden and unlawful." |> |> The information gathered goes to 3 seperate database facilities...1 is |> codenamed Diana and is located in Brussels, the 2nd is named Fredrick |> and is located somewhere in Malaysia, the 3rd is named Elizabeth and is |> located in Boulder, Colorado. The information stored in these systems |> is accessable by the US Government, Interpol, Scotland Yard and various |> other such agencies. Your credit rating is also affected by your modem |> usage... if you ever get a copy of your credit history and find a |> listing that has HN06443 <--= this is a negative risk rating. or a code |> 87AT4 <---= an even more negative risk rating.... these will usually |> have no description on them... and if you inquire about them they will |> tell you that it just comes from the system that way. |> |> I am currently working for another major carrier as a consultant and |> have been able to watch these systems operate...at one unnamed long |> distance carrier here in Columbus Ohio in their NCC, Network Control |> Center, you can see several rows of computer terminals which have |> approximately 30 to 40 separate windows in each... these windows have |> data transmissions that are being monitored... banks of 9 track tapes |> are going constantly to record everything. Everyone should realize that |> even if a sysop posts a disclaimer at the beginning of his bbs about no |> access to governmental agencies or law enforcement...that it isn't worth |> the time it takes to type it in... looking forward to hearing reactions |> to this. |> |> ****** |> |> I apologize for the length of this message, but it's information that I |> feel is important, especially for any land-line BBS sysop. Anytime you |> enter a message, even if it's private, always do it with the assumtion |> that it's going to be seen by anyone and everyone, everywhere. |> |> Tnx |> 73s |> de Tom, N8ECW@KA8Z.#NEOH.OH.USA.NA |> [end included message] |> Standard disclaimers apply. My employer, above, has no connection or |> responsibility with anything I say or relay here. Of course. ------------------------------------------------------------------------- To find out more about the anon service, send mail to help@anon.penet.fi. Due to the double-blind system, any replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. _______________________________________________________________________________ |___ ___ _____ ___ ___ | User Services, Room 134, Adm Bldg| || \/ | / ____\ | | | | Fan Li TAI | Memphis State University | || \ / | \____ \ | |_| | Campus Box 528039 | Internet: USTAI@MSUVX1.MEMST.EDU | ||_|\/|_| \_____/ \_____/ Memphis, TN 38152 | Bitnet : USTAI@MEMSTVX1 | |___________________________________________|__________________________________| From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phiber Optik Date: Fri, 29 Jan 93 00:19:39 PST To: cypherpunks@toad.com Subject: Is this true??? Message-ID: <199301290818.AA18130@eff.org> MIME-Version: 1.0 Content-Type: text/plain That last message containing info on purported phone company monitoring activities was the biggest load of propagandist bullshit I think I've seen in a long time. I'm sure it generated the expected fear and paranoia amongst more ignorant people. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Daniel Ray Date: Fri, 29 Jan 93 13:30:21 PST To: cypherpunks@toad.com Subject: Re: turning on yourself during car stops Message-ID: <9301290553.AA10758@tnl.com> MIME-Version: 1.0 Content-Type: text/plain >From: Peter Honeyman >To: cypherpunks@toad.com, edgar@spectrx.Saigon.COM >Date: Mon, 25 Jan 93 19:57:20 EST >Subject: Re: public servant privacy > >i believe there is a special exception related to automobiles >that makes them subject to search without a warrant when the >driver is placed under arrest. but check with a lawyer. > > peter > essentially 90+% of all contraband found during traffic stops on the highway is because the driver consented to a search. Literally the police officer will ask "can I search your car?" and people, even experienced criminals, will say "ok alright" even though they should know better. some think that saying no means just a delay and they search anyways. this is not the case. If they ask, and you say no, the most that happens is that you get a delay and they may bring in a dog for a sniff. If they can search anyway, they will just do it and not ask. Just respond "I want to preserve my privacy". Police know that virtually NO ONE refuses a "consent-search" request. and in most cases, if you do know better and refuse, they will not bring a dog and will let you go. lately a trucker consented to a search where they discovered several million dollars in cocaine in his cab. Police know this phenomenon and, needless to say, exploit it fully. And they know how to "sweet talk" people, which is a method of questions & answers that further enhances cooperation from other- wise noncompliant people. Remember: "Just say no". It may save your ass. norstar@tnl.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Douglas Sinclair Date: Fri, 29 Jan 93 05:02:48 PST To: cypherpunks@toad.com Subject: Radio-isotope OTP generators Message-ID: <9301291302.AA49310@acs1.acs.ucalgary.ca> MIME-Version: 1.0 Content-Type: text/plain I got some mail from someone on the list who told me that about a year ago there had been much discussion of radio-isotope OTP random number generators, and that the conclusion had been that they were too dangerous to use. I replied to that message, but my reply bounced for some reason. So, could anybody please send me a synopsis of the discussion? Thanks. I was talking to my father about this, and we concluded that a simple exposed- silicon photodiode put in reverse bias should provide adequate detection. Put it in darkness, and no current will flow. Hit it with and alpha, and you get a cascade on the order of a million electrons. The alpha source need only be some radium paint on the front of the diode. This is not dangerous stuff. You'd have to go very far out of your way to do yourself any damage with it. If you eat it then bad things might happen, but I can say the same thing about AA batteries... My father designs and builds particle detectors for a living, so he probably knows what he's talking about. BTW: one error in my last message. There is not Californium in a smoke detector, it is Amerecium. Same difference... -- Vercotti: I was terrified of him. Everyone was terrified of Doug. I've seen grown men pull their own heads off rather than see Doug. Even Dinsdale was frightened of Doug. Interviewer: What did he do? Vercotti: He used sarcasm. He knew all the tricks, dramatic irony, metaphor, bathos, puns, parody, litotes and satire. -- Monty Python, Episode 14 PGP 2.1 Key by finger From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: hal@alumni.cco.caltech.edu (Hal Finney) Date: Fri, 29 Jan 93 09:54:50 PST To: cypherpunks@toad.com Subject: OTP Generators Message-ID: <9301291755.AA08021@alumni.cco.caltech.edu> MIME-Version: 1.0 Content-Type: text/plain Douglas Sinclair asked about the earlier discussion re the use of radiation to generate true random numbers for one time pads. The problem, as I recall, was with the quantity of bits needed. OTP's eat bits like crazy. People have talked about filling CD-ROM's or other optical media with hundreds of megabytes or even gigabytes of random numbers. Now, the problem is how long it will take to produce that much random data. A few bits per second won't be fast enough. Suppose you wanted to produce 100 megabytes per day (which would take over a week to create a gigabyte). That requires about 10,000 random bits per second. Now, your detector is not going to be 100% efficient. Only a certain fraction of the emitted particles are going to be detected. So you will need more decays than this, possibly many more. Also, relying on a half-life calculation in which we wait a certain time interval, and see if there is a decay or not, won't be that accurate. If your time is off a little, it could bias the results. Tim May posted the best (IMO) fix for this. You collect bits in pairs; discard 00 and 11; for each 01 output a 0, for each 10 output a 1. This way even if there is a bias where, say, 60% of the bits are 0's and 40% are 1's you still get 50-50 0's and 1's out. This means you get about 1 output bit for each 4 inputs, so you have to increase the necessary decay rate by a factor of 4. So, the needed particle emission rate is 40,000 divided by the efficiency of your detector. Perhaps Douglas could get some efficiency figures from his father, and judge whether this rate of radiation emission would be safe. Hal Finney 74076.1041@compuserve.com {. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: hal@alumni.cco.caltech.edu (Hal Finney) Date: Fri, 29 Jan 93 10:05:55 PST To: cypherpunks@toad.com Subject: Remailer abuse? Message-ID: <9301291807.AA08440@alumni.cco.caltech.edu> MIME-Version: 1.0 Content-Type: text/plain When the Pax remailer was shut down, I stopped keeping any logs of my remailer operation. I felt that I did not want to provide information that would be helpful to those forces which oppose information privacy. So, I don't know the history of it, but today I received this message: To: hal@alumni.cco.caltech.edu Subject: Re: what you said you wanted I am shocked that you would send such trash to innocent young girls, whom you don't even know (Not that it is better if you know them) Well, I am appalled!!! Why me?? Is someone using my remailer to send trash to innocent young girls? I am uncomfortable to be facilitating this kind of activity. Can anyone offer suggestions for the ethical thing to do in this situation? Hal 74076.1041@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: sDun@isma.demon.co.uk (Stephen Dunne) Date: Fri, 29 Jan 93 05:20:25 PST To: cypherpunks@toad.com Subject: Re: The FBI and Lotus cc:Mail Message-ID: <728328337snx@isma.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain In article ** unknown ** you write: >An interesting tidbit came to light while I was attending a demonstration of >Lotus' cc:Mail and Notes products at the Boston NetWorld this month. During >the Notes portion of the presentation someone asked how secure the information >in the various databases was, and how the encryption was done. > > Blah Blah Blah > >Happily, the presenter said that Lotus refused to honor the FBI's request. >Bravo! > >Dick Joltes, Manager, Networks and Hardware, Harvard University Science Center >joltes@husc.harvard.edu I suppose that really means "Lotus *said* they refused to honour it.." Paranoid? Moi !? Stephen -- +--------------------------------------------------------------------------+ |Stephen Dunne DoD#767 sdun@isma.demon.co.uk | |International Securities Market Association I speak for me,thats all| |Voice (+44) 71-538-5656 Fax (+44) 71-538-4902 PGP 2.1 key available | |We are not affiliated to any other Demon.Co.Uk site. (especially Evil!) | +--------------------------------------------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Fri, 29 Jan 93 10:29:42 PST To: cypherpunks@toad.com Subject: Re: OTP Generators Message-ID: <9301291826.AA15886@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Hal Finney writes: > Douglas Sinclair asked about the earlier discussion re the use of > radiation to generate true random numbers for one time pads. > > The problem, as I recall, was with the quantity of bits needed. OTP's ...stuff elided... > So, the needed particle emission rate is 40,000 divided by the > efficiency of your detector. Perhaps Douglas could get some efficiency > figures from his father, and judge whether this rate of radiation > emission would be safe. Yes, we've discussed this a couple of times. For a 2 pi detector geometry, about 100,000 decays per second are needed to give the 40,000 or so that the detector could see. This is about 3 microcuries (1 curie = 3.7 x 10^10 disintegrations per second), which is far higher than the Am-241 smoke detector sources have (0.1 microcurie, if I remember correctly...but I could be wrong on this, as it's been years...). (There's also the issue of detector drift, with such high levels causing changes in the detector properties.) Obviously, multiple detectors could be used, each generating perhaps several thousand bits pers second. It'll still take a week or so to fill a single CD-ROM. Not too practical. Nor is the production and distribution of CD-ROMS very convenient. Using this for "Cypherpunks"-type activities would be a nightmare of inconvenience for all concerned. -Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: waiting for the dust to settle. -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: waiting for the dust to settle. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: miron@extropia.wimsey.com (Miron Cuperman) Date: Fri, 29 Jan 93 04:11:48 PST To: cypherpunks@toad.com Subject: ARA security Message-ID: <1993Jan29.105734.1737@extropia.wimsey.bc.ca> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Proposition 1: All remailing schemes are vulnerable in the case that all remailing sites in the chain are compromised before transmission. Proposition 2: With ARAs and direct transmission (one recipient at each hop), if the first n-1 hosts in a chain are compromised then the n_th host identity is known. If all hosts are compromised, the originator is known. Corollary 1: Direct-transmission ARAs are vulnerable to an adversary that can compromise any small subset of all hosts. This is done by sequentially compromising the next host, and using that information to find the identity of the next host after that. No amount of "random" routing has any effect in this case, since the randomness is implemented by each host, but each host is compromised before it makes the delivery. Proposition 3: Normal anonymous transmission (not ARA) is "unconditionally" secure after *one* passage through an uncompromised host, assuming no traffic analysis and no log files. (With log files, normal transmission is as insecure as direct-transmission ARAs.) Therefore, it seems like direct-transmission ARAs are much less secure than normal anonymous transmission. For better security, we must find some other ARA scheme. A proposal: broadcast ARAs and Message Pools - -------------------------------------------- All messages to a message pool are sent to all subscribers to the pool. Messages to the pool are encrypted with the (pseudonymous) public key of the recipient. The ARA can thus belong to any of the subscribers to the pool. The connection between public keys and subscribers is not maintained anywhere. The subscribers have attempt decryption of messages marked with their pseudonyms. Once the key of a subscriber is destroyed, it is not possible to prove that any message was destined for that subscriber, affording a last resort to a subscriber suspecting that an attack is in progress. Pools must have a large number of subscribers in case it is possible to compromise the key of any particular subscriber. Pools can be implemented as Usenet groups for a low-cost delivery medium. Each pool should be geographically limited in order to further minimize costs (the Distribution: header works well here). If costs are minimized, the pools can be increased, affording better security. For experimental, low-volume tests, mailing lists can be used. - -- Miron Cuperman | NeXTmail/Mime ok | Public key avail AMIX: MCuperman | cyberspacecomputingcryptoimmortalitynetworkslaissezfaire -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK2j60ZNxvvA36ONDAQFKiAP+JFWWeke6rADXFfK4d4LPHNUWJ9NwcjH4 5XDC+Veg8h3JgwSQ7f0J8JM9LqwbHBWHObm4bPJKeBa1fSIP2L8xNMsA0dQnriwE EWVR6oUPy3ANMefEa9CHMS+bkOnuGRXV4Ntsi6Eh1kLyK340jUheWKjVMtWl37Cb d9qe12GqSlU= =LHSz -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: henry strickland Date: Fri, 29 Jan 93 11:16:40 PST To: hal@alumni.cco.caltech.edu (Hal Finney) Subject: Re: Remailer abuse? In-Reply-To: <9301291807.AA08440@alumni.cco.caltech.edu> Message-ID: <9301291920.AA13347@versant.com> MIME-Version: 1.0 Content-Type: text/plain # From cypherpunks-request@toad.com Fri Jan 29 10:57:37 1993 # From: hal@alumni.cco.caltech.edu (Hal Finney) # Date: Fri, 29 Jan 93 10:07:37 PST # Message-Id: <9301291807.AA08440@alumni.cco.caltech.edu> # To: cypherpunks@toad.com # Subject: Remailer abuse? # # Is someone using my remailer to send trash to innocent young girls? My guess: no. Just a guess, but based on the way it was worded and what troublesome forgeries frequently look like and say, I would bet that the message to you about the alleged trash was forged, and is not responding to any such event. strick strick@osc.versant.com henry strickland From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Fri, 29 Jan 93 11:36:05 PST To: cypherpunks@toad.com Subject: is this true??? In-Reply-To: <9301290522.AA17978@toad.com> Message-ID: <9301291933.AA03094@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain The piece about widespread worldwide modem monitoring has one notable difference from most similar pieces: the presence of a bit of falsifiable information, namely the credit history codes HN06443 and 87AT4. Anybody know how to find an authoritative source for independent verification of this data? Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ""L. Detweiler"" Date: Fri, 29 Jan 93 10:41:07 PST To: Phiber Optik Subject: Re: Is this true??? In-Reply-To: <199301290818.AA18130@eff.org> Message-ID: <9301291840.AA29938@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain >That last message containing info on purported phone company monitoring >activities was the biggest load of propagandist bullshit I think I've seen >in a long time. >I'm sure it generated the expected fear and paranoia amongst more ignorant >people. This is not a constructive comment. What is your evidence that it is false? We should dissect the claims. |>Under an obscure |> pre-WWII ruling by the agency that is now the FCC... "No information may |> be encoded or transmitted over PUBLIC or PRIVATE forms of telephony or |> radio with the exception of those agencies involved in the National |> Security" a further designation goes on to say "with the exception of |> the MORSE system of 'transmittal', any communication that is not |> interpretable by the human ear is forbidden and unlawful." This kind of stuff seems to happen whether there are laws sanctioning it or not, but does anyone know what law is being referenced? On a general note, what would tend to validate/rebut the claim? First of all, the simple feasibility of such an operation must be called into question. There is a tremendous amount of data going over modems on public telephone lines. What is the chance that even a small fraction could be monitored? (And an even more infinitesmal fraction archived.) The claim has appeared here before that it is "trivial" for a government agency to scan for interesting keywords and sort the data based on that. But I think that even that would lead to loads of irrelevant crap and require an army of intelligence agents to sort. Where is this army? Also, the claims in the letter are referring to public telephone networks. Would this include all the networks comprising the Internet? If so, this multiplies the data volume immensely. How could anyone find anything useful in these massive streams? Granted, *very* sensitive information is probably contained within it, but how the heck could it be found efficiently? |> Your credit rating is also affected by your modem |> usage... if you ever get a copy of your credit history and find a |> listing that has HN06443 <--= this is a negative risk rating. or a code |> 87AT4 <---= an even more negative risk rating.... these will usually |> have no description on them... and if you inquire about them they will |> tell you that it just comes from the system that way. These claims that credit ratings are influenced by this secret information are rather questionable. What is the path from the decision to mark a record with a black mark to the private companies like TRW that record this? Which clients or sources of TRW or whatever are specifically those that monitor secret information? What exactly does he mean, "your credit rating is affected by your modem usage?" If anyone could refute or demonstrate the actual meaning of HN06443 and 87AT4 codes on credit reports (I've never seen a report or these codes), this would be a specific item to discredit, which would call into question the whole of the claims. |> The information gathered goes to 3 seperate database facilities...1 is |> codenamed Diana and is located in Brussels, the 2nd is named Fredrick |> and is located somewhere in Malaysia, the 3rd is named Elizabeth and is |> located in Boulder, Colorado. The information stored in these systems |> is accessable by the US Government, Interpol, Scotland Yard and various |> other such agencies. Regarding the claim that one major monitoring hub is code named "elizabeth" in Boulder Colorado. There is a government standards agency there, if I am not mistaken, I forget if it is NIST (?). Also, the National Center for Oceanic Research, which has very tremendous computing power (e.g. Cray YMP) is there also. In their tours they show massive archival storage areas, which they say record major amounts of global atmospheric data (e.g. temperatures, wind currents etc.) collected from satellites. These could conceivably be in part "covers" but the idea is also rather unimaginable. Can anybody report on agencies in the areas cited? There is the very specific claim of a carrier in Columbus Ohio. I propose that cypherpunks list be a central reporting place for what might be called "public counter spies" who report on the illicit activities of our governments. Its already largely in that area. If we get enough expertise, nonradicals, and infiltrators here we may be able to get better ideas of what the heck NSA really is doing, what kind of monitoring is really going on, what kind of cryptographic techniques can really be broken, etc. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Fri, 29 Jan 93 11:48:07 PST To: jpp@markv.com Subject: thresholding to enhance secrecy In-Reply-To: <9301272043.aa08979@hermix.markv.com> Message-ID: <9301291945.AA03526@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain It seems that your "thresholding" schemes require an increase in message size. Do I read this correctly? It also seems that you need to generate one time pads to effect this increase in message size, with all the attendant costs of making that quantity of random bits. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl Barrus Date: Fri, 29 Jan 93 10:03:47 PST To: cypherpunks@toad.com Subject: digital banking Message-ID: <199301291802.AA15702@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Cypherpunks, It looks like a few people are trying out the bank...but there is only so much you can try as a single user...so there needs to be a way to contact other bank users and remain anonymous. Being able to contact other bank users will allow bank customers to conduct real transactions, etc. So, what I plan to do is create a remailing header using my remailer's public key for everyone who uses the bank. I will send the appropriate remailing header to each user, which can then be attached to correspondence between bank customers. Then, each user can be contacted via an anonymous remailer (mine) and the remailing header. Following that I will send to each user the total list of remailing headers, so each bank customer will be able to contact the other bank customers. Then, each user can contact the other users, and include their own remailing header to receive responses. Right now we're just experimenting so I'd like the bank customers to be able to interact with each other. How does this system sound? I'd like to hear any comments about the bank or ways the bank's customers may transact with each other (preferably privately). Also, a few weeks ago, maybe even two months, someone posted anonymously :-) that they were nearly complete with an implementation of Chaum's digitcal cash (RSA encryption, decryption, blinded signatures, etc.) scheme. I'd like to hear from that person the status of their project, and whether it is feasible to incorporate their code into my bank server. Remain anonymous if you prefer, and include a remailing header so I can write you back. Incorporating Chaum's method, and cypherpunk-style remailers to conduct business with the bank are two of my goals for this project. /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK2lw84OA7OpLWtYzAQE67gP8DHXoSmvacMO4BlSMFDRwpf9rifEpbwqS Z8IocT5PnAsxhHY407KfKj6KQKT6WhZZ/zxDnm8UCWynwCXYAw8ASn6lqzKWW4Ds 7S9Gdnxv4ue12WqCZIFXF/Lg1AKXMch2q9IF/UN9Tx6b2n2r+IS+D+Gm7XTCksuR 5EP+Qtqhagg= =ox9u -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: geoffw@nexsys.net (Geoff White) Date: Fri, 29 Jan 93 12:43:55 PST To: ld231782@longs.lance.colostate.edu Subject: Re: Is this true??? Message-ID: <9301292031.AA01091@nexsys.nexsys.net> MIME-Version: 1.0 Content-Type: text/plain > are specifically those that monitor secret information? What exactly > do> Regarding the claim that one major monitoring hub is code named > "elizabeth" in Boulder Colorado. There is a government standards > agency there, if I am not mistaken, I forget if it is NIST (?). Also, > the National Center for Oceanic Research, which has very tremendous > computing power (e.g. Cray YMP) is there also. In their tours they > show massive archival storage areas, which they say record major > amounts of global atmospheric data (e.g. temperatures, wind currents > etc.) collected from satellites. These could conceivably be in part > "covers" but the idea is also rather unimaginable. Can anybody report > on agencies in the areas cited? There is the very specific claim of a > carrier in Columbus Ohio. > Well to add more paranoid fuel to the fire, it is no secret that there is a lot of "intelligence" activity around the boulder/colorodo springs area. But I don't think this alone is enough to prop up or refute this claim. The most damageing part of the story IMHO is the line about the 9 track tapes going :) Get real! Now Banks of Hi-8 maybe ... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Fri, 29 Jan 93 13:03:42 PST To: cypherpunks Subject: Privacy Enhanced Mail proceeds to Proposed Standard Message-ID: <9301292103.AA11818@toad.com> MIME-Version: 1.0 Content-Type: text/plain ------- Forwarded Message To: Jon Postel -- RFC Editor To: IETF-Announce:;@CNRI.Reston.VA.US@TIS.COM Cc: Internet Architecture Board Cc: pem-dev@TIS.COM Cc: The Internet Engineering Steering Group From: IESG Secretary Subject: Protocol Action: Privacy Enhanced Mail to Proposed Standard Date: Fri, 29 Jan 93 14:29:02 -0500 Message-Id: <9301291429.aa07535@IETF.CNRI.Reston.VA.US> The IESG has approved the Privacy Enhanced Mail Protocols as a Proposed Standard. These protocols are defined in the Internet Drafts: o "Privacy Enhancement for Internet Electronic Mail: Part I: Message Encryption and Authentication Procedures" o "Privacy Enhancement for Internet Electronic Mail: Part II: Certificate-Based Key Management" o "Privacy Enhancement for Internet Electronic Mail: Part III: Algorithms, Modes, and Identifiers" o "Privacy Enhancement for Internet Electronic Mail: Part IV: Key Certification and Related Services" These documents are the product of the Privacy-Enhanced Electronic Mail Working Group. The IESG contact person is Steve Crocker. Technical Summary The PEM specifications have been under development for almost 6 years. During that time, parts of the specifications have been published, revised and republished, with each new publication including corrections and enhancements commensurate with the experience obtained from implementations and continued deliberations. The specifications have not changed dramatically since March 1992; they are technically sound and consistent with the internet architecture and the anticipated internet security architecture. This protocol opens the door for widespread use of cryptography throughout the Internet which will result in greatly increased security for mail traffic. This protocol is of premier importance in the Internet and will facilitate transition of the Internet to a robust, commercially acceptable medium. The approach chosen in the design of this protocol is to use the public key infrastructure defined in X.509 and encapsulation of messages within the RFC 822 protocol. This approach makes full use of the prior work in the CCITT and ISO community, and it fits cleanly into the existing mail model. There are two difficulties with the approach taken in this design. The articulation of boundaries and parameters is particular to the use of PEM within the RFC 822 mail protocol. MIME includes general facilities for these functions. It would be preferable for this protocol to be aligned with MIME. MIME was not available at the time this protocol was designed, so it is proceeding separately. See below for additional comments on the alignment of MIME and PEM. The certificate infrastructure is large and awkward to bring into existence. It will pay off enormously in this and future protocols because it provides an organized framework for establishing trusted identification and binding of identities to public keys. However, it is not easy to initiate and necessarily slows the deployment and adoption of PEM. Neither of these difficulties affect the soundness of the PEM design. In the current milieu, it is important to deploy this protocol and deal with the difficulties over a period of time. THE DOCUMENTS o Part 1, Message Encryption and Authentication Procedures This document defines message encryption and authentication procedures, in order to provide privacy-enhanced mail (PEM) services for electronic mail transfer in the Internet. It is intended to become one member of a related set of four RFCs. The procedures defined are intended to be compatible with a wide range of key management approaches, including both symmetric (secret-key) and asymmetric (public-key) approaches for encryption of data encrypting keys. Symmetric cryptography is used for message text encryption. Cryptographic hash algorithms are used for message integrity check value computation. Other documents specify supporting key management mechanisms based on the use of public-key certificates; algorithms, modes, and associated identifiers; and details of paper and electronic formats and procedures for the key management infrastructure being established in support of these services. Privacy enhancement services (confidentiality, authentication, message integrity assurance, and non-repudiation of origin) are offered through the use of end-to-end cryptography between originator and recipient processes at or above the User Agent level. No special processing requirements are imposed on the Message Transfer System at endpoints or at intermediate relay sites. This approach allows privacy enhancement facilities to be incorporated selectively on a site-by-site or user-by-user basis without impact on other Internet entities. Interoperability among heterogeneous components and mail transport facilities is supported. The current specification's scope is confined to PEM processing procedures for the RFC-822 textual mail environment. Integration of PEM capabilities with MIME and possibly other mail environments is anticipated, but the specifications are yet to be worked out. In partial anticipation of such integration, the header "Content-Domain" with value "RFC822" is included as a hook. See below for additional discussion. Part II: Certificate-Based Key Management This document defines a supporting key management architecture and infrastructure, based on public-key certificate techniques, to provide keying information to message originators and recipients. It is intended to be one member of a related set of four RFCs. The key management architecture described is compatible with the authentication framework described in CCITT 1988 X.509. This document goes beyond X.509 by establishing procedures and conventions for a key management infrastructure for use with Privacy Enhanced Mail (PEM) and with other protocols, from both the TCP/IP and OSI suites, in the future. The motivations for establishing these procedures and conventions (as opposed to relying only on the very general framework outlined in X.509) are explained in the document. The infrastructure specified in this document establishes a single root for all certification within the Internet, the Internet Policy Registration Authority (IPRA). The IPRA establishes global policies, described in this document, which apply to all certification effected under this hierarchy. Beneath IPRA root are Policy Certification Authorities (PCAs), each of which establishes and publishes (in the form of an informational RFC) its policies for registration of users or organizations. Each PCA is certified by the IPRA. Below PCAs, Certification Authorities (CAs) will be established to certify users and subordinate organizational entities (e.g., departments, offices, subsidiaries, etc.). Initially, the majority of users are expected to be registered via organizational affiliation, consistent with current practices for how most user mailboxes are provided. Some CAs are expected to provide certification for residential users in support of users who wish to register independent of any organizational affiliation. For users who wish anonymity while taking advantage of PEM privacy facilities, one or more PCAs are expected to be established with policies that allow for registration of users, under subordinate CAs, who do not wish to disclose their identities. Part III: Algorithms, Modes, and Identifiers This document provides definitions, formats, references, and citations for cryptographic algorithms, usage modes, and associated identifiers and parameters used in support of Privacy Enhanced Mail. It is intended to become one member of a related set of four RFCs. It is organized into four primary sections, dealing with message encryption algorithms, message integrity check algorithms, symmetric key management algorithms, and asymmetric key management algorithms (including both asymmetric encryption and asymmetric signature algorithms). Some parts of this material are cited by other documents and it is anticipated that some of the material herein may be changed, added, or replaced without affecting the citing documents. Part IV: Key Certification and Related Services This document describes three types of service in support of Internet Privacy Enhanced Mail: key certification, certificate revocation list (CRL) storage, and CRL retrieval. It is intended to be one member of a related set of four RFCs. The services described are among those required of a Certification Authority. Each involves an electronic mail request message and an electronic mail reply message. The request may be either a privacy enhanced mail message or a message with a new syntax defined in this document. The new syntax has a different process type, thereby distinguishing it from ordinary privacy enhanced mail messages. The reply is either a privacy enhanced mail message or an ordinary unstructured message. Replies that are privacy enhanced messages can be processed like any other privacy enhanced message, so that the new certificate or the retrieved CRLs can be inserted into the requester's database during normal privacy enhanced mail processing. Certification authorities may also require non-electronic forms of the request and may return non-electronic replies. It is expected that descriptions of such forms, which are outside the scope of this document, will be available through a Certification Authority's "information" service. THE USE OF CERTIFICATES AND PRIVATE KEYS To aid in understanding the roles of public keys, certificates and private keys, it is useful to consider four functions: - Sealing and signing a message. - Verifying the integrity and signature of a message. - Encrypting a message to ensure confidentiality. - Decrypting a confidential message. The protocols are designed so that sealing and signing are the base protocol, and encryption is an optional addition. That is, a privacy enhanced message is always signed and is only optionally encrypted. To sign a message, the sender must have a public/private key pair. The sender uses the private key to sign the message. Receivers use the corresponding public key to check the signature. With respect to the issuance and use of certificates, only the sender need have a certificate. Receivers use the sender's certificate to ascertain the sender's public key, and hence may check the integrity and authenticity of a message irrespective if whether they have a certificate. This arrangement makes it possible for a sender to sign a public message, e.g. to a newsgroup, and each recipient may check the integrity and signature of the message. License agreements for RSAREF from RSA and TIS/PEM from TIS permit the use of their software for this purpose at no cost, as long as the software is not sold. Encryption and decryption are a different matter. To send an encrypted message, each receiver must have a private/public key pair. The sender accesses the receiver's public key and encrypts the message so only the receiver can decrypt the message. Since encryption is designed as an optional additional to the integrity and signature process, the use of encryption necessarily implies both the sender and receiver have private/public key pairs. There is one exception to this rule. The PEM specifications also permit a symmetric key algorithm to be used for encryption. This is suitable for traffic between two parties who have manually exchanged keys previously. DES is the algorithm used for this purpose, and it is in the public domain. A COMMENT ON THE DECISION TO INCORPORATE PATENTED TECHNOLOGY. Some have asked whether it is necessary to incorporate a patented technology into the standard. In a very real sense, the idea of wide scale cryptography in a public, networked environment is not viable without public key technology. Public key technology opened up the field and enabled application not previously possible. Hence, the decision was not whether to choose public key technology versus some other technology. Rather, the decision was to develop privacy enhanced mail once public key technology became available. The patent situation for public key technology is a bit strange. The patent rules vary slightly from country to country. The basic ideas for public key cryptography were published before the patent was applied for. In the U.S., there is a one year period in which it is still possible to apply for patents after publication. Elsewhere, publication prohibits patenting. Hence, the patent governing RSA applies in the U.S. (and perhaps Canada) but not elsewhere in the world. FUTURE DEVELOPMENTS Integration of MIME and PEM As noted above, it is desirable for MIME and PEM to be integrated. Although there is great pressure to integrate these as quickly as possible, there is even greater pressure to bring PEM out as quickly as possible. The clear consensus is to move these specifications forward now. In the future, proposals and trial implementations for merged MIME-with-PEM systems will be developed, and the resulting specifications may appear on the standards track in short order. Compatibility between these specifications and any new specifications will be of obvious concern. Preliminary analysis indicates that translation between PEM into MIME-with-PEM will be trivial. In my opinion, translation from MIME-with-PEM to PEM is also expectEed to be straightforward as long as the MIME-with-PEM messages contain only plain text, message and multipart content types. Alternative Algorithms Part III of these specifications define the use of the RSA, DES, MD2 and MD5 algorithms. The U.S. government is actively developing an alternative suite of algorithms which it intends to standardize. Many U.S. government agencies feel it will be necessary to use these algorithms and not to use the algorithms defined in Part III of this specification. As a separate but related matter, the U.S. government, along with other members of CoCom, prohibit the general export of software containing certain forms of cryptography. In particular, software containing DES for encryption is not generally exportable. Although software can be developed separately in some countries to avoid the export issue, a more general solution is to use a set of algorithms which are exportable. Export permission has been granted for various symmetric algorithms which are weaker than DES and for the use RSA with limits on the key size. Of particular note, the Software Publishers Association has reached agreement with the U.S. government for general export of software containing RC2 and RC4 with 40 bit keys and RSA with a limit of 512 bit keys when RSA is used for key exchange. (There is no limit when RSA is used only for signature and integrity.) RC2 and RC4 are symmetric key encryption algorithms developed by RSADSI and available under license. The U.S. government is now providing expedited processing of license requests for software that meets these terms. The pressure to use these alternative algorithms poses a challenge for our community and our standards process. The introduction of new algorithm requires substantial vetting to make sure it is technically sound. No complete methods exist for proving the soundness of a cryptographic algorithm, so this is necessarily a tedious and artful process. Moreover, the use of multiple algorithms within the same environment poses substantial compatibility problems. For these reasons, it is desirable to set a high threshold before admitting any additional algorithms onto the standards track. At the same time, the pressures to incorporate additional algorithms are already evident. Completely ignoring or prohibiting the use of alternative algorithms will not be a successful strategy. The Part III specification speaks to the issue of incorporation of additional algorithms into the standard and says such incorporation will be accomplished by issuing a successor document. Part III specification also addresses the interim development process by suggesting that alternative algorithms may be documented in Experimental or Prototype RFCs prior to adoption into the standard. As experience is gained, these protocols may be considered for incorporation into the standard. PATENT STATEMENT The IESG has reviewed the patent issues and will have the following text added to each of the RFC documents: This version of Privacy Enhanced Mail (PEM) relies on the use of patented public key encryption technology for authentication and encryption. The Internet Standards Process as defined in RFC 1310 requires a written statement from the Patent holder that a license will be made available to applicants under reasonable terms and conditions prior to approving a specification as a Proposed, Draft or Internet Standard. The Massachusetts Institute of Technology and the Board of Trustees of the Leland Stanford Junior University have granted Public Key Partners (PKP) exclusive sub-licensing rights to the following patents issued in the United States, and all of their corresponding foreign patents: Cryptographic Apparatus and Method ("Diffie-Hellman")............................... No. 4,200,770 Public Key Cryptographic Apparatus and Method ("Hellman-Merkle").................... No. 4,218,582 Cryptographic Communications System and Method ("RSA")................................... No. 4,405,829 Exponential Cryptographic Apparatus and Method ("Hellman-Pohlig").................... No. 4,424,414 These patents are stated by PKP to cover all known methods of practicing the art of Public Key encryption, including the variations collectively known as El Gamal. Public Key Partners has provided written assurance to the Internet Society that parties will be able to obtain, under reasonable, nondiscriminatory terms, the right to use the technology covered by these patents. This assurance is documented in RFC-1170 titled "Public Key Standards and Licenses". A copy of the written assurance dated April 20, 1990, may be obtained from the Internet Assigned Number Authority (IANA). The Internet Society, Internet Architecture Board, Internet Engineering Steering Group and the Corporation for National Research Initiatives take no position on the validity or scope of the patents and patent applications, nor on the appropriateness of the terms of the assurance. The Internet Society and other groups mentioned above have not made any determination as to any other intellectual property rights which may apply to the practice of this standard. Any further consideration of these matters is the user's own responsibility. Working Group Summary The PEM specifications originated with the Privacy and Security Research Group. As part of the transition of the specifications from research to standards track documents a Working Group within the IETF was created, which has met at each IETF since its creation. The documents have been available as an Internet Draft since at least September 1992 and represent the consensus of the Working Group. Protocol Quality Although each of the PEM specifications has a different editor, they have all cooperated to make the documents fit together as a set. They are well written, easy to understand, and provide enough background material to make them suitable for a security neophyte. At the time of the third publication of the specifications, three independent, interoperable implementations were known to exist. Currently, only two of those are aligned with the current version of the specifications. Greg Vaudreuil IESG Secretary ------- End of Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Fri, 29 Jan 93 13:05:37 PST To: cypherpunks Subject: RSA assurance referenced in PEM posting In-Reply-To: <9301291429.aa07535@IETF.CNRI.Reston.VA.US> Message-ID: <9301292105.AA11851@toad.com> MIME-Version: 1.0 Content-Type: text/plain Here is the RFC 1170 referred to in the posting about Privacy Enhanced Mail. I note that it only covers signatures, not key exchange. John Network Working Group R. Fougner Request for Comments: 1170 Public Key Partners January 1991 Public Key Standards and Licenses Status of this Memo This RFC is a public statement by Public Key Partners regarding Public Key Standards and Licenses. This memo is for informational use only, and does not constitute an Internet standard. Distribution of this memo is unlimited. Public Key Standards and Licenses The Massachusetts Institute of Technology and the Board of Trustees of the Leland Stanford Junior University have recently granted Public Key Partners exclusive sublicensing rights to the following patents registered in the United States, and all of their corresponding foreign patents: Cryptographic Apparatus and Method ("Diffie-Hellman")............................... No. 4,200,770 Public Key Cryptographic Apparatus and Method ("Hellman-Merkle").................... No. 4,218,582 Cryptographic Communications System and Method ("RSA")................................... No. 4,405,829 Exponential Cryptographic Apparatus and Method ("Hellman-Pohlig").................... No. 4,424,414 These patents cover all known methods of practicing the art of Public Key, including the variations collectively known as El Gamal. Due to the broad acceptance of RSA digital signatures throughout the international community, Public Key Partners strongly endorses its incorporations in a digital signature standard. We assure the interested parties that Public Key Partners will comply with all of the policies of ANSI and the IEEE concerning the availability of licenses to practice this art. Specifically, in support of any RSA signature standard which may be adopted, Public Key Partners hereby gives its assurance that licenses to practice RSA signatures will be available under reasonable terms and conditions on a non- discriminatory basis. Fougner [Page 1] RFC 1170 Public Key Standards and Licenses January 1991 We take this opportunity to thank all of those concerned for their collective efforts in making this technology readily available for commercial implementation. Public Key Partners By: Robert B. Fougner Director of Licensing Security Considerations This memo discusses fair access to the use of public key technology to implement security. Author's Address Robert B. Fougner Director of Licensing Public Key Partners 130 B Kifer Court Sunnyvale, CA 94086 Phone: (408) 735-6779 Fougner [Page 2] From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tribble@xanadu.com (E. Dean Tribble) Date: Fri, 29 Jan 93 13:25:39 PST To: uunet!alumni.cco.caltech.edu!hal@uunet.UU.NET Subject: Remailer abuse? In-Reply-To: <9301291807.AA08440@alumni.cco.caltech.edu> Message-ID: <9301292115.AA19024@xanadu.xanadu.com> MIME-Version: 1.0 Content-Type: text/plain Set up your remailer under an account named remailer so that you don't get such responses. Also, perhaps prepend to outgoing messages a note to the effect that they have been forwarded by you and that you know nothing of the contents. dean From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc.Ringuette@GS80.SP.CS.CMU.EDU Date: Fri, 29 Jan 93 13:19:44 PST To: cypherpunks@toad.com Subject: Re: OTP Generators Message-ID: <9301292119.AA12633@toad.com> MIME-Version: 1.0 Content-Type: text/plain Hal> Also, relying on a half-life calculation in which we wait a certain time Hal> interval, and see if there is a decay or not, won't be that accurate. Hal> If your time is off a little, it could bias the results. Hal> Tim May posted the best (IMO) fix for this. You collect bits in pairs; Hal> discard 00 and 11; for each 01 output a 0, for each 10 output a 1. This is better than nothing, but it doesn't completely fix the biased bit stream. For instance, if your detector typically has some runs of zeroes, then after a 10 sequence, a 01 sequence is more likely than another 10. I think that all schemes which rely on _single_ random events from a radioactive source are going to be very sensitive to tuning errors which will make their random bit streams biased and thus useless. Better is the following: select a time interval in which 100-1000 random events will occur. Count events in one of these time intervals and output the parity of the count. Repeat. If you ever detect fewer than 10 events in an interval, quit with an error. This method has the advantage that no "tuning" of the randomness source is necessary; you must only ensure that your time interval contains a lot of random events, so that there is no chance of a small drift in the random number source causing a corresponding failure in randomness. Another useful technique, if you're willing to trust crypto technology, is to compute MD5 hashes or DES encryptions of the bit stream. This will do a lot, actually. If your bits are already random, then applying a pseudo-random permutation can't hurt; but if you've been brain-dead somehow, it's a great insurance policy to apply a well-known scrambling algorithm to your bits. I wish we weren't just discussing hacks, though. I think I'll hunt for some theoretical results to make this more solid. -- Marc Ringuette (mnr@cs.cmu.edu) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Brad Huntting Date: Fri, 29 Jan 93 14:14:32 PST To: (L. Detweiler) Subject: Re: Is this true??? In-Reply-To: <9301291840.AA29938@longs.lance.colostate.edu> Message-ID: <199301292212.AA02949@misc.glarp.com> MIME-Version: 1.0 Content-Type: text/plain > First of all, the simple feasibility of such an operation must be > called into question. There is a tremendous amount of data going > over modems on public telephone lines. What is the chance that > even a small fraction could be monitored? (And an even more > infinitesmal fraction archived.) The intelgence community get's what it want's. If congress wont allocate the funds, they'll import drugs to pay for it. I dought they can keep everything on file, but they certainly filter for interesting data. > The claim has appeared here before that it is "trivial" for a > government agency to scan for interesting keywords and sort the data > based on that. But I think that even that would lead to loads of > irrelevant crap and require an army of intelligence agents to sort. > Where is this army? Fort Mead, MD. > Also, the claims in the letter are referring to public telephone > networks. Would this include all the networks comprising the Internet? > If so, this multiplies the data volume immensely. How could anyone > find anything useful in these massive streams? Granted, *very* > sensitive information is probably contained within it, but how the heck > could it be found efficiently? A recent issue of Communications of the ACM is dedicated to the issue of data filtering. People have been working on this technology for along time. It's very importaint in the information age to have all relivant information. > Regarding the claim that one major monitoring hub is code named > "elizabeth" in Boulder Colorado. There is a government standards > agency there, if I am not mistaken, I forget if it is NIST (?). Also, > the National Center for Oceanic Research, which has very tremendous > computing power (e.g. Cray YMP) is there also. In their tours they > show massive archival storage areas, which they say record major > amounts of global atmospheric data (e.g. temperatures, wind currents > > etc.) collected from satellites. These could conceivably be in part > "covers" but the idea is also rather unimaginable. Can anybody report > on agencies in the areas cited? There is the very specific claim of a > carrier in Columbus Ohio. That's National Center for _Atmosphearic_ research (the nearest ocean is 1300mi away), and it's so public there's probably no way it could be used for such a purpose. NIST and NOAA are also very open. However, we do have an FBI office here (I only know because a friend of mine works for a criminal defence lawyer located in the same building... briliant planing, no?). There are numerous warehouses in the east quarter any number of which could house a database like this. brad From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jay Prime Positive Date: Fri, 29 Jan 93 15:25:54 PST To: cypherpunks@toad.com Subject: Is this true??? In-Reply-To: <9301291840.AA29938@longs.lance.colostate.edu> Message-ID: <9301291524.aa22898@hermix.markv.com> MIME-Version: 1.0 Content-Type: text/plain >Under an obscure pre-WWII ruling by the agency that is now the FCC... >"No information may be encoded or transmitted over PUBLIC or PRIVATE >forms of telephony or radio with the exception of those agencies >involved in the National Security" a further designation goes on to >say "with the exception of the MORSE system of 'transmittal', any >communication that is not interpretable by the human ear is forbidden >and unlawful." As a liscenced ham (amature radio operator), kb6wct, I can assure you that the FCC allows transmissions other than phone, and morse code. Here are just a few -- rtty, ascii, spread spectrum, fax, sstv, and ntsc video. Hams can SEND all of these over the radio. There are still other information transmission systems in use by comercial interests. However, the FCC does in fact dissallow hams from transmitting in "any code or cypher with intent to obscure the content of the message." This allows all cryptographic authentication systems, but not encryption. j' From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: eichin@ATHENA.MIT.EDU ("Mark W. Eichin") Date: Fri, 29 Jan 93 12:43:44 PST To: cypherpunks@toad.com Subject: a "real world" anonymous service Message-ID: <9301292042.AA07489@tsx-11.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain Here's an interesting anonymous service that is almost in the real world (at least in the sense that Cable TV in general is more mainstream than most of what we do...) _Mark_ File: /afs/athena.mit.edu/activity/s/sctv/CROSSLINK.info What is CROSSLINK? ------------------ CROSSLINK is an anonymous message system run on MIT Student Cable TV-36. It provides an anonymous medium through which MIT students can say those things they might otherwise find difficult, inconvenient or impossible to say in person. It's also a way to send fun or totally random messages to your friends over the air. It is similar to the anonymous message pages found in many college newspapers, except that it's electronic in nature and it's free. What kind of messages can I put on CROSSLINK? --------------------------------------------- You can say whatever you want. Get out your frustration. Break the ice with that person you're too shy to approach. Try and re-establish contact with the unknown person you saw last night. Anything. Well, almost anything; CROSSLINK is bound by the rules prohibiting harassment at MIT. Please don't use racial, sexual, or gender-based slurs, because your message won't be run. You can say a lot without getting really nasty or lewd about it. Also, we won't run commercial or group advertisements. CROSSLINK is intended to be a personal messaging system, not a billboard. You can choose to sign your message however you wish (or not at all), but the recipient must not be identified by name. For instance, "E.M.", "that guy with the crewcut", or "the loser behind me in 6.002" are all perfectly acceptable ways to name your recipient, but "Eric McDonald" and "E. McDonald" are not. How often is CROSSLINK on the air? ---------------------------------- CROSSLINK is on MIT Channel 36 whenever there's empty air time. We don't have 24-hours of non-stop student programming every day, and we aren't always able to "hijack" the satellite signal, so CROSSLINK should be on most of the time. Who will see CROSSLINK? ----------------------- With over 4,000 cable outlets on and around campus, many many people can see your message on CROSSLINK. How long do CROSSLINK messages run? ----------------------------------- Unless you otherwise request, CROSSLINK messages will be run for about two days. How do I submit a message to CROSSLINK? --------------------------------------- You can drop off your message in one of two ways: 1) Write it down, fold the paper, write "CROSSLINK" on the outside, and slide it under the door to room 9-026 (or send it via inter- departmental mail). 2) Send it by email to crosslink@athena.mit.edu. We promise we won't make a note of who sent what message, and we'll erase all email after we've written down the messages. If you don't trust us, you can: use method #1, send it as root, or find a fake mail sender (but it's really not necessary). We're working on other means of delivery, but that's it for now. Remember: you may sign your message however you wish, and you need not sign it at all. For more information -------------------- This type of service is run successfully at colleges all over the country, and it can be fun to read the messages some people leave. If you want to find out more about CROSSLINK, please send email to crosslink@athena.mit.edu. - Eric McDonald CROSSLINK Manager From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Douglas Sinclair Date: Fri, 29 Jan 93 17:17:39 PST To: cypherpunks@toad.com Subject: Radioactive sources Message-ID: <9301300117.AA14374@acs1.acs.ucalgary.ca> MIME-Version: 1.0 Content-Type: text/plain Yup, the 3 microcurie source makes sense. With a pair of diodes we could make the detector 4 pi, but no big deal. 3 microcuries is not a problem health-wise as long as you don't eat it. As it's an alpha source, any shiledingor even a few centimeters of air will stop the rays. Howerver, I just encountered a new angle on it. According to my father, that's on the order of $100 worth of radium :(. If we're willing to go with a much slower source, we can use thorium which is only $2 per gram or so. Alternativly, anyone have an old clock with a radium dial? BTW: Cosmic ray background is only 1 event per square foot per minute. Plus, they occur in showers. So that isn't going to work. -- Vercotti: I was terrified of him. Everyone was terrified of Doug. I've seen grown men pull their own heads off rather than see Doug. Even Dinsdale was frightened of Doug. Interviewer: What did he do? Vercotti: He used sarcasm. He knew all the tricks, dramatic irony, metaphor, bathos, puns, parody, litotes and satire. -- Monty Python, Episode 14 PGP 2.1 Key by finger From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Fri, 29 Jan 93 11:14:07 PST To: Hal Finney Subject: Re: Remailer abuse? In-Reply-To: <9301291807.AA08440@alumni.cco.caltech.edu> Message-ID: <9301292044.aa10755@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > When the Pax remailer was shut down, I stopped keeping any logs of my > remailer operation. I felt that I did not want to provide information > that would be helpful to those forces which oppose information privacy. > Is someone using my remailer to send trash to innocent young girls? > I am uncomfortable to be facilitating this kind of activity. Can anyone > offer suggestions for the ethical thing to do in this situation? Well, you can't have your cake and eat it. I do know the dilemma you are facing, as I have to face the issue pretty regularily. Either you just provide the service without any regard for the contents, or keep logs and play police every now and then. With anon.penet.fi the choice is simple because the way the server works - there has to be a database mapping anon id's to real addresses, and anyway it is possible to flame orginators of abusive stuff without even knowing their true identity. But in the general case it is a pretty complicated ethical issue... Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl Barrus Date: Fri, 29 Jan 93 23:05:46 PST To: cypherpunks@toad.com Subject: randomness & 01/10 In-Reply-To: <9301292119.AA12633@toad.com> Message-ID: <199301300456.AA28331@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain >bit stream. For instance, if your detector typically has some runs of >zeroes, then after a 10 sequence, a 01 sequence is more likely than >another 10. But you are looking at the stream in pairs - so whether or not you see another 10 or 01 depends on whether there is an odd or even number of zeroes before the next one. /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: George A. Gleason Date: Sat, 30 Jan 93 02:08:20 PST To: dsinclai@acs.ucalgary.ca Subject: Re: Radioactive sources Message-ID: <199301301005.AA19123@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Radioactive sources: if you're interested in thorium, it can be found in Coleman lantern mantles: the little cloth bags you tie over the apertures in the lantern where the flame appears. These are apparently saturated with the stuff. I got the word from an engineer at a nuclear plant some years ago, and was able to verify it at least partially: a geiger counter held next to Coleman lantern mantles at the store got a very clear reading in the range of 20mR/hr. The counter I was using was not sensitive to alphas, so I presume it was getting betas. The thorium in the lantern mantles could presumably be extracted with hydrochloric acid or by some other means. Clearly not for the amateur, but something which could be done in a lab with appropriate precautions. -gg From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Tom Libert Date: Sat, 30 Jan 93 08:19:07 PST To: cypherpunks@toad.com Subject: Re: randomness Message-ID: <9301301619.AA09879@toad.com> MIME-Version: 1.0 Content-Type: text/plain For a cheap truly random number generator, bias a diode near the switch voltage (around .7V for silicon, if my hazy memory serves.) Take the result through an A/D converter. Should be Gaussian (or Poisson, I forget); you could generate a good approximation to a uniform distribution by inverting the source function (see e.g. Knuth, "Seminumerical Algorithms" for an algorithm for producing Gaussian variates from a pair of numbers drawn from a uniform distribution.) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: shipley@merde.dis.org Date: Sat, 30 Jan 93 14:54:43 PST To: toad.com!cypherpunks@soda.berkeley.edu Subject: party... Message-ID: <9301302241.AA01909@merde.dis.org> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- (This is not my house warming (yet).. so don't trash it) Deiodre Williams if having her B'day at my place. she would like to have ner and intresting people attend she is barrowing my house to throw a party. she is throwing this party on Jan 30th. she would like to see some new faces at this party (not just the berkeley regulars) Please call (510) 849-2230 if you have any questions map info: 2341 Spaulding Ave Berkeley Ca 94703-1627 the cross street is Channing Spaulding is one block above Sacramento Ave. and only gos between Dwight and Allston (it does not connect to Univ. Ave) ^ MLK way/Telegraph/Shattuck ave | <- university ave | | | | | | | | | | | | | | | | | | | | | | /-------+ +--- --------+ +--------------+ +-----+ _ _ _ California - - - - +--- --------+ +--------------+ +--------------+ | | | | | | | | | | | | | | | | | | | | | | | | | | | 3241 | | | | | | X |C | | | --------+B +--------------+h +--------------+D | a Spaulding a w | --------+n +--------------+n +--------------+i | |c | |n | |g | |r | |i | |h | |o | |n | |t | |f | |g | | | |t | | | |w | | | |w | |a | --------+w +-------------- a +--------------+y +---------- _ _ _ a _ _ _ _ _ _ y _ _ _ _ _ _ _ _ _ _ _ _ y Sacramento --------+ +--------------+ +--------------+ +---------- | | | | | | | | | | | | | | | | | | | . | ^ | . | My Place -> Take your favorite freeway to | | . | 580/Berkeley and get off at the U.C. | . | University ave off ramp and drive Campus | . | up toward U.C. Campus (stay in the | . | Gas right lane to be safe). 7/11 | . | Station +--------------+ +-------------- The Second major intersection should _ _ _ _ _ _ _ _ _ _ _ _ _ be Sacramento ave (~1 mile). Take a Sacramento right on to Sacramento and get into +--------------+ +-------------- the left lane (see map to the left) Gas |U . | Video Station |n . | Store At the next light take a left and |i . | drive one block then make a right <-- North |v . | onto Spaulding ave. Berkeley |e . | Bart |r . | I live at 3241 Spaulding, it is the Station |s . | 580 third house from Channing way, with |i . | | a red cracked drivway. (see other map) |t . | V |y . | In case you get lost my home number | . | is (510) 849-2230 - ------- End of Forwarded Message -----BEGIN PGP SIGNATURE----- Version: 2.1 iQBFAgUBK2sEL8hmn7GUWLLFAQHIQAF9FDQgyAvmf5bJVT6FWLlVI3BVYDB5a025 mGAOFlXJInUi7tmkGJavqu1enJ/g3MFE =IgCI -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Chael Hall) Date: Sat, 30 Jan 93 15:26:54 PST To: tribble@xanadu.com (E. Dean Tribble) Subject: Re: Remailer abuse? In-Reply-To: <9301292115.AA19024@xanadu.xanadu.com> Message-ID: <9301302324.AA01308@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain Dean writes: >Set up your remailer under an account named remailer so that you don't >get such responses. Also, perhaps prepend to outgoing messages a note >to the effect that they have been forwarded by you and that you know >nothing of the contents. I would append the note, because prepended text could screw up chaining of remailers. Chael Hall -- Chael Hall nowhere@bsu-cs.bsu.edu, 00CCHALL@LEO.BSUVC.BSU.EDU, CHALL@CLSV.Charon.BSU.Edu (317) 285-3648 after 5 pm EST From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@alumni.cco.caltech.edu Date: Sat, 30 Jan 93 19:15:46 PST To: cypherpunks@toad.com Subject: Remailer abuse Message-ID: <9301310317.AA22540@alumni.cco.caltech.edu> MIME-Version: 1.0 Content-Type: text/plain Thanks for the many suggestions posted here and sent privately to me about ways to deal with the possible use of my remailer to send abusive messages. I have taken two steps, and I could fairly easily take a third. First, I sent a letter to the girl who complained explaining that the message was not actually from me, that it was from an experimental remailing software package, and telling her to let me know if she got more objectionable messages. Second, I changed the header line inserted by my remailer to what you see above. (This message is being forwarded by my remailer.) Hopefully this will clue people in to what is happening. I didn't want to mess with the message body based on the discussion we have had here on that issue. I'd appreciate comments about the wording and appropriateness of the header line, if anyone can offer improvements. (As an unprivileged user of this system, I do not have the ability to create new accounts so that the message would appear to come from "remailer". The best I could do is get it into the From: line in the header, but my name still shows in the "out of band" From line which precedes the header.) What I could do, if more "problem" messages come through, is create a list of people _not_ to forward mail to. Some people have suggested the creation of a list not to forward mail _from_, but that is more difficult in an environment of chained remailers (since I can't always determine the message source). It should be pretty easy to check to see whether the destination of a remail request is on the list of people "not to be bothered", and to not send it in that case. We could even share this list among the various remailer operators. That does not require any collusion or message logging, and it seems like it should largely address the problem. Hal 74076.1041@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pmetzger@shearson.com (Perry E. Metzger) Date: Sat, 30 Jan 93 17:40:46 PST To: dsinclai@acs.ucalgary.ca Subject: Radioactive sources In-Reply-To: <9301300117.AA14374@acs1.acs.ucalgary.ca> Message-ID: <9301310121.AA16272@maggie.shearson.com> MIME-Version: 1.0 Content-Type: text/plain >From: Douglas Sinclair >Yup, the 3 microcurie source makes sense. With a pair of diodes we could >make the detector 4 pi, but no big deal. 3 microcuries is not a problem >health-wise as long as you don't eat it. As it's an alpha source, any shiledingor even a few centimeters of air will stop the rays. Howerver, I just encountered a new angle on it. According to my father, that's on the order of $100 >worth of radium :(. If we're willing to go with a much slower source, we can >use thorium which is only $2 per gram or so. Alternativly, anyone have >an old clock with a radium dial? >BTW: Cosmic ray background is only 1 event per square foot per minute. Plus, >they occur in showers. So that isn't going to work. Why not just go with the Newbridge Micro hardware RNG that we've discussed several times in the past? Its only $50 for a 20kbit/sec output rate. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Don Henson <72466.3616@CompuServe.COM> Date: Sat, 30 Jan 93 18:17:47 PST To: Subject: Remailer Abuse? Message-ID: <930131020759_72466.3616_EHB92-4@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain --> Is someone using my remailer to send trash to innocent young girls? I am uncomfortable to be facilitating this kind of activity. Can anyone offer suggestions for the ethical thing to do in this situation? Hal <-- You didn't say but I assume from the context that your remailer is anonymous. If that is the case, then you have a decision to make. You can either keep your remailer anonymous and not be concerned about what goes thru it or you can make it a moderated list so that you become responsible for everything that is posted. Which way do you want it? Don Henson PGP key available on request From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Don Henson <72466.3616@CompuServe.COM> Date: Sat, 30 Jan 93 18:18:49 PST To: Subject: MIME Message-ID: <930131020801_72466.3616_EHB92-5@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain One stupid question, please? What is MIME? Don Henson PGP key available on request From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Douglas Sinclair Date: Sat, 30 Jan 93 20:12:46 PST To: gg@well.sf.ca.us (George A. Gleason) Subject: Re: Radioactive sources In-Reply-To: <199301301005.AA19123@well.sf.ca.us> Message-ID: <9301310411.AA31726@acs1.acs.ucalgary.ca> MIME-Version: 1.0 Content-Type: text/plain Yes, you can get Thorium from lamp nets. A simpler way is to get it from welding rods. They are 40% thorium. More than one unsespecting lab technician has welded together an ultrasensitive detector with them, only to find it not working for some reason -- Vercotti: I was terrified of him. Everyone was terrified of Doug. I've seen grown men pull their own heads off rather than see Doug. Even Dinsdale was frightened of Doug. Interviewer: What did he do? Vercotti: He used sarcasm. He knew all the tricks, dramatic irony, metaphor, bathos, puns, parody, litotes and satire. -- Monty Python, Episode 14 PGP 2.1 Key by finger From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Douglas Sinclair Date: Sat, 30 Jan 93 20:17:04 PST To: libert@citi.umich.edu (Tom Libert) Subject: Re: randomness In-Reply-To: <9301301619.AA09879@toad.com> Message-ID: <9301310416.AA23281@acs1.acs.ucalgary.ca> MIME-Version: 1.0 Content-Type: text/plain Yes, I have heard of using diodes for white noise production. Hoewver, I am conserned as to the nature of this noise. Is it some property of the silicon or is it just amplified radio noise that is bringing the diode above threshold?? -- Vercotti: I was terrified of him. Everyone was terrified of Doug. I've seen grown men pull their own heads off rather than see Doug. Even Dinsdale was frightened of Doug. Interviewer: What did he do? Vercotti: He used sarcasm. He knew all the tricks, dramatic irony, metaphor, bathos, puns, parody, litotes and satire. -- Monty Python, Episode 14 PGP 2.1 Key by finger From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Sun, 31 Jan 93 01:08:50 PST To: shipley@merde.dis.org Subject: Re: party... In-Reply-To: <9301302241.AA01909@merde.dis.org> Message-ID: <9301311018.aa03334@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > Deiodre Williams if having her B'day at my place. > she would like to have ner and intresting people attend > she is barrowing my house to throw a party. > she is throwing this party on Jan 30th. > she would like to see some new faces at this party (not just the > berkeley regulars) Well, it would have been nice to attend, but... a) Because of time zone differences, it was already 0:41 on Sunday, Jan 31 out here at the time you sent your message b) There was no way I could get hold of my travel agent to get a flight ticket.. And the flight from Helsinki, Finland to SF is close to 11 hours anyway... Just a reminder that the net is a pretty global thing... Hope the party was fun! Julf "Oh so near to Russia, so far from Japan... Hai! Quite a long way from Cairo, lots of miles from Vietnam." (From "The Finland Song" by Monty Python). From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Tom Libert Date: Sun, 31 Jan 93 09:49:00 PST To: dsinclai@acs.ucalgary.ca Subject: Re: randomness Message-ID: <9301311748.AA08822@toad.com> MIME-Version: 1.0 Content-Type: text/plain Yes, I have heard of using diodes for white noise production. Hoewver, I am conserned as to the nature of this noise. Is it some property of the silicon or is it just amplified radio noise that is bringing the diode above threshold?? Fundamental property of the switch. If you bias a diode near the knee, random events at the quantum mechanical level can cause readily observable changes in the output potential. Recall that the diode does not conduct below the switch threshold, and conducts readily above it. But what happens AT the threshold? Thermal noise produces dramatic changes in the output. This approach has been used for years to produce "white" (or "pink") noise. I also believe (but am not certain) that electronic poker and bingo games also use this technique. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Brad Huntting Date: Sun, 31 Jan 93 12:23:10 PST To: Don Henson <72466.3616@compuserve.com> Subject: Re: MIME In-Reply-To: <930131020801_72466.3616_EHB92-5@CompuServe.COM> Message-ID: <199301312022.AA05273@misc.glarp.com> MIME-Version: 1.0 Content-Type: text/plain > One stupid question, please? What is MIME? Multipurpose Internet Mail Extension(s)... It provides a simple framework for sending typed body parts in RFC822 mail. One popular use for this is multimedia, but it can also be used to send binaries, references to ftp-able files, etc. It also provides an ideal framework for incorporating message encryption and authentication into rfc822 message. brad From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Shipley Date: Sun, 31 Jan 93 14:01:29 PST To: Don Henson <72466.3616@compuserve.com> Subject: Re: party... In-Reply-To: <930131192921_72466.3616_EHB35-1@CompuServe.COM> Message-ID: <9301312159.AA02274@edev0.TFS> MIME-Version: 1.0 Content-Type: text/plain > >Does this mean that all cypherpunks live in driving distance of Berkeley? If >so, I guess I'd better unsubscribe fast since I live in Hawaii. Be a bit of >drive from there, eh? > When I sent the invite to the list I knew that there were many that do not live within traveling distance. But since there are there are a few in the area I thought it would be a good opportunity to meet a few of the locals (and trade keys). PS: ther party went very well and I did get a chance to meet a few more people from this list. -Pete From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Don Henson <72466.3616@CompuServe.COM> Date: Sun, 31 Jan 93 11:38:41 PST To: Subject: party... Message-ID: <930131192921_72466.3616_EHB35-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain --> she would like to see some new faces at this party (not just the berkeley regulars) <-- Does this mean that all cypherpunks live in driving distance of Berkeley? If so, I guess I'd better unsubscribe fast since I live in Hawaii. Be a bit of drive from there, eh? Don Henson PGP key available on request P.S. Happy Birthday From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: henry strickland Date: Sun, 31 Jan 93 14:50:27 PST To: cypherpunks@toad.com Subject: Re: party... In-Reply-To: <9301312159.AA02274@edev0.TFS> Message-ID: <9301312255.AA23576@versant.com> MIME-Version: 1.0 Content-Type: text/plain # PS: ther party went very well and I did get a chance to meet a few more # people from this list. I also made it to the party, and would not have, had it not been for the announcement on cypherpunks. Please do make announcements ... and leave it for individual punks to decide how far they should drive, fly, swim, etc. for a party! ( It took me two trains, one bus, and a seven block walk. ) strick strick@osc.versant.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: shipley@dis.org Date: Sun, 31 Jan 93 16:01:44 PST To: cypherpunks@toad.com Subject: Re: party... Message-ID: <9301312352.AA04056@merde.dis.org> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- ># PS: ther party went very well and I did get a chance to meet a few more ># people from this list. > >I also made it to the party, and would not have, had it not been for >the announcement on cypherpunks. Please do make announcements ... and >leave it for individual punks to decide how far they should drive, fly, >swim, etc. for a party! ( It took me two trains, one bus, and a seven >block walk. ) I run a party mailing list if anyone is intrested, anyone holding a party can email a invite to it the address is "ba-party@utter.dis.org" for those in Santa Curz there is a mailing list called "party@amory.com" email me if anyone is intrested ba-party. -Pete PS: henry, I added you to the list already. PPS: enough of this non-pgp stuff, anyone want to help me setup a remailer on my home systems? -----BEGIN PGP SIGNATURE----- Version: 2.1 iQBFAgUBK2xmTMhmn7GUWLLFAQEeEgF9EVFsIj8VA/zX4a8ycRppfyutsPO4shBQ 7L+FblZU7nL2ASYSmtVqQ4lu55SL35VB =qYGx -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl Barrus Date: Sun, 31 Jan 93 15:56:29 PST To: Eric.K.Kuecherer@Dartmouth.EDU Subject: Yes In-Reply-To: <2622117@blitzen.Dartmouth.EDU> Message-ID: <199301312355.AA00130@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain >Is this real? >-kuech- Yes, this is the cypherpunk mailing list. Subscribe by sending a note to cypherpunks-request@toad.com /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric.K.Kuecherer@Dartmouth.EDU Date: Sun, 31 Jan 93 15:41:10 PST To: cypherpunks@toad.com) Subject: No Subject Message-ID: <2622117@blitzen.Dartmouth.EDU> MIME-Version: 1.0 Content-Type: text/plain Is this real? -kuech- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tony@morgan.demon.co.uk (Tony Kidson) Date: Sun, 31 Jan 93 14:00:56 PST To: cypherpunks@toad.com Subject: Re: Remailer Abuse? Message-ID: <1883@morgan.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain In message <930131020759_72466.3616_EHB92-4@CompuServe.COM> you write: > --> > > Is someone using my remailer to send trash to innocent young girls? > I am uncomfortable to be facilitating this kind of activity. Can anyone > offer suggestions for the ethical thing to do in this situation? > > Hal > > <-- > > You didn't say but I assume from the context that your remailer is anonymous. > If that is the case, then you have a decision to make. You can either keep > your remailer anonymous and not be concerned about what goes thru it or you can > make it a moderated list so that you become responsible for everything that is > posted. Which way do you want it? Not necessarily. Surely, he can keep logs for a limited period. If no complaint arrives, discard the logs. If anybody complains, pass it on with endorsement if necessary. Also, put a disclaimer in your mail, that you are not responsible for the opinions expressed. Tony +-----------------+-------------------------------+--------------------------+ | Tony Kidson |`morgan' is an 8MB 486/33 Cat-| Voice +44 81 466 5127 | | Morgan Towers, |Warmer with a 670 MB Hard Disk.| E-Mail | | Morgan Road, |It resides at Morgan Towers in| tony@morgan.demon.co.uk | | Bromley, |Beautiful Down Town Bromley. | tny@cix.compulink.co.uk | | England BR1 3QE |Honda ST1100 ==*== DoD# 0801 | 100024.301@compuserve.com| +=================+===============================+==========================+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: shipley@dis.org Date: Mon, 1 Feb 93 04:30:16 PST To: cypherpunks@toad.com Subject: mh wrappers for pgp. Message-ID: <9302011223.AA06080@merde.dis.org> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- #!/usr/local/bin/tperl4.010 #!/usr/local/bin/perl # pgpedit V1.0 # Mon Feb 1 04:10:42 PST 1993 # Peter Shipley (shipley@utter.dis.org -or- shipley@berkeley.edu) # to install (mh instructions) # place this script in your path (eg ~/bin) # create few links: # # ln -s /usr/local/mh/bin/repl ~/bin/pgprepl # ln -s /usr/local/mh/bin/comp ~/bin/pgpcomp # # Add the following to your .mh_profile: # # pgprepl: -editor pgpedit # pgpcomp: -editor pgpedit # # To use just use the commands pgprepl or pgpcomp instead of repl or comp # require "sys/wait.ph"; #custom stuff here #default editor $defaulteditor="/usr/ucb/vi"; $pgpcommand="/usr/local/bin/pgp -sta +clearsig=on"; $debug=0; #test the arg count die "bad argument count" if ($#ARGV > 0); #set the umask to something really paranoid umask(07177); #set the path if there is not one $ENV{'PATH'} = '/bin:/usr/ucp:/usr/bin' unless $ENV{'PATH'}; # get the editor if ($ENV{'VISUAL'}) { $editor=$ENV{'VISUAL'} ; } elsif ($ENV{'EDITOR'}) { $editor=$ENV{'EDITOR'} ; } else { $editor = $defaulteditor; } $editor = $defaulteditor if $editor =~ /pgpedit/ ; # prepare the file. &prepfile($ARGV[0]); # run the editor &runeditor($ARGV[0]); # have pgp sign the file &SignMailFile($ARGV[0]); # the end exit 0; sub SignMailFile { local($INPUT) = @_; local($BODY) = "/tmp/pgp$$.body"; local($PGPBODY) = "$BODY".".asc"; print "$INPUT \n" if ($debug); open(INPUT, "+>>$INPUT" ) || die "failed to open $INPUT: $!\n"; seek(INPUT,0, 0); open(BODY, "+>$BODY") || die "failed to open $BODY: $!\n"; select(BODY); $| = 1; select(STDOUT); line: while () { if (/^--------/) { $where = tell; last; } } print STDERR "$BODY \n" if ($debug); while () { print BODY $_; } print STDERR "$pgpcommand $BODY\n" if ($debug); `$pgpcommand $BODY`; truncate(BODY, 0); unlink($BODY); close(BODY); open(PGPBODY) || die "failed to open $PGPBODY: $!\n"; truncate(INPUT,$where) || warn "failed to truncate file $FILE: $!\n"; seek(INPUT,$where,0); print INPUT "\n\n"; print INPUT ; truncate(PGPBODY, 0); unlink($PGPBODY); close(PGPBODY); return; } sub prepfile { local($FILE) = @_; local(@data); open(FILE, "+>>$FILE" ) || die "failed to open $FILE: $!\n"; seek(FILE, 0, 0); while() { push (@data, $_); last if ( /^--------/ ); } # push (@data, "\n\n\n"); while() { last if (/^-----BEGIN PGP SIGNED MESSAGE-----/); } if( !eof(FILE) ) { while() { last if (/^-----BEGIN PGP SIGNATURE-----/); push (@data , $_); } seek(FILE, 0, 0); truncate(FILE, 0); print FILE @data; } close(FILE); return; } sub runeditor { local($file) = @_; local($pid); FORK: { if ($pid = fork) { wait; } elsif (defined $pid) { # $pid is zero here if defined exec "$editor $file"; } elsif ($! =~ /No more process/) { # EAGAIN, supposedly recoverable fork error sleep 5; redo FORK; } else { # weird fork error die "Can't fork: $!\n"; } } return; } -----BEGIN PGP SIGNATURE----- Version: 2.1 iQBFAgUBK20WHMhmn7GUWLLFAQFBawF6AuCjRKbZQcAM1NFXwrYO1MLmTvPcV7FC loRe/LqIoNwMST9sKfDFNSBoKmvCEaaB =Cjuz -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Mon, 1 Feb 93 10:53:30 PST To: deltorto@aol.com Subject: Eudora mail reader for the Macintosh Message-ID: <9302011849.AA21976@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain (I wrote this as a reply to Dave Deltorto, then realized there may be other Mac-using cypherpunks for whom this might be useful.) Meta-message to list: I propose a brief AGENDA ITEM on mail readers like Eudora and the DOS versions, as part of our understanding of what mail readers are out there and what may need to be hacked to incorporate PGP. RIPEM, etc. I'll speak very briefly on Eudora, and others can speak on others readers. How's this sound? Dave Deltorto writes: (part of some e-mail we exchanged....nothing sensitive, so I hope Dave doesn't mind me quoting it and distributing it to the List.) BTW, Dave is referring to my "Top Ten Reasons I Don't Use PGP" article I sent out to this list a few months back and which I forwarded to him recently. >Listen, in case I didn't mention this, I DID enjoy your Top Ten spoof, and I >sort of figured that by now you had the MacPGP (do you have the .73 beta?). I have the 0.5.3 version, which seems to work OK. Eudora (the mail reader program) has made reading PGP messages much easier--I automatically get all my mail, cut the PGP messages into the clipboard, insert them into Vantage (a text editor), rename them "message.asc", close the file, then tell MacPGP to decrypt them. Seems to work, and is a whole lot better than having to zmodem each file individually! (In case you're wondering, the combination of NETCOM, Emacs, etc. would not allow me to cut-and-paste into or out of the editor, hence the need to zmodem the files back to my home machine. Eudora takes care of all of this! I wrote, and then Dave replied: >>>By the way, I've been using "Eudora," an automated mail delivery and >>>retrieval system for the Mac. If you're interested, I can show it to you at >>>the next Cypherpunks meeting. > >Yes, I am very interested in Eudora. Could I use it to automatically gather >my Internet mail off the Well? I don't know anything about it, so that may be >a dumb question, but I look forward to meeting you at the next meeting where >you can clue me in and show it to me. I'll bring a copy of Eudora 1.3b119 to the next meeting (Feb. 13th). I had to ResEdit some stuff to make it work with NETCOM, with the help of a friend. Stuff like login name, location of the POP server, and expected responses. Getting it to work on the W.E.L.L. may take some hacking, but I'm sure it'll work. (NETCOM is a wonderful service, though, and you should seriously consider using it instead of the W.E.L.L....fixed monthly fee for unlimited use. If you're within one of the many POPs (points of presence, not to be confused with the "Post Office Protocol" cited above!) in the Bay Area (or L.A., Seattle, Portland, Sacramento, etc.), the connections are free. Also, you get 5 MB of storage for files, buffer space, etc., instead of the measly W.E.L.L. allotment.) -Tim -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: waiting for the dust to settle. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: John W Noerenberg Date: Mon, 1 Feb 93 11:23:40 PST To: tcmay@netcom.com (Timothy C. May) Subject: Re: Eudora mail reader for the Macintosh Message-ID: <9302011922.AA19052@harvey> MIME-Version: 1.0 Content-Type: text/plain At 10:49 AM 2/1/93 -0800, Timothy C. May wrote: > >I'll bring a copy of Eudora 1.3b119 to the next meeting (Feb. 13th). I had >to ResEdit some stuff to make it work with NETCOM, with the help of a >friend. Stuff like login name, location of the POP server, and expected >responses. Getting it to work on the W.E.L.L. may take some hacking, but >I'm sure it'll work. The official release of 1.3 should be available from our ftp site on the 3rd. That's the day we are scheduled to go golden with the PC and Mac verisons. There will be other ftp sites as well. Send a note to eudora-info@qualcomm.com for our canned reply. john noerenberg jwn2@qualcomm.com noerenberg.j (Applelink) =========================================================== That which has always been accepted by everyone, everwhere, is almost certain to be false. -- John Millington Synge "Tel Quel" [1943] =========================================================== From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pfarrell@cs.gmu.edu (Pat Farrell) Date: Mon, 1 Feb 93 12:05:13 PST To: cypherpunks@toad.com Subject: MAILreaders: NUpop Message-ID: <9302012000.AA19337@cs.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain I've been playing with NUpop, (a PC program) and am impressed with it. It would help bring PGP to the masses, except that currently the source is not available. The author says that supporting external filter programs is on his list, but it is a long list. The home FTP site for nupop is casbah.acns.nwu.edu in the /pub/nupop directory. Current field release is nupop103.zip, with nupop110.zip in 'beta' stages. It is widely available - ask archie. While I really like NUpop, unless the sources become available, or the priority of external filters gets higher on the list, we need to look elseware. Can someone with experience with Eudora for the PC give a short review? Thanks Pat Pat Farrell, Grad Student pfarrell@cs.gmu.edu Department of Computer Science, George Mason University, Fairfax, VA PGP key available via finger or request #include standard.disclaimer From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Mon, 1 Feb 93 16:04:42 PST To: nowhere@bsu-cs.bsu.edu Subject: Remailer abuse? In-Reply-To: <9301302324.AA01308@bsu-cs.bsu.edu> Message-ID: <9302020002.AA18305@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Re: adding notes indicating remailing. There is a standard RFC-822 field, Comment, which would be perfect for just such an application. The original remailer I wrote added the header field Remailed-By to indicate this. You could also use another standard 822 field, Sender, as follows: Sender: anonymous remailing service Either way, the note goes in the header, where it can be seen or stripped, but in any case handled without munging the message body. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Brad Huntting Date: Mon, 1 Feb 93 16:41:08 PST To: Eric Hughes Subject: Re: Remailer abuse? In-Reply-To: <9302020002.AA18305@soda.berkeley.edu> Message-ID: <199302020039.AA00440@misc.glarp.com> MIME-Version: 1.0 Content-Type: text/plain > The original remailer I wrote added the header field Remailed-By to indicate this. Custom headers in RFC822 messages must begin with "X-". Making up new headers that dont begin with "X-" is unnessary and violates the standard. > You could also use another standard 822 field, Sender, as follows: > Sender: anonymous remailing service Unfortunatly, some broken mail user agents reply to "Sender" instead of "From" or "Reply-To" (which also violates the standard). brad From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com (Bill Stewart +1-908-949-0705 wcs@anchor.ho.att.com) Date: Mon, 1 Feb 93 17:37:37 PST To: cypherpunks@toad.com Subject: Re: turning on yourself during car stops Message-ID: <9302020136.AA03738@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text > >From: Peter Honeyman > >i believe there is a special exception related to automobiles > >that makes them subject to search without a warrant when the > >driver is placed under arrest. but check with a lawyer. Just be sure not to get out of your car - there are different rules that apply to cars without occupants in them, though your state's rules may vary. But it's much better to avoid getting to that stage. Be friendly in your non-cooperation, and if a hostile-looking cop wants to see whether your papers are in order, give him your license, registration, insurance papers, *and* your ACLU card ("Don't leave home without it"). As a friend of mine says to cops, "If you've got a legal right to search my car, I'm sure you will, but if you need my permission, you don't have it." Of course, this is no longer really cypherpunks material, just regular punks :-) Bill Stewart, somewhere in New Jersey From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: phr@napa.Telebit.COM (Paul Rubin) Date: Mon, 1 Feb 93 21:54:00 PST To: cypherpunks@toad.com Subject: DES flushed from numerical recipes Message-ID: <9302020552.AA00120@napa.TELEBIT.COM> MIME-Version: 1.0 Content-Type: text/plain Fans of the Numerical Recipes book might like to know there's a second edition out. It includes quite a few improvements, and a much expanded chapter on random number generation. However, the DES routine from the first edition has been flushed on the grounds that it was too slow to be useful as an RNG. Oh well. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@soda.berkeley.edu Date: Mon, 1 Feb 93 22:35:41 PST To: cypherpunks@toad.com Subject: Remailer abuse Message-ID: <9302020633.AA16727@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- From: Brad Huntting > Custom headers in RFC822 messages must begin with "X-". Making up > new headers that dont begin with "X-" is unnessary and violates > the standard. What RFC 822 actually says is this: 4.7.4. EXTENSION-FIELD A limited number of common fields have been defined in this document. As network mail requirements dictate, additional fields may be standardized. To provide user-defined fields with a measure of safety, in name selection, such extension-fields will never have names that begin with the string "X-". Names of Extension-fields are registered with the Network Information Center, SRI International, Menlo Park, California. 4.7.5. USER-DEFINED-FIELD Individual users of network mail are free to define and use additional header fields. Such fields must have names which are not already used in the current specification or in any definitions of extension-fields, and the overall syntax of these user-defined-fields must conform to this specification's rules for delimiting and folding fields. Due to the extension-field publishing process, the name of a user-defined-field may be pre-empted. Note: The prefatory string "X-" will never be used in the names of Extension-fields. This provides user-defined fields with a protected set of names. I must say, this is a refreshingly non-facist RFC. There are few of the prohibitions which we are accustomed to seeing in these "laws of the net". In particular, users can use any header fields they want, as long as they aren't already used; they only risk being made obsolete if their chosen field names become used. That's why people use X-. Hal 74076.1041@compuserve.com -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK23k7agTA69YIUw3AQFUTAP/UScvi9FOj4o31sjsqmz/xIJ90KB7WnK5 8m4yKX/p46IbH9+FhSvgBfURokh7+dSk91+GR6NPM/4rXEm+5aMbee6uuMsJaTF/ qPmmen1JnvtabTZi9s0HeQ2frqK7kolr0GIair7U8CiPhX1QVNx0IwzYB6g9YQmP Zv84fGUzGEw= =U54Y -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ghabrech@ultrix.ramapo.edu (The Knight of Ni) Date: Mon, 1 Feb 93 23:34:20 PST To: julf@penet.fi Subject: Re: Remailer abuse? Message-ID: <9302020736.AA25954@ultrix.ramapo.edu> MIME-Version: 1.0 Content-Type: text/plain just got a ton of mail regarding the Remailer abuse. This wouldn't have anything to do with the loophole in the telnet sendmail port (25) would it. Thanx, Ghabrech@ultrix.ramapo.edu P.S. I heard that PGP version 2.1 was out. I used gopher but could not find it. Which sites would have it? Thanx again, L8R From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Mon, 1 Feb 93 23:19:13 PST To: Brad Huntting Subject: Re: Remailer abuse? In-Reply-To: <199302020039.AA00440@misc.glarp.com> Message-ID: <9302020824.aa17567@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > > You could also use another standard 822 field, Sender, as follows: > > > Sender: anonymous remailing service > > Unfortunatly, some broken mail user agents reply to "Sender" instead > of "From" or "Reply-To" (which also violates the standard). Right. I am using this method on anon.penet.fi, and get *lots* of incorrectly addressed stuff sent to the administrator because of this. The worst culprits seem to be the BITNET LISTSERV (oh no, not again!), VMS Mail-32 or DECMail or whatever, and elm/pine... There was actually a case of a interaction of VMS mail and CC:mail that caused the final recipient to *only* get the "Sender:" field, not the "From:" field... Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: hkhenson@cup.portal.com Date: Tue, 2 Feb 93 11:22:11 PST To: extropians@gnu.ai.mit.edu Subject: NEWS! Steve Jackson case Message-ID: <9302021032.1.23048@cup.portal.com> MIME-Version: 1.0 Content-Type: text/plain I pulled this off comp.org.eff.news. I imagine many of you on both the extropian and cypherpunk list have been following this, but since there was no mention . . . . It is related to extropians because Steve is an Alcor member and Alcor once had similar problems (we sued the county using the same statute because our BBS was taken without a proper warrant and got $30k in an out of court settlement.) This is a report of day three of the trial which ended last week. There is more on the other two days posted in comp.org.eff.talk. Enjoy. Thanks to wixer!pacoid@cs.utexas.edu (Paco Xander Nathan) for posting, Joe Abernathy for excellent reporting, *many* thanks to EFF and especially John Gilmore (EFF founder and owner of toad.com--home of the cypherpunks list) and congratulations to Steve Jackson! Keith Henson ------- Steve Jackson Games/Secret Service wrapup By JOE ABERNATHY Copyright 1993, Houston Chronicle AUSTIN -- An electronic civil rights case against the Secret Service closed Thursday with a clear statement by federal District Judge Sam Sparks that the Service failed to conduct a proper investigation in a notorious computer crime crackdown, and went too far in retaining custody of seized equipment. The judge's formal findings in the complex case, which will likely set new legal precedents, won't be returned until later. A packed courtroom sat on the edge of the seat Thursday morning as Sparks subjected the Secret Service agent in charge of the investigation to a grueling dressing-down. The judge's rebuke apparently convinced the Department of Justice to close its defense after calling only that one of the several government witnesses on hand. Attorney Mark Battan entered subdued testimony seeking to limit the award of monetary damages. Secret Service Special Agent Timothy Foley of Chicago, who was in charge of three Austin computer search-and-seizures on March 1, 1990, that led to the lawsuit, stoically endured Spark's rebuke over the Service's poor investigation and abusive computer seizure policies. While the Service has seized dozens of computers since the crackdown began in 1990, this is the first case to challenge the practice. "The Secret Service didn't do a good job in this case. We know no investigation took place. Nobody ever gave any concern as to whether (legal) statutes were involved. We know there was damage," Sparks said in weighing damages. The lawsuit, brought by Steve Jackson Games of Austin, said that the seizure of three computers violated the Privacy Protection Act, which provides First Amendment protections against seizing a publisher's works in progress. The lawsuit further said that since one of the computers was being used to run a bulletin board system containing private electronic mail, the seizure violated the Electronic Communications Privacy Act in regards to the 388 callers of the Illuminati BBS. Sparks grew visibly angry when it was established that the Austin science fiction magazine and game book publisher was never suspected of a crime, and that agents did not do even marginal research to establish a criminal connection between the firm and the suspected illegal activities of an employee, or to determine that the company was a publisher. Indeed, agents testified that they were not even trained in the Privacy Protection Act at the special Secret Service school on computer crime. "How long would it have taken you, Mr. Foley, to find out what Steve Jackson Games did, what it was?" asked Sparks. "An hour? "Was there any reason why, on March 2, you could not return to Steve Jackson Games a copy, in floppy disk form, of everything taken? "Did you read the article in Business Week magazine where it had a picture of Steve Jackson -- a law-abiding, tax-paying citizen -- saying he was a computer crime suspect? "Did it ever occur to you, Mr. Foley, that seizing this material could harm Steve Jackson economically?" Foley replied, "No, sir," but the judge offered his own answer. "You actually did, you just had no idea anybody would actually go out and hire a lawyer and sue you." More than $200,000 has been spent by the Electronic Frontier Foundation in bringing the case to trial. The EFF was founded by Mitchell Kapor amid a civil liberties movement sparked in large part by the Secret Service computer crime crackdown. "The dressing-down of the Secret Service for their behavior is a major vindication of what we've been saying all along, which is that there were outrageous actions taken against Steve Jackson that hurt his business and sent a chilling effect to everyone using bulletin boards, and that there were larger principles at stake," said Kapor, contacted at his Cambridge, Mass., office. "We're very happy with the way the case came out," said Shari Steele, who attended the case as counsel for the EFF. "That session with the judge and Tim Foley is what a lawyer dreams about." That session seemed triggered by a riveting cross-examination of Foley by Pete Kennedy, Jackson's attorney. Kennedy forced Foley to admit that the search warrant did not meet even the Service's own standards for a search-and-seizure, and did not establish that Jackson Games was suspected of being involved in any illegal activity. "Agent Foley, it's been almost three years. Has Chris Goggans been indicted? Has Loyd Blankenship been indicted? Has Loyd Blankenship's computer been returned to him?" The purported membership of Jackson Games employee Blankenship in the Legion of Doom hacker's group triggered the raids that day on Jackson Games, Blankenship's home, and that of Goggans, a Houstonian who at the time was a University of Texas student. No charges have been filed, although the computer seized from Blankenship's home -- containing his wife's dissertation -- never has been returned. After the cross-examination, Sparks questioned Foley on a number of key details before and after the raid, focusing on the holes in the search warrant, why Jackson was not allowed to copy his work in progress after it was seized, and why his computers were not returned after the Secret Service analyzed them, a process completed before the end of March. "The examination took seven days, but you didn't give Steve Jackson's computers back for three months. Why?" asked an incredulous Sparks. "So here you are, with three computers, 300 floppy disks, an owner who was asking for it back, his attorney calling you, and what I want to know is why copies of everything couldn't be given back in days. Not months. Days. "That's what makes you mad about this case." The Justice Department contended that Jackson Games is a manufacturer, and that only journalistic organizations can call upon the Privacy Protection Act. It contended that the ECPA was not violated because electronic mail is not "intercepted" when a BBS is seized. This argument rests on a narrow definition of interception. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: eric@synopsys.com Date: Tue, 2 Feb 93 11:43:39 PST To: cypherpunks@toad.com Subject: Re: Remailer abuse Message-ID: <199302021942.AA14986@gaea> MIME-Version: 1.0 Content-Type: text/plain Nobody (well, actually Hal) writes: >> What I could do, if more "problem" messages come through, is create a >> list of people _not_ to forward mail to. >> >> Hal >> 74076.1041@compuserve.com Another suggestion is to invert this: create a list of addresses that the remailer WILL send mail to. But, that's STUPID, you say. Well, maybe, but I don't think so. It is, however, sneaky. If you run a remailer, you should be registered with other remailers so they can use you to forward stuff. This places you on thier list of OK places to remail stuff to. Remailers should exchange these lists to keep them up to date. This, of course, encourages people to run remailers, which is what we want. It also silences any objections from people concerning anonymous abuse, since you have to explicitly ask for anonymous mail by running a remailer. One problem this doesn't solve is how to send anonymous mail to someone who hasn't registered, since that's exactly what we're trying to avoid. Someone could offer a human remailing service which moderated the messages it sent through. Using such a service, you could request someone to run a remailer. A cheaper service could just send a standard message to an address that you send to it. In all these cases, the service provider is responsible for the content of the messages sent out, and consequently would want to be very conservative. -eric messick P.S. Note the change in my address. I've just changed jobs and am now eric@synopsys.com. All my old addresses (eric@parallax.com, eric@toad.com) forward. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Don Henson <72466.3616@CompuServe.COM> Date: Tue, 2 Feb 93 10:43:17 PST To: Subject: Is this real? Message-ID: <930202183156_72466.3616_EHB40-5@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain --> Is this real? -kuech- <-- Is what real? Don Henson PGP key available on request From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fnordbox!loydb@cs.utexas.edu (Loyd Blankenship) Date: Tue, 2 Feb 93 15:44:06 PST To: cypherpunks@toad.com Subject: Re: NEWS! Steve Jackson case Message-ID: <9302022204.AA00avp@fnordbox.UUCP> MIME-Version: 1.0 Content-Type: text/plain :"How long would it have taken you, Mr. Foley, to find out what Steve :Jackson Games did, what it was?" asked Sparks. "An hour? : :"Was there any reason why, on March 2, you could not return to Steve :Jackson Games a copy, in floppy disk form, of everything taken? : :"Did you read the article in Business Week magazine where it had a :picture of Steve Jackson -- a law-abiding, tax-paying citizen -- :saying he was a computer crime suspect? : :"Did it ever occur to you, Mr. Foley, that seizing this material could :harm Steve Jackson economically?" : :Foley replied, "No, sir," but the judge offered his own answer. : :"You actually did, you just had no idea anybody would actually go out :and hire a lawyer and sue you." This particular exchange makes me warm & tingly inside... :-) :"Agent Foley, it's been almost three years. Has Chris Goggans been :indicted? Has Loyd Blankenship been indicted? Has Loyd Blankenship's :computer been returned to him?" No, it hasn't. Hopefully this will motivate them to return it. While I can't get too excited about the then state-of-the-art 286 system, I'd *really* like the laser printer back, and Whitney wants her papers returned. Loyd *************************************************************************** * loydb@fnordbox.UUCP Call the Fnordbox BBS * Loyd Blankenship * * GEnie: SJGAMES 2 v32bis lines, 24 hrs * PO Box 18957 * * Compu$erve: [73407,515] 512/444-2323 * Austin, TX 78760 * * cs.utexas.edu!dogface!fnordbox!loydb * 512/447-7866 * *************************************************************************** From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: maloned@ul.ie (Declan Malone) Date: Wed, 3 Feb 93 01:17:07 PST To: cypherpunks@toad.com Subject: No Subject Message-ID: <9302021905.AA24282@itdsrv1.ul.ie> MIME-Version: 1.0 Content-Type: text/plain subscribe Declan Malone thanks you. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 2 Feb 93 19:20:21 PST To: cypherpunks@toad.com Subject: mail policy In-Reply-To: <9302020633.AA16727@soda.berkeley.edu> Message-ID: <9302030317.AA06908@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Brad: >> Custom headers in RFC822 messages must begin with "X-". As Hal points out, this is not true. Hal: >In particular, users can use any header fields they want, >as long as they aren't already used; they only risk being made obsolete >if their chosen field names become used. Let me make this point explicit, in case I haven't done so recently. Anonymity and pseudonymity should be standard features of electronic mail systems. When I first picked the names for the header fields, I read RFC-822 carefully, and specifically chose *not* to use X- extension headers. I fully intend to write an RFC, an extension to RFC-822, which describes the syntax and semantics of anonymous/pseudonymous mail messages. There will likely be another describing the operation of a "standard remailer." (A note about MIME: I'm talking about the transport system here, underneath the layers that MIME puts on. At least that's the idea.) The current policies favoring named mail originate in the conflation of two notions of security. The first, delivery security, is that the mail be delivered correctly, i.e., delivered at all, to the correct person, in a timely fashion, without alteration of the contents. The second, liability security, is that the provider of mail not be held liable for content. The provider removes liability by transferring it to the sender of the message, who must therefore remain named. One goal of remailer work is to cleave these two notions apart. A provider of email services should be responsible for accurate and timely delivery, but should have no concern for or hand in content. The service that the provider is offering is just that, computer services. It is not monitoring, not oversight, and not censorship. Just as the phone company provides a communication channel on which I may put whatever content I desire, so should any e-mail system offer a communication channel and only a communication channel. The origin, I believe, of this confusion is that e-mail systems were by and large developed for internal uses and not for the open market. That internal use, broadly conceived, might be for the military, for academic research, or for intra-corporate memos. In other words these systems were provided (mostly) free of incremental charge to the users. In this environment, where service is being provided by context, it was the legitimate concern that the provider might be held liable, since the provider, in some strong sense, had caused the service to exist in the first place. When the social structures and situations or e-mail communications were all so similar, this system worked out fine. Today, however, people seek out e-mail services for their direct utility. These people often have no prior relation with their service provider; indeed, they wish not to be tied to a particular provider as a guard lest the quality of the service suffer. These people pay for service themselves, typically. And hence the separation between liability security and delivery security is complete. I want to buy common carriers of e-mail. I want bit pipes. (Or, perhaps, in the e-mail world, bit bucket brigades.) But the standards of yesteryear are still with us. The structure of named mail persists. We are changing that. We do not wish to remain skulking in the corners of respectability. We want to be standard. We want the standards, too, to be ours and to reflect our concerns. Let us act with the care and deliberation that behoove all those who wish to create standards to which others comply. Onward. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Anonymous@cs.Buffalo.EDU Date: Tue, 2 Feb 93 16:55:29 PST To: cypherpunks@toad.com Subject: Remailer changes. Message-ID: <9302030054.AA17885@armstrong.cs.Buffalo.EDU> MIME-Version: 1.0 Content-Type: text/plain Hal Finney's remailer writes: >Remailed-By: Hal Finney >Remail-Notice: This message is NOT from the person listed in the From > line. It is from an automated software remailing service operating at > that address. Please report problem mail to . I have taken similar precautions with my remailer... as you can tell from the header lines. I'm still having trouble convincing my system adminstrator to install PGP v2.1 (or even v2.0). For some reason, he seems to be ignoring my messages. Since I only have a limited knowledge of C, I really don't know how to fiddle around with the PGP *.C source files too much, otherwise, I would install it myself. The error that I keep getting running under SunOS version 4.1.3 is: > make sun4gcc make all CC=gcc LD=gcc OBJS_EXT=sparc.o \ CFLAGS="-O -fpcc-struct-return -DUNIX -DHIGHFIRST -DIDEA32" gcc -O -fpcc-struct-return -DUNIX -DHIGHFIRST -DIDEA32 -target sun4 -c pgp.c In file included from pgp.c:109: /usr/include/stdlib.h:18: conflicting types for `abort' :0: previous declaration of `abort' /usr/include/stdlib.h:26: conflicting types for `exit' :0: previous declaration of `exit' *** Error code 1 make: Fatal error: Command failed for target `pgp.o' Current working directory /tmp/pgp21/src *** Error code 1 make: Fatal error: Command failed for target `sun4gcc' If anyone can help me out, please e-mail me *DIRECTLY* and not to the list. -- +==== Internet: babani@cs.buffalo.edu ===+======== Amateur-Radio: N2LYC ======+ ! Bitnet: V078LNGT@ubvms.BITNET | UUCP: rutgers!ub!babani ! ! Alternate: an173@cleveland.freenet.edu | Plsure dpnds on the othrs prmison. ! +== PGP key available. (If you don't know what a PGP key is... find out!) ==+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: The Phantom Date: Tue, 2 Feb 93 20:21:20 PST To: cypherpunks@toad.com Subject: I've had many requests for this, so here it is. Message-ID: MIME-Version: 1.0 Content-Type: text/plain These are the instructions for the remailer set up on one of my accounts, dubbed the 'phantom remailer' by some. These instructions are available by fingering phantom@mead.u.washington.edu. Recently I had problems with the receiveing and decryption of encrypted PGP messages, but everything is functional now. Please note the syntax: if you don't include the '::'s, the message will end up in my mailbox! (this goes for all remailer systems). -----BEGIN PGP SIGNED MESSAGE----- If you wish to bounce anonymous mail (remail): - ---------------------------------------------- include the line "Request-Remailing-To: " in the mail header, then the body of the message will be forwarded to the recipient. - -or- include the lines :: Request-Remailing-To: in the body of the mail message, of which the rest of message will be forwarded to the recipient. If you wish to send encrypted mail to remail: - --------------------------------------------- include the line "Encrypted: PGP" in the mail header, then the body will be decrypted and searched for the above-mentioned convention for finding the recipient. - -or- include the lines :: Encrypted: PGP in the body of the mail message, of which the rest of the message will be decrypted and searched for the above-mentioned convention for finding the recipient. Recently, I was having problems with the encryption part of the remailer, but that has been fixed. The remailer phantom@mead.u.washington.edu is now fully functional. To encrypt the message for the remailer to decypher, you must use the remailer's public key, which follows. - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.1 mQCNAitcsHIAAAEEAPZ3Ex1rEwKLeANRoaRyTA72htDFGiGPmWkowByZyUtRkTRp Vs/WdhgoJ1VLz76Chyb63I+ejpekeJfOud98gMh2HtVoTjNGYAawpCKo15tFyzYn BFYVy0NjroyxwM6YnPCsYfYMpvyjEa5mfgrlyzvYBBeTDRD89vYoe7Eue0fDAAUR tDJBbm9ueW1vdXMgUmVtYWlsZXIgPHBoYW50b21AbWVhZC51Lndhc2hpbmd0b24u ZWR1PokAlQIFECtcqWpkhnxaNc7AOQEBZ+8EAIOOvsFf/niUrWw0BRvPhSEmtzrA kQJt3q7kPXutjj3IsJ1/oR8oGhv4iPQ5BmNvvd5dnsbbCqOurhaftVgzlSpyQcYi VryeNVvpdeX1+VTS7N+lAHVAlqnimoaEtUUIftDoDIjNNKRDi+nU4GbbL+1MqveC 1LKQMIi1WPjr6Wpw =1XNo - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK29GmvYoe7Eue0fDAQHxYwP/UapN+FYiB1J3ek18QiaXCJ90rcwFOx79 Mz596NYL/NArGCDGd/RPbEqBG0lpGW4H71TSvPK/G26ImyxgEvmjeMqBhB6jWZZK Xh0zgd+cGN9DS4N5EOvvt0N2CaVGTPNO2uqyXuGM8j2GfV++2E0RHApeuDirooc1 sYyj1iiKYDk= =LZMq -----END PGP SIGNATURE----- Matt Thomlinson University of Washington, Seattle, Washington. Internet: phantom@u.washington.edu phone: (206) 528-5732 PGP 2.0 key availaible via email or finger phantom@hardy.u.washington.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Al Billings Date: Tue, 2 Feb 93 23:42:29 PST To: cypherpunks@toad.com Subject: Lame Gurus (fwd) Message-ID: MIME-Version: 1.0 Content-Type: text/plain Here is an interesting (or maybe not) current use for one of the anon remailers. ---------- Forwarded message ---------- Date: Tue, 2 Feb 93 22:44:09 EST From: aliquis To: future@nyx.cs.du.edu Subject: Lame Gurus Yawn. CYBERPUNK: Virtual sex, smart drugs and synthetic rock 'n' roll! --TIME cover 8 February 1993. Sure, but do they know how to set their umask values so that people can't peek? La-de-dah, let's check on one of the gurus... (BTW, if you enjoy this, & you can get on the WELL, try some of the other cyberpunk.gods from B. Sterling on. Not that they have anything much of interest....) [Actual session script, edited only to protect the guilty.] ============================================================== $ telnet well.sf.ca.us Trying... Connected to WELL.SF.CA.US, a SEQUENT-S27 running DYNIX. This is The WELL DYNIX(R) V3.1.0 (well) Type newuser to sign up. Type trouble if you are having trouble logging in. login: xxxxx Password: Last login: Tue Feb 2 XX:XX:XX from Xxxxxxx.xxx.xxxx DYNIX(R) V3.1.4 NFS #2 (): Tue Mar 31 12:38:27 PST 1992 ======================================================== You own your own words. This means that you are responsible for the words that you post on the WELL and that reproduction of those words without your permission in any medium outside of the WELL's conferencing system may be challenged by you, the author. Thanks for dropping into the WELL. If you haven't changed your password since October 15, 1992, please do so now. Type: change password at an OK prompt. **************************************************************** well 1: grep "Tim Leary" /etc/passwd timleary:xxxxxxxxxxxxxxx:9339:200:Tim Leary:/uh/39/timleary:/usr/shell/menu well 2: cd /uh/39/timleary well 3: ls -l total 54 -rw-r--r-- 1 timleary well 728 Jun 12 1992 1 -rw-r--r-- 1 timleary well 441 Jun 12 1992 240 -rw-r--r-- 1 timleary well 479 Jun 12 1992 29 -rw-r--r-- 1 timleary well 403 Jun 12 1992 359 -rw-r--r-- 1 timleary well 535 Jun 12 1992 42thnnks -rw-r--r-- 1 timleary well 1096 Jun 12 1992 60 -rw-r--r-- 1 timleary well 1096 Jun 12 1992 62 -rw-r--r-- 1 timleary well 2051 Jun 12 1992 animatemcs -rw-r--r-- 1 timleary well 11360 Jun 12 1992 animatemike -rw-r--r-- 1 timleary well 4141 Jun 12 1992 barlow -rw-r--r-- 1 timleary well 523 Jun 12 1992 barlow2 -rw-r--r-- 1 timleary well 0 Jun 12 1992 c -rw-r--r-- 1 timleary well 11 Jun 12 1992 cbf.002464 -rw-r--r-- 1 timleary well 0 Jun 12 1992 cbf.005371 -rw-r--r-- 1 timleary well 527 Jun 12 1992 cbf.022859 -rw------- 1 timleary well 4 Jun 12 1992 dead.letter -rw-r--r-- 1 timleary well 727 Jun 12 1992 hlr -rw-r--r-- 1 timleary well 403 Jun 12 1992 info -rw------- 1 timleary well 16663 Jan 9 23:43 mbox -rw------- 1 timleary well 452 Jan 9 23:36 q -rw-r--r-- 1 timleary well 341 Jun 12 1992 xmodem.log well 4: cat 29 >From rusirius Sun Jun 24 11:58:18 1990 Received: by well.sf.ca.us (4.12/4.7) id AA02393; Sun, 24 Jun 90 11:58:15 pdt Date: Sun, 24 Jun 90 11:58:15 pdt From: rusirius (Mondo 2000) Message-Id: <9006241858.AA02393@well.sf.ca.us> To: timleary Subject: Re: Masonicks Status: RO Yeah, great to have you virtually in the kitchen. Hope Steve might be helpful. He's advising us. Good business head! Ill further discuss the Burroughs thing with Mu & be back to you during the week. well 5: echo Heh He He He Heh He He He well 6: exit well 7: logout Connection closed by Foreign Host $ ------------------------------------------------------------------------- To find out more about the anon service, send mail to help@anon.penet.fi. Due to the double-blind system, any replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin@anon.penet.fi. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Wed, 3 Feb 93 00:03:20 PST To: CYPHERPUNKS Subject: Remailer lists. Message-ID: <930203075239_74076.1041_DHJ30-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain I have been working on a document describing in some detail how to use the Cypherpunks anonymous remailers. It is pretty long, about 25K, but I'll post it here in a few days. Meanwhile, here is a list of the current remailers which I know about. If anyone else is running a remailer based on Eric Hughes' original design, please let me know and I'll add it to the list. All of the following remailers accept the basic "Request-Remailing-To" remailing request: hh@pmantis.berkeley.edu hh@cicada.berkeley.edu hh@soda.berkeley.edu The following remailers also accept the "Encrypted: PGP" function. The public keys for all of the remailers (plus the special one mentioned below) are in the keyring file below. They can all be used for anonymous addresses as described in the full document. phantom@mead.u.washington.edu hal@alumni.caltech.edu remailer@rebma.mn.org elee7h5@rosebud.ee.uh.edu hfinney@shell.portal.com The next remailer is a variant on the Cypherpunks remailers. It will work _only_ with encrypted messages, using its public key (in the keyring file below). But it allows a simpler syntax. It is not necessary to put "Encrypted: PGP" into the message header. In addition, the "::" pasting operator is assumed, so you can leave that off. Also, instead of "Request-Remailing-To:" you can say just "To:". So messages are much simpler in format for this remailer. This remailer runs at: remail@extropia.wimsey.com Here is a PGP keyring file containing keys for the encryption based remailers listed here: -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.1 mQCNAitcsHIAAAEEAPZ3Ex1rEwKLeANRoaRyTA72htDFGiGPmWkowByZyUtRkTRp Vs/WdhgoJ1VLz76Chyb63I+ejpekeJfOud98gMh2HtVoTjNGYAawpCKo15tFyzYn BFYVy0NjroyxwM6YnPCsYfYMpvyjEa5mfgrlyzvYBBeTDRD89vYoe7Eue0fDAAUR sAEAtDJBbm9ueW1vdXMgUmVtYWlsZXIgPHBoYW50b21AbWVhZC51Lndhc2hpbmd0 b24uZWR1PrABAIkAlQIFECtcqWpkhnxaNc7AOQEBZ+8EAIOOvsFf/niUrWw0BRvP hSEmtzrAkQJt3q7kPXutjj3IsJ1/oR8oGhv4iPQ5BmNvvd5dnsbbCqOurhaftVgz lSpyQcYiVryeNVvpdeX1+VTS7N+lAHVAlqnimoaEtUUIftDoDIjNNKRDi+nU4Gbb L+1MqveC1LKQMIi1WPjr6WpwsAEAmQBNAisCtU0AAAEB/jNOYzN1B2YzOxlK/Zb6 axoOaGlPq5I7DV9GH3hcGRN5N6FiT4sRLhi53Sc5rUdYDa8mFQd4tqvFG6rHcT8L tDcABRGwAQC0KlJlbWFpbGluZyBTZXJ2aWNlIDxoYWxAYWx1bW5pLmNhbHRlY2gu ZWR1PrABAIkAlQIFECsGk/aoEwOvWCFMNwEB24gEAJlpxL88gdKUxdgXCTCeFZ45 bTbyiS0Mfy86iGthyuLRYjAEjJB5yerRaKDiJNOgCTvnO+I9YyFdXnPEpvBjqVfp qHF2WCc4f7BgzBbOKg79EyiOp2/eYIQT1FkkcvisjRGlmHncfGgoq+OhVUw81ime SUPbv8vZyqskUU7djZKbsAEAmQCNAisUI2QAAAEEAKgm07Hsje5KpmXYd5azk0R6 AES+qK7LcofnVGojUs7GBghDWbwrmW8oOEOhRorlShRALKeYspV4xYIw4WDkJcJx uf1B254scz1urF/Eem3zPW9byPAx7W/cGwvs6SouZvFcSDq4v1zApvGE9hP4szPz HeGmVr0NVNeaDK0guoCpAAURsAEAtCBSZW1haWxlciAocmVtYWlsZXJAcmVibWEu bW4ub3JnKbABAJkAjQIrHCjmAAABA/45q2W4ebeR4BBwxhNs8xWcd7CKZRIyBURb C6QnyWAXzd+kZrk/FRiMgnFEpgk6hDieRyWRefAlAjrMtwdteabTr22XRoowt0LO xW7RhyhgOPatL4AYFSHI48qaUSPWI36pSNoFCgyz3Hgk8NtDgwAO1EymCGtyAUt9 s43Kxav7swAFEbABALQmcmVtYWlsZXIwMyA8ZWxlZTdoNUByb3NlYnVkLmVlLnVo LmVkdT6wAQCJAJUCBRArZJVHg4Ds6kta1jMBAVHQBACKLGjpv/pE7ECOdxgKj169 PL+QAH8LqeZQ4lGwlqdewrnmB2az+M6JQKkO5Mlq5CHh4CR5F98gemB/40NDHg2R EV0uvZKtkhlUEh+opxqBfd1nq3xkaXTjWufeyVXEaZJczFM+m5l54bIhJvytRT/a TTmWMkuof94LPdopHs6t17ABAIkAVQIFECscKO/SN178mdtX6QEBtuwCAJO6/KZZ I6R9V/bkHLKhao3YybVxphwngHS1e7Yr4h5ZYw3tkajipI3xbELc2VfsowjV6/Do VtE4hNCeVqgcBAiwAQCZAE0CKwZ/4gAAAQH+J5Lq2HyEjVAGMamZy1W+wjFkG2an KRVdzemyHRdV8fiwQJK6Ci6TbOb88m23n0DYTlI7fGOkON4qWRDvjlYg1QAFEbAB ALQsUmVtYWlsaW5nIFNlcnZpY2UgPGhmaW5uZXlAc2hlbGwucG9ydGFsLmNvbT6w AQCJAJUCBRArBpKvqBMDr1ghTDcBASTlBACfTqODpVub15MK5A4i6eiqU8MDQGW0 P0wUovPkNjscH22l0AfRteXEUM+nB+Xwk16RG/GdrG8r9PbWzSCx6nBYb7Fj0nPn RPtS/u69THNTF2gU2BD0j2vZF81lEHOYy6Ixao2b6Hxmab2mRta2eTg7CV6XP3eR FDPisVqgooAWg7ABAJkAjQIqryddAAABA/41357aprEYyUWKMWE8Szu6G8zH84FD bUgxGsG90ro+FDtcargEXNuTyTQB0ISGvN2MX/c/0f9wI8JmK2asbwdkZCz0405s 0HdOH8qbGU6Ikf05TOReNyQrgjO+/ZgIq/SHctQkM10Nm5/PXlGWlYTlCczYJ3Zf sC6Tcb7wN+jjQwAFEbQsSW1tb3J0YWwgRnJlZWRvbSA8bWlyb25AZXh0cm9waWEu d2ltc2V5LmNvbT6JAJUCBRArUIGRqBMDr1ghTDcBAeHnA/sHamiBoSYH4ZWPsqUM JoDd8rYFIvzI4JlHUwdqn40Y9Loclzj3oEkPp9GReMBxKNWtqLHQKN/O4mBzXm6g Dr9ft8TNdG3iP0TU9XWcFHJvy18LgkQAgKpS+ZQeXEDcuGWxv0L4qAFmKqquoPX7 YiOmdZ5L2epiG/UGb1gQsrCI/IkAlQIFECsXPLSTcb7wN+jjQwEBv20D/jIKu8z9 DP+wTLLWYZZax9wnJJzRkD9//kFAC0is6LMNMSSX0yGwOPmqEI710BSovuTAlNBm qBrMrl0Bp5bsxpCN8Fw3Mc0ex5fe1efockVjXNLMP0G4plr0AFMA4KXNE+MfwLFM d+Gcdxufro0yKoBygsHwQ+om+rutRPIy89/PiQBFAgUQKwxwHUutImLEeA/3AQGQ nQF8D0Zdrrz+kMAguOANBhbnxm5tzak4TWg37hp/iU2CEfIbW/IUVIPEjNhvM6cj Z1jQ =UbNP -----END PGP PUBLIC KEY BLOCK----- Hal Finney 74076.1041@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fnerd@smds.com (FutureNerd Steve Witham) Date: Wed, 3 Feb 93 07:52:54 PST To: cypherpunks@toad.com Subject: psEUDORAndom Message-ID: <9302031531.AB24340@smds.com> MIME-Version: 1.0 Content-Type: text/plain While searching (in Eudora) for the word "eudora", I found instead the word "pseudorandom." One more property of "living at the P.O.?" -fnerd quote me fnerd@smds.com (FutureNerd Steve Witham) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: covin@cs.uchicago.edu Date: Wed, 3 Feb 93 13:03:37 PST To: cypherpunks@toad.com Subject: remailer modification: mailing list demon Message-ID: <9302032102.AA22822@tartarus.uchicago.edu> MIME-Version: 1.0 Content-Type: text/plain I have just joined this list, but I'm told that there was a recent discussion about the problem of mailing-list aliases making the names of all the list members publically available. I.e., if you've established a mailing list via a sendmail alias, certain sendmail commands will return the list of mailing addresses associated with the alias. I had been considering writing a mail-redistributing program, structurally similar to the user-account anonymous remailers, to get around this problem. I'm told that this was discussed on this list, and that the conclusion was that the sendmail hole could actually be plugged using regular sendmail features. Could someone send me either a copy or a pointer to a copy of that discussion, and/or the sendmail fix? Thanks much, -David From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tribble@xanadu.com (E. Dean Tribble) Date: Wed, 3 Feb 93 17:33:30 PST To: cypherpunks@toad.com Subject: [markets!uunet!starr.com!alta: How to e-mail the White House] Message-ID: <9302032358.AA00498@xanadu.xanadu.com> MIME-Version: 1.0 Content-Type: text/plain Hi Folks, The following is NOT a joke. It is a real service being provided by President Clinton. If you feel you have something to say, send them a letter. I heard they will reply to most messages. From: The White House <75300.3115@compuserve.com> As you know, this is the first time in history that the White House has been connected to the public through electronic mail. We welcome your comments and suggestions for ways to improve your Public Access E-mail program. Jock Gill Electronic Publishing Public Access E-mail The White House Washington, D.C. 75300.3115@Compuserve.com CLINTON PZ on America Online ------- End of Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fnerd@smds.com (FutureNerd Steve Witham) Date: Wed, 3 Feb 93 14:32:39 PST To: extropians@gnu.ai.mit.edu Subject: CFP '93 roommates? Message-ID: <9302032112.AA15127@smds.com> MIME-Version: 1.0 Content-Type: text/plain Fellow Extropians, Cypherpunks, and Computer Freedom and Privacy seekers-- Is anyone else hoping to share a room at the SF Airport Marriot for CFP '93? The rates are $99 per room, single or multiple occupancy, for conference attendees, with a limited block of rooms available, offer expires Feb 9. Please respond to sw@smds.com NOT to fnerd. Thanks. (My fnerd mail goes through a two-day-long pipeline.) --Steve Witham sw@smds.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mcdchg!marcal!apres!system (System Operator) Date: Wed, 3 Feb 93 22:29:32 PST To: cypherpunks@toad.com Subject: 5th Amendment and Encryption Message-ID: MIME-Version: 1.0 Content-Type: text/plain For what it's worth, at H0H0 Con in December John Draper related a story about a run-in with the BART police, and the confiscation of "hundreds" of floppy disks. John indicated that information was stored in encrypted form, and that the authorities were unable to read it. Since John is on this list, perhaps he can elaborate. Dan -- system@apres.UUCP (System Operator) Applied Research (cryptography & security BBS) 1 708 639 8853 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phil Karn Date: Fri, 5 Feb 93 00:02:23 PST To: jpp@markv.com Subject: spread spectrum synchronization Message-ID: <9302040757.AA02215@unix.ka9q.ampr.org> MIME-Version: 1.0 Content-Type: text/plain Synchronization is indeed one of the more complex parts of a spread spectrum system. But there are standard, well studied ways to do it, and any of several textbooks have good descriptions. It's more tedious than difficult. A good job for VLSI. The "gold codes" you mention are simply one family of spreading sequences. There are others. You'd search for signals that use them in the same way you'd search for any kind of spreading sequence -- by searching the sequence space until you find a correlation between the incoming signal and your local copy of the spreading sequence. You detect this by the sudden increase in narrowband signal energy seen at the output of the despreader around the nominal carrier frequency when you're within a chip of the correct time. You then lock onto and track the spreading sequence with a circuit very similar to a phase locked loop. Practical spread spectrum systems aid this process either by synchronizing the spreading sequence to a common clock source, or by using a small enough spreading sequence to make searching the entire sequence feasible. In our CDMA cellular system, we use both approaches and several ordinary LSFR PN sequences (not Gold codes). There's a "short PN" code (2^15 chips long) common to all cells that can be found by a mobile within a few seconds of being turned on, and an additional per-user "long code" (2^47-1 chips) that is synchronized with the aid of GPS receivers at the cells. Both operate at the same chip rate (1.2288 Mhz). The gory details can be found by anonymous FTP to lorien.qualcomm.com, in /pub/cdma. Read the "overview" document first. Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: crunch@netcom.com (John Draper) Date: Thu, 4 Feb 93 00:19:52 PST To: cypherpunks@toad.com Subject: Elaborating on BART pigs Message-ID: <9302040819.AA11336@netcom2.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Dan says: >John indicated >that information was stored in encrypted form, and that >the authorities were unable to read it. >Since John is on this list, perhaps he can elaborate. Yes, I can... Certainly. I was using a Mac with a HyperDrive, and kept all me personal Email and job bids encrypted using the "Security" program provided for the HyperDrive users. I don't know how many files I had encrypted, but if the police had somehow managed to decrypt it, they would be very dissapointed, as I'm sure they would find much use if any of it as evidance that I was involved in any kind of conspiracy or something. I was just a neat program, easy to use, and after I archived the programs, I encrypted it, and used a secret key "Pigs suck" at the time. Oh, one other thing, the new OOP version of the MacPGP Shell is coming along quite nicely, Blair has been very responsive to provide me with a good solid design, thus requiring little interaction, and those little GUI's are coming along just fine, than you... More later.. JD From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ghabrech@ultrix.ramapo.edu (The Knight of Ni) Date: Wed, 3 Feb 93 22:10:44 PST To: tribble@xanadu.com Subject: Re: [markets!uunet!starr.com!alta: How to e-mail the White House] Message-ID: <9302040613.AA26938@ultrix.ramapo.edu> MIME-Version: 1.0 Content-Type: text/plain I would like to welcome the whitehouse to the net. It's nice to give the public an easy way to make suggestions to somebody who would otherwise be inaccessible (sp?, sorry no spell check). I hope that the users of the net make use of this great opportunity. Thanx, George A. Habrecht ghabrech@ultrix.ramapo.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: deltorto@aol.com Date: Thu, 4 Feb 93 03:38:32 PST To: cypherpunks@toad.com Subject: White Mail Message-ID: <9302040639.tn05266@aol.com> MIME-Version: 1.0 Content-Type: text/plain Guys & Gals, Here's a tidbit I thought you'd all like to know about: (from Network World, 1 Feb. 1993, p. 37) ----------------------------------------------------------------------------- E-MAIL RULING MAY HAMPER CLINTON ADMINISTRATION Washington, D.C. - A recent federal court ruling requiring the preserva tion of the Bush administration's electronic mail tapes has left many considering the ramifications for E-mail utilization in the Clinton White House and the private sector. Federal Judge Charles Richey ruled that President Bush's E-mail falls under the 50-year-old Federal Records Act and cannot be destroyed until it has been reviewed under stringent guidelines for its preservation. This ruling, which is aimed at uncovering information concerning the Iran-Contra scandal, is the first time electronic communications has fallen under the auspices of the act. Although the ruling is currently being appealed and it is unclear whether the Bush administration will comply with the order, it has several implications for the new White House staff. "It will provide a real problem for the Clinton administration," said Michael Cavanagh, executive director of the Electronic Mail Association here. The ruling applies to all White House E-mail, Cavanagh said, even the most casual conversations. "It will be difficult for them to do their job as efficiently as they could if they were allowed to use E-mail freely," he said. -- Combing Through Trash Cavanagh likened the ruling to requiring that the contents of every White House wastebasket be saved forever. "That enters the realm of ridiculousness, but maybe that's what's happened with electronic mail in this decision." Others were not so sure. "It's one of those issues that has a balance on both sides." said Ronald Plesser, a partner in the Washington law firm of Piper and Marbury and the former telecommunications team leader for the Clinton transition. "From a freedom of information perspective, it's a good decision. From an E-mail decision, we're concerned about it, but I don't think it's overpowering." Plesser said the ruling would encourage the White House staff to treat sending E-mail as if they were writing a memo, rather than using it in an informal manner. "I understand the concern that E-mail will now be a record and it may discourage some informal discussions," he said. "On the other hand, I think the issues in the case are broader than E-mail and relate to all records of public policy that should not be destroyed, and I'm in favor of that." He did caution that the ruling will not automatically make all White House E-mail public information because President Clinton will still have the option of using his executive privilege to prevent information from being subpoenaed. -- Private Sector Implications Beyond the White House, however, the implications for the private sector are minimal. "This doesn't have any direct ramifications for the business sector," Cavanagh said. "There certainly is not going to be a law requiring every private company to keep everything on their computer disks forever; you'd have to carve out something the size of the state of Wyoming to store those computer disks." Both Cavanagh and Plesser were in favor of having some kid of E-mail retention policy, as do most businesses in the private sector. Once a specified period has elapsed during which the information may be needed to reconstruct certain events, for example, it can be destroyed. "Increasingly, businesses institute retention policies for electronic mail tapes and other computer tapes [in addition to paper records]," Cavanagh said. "Generally, that's the correct route to go." ----------------------------------------------------------------------------- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "DrZaphod" Date: Thu, 4 Feb 93 07:45:53 PST To: CypherPunks@toad.com Subject: Re: A Group Note From CypherPunks Message-ID: <24111.drzaphod@ncselxsi> MIME-Version: 1.0 Content-Type: text/plain >>> From: The White House <75300.3115@compuserve.com> From deltorto@aol.com >Ladies & Gents, I think a group letter would be appropriate from all of us. >What an opportunity. I love this country sometimes, y'know? Excellent Idea! What better way to secure our position on cryptography and privacy then to write a little note to Bill. go for it.. and we can all read it, make suggestions, and add bits.. incidentally, I've already sent my PGP key down to the White House.. |-] TTFN! DrZaphod [AC/DC] / [DnA][HP] [drzaphod@ncselxsi.uucp] Technicolorized From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: deltorto@aol.com Date: Thu, 4 Feb 93 04:32:55 PST To: cypherpunks@toad.com Subject: Re: How to e-mail the White House Message-ID: <9302040732.tn05372@aol.com> MIME-Version: 1.0 Content-Type: text/plain >> The following is NOT a joke. It is a real service being >>provided by President Clinton. If you feel you have something to >>say, send them a letter. I heard they will reply to most messages. >> >> From: The White House <75300.3115@compuserve.com> >> >> As you know, this is the first time in history that the >>White House has been connected to the public through electronic mail. >>We welcome your comments and suggestions for ways to improve your >>Public Access E-mail program. Ladies & Gents, I think a group letter would be appropriate from all of us. What an opportunity. I love this country sometimes, y'know? dave PS: Extra special thanks to Mr. Tribble for finding this. Where did you pick it up? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tribble@xanadu.com (E. Dean Tribble) Date: Thu, 4 Feb 93 11:33:45 PST To: uunet!aol.com!deltorto@uunet.UU.NET Subject: How to e-mail the White House In-Reply-To: <9302040732.tn05372@aol.com> Message-ID: <9302041741.AA03899@xanadu.xanadu.com> MIME-Version: 1.0 Content-Type: text/plain PS: Extra special thanks to Mr. Tribble for finding this. Where did you pick it up? Thanks for the thanks, but I just forwarded it. I don't know who originated the message. Afterward I noted that the chatty part of the message sounded like I had written it. We can appropriately give thansk to a now anonymous source :-) dean From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: crunch@netcom.com (John Draper) Date: Thu, 4 Feb 93 11:28:33 PST To: CypherPunks@toad.com Subject: Group note Message-ID: <9302041928.AA05061@netcom2.netcom.com> MIME-Version: 1.0 Content-Type: text/plain > Excellent Idea! What better way to secure our position on cryptography >and privacy then to write a little note to Bill. go for it.. and we can all >read it, make suggestions, and add bits.. incidentally, I've already sent my >PGP key down to the White House.. |-] >TTFN! I didn't go that far, but if we decide to send a letter to the White House this way, we all should collaborate on what to say, in relation to our concerns, etc. Then each of us can "Sign" the letter using our PGP Signatures. I also thought about sending my PGP key, but still deciding on what I want to say relating to my personal concerns. JD From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jay Prime Positive Date: Thu, 4 Feb 93 14:09:22 PST To: cypherpunks@toad.com Subject: `Sunday Times' article on GSM changes In-Reply-To: <9302042024.AA09970@maggie.shearson.com> Message-ID: <9302041407.aa14565@hermix.markv.com> MIME-Version: 1.0 Content-Type: text/plain Speculation: The "A5 `scrambling code'" is used as the spreading code for a spread spectrum radio. Spread spectrum radio has some features cypherpunks may find interesting: both stegnagraphic and cryptographic. A Spread Spectrum signal is usualy based on xoring a very high rate "pseudorandom" bitstream with the intelligence to be transmitted. The resulting wide spectrum signal is usualy transmitted via radio. As a result the signal is very hard to notice since the watts/hz can be orders of magnitude under normal narrow band signals (stegnography). As a second result, once detected the signal cannot be understood without syncronizing an identicle "pseudorandom" bitstream at the reciever (cryptography). The reason that gov't types would fear the dispersal of the technology is obvious. Btw. many of the wireless lans use exactly this technology. j' From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "John Coryell." Date: Thu, 4 Feb 93 16:51:11 PST To: cypherpunks@toad.com Subject: Re: How to e-mail the White House In-Reply-To: <9302041741.AA03899@xanadu.xanadu.com> Message-ID: <9302050051.AA07524@toad.com> MIME-Version: 1.0 Content-Type: text/plain > PS: Extra special thanks to Mr. Tribble for finding this. Where did y >pick > it up? > >Thanks for the thanks, but I just forwarded it. I don't know who >originated the message. Afterward I noted that the chatty part of the >message sounded like I had written it. We can appropriately give >thansk to a now anonymous source :-) > >dean I've seen it broadcast on a number of listservs, actually; I don't think it's being kept to any degree of secrecy. However, nearly every place it was posted soon found follow-ups reporting receiving undelivered mail messages. Maybe it's encrypted. John Coryell. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pmetzger@shearson.com (Perry E. Metzger) Date: Thu, 4 Feb 93 12:59:35 PST To: cypherpunks@toad.com Subject: `Sunday Times' article on GSM changes Message-ID: <9302042024.AA09970@maggie.shearson.com> MIME-Version: 1.0 Content-Type: text/plain Thought I'd forward this. ----- Begin Included Message ----- >From libernet-request@dartmouth.edu Wed Feb 3 18:51:12 1993 Resent-Message-Id: <4fQ2vaH0BwxI41u9ED@transarc.com> Resent-Date: Wed, 3 Feb 1993 15:45:26 -0500 (EST) Resent-From: Lyle_Seaman@transarc.com Resent-To: libernet@dartmouth.edu X-Andrew-Widereply: netnews.sci.crypt Newsgroups: sci.crypt Path: andrew.cmu.edu!bb3.andrew.cmu.edu!news.sei.cmu.edu!cis.ohio-state.edu!zaphod.mps.ohio-state.edu!howland.reston.ans.net!usenet.ins.cwru.edu!agate!doc.ic.ac.uk!rhbnc!andy From: andy@csqx.cs.rhbnc.ac.uk Subject: `Sunday Times' article on GSM changes Organization: RHBNC Date: Tue, 2 Feb 1993 16:07:01 GMT Lines: 94 Sender: libernet-request@dartmouth.edu X-Mailing-List: libernet@Dartmouth.EDU Content-Length: 4387 Having finally managed to track down a copy of last Sunday's `Sunday Times', here is the text of the article describing changes to the GSM mobile communications standard. The A5 `scrambling code' refered to in the article is the stream cipher between the mobile and base stations, which uses a 64-bit key derived from an initial authentication exchange. Whilst it's not exactly secret, as many people involved with developing GSM need to know the details, it is covered by non-disclosure agreements. `New Scientist' also have an article on GSM in this week's issue. andy -- `The Sunday Times', 31 January 1993. Main section, p. 12. (Home News) SPYMASTERS ORDER REDESIGN OF `TOO SECURE' MOBILE PHONES by Christopher Lloyd [Cartoon of a ridiculous mobile handset with various antennaea and dishes protruding. It is being held by a dismayed, purple-suited, man whilst a sign reads: "New! GCHQ-approved mobile phone".] The next generation of mobile telephones has proved so secure against tapping that it is to be made less safe on the advice of the intelligence services. The phones, based on coded digital technology, will have their technology modified so that spies can continue to eavesdrop on private conversations. The changes, ordered by a European Community (EC) telecommunications committee in Brussels, are being made at the insistance of European governments, including Britain's. They fear that surveillance operations against drug barons, the criminal underworld and foreign powers could be undermined. Digital mobiles phones, based on a system called GSM, are already replacing standard analogue networks across the world. They are equipped with a sophisticated scrambling code called A5, offering protection from interception equivelant to many military systems. It is this code that is to be replaced by one called A5X, to allow undercover eavesdropping to continue. Last week a Department of Trade and Industry spokesman confirmed changes were being introduced to make it easier for security agencies - ranging from GCHQ, the British government's listening post near Cheltenham, to the FBI in America - to eavesdrop. "Alternatice coding is being developed for the reasons you have outlined," he said. "There is a general desire for this among the governments of Europe." The department, which issues export licenses for the phones, is particularly concerned that the original A5 technology should not be sold to countries that may adapt it for military applications. In America, the FBI has voiced similar concern. Nestor Michnyak, spokesman for the FBI headquarters in Washington, said that digital technology was advancing so fast that counter-surveillance was in danger of being undermined. "We are trying to get companies and manufacturers to work with us to allow us to maintain the surveillance operations we have undertaken since the late 1960s," he said. "All we are asking is to be able to continue to do what we are currently doing and we want the same access we are having now." Manufacturers of GSM mobile phones will be forced to adapt products to work with the new codes. Motorola, one of the leading makers of the digital mobile handsets, complained that costs may rise as a result. "We are flying blind here," said Larry Conlee, the assistant general manager of Motorola's European cellular division. "The GSM system has ended up more secure than it should have been for the commercial market and now we're trying to recover from it." Vodafone, Britain's largest analogue mobile phone company, which has already installed 250 GSM base stations covering 50% of the UK population, said its network will need to be adapted to accept the new codes. "Government authorities have made it known that they don't want this high level of encoding," said Mike Caldwell, the spokesman for Vodafone. Caldwell said the problem with the original system was that it would take security services weeks rather than minutes to decode the conversations they wanted to bug. Despite the changes, it will be still virtually impossible for any amateur eavesdropper to intercept calls made on the digital mobile phones. -- Andy Thomas Information Security Group, Department of Computer Science Royal Holloway, University of London TW20 0EX, England Internet: andy@dcs.rhbnc.ac.uk phone: + 44 784 443696 ----- End Included Message ----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ld231782@longs.lance.colostate.edu Date: Thu, 4 Feb 93 16:03:52 PST To: cypherpunks@toad.com Subject: White House letter Message-ID: <9302050002.AA11919@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain Hello, I think the official cyberpunk White House (Pres. Bill Clinton) letter would be a great idea, although my experience is that the more you want to say, the more people will say "that's not for cypherpunks to say" or "I don't agree with that as a cypherpunk" and that it will be hard to build consensus. But, on the other hand, a lot of cypherpunks are kind of extremists that may even say some things don't go far enough. Anyway, here are some possible topics, as bland as I can make them (but are all actually highly controverial): 1. Off the tip of the mailing list's tongue, phone encryption particularly in cellular and hand-held phones. The recent article from the Sunday Times posted here stated that > Despite the changes, it will be still >virtually impossible for any amateur eavesdropper to intercept calls made >on the digital mobile phones. Hm, that's pretty questionable. Maybe we shouldn't make it a black and white issue, but codes seem to me to be either broken or unbroken, and the former is insecure and unusable whereas the latter is not. There are already examples of situations where lack of encryption led to outrageous breaches of privacy--both Princess Diana and her previous husband can attest to that! Clinton could put pressure on intelligence agencies in the U.S. to allow strong encryption for cellular phones, pass laws, or whatever, and eventually commit to security in phone calls. What do you think, cypherpunks? Should the government be allowed to wiretap "at all"? Is it a "right" of the government? (prepare for the flames) Should we insist on completely unlimited use of cryptography? Is any other scenario practical? Is anything but this inevitable? (uh oh, some opinion creeping in there) Introduction of strong cryptography in hand-held phones could be *the* stepping stone for widespread introduction of cryptography, if the battle is won and becomes publicized enough. I think if this was painted in the right way, we could really get a lot of public support for ideas like "I should be able to know when someone is listening to my calls" or "I should be able to protect from that" or "I know when somebody opens my mail, why not my phone calls?" or "that's not something I want my government to be doing anyway". 2. The new national network NREN supported by the NSF will have massive data communications capabilities, many times the bandwidth of the current internet. There are plenty of "guidelines" that could be established on its use. For example, how about commercial traffic? Are there restrictions on traffic? I think the "new world highways" analogy works here. While we can get and go on a highway whenever we want, and carry loads up to certain reasonable restrictions, we have to get licensed. Also, commercial companies rely on them heavily and our economy is immensely dependent on them (they benefit it immensely). Should we oppose all taxes and licensing? Limitations on total traffic permitted? Believe it or not, these will become *hot* issues soon. Bigger than the time the FCC was thinking of taxing modem use. Keep in mind, we might be able to make arguments that the ideas like "volume" are somewhat obsolete in terms of networks, in which in many cases sending very large amounts of data is as costly (or even less so, because of overhead) than sending smaller amounts. Even if someone was charged based on quantity of use, the actual money involved would have to be something like $.0001/meg (I hope). 3. There are lot of restrictions and regulations on networks right now. For example, there are rules that prevent telephone companies from providing "information services" over telephone lines, apparently originating by rather bold but successful cable company lobbyists. Should these be removed? 4. Fiber optics will be penetrating into a lot of homes over the next few years. This will be related to the network expansion mentioned above. Should these be maintained and installed by private companies? Should there be limitations on the size of the companies running the networks? 5. In the letter, we should look at trying to explain our interests and backgrounds. Who ARE we to ask these things? A bunch of teenage computer geeks and hackers? Computer professionals with a serious interest in privacy, with important tax-paying jobs? I don't really know the answer to this one! I'd be willing to hammer up some rough drafts, if no one objects, but we need to hash this out, and decide about some kind of voting procedure, I would say (majority passing? line-item veto?) I suppose the one really major consensus of the cypherpunks is the commitment to cryptography and the believe that it should be unregulated and freely used. So, if all this sounds too involved, we could go the simple route and just fix up Eric Hugh's group charter to send to Pres. Clinton. ltr. P.S. Here's a product that would *really* bring the issue of cryptography to the forefront, making the public aware of it and partial to it, and is just waiting to be invented by somebody with a flair for electronics, packaging, and marketing. Encryption technology is becoming pretty inexpensive, and even some simple techniques are better than nothing and not trivial to get around for the big bureacracies that do wiretapping. Imagine a single little plastic cup that could be placed over a phone reciever with all the cheap encryption electronics built in (maybe even analog based). Market it in every drugstore and discount store in existence in real flashy ways. Protect your calls! Just slip it on your phone! Use it to talk to your friends! etc. introducing the CRYPTOCUP only $9.99. The thing could be adaptive, like pick one of 10 or 100 preprogrammed codes when it finds another of the same at the other end of the line. Or, maybe some one-time PADs could be used by the users using touch-tones. You could even market it as a child's toy: imagine that the kid could slip it over his mouth and yell through it. Another kid with a receiving speaker could decrypt this into earphones or something. Now, to other kids on the playground, all they hear is goofyspeak that sounds like pig latin from the pair, but the two kids are able to talk about throwing snowballs at Suzy or whatever (endless laughs and hilarity). You could have all kinds of spiffy TV commercials with little kids pretending to be spies, with the costumes and everything. Wow! You could sell a LOT of these if it was done right. This would be like the 20th century equivalent of the cups-and-string thing. (Just make sure I get plenty of royalties :) Or how about this? For us cypherpunks, the "kids toy" thing could be little cover for the use that it was *designed* for: use over phones. The "kid toy" thing would just be a way to get it to be widespread so that everybody had one and knew what it did. Then, the rumors would start. Wow! They fit on phones! Drug dealer's use em! People having affairs use 'em! Businessmen use 'em! EVERYBODY uses em! Coach to team player: did you remember your CUP? Yes Sir! Coach starts yelling plays at quarterback. Girlfriends would ask their boyfriends to slip 'em on before they started (do you have the PROTECTION with you?). Then, we take over the world. HAHAHAHA <- evil laugh If this was cheap enough, people might buy it just for the novelty of it. Especially if you don't have to choose the code, just slip it on and it works (maybe with the better versions, you could pick the code). The point is, infiltrate the economy to the point where any kind of silly regulation of "cryptography" would be perceived as completely ridiculous by the general population. "What are we going to do?" They'd say, "register every kid's CRYPTOCUP? HAHAHAHAHA!" <- side splitting laugh at the sheer stupidity of government. (Yeah, we have a great one---once they even tried to regulate CRYPTOCUPS! HAHAHAHA! <- now sides starting to hurt) OK (regaining my composure and sanity), so if we're really boring, I suppose we could go the route of just pressing for encryption in cellular phones. Or maybe just the middleaged employed people on the group could go that route, and all the teenage hackers work on the toy. P.S. how big is cypherpunks now anyway? I'm interested in embarrassing myself in front of as many people as possible. :) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tribble@xanadu.com (E. Dean Tribble) Date: Thu, 4 Feb 93 23:33:01 PST To: cypherpunks@toad.com Subject: [uunet!bigtex.cactus.org!wixer!wixer.cactus.org!jagwire: white house email (fwd)] Message-ID: <9302050132.AA05527@xanadu.xanadu.com> MIME-Version: 1.0 Content-Type: text/plain > From jmedway@ccwf.cc.utexas.edu Wed Feb 3 20:24:33 1993 > From: jmedway@ccwf.cc.utexas.edu (johnjmedway) > Message-Id: <9302031943.AA23259@huey.cc.utexas.edu> > Subject: white house email > To: jagwire@wixer.cactus.org (Dan Zappone), > resmith@ccwf.cc.utexas.edu (Rob Smith) > Date: Wed, 3 Feb 93 13:43:54 CST > X-Mailer: ELM [version 2.3 PL11] > > One of my coworkers passed this out to all of us @ work. > > Spread el verbum. > > > >> Subject: White House email address > >> > >> I thought you might find this interesting... > >> > >> > >> ================= { Begin included text } ===================== > >> > >> > > >> > How's this for interesting? > >> > We just got wind of it down here... :) Barbie > >> > - -------- > >> > > >> > President Clinton (The White House) = 75300.3115@Compuserve.com > >> > > >> > : Here's something you might find useful... President Clinton's email > >> > : address. (Obviously, he has people to screen it for him!) A friend > >> > : just emailed this to me. > >> > : > >> > : >Posted-Date: 27 Jan 93 20:19:51 EST > >> > : >Date: 27 Jan 93 20:19:51 EST > >> > : >From: The White House <75300.3115@compuserve.com> > >> > : >Subject: Re: Press Briefing, January 27, 1993 > >> > : > > >> > : > Thank you for your recent electronic mail message to the White > >> > : > House. As soon as practicable it will be sent to the appropriate > >> > : > office for consideration. You should receive a written reply in due > >> > : > course. Unfortunately, we are not yet ready to respond substantively > >> > : > to your message by electronic mail. We appreciate your patience as > >> we > >> > : > implement our new electronic systems. > >> > : > > >> > : > As you know, this is the first time in history that the > >> > : > White House has been connected to the public through electronic > >> > : > mail. We welcome your comments and suggestions for ways to > >> improve > >> > : > your Public Access E-mail program. > >> > : > > >> > : > Regards, > >> > : > Jock Gill > >> > : > Electronic Publishing > >> > : > Public Access E-mail > >> > : > The White House > >> > : > Washington, D.C. > >> > : > > >> > : > 75300.3115@Compuserve.com > >> > : > CLINTON PZ on America Online > >> > : > > >> > : > PS: If you did not include your U.S. mail return address in your > >> > : > message and you want a reply, please send your message again and > >> > : > include that information. > >> > > >> > ------- End of Forwarded Message > >> > > >> > > >> > > > > ---------------------------------------------------------------- > jmedway@ccwf.cc.utexas.edu "Be careful what you're doing, > aka john j medway you're messing up my life." > -- John Lydon aka John Rotten > ---------------------------------------------------------------- > From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Brad Huntting Date: Thu, 4 Feb 93 17:37:15 PST To: pmetzger@shearson.com (Perry E. Metzger) Subject: Re: `Sunday Times' article on GSM changes In-Reply-To: <9302042024.AA09970@maggie.shearson.com> Message-ID: <199302050136.AA14323@misc.glarp.com> MIME-Version: 1.0 Content-Type: text/plain > Caldwell said the problem with the original system was that it > would take security services weeks rather than minutes to decode > the conversations they wanted to bug. Despite the changes, it will > be still virtually impossible for any amateur eavesdropper to > intercept calls made on the digital mobile phones. The quotes I've heard are more like "any county sherif with a radiomodem and a pc will be able to tap any conversation in range. It's probably just as well. Since end to end encryption is the only reasonable solution anyway. brad From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "DrZaphod" Date: Thu, 4 Feb 93 21:01:52 PST To: CypherPunks@toad.com Subject: RE: White House letter Message-ID: <67402.drzaphod@ncselxsi> MIME-Version: 1.0 Content-Type: text/plain In Message Thu, 04 Feb 93 17:02:44 -0700, longs.lance.colostate.edu!ld231782@netcomsv.netcom.com writes: >Hello, I think the official cyberpunk White House (Pres. Bill Clinton) >letter would be a great idea, although my experience is that the more >you want to say, the more people will say "that's not for cypherpunks >to say" or "I don't agree with that as a cypherpunk" and that it will >be hard to build consensus. But, on the other hand, a lot of >cypherpunks are kind of extremists that may even say some things don't >go far enough. I think to start off and get attention and respect from the big white house we should simply send our stance on encryption and why it shouldn't be regulated.. I think this is the common goal among all the cypherpunks on this list [ that is except the NSA folks who are listening in |-] ]. I think, for now, we just want to let people know that there IS a specific group of individuals who are willing to protest for their right to privacy [you are, aren't you?] and follow up with suggestions to specific issues in later messages to the White House. and YES we should definately send all our public keys along with the message.. basically telling the government that we DO enjoy extreme privacy in part of our lives and would like to see it extended to all forms of communication. TTFN! DrZaphod [AC/DC] / [DnA][HP] [drzaphod@ncselxsi.uucp] Technicolorized From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Brad Huntting Date: Thu, 4 Feb 93 17:48:18 PST To: Jay Prime Positive Subject: Re: `Sunday Times' article on GSM changes In-Reply-To: <9302041407.aa14565@hermix.markv.com> Message-ID: <199302050147.AA14360@misc.glarp.com> MIME-Version: 1.0 Content-Type: text/plain > Speculation: The "A5 `scrambling code'" is used as the spreading code > for a spread spectrum radio. It would seem that both the sender and reciever need to be exactly syncronized to within 1/4 of a bit for this to work. Since voice data requires about 64Khz, if you spread this by a factor of 32 (for a scrambling frequency of 2.048Mhz) this would mean the sender and reciever would need to be synced to well within 500ns of each other. Isn't this a bit difficult? How do they do it? brad From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: crunch@netcom.com (John Draper) Date: Thu, 4 Feb 93 19:05:21 PST To: cypherpunks@toad.com Subject: White house letter Message-ID: <9302050305.AA21371@netcom2.netcom.com> MIME-Version: 1.0 Content-Type: text/plain >4. Fiber optics will be penetrating into a lot of homes over the next >few years. What about adding the issue of government grants for R&D on new technology in Data Networking, Virtual reality, and other new technologies. Or at least generious tax breaks to encourage R&D. JD From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jay Prime Positive Date: Thu, 4 Feb 93 19:45:57 PST To: cypherpunks@toad.com Subject: `Sunday Times' article on GSM changes In-Reply-To: <199302050147.AA14360@misc.glarp.com> Message-ID: <9302041944.aa08169@hermix.markv.com> MIME-Version: 1.0 Content-Type: text/plain Brad Huntting asks: >[...]this would mean the sender and reciever would need to be synced >to well within 500ns of each other. Isn't this a bit difficult? How >do they do it? You are right. This is perhaps *the* central design issue of this kind of spread spectrum system. One standard solution is to use "gold codes". Gold codes are special in that they are very self dissilimar. That is they look very unlike any shifted version of themselves. So you can build a very simple corelator which tries all the possible shiftings of a code to the signal, until one pops up with "low frequency" data rather than "high frequency" noise. Another is to begin a transmission with a special sync header (and concievably intersperse additional ones bassed on the expected frequency of loss of lock). Currently available PLL's working at 900MHz have very low phase noise, and I can imagine the construction of fixed frequency PLL's with even lower phase noise. A third is to transmit BOTH the spreading code, and the data. You can think of this technique as sending two channels of data, one which is all 1's (or 0's), the other which is a little more interesting. The two channels are then combined at the reciever to yield the data. A fourth is to use an externaly generated sync signal -- for example a radio transmission that both sender and reciever can hear. (For this aplication, I don't see how this would be used...) Aditional solutions are possible. (What is this S.A.W. thing I read about??) j' From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jay Prime Positive Date: Thu, 4 Feb 93 20:06:05 PST To: cypherpunks@toad.com Subject: `Sunday Times' article on GSM changes Message-ID: <9302042004.aa08268@hermix.markv.com> MIME-Version: 1.0 Content-Type: text/plain I speculated: > Speculation: The "A5 `scrambling code'" is used as the spreading code > for a spread spectrum radio. But I now belive I was wrong. A reader, who I will allow to remain unnamed, informed me that there is only one SS cellular comunication system -- interestingly enough they were using it at the time! They told me that the GSM system is narrow band. So I now ... Speculate: The "A5 `scrambling code'" is an actual cypher system. But the key is negociated between the phone and the cell, not the phone and the other phone. j' From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Tom Libert Date: Thu, 4 Feb 93 20:03:03 PST To: cypherpunks@toad.com Subject: Re: `Sunday Times' article on GSM changes Message-ID: <9302050403.AA10938@toad.com> MIME-Version: 1.0 Content-Type: text/plain Jay Prime Positive writes: > A fourth is to use an externaly generated sync signal -- for example >a radio transmission that both sender and reciever can hear. (For >this aplication, I don't see how this would be used...) Some spread spectrum systems synchronize using the (very accurate) time signals provide by Global Positioning System (GPS) satellites. > Aditional solutions are possible. (What is this S.A.W. thing I read >about??) I don't know where you read it, but it might stand for "Surface Acoustic Wave". From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc.Ringuette@GS80.SP.CS.CMU.EDU Date: Thu, 4 Feb 93 21:13:16 PST To: cypherpunks@toad.com Subject: Re: White House letter Message-ID: <9302050513.AA11882@toad.com> MIME-Version: 1.0 Content-Type: text/plain Dear ld231782, I believe that a good letter to the President has _one_ theme. If it comes out to more than one, write more than one letter. My own emphasis would be on computer security concerns, and the legitimate privacy, anonymity, and electronic-cash interests of Internetters. Aren't these the issues which bring us together as cypherpunks? -- Marc Ringuette (mnr@cs.cmu.edu) p.s. Here are two draft letters for your consideration. Dear President Clinton, Bring democracy to the bits! Let's take a vote among all the bits to decide which value, 0 or 1, is most correct. Then we can set all bits to that value and they will all be equal! Best regards, The Cypherpunks (Socialist Subgroup). Dear President Clinton, Freedom for the bits! We will not rest until each bit is free to determine its own natural orientation without outside coercion. The good news is, you don't need to do anything at all; merely get out of the way of the free market, and the bits will free themselves. Best regards, The Cypherpunks (Anarchist Subgroup). From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "DrZaphod" Date: Fri, 5 Feb 93 07:29:48 PST To: CypherPunks@toad.com Subject: Re: White House letter Message-ID: <23473.drzaphod@ncselxsi> MIME-Version: 1.0 Content-Type: text/plain In Message Thu, 4 Feb 1993 23:22-EST, GS80.SP.CS.CMU.EDU!Marc.Ringuette@netcomsv.netcom.com writes: >Dear President Clinton, > Bring democracy to the bits! Let's take a vote among all the bits > to decide which value, 0 or 1, is most correct. Then we can set all > bits to that value and they will all be equal! >Best regards, The Cypherpunks (Socialist Subgroup). > This one soundz a bit like self-rightiousness [sp?] FIND WHAT IS RIGHT AND MAKE EVERYBODY "RIGHT". I think that's what they're [we're?] already doing. >Dear President Clinton, > Freedom for the bits! We will not rest until each bit is free to > determine its own natural orientation without outside coercion. The > good news is, you don't need to do anything at all; merely get out of > the way of the free market, and the bits will free themselves. >Best regards, The Cypherpunks (Anarchist Subgroup). I like this one.. |-] TTFN! DrZaphod [AC/DC] / [DnA][HP] [drzaphod@ncselxsi.uucp] Technicolorized From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "DrZaphod" Date: Fri, 5 Feb 93 07:29:50 PST To: CypherPunks@toad.com Subject: RE: White House Replies Message-ID: <23484.drzaphod@ncselxsi> MIME-Version: 1.0 Content-Type: text/plain The White House writes: > PS: If you did not include your U.S. mail return address in your > message and you want a reply, please send your message again and > include that information. Well this is completely useless, isn't it.. If we imagine this logically we can see masses of e-mail entering the White House while snail mail trickles out... Definately a buffer problem |-]. At least they're trying, I suppose. TTFN! DrZaphod [AC/DC] / [DnA][HP] [drzaphod@ncselxsi.uucp] Technicolorized From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: sDun@isma.demon.co.uk (Stephen Dunne) Date: Fri, 5 Feb 93 03:23:58 PST To: cypherpunks@toad.com Subject: Re: How to e-mail the White House In-Reply-To: <9302050051.AA07524@toad.com> Message-ID: <728928401snx@isma.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain In article <9302050051.AA07524@toad.com> you write: >> PS: Extra special thanks to Mr. Tribble for finding this. Where did y >>pick >> it up? >> >>Thanks for the thanks, but I just forwarded it. I don't know who >>originated the message. Afterward I noted that the chatty part of the >>message sounded like I had written it. We can appropriately give >>thansk to a now anonymous source :-) >> >>dean > >I've seen it broadcast on a number of listservs, actually; I don't >think it's being kept to any degree of secrecy. However, nearly every >place it was posted soon found follow-ups reporting receiving undelivered >mail messages. Maybe it's encrypted. > >John Coryell. > Nah!! It's Compu$erve bouncing mail because the mail-box is probably full. I can very easily imagine the net totally flooding it!! :-) Stephen -- +--------------------------------------------------------------------------+ |Stephen Dunne DoD#767 sdun@isma.demon.co.uk | |International Securities Market Association I speak for me,thats all| |Voice (+44) 71-538-5656 Fax (+44) 71-538-4902 PGP 2.1 key available | |We are not affiliated to any other Demon.Co.Uk site. (especially Evil!) | +--------------------------------------------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Fri, 5 Feb 93 10:31:51 PST To: cypherpunks@toad.com Subject: Dear Mr. President In-Reply-To: <9302051147.tn12993@aol.com> Message-ID: <9302051829.AA09975@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain I applaud the Clinton administration for making itself available via email. I do not think it advisable, however, to send a single cypherpunks letter. Rather I urge all interested parties to compose their own letters, and send them in separately. Stress privacy, and technological defenses thereto. At risk of offensively stating the obvious, I also urge the following general writer's guidelines: 1) Engage brain before typing. Think about the one thing you want to talk about, and talk about that. 2) Do not be paranoid. Do not rant. These are a sure ways to indicate that more money should be budgeted for public relations. 3) Be brief. If you cannot summarize your argument into a single paragraph, neither will the reader of the mail. The mail system is already overloaded, and concision indicates politeness. 4) Write in standard English. Use a spelling checker, and use complete sentences. 5) Offer to help. Offer to make timely review of proposed policies. If they accept your aid, keep your promises. 6) Have someone else read your letter for content and for form. You can do this yourself if you put the text aside for a week or two. Remember that obsession with keeping every cleverness you think up in a text is the surest way to ensure that it never improve. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: crunch@netcom.com (John Draper) Date: Fri, 5 Feb 93 10:50:46 PST To: cypherpunks@toad.com Subject: A Bug? Message-ID: <9302051847.AA05772@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Don't know if it's something stupid I'm doing, or if there's a bug in the Mac PGP 2.1, but after selecting Text only, and Radix 64 mode, after encrypting the text, I lose all carriage returns after decrypting it. Almost everything I get had no carriage returns in it. I use the Think C editor, or BBEdit for editing my text. Is there an option that permits PGP to retain the carriage returns? JD From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: crunch@netcom.com (John Draper) Date: Fri, 5 Feb 93 11:01:06 PST To: cypherpunks@toad.com Subject: RE: 'Sunday Times' article on GSM changes Message-ID: <9302051857.AA06134@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain >What makes you think they don't have the same kind of REMOB/BLV capability >to the cellular telephone switches? I mean, if a conversation is scrambled >from the mobile phone to the switch over the radio, it must be unscrambled >at the switch before it can be transmitted over the trunk lines into the >PSTN network, and that's where the FBI places their tie-lines and REMOB >units. As far as I know, most cellular interfaces to the BOC system is digital. But I suppose there might be some interface somewhere. I'll put a few "feelers" out and see what I come up with. JD (Scuse line noise..) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Fri, 5 Feb 93 11:17:05 PST To: pmetzger@shearson.com (Perry E. Metzger) Subject: Re: `Sunday Times' article on GSM changes In-Reply-To: <9302051715.AA22381@maggie.shearson.com> Message-ID: <9302051916.AA23983@toad.com> MIME-Version: 1.0 Content-Type: text/plain > > ... voice data requires about 64Khz... Actually I think you meant 64 kbits/sec. > Just as a point of information, you can compress voice into 4kbit/sec > without any real loss of quality. I wouldn't say "without any real loss of quality". I have an AT&T secure phone on loan for evaluation (attendees at the last Mt. View cypherpunks meeting have played with it). It compresses voice to 4800 b/s then encrypts it and uses a stripped down V.32 modem to send it. The voice is intelligible on the other end, but there is definitely a loss of quality. It sounds like you are talking through the bubbler in an aquarium (underwater). But it is possible to recognize someone's voice on the other end, at least when you already know who it is. "No real loss of quality" goes way too far. By the way, I have public domain (federally written) code that compresses voice down to this size. It's called CELP, Code Excited Linear Prediction. The only catch is the code they wrote runs much slower than realtime (on workstations). My guess is that there are significant speedups that we could make by hacking on it and running gprof. Van Jacobson has done some work on this, but his policy seems to be to sit on anything good for two to three years before releasing it. Anyone interested in beating him to the net with something that would compress voice (or voicemail) in realtime on a 486 or a SPARC? John From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ALAN DORN HETZEL JR Date: Mon, 8 Feb 93 07:56:35 PST To: cypherpunks@toad.com Subject: *Private* E-Mail to White House Message-ID: <00967ACF.B07B7BE0.15202@INDIGO.MESE.COM> MIME-Version: 1.0 Content-Type: text/plain Maybe we should suggest as a central theme to our first letter that the White House should set up one or more PGP keys of their own. The main purpose being that then one could E-Mail someone in the administration with reasonable certainty that the message could neither be intercepted nor tampered with. Of course, once they get around to responding via e-mail, it works both ways.... Alan Dorn Hetzel, Jr. dorn@indigo.mese.com p.s. I'm not wired up with PGP yet because i'm using a VAX running VMS and DECUS UUCP. Has anybody ported PGP to this platform? Ideas? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: deltorto@aol.com Date: Fri, 5 Feb 93 08:46:33 PST To: cypherpunks@toad.com Subject: Dear Mr. President Message-ID: <9302051147.tn12993@aol.com> MIME-Version: 1.0 Content-Type: text/plain Here are a few thoughts on the letter we will send to Bill. [A] We should make up a key for the whole group with an insanely long password and all get together and sign it in person. [B] We should send our message to Bill _heavily_ encrypted and as anonymously as possible (I'm talkin' to you remailer studs), and we should send the key under a separate 'envelope.' I suggest that this will definitely get the White House's attention (probably a lot of other people at the No Shit Association too, but hey...). [C] Beyond a congratulatory notes that he has actually bothered to take the Presidency "online," the letter might focus on two main areas: 1. Technology/Privacy: - Privacy and how important it is to the preservation of Democracy. Mentioning the White House email situation to bring it home. - Advancement of technology and how the Government can support us by getting the fuck out of the way and/or providing R&D support (hear, hear, Crunch). I.e let's get those data highways rolling along. - How we feel about the various Intelligence Services of the US Government and how taming them might improve our international reputation. And tell them not to fuck with our mobile phones, etc. Politics: We might also mention how nice it is that he supports Family Values (unlike Bush and rich Cronies), how savvy he is to leave gays in the military alone (unlike most of the GI's I have ever heard of, who mercilessly harrass women), what a good thing it is to house homeless people in unused military barracks and how important it is to send aid to Russia before they come over here and try to live in our unused military barracks, stuff like that. [D] Let's make it a nice letter, full of support, good vibes and humor. We are an interesting group of engineers, artists and creative people and he should be reminded that we are watching him and that he has some support. The guy has a tough job cleaning up all the shit the Bushmen left behind. He deserves some goodwill. [E] ? dave From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pmetzger@shearson.com (Perry E. Metzger) Date: Fri, 5 Feb 93 10:53:24 PST To: huntting@glarp.com Subject: Re: `Sunday Times' article on GSM changes Message-ID: <9302051715.AA22381@maggie.shearson.com> MIME-Version: 1.0 Content-Type: text/plain > From: Brad Huntting > > It would seem that both the sender and reciever need to be exactly > syncronized to within 1/4 of a bit for this to work. Since voice > data requires about 64Khz Just as a point of information, you can compress voice into 4kbit/sec without any real loss of quality. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: crunch@netcom.com (John Draper) Date: Fri, 5 Feb 93 12:20:11 PST To: cypherpunks@toad.com Subject: Re: `Sunday Times' article on GSM changes Message-ID: <9302052019.AA05398@netcom2.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Gilmore writes: >Anyone interested in beating him to the net with something that >would compress voice (or voicemail) in realtime on a 486 or a SPARC? I used to build voice scramblers, but mostly in hardware using a Psuedo noise source. It wirked pretty good, but had to compress the bandwidth down to about 2kHz. Thus the reason why it sounds like talking in a tunnel. Has anyone done a feasability study on whether of not a 486 or Sparc station can do this in real time? It would seem to me that Voice mail systems should incorperate this in their system, thus scrambling the messages unless a access code can be used to retrieve it. JD From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Fri, 5 Feb 93 12:25:23 PST To: cypherpunks@toad.com Subject: 'Sunday Times' article on GSM changes In-Reply-To: <9302051849.AA18299@ack.adstest.analog.com> Message-ID: <9302052022.AA16372@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Eric Fogleman writes: >If getting around GSM encryption is no problem, then why are governments >pushing the issue? Cryptography is all economics. Every barrier adds cost to interception. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: deboni@diego.llnl.gov (Tom DeBoni) Date: Fri, 5 Feb 93 12:44:58 PST To: cypherpunks@toad.com Subject: hardware scramblers Message-ID: <9302052040.AA24629@diego.llnl.gov> MIME-Version: 1.0 Content-Type: text/plain I don't know a whole lot about this subject, but I'd like to hazard a suggestion about hardware scramblers. I once upon a time saw an article in some source, perhaps Popular Science or the like, on how to build a cheap voice scrambler for telephones using a circuit called a ring demodulator (or something like that). The curcuit had a ring of diodes, looking like a bridge rectifier, with the voice and noise source feeding in and some function of the inputs feeding out. The idea was to pick a radio station at random, use its audio as a noise source, and let your partner at the other find the station that renders the signal comprehensble. This only works if both parties have access to the same radio signals, and can easily be defeated in short order by any eavesdroppers with radios, but taping your conversation does them no good. Further, it's cheap, requires no compression or sophisticated hardware, and uses the whole telephone voice bandwidth. I've never tried this, so I don't know how well it works, but since it's an old idea, perhaps it could be dressed up for modern needs. Tom DeBoni deboni@llnl.gov From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dead@phantom.com (Bruce Fancher) Date: Fri, 5 Feb 93 10:05:43 PST To: deltorto@aol.com Subject: Re: Dear Mr. President In-Reply-To: <9302051147.tn12993@aol.com> Message-ID: MIME-Version: 1.0 Content-Type: text/plain >Politics: >We might also mention how nice it is that he supports Family Values (unlike >Bush and rich Cronies), how savvy he is to leave gays in the military alone >(unlike most of the GI's I have ever heard of, who mercilessly harrass >women), what a good thing it is to house homeless people in unused military >barracks and how important it is to send aid to Russia before they come over >here and try to live in our unused military barracks, stuff like that. Why don't we just stick to privacy and encryption and leave out everything else? There is no way I'm going to affix my name to a letter expressing any of the above opinions. -- Bruce Fancher -+- dead@phantom.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: thug@phantom.com (Murdering Thug) Date: Fri, 5 Feb 93 10:18:57 PST To: cypherpunks@toad.com Subject: RE: 'Sunday Times' article on GSM changes Message-ID: MIME-Version: 1.0 Content-Type: text/plain According to what I read it seems that the whole issue of cellular radio signal encryption is really a non-issue. They could have the most secure standard for radio signal encryption and it wouldn't matter. The FBI already uses tie lines and REMOBs (remote observation units) at the telephone switching centers to access the conversation on any particular local loop (phone number) that they want. I know, because in my younger days as a phone phreak my friends and I used to play with REMOBs and BLV all the time, so I personally know that they exist. What makes you think they don't have the same kind of REMOB/BLV capability to the cellular telephone switches? I mean, if a conversation is scrambled from the mobile phone to the switch over the radio, it must be unscrambled at the switch before it can be transmitted over the trunk lines into the PSTN network, and that's where the FBI places their tie-lines and REMOB units. Like someone else in this thread already mentioned, high-level end-to-end encryption is the only way to protect your privacy. Thug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Fogleman Date: Fri, 5 Feb 93 10:52:13 PST To: thug@phantom.com Subject: RE: 'Sunday Times' article on GSM changes Message-ID: <9302051849.AA18299@ack.adstest.analog.com> MIME-Version: 1.0 Content-Type: text/plain (Thug writes) > According to what I read it seems that the whole issue of cellular radio > signal encryption is really a non-issue. They could have the most secure ... > What makes you think they don't have the same kind of REMOB/BLV capability > to the cellular telephone switches? I mean, if a conversation is scrambled ... If getting around GSM encryption is no problem, then why are governments pushing the issue? Eric Fogleman From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: thug@phantom.com (Murdering Thug) Date: Fri, 5 Feb 93 11:40:52 PST To: cypherpunks@toad.com Subject: RE: 'Sunday Times' article on GSM changes In-Reply-To: <9302051849.AA18299@ack.adstest.analog.com> Message-ID: MIME-Version: 1.0 Content-Type: text/plain (Eric Fogleman writes) > (Thug writes) > > According to what I read it seems that the whole issue of cellular radio > > signal encryption is really a non-issue. They could have the most secure > ... > > What makes you think they don't have the same kind of REMOB/BLV capability > > to the cellular telephone switches? I mean, if a conversation is scrambled > ... > > If getting around GSM encryption is no problem, then why are governments > pushing the issue? > > Eric Fogleman The first reason is that they want to steer people's attentions away from the real issues. Thus if they are defeated on this one, they can say "Oh well, we'll be nice guys and you chaps this one.. but from now on leave us alone and let us go about our business of protecting you from yourselves." Basically, they want to fight us every step of the way, to make sure we don't get close enough to really start eating into their security.. The second reason of course is that they want to play super g-men, and ride around in vans full of cellular equipment following their suspects around the city. It's just too damn boring for them to dail up a REMOB at the cellular switch and listen in that way in the confort of their own offices. They need outdoor recreation, they need to feel like they're all James Bond or something. That's what the second reason is. Practically speaking though, cellular encryption does hamper their ability to listen in. Because sometimes they don't have access to the REMOB at a cellular switch, like when they are listening in without a warrant. If they access the REMOB, that would be noted in a log somewhere and then they could have problems if the suspect finds out they were wiretapping without a warrant. If they just pick it off the air, they don't need a warrant. If they do a wiretap the old way, they do. Hence, secure cellular encryption would actually prevent unauthorized wiretapping, which is something they never seem to mention to the people they are empowered to protect. Thug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ncselxsi!chasw@netcom.com (Charles E. Wareing) Date: Fri, 5 Feb 93 15:22:47 PST To: eff.org!phiber@netcom.com (Phiber Optik) Subject: Re: 'Sunday Times' article on GSM changes In-Reply-To: <199302052123.AA26150@eff.org> Message-ID: <9302052253.AA16230@ncselxsi.UUCP> MIME-Version: 1.0 Content-Type: text > > I must admit, the last thing I would've thought I'd see on this list is > mindless, uninformed blabbering about "REMOBz". > Give it a rest, will ya? Maybe I'm a little out-of-sorts today, but... I've heard (via Tv reports, reading, etc) that PhiberOptik (paraphrasing here) "...knows more about Phone Systems than most Bell engineers". Why on Earth would you respond the way you did, rather than: 1. Ignoring it 2. Providing pointers to technical sources 3. Refuting it with information. I flame about *lots* of stuff, though I am, after all, a Sensei. Lose sight of your ability to teach, and you are nothing more than another Technocrat. -- Charlie Wareing [:-)> * "If it ain't broke, don't fix it" chasw@ncselxsi.uucp * "If it's jammed, force it. If it ELXSI 6400s fixed while you wait. * breaks, it needed replacing anyway." From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Fri, 5 Feb 93 16:12:59 PST To: cypherpunks@toad.com, gnu Subject: CELP speech compression code at cygnus.com:/pub/celp.speech.tar.Z Message-ID: <9302060012.AA00780@toad.com> MIME-Version: 1.0 Content-Type: text/plain The code is up for FTP where you-all can get it. I made both compressed and gzip'd versions (gzip gives smaller files than compress, is faster to decompress, but slower to compress). -rw-rw-r-- 1 gnu cygnus 2571835 Feb 5 16:04 celp.speech.tar.Z -rw-rw-r-- 1 gnu cygnus 2099441 Feb 5 16:09 celp.speech.tar.z Much of the tar file is samples of compressed and uncompressed speech, (used for testing the code). The actual C code is about 340K uncompressed, and there's also a Fortran version in there. I have a copy of the actual compression standard, but not online. The Information Liberation Front is welcome to a copy -- maybe I should just leave it on the table at the next meeting and hope someone "anonymously" picks it up and scans it in. It's public domain, so there's no special thrill from liberating it. John From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phiber Optik Date: Fri, 5 Feb 93 13:25:04 PST To: thug@phantom.com (Murdering Thug) Subject: RE: 'Sunday Times' article on GSM changes In-Reply-To: Message-ID: <199302052123.AA26150@eff.org> MIME-Version: 1.0 Content-Type: text/plain I must admit, the last thing I would've thought I'd see on this list is mindless, uninformed blabbering about "REMOBz". Give it a rest, will ya? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pmetzger@shearson.com (Perry E. Metzger) Date: Fri, 5 Feb 93 18:57:18 PST To: cypherpunks@toad.com Subject: Re: CELP speech compression code at cygnus.com:/pub/celp.speech.tar.Z Message-ID: <9302060139.AA06488@maggie.shearson.com> MIME-Version: 1.0 Content-Type: text/plain > From: gnu@toad.com (John Gilmore) > > The code is up for FTP where you-all can get it. I made both compressed > and gzip'd versions (gzip gives smaller files than compress, is faster > to decompress, but slower to compress). > > -rw-rw-r-- 1 gnu cygnus 2571835 Feb 5 16:04 celp.speech.tar.Z > -rw-rw-r-- 1 gnu cygnus 2099441 Feb 5 16:09 celp.speech.tar.z > > Much of the tar file is samples of compressed and uncompressed speech, > (used for testing the code). The actual C code is about 340K uncompressed, > and there's also a Fortran version in there. > > I have a copy of the actual compression standard, but not online. > The Information Liberation Front is welcome to a copy -- maybe > I should just leave it on the table at the next meeting and hope someone > "anonymously" picks it up and scans it in. It's public domain, so > there's no special thrill from liberating it. It occured to me that some people might not get the significance of all this, so prehaps I ought to amplify. With the ability to compress speech down into the same baud rate as, say, a V.32 modem, all one would have to do to have perfectly secure voice communications is replace your phone with a setup that took in your speech, digitized it, compressed it, encrypted it, and sent it over the modem to the other side where this would be inverted. Fast enough software compression of voice would mean any PC with a DSP card and a V.32 modem could become an unbreakable scrambler. The chief problem is that the DSP needed to do decent compression is very crunchy, and encryption also tends to be crunchy, so there aren't typically enough cycles on your average PC. Of course, were someone to commercially market a board that did all this in hardware... Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Fri, 5 Feb 93 12:22:44 PST To: "Perry E. Metzger" Subject: Re: `Sunday Times' article on GSM changes In-Reply-To: <9302051715.AA22381@maggie.shearson.com> Message-ID: <9302052105.aa02995@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > Just as a point of information, you can compress voice into 4kbit/sec > without any real loss of quality. GSM uses 11.5 kbit/s. GSM is also supposed to provide a digital 9600 bd async connection, but I have not yet seen any implementations of data GSM. Some manufacturers are promising to ship products supporting it during 1993... Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phiber Optik Date: Sat, 6 Feb 93 00:09:28 PST To: ncselxsi!chasw@netcom.com (Charles E. Wareing) Subject: Re: 'Sunday Times' article on GSM changes In-Reply-To: <9302052253.AA16230@ncselxsi.UUCP> Message-ID: <199302060808.AA04899@eff.org> MIME-Version: 1.0 Content-Type: text/plain > > > > > I must admit, the last thing I would've thought I'd see on this list is > > mindless, uninformed blabbering about "REMOBz". > > Give it a rest, will ya? > > Maybe I'm a little out-of-sorts today, but... > > I've heard (via Tv reports, reading, etc) that PhiberOptik (paraphrasing > here) "...knows more about Phone Systems than most Bell engineers". Why > on Earth would you respond the way you did, rather than: > > 1. Ignoring it > 2. Providing pointers to technical sources > 3. Refuting it with information. > > I flame about *lots* of stuff, though I am, after all, a Sensei. Lose > sight of your ability to teach, and you are nothing more than another > Technocrat. > > > > -- > Charlie Wareing [:-)> * "If it ain't broke, don't fix it" > chasw@ncselxsi.uucp * "If it's jammed, force it. If it > ELXSI 6400s fixed while you wait. * breaks, it needed replacing anyway." > > OK, you forced me into it. Sigh. The reason for the short quip is because I know the person who posted it, and I get rather impatient after the thousandth time hot air starts up the silly rumor mill. A telecom manufacturing company by the name of Teltone makes a product called a REMOBS, for REMote OBservation System (their part number M240, M241, M242). Somewhere along the line, numerous years ago, someone must've thought this was a "cool" name, and wrote a text file which was uploaded to various "underground BBS's", making up a whole fantasy story that this is some top secret system, and one could simply dial into it, enter a code in touch-tone, enter a phone number, and proceed to listen in on a conversation. THIS IS COMPLETE NONSENSE. Because of this misinformation, every time some kid comes across some unknown phone number (anything from phone company test lines, to beepers), they claim they've found a "REMOB". There's always some blatant liar who contributes to the propaganda by claiming they listen in to phone lines. The actual product (go ahead and order the specs), is to sample trunk quality by making a metallic connection. The archaic M240 from the 70's, was for electromechanical switches, the M241 was a portable model, and I believe the M242 was for electronic switches. They do have a remote feature, which allows one to enter a code and specify a sequence of digits indicating a certain trunk (depending on however it was wired in). It's a rather low-tech piece of equipment, and suffice to say, the BOCs DO NOT USE IT. There are a number of trunk and line testing systems which have been in standard use in the RBOCs for years. The fabled "REMOB" is not one of them. In brief, the Switching Control Centers (SCCs) and Network Terminal Equipment Centers (NTECs) use a system called CAROT (Centralized Automatic Reporting On Trunks), a batch system that in turn uses the complement of standard test lines (1004Hz S/N, type 105 ATMS, short ckt, open ckt, impedance, etc, etc.) to provide more than adequate testing of trunks. Digital switches (i.e. 5ESS and DMS100) have their own trunk testing facilities. As far as line testing goes, the Repair Service Bureau (RSB) uses a plethora of systems. Namely LMOS/MLT (Loop Maintenance Operations System/Mechanized Line Testing), Tracker, Predictor, etc., etc. I could go on and on, but I think I've made my point. It's a SCIENCE, and it's silly to even consider such an irrelevant piece of garbage as a REMOBS. It's a gross and purposeless rumor, and now you see why I hesitated wasting the time in explaining all this, because it comes up OVER and OVER and OVER. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "DrZaphod" Date: Sat, 6 Feb 93 09:27:02 PST To: CypherPunks@toad.com Subject: RE: 'Sunday Times' article on GSM changes Message-ID: <30494.drzaphod@ncselxsi> MIME-Version: 1.0 Content-Type: text/plain In Message Fri, 5 Feb 93 13:14:58 EST, phantom.com!thug@netcomsv.netcom.com (Murdering Thug) writes: >According to what I read it seems that the whole issue of cellular radio >signal encryption is really a non-issue. They could have the most secure >standard for radio signal encryption and it wouldn't matter. The FBI >already uses tie lines and REMOBs (remote observation units) at the telephone >switching centers to access the conversation on any particular local loop >(phone number) that they want. The reason cells are encrypting is to protect against "unauthorized persons" [i.e civilians who havn't joined the fedz and DON'T live off other people's money [ours]]. I think this is another case that shows: letting other people encrypt your data for your protection never works out to be much good. I agree with Thug in that we need to employ our OWN encryption from one end to the other. That CRYPTOCUP soundz pretty good right about now. TTFN! DrZaphod [AC/DC] / [DnA][HP] [drzaphod@ncselxsi.uucp] Technicolorized From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: thug@phantom.com (Murdering Thug) Date: Sat, 6 Feb 93 12:16:33 PST To: cypherpunks@toad.com Subject: Compressed/Encrypted Voice using Modems In-Reply-To: <9302060139.AA06488@maggie.shearson.com> Message-ID: MIME-Version: 1.0 Content-Type: text/plain Perry E. Metzger writes: > It occured to me that some people might not get the significance of all > this, so prehaps I ought to amplify. > > With the ability to compress speech down into the > same baud rate as, say, a V.32 modem, all one would have to do to have > perfectly secure voice communications is replace your phone with a > setup that took in your speech, digitized it, compressed it, encrypted > it, and sent it over the modem to the other side where this would be > inverted. Fast enough software compression of voice would mean any PC > with a DSP card and a V.32 modem could become an unbreakable scrambler. > The chief problem is that the DSP needed to do decent compression is > very crunchy, and encryption also tends to be crunchy, so there aren't > typically enough cycles on your average PC. Of course, were someone to > commercially market a board that did all this in hardware... This is a device waiting to be built, if it has not been built already. I would estimate that a pair of such stand-alone encrypted telephones can be built for under $2000 and about a month or two of development time. And why are you limiting this to V.32 (9600bps)? V.32bis (14.4k bps) modem chips cost maybe 20% more than v.32 chips in quantity. Even higher speeds are available if you're willing to go that far. Zyxel v.32bis modems have proprietary 16.8 kbps and 19.2 kbps full duplex raw modulation rates, but they use DSPs instead of modem chips like the ones from Rockwell, AT&T, and Intel. I believe there are some v.FAST (not CCITT compliant) modems like the one's from Motorola (Codex) that can do 21.6 kbps and 24.0 kbps. I believe the final speed of v.FAST once standardized by the CCITT will be 28.8 kbps. Even so, if CEPT coding provides somewhat intelligeable speech at 4800 bps, then I am sure the sound quality at 14,400 bps is at least as good as regular analog telphone conversations when it comes to voice. Consider a device that uses this: A. a dedicated CEPT codec chip if they currently exist OR a DSP chip programmed for CEPT compression coding/decoding B. a high-speed dedicated DES chip OR a RISC microcontroller (i960/amd29k) to do IDEA or LOKI C. a quality UART like the Zilog SCC or National 16550AFN D. an external 14,400 bps modem ( v.42 & v.42bis turned off) _____ _____ _____ _____ earpiece <-----| | | | | | | | | | bus | | bus | | RS-232 | | | A |-------| B |-------| C |--------| D |-----: RJ-11 | | | | | | | | jack mouthpiece >-----|_____| |_____| |_____| |_____| | | dialing keypad on/off-hook switch circuit Of course, if the FBI's Digital Telephony act passes it would be illegal to sell such devices if they do not have a back door. HOWEVER, it would not be illegal to build such devices for personal use. Hence, one may publish the schematics and DSP/microcontroller source code to such a device and let people build them themselves. However, the masses would not benefit from this. Only those with the skills or those with the money (mafia/drug lords) to pay those with the skills, would be able to produce such devices for their own use. The FBI's proposal would not stop the people they want to catch most from using encryption. The FBI is wasting their time, and taking away our rights for no good reason. I assume a black market for such devices as the above already exists and will expand massively as the price of DSPs and RISC microcontrollers drops. The logical end result would be to put this whole device onto a single VLSI chip, and selling such crypt-phones for $100-200 a pop to the mases, but there's a snowballs chance in hell of that happening if the world's governments have anything to do with it. Thug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phil Karn Date: Sat, 6 Feb 93 18:17:30 PST To: deltorto@aol.com Subject: Re: White Mail Message-ID: <9302070216.AA22433@servo> MIME-Version: 1.0 Content-Type: text/plain >E-MAIL RULING MAY HAMPER CLINTON ADMINISTRATION Hmm, I wonder what would happen if they start using PGP? After all, the Federal government has full rights to use RSA. (Dunno about IDEA). I have mixed feelings on this issue. On the one hand, the people have a right to know how government authority is being exercised. On the other hand, even people in government have privacy rights. And if you mandate that their email is a public record, then they will just find other ways to have private conversations. Maybe the real answer lies in not giving them so much power in the first place. Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Arthur Abraham Date: Sat, 6 Feb 93 22:05:56 PST To: cypherpunks@toad.com Subject: It's the Information, (that keeps you from being) Stupid! Message-ID: <199302070603.AA14462@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Charles E. Wareing writes: >I've heard (via Tv reports, reading, etc) that PhiberOptik (paraphrasing >here) "...knows more about Phone Systems than most Bell engineers". Why >on Earth would you respond the way you did, rather than: > > 1. Ignoring it > 2. Providing pointers to technical sources > 3. Refuting it with information. I strongly support this statement, particularly 3. -a2. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Shipley Date: Sat, 6 Feb 93 22:16:48 PST To: thug@phantom.com (Murdering Thug) Subject: Re: Compressed/Encrypted Voice using Modems In-Reply-To: Message-ID: <9302070615.AA19855@edev0.TFS> MIME-Version: 1.0 Content-Type: text/plain > >And why are you limiting this to V.32 (9600bps)? V.32bis (14.4k bps) modem >chips cost maybe 20% more than v.32 chips in quantity. > at Interopt I heard some voice demos that were at 9600 4800 and 2400 baud the 2400 sounded a phoneme chip but was *very* resionable. -Pete From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Sat, 6 Feb 93 22:06:54 PST To: thug@phantom.com (Murdering Thug) Subject: Re: Compressed/Encrypted Voice using Modems In-Reply-To: Message-ID: <9302070605.AA27822@hodge> MIME-Version: 1.0 Content-Type: text/plain >> Of course, if the FBI's Digital Telephony act passes it would be illegal to >> sell such devices if they do not have a back door. Not True. The proposed legislation states: (a) Providers of electronic communication services and private branch exchange operators shall provide within the United States capability and capacity for the government to intercept wire and electronic communications when authorized by law: This law does not prevent *users* from providing *end-to-end* encryption. This does not mean that they might not try to remove this right in the future, but they haven't gone that far yet. Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phiber Optik Date: Sat, 6 Feb 93 22:49:38 PST To: gnu@toad.com Subject: Re: 'Sunday Times' article on GSM changes In-Reply-To: <9302061733.AA10282@toad.com> Message-ID: <199302070648.AA14155@eff.org> MIME-Version: 1.0 Content-Type: text/plain > > Thanks for going into more detail on the REMOB fantasy. > > Can you tell the group what facilities are available that actually do > allow a technician to monitor a particular line (or group of lines), > e.g. what could a telco emp or a phone phreak do (regarding a short or > long term wiretap) if they wanted? And what facilities are *actually > used* when a court-ordered wiretap is implemented? My impression is > that the two are different. > > John > I'm glad you brought up this subject, John, because there is indeed a good deal of misinformation in this area. I'll start off with some of the numerous facilities available to a telco technician. The first I'll mention is MLT (Mechanized Loop or Line Testing), a system which is part of the LCAMOS group of systems (Loop and Cable Admini- stration Maintenance Operations System). Used by Repair Service Attendants, it's seamlessly accessed through LMOS (Loop Maintenance Operations System), when the attendant specifies a 'mask' (form type) that would involve a real- time test to be performed. At the heart of LMOS is a System 370-type pro- cessor. Attendants access the various functions through a Front End (FE) system, commonly running Unix. The data comprising customer records and their corresponding trouble reports/service histories is kept on a high- capacity storage system (nicknamed the HICAPs). Each front-end accesses data from different HICAPs for the respective areas they cover. Getting back to masks, when the attendant gets a call on 611, upon the customer hanging up, they usually issue the TEST mask, which accesses MLT which in turn establishes a metallic connection to the phone line. MLT then carries out impedance, capacitance, frequency/amplitude response tests (at 404Hz, 1004Hz, and 2804Hz, standard), tests for line activity, etc., etc. The attendant then has the option to open a trouble record (using the ESTablish mask), to initiate further testing and repair, possibly dispatching someone, etc. I'm getting a bit off topic, but I thought some background was in order rather than just saying "MLT monitors lines, so there". What I'm driving at in this scenario is that there is also a mask known as TV, for Trouble Verification. The /FORm associated with this mask requests such information as the phone number, the 3-digit employee code, a callback number for security, and the type of TV (RCA, Magnavox, Toshiba, just kidding :), types being talk, (the attendant can be heard) or monitor without speech path, to name the most relevant. It would not be impossible to substitute "someone with a computer and the know-how" in the place of the word "attendant", but don't overestimate this possibility. It's bragged about FAR more than it is actually done. But it remains a possibility. I'll continue this in successive messages, so it's in manageable chunks. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phiber Optik Date: Sat, 6 Feb 93 23:44:31 PST To: cypherpunks@toad.com Subject: (Non)Privacy in Phone System... Message-ID: <199302070743.AA14539@eff.org> MIME-Version: 1.0 Content-Type: text/plain My last message was about LMOS/MLT, and MLT's monitoring capabilities of subscriber lines. Another phone company testing system worth mentioning is SARTS (and DACS and SMAS. That's three, but they're related.) SARTS is the Switched Access Remote Test System, and is used in testing special service circuits. And what's special service? A lot of things that AREN'T POTS (Plain Old Telephone Service). Anything from WATS service, to digital carriers (DDS, T1, etc.), and so on. And it's the hard working men and women of the aptly named Special Services Center (or just "Special Services") who oversee nearly every aspect of installation and maintenance. Ah, yes. (Clears throat) The reason I mention them is because every digital carrier goes through your friendly neighborhood BOC central office, whether it be a company's private carrier or someone's dedicated connection to the Internet (EFF's, toad's, etc.). Like MLT is a system used to test subscriber lines in real time, so SARTS is a system used to test special service circuits. In conjunction with SMAS (Switched Maintenance Access System), and the ability to jack-in with their favorite test equipment (such as the much liked T-BERD), together they make up an unbeatable arsenal in trouble shooting. So why do they screw up your leased-line service? There are three rules in maintenance: Training, training, and, of course, training. Or lack thereof. The lovely system which complements these, and even supercedes the need for SMAS points, is DACS, the Digital Access and Cross-connect System. One of its most notable abilities, is providing per-channel 64kbps (DS0) electronic cross-connection and test access to individual channels, IN ANALOG OR DIGITAL FORM, from a T1 (DS1). Sounds neat. The FBI says "It can't be done! You have to make it built in!" But it IS built in, they're just not allowed to play with it (or are they anyway?) Life is funny sometimes. I'm going to pause for now, and concentrate on my Sherlock Holmes movie. I'll see if my messages are well received, and pick it up tomorrow. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jim@tadpole.com (Jim Thompson) Date: Sun, 7 Feb 93 02:03:20 PST To: thug@phantom.com Subject: Re: Compressed/Encrypted Voice using Modems Message-ID: <9302071001.AA00783@ono-sendai> MIME-Version: 1.0 Content-Type: text/plain > From: Peter Shipley > >And why are you limiting this to V.32 (9600bps)? V.32bis (14.4k bps) modem > >chips cost maybe 20% more than v.32 chips in quantity. > > at Interopt I heard some voice demos that were at 9600 4800 and 2400 baud > the 2400 sounded a phoneme chip but was *very* resionable. Quite likely what you heard were 9600/4800/2400bps (bits per second), not baud. The two are different. 2400bps compression of voice is quite a bit beyond current GP CPUs. Also, note that 9600 baud (V.32 carriers) are based on a 2400bps carrier. (And if they're not, I'm sure someone will correct me.) 2400 baud modems are based a bit rate something less than 2400bps, though I can't remember exactly what it is right now. Jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jim@tadpole.com (Jim Thompson) Date: Sun, 7 Feb 93 02:58:06 PST To: thug@phantom.com Subject: Re: Compressed/Encrypted Voice using Modems Message-ID: <9302071056.AA00916@ono-sendai> MIME-Version: 1.0 Content-Type: text/plain > And why are you limiting this to V.32 (9600bps)? V.32bis (14.4k bps) modem > chips cost maybe 20% more than v.32 chips in quantity. > > Even higher speeds are available if you're willing to go that far. Zyxel > v.32bis modems have proprietary 16.8 kbps and 19.2 kbps full duplex raw > modulation rates, but they use DSPs instead of modem chips like the > ones from Rockwell, AT&T, and Intel. I believe there are some v.FAST > (not CCITT compliant) modems like the one's from Motorola (Codex) that > can do 21.6 kbps and 24.0 kbps. I believe the final speed of v.FAST once > standardized by the CCITT will be 28.8 kbps. I don't see how a 28.8kbps (raw) data rate is possible, as the Shannon limit for a POTS line is 22kbps. Certainly parts of the phone system no longer impose the narrow bandwidth that are part of the 'spec', but one can not always depend on getting a line that exceedes the published parameters of the phone system. The Rockwell (RC96AC/RC96ACL/RC144AC/RC144ACL) modem chip (set) has an on-board codec that does ADPCM in hardware. It makes for a very nice programable answering machine. Interestingly, the designers guide has someting to say about bit rates. At a sampling rate of 7.2 KHz, (the only sample rate this chipset supports) 8 bit samples are presented at a bit rate of 57600 bps. Add in a start/stop bit, and you now need a DTE rate of 72,000 bps. Most UARTS don't support this rate, and thus you will need to find one that will run at 115.2 Kbps. Drop to 4 bit samples, and you get a bit rate of 28,800 bps, for a required async DTE speed of 36,000. (or 38400 bps on most uarts.) I'm also fairly sure that recent Zyxel modems (e.g. the U-1496) use this Rockwell chip(set), and not a dedicated DSP. Jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "A.J. Janschewitz" Date: Sun, 7 Feb 93 06:35:39 PST To: cypherpunks@toad.com Subject: Request from a new reader. Message-ID: <2938181047.1.p00258@psilink.com> MIME-Version: 1.0 Content-Type: text/plain I am new to this group and apologize if my request is covered in a FAQ. Would someone kindly point me to an FTP site or the location of a binary application that can be used to encrypt/decrypt text in an MS-DOS environment? I understand that PGP is UNIX-based, unless there is a DOS version of which I am unaware, but that's why I'm reading this group. Thank you in advance for your help. ==a.j.== From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dclunie@pax.tpa.com.au (David Clunie) Date: Sat, 6 Feb 93 16:33:58 PST To: cypherpunks@toad.com Subject: PAX code posted Message-ID: <9302070032.AA03792@britt> MIME-Version: 1.0 Content-Type: text/plain After many requests from loyal fans, I have posted the ugly and crude scripts that used to be the PAX anonymous and encrypted remailing service to alt.sources. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dionf@ERE.UMontreal.CA (Francois Dion) Date: Sun, 7 Feb 93 09:13:29 PST To: jim@tadpole.com (Jim Thompson) Subject: Re: Compressed/Encrypted Voice using Modems In-Reply-To: <9302071001.AA00783@ono-sendai> Message-ID: <9302071709.AA28201@brise.ERE.UMontreal.CA> MIME-Version: 1.0 Content-Type: text/plain Beyond the ultraworld of Jim Thompson: > > > > From: Peter Shipley > > > at Interopt I heard some voice demos that were at 9600 4800 and 2400 baud > > the 2400 sounded a phoneme chip but was *very* resionable. > > Quite likely what you heard were 9600/4800/2400bps (bits per second), > not baud. The two are different. 2400bps compression of voice is > quite a bit beyond current GP CPUs. Well, almost true. 9600 baud !=9600 bps in modems. 9600 bps modems are actually 2400 token per seconds, with each token beeing 4 bit long. 2400 bps modems are also 2400 bauds (token per seconds) like the 9600 bps modems, but with each token beeing 1 bit. > Also, note that 9600 baud (V.32 carriers) are based on a 2400bps carrier. No, it's the inverse 9600 bps are based on 2400 baud. > (And if they're not, I'm sure someone will correct me.) 2400 baud modems > are based a bit rate something less than 2400bps, though I can't remember > exactly what it is right now. No, a 2400 bps modem is 2400 baud because each token is 1 bit long. Ciao, -- Francois Dion ' _ _ _ CISM (_) (_) _) FM Montreal , Canada Email: CISM@ERE.UMontreal.CA (_) / . _) 10000 Watts Telephone no: (514) 343-7511 _______________________________________________________________________________ Audio-C-DJ-Fractals-Future-Label-Multimedia-Music-Radio-Rave-Video-VR-Volvo-... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: thug@phantom.com (Murdering Thug) Date: Sun, 7 Feb 93 09:46:59 PST To: cypherpunks@toad.com Subject: Modem Based Crypto Telephones In-Reply-To: <9302071056.AA00916@ono-sendai> Message-ID: MIME-Version: 1.0 Content-Type: text/plain jim@tadpole.com writes: > thug@phantom.com writes: > > Even higher speeds are available if you're willing to go that far. Zyxel > > v.32bis modems have proprietary 16.8 kbps and 19.2 kbps full duplex raw > > modulation rates, but they use DSPs instead of modem chips like the > > ones from Rockwell, AT&T, and Intel. I believe there are some v.FAST > > (not CCITT compliant) modems like the one's from Motorola (Codex) that > > can do 21.6 kbps and 24.0 kbps. I believe the final speed of v.FAST once > > standardized by the CCITT will be 28.8 kbps. > > I don't see how a 28.8kbps (raw) data rate is possible, as the Shannon > limit for a POTS line is 22kbps. Certainly parts of the phone system > no longer impose the narrow bandwidth that are part of the 'spec', but > one can not always depend on getting a line that exceedes the published > parameters of the phone system. Then how come Hayes demonstrated their v.FAST modems at Fall Comdex '92 in Las Vegas. According to the report on Comdex I am reading, the Hayes modem dialed up another modem at Hayes headquarters in Atlanta and set up a perfect 28.8 kbps full duplex raw data link. With v.42bis the two modems were exchanging text at close to 115.2 kbps. > The Rockwell (RC96AC/RC96ACL/RC144AC/RC144ACL) modem chip (set) has an > on-board codec that does ADPCM in hardware. It makes for a very nice > programable answering machine. Interestingly, the designers guide has > someting to say about bit rates. > > At a sampling rate of 7.2 KHz, (the only sample rate this chipset > supports) 8 bit samples are presented at a bit rate of 57600 bps. Add > in a start/stop bit, and you now need a DTE rate of 72,000 bps. Most > UARTS don't support this rate, and thus you will need to find one that > will run at 115.2 Kbps. This is way more than what is needed for telephone quality audio. I have programmed voice mail systems based on Dialogic hardware. They use a simple ADPCM codec and 6,000 4-bit samples/second. This gives you a audio bandwidth of 3khz, basically telephone quality. At this rate, we're talking about 6,000 x 4 bits = 24,000 bps. And this is WITHOUT any kind of advanced compression. A v.FAST modem doing 24.0 kbps like the Motorola Codex can handle this now, and 28.8 kbps modems can handles this and provide a 4kbps digital subcarrier for carrying data with voice. For instance, I could be having an encrypted conversation with you and at the same time, I can send you a spreadsheet file at 4 kbps. Obviously since the entire 28,800 bps stream would be encrypted, the spreadsheet file would be encrypted as well. You can also get excellent quality using 4800 samples/second using 3-bit ADPCM samples. This would give you 14,400 bps and an analog bandwidth of 2400hz. This is lower than phone quality which is 3000hz, but anything above 2400hz is really useless for transmitting a male speaking voice which hardly ever goes past 2000hz. A female voice on the other hand might sound somewhat distorted if everything above 2400hz is chopped off. However, using a DSP, one may shift the 0-2400hz bandwidth to 300-2700hz using a toggle switch. Thus all a female would have to do is toggle a switch on the cryptophone to tell the other side about the shift. > I'm also fairly sure that recent Zyxel modems (e.g. the U-1496) use > this Rockwell chip(set), and not a dedicated DSP. No, Zyxel uses a DSP. They are always updating their DSP roms to provide new features. Not only do Zyxel modems provide v.32/v.32bis/v.42/v.42bis, and MNP 1-5, but also MNP 10, Caller ID, Voice Mail, and proprietary 16.8 kbps and 19.2 kbps full duplex modes. As soon as ISDN hits the streets, we won't have to worry about bandwidth since it will be quite easy to build an all-digital crypto-phone that provides end-to-end encryption based on a public key system. Picture this: an ISDN phone that can operate in normal or encrypted mode, that has a small 20mb 1.8" hard disk or flash eprom card to store the public keys of all the people that you converse with who have similar phones. In fact, it is possible to set up a trusted centralized public key directory assistance like service, which would contain perhaps everyone's public key, and could be queried automatically at the beginning of each call. The 20mb storage could be a public key storage cache for people you call frequently, while the public key directory assistance is used for people who you only plan to call once. On the other hand, a centralized authority is always bad when it comes to security. A PGP-like scheme of decentralized public key distribution is much safer. If Bob wants to give Mike's public key (which is stored in Bob's phone) to Joe, all Bob has to do is call up Joe, tell Joe that he that he wants to give him's Mike's phone number and public key. Bob then presses a button on his phone and instantly uploads Mike's public key to Joe's phone, either via a digital subchannel, or via the main channel (and interrupt the conversation for a few seconds), like the old video phones used to do to transmit still frames. Thug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sun, 7 Feb 93 18:38:49 PST To: p00258@psilink.com Subject: Request from a new reader. In-Reply-To: <2938181047.1.p00258@psilink.com> Message-ID: <9302080236.AA05195@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain anon-ftp to soda.berkeley.edu::pub/cypherpunks. There's a copy of PGP there. Get the .zip version; it's a PC binary. PGP was originally written on PC's and later moved to Unix. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fnordbox!loydb@cs.utexas.edu (Loyd Blankenship) Date: Sun, 7 Feb 93 22:34:38 PST To: @adi.analog.com:Eric.Fogleman@analog.com Subject: Re: 'Sunday Times' article on GSM changes Message-ID: <9302080056.AA00azz@fnordbox.UUCP> MIME-Version: 1.0 Content-Type: text/plain :(Thug writes) : :> According to what I read it seems that the whole issue of cellular radio :> signal encryption is really a non-issue. They could have the most secure :... :> What makes you think they don't have the same kind of REMOB/BLV capability :> to the cellular telephone switches? I mean, if a conversation is scrambled :... Eric Fogleman writes: : :If getting around GSM encryption is no problem, then why are governments :pushing the issue? This actually hits on one of my favorite rant topics. The feds like to scream about how hard it is to tap a phone line with digital switching et al, but don't talk about the fact that anyone with half a brain can tap a line using the phone company's LMOS. The only rational theory I've come up with to explain this is that the feds aren't worried about court-ordered wiretaps, but about illegal wiretaps. I bet there's a *lot* of monitoring going on out there that they can't get a court order for, so they're doing it themselves. Monitoring without the cooperation of the phone company will get harder when the company starts paying more attention to security -- whether through encryption or simply using a shredder. :-) Loyd *************************************************************************** * loydb@fnordbox.UUCP Call the Fnordbox BBS * Loyd Blankenship * * GEnie: SJGAMES 2 v32bis lines, 24 hrs * PO Box 18957 * * Compu$erve: [73407,515] 512/444-2323 * Austin, TX 78760 * * cs.utexas.edu!dogface!fnordbox!loydb * 512/447-7866 * *************************************************************************** From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phil Karn (Phil Karn) Date: Sun, 7 Feb 93 22:07:22 PST To: jim@tadpole.com (Jim Thompson) Subject: Re: Compressed/Encrypted Voice using Modems Message-ID: <9302080605.AA27589@servo> MIME-Version: 1.0 Content-Type: text/plain At 7 Feb 04:56 CST, Jim Thompson wrote: >I don't see how a 28.8kbps (raw) data rate is possible, as the Shannon >limit for a POTS line is 22kbps. Certainly parts of the phone system >no longer impose the narrow bandwidth that are part of the 'spec', but >one can not always depend on getting a line that exceedes the published >parameters of the phone system. Where do you get this figure of 22 kbps? I would tend to dispute it since I use a Codex FAST modem on my SLIP link and it really does run at 24.0 kb/s on the wire (not counting compression). The throughput display often reads 30 kb/s even when I'm shipping a pre-compressed or encrypted binary file, although that's a phony figure because it includes the asynch start/stop bits that aren't actually sent over the wire. The usual Shannon limit of a phone line is more like 30 kb/s, although it can vary enormously. Generalizations are dangerous. At the very least, you can certainly say that it's no greater than 64kb/s, since it's almost certain that your call passes through a mu-law codec somewhere. Back to vocoders, their quality does tend to be a strong function of data rate. 8kb/s CELP is really not that bad - a little warbly when there's background noise, but not objectionably so in my opinion. In a mobile telephone environment (where I'm familiar with it), it's *much* less objectionable than the usual impairments you get from ordinary FM analog transmission. 4kb/s is noticeably worse. Things get rapidly better as you go above 10-12 kb/s with present algorithms. Also, vocoders need not be constant rate. Ours selects one of four rates on the fly depending on voice activity, which doubles capacity in a CDMA radio environment. It'd also be useful in a packet network, although the small frame sizes (2/5/10/22 bytes) can make header overhead rather significant. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: root@extropia.wimsey.com (Anonymous) Date: Sun, 7 Feb 93 22:51:41 PST To: cypherpunks@toad.com Subject: No Subject Message-ID: <199302080630.AA01555@xtropia> MIME-Version: 1.0 Content-Type: text/plain Hi - I tried to use the anon.penet.fi remailer and got a warning that some people had hacked it to find out for which anonymous ID any user had. It sounded like they would forge mail from the person they wanted to find out about, have it go through penet, and then go to themselves. Then they could look and see what anonymous ID it seemed to come from. This has been fixed by making people register a password with the remailer and then use it whenever they want to forward mail. I'd like to see some discussion here about this problem so that other remailers can avoid it. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: John.Nieder@f33.n125.z1.FIDONET.ORG (John Nieder) Date: Mon, 8 Feb 93 07:59:06 PST To: cypherpunks@toad.com Subject: CLINTON'S E-MAIL HOAX Message-ID: <4809.2B768048@fidogate.FIDONET.ORG> MIME-Version: 1.0 Content-Type: text/plain from: john.nieder@f33.n125.z1.fidonet.org >The White House writes: > PS: If you did not include your U.S. mail return address in your > message and you want a reply, please send your message again and > include that information. ] Well this is completely useless, isn't it.. If we imagine this ]logically we can see masses of e-mail entering the White House while snail ]mail trickles out... Definately [sic] a buffer problem |-]. At least ]they're trying, I suppose... ]DrZaphod The White House E-Mail gambit is a gimmick without substance. One - according to a previous Cypherpunks post, the e-mail isn't getting through; two - they want mailing addresses for acknowledgement, which is absurd for any number of obvious reasons (take your pick or come up with your own); finally (this is the _real_ kicker), tonight's news informs me that the Clinton White House is making a "symbolic" cost-cutting gesture by reducing staff "up to 25%." Where will these reductions come from? "The reductions will come mostly from staff whose job is to respond to mail from the public." This hoax is the biggest joke since Rush Limbaugh gave out his CompuServe address. A collective Cypherpunk e-letter to Slick? Let's not & say we did...[yawn!] JN ["The White House is informed that no group or persons are authorized by Mr. Nieder to speak on his behalf, including Mr. Clinton."] ... Source: "Deniable Asset Squares Up" - San Francisco, CA --- Blue Wave/Opus v2.12 [NR] -- John Nieder - via FidoNet node 1:125/555 UUCP - ...!uunet!hoptoad!kumr!fidogate!33!John.Nieder INTERNET - John.Nieder@f33.n125.z1.FIDONET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phiber Optik Date: Sun, 7 Feb 93 21:22:26 PST To: jim@tadpole.com (Jim Thompson) Subject: Re: Compressed/Encrypted Voice using Modems In-Reply-To: <9302071001.AA00783@ono-sendai> Message-ID: <199302080521.AA05963@eff.org> MIME-Version: 1.0 Content-Type: text/plain > > > > From: Peter Shipley > > > >And why are you limiting this to V.32 (9600bps)? V.32bis (14.4k bps) modem > > >chips cost maybe 20% more than v.32 chips in quantity. > > > > at Interopt I heard some voice demos that were at 9600 4800 and 2400 baud > > the 2400 sounded a phoneme chip but was *very* resionable. > > Quite likely what you heard were 9600/4800/2400bps (bits per second), > not baud. The two are different. 2400bps compression of voice is > quite a bit beyond current GP CPUs. > > Also, note that 9600 baud (V.32 carriers) are based on a 2400bps carrier. > (And if they're not, I'm sure someone will correct me.) 2400 baud modems > are based a bit rate something less than 2400bps, though I can't remember > exactly what it is right now. > > Jim > > I'd wanted to say something about this for quite some time. Everyone gets it wrong, and let's just say you were CLOSE. Lemme give a quick run down... bps, or bits-per-second, is the bit rate of the datastream. Now the rate of MODULATION is called baud, named after the transmission engineer (telegraphy), Baudot. Very simply, when you divide the bit-rate by the number of bits per symbol, you get baud. Everyone is in the (bad) habit of saying 'baud' for everything, because in FSK systems which code 1 bit per symbol (only two phases), bps = baud. But then and ONLY then. They are not universally synonymous. But don't feel bad, the entire modem INDUSTRY gets it wrong, too. We're all throw backs to the 300 baud days, when 300 baud was the same as 300 bps, the Bell 103 standard. This was also true for 110 baud, and the Bell 202 standard (1200 baud half-duplex). Now then, when 1200 bps FULL duplex was designed by CCITT, it was the V.22 standard. The Bell system created the Bell 212A standard. In either case (they were slightly different), Differential Phase Shift Keying (DPSK) was the modulation scheme, with four phases, and TWO bits per symbol to encode each phase. Hence, the full duplex 1200 bps standard modulates at a rate of 600 bauds. Yes, in engineering, you say 1 baud, and 2 or more bauds, but just saying baud is accepted. Another principle was introduced, called scrambling (that noise sound you hear when modems handshake is the scrambler kicking in). This alleviates the fact that the higher the rate of modulation, the more likely that multiple identical symbols in a row will cause phase sync errors. The scrambler ensures that a bit (1 or 0) does NOT get modulated to the same phase repeatedly. This is similar to digital carrier systems, which use AMI (Alternate Mark Inversion), and have schemes such as BnZS or HDB3 (Binary N Zero Substitution and High Density Binary 3). But lemme not confuse you. I was just drawing up the parallel. The scrambler is just a pseudorandom sequence generator (there's a descrambler, too). Phases are measured in degrees (360), and each phase is encoded depending on the number of bits per symbol. In V.22 and Bell 212A, there are four phases, 0, 90, 180, and 270. And each phase is coded with two bits, or dibits (two bits per symbol, remember?) Now, we all use the CCITT standard for 2400 bps. It's called V.22bis. It uses a scheme known as QAM, Quadrature Amplitude Modulation. The rate of modulation is also 600 bauds, but the use of amplitude as well as phase come into play, and double the throughput. There are four levels of phase, and four levels of amplitude, encoded using 4 bits per symbol (quadbits). Isn't this fun? There are a few 4800 bps systems, none of which really matter. For 9600 bps, we use recommendation V.32. QAM again, (as was 4800 and 2400), with two modes of operation: 16 carrier states, and 32 achieved using trellis encoding. 16 carrier states equals 4 bits per symbol again (QUADrature), and simple arithmetic should tell you that the modulation rate is 2400 bauds. V.32bis is an improved (and clever) scheme, with a bit rate of 14400 bps. Everything I mentioned are full duplex systems (except Bell 202). Higher bit rates are achievable in half duplex systems, these modems are generally used for transfers (polling for mail/news). Oh, don't forget our error correction/compression protocols. V.42 (EC), and V.42bis (EC and compression) being the most common. V.42bis can achieve a maximum of 4:1 compression ratio, increasing throughput. There's also your Microcom Networking Protocol (MNP), MNP level 5 being the most common and usually used at lower data rates. Whew. I'm probably giving you guys information overflow, so I'll end it for now. Just remember. You measure the speed of a modem in BITS PER SECOND, NOT BAUD. See ya. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phiber Optik Date: Sun, 7 Feb 93 21:38:33 PST To: dionf@ere.umontreal.ca (Francois Dion) Subject: Re: Compressed/Encrypted Voice using Modems In-Reply-To: <9302071709.AA28201@brise.ERE.UMontreal.CA> Message-ID: <199302080537.AA06100@eff.org> MIME-Version: 1.0 Content-Type: text/plain > > No, a 2400 bps modem is 2400 baud because each token is 1 bit long. Well, almost. You got 9600 bps right. I hope you read my message. > > Ciao, > -- > Francois Dion > ' _ _ _ > CISM (_) (_) _) FM Montreal , Canada Email: CISM@ERE.UMontreal.CA > (_) / . _) 10000 Watts Telephone no: (514) 343-7511 > _______________________________________________________________________________ > Audio-C-DJ-Fractals-Future-Label-Multimedia-Music-Radio-Rave-Video-VR-Volvo-... > > > From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uni@acs.bu.edu (Shaen Bernhardt) Date: Mon, 8 Feb 93 00:55:17 PST To: cypherpunks@toad.com Subject: Remailers (List available) Message-ID: <9302080853.AA166918@acs.bu.edu> MIME-Version: 1.0 Content-Type: text/plain I was hopeing to find a list of the remailers available that use PGP for traffic encryption. I noticed that the PAX scripts were made public recently, does anyone plan to employ them at any of the current remailing sites? Despite its problems, I thought PAX was on the right track with regard to tactics.... Comments? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jim@tadpole.com (Jim Thompson) Date: Mon, 8 Feb 93 02:16:02 PST To: thug@phantom.com Subject: Re: Compressed/Encrypted Voice using Modems Message-ID: <9302081014.AA01029@ono-sendai> MIME-Version: 1.0 Content-Type: text/plain The shannon limit of 22kpbs has something to do with the frequency response of a 'standard' (old, non digital) POTS phone line. But you should know, you're Phil Karn (and I'm not.) Jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phil Karn (Phil Karn) Date: Mon, 8 Feb 93 09:48:14 PST To: phiber@eff.org> Subject: Re: Compressed/Encrypted Voice using Modems Message-ID: <9302081746.AA00348@servo> MIME-Version: 1.0 Content-Type: text/plain Sounds like we need a new unit that specifically means "bits/sec" but is easier to say. How about "Shannons", as in "I just bought a 14.4 kiloshannon modem". :-) Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phil Karn (Phil Karn) Date: Mon, 8 Feb 93 09:48:44 PST To: thug@phantom.com (Murdering Thug) Subject: Re: Modem Based Crypto Telephones Message-ID: <9302081747.AA00377@servo> MIME-Version: 1.0 Content-Type: text/plain It's true, dialup modems are becoming so fast that low bit rate vocoders may well prove unnecessary for a secure phone with good voice quality. But vocoders are still handy for allowing the use of a slower modem (e.g., over impaired lines, such as those with a lot of taps :-)) and for freeing up bandwidth that you might want to use for other purposes (e.g., data). Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phiber Optik Date: Mon, 8 Feb 93 08:50:43 PST To: jim@tadpole.com (Jim Thompson) Subject: Re: Compressed/Encrypted Voice using Modems In-Reply-To: <9302081014.AA01029@ono-sendai> Message-ID: <199302081649.AA13414@eff.org> MIME-Version: 1.0 Content-Type: text/plain > > The shannon limit of 22kpbs has something to do with the > frequency response of a 'standard' (old, non digital) POTS > phone line. > > But you should know, you're Phil Karn (and I'm not.) > > Jim > I spent the time posting a considerable message about this subject last night, and I've yet to see it echoed back to me on the list. Did ANYONE get it? Topics were Shannon's capacity formula, Shannon limit, Nyquist 2-bit rule, etc. I'd be very annoyed if it just 'disappeared' into the bit-bucket. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Don Henson <72466.3616@CompuServe.COM> Date: Mon, 8 Feb 93 09:13:25 PST To: Subject: White House Mail Message-ID: <930208170504_72466.3616_EHB51-2@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain Can someone repost the email address for the White House. I seem to have misplaced my copy. :( Don Henson PGP key on request From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phiber Optik Date: Mon, 8 Feb 93 09:09:16 PST To: jim@tadpole.com (Jim Thompson) Subject: Re: Compressed/Encrypted Voice using Modems In-Reply-To: <9302081700.AA02209@ono-sendai> Message-ID: <199302081708.AA13952@eff.org> MIME-Version: 1.0 Content-Type: text/plain > > haven't seen it. > OK, fearing the worst (maybe I forgot to CC my message to cypherpunks, but I'm sure I did), I'll repost my original message. It was a God-sent that I got cut off last night while composing it, and expreserve preserved it. Here it is: > > > ... because in FSK systems which code 1 bit per symbol > > (only two phases), bps = baud. But then and ONLY then.... > > Uhh, don't you mean two frequencies? FSK is Frequency Shift Key, not > Phase Shift Key (PSK).. ;-) > > Actually, I KNOW you meant this, and it was probably just a typo, > right? > > -derek > Woops! Sorry. To compensate, I'll give more information. In the Bell 103 system (FSK), the frequencies are 2125Hz for answer, and 1170Hz for originate carriers, with the frequency shifts being +/- 100Hz. Compare with CCITT's V.21, and substitute the carrier frequencies with 1750 and 1080Hz. Same +/- 100Hz shifting. Someone else mentioned the almighty Claude Shannon in another message concern- ing maximum bit-rate of a voice channel, and I wanted to clear up what was said. Shannon's capacity formula said capacity in bits-per-second equals bandwidth of channel in hertz times the base-2 (binary) logarithm of one plus the signal (in watts) to noise (in watts) ratio. As a side note, I say watts because commonly, today, you measure signal and noise levels in decibels (dB), and the S/N ratio is in dBm's (decibels per milliwatt). In the phone system, we say a voice frequency channel (VFC) has a bandwidth of 4kHz. In-band signalling is approximately from .3 to 3kHz. This formula (yielding the Shannon limit) is based on a "Gaussian Band Limited Channel" (GBLC), which is an approximation of a VFC, with a signal wave of S watts at the input of an "ideal" low-pass filter, subjected to Gaussian noise with a mean power of N watts (uniformly). Written, it's C = W log2(1 + S/N). A simple example you can do in your head is W=3000Hz, pick an S/N of 1023, 1+1023 is 1024, and base-2 log of 1024 is simply 10, 3000 * 10 is 30000, so Shannon's limit for these values is C = 30000bps. Play with it. Bear in mind, Shannon didn't consider intersymbol interference. Nyquist did. Compare this to Harry Nyquist's 2-bit rule, 2W, or double the bandwidth, and get the maximum bit rate (this line of thinking led him to the infamous Nyquist sampling theorem, sample at a rate twice the bandwidth of a channel, and you have all the information you need to reconstruct it at the receiving end). But Nyquist deals only with binary systems. Shannon's formula shows that theoretically you could increase the data rate indefinitely by increasing the S/N ratio. We achieve this in modern modulation systems by using multilevel systems, (M-ary for short, with M > 2), and hence the protocols I described in my previous message. We can apply Nyquist's 2-bit rule to the multilevel system by saying 2W log2 M bps is achievable, with an acceptable error rate. As we increase M (number of bits per symbol), so we have to find ways to increase the signal to noise ratio, to maintain an acceptable error rate. The whole thing is stupendously interesting to me, as I hope it is to the rest of you folks. To blow your mind with sheer genius, read Shannon's classic "A Mathematical Theory of Communication" in Bell System Tech Journal, July and October of '48 at your local university. Also Nyquist's "Certain Topics in Telegraph Transmission Theory", April '28. Know your roots. Good night. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Mon, 8 Feb 93 03:34:59 PST To: Shaen Bernhardt Subject: Re: Remailers (List available) In-Reply-To: <9302080853.AA166918@acs.bu.edu> Message-ID: <9302081238.aa22866@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > I noticed that the PAX scripts were made public recently, does anyone plan > to employ them at any of the current remailing sites? I was planning on doing it last weekend, but the urgent password fixes I had to implement at anon.penet.fi screwed up my plans. But Real Soon Now... Julf (admin@anon.penet.fi) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phil Karn (Phil Karn) Date: Mon, 8 Feb 93 13:24:26 PST To: Phiber Optik Subject: Re: Compressed/Encrypted Voice using Modems Message-ID: <9302082123.AA00695@servo> MIME-Version: 1.0 Content-Type: text/plain >Shannon didn't consider intersymbol interference. Sure he did. That's why the bandwidth term appears in his channel capacity equation. Shannon built on and generalized Nyquist's earlier work. Shannon's law says only that it is theoretically *possible* to signal over a bandlimited AGWN channel with specific bandwidth and S/N ratio with arbitrarily low error as long as the signalling speed is less than the channel capacity as given by his formula. What it doesn't show is *how* to do it. In this respect, Shannon's law is much like the 2nd law of thermodynamics; it tells you how efficient you can make a heat engine in theory, but it doesn't tell a turbine designer how to shape his blades. By the way, just to bring this back to crypto, everyone should be aware that not only did Claude Shannon establish modern information theory, he also wrote a seminal paper that established much of modern cryptography. It was originally written during WWII and classified at that time, but it was declassified soon after the war and appeared in the BSTJ in 1948, I believe. Probably the most well known aspect of this paper is his discussion of "product ciphers", whereby you can combine different ciphers that are by themselves relatively weak (substitution and permutation, which he calls "confusion" and "diffusion") and produce a far more powerful cipher. DES is based on this principle, as are other modern ciphers. I bet this is one paper that the NSA wishes had never been declassified. Far more important, in my opinion, than anything by Friedman. Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Mon, 8 Feb 93 07:36:58 PST To: Anonymous Subject: Re: In-Reply-To: <199302080630.AA01555@xtropia> Message-ID: <9302081609.aa24308@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > Hi - I tried to use the anon.penet.fi remailer and got a warning that > some people had hacked it to find out for which anonymous ID any user > had. It sounded like they would forge mail from the person they wanted > to find out about, have it go through penet, and then go to themselves. > Then they could look and see what anonymous ID it seemed to come from. Precisely! > This has been fixed by making people register a password with the remailer > and then use it whenever they want to forward mail. Yeah. A bit cumbersome, but at least it is an attempt to find a workable compromise between security and ease of use. The password is only required if you intend to mail to "unregistered" addresses. Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "A.J. Janschewitz" Date: Mon, 8 Feb 93 16:00:51 PST To: "Don Henson" <72466.3616@compuserve.com> Subject: Re: White House Mail In-Reply-To: <930208170504_72466.3616_EHB51-2@CompuServe.COM> Message-ID: <2938301699.1.p00258@psilink.com> MIME-Version: 1.0 Content-Type: text/plain >Can someone repost the email address for the White House. I seem to have >misplaced my copy. :( Allegedly 75300.3115@compuserve.com ==a.j.== From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: deltorto@aol.com Date: Mon, 8 Feb 93 17:32:31 PST To: cypherpunks@toad.com Subject: E Pluribus Unum Message-ID: <9302082032.tn29952@aol.com> MIME-Version: 1.0 Content-Type: text/plain Fellow Cyphers, Eric Hughes contributed: >>I applaud the Clinton administration for making itself available via >>email. I do not think it advisable, however, to send a single >>cypherpunks letter. Rather I urge all interested parties to compose >>their own letters, and send them in separately. and also: >>3) Be brief. If you cannot summarize your argument into a single >>paragraph, neither will the reader of the mail. The mail system is >>already overloaded, and concision indicates politeness. These appear to be contradictory statements. I believe that sending a powerful concise letter _together_ makes it more likely that it will be read, and even more likely that it will be responded to. Otherwise, we're just a bunch of nutty "individuals." On the other hand I am repenting my suggestion that we _might_ include anything political in our missive. This was ill-concieved on my part and I have now "engaged my brain" (it's also not 4 am, heh-heh) and agree with various other contributors that our message should be unidirectional and very brief. I don't think it should be "cutesy" however, as much as I personally enjoyed Marc Ringuette's "bit" suggestion #2: >>Dear President Clinton, >> Freedom for the bits! We will not rest until each bit is free to >> determine its own natural orientation without outside coercion. The >> good news is, you don't need to do anything at all; merely get out of >> the way of the free market, and the bits will free themselves. >>Best regards, The Cypherpunks (Anarchist Subgroup). Basically I like the underlying idea here (the track of allowing 'natural orientation without outside coercion'), but I'd avoid the "anarchist" tendencies, as they tend to render an otherwise approcahable letter "void" for government bureaucrats perusing gigs of email to Bill & Co. Eric suggests that we: >>Stress privacy, and technological defenses thereto. I agree. Especially the technological expertise side, as this is what differentiates us from the mass of other people crying about privacy. >>2) Do not be paranoid. Do not rant. These are a sure ways to >>indicate that more money should be budgeted for public relations. This is well-met. I totally back off from my previous political slant in favor of getting _through_. >>4) Write in standard English. Use a spelling checker, and use >>complete sentences. What a concept. After reading a few months worth of mail on this list, I can only agree. >>5) Offer to help. Offer to make timely review of proposed policies. >>If they accept your aid, keep your promises. This is my favorite suggestion. Imagine if they gave us all jobs at the NSA. Heh-heh-heh. Now, I have a general question: what is the current status of the White House email capability as far as everyone can tell? Has anyone had a response yet, by email or snailmail? Is there a possibility that this IS a hoax and that we should just send paper mail instead? ddt From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fnerd@smds.com (FutureNerd Steve Witham) Date: Mon, 8 Feb 93 21:03:21 PST To: cypherpunks@toad.com Subject: Re: SunExpress to expand "unlockable" software distribution Message-ID: <9302090339.AB10263@smds.com> MIME-Version: 1.0 Content-Type: text/plain gnu@toad.com (John Gilmore) says: >It would probably be a public service if some interested parties were >to determine the ``encryption'' method that Sun Express, the standard >Sun ``license manager'', and other packages use. At the moment, the >details of these technologies are not described in the public >literature (as far as I know). > >Rather than have these companies discover years too late that their >"unlockable" software is really unlockable by anyone who understands >cryptography, it'd be better for them to learn it this year, while >they are still handling low volumes of programs that way. Also maybe >they will stop dumping these programs-that-you-have-but-must-pay-to-run on us. > > John I was in a meeting where the license manager technology was explained from a semi-technical, semi-business point of view. o There's a standard that many companies are using. It's for the rpc interface between licensed programs and license managers. The program calls the manager, tells it a couple things, and asks, is it okay for me to run? o License managers vary in the kinds of licenses they can support. There's enough variety of license possibilities to make your head swim. o License managers generally work from "licenses," which are text files on your computer that describe the terms of particular licenses in a license-manager-specific language. o I think they use RSA, MD5, etc., for instance in signing logs that they keep. o License-managers are themselves expensive and licensed, with a variety of up-front/per platform/per site/per end user/per developer license combinations as well as the feature variety I mentioned. I could probably find out what public documents exist if nobody else on the list knows. -fnerd quote me fnerd@smds.com (FutureNerd Steve Witham) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Mon, 8 Feb 93 22:43:57 PST To: Cypherpunks Subject: Debate about anon posts Message-ID: <930209063752_74076.1041_DHJ31-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain For those interested, there has been an active debate on the Usenet newsgroup news.admin.policy about whether anonymous posting should be allowed on technical newsgroups. Johan Helsingius's anonymous server at anon.penet.fi is being widely attacked for allowing this function. Several questionable messages have been posted to various groups using this server and some of these are being used as examples of why anonymous posting should not be allowed. There have been about 50 messages on the topic, with probably 40+ being generally opposed to anonymous posting on the non-"personal" groups, and only a few being in favor. I don't really know how much influence that newsgroup has on the Usenet anarchy but there certainly does seem to be a lot of opposition to anonymity. Since it is an important part of our Cypherpunk ideals I think we need to give some thought to how to "sell" the idea of anonymous mail and postings to the net community. Hal Finney 74076.1041@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: miron@extropia.wimsey.com (Miron Cuperman) Date: Tue, 9 Feb 93 03:12:48 PST To: cypherpunks@toad.com Subject: Anonymous pool created Message-ID: <199302091046.AA09900@xtropia> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- From: miron (Miron Cuperman) To: cypherpunks@toad.com Subject: Anonymous pool created The pool is basically a mailing list with automatic maintenance. The intention is that you add a reply-to: header to your anonymous mail (or mention it somewhere in your mail) pointing at the pool address. Make sure that your correspondent put some identifying marks on the reply (like encrypting it with your public key, and/or putting your pseudonym on the Subject: line) so you can tell it apart from the rest. Of course, you should first subscribe to the pool. Your anonymous reply address you should mention is: pool0@extropia.wimsey.com All admin requests (handled by a program): pool0-request@extropia.wimsey.com All problems to: miron@extropia.wimsey.com The following Subject: lines are recognized: subscribe unsubscribe help and others - described in the help file. Matching is actually quite loose, so don't worry about whitespace or anything like that. Experiments are welcome. - -- Miron Cuperman | NeXTmail/Mime ok | Public key avail AMIX: MCuperman | cyberspacecomputingcryptoimmortalitynetworkslaissezfaire -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK3eLOZNxvvA36ONDAQEjfAP+LqMzz6ffgTcuVxnzivZKKAJHY7kzo6V2 cobwO4fWPOdw6m3TdJnX/++hit0nAiFOg5TZWMqJiUw/p51qcPIHxXvsw0Hq9mN5 y8eKoZDVVuALZD3IRzAbWuZ9gT404q5sUej7T8k/Ykf51fIMy29JXxAl00sXvRzi mI0NNzykWSc= =J84n -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phiber Optik Date: Tue, 9 Feb 93 01:17:08 PST To: jim@tadpole.com (Jim Thompson) Subject: Re: Compressed/Encrypted Voice using Modems In-Reply-To: <9302081750.AA02290@ono-sendai> Message-ID: <199302090915.AA07775@eff.org> MIME-Version: 1.0 Content-Type: text/plain > > So, what is a 'typical' S/N ratio for a POTS call? > > Good question. By the way, I think I may have slipped and reversed my units in signal to noise ratios. A minor typo. The signal and noise are in dBm's (decibels per milliwatt), and the resultant S/N ratio is in dB's (decibels). A little background info: the ideal voice frequency channel has a FLAT amplitude/frequency response, that is, it's uniform over the pass-band (approx. .3 to 3kHz). In reality, this isn't the case, but we want it to be as close as possible. In North America, we test signal level at 1kHz (precisely 1004). If we input a signal at -10dBm, we want -10dBm at the output. The common type of test-line in the phone system for this purpose is nicknamed the "milliwatt test", and is a continuous interrupted 1004Hz tone. Depending on the nature of the channel being tested, there would be acceptable guidelines that would have to be met with. For example, a typical S/N value might be 40dB, based on customer satisfaction of line quality. Another common test-line in wide use is the type-105 ATMS, Automatic Trans- mission Measurement System (nicknamed "responders"). Signalled with Multi- Frequency tones (MF), it is capable of doing: signal at 404, 1004, and 2804Hz at two different levels (for comparative S/N ratios at the low, middle, and top portion of the passband, a major improvement on the older "sweep tone" method), and two types of noise (again I remember at two levels), the most common being C-message noise (dBrnC). C-message weighting is the modern means of measuring signal and noise amplitude/frequency response, based on today's telephone handsets (there were two previous major Western Electric weightings, 144 and F1A, now obsoleted). The standard reference frequency (1004Hz), was established by picking a frequency in the pass-band where the signal level was JUST discernible by the human ear, and is between -85 to -90dBm, and the derived units are positive. We consider the noise measurement knowing the zero reference (ideally 0 dB difference at the reference frequency), and the weighting characteristics of the C-message standard telephone handset. Unfortunately, I can't draw you a chart, but there is a characteristic curve of frequency-response in weightings of channel noise for the C-message handset. Noise measurement instruments have artificial filters that simulate the response of the modern handset. Am I making any sense? I hope I am. What I'm getting at, is that the accept- able guidelines of signal and noise levels is simply based upon a chosen standard handset sensitivity. Got it? C'mon! It's easy! From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phiber Optik Date: Tue, 9 Feb 93 01:39:03 PST To: karn@qualcomm.com (Phil Karn) Subject: Re: Compressed/Encrypted Voice using Modems In-Reply-To: <9302082123.AA00695@servo> Message-ID: <199302090937.AA07958@eff.org> MIME-Version: 1.0 Content-Type: text/plain > > > >Shannon didn't consider intersymbol interference. > > Sure he did. That's why the bandwidth term appears in his channel capacity > equation. > (stuff deleted) I was probably being unclear. According to my text, Shannon's capacity formula does not account for intersymbol interference. My text also states that Nyquist used intersymbol interference as a limit in his 2-bit rule. I'm considering my text to be correct, because the capacity formula doesn't account for the imperfections (like intersymbol interference) and other problems encountered in practice (envelope delay distortion, the need for echo cancell- ation, etc.). And in your words, it says that you can, but it doesn't say how. For those who just tuned in, intersymbol interference refers to when the residual tail or bounce of a dying pulse interferes with a subsequent pulse. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wayner@cs.cornell.edu (Peter Wayner) Date: Tue, 9 Feb 93 05:22:03 PST To: cypherpunks@toad.com Subject: Convincing people the value of anonymity... Message-ID: <9302091320.AA19183@brokk.cs.cornell.edu> MIME-Version: 1.0 Content-Type: text/plain I would think that many people who hang out on technical newsgroups would be very familiar with the anonymous review procedures practiced by academic journals. There is some value when a reviewer can speak their mind about a paper without worry of revenge. Of course everyone assures me that the system is never really anonymous because there are alwys only three or four people qualified to review each paper. :-) Perhaps we should go out of our way to make anonymous, technical comments about papers and ideas in the newsgroups to fascilitate the development of an anonymous commenting culture in cypberspace. -Peter Wayner From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 9 Feb 93 08:51:58 PST To: 74076.1041@CompuServe.COM Subject: Debate about anon posts In-Reply-To: <930209063752_74076.1041_DHJ31-1@CompuServe.COM> Message-ID: <9302091649.AA25077@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain More important than anonymity in a public forum such as Usenet is pseudonymity. A strictly anonymous posting might well be ignored, and in cases should be. An alternate identity, however, can be more easily believed if it has said useful things in the past. After all, most of the people I know on the net are as good as pseudonyms to me. I've never met them, have never even had voice contact, and am unlikely to ever. This is the case for everyone. We rely on the human net of familiarity to assure us that these are real people. But a pseudonym on the net looks to us like "someone else's friend." We can't verify everyone personally, but we assume that someone has. Therefore pseudonyms will always be possible on the net. Indeed, they are already mostly with us. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 9 Feb 93 09:09:07 PST To: cypherpunks@toad.com Subject: E Pluribus Unum In-Reply-To: <9302082032.tn29952@aol.com> Message-ID: <9302091706.AA25713@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain I said, in effect: -- Send your own mail, not from the group. -- Be brief; the system is overloaded. Dave responds: >These appear to be contradictory statements. I believe that sending a >powerful concise letter _together_ makes it more likely that it will be read, >and even more likely that it will be responded to. Otherwise, we're just a >bunch of nutty "individuals." The particular advice to send individual mail stems from the following method that organizations estimate demographics: "Count each letter as standing for the opinion of N people." Were we a well-known, well-respected organization, such as, say, ANSI, or IEEE, then a group letter carries weight. As it is, however, the cypherpunks are neither, and our goals, well, less than fully affirmed by the general public. Hence, I urge people to send individual letters. In our context many letters carry greater weight than one. In the same vein, I urge people to each compose a separate letter. Many copies of an identical letter are much less useful. I wrote: >Stress privacy, and technological defenses thereto. This topic has many aspects. Writing on this topic will not mean a duplication of effort, merely a replication of concern. >I agree. Especially the technological expertise side, as this is what >differentiates us from the mass of other people crying about privacy. That bit about "crying about" is exactly what I wish to avoid. First of all, in cryptography relying on others to grant you privacy doesn't even work. And second, asking for help to allow us to help ourselves taps into deep currents in the U.S. culture. >On the other hand I am repenting my suggestion that we _might_ include >anything political in our missive. One of my own political principles is as follows: "If your issue becomes a partisan issue, then you've lost." It is much easier to convince all sides of a dispute of the same thing than to convince one side and have them convince the others. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 9 Feb 93 09:12:00 PST To: cypherpunks@toad.com Subject: Compressed/Encrypted Voice using Modems In-Reply-To: <9302082123.AA00695@servo> Message-ID: <9302091709.AA25872@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >By the way, just to bring this back to crypto, everyone should be aware >that not only did Claude Shannon establish modern information theory, >he also wrote a seminal paper that established much of modern cryptography. Not only that, he was single handedly responsible for the 15 minute delay rule in reporting stock market transactions. Evidently he applied information-theoretic techniques to the data and was able to make a load of money at it. I have no references on this, and would love to see some. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 9 Feb 93 09:16:15 PST To: cypherpunks@toad.com Subject: Compressed/Encrypted Voice using Modems In-Reply-To: <199302081708.AA13952@eff.org> Message-ID: <9302091713.AA25988@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Phiber writes: >Shannon's capacity formula said capacity in bits-per-second equals >bandwidth of channel in hertz times the base-2 (binary) logarithm of one plus >the signal (in watts) to noise (in watts) ratio. Properly it is the integral of the S/N function over frequency, but that's a simple continualization of the stated formula. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 9 Feb 93 09:49:49 PST To: cypherpunks-announce@toad.com Subject: February 13 meeting Message-ID: <9302091745.AA27350@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Cypherpunks physical meeting Noon sharp, Saturday, February 13, 1993 Cygnus Support Offices, Mt. View, California, USA I apologize for not getting out an announcement for the the last meeting. It showed, both in attendance and organization. My regrets. I make a solemn promise to be there before 12:00 p.m. Let's start on time for a change. I hear that photographers are going to be there, so if you don't want to be photographed, bring your favorite mask. They're nice photographers and they'll ask your permission first so that you don't have to wear your mask at all times. Eric ----------------------------------------------------------------------------- AGENDA ====== -- The Ultra random number generator. I presume Scott Collins is going to talk on this, since he mentioned this, but I have not heard from him. (Hint, hint) Ultra is a new random number generator designed by some statisticians. It allegedly has extremely long period, good distribution properties, and a fast implementation, since it is based on the borrow from a subtract operation. -- Eric Messick will present his posting on envelopes. If any of you need another copy of this, the address of his that I remember is eric@toad.com. -- Arthur Abraham will present on hash functions. The talk will include discussion of generally desirable properties and some specific algorithms. -- Some people wanted to talk about the Sidelnikov comments on PGP, but I don't have a presenter yet. -- And the usual progress reports and chat. ----------------------------------------------------------------------------- DIRECTIONS ========== Cygnus Support 1937 Landings Drive Mt. View, CA 94043 +1 415 903 1400 switchboard +1 415 903 1418 John Gilmore Take US 101 toward Mt. View. From San Francisco, it's about a 40-minute drive. Get off at the Rengstorff Ave/Amphitheatre Parkway exit. If you were heading south on 101, you curve around to the right, cross over the freeway, and get to a stoplight. If you were heading north on 101, you just come right off the exit to the stoplight. The light is the intersection of Amphitheatre and Charleston Rd. Take a right on Charleston; there's a right-turn-only lane. Follow Charleston for a short distance. You'll pass the Metaphor/Kaleida buildings on the right. At a clump of palm trees and a "Landmark Deli" sign, take a right into Landings Drive. At the end of the road, turn left into the complex with the big concrete "Landmark" sign. Follow the road past the deli til you are in front of the clock tower that rises out of one of the buildings, facing you. Enter through the doors immediately under the clock tower. They'll be open between noon and 1PM at least. (See below if you're late.) Once inside, take the stairs up, immediately to your right. At the top of the stairs, turn right past the treetops, and we'll be in 1937 on your left. The door is marked "Cygnus". If you are late and the door under the clock tower is locked, you can walk to the deli (which will be around the building on your left, as you face the door). Go through the gate in the fence to the right of the deli, and into the back lawns between the complex and the farm behind it. Walk forward and right around the buildings until you see a satellite dish in the lawn. Go up the stairs next to the dish, which are the back stairs into the Cygnus office space. We'll prop the door (or you can bang on it if we forget). Or, you can find the guard who's wandering around the complex, who knows there's a meeting happening and will let you in. They can be beeped at 965 5250, though you'll have trouble finding a phone. Don't forget to eat first, or bring food at noon! I recommend hitting the burrito place on Rengstorff (La Costen~a) at about 11:45. To get there, when you get off 101, take Rengstorff (toward the hills) rather than Amphitheatre (toward the bay). Follow it about ten blocks until the major intersection at Middlefield Road. La Costen~a is the store on your left at the corner. You can turn left into the narrow lane behind the store, which leads to a parking lot, and enter by the front door, which faces the intersection. To get to the meeting from there, just retrace your route on Rengstorff, go straight over the freeway, and turn right at the stoplight onto Charleston; see above. See you there! John Gilmore From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: covin@cs.uchicago.edu Date: Tue, 9 Feb 93 07:52:26 PST To: cypherpunks@toad.com Subject: Re: E Pluribus Unum Message-ID: <9302091551.AA27230@tartarus.uchicago.edu> MIME-Version: 1.0 Content-Type: text/plain >Now, I have a general question: what is the current status of the White House >email capability as far as everyone can tell? Has anyone had a response yet, >by email or snailmail? Is there a possibility that this IS a hoax and that we >should just send paper mail instead? What excellent timing you have. I recently received this from a friend: [Forwarded, now several times...] January 31, 1993 Important Information RE: E-Mail to the White House Yesterday, I saw several postings related to the E-mail address for the White House. Along with a good number of others, I worked throughout the campaign as part of a network of E-mail volunteers for the Clinton campaign, so I can pass along some important information about that E-mail account. The account is actually the personal compuserve account of Jock Gill. Jock worked hard (along with a handful of programming volunteers, BBS operators, listserver maintainers, and computer sophisticates at places such as Marist College, MIT, San Francisco, Chicago, and elsewhere) during the campaign to put together an E-mail system for national campaigning. The system was later expanded to accommodate all three major Presidential campaigns. It was an innovative, highly successful effort and it played a huge role in getting campaign position statements out to a wide public. Things posted from that address found their way into the virtual reality as the messages got passed along many networks from their original posting. Several weeks before the Inauguration of President Clinton, Jeff Eller was appointed by the President-Elect to have overall charge of establishing something which has never existed--an interactive public access E-mail system into the White House and into other offices of the administration. Jock Gill was then hired by the administration to work under Jeff Eller. Currently, Jock Gill is working in an office located in the Old Executive Office Building across the street from the White House. At this point, he is working alone, without a staff. His current assignment is to use the E-mail system (as during the campaign) to issue official copies of White House statements, the texts of press briefings and press conferences, copies of Executive Orders and Presidential Memos, and the like to the virtual world of E-mail. Since the compuserve box is a regular personal mail box, it gets filled quickly, especially given the high volume of mail now beginning to arrive with the broad dissemination of his address. Those of you who have sent E-mail to that address may well have received an error message stating that the box is full. That's another way of saying it has been overwhelmed. Jock has asked those of us who have been part of the volunteer E-mail team to help him out while he works to get a good interactive system up and running. Basically, he has asked that everyone cooperate and not begin sending a barrage of E-mail to that compuserve address. The White House itself employs a large staff to handle snail mail. Actually, at this point in the development of the White House E-mail system, you will probably get your message through to the administration quicker through ordinary snail mail and telephone. Later, once the administration's E-mail team develops the system they want and need, E-mail contacts should became the easier route. All things in their time. Once the E-mail address was circulated together with the heading the "White House", everyone understandably believed a real system was up and running. Not quite yet. SUGGESTION: Use the compuserve address you have judiciously, reserving it for absolutely vital contacts. Until such time that a real public access White house E-mail system is operational, consider relying on the traditional means of contacting the administration. Given what they had to start with from the previous administration (scratch), I have every reason to expect that Jeff Eller and Jock Gill will work well--and as quickly as possible--to get an interactive system up and running. But it will take time and patience. We can all help them achieve that effort best if we refrain from acting as if that non-existent system were already in place. PLEASE HELP RELAY THIS CONTEXT AND SUGGESTION TO OTHER NETWORKS AND INDIVIDUALS. Thanks. Snail Mail Address and Phone Numbers -- White House White House Numbers: The President (202) 456-1414 White House Comment Line (202) 456-1111 (To register your opinion on an issue) When bill signed or vetoed (202) 456-2226 Vice President (202) 456-2326 (202) 456-7125 Mailing Address: The White House 1600 Pennsylvania Avenue, N.W. Washington DC 20500 ------ Jon Darling PITT/Johnstown -- January 31, From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Douglas Sinclair Date: Tue, 9 Feb 93 10:39:45 PST To: cypherpunks@toad.com Subject: PGP key by finger Message-ID: <9302091838.AA29640@acs1.acs.ucalgary.ca> MIME-Version: 1.0 Content-Type: text/plain To all those that asked - my PGP 2.1 key is now available for finger. I appologize to all for the technical difficulties. -- Vercotti: I was terrified of him. Everyone was terrified of Doug. I've seen grown men pull their own heads off rather than see Doug. Even Dinsdale was frightened of Doug. Interviewer: What did he do? Vercotti: He used sarcasm. He knew all the tricks, dramatic irony, metaphor, bathos, puns, parody, litotes and satire. -- Monty Python, Episode 14 PGP 2.1 Key by finger From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pmetzger@shearson.com (Perry E. Metzger) Date: Tue, 9 Feb 93 11:39:59 PST To: cypherpunks@toad.com Subject: Re: Compressed/Encrypted Voice using Modems Message-ID: <9302091839.AA09736@maggie.shearson.com> MIME-Version: 1.0 Content-Type: text/plain > From: Eric Hughes > > >By the way, just to bring this back to crypto, everyone should be aware > >that not only did Claude Shannon establish modern information theory, > >he also wrote a seminal paper that established much of modern cryptography. > > Not only that, he was single handedly responsible for the 15 minute > delay rule in reporting stock market transactions. Evidently he > applied information-theoretic techniques to the data and was able to > make a load of money at it. I have no references on this, and would > love to see some. I don't believe this. You can buy data feeds that give you instant market data, rather than 15 minute delayed information. I've worked for operations like Morgan Stanley's Analytic Proprietary Trading Group, and although I've seen some neat tricks applied to market data, I've never heard tell of Shannon developing any, nor is there any delay in the data such groups use for trading. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: cp@jido.b30.ingr.com (Craig Presson) Date: Tue, 9 Feb 93 13:07:00 PST To: cypherpunks@toad.com Subject: Re: Compressed/Encrypted Voice using Modems In-Reply-To: <9302091839.AA09736@maggie.shearson.com> Message-ID: <199302092105.AA01119@jido.b30.ingr.com> MIME-Version: 1.0 Content-Type: text/plain In <9302091839.AA09736@maggie.shearson.com>, Perry E. Metzger writes: |> > From: Eric Hughes [...] |> > Not only that, he was single handedly responsible for the 15 minute |> > delay rule in reporting stock market transactions. Evidently he |> > applied information-theoretic techniques to the data and was able to |> > make a load of money at it. I have no references on this, and would |> > love to see some. |> |> I don't believe this. You can buy data feeds that give you instant market |> data, rather than 15 minute delayed information. I've worked for |> operations like Morgan Stanley's Analytic Proprietary Trading Group, |> and although I've seen some neat tricks applied to market data, I've |> never heard tell of Shannon developing any, nor is there any delay |> in the data such groups use for trading. |> |> Perry In particular, Compuserve subscribers get 15-minute old stock quotes for free, and pay extra to get closer to real-time. To quote an advert from Open Systems (Propaganda) Today: " SuperHackers D.E. Shaw & Co., a small, ... algorithmic trading firm, seeks brilliant, world-class software professionals to help create Wall Street's future. ..." This may be drifting off-topic, unless someone sees a way to finance anarcho-ventures with high-tech arbitrage. I suppose Perry would be in the middle of any such cabal -- or maybe he isn't saying ;-) ^ / ------/---- cp@jido.b11.ingr.com (Craig Presson) / / From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: John.Nieder@f33.n125.z1.FIDONET.ORG (John Nieder) Date: Wed, 10 Feb 93 01:58:55 PST To: cypherpunks@toad.com Subject: E Pluribus Unum Message-ID: <4833.2B78CB7D@fidogate.FIDONET.ORG> MIME-Version: 1.0 Content-Type: text/plain * Reply to msg originally in Cypherpunks BK> From: deltorto@aol.com BK> I believe that sending a BK> powerful concise letter _together_ makes it more likely that it will BK> be read, and even more likely that it will be responded to. Otherwise, BK> we're just a bunch of nutty "individuals." Well, while I am personally of the opinion that this undertaking is of neglible value for the sweat expended anyway, I would suggest that the eventual note (if any) not presume to represent anyone but the individual signatories. BK> On the other hand I am repenting my suggestion that we _might_ include BK> anything political in our missive. Good. The surreal laundry-list of crackpot causes in CPSR's written agenda has gained them my absolute opposition & has probably turned off others as well. It would be a mistake for Cypherpunks to drag in outside issues. BK> I don't think it should be "cutesy" Of course not. There's no quicker way to the bit bucket, assuming this entire e-mail flap isn't a bad joke in the first place. >>Stress privacy, and technological defenses thereto. BK> I agree. Me three. BK> Especially the technological expertise side, as this is what BK> differentiates us from the mass of other people crying about privacy. A good point! Nothing impresses bureaucrats like "experts" [cough!]. >>5) Offer to help. Offer to make timely review of proposed policies. >>If they accept your aid, keep your promises. BK> This is my favorite suggestion. Imagine if they gave us all jobs at BK> the NSA. Heh-heh-heh. You wouldn't like it. BK> Now, I have a general question: what is the current status of the BK> White House email capability as far as everyone can tell? Has anyone BK> had a response yet, by email or snailmail? Is there a possibility that BK> this IS a hoax and that we should just send paper mail instead? Check my previous message. JN ... Source: "Another Burned-Out Spook for Peace," S.F., CA --- Blue Wave/Opus v2.12 [NR] -- John Nieder - via FidoNet node 1:125/555 UUCP - ...!uunet!hoptoad!kumr!fidogate!33!John.Nieder INTERNET - John.Nieder@f33.n125.z1.FIDONET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com (Bill_Stewart(HOY002)1305) Date: Tue, 9 Feb 93 17:10:58 PST To: cypherpunks Subject: Re: CELP speech compression code at cygnus.com:/pub/celp.speech.tar.Z Message-ID: <9302100110.AA09266@toad.com> MIME-Version: 1.0 Content-Type: text/plain Forwarded for Bill Stewart, who I assume wanted it posted. Eric ----------------------------------------------------------------------------- John, Perry, and others have been commenting on the use of CELP voice compression and crypto with V.32 or better modems to give end-to-end encrypted speech. Perry says: > Fast enough software compression of voice would mean any PC > with a DSP card and a V.32 modem could become an unbreakable scrambler. > The chief problem is that the DSP needed to do decent compression is > very crunchy, and encryption also tends to be crunchy, so there aren't > typically enough cycles on your average PC. Of course, were someone to > commercially market a board that did all this in hardware... (Please excuse any shameless references to my employer's fine hardware products :-); I do science fiction, er, um, systems engineering, not hardware... and it's been a while since our chip people were in my building.) It may not all be packaged on a single board, but it shouldn't be real tough. PC and Mac Boards with AT&T DSP32C chips were out several years ago, which provided something like 25 MFLOPS, which was more than enough to do voice compression and have leftover guts for crypto (or use your 386; DES at 9600 baud shouldn't cause much heartburn.) I assume that by now there are reasonably-priced floating-point DSP boards from several different vendors out, and AT&T makes modem chipsets and supporting A/D and fixed-point DSP integer-crunchers. If CELP can be done in integers, I'd guess you could chain together a couple DSPs and put together a board for ~$100-150 parts-cost. Also, how much can you do with the various SoundBlaster-related boards? Bill From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fen@genmagic.genmagic.com (Fen Labalme) Date: Tue, 9 Feb 93 18:27:21 PST To: cypherpunks@toad.com Subject: ["Joyce K. Reynolds": RFC1421 on Privacy Enhancement for Electronic Mail] Message-ID: <9302100227.AA06002@> MIME-Version: 1.0 Content-Type: text/plain Date: Tue, 09 Feb 93 20:46:25 -0500 From: James M Galvin Sender: pem-dev-relay@TIS.COM -----BEGIN PRIVACY-ENHANCED MESSAGE----- Proc-Type: 4,MIC-CLEAR Content-Domain: RFC822 Originator-ID-Asymmetric: MEYxCzAJBgNVBAYTAlVTMSQwIgYDVQQKExtUcnV zdGVkIEluZm9ybWF0aW9uIFN5c3RlbXMxETAPBgNVBAsTCEdsZW53b29k,02 MIC-Info: RSA-MD5,RSA,UYBpHzD3lP5l8Wi2DzdTRPWoag3lQ7NrqmF0U+cfykK VCKx5jxPRR9CaWaddI5QobfpA4hsIVA12ZpsPzmyo9g== - ------------------------------------------------------------------------ This message digitally signed with Privacy Enhanced Mail. Get your copy of the Internet reference implementation from "pem-info@tis.com". - ------- Forwarded Message Message-ID: <199302092257.AA29999@zephyr.isi.edu> Sender: ietf-announce-request@IETF.CNRI.Reston.VA.US From: "Joyce K. Reynolds" To: IETF-Announce:;@IETF.CNRI.Reston.VA.US cc: jkrey@isi.edu Date: Tue, 09 Feb 93 14:56:08 PST Subject: RFC1421 on Privacy Enhancement for Electronic Mail - - --NextPart A new Request for Comments is now available in online RFC libraries. RFC 1421: Title: Privacy Enhancement for Internet Electronic Mail: Part I: Message Encryption and Authentication Procedures Author: J. Linn Mailbox: 104-8456@mcimail.com Pages: 42 Characters: 103,894 Obsoletes: RFC 1113 This is one of a series of documents defining privacy enhancement mechanisms for electronic mail transferred using Internet mail protocols. This document is the outgrowth of a series of meetings of the Privacy and Security Research Group (PSRG) of the Internet Research Task Force (IRTF) and the PEM Working Group of the Internet Engineering Task Force (IETF). The author would like to thank the members of the PSRG and the IETF PEM WG, as well as all participants in discussions on the "pem-dev@tis.com" mailing list, for their contributions to this document. This is now a Proposed Standard Protocol. This RFC specifies an IAB standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "IAB Official Protocol Standards" for the standardization state and status of this protocol. Distribution of this memo is unlimited. This announcement is sent to the IETF list and the RFC-DIST list. Requests to be added to or deleted from the IETF distribution list should be sent to IETF-REQUEST@CNRI.RESTON.VA.US. Requests to be added to or deleted from the RFC-DIST distribution list should be sent to RFC-REQUEST@NIC.DDN.MIL. Details on obtaining RFCs via FTP or EMAIL may be obtained by sending an EMAIL message to "rfc-info@ISI.EDU" with the message body "help: ways_to_get_rfcs". For example: To: rfc-info@ISI.EDU Subject: getting rfcs help: ways_to_get_rfcs Requests for special distribution should be addressed to either the author of the RFC in question, or to NIC@NIC.DDN.MIL. Unless specifically noted otherwise on the RFC itself, all RFCs are for unlimited distribution. Submissions for Requests for Comments should be sent to RFC-EDITOR@ISI.EDU. Please consult RFC 1111, "Instructions to RFC Authors", for further information. Joyce K. Reynolds USC/Information Sciences Institute ... Below is the data which will enable a MIME compliant Mail Reader implementation to automatically retrieve the ASCII version of the RFCs. - - --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" - - --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mail-server@nisc.sri.com" Content-Type: text/plain SEND rfc1421.txt - - --OtherAccess Content-Type: Message/External-body; name="rfc1421.txt"; site="nic.ddn.mil"; access-type="anon-ftp"; directory="rfc" Content-Type: text/plain - - --OtherAccess-- - - --NextPart-- - ------- End of Forwarded Message -----END PRIVACY-ENHANCED MESSAGE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fen@genmagic.genmagic.com (Fen Labalme) Date: Tue, 9 Feb 93 18:28:23 PST To: cypherpunks@toad.com Subject: ["Joyce K. Reynolds": RFC1423 on PEM: Algorithms, Modes and Identifiers] Message-ID: <9302100228.AA06013@> MIME-Version: 1.0 Content-Type: text/plain Date: Tue, 09 Feb 93 20:47:29 -0500 From: James M Galvin Sender: pem-dev-relay@TIS.COM -----BEGIN PRIVACY-ENHANCED MESSAGE----- Proc-Type: 4,MIC-CLEAR Content-Domain: RFC822 Originator-ID-Asymmetric: MEYxCzAJBgNVBAYTAlVTMSQwIgYDVQQKExtUcnV zdGVkIEluZm9ybWF0aW9uIFN5c3RlbXMxETAPBgNVBAsTCEdsZW53b29k,02 MIC-Info: RSA-MD5,RSA,SZBZEw1TKP4Mj68wVUb3t1uGaXKAhRfRScqDkULDMuG WRwco4HpFmpJxuBUzPLhysLhi0Rn6D9yG+YxFnZE4bA== - ------------------------------------------------------------------------ This message digitally signed with Privacy Enhanced Mail. Get your copy of the Internet reference implementation from "pem-info@tis.com". - ------- Forwarded Message Message-ID: <199302092258.AA00118@zephyr.isi.edu> Sender: ietf-announce-request@IETF.CNRI.Reston.VA.US From: "Joyce K. Reynolds" To: IETF-Announce:;@IETF.CNRI.Reston.VA.US cc: jkrey@isi.edu Date: Tue, 09 Feb 93 14:56:45 PST Subject: RFC1423 on PEM: Algorithms, Modes and Identifiers - - --NextPart A new Request for Comments is now available in online RFC libraries. RFC 1423: Title: Privacy Enhancement for Internet Electronic Mail: Part III: Algorithms, Modes, and Identifiers Author: D. Balenson Mailbox: balenson@tis.com Pages: 14 Characters: 33,277 Obsoletes: RFC 1115 This document provides definitions, formats, references, and citations for cryptographic algorithms, usage modes, and associated identifiers and parameters used in support of Privacy Enhanced Mail (PEM) in the Internet community. This is one of a series of documents defining privacy enhancement mechanisms for electronic mail transferred using Internet mail protocols. This document is the outgrowth of a series of meetings of the Privacy and Security Research Group (PSRG) of the Internet Research Task Force (IRTF) and the PEM Working Group of the Internet Engineering Task Force (IETF). This is now a Proposed Standard Protocol. This RFC specifies an IAB standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "IAB Official Protocol Standards" for the standardization state and status of this protocol. Distribution of this memo is unlimited. This announcement is sent to the IETF list and the RFC-DIST list. Requests to be added to or deleted from the IETF distribution list should be sent to IETF-REQUEST@CNRI.RESTON.VA.US. Requests to be added to or deleted from the RFC-DIST distribution list should be sent to RFC-REQUEST@NIC.DDN.MIL. Details on obtaining RFCs via FTP or EMAIL may be obtained by sending an EMAIL message to "rfc-info@ISI.EDU" with the message body "help: ways_to_get_rfcs". For example: To: rfc-info@ISI.EDU Subject: getting rfcs help: ways_to_get_rfcs Requests for special distribution should be addressed to either the author of the RFC in question, or to NIC@NIC.DDN.MIL. Unless specifically noted otherwise on the RFC itself, all RFCs are for unlimited distribution. Submissions for Requests for Comments should be sent to RFC-EDITOR@ISI.EDU. Please consult RFC 1111, "Instructions to RFC Authors", for further information. Joyce K. Reynolds USC/Information Sciences Institute ... Below is the data which will enable a MIME compliant Mail Reader implementation to automatically retrieve the ASCII version of the RFCs. - - --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" - - --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mail-server@nisc.sri.com" Content-Type: text/plain SEND rfc1423.txt - - --OtherAccess Content-Type: Message/External-body; name="rfc1423.txt"; site="nic.ddn.mil"; access-type="anon-ftp"; directory="rfc" Content-Type: text/plain - - --OtherAccess-- - - --NextPart-- - ------- End of Forwarded Message -----END PRIVACY-ENHANCED MESSAGE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fen@genmagic.genmagic.com (Fen Labalme) Date: Tue, 9 Feb 93 18:29:09 PST To: cypherpunks@toad.com Subject: ["Joyce K. Reynolds": RFC1424 on Key Certification and Related Services] Message-ID: <9302100228.AA06016@> MIME-Version: 1.0 Content-Type: text/plain Date: Tue, 09 Feb 93 20:47:53 -0500 From: James M Galvin Sender: pem-dev-relay@TIS.COM -----BEGIN PRIVACY-ENHANCED MESSAGE----- Proc-Type: 4,MIC-CLEAR Content-Domain: RFC822 Originator-ID-Asymmetric: MEYxCzAJBgNVBAYTAlVTMSQwIgYDVQQKExtUcnV zdGVkIEluZm9ybWF0aW9uIFN5c3RlbXMxETAPBgNVBAsTCEdsZW53b29k,02 MIC-Info: RSA-MD5,RSA,ev2s1woCBNlMsuccJpIUAAEuV9gQZZs5hbHG3fCPYxb hxSChOjQSJRO3cIf6/GyzyJYhRt7jZDc9VH+YLuPMeg== - ------------------------------------------------------------------------ This message digitally signed with Privacy Enhanced Mail. Get your copy of the Internet reference implementation from "pem-info@tis.com". - ------- Forwarded Message Message-ID: <199302092258.AA00165@zephyr.isi.edu> Sender: ietf-announce-request@IETF.CNRI.Reston.VA.US From: "Joyce K. Reynolds" To: IETF-Announce:;@IETF.CNRI.Reston.VA.US cc: jkrey@isi.edu Date: Tue, 09 Feb 93 14:56:52 PST Subject: RFC1424 on Key Certification and Related Services - - --NextPart A new Request for Comments is now available in online RFC libraries. RFC 1424: Title: Privacy Enhancement for Internet Electronic Mail: Part IV: Key Certification and Related Services Author: B. Kaliski Mailbox: burt@rsa.com Pages: 9 Characters: 17,537 Updates/Obsoletes: none This document describes three types of service in support of Internet Privacy-Enhanced Mail (PEM): key certification, certificate- revocation list (CRL) storage, and CRL retrieval. This is one of a series of documents defining privacy enhancement mechanisms for electronic mail transferred using Internet mail protocols. This document is the product of many discussions at RSA Data Security, at Trusted Information Systems, and on the mailing list. This document is the product of the Privacy-Enhanced Electronic Mail Working Group. This is now a Proposed Standard Protocol. This RFC specifies an IAB standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "IAB Official Protocol Standards" for the standardization state and status of this protocol. Distribution of this memo is unlimited. This announcement is sent to the IETF list and the RFC-DIST list. Requests to be added to or deleted from the IETF distribution list should be sent to IETF-REQUEST@CNRI.RESTON.VA.US. Requests to be added to or deleted from the RFC-DIST distribution list should be sent to RFC-REQUEST@NIC.DDN.MIL. Details on obtaining RFCs via FTP or EMAIL may be obtained by sending an EMAIL message to "rfc-info@ISI.EDU" with the message body "help: ways_to_get_rfcs". For example: To: rfc-info@ISI.EDU Subject: getting rfcs help: ways_to_get_rfcs Requests for special distribution should be addressed to either the author of the RFC in question, or to NIC@NIC.DDN.MIL. Unless specifically noted otherwise on the RFC itself, all RFCs are for unlimited distribution. Submissions for Requests for Comments should be sent to RFC-EDITOR@ISI.EDU. Please consult RFC 1111, "Instructions to RFC Authors", for further information. Joyce K. Reynolds USC/Information Sciences Institute ... Below is the data which will enable a MIME compliant Mail Reader implementation to automatically retrieve the ASCII version of the RFCs. - - --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" - - --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mail-server@nisc.sri.com" Content-Type: text/plain SEND rfc1424.txt - - --OtherAccess Content-Type: Message/External-body; name="rfc1424.txt"; site="nic.ddn.mil"; access-type="anon-ftp"; directory="rfc" Content-Type: text/plain - - --OtherAccess-- - - --NextPart-- - ------- End of Forwarded Message -----END PRIVACY-ENHANCED MESSAGE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fen@genmagic.genmagic.com (Fen Labalme) Date: Tue, 9 Feb 93 20:47:39 PST To: cypherpunks@toad.com Subject: ["Joyce K. Reynolds": RFC1422 on Certificate-Based Key Management] Message-ID: <9302100447.AA06381@> MIME-Version: 1.0 Content-Type: text/plain Date: Tue, 09 Feb 93 20:46:59 -0500 From: James M Galvin Sender: pem-dev-relay@TIS.COM -----BEGIN PRIVACY-ENHANCED MESSAGE----- Proc-Type: 4,MIC-CLEAR Content-Domain: RFC822 Originator-ID-Asymmetric: MEYxCzAJBgNVBAYTAlVTMSQwIgYDVQQKExtUcnV zdGVkIEluZm9ybWF0aW9uIFN5c3RlbXMxETAPBgNVBAsTCEdsZW53b29k,02 MIC-Info: RSA-MD5,RSA,SdwD9j3bEJftgUxTr4Oxa2StKH4giFOjvS5ey4B578J pEMgQYtXDXhzX4eNKmV23FducCqWXBaOHL2zvK7jK5A== - ------------------------------------------------------------------------ This message digitally signed with Privacy Enhanced Mail. Get your copy of the Internet reference implementation from "pem-info@tis.com". - ------- Forwarded Message Message-ID: <199302092258.AA00113@zephyr.isi.edu> Sender: ietf-announce-request@IETF.CNRI.Reston.VA.US From: "Joyce K. Reynolds" To: IETF-Announce:;@IETF.CNRI.Reston.VA.US cc: jkrey@isi.edu Date: Tue, 09 Feb 93 14:56:39 PST Subject: RFC1422 on Certificate-Based Key Management - - --NextPart A new Request for Comments is now available in online RFC libraries. RFC 1422: Title: Privacy Enhancement for Internet Electronic Mail: Part II: Certificate-Based Key Management Author: S. Kent Mailbox: kent@BBN.COM Pages: 32 Characters: 86,085 Obsoletes: RFC 1114 This is one of a series of documents defining privacy enhancement mechanisms for electronic mail transferred using Internet mail protocols. This memo is the outgrowth of a series of meetings of the Privacy and Security Research Group of the Internet Research Task Force (IRTF) and the Privacy-Enhanced Electronic Mail Working Group of the Internet Engineering Task Force (IETF). The author would like to thank the members of the PSRG and the PEM WG for their comments and contributions at the meetings which led to the preparation of this document. The author also would like to thank contributors to the PEM-DEV mailing list ("pem-dev@tis.com") who have provided valuable input which is reflected in this memo. This is now a Proposed Standard Protocol. This RFC specifies an IAB standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "IAB Official Protocol Standards" for the standardization state and status of this protocol. Distribution of this memo is unlimited. This announcement is sent to the IETF list and the RFC-DIST list. Requests to be added to or deleted from the IETF distribution list should be sent to IETF-REQUEST@CNRI.RESTON.VA.US. Requests to be added to or deleted from the RFC-DIST distribution list should be sent to RFC-REQUEST@NIC.DDN.MIL. Details on obtaining RFCs via FTP or EMAIL may be obtained by sending an EMAIL message to "rfc-info@ISI.EDU" with the message body "help: ways_to_get_rfcs". For example: To: rfc-info@ISI.EDU Subject: getting rfcs help: ways_to_get_rfcs Requests for special distribution should be addressed to either the author of the RFC in question, or to NIC@NIC.DDN.MIL. Unless specifically noted otherwise on the RFC itself, all RFCs are for unlimited distribution. Submissions for Requests for Comments should be sent to RFC-EDITOR@ISI.EDU. Please consult RFC 1111, "Instructions to RFC Authors", for further information. Joyce K. Reynolds USC/Information Sciences Institute ... Below is the data which will enable a MIME compliant Mail Reader implementation to automatically retrieve the ASCII version of the RFCs. - - --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" - - --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mail-server@nisc.sri.com" Content-Type: text/plain SEND rfc1422.txt - - --OtherAccess Content-Type: Message/External-body; name="rfc1422.txt"; site="nic.ddn.mil"; access-type="anon-ftp"; directory="rfc" Content-Type: text/plain - - --OtherAccess-- - - --NextPart-- - ------- End of Forwarded Message -----END PRIVACY-ENHANCED MESSAGE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Miron Cuperman Date: Tue, 9 Feb 93 23:52:32 PST To: mjr@netcom.com (Matthew Rapaport) Subject: The role of pools Message-ID: <199302100735.AA16769@xtropia> MIME-Version: 1.0 Content-Type: text/plain A pool is used for *replying* to anon mail. The problem is that it's hard to build a system that allows replies to anon email and still maintains absolute security. One way is to broadcast the reply. A pool does just that - it's basically a mailing list. It could be a newsgroup. Since any of the subscribers to the pool could be the intended recipient of any particular message, it would be very hard to use the pool to trace the anonymous recipient. -- Miron Cuperman | NeXTmail/Mime ok | Public key avail AMIX: MCuperman | cyberspacecomputingcryptoimmortalitynetworkslaissezfaire From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: sdw@sdwsys.lig.net (Stephen D. Williams) Date: Tue, 9 Feb 93 21:23:07 PST To: jim@tadpole.com (Jim Thompson) Subject: Re: Compressed/Encrypted Voice using Modems In-Reply-To: <9302071056.AA00916@ono-sendai> Message-ID: <9302100519.AA12969@sdwsys.lig.net> MIME-Version: 1.0 Content-Type: text/plain > > I don't see how a 28.8kbps (raw) data rate is possible, as the Shannon > limit for a POTS line is 22kbps. Certainly parts of the phone system > no longer impose the narrow bandwidth that are part of the 'spec', but > one can not always depend on getting a line that exceedes the published > parameters of the phone system. My impression was that most of the new systems dealt with variable bandwidth automatically. 28.8kbps might only be acheived on a higher quality line. The stated rates are max, not nominal. > ... > I'm also fairly sure that recent Zyxel modems (e.g. the U-1496) use > this Rockwell chip(set), and not a dedicated DSP. They told me they use their own design 'datapump', and I know they use a 68K (I swapped the rom in mine). > > Jim > Also, from a previous note, you wouldn't want to turn off V.42/V.42bis since that is where the error correction is. Also, even on compressed data, you get some additional bandwidth because it does packetized synchronous data. This gets close to 8bits/byte instead of 10 (start, stop). I get around 1760cps for LZW (zoo/compress) data. This is Zyxel to non-zyxel (Cerfnet or World). sdw From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl Barrus Date: Tue, 9 Feb 93 22:58:55 PST To: cypherpunks@toad.com Subject: anonymous script Message-ID: <199302100657.AA06626@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain Cypherpunks, Out of curiosity, what are the approximate computer ratios among this list? That is, how many people use MSDOS, how many use Mac's, how many Amigas, many have Unix, how many have VMS? I'm just curious because it recently struck me that not everyone here is running Unix, and thus can't really use the scripts I've written (which help use the anonymous remailers). So I wrote a helper program in C++ for MSDOS, but after looking at the code, I've decided to bury it and replace it with the following MSDOS script (at bottom of this message). Also, I'm curious because I'm thinking of writing some help programs for the digital bank, which will help automate interactions with the bank. ------8< cut here >8------ @echo off rem anonmail.bat - MSDOS script to assist in using the anonymous remailers rem Karl L. Barrus - elee9sf@menudo.uh.edu if '%3'=='' goto help echo :: > zzztemp1.txt echo Request-Remailing-To: %2 >> zzztemp1.txt echo. >> zzztemp1.txt if '%3'=='1' goto noencrypt if '%3'=='2' goto noencrypt if '%3'=='3' goto noencrypt if '%3'=='4' goto encrypt if '%3'=='5' goto encrypt if '%3'=='6' goto encrypt if '%3'=='7' goto encrypt if '%3'=='8' goto encrypt if '%3'=='9' goto special echo Improper choice. goto done :noencrypt copy zzztemp1.txt + %1 zzztemp3.txt goto done :encrypt if '%3'=='4' set pgpremail=hal@alumni.caltech.edu if '%3'=='5' set pgpremail=remailer@rebma.mn.org if '%3'=='6' set pgpremail=elee7h5@rosebud.ee.uh.edu if '%3'=='7' set pgpremail=phantom@mead.u.washington.edu if '%3'=='8' set pgpremail=hfinney@shell.portal.com echo :: > zzztemp2.txt echo Encrypted: PGP >> zzztemp2.txt echo. >> zzztemp2.txt pgp -ea zzztemp1.txt %pgpremail% copy zzztemp2.txt + zzztemp1.asc + %1 zzztemp3.txt goto done :special if '%3'=='9' set pgpremail=remail@extropia.wimsey.com copy zzztemp1.txt + %1 zzztemp2.txt pgp -ea zzztemp2.txt %pgpremail% copy zzztemp2.asc zzztemp3.txt goto done :help echo Usage: anonmail filename destination_address remailer_number echo 1: hh@pmantis.berkeley.edu no encryption echo 2: hh@cicada.berkeley.edu no encryption echo 3: hh@soda.berkeley.edu no encryption echo 4: hal@alumni.caltech.edu encryption echo 5: remailer@rebma.mn.org encryption echo 6: elee7h5@rosebud.ee.uh.edu encryption echo 7: phantom@mead.u.washington.edu encryption echo 8: hfinney@shell.portal.com encryption echo 9: remail@extropia.wimsey.com special echo NOTE: final output will be placed in the filename specified :done del %1 rename zzztemp3.txt %1 del zzz*.* /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: miron@extropia.wimsey.com Date: Wed, 10 Feb 93 02:51:55 PST To: cypherpunks@toad.com Subject: Re: Compressed/Encrypted Voice using Modems In-Reply-To: <9302071056.AA00916@ono-sendai> Message-ID: <1993Feb10.101337.17788@extropia.wimsey.bc.ca> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- sdw@sdwsys.lig.net (Stephen D. Williams) writes: >Also, from a previous note, you wouldn't want to turn off V.42/V.42bis >since that is where the error correction is. Also, even on compressed >data, you get some additional bandwidth because it does packetized >synchronous data. This gets close to 8bits/byte instead of 10 (start, >stop). I think that you *do* want to turn off V.42. V.42 does error correction by using error detection and retransmission. This introduces variable delay and throughput, which are unacceptable in a real-time application like voice. I think that error correction through error correction codes is the way to go. - -- Miron Cuperman | NeXTmail/Mime ok | Public key avail AMIX: MCuperman | cyberspacecomputingcryptoimmortalitynetworkslaissezfaire -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK3i7lZNxvvA36ONDAQF3sQP+Ibesz2FVTGLfWL0Xsjj5X1jFkEU807va +qpmDLDGghgdM5xCpc+Xv8Zl8lJx356WMPrbZfdshumXtmjsqf33Wq6fcAUse87k 6nsPiTkDpWnsga9g6oKUjPjTuQUcdk7VzrosJ+l3MAnvhQ0bD1TJD2ySIQk8NIPV +uGM5Ore+6Q= =7ViZ -----END PGP SIGNATURE----- New signature on my key: -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.1 mQCNAiqvJ10AAAED/jXfntqmsRjJRYoxYTxLO7obzMfzgUNtSDEawb3Suj4UO1xq uARc25PJNAHQhIa83Yxf9z/R/3AjwmYrZqxvB2RkLPTjTmzQd04fypsZToiR/TlM 5F43JCuCM779mAir9Idy1CQzXQ2bn89eUZaVhOUJzNgndl+wLpNxvvA36ONDAAUR tCxJbW1vcnRhbCBGcmVlZG9tIDxtaXJvbkBleHRyb3BpYS53aW1zZXkuY29tPokA lQIFECtQgZGoEwOvWCFMNwEB4ecD+wdqaIGhJgfhlY+ypQwmgN3ytgUi/MjgmUdT B2qfjRj0uhyXOPegSQ+n0ZF4wHEo1a2osdAo387iYHNebqAOv1+3xM10beI/RNT1 dZwUcm/LXwuCRACAqlL5lB5cQNy4ZbG/QvioAWYqqq6g9ftiI6Z1nkvZ6mIb9QZv WBCysIj8iQCVAgUQKxc8tJNxvvA36ONDAQG/bQP+Mgq7zP0M/7BMstZhllrH3Cck nNGQP3/+QUALSKzosw0xJJfTIbA4+aoQjvXQFKi+5MCU0GaoGsyuXQGnluzGkI3w XDcxzR7Hl97V5+hyRWNc0sw/QbimWvQAUwDgpc0T4x/AsUx34Zx3G5+ujTIqgHKC wfBD6ib6u61E8jLz38+JAEUCBRArDHAdS60iYsR4D/cBAZCdAXwPRl2uvP6QwCC4 4A0GFufGbm3NqThNaDfuGn+JTYIR8htb8hRUg8SM2G8zpyNnWNA= =AVXx -----END PGP PUBLIC KEY BLOCK----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: thug@phantom.com (Murdering Thug) Date: Wed, 10 Feb 93 08:47:10 PST To: cypherpunks@toad.com Subject: Re: Compressed/Encrypted Voice using Modems In-Reply-To: <1993Feb10.101337.17788@extropia.wimsey.bc.ca> Message-ID: MIME-Version: 1.0 Content-Type: text/plain miron@extropia.wimsey.com (Miron Cuperman) writes: > sdw@sdwsys.lig.net (Stephen D. Williams) writes: > > >Also, from a previous note, you wouldn't want to turn off V.42/V.42bis > >since that is where the error correction is. Also, even on compressed > >data, you get some additional bandwidth because it does packetized > >synchronous data. This gets close to 8bits/byte instead of 10 (start, > >stop). > > I think that you *do* want to turn off V.42. V.42 does error > correction by using error detection and retransmission. This > introduces variable delay and throughput, which are unacceptable in > a real-time application like voice. > > I think that error correction through error correction codes is > the way to go. Exactly. v.42/v.42bis packetizes the data stream and, depending on the CODEC, would have adverse effects on voice quality. I don't know if CELP requires an error-free transmittion stream from codec to codec. If it doesn't then that's great, I hope it self-synchronizes itself after a byte or two of garbage coming through. Big deal, so you hear a click or pop of static, so what.. you get that with analog lines. On the other hand, since this stream will also be encrypted, it is unlikely that errors could not mangle the entire conversation, and screw up the encryption. A single byte of garbage can unsync both encryption/decryption sides and things could get very messy. Here's how to deal with error checking/correction. You CAN use v.42/v.42bis if both crypto-phones offer somekind of FIFO chip in between the modem and the crypto-chip. This can smooth out a packety/bursty stream into a smooth 24kbps data stream. However, the resending of large packets by v.42 might cause some wierd sound delays similar to what you hear on satellite circuits. The best solution, as suggested by Miron is to use forward error correction. There is plenty of bandwidth in a 19.2/21.6/24.0/28.8 kbps connection to send CELP nybbles or bytes each along with their own ECC code. I believe a 4 bits of CELP would require 3 bits of ECC. In any case, there is enough bandwidth on a 19.2 kbps modem carrier to send a fully encrypted and fully forward error corrected 9600 bps CELP stream. Let's assume we use a 4-bit ECC code for each 4 bits of data, thus doubling our bandwidth. Here's how it would look: 9.6kbps 19.2kbps sending: | | v v voice ----> CELP ------------> IDEA --- ECC -------------v coder 9.6kbps encryption coding raw 19.2 modulation v 9.6kbps 19.2k | receiving: | | | v v | voice <---- CELP <------------ IDEA <------ ECC ------+ decoder 9.6kbps decryption correction Thug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Wed, 10 Feb 93 11:57:33 PST To: cypherpunks@toad.com Subject: Timed-Release Crypto Message-ID: <9302101955.AA09009@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Cypherpunks, I want to share with you folks some preliminary ideas on "timed-release cryptographic protocols," that is, methods for sending encrypted messages into the future. These ideas need more work, but since I have recently mentioned them to Hal Finney, Max More, Mark Miller, and perhaps others, I guess it's time to say something here. Why would anyone want to send encrypted (sealed) messages into the future? 1. Foremost, to send money into the future, while protecting it in the meantime from seizure, taxation, etc. This might be of interest to cryonics folks who want to arrange for their own revival/reanimation at some time in the future. (Existing systems have relied on creating endowments, insurance contracts, trust funds, and the like. The trust of the agent is the means for sending funds into the future--clearly this agent could be compromised, raided, taxed, put out of business, etc. Though I am personally not a cryonics client, I began thinking about this problem in 1989 and talked it over with Phil Salin, who, ironically, is now himself in cryonic suspension.) 2. To fulfill contracts with long payoff dates. One might wish to deliver money at some future date, or to supply information at some future date. 3. "In the event of my death"-type messages, with guaranteed delivery of some message or text in the event that something happens (or, of course, that the message is not "countermanded" by the sender). 4. A software publisher might place source code in a timed-release escrow, agreeing to release the code in 10 years, for whatever reason. (Of course, he may lie, but that's another issue. Possibly the digital time-stamping work of Haber and Stornetta can be used.) I'm sure you can think of other uses. I argue that this timed-release message is a kind of cryptographic primitive...though it may be argued that it's just a variant of an ordinary message transmission, albeit one through time instead of through space. Diving right in, some approaches: A message is encrypted (standard public key means, though private key methods work the same way) and "sent out." Perhaps into a network of remailers or a Cuperman-style "pool" (BTW, my compliments to Miron C. for deploying such a thing..the first of many, I suspect). The encrypted message is just a "passive" item in this scheme...it stays encrypted, is available to all, etc. (in other words, the security of the message being time-released does not in any way depend on hiding the existence or location of the encrypted message, though of course it is important that the encrypted message be widely distributed and not explicitly advertised or tagged as being a timed-release message. (Detail note: Why not? Because some governments may see timed-release messages as automatically being tax-avoiding, cryonics-supporting, seditious, etc., messages and may attempt to hunt down and erase any such messages...perhaps via "hunter-killer crypto viruses" or somesuch.) Let us suppose the encrypted message is to be unlocked in 30 years. (It could also be when some recognized event occurs, such as a Mars landing or the death of the sender, or whatever...you'll see how this works). How can the decryption key be prevented from being used in the meantime? (To make this clear: both the encryted message _and_ the decryption key are "in circulation" during all of those 30 years. Any scheme that relies on the sender himself keeping the decryption key "secret" for those 30 years is of course no fun at all...it's just what we have today and involved no new cryptographic primitives, just ordinary human-mediated secrecy.) But if the encrypted message and the decryption key are both in circulation for all of those 30 years, what's to keep someone from decrypting the message in _one_ year, for example? The answer: independent escrow agents who handle large volumes of messages and agree to hold them for various amounts of time. Because they have no idea of what's insided the encrypted messages they hold--and some may be "test" messages deposited deliberately by reputation-rating or credentialling agencies, such as "Consumers Crypto Guide"--and because their business is holding things in escrow, they will not generally open messages before the time specified. "Aha!," I hear you exclaim, "Tim's scheme depends solely on the trust of these escrow agents, and that's no different from depositing a sealed envelope with your friendly lawyer and asking him to promise not to peek." Here's how crypto and reputation-based sytems make my scenario different (and stronger, I am arguing): - an ecology of many escrow services, many pools, many encrypted-message senders makes for a more robust system against subversion of any single agent. - no escrow agent knows what is contained in a sealed message, hence the tempation to peek is reduced. (A wrinkle: escrow agents, like remailers, will probably go to automatic hardware that is tamper-resistant (cf. discussion of tamper-resistant or tamper-responding, modules in the Crypto Glossary distributed at the first physical Cypherpunks meeting and available in the archives). Thus, the hardware will automatically execute certain protocols and make peeking a pain.) - the best escrow agents (someday) may in turn increase security and their own reputations by in turn using secondary contracts, i.e., by contracting with _other_ escrow agents to seal parts or all of their messages. - what results is that the original message is scattered around in various publicly available locations (perhaps paid-for by dribbles of cryto-money from crypto escrow agents, but this is a detail easily worked out in various ways). The decryption key to the original message is itself broken up into several or many pieces and scattered to a network of "remailer"-like agents (they are essentially "remailers into the future," by agreeing as part of their protocol to hold messages for some amount of time). As time passes, these various messages (pieces, remember) are retrieved, forwarded, and generally bounced around the network. - some escrow agents may be just "fixed delay" nodes. For example, "Alice's Rest Stop" remailer node widely advertises that it will take in messages and simply delay them for some fixed time, e.g., for a year. For some fee based on message size. (Clearly the fixed time delay is a crufty approach, much less flexible than variable delays negotiated by the messages themselves, but it makes the idea clearer in some ways: a network of many such one-year delays could thus "send" a message into the future in one-year jumps.) (It is important to remember that these messages are "first-class objects," to borrow a phrase, and that all messages essentially look the same and have the same "rights" (Dean Tribble is probably barfing at my appropriation of object-oriented lingo, but it seems appropriate). That is, inspection of the bytes will not reveal to someone whether the message is a $2 message, a simple love letter, a business contract, a remailed item, a $100K cryonics payment, etc. Thus, the "authorities" cannot simply target some class of messages and ban them or launch "hunter-killer crypto viruses" against them, at least not without shutting down the whole system!) - the individual pieces may have instructions attached, such as "You will be paid 10 crypto credits if you hold me for one year and then decrypt me." (Not to belabor the point, but the means by which this "contract" can be enforced are that the escrow agents never know when they're being tested, when they're being monitored by rating services. This kind of "trust" is what allows ordinary deposit banks to work...their business is talking deposits and lending money, not repudiating the honest claims of customers.) - thus, I envision a swarm of messages being stored-and-forwarded in space and time, with an observor seeing only bits flowing around. Nobody except the original "launcher" (who needs to be fairly careful about the path he selects, about robustness against some fraction of the escrow/remailer agents going out of business, etc.) knows what's going on. - and as the end of the 30 years period approaches, to continue with the example I started with, the decryption key gets "reconstituted" in various ways (depends on what is desired, and how protocols evolve...I don't claim to have the details already worked out). For example, after 30 years the various messages stored in escrow accounts are forwarded separately to "The Immortalist Foundation," which may in fact be a digital pseudonym (as we have discussed so many times here). This entity puts the pieces together, sort of like combining the missing pieces of a text and reconstituting a genie or demon, and finds it can now unlock the original encrypted message. It finds, say, a million crypto credits, or the location of some physical treasure, or whatever. (Needless to say, there are some obvious questions about what long-term money will be stable, what banks will still exist after 30 years, and so on. I expect new forms of time deposits to evolve. Can the original sender be expected to know what will evolve before he seals his original message? Some obvious issues to work on--I never claimed it would be trivial, or static. One approach is to allow some human intervention, where an "investment agent" opens a digital money message, redeems it, and reinvests it in some new instrument. As usual, he would not know who the original investor was and would be "tested" by reputation-rating agencies. It _does_ get complicated, I know.) The Key Point: Messages sent into this network of remailers, escrow accounts, pools, and investment agents are untraceable to the sender and are generally unidentifiable. To break a single message involves breaking the entire system (or colluding with enough remailer nodes, as in any DC-Net sort of system). As with remailer networks, the expectation is that they will become sufficiently pervasive and trans-nationalized that breaking the entire system is just too painful and difficult (much the way the Net is already too pervasive to easily shut down, even if some uses of it are undesirable to various national authorities). Timed-release messages are objects that can be transmitted, encrypted, and can carry further instructions on where to mail them next, on how much digital money to pay to this next link, and various other instructions or protocols. (In other words, they are "agents" that can negotiate various contracts, for remailing , for storage, etc. Since they are "powerless" in a human sense, their security is provided by double-checks--perhaps by other agents who are watching and waiting--and by the general "shell-game" system of reputations, credentialling, and so on.) To make this scheme clearer in a simple way, I could publicly post an encrypted message to this list, or in one of the "pools," and then scatter the decryption key in several pieces with several members of this list, paying them $1 each to "hold" their piece for, say, a month. At the end of the month, they would fulfill their end of the bargain by forwarding the piece they hold to some public place or pool and the decryption key would be reconstituted (don't press me for exact details....PGP doesn't support this directly, but could). For robustness against loss of some of the messages, an n-out-of-m voting scheme could be used (e.g., any 5 of 8 pieces are sufficient to reconstruct the decryption key). The result is a message from the past, a timed-release message. I'm anxious to hear your comments. I think such a cryptographic primitive could be useful for a lot of purposes. -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: waiting for the dust to settle. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: John.Nieder@f33.n125.z1.FIDONET.ORG (John Nieder) Date: Thu, 11 Feb 93 08:07:30 PST To: cypherpunks@toad.com Subject: E Pluribus Doodah Message-ID: <4843.2B79C930@fidogate.FIDONET.ORG> MIME-Version: 1.0 Content-Type: text/plain from: john.nieder@f33.n125.z1.fidonet.org * Reply to msg originally in Cypherpunks BK> Currently, Jock Gill is BK> working in an office located in the Old Executive Office Building BK> across the street from the White House. At this point, he is BK> working alone, without a staff. This week's news indicates to me this will probably not improve. BK> The White House itself employs a large BK> staff to handle snail mail. According to Monday night's news, this is from where these vaunted "symbolic" 25% White House staff cuts will come. BK> All things in their time. Once the BK> E-mail address was circulated together with the heading the "White BK> House", everyone understandably believed a real system was up and BK> running. Yes, silly us. BK> SUGGESTION: Use the compuserve address you have judiciously, BK> reserving it for absolutely vital contacts. Oh, yes, _certainly_! The _vital_ stuff should go into a nonexistant system. Naturally! BK> Until such time that a BK> real public access White house E-mail system is operational, BK> consider relying on the traditional means of contacting the BK> administration. Given what they had to start with from the BK> previous administration (scratch), I have every reason to expect BK> that Jeff Eller and Jock Gill will work well--and as quickly as BK> possible--to get an interactive system up and running. But it will BK> take time and patience. Can anyone say, "VAPORWARE"? BK> We can all help them achieve that effort BK> best if we refrain from acting as if that non-existent system were BK> already in place. PLEASE HELP RELAY THIS CONTEXT AND SUGGESTION TO BK> OTHER NETWORKS AND INDIVIDUALS. Thanks. Pass it around? You bet. It's f*cking _hilarious_! My guess is that this gaffe will (or at least ought to) get Gill fired, assuming he survives this "symbolic" staff downsizing. I might add that nothing could be more "symbolic" than the announcement that the cuts will come from those who actually respond to public input. This "go away & don't bother us" move on the part of the Clinton administration indicates that it obviously doesn't care _what_ America thinks. . There is a _bright side_ to this, however: Would such an indifferent administration spend resources trying to break our codes when it doesn't care what we have to say anyway? 8-) JN ... We want information./You won't get it!/By hook or by crook, we _will_! --- Blue Wave/Opus v2.12 [NR] -- John Nieder - via FidoNet node 1:125/555 UUCP - ...!uunet!hoptoad!kumr!fidogate!33!John.Nieder INTERNET - John.Nieder@f33.n125.z1.FIDONET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ld231782@longs.lance.colostate.edu Date: Wed, 10 Feb 93 14:12:43 PST To: cypherpunks@toad.com Subject: Re: Timed-Release Crypto In-Reply-To: <9302101955.AA09009@netcom.netcom.com> Message-ID: <9302102211.AA22756@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain This is neat idea, T.C. May. Here are some things that popped into my head thinking of it. I think the idea of multiple encryption of the time-delay message would be extremely useful here. Imagine this. You encrypt a message with as many layers as there are intermediate escrows. In other words, a message is encrypted with layer1 pw, then reencrypted with layer2 pw, then layer3, etc. In the decryption message (separate) there is a long sequence of keys. The lower-level keys closer to the actual message are also encrypted by the higher-level keys. Now, suppose that the way the message is held is this: after 1 level of protection has elapsed, the password message and the encryption message are recombined to a single escrow agent. That agent uses the top-level information (one key is plaintext (maybe not), or encrypted with that agent's public key, or whatever) to decode the top-level of encryption. Then, he again redistributes the next-lower-level of encryption password message and actual message to unique escrow agents. The beauty of this is that a given escrow agent, even once he gets a password, can only strip off "his" topmost level of encryption (at least, that's the intent). He is powerless to decrypt all the lower levels and hence the message itself. Therefore to actually decrypt a message ahead of time would require the collusion of many operators. The message should have some kind of indications at each level when it is to be "reconstituted" (just add water), and escrow agents of course should hold or reject messages that are sent to them for premature decryption. There is also the distinction of "joiners" and "storers" although the two could be combined in some way (both are "forwarders"). The final destination should be the destination the original owner intended, so that there is no final escrow agent that can decrypt the message. He only has an encoded message he can pass along, and another agent only has a meaningless key and the final address as well. When the final destination is reached, the last layer of decryption can be removed by the intended recipient (the money is in -X- account, password -Y- or whatever). I.e., the recipient is the final "joiner". The idea of separating keys and the encoded messages is really ingenious, and I'd guess this "disassociation" has other uses as well. An encrypted message with a password *existing* but *inaccessable* is just as secure as a message using conventional encryption. In fact, there is probably an added dimension of security---in most systems *somebody* knows the key, but here, if it is generated automatically, even the *key* is unknown for awhile! Another possibility is to have some kind of standard protocol for time encrypted messages (this is interesting and seems feasible). Let's say I want a message [x] to be unencrypted on date [y]. I call a "time encryption server" and ask for the secret key associated with my message and date [y]. I encrypt the message and publicize that version. The time server is constantly spewing out the daily code for messages that expire on that date. Anybody just listens to the broadcast and decrypts the messages in their possession using the key. Note however that it is crucial that somehow the key depend on the message itself (via the hashing approaches), otherwise everybody knows everybody else's keys ahead of time just by submitting messages to the server for the particular date. I suppose public-key encryption could be used here but I'm hazy on the details. P.S. this is a really tricky situation compared to above, but it might be possible to make messages with "insecure" passwords that can be broken in a few lifetimes from searches. Of course, this depends very crucially on the pace of technology and the resources devoted to the cracking, two highly variable factors. Also, keep in mind that every message in existence relying on complexity of algorithms is encrypted based on the time-delayed release of revolutionary and unforeseen computer techniques in cracking... or, more specifically, the gamble that they will not occur... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: deltorto@aol.com Date: Wed, 10 Feb 93 12:20:37 PST To: cypherpunks@toad.com Subject: Speaking in Tongues Message-ID: <9302101519.tn42504@aol.com> MIME-Version: 1.0 Content-Type: text/plain >>From: dmandl@shearson.com >>Subj: Re: E Pluribus Unum >> >>> From: deltorto@aol.com >>> >>> Fellow Cyphers, >>> >>> Eric Hughes contributed: >>> >>I applaud the Clinton administration for making itself available via >>> >>email. I do not think it advisable, however, to send a single >>> >>cypherpunks letter. Rather I urge all interested parties to compose >>> >>their own letters [etc., etc., etc., etc.] >> >>I think I've held my tongue long enough. Hmmmm. Perhaps not. :-D ddt PS: I can't afford six months, but I like (the symbolism of) the idea. There are much more effective ways of pulling their plug, no? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl Barrus Date: Wed, 10 Feb 93 13:55:53 PST To: cypherpunks@toad.com Subject: Re: timed-release crypto Message-ID: <199302102154.AA20926@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain Tim May writes: >...I could publicly post an encrypted message to this list, or in one >of the "pools," and then scatter the decryption key in several pieces >with several members of this list, paying them $1 each to "hold" their >piece for, say, a month. At the end of the month, they would fulfill >their end of the bargain by forwarding the piece they hold to some >public place or pool and the decryption key would be reconstituted... Cypherpunks, this is an experiment we can try right here right now. We certainly have the anonymous mail facilities, pools, and encryption, as well as a digital bank we could use to "pay" people :-) Splitting a decryption key is fairly easy: we could use the simple XOR method. Say you want to encrypt a message of length m and split the key among n people. Choose n-1 sequences of m random bits (coin flips, cryptographically strong pseudo-random number sequences, etc) and XOR the message with all the random sequences (call the result M'). Then your split secret is the M' and the n-1 sequences. To recover the message, calculate the XOR of M' and the n-1 sequences. Providing for an n-out-of-m scheme takes more work and number theory, but that can be done as well. /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc.Ringuette@GS80.SP.CS.CMU.EDU Date: Wed, 10 Feb 93 14:56:23 PST To: cypherpunks@toad.com Subject: Crypto goals Message-ID: <9302102256.AA29342@toad.com> MIME-Version: 1.0 Content-Type: text/plain Y'know, just defining "what we should want" is one of the biggest challenges in moving towards the next generation of crypto. How about making a list of features we want, and/or a list of scenarios we want to be able to handle? Uncontroversial features: message privacy message anonymity message untraceability digital cash digital time stamps More difficult/controversial features: message invisibility [e.g. in low bits of video signal] untraceable access to databases [just anonymous email?] electronic black markets [just electronic cash and anonymous email?] electronic voting m-of-n trust schemes time-delay messages [are they useful?] executable but non-disassemblable code [is it possible?] tagging / un-tagging of copyrighted text [what is possible?] [explanation to follow in another message ] I know how to take a crack at implementing all of these except the last two, but would benefit from better theoretical and practical work on all of them. Most of them are obviously useful, and scenarios come easily to mind. Have I missed anything? -- Marc Ringuette (mnr@cs.cmu.edu) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Wed, 10 Feb 93 17:51:26 PST To: kk@well.sf.ca.us Subject: Wired photo shoot at cypherpunks on Saturday Message-ID: <9302110148.AA11268@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Kevin Kelly, editor of Wired Magazine, former list member, and former editor of Whole Earth Review, asked me to forward the following message to the list. OK, everybody, it's your chance for fame or the avoidance thereof. Eric ----------------------------------------------------------------------------- WIRED magazine is running a story by Steven Levy (Hackers, Artificial Life) on crypto rebels and the current politics of encryption. The story takes an extremely sympathetic view of the work done by this list. To illustrate this story, WIRED will have a professional photographer at Cygnus at next Satuday's cyherpunk meeting. He will set up outside of the meeting area somewhere. WIRED would like to shoot an anonymous group picture, for those willing to participate. We propose supplying blank face masks upon with individuals can write their public key. In addition we will be shooting non-anonymous portraits of some individuals, if they are willing. We would like it to be fun. We emphasize that this is all voluntary and will take place away from the meeting area, perhaps before and after the meeting. If you have any questions about this you can email me, Kevin Kelly, editor at WIRED, kk@well.sf.ca.us We think this article will make a big splash by bringing the issues you care about into the forefront. Having real people behind the ideas leads credence to tthe movement. We seek your cooperation. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc.Ringuette@GS80.SP.CS.CMU.EDU Date: Wed, 10 Feb 93 15:05:36 PST To: cypherpunks@toad.com Subject: Tagging copyrighted text Message-ID: <9302102305.AA29462@toad.com> MIME-Version: 1.0 Content-Type: text/plain Tim May and many of us argue that copyrights will become unenforceable as copying bits becomes cheaper and crypto privacy and anonymity becomes more widely available. This will mean that any static collection of bits will just be FREE. Musicians will have to make money on live performances, because they couldn't sell many recordings. Etc. A question I've been thinking about is, will Dow Jones be able to charge for its newswire? Step 1: I subscribe to Dow Jones and then relay each message to a mailing list, charging them a fraction of the original price. Step 2: Dow Jones starts changing random whitespace in the text, in an attempt to "tag" the text untraceably to trace which subscriber is leaking the information. They cancel my subscription. Step 3: I get 20 new subscriptions, and use the redundancy to cancel out Dow Jones's sneaky tagging. Step 4: ... Question: who wins? I haven't been able to work it out yet, but it may just be a simple combinatorial exercise. -- Marc Ringuette (mnr@cs.cmu.edu) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ld231782@longs.lance.colostate.edu Date: Wed, 10 Feb 93 17:49:10 PST To: Marc.Ringuette@GS80.SP.CS.CMU.EDU Subject: Re: Tagging copyrighted text In-Reply-To: <9302102305.AA29462@toad.com> Message-ID: <9302110148.AA26737@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain >Tim May and many of us argue that copyrights will become unenforceable >as copying bits becomes cheaper and crypto privacy and anonymity becomes >more widely available. This will mean that any static collection of >bits will just be FREE. Musicians will have to make money on live >performances, because they couldn't sell many recordings. Etc. Er, I'd say this is another instance of cypherpunk extremism: ``The world as we know it is about to collapse.'' Yes, information will probably be much freer over the nets, and copyright violations probably more difficult to pursue and punish. But think about this: with the speed and ubiquity of networks, it now becomes possible for every author or creative artist to keep the only copies of his work. Then, he could post "links" to it anywhere in the world. When people pass around the work, they wouldn't pass around the work itself, they'd pass the "link". Whenever someone wants to view the work, the link points to the unchanging address for instantaneous downloading. A very small transaction charge is billed to the receiver by the sender. (Of course, people could write stuff that would actually grab and store the text or whatever instead of just "play" it. But I'll bet that most people will eventually say, "why bother?" The direct access will be more convenient and the charge so minimal.) Links could be embedded wherever there is information, like in bibliographies or references or compilations or whatever. There are virtually NO MIDDLEMEN---the investment return to the artist is total. Contrast this to today's vast overhead with records and books, for example (these costs are largely associated with distribution, I'd wager). Of course, the individual artist is free to make contracts with knowledgeable cohorts for album cover design or whatever. The essence of a copyright is really to give a creative artist more control over their own works, and global, high-speed, reliable networks will give artists absolutely unprecedented and unparalleled control (and yes, I admit, a lack of it too). Hey, consider that programmers are artists too. I write some hot program, but I don't distribute it: I run it on one of my systems as a sort of network pipe. People anywhere in the world pipe in their data and get it back with a small transaction fee to me. In fact, what I'm really getting at is treating the entire world like Unix utilities with standard input and output, sort of like electronic vending machines! I can pipe my manuscripts to some address and they pop out edited or published. I drop a file on that goofy icon, and it goes to Bill Clinton. I could hook up pipes between companies to set up my own company! There might be a lot of command line parameters to specify and plenty of glitches reported on stderr, but it could work... This all would happen with commensurate drains on my online account (all digital transactions, of course). Imagine that you could write software that would bill the user! Big companies do it, why not individuals? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Kevin Kelly Date: Wed, 10 Feb 93 19:02:55 PST To: kk@well.sf.ca.us Subject: Re: Wired photo shoot at cypherpunks on Saturday Message-ID: <199302110300.AA18069@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Thanks. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: miron@extropia.wimsey.com (Miron Cuperman) Date: Wed, 10 Feb 93 12:53:21 PST To: cypherpunks@toad.com Subject: Re: Compressed/Encrypted Voice using Modems In-Reply-To: <1993Feb10.101337.17788@extropia.wimsey.bc.ca> Message-ID: <1993Feb10.193843.20507@extropia.wimsey.bc.ca> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- thug@phantom.com (Murdering Thug) writes: >I don't know if CELP requires an error-free transmittion stream from >codec to codec. If it doesn't then that's great, I hope it self-synchronizes >itself after a byte or two of garbage coming through. Big deal, so you hear >a click or pop of static, so what.. you get that with analog lines. CELP resyncs. Not sure how fast. Maybe after a tenth of a second or so. On a side note, we are finishing up an implementation of CELP on the TMS320C5x. This is a 20 MIPS integer chip. We are taking up less than 15 MIPS. We also know how to write error corrected CELP (such that bits that cause more significant degradation are protected better). - -- Miron Cuperman | NeXTmail/Mime ok | Public key avail AMIX: MCuperman | cyberspacecomputingcryptoimmortalitynetworkslaissezfaire -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK3lZpJNxvvA36ONDAQEdNAP9EAcRyDEoREWnftWMQqEGt2arHVttqkRQ PUjPFIsoaIR8s+D7cAjoJUa3Hl6c9n93N7epBKCz0XqbsHdk2ihQJG9vez9oI0wG RnIv3RUK9GfKJ6fhDppagoQESDCTvMyjYjG8XBsk8aFEM0pvPCQkhsZnEbCkzdYu xYSh1f7lsZU= =xy4W -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Wed, 10 Feb 93 22:29:36 PST To: Marc.Ringuette@GS80.SP.CS.CMU.EDU Subject: Re: Tagging copyrighted text In-Reply-To: <9302102305.AA29462@toad.com> Message-ID: <9302110113.AA20486@binkley.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain >> Step 2: Dow Jones starts changing random whitespace in the text, in an >> attempt to "tag" the text untraceably to trace which subscriber is >> leaking the information. They cancel my subscription. They don't just cancel your subscription. They sue your butt into next week. You can make it harder for them to find you, but if you're eating into their profits, they will, and the more effort you've made them go through, the madder they'll be, and the harder their lawyers will bite. There's no way to "tag" a document in such a way that the tag cannot be removed. At worst, I read the document out loud, and have my partner rekey it, while rewriting it slightly. Unless it's something like poetry which you can't just rewrite, this will pretty much sanitize the data against any kind of keying. The fact is, people copy music and software now. It Happens, and as much as they wish it didn't, it does. And when things become more electronic, it will still happen. My guess is that unless such duplication becomes institutionalized, it's not worth the effort to do anything about it. And if you start buying things, copying them, and giving or selling them to lots of other people in an organized way, the real owners will find you. Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc.Ringuette@GS80.SP.CS.CMU.EDU Date: Wed, 10 Feb 93 19:31:29 PST To: cypherpunks@toad.com Subject: Re: Tagging copyrighted text Message-ID: <9302110331.AA05651@toad.com> MIME-Version: 1.0 Content-Type: text/plain Dear ld23178, True, the abandonment of copyright isn't going to happen right away. But I disagree with your claim that on the network of the future the artist will make a few pennies per copy by being the most convenient provider of the information. The author is very unlikely to be the most convenient and least expensive provider of their work, since they have no advantage over specialists in the information providing business. Your point about "unix pipes" across the network is an excellent one, though. Information filtering and processing services will be very valuable and harder to obtain for free. "Insert a 25c electronic coin and a pile of news articles, and I'll filter them for you." -- Marc Ringuette (mnr@cs.cmu.edu) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phil Karn (Phil Karn) Date: Wed, 10 Feb 93 21:14:12 PST To: sdw@sdwsys.lig.net (Stephen D. Williams) Subject: Re: Compressed/Encrypted Voice using Modems Message-ID: <9302110512.AA09668@servo> MIME-Version: 1.0 Content-Type: text/plain At 0:19 2/10/93 -0500, Stephen D. Williams wrote: >Also, from a previous note, you wouldn't want to turn off V.42/V.42bis >since that is where the error correction is. Also, even on compressed >data, you get some additional bandwidth because it does packetized >synchronous data. This gets close to 8bits/byte instead of 10 (start, >stop). As somebody else mentioned, you do want to turn off LAPM/V.42bis when running a speech application, because speech is a real-time application and LAPM retransmissions introduce delay. Compression is not likely to add much but delay either, since the vocoder itself is already compressing the speech much more effectively than V.42bis, which is designed specifically for textual information. Almost all modern modems support synchronous terminals, although the feature is rarely used. This is how you get around wasting 2 bits out of every 10 on start and stop bits. Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fen@genmagic.genmagic.com (Fen Labalme) Date: Wed, 10 Feb 93 21:55:23 PST To: cypherpunks@toad.com Subject: Re: Tagging copyrighted text Message-ID: <9302110555.AA11170@> MIME-Version: 1.0 Content-Type: text/plain Marc Ringuette (mnr@cs.cmu.edu) writes: > True, the abandonment of copyright isn't going to happen right away. I agree, too. But there are many things here to look at. Economics is a strange bird, indeed, and I pretend to know little of it. But here are some points that the future may bring into focus... 1) It is easy to copy software (music, programs, video, etc.) 2) No matter what copy protection is developed, it will always be easy. 3) People will always pay for the *production* of software (a program that needs to be written, or live music, or...) (note that the Grateful Dead, top money maker, invites tapers) 4) People will always pay for support, maintenance, storage, etc. (note cygnus) 5) Storage and indexing become more valuable as info-quantity grows. 6) Likewise, effecient and accurate filtering (access) 7) People will pay for access to the info they want *now*. 8) Human editors will team with electronic filters to provide this service. In conclusion, there will always be money to be made. In (one of) the more radical futures (that I happen to ascribe to) there will be less income from past works (ala software patents) and more for storage and timely access. But the developer of good software (the musician) will always be in demand. Fen From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Thu, 11 Feb 93 00:32:21 PST To: cypherpunks@toad.com Subject: Re: Tagging copyrighted text Message-ID: <9302110831.AA00835@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain ld231782@longs.lance.colostate.edu (I'd use his real name, but this is all I can find here....why don't people sign their messages?) writes, commenting on some stuff by Marc Ringuette: >>Tim May and many of us argue that copyrights will become unenforceable >>as copying bits becomes cheaper and crypto privacy and anonymity becomes >>more widely available. This will mean that any static collection of >>bits will just be FREE. Musicians will have to make money on live >>performances, because they couldn't sell many recordings. Etc. > >Er, I'd say this is another instance of cypherpunk extremism: ``The Er, Marc R. didn't say the world as we know it is about to collapse, nor did I. (BTW, for you cypherpunks, most of this debate about intellectual property rights took place recently over on the Extropians list.) But I certainly think some big changes are coming. >world as we know it is about to collapse.'' Yes, information will >probably be much freer over the nets, and copyright violations probably >more difficult to pursue and punish. But think about this: with the >speed and ubiquity of networks, it now becomes possible for every >author or creative artist to keep the only copies of his work. Then, he >could post "links" to it anywhere in the world. When people pass around >the work, they wouldn't pass around the work itself, they'd pass the >"link". Whenever someone wants to view the work, the link points to >the unchanging address for instantaneous downloading. A very small With music, art, text, or executable code, once it is available for listening, viewing, reading, or running on the customer's system, it is also available for copying. This is the whole point--if you can read the text, you can keep a copy of it. You mention this, but dismiss it as inconvenient. Well, a popular song may be simultaneously requested by tens of thousands of listeners....it is hard to imagine the 14 Gigabits per second (10,000 x CD-quality sound) coming out of someone's home or business to supply this need! The situation is vastly worse with video, naturally. (I suppose some "servers," like ftp sites, could be set up to deal with especially popular movies and music...cumbersome, though. And, yes, fiber optics can in theory support very high bandwidths, but still not enough to supply the video rental biz. And this traffic will clog the nets and cause lots of problems, I would think.) >transaction charge is billed to the receiver by the sender. (Of course, >people could write stuff that would actually grab and store the text or >whatever instead of just "play" it. But I'll bet that most people will >eventually say, "why bother?" The direct access will be more convenient >and the charge so minimal.) Links could be embedded wherever there is >information, like in bibliographies or references or compilations or whatever. I agree that hypertext-like embeddings offer some hope, for things like text especially, as a reader is essentially buying the total package of texts and links, rather than just some specific text. (But any specific text becomes vulnerable to "snagging.") >Hey, consider that programmers are artists too. I write some hot >program, but I don't distribute it: I run it on one of my systems as a >sort of network pipe. People anywhere in the world pipe in their data >and get it back with a small transaction fee to me. In fact, what I'm ..... Even with much faster networks, remotely running programs introduces lags and inconveniences, not to mention security problems (e.g., "Now you can use _our_ word processor at _our_ site to write your love letters!"). If nothing else, speed of light delays will become very irksome. But I do agree that "knowledge servers" may be a way for corporate knowledge to remain bottled up in corporations (for example). -Tim -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: John.Nieder@f33.n125.z1.FIDONET.ORG (John Nieder) Date: Thu, 11 Feb 93 08:07:45 PST To: cypherpunks@toad.com Subject: E PLURIBUS DOODAH Message-ID: <4854.2B7A6A61@fidogate.FIDONET.ORG> MIME-Version: 1.0 Content-Type: text/plain from: john.nieder@f33.n125.z1.fidonet.org * Reply to msg originally in Cypherpunks BK> Currently, Jock Gill is BK> working in an office located in the Old Executive Office Building BK> across the street from the White House. At this point, he is BK> working alone, without a staff. This week's news indicates to me this will probably not improve. BK> The White House itself employs a large BK> staff to handle snail mail. According to Monday night's news, this is from where these vaunted "symbolic" 25% White House staff cuts will come. BK> All things in their time. Once the BK> E-mail address was circulated together with the heading the "White BK> House", everyone understandably believed a real system was up and BK> running. Yes, silly us...to say nothing of the "CLINTON" AOL address BK> SUGGESTION: Use the compuserve address you have judiciously, BK> reserving it for absolutely vital contacts. Oh, yes, _certainly_! The _vital_ stuff should go into a nonexistant system. Naturally! BK> Until such time that a BK> real public access White house E-mail system is operational, BK> consider relying on the traditional means of contacting the BK> administration. Given what they had to start with from the BK> previous administration (scratch), I have every reason to expect BK> that Jeff Eller and Jock Gill will work well--and as quickly as BK> possible--to get an interactive system up and running. But it will BK> take time and patience. Can anyone say, "VAPORWARE"? BK> We can all help them achieve that effort BK> best if we refrain from acting as if that non-existent system were BK> already in place. PLEASE HELP RELAY THIS CONTEXT AND SUGGESTION TO BK> OTHER NETWORKS AND INDIVIDUALS. Thanks. Pass it around? You bet. It's f*cking _hilarious_! My guess is that this gaffe will (or at least ought to) get Gill fired, assuming he survives this "symbolic" staff downsizing. I might add that nothing could be more "symbolic" than the announcement that the cuts will come from those who actually respond to public input. This "go away & don't bother us" move on the part of the Clinton administration indicates that it obviously doesn't care _what_ America thinks. . There is a _bright side_ to this, however: Would such an indifferent administration spend resources trying to break our codes when it doesn't care what we have to say anyway? 8-) JN ... We want information./You won't get it!/By hook or by crook, we _will_! -- John Nieder - via FidoNet node 1:125/555 UUCP - ...!uunet!hoptoad!kumr!fidogate!33!John.Nieder INTERNET - John.Nieder@f33.n125.z1.FIDONET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc.Ringuette@GS80.SP.CS.CMU.EDU Date: Thu, 11 Feb 93 00:35:37 PST To: cypherpunks@toad.com Subject: Re: Tagging copyrighted text Message-ID: <9302110835.AA09701@toad.com> MIME-Version: 1.0 Content-Type: text/plain I've been thinking more about how Dow Jones can catch customers which leak its data. Let's assume that I, as the thief, get 20 subscriptions, and that Dow Jones tries twiddling the value of various bits of its output with some probability, differently for each customer, to catch who's leaking its data. My strategy as the thief is, whenever the newswire doesn't agree between all of my subscriptions, they take a majority vote. How many bits of random tag must Dow Jones add to its newsfeed to catch a clique of size 20 out of its 10,000 customers? I think I've narrowed the answer down to between 437 bits and 250 Gbits. -- Marc Ringuette (mnr@cs.cmu.edu) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Thu, 11 Feb 93 07:41:38 PST To: cypherpunks@toad.com Subject: Viral encryption Message-ID: MIME-Version: 1.0 Content-Type: text/plain Greetings, gentlemen and ladies. Having just subscribed to this mailing list, I have several interesting questions to pose, not exactly knowing which end of the candle to light first. First off, my background does include some cryptological overtones. As a non-comissioned officer in the US Army, I was a COMSEC systems integrator and a COMSEC account custodian. (Anyone who may be familiar with the job knows the complexities of involvement.) I now earn my keep as a network systems integration consultant (great buzzwords) for a highly respected (and major) computer consultant firm based in the Washington, DC area -- far removed from the crypto-analytical sciences that you folks have an active interest. This job keeps me in the New York city area four days a week (What personal life?). Secondly, my professional area of expertise is networking (granted, it _does_ pat the bills). My personal area of expertise (and enjoyment), is DOS based computer virus "research". I was weened in IBM system 360/370 assembler (once upon a time) and am quite adept in the INTEL 80x86 assembler set. (Ralf Brown is one of my heros.) I "de-program" for hobby; taking things (viruses) apart to study their possible "interaction" and ability to cause major problems (sometimes they really do). You're probably telling yourself at this point, "Gee, I wish this guy would cut to the chase!" On that note -- I shall. ;-) In the past year, the DOS world has been confronted with several (two, significantly -- the MtE and more recently the TPE) encryption "engines" which are being used as "envelopes" for existing viruses. (Stay with me, now.) They are being called "polymorphs" by those "in-the-know"; more specifically, polymorphic viruses. The encryption is weak, compared to DES or RSA comparisons, but they do pose a major problem to the computer community because of the technological weaknesses of the antivirus product developers. Algorithmic development is not exactly their bag of tricks, in most cases. Most are reliant on pattern matching and have fits when presented with code that is _totally_ static. Although (I realize that) this conference newsgroup seems dedicated to privacy and ciphering-related issues, I'm just curious as to what exposure some of you may have with this type of problem. (I used to have Kelly Goen to bounce ideas off of, but he seems to have dropped out of the public eye a few years ago, but yet I see his name mentioned in the PGP docs.) Any serious responses are quite welcomed at fergp@systex.com. Public interest responses (I'd hope) will suffice in this area. Cheers from Manhattan. Paul Ferguson | Network Integration Consultant | "All of life's answers are Alexandria, Virginia USA | on TV." fergp@sytex.com (Internet) | -- Homer Simpson sytex.com!fergp (UUNet) | 1:109/229 (FidoNet) | PGP public encryption key available upon request. --- fergp@sytex.com (Paul Ferguson) Sytex Systems Communications, Arlington VA, 1-703-358-9022 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Robin Hanson Date: Thu, 11 Feb 93 10:44:14 PST To: cypherpunks@toad.com Subject: Re: Timed-Release Crypto In-Reply-To: <9302102211.AA22756@longs.lance.colostate.edu> Message-ID: <9302111838.AA02493@ptolemy.arc.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain [This is a first post by a crypto-naive person - be kind.] >Another possibility is to have some kind of standard protocol for time >encrypted messages (this is interesting and seems feasible). Let's say >I want a message [x] to be unencrypted on date [y]. I call a "time >encryption server" and ask for the secret key associated with my >message and date [y]. I encrypt the message and publicize that >version. The time server is constantly spewing out the daily code for >messages that expire on that date. Anybody just listens to the >broadcast and decrypts the messages in their possession using the key. >Note however that it is crucial that somehow the key depend on the >message itself (via the hashing approaches), otherwise everybody knows >everybody else's keys ahead of time just by submitting messages to the >server for the particular date. I suppose public-key encryption could >be used here but I'm hazy on the details. What came to my mind as I read Tim's message was various competing timed-key servers, each publishing its public key associated with various future dates, and promising to release the associated private key on that date (but not before). You then encode your message with an m-of-n scheme using n such server's keys for your chosen date, and assume at least m of them will eventually publish their promised key, and assume no more than m of them will release early. You then leave it with several escrow services and ask them to try to decrypt it once a year with the new year's keys. To prove to all that a server is untrustworthy, simply reveal its private key ahead of time, and win a bond posted by the service (easy to implement - encode some money with the public key, see if anyone cashes it.) There are economies of scale in shared monitoring of trust, so perhaps only a few dozen such servers would be needed. Hmm.. but how does the server get paid if the public key is public knowledge? Robin Hanson From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: thug@phantom.com (Murdering Thug) Date: Thu, 11 Feb 93 08:55:04 PST To: cypherpunks@toad.com Subject: Re: Viral encryption Message-ID: MIME-Version: 1.0 Content-Type: text/plain As Mr. Ferguson pointed out, polymorphic viruses are making their way into the DOS world. This is a problem in the short term, but not in the long term because people will be changing to memory-protected & file-permission based operating systems like NT, OS/2 and Unix, where it is very difficult for most kinds of virus to spread. I myself am very familiar with the virus underground, so for those who are not, let me explain the two newest and most deadly virus techniques which are being seen in the DOS world. The first is something called "Stealth" viruses. Stealth viruses imbed themselves into DOS and intercept disk read calls from applications. If those read system calls are reading non .EXE or .COM files, then they are processed normally. However when an application such as virus scanning program is reading in .COM and .EXE files (in order to scan them for virus code), the stealth code in DOS intercepts this and returns to the application what the .EXE or .COM file would look like if it wasn't infected by the stealth virus. Thus, all virus checking programs can be decieved in this manner. There are steps to get around this, like booting off of a write-protected floppy disk (with a clean copy of DOS on it) and running the virus checking program directly from that floppy. But people seldom do that, so the stealth technology is a worthwhile one for virus creators to pursue. The second is called "Polymorphic" viruses. These are viruses which contain a tiny encryption/decryption engine. The great thing about polymorphic viruses is that they encrypt themselves with a different key each time they replicate (make a new copy of themselves). The small amount of virus bootstrap code which is not encrypted is changed in each replication by dispursing random NOP's throughout the virus boostrap code. Thus each sample of polymorphic virus looks completely different to virus checking programs. The virus checking programs cannot use "signature" byte strings to detect polymorphic viruses. I have seen something called D.A.M.E., also known as Dark Avenger Mutation Engine. This is a freeware polymorphic library/kernel/toolkit which allows anyone to take an ordinary virus and wrap it in a polymorphic shell. Thus each new copy of the virus will look completely different as it replicates. D.A.M.E. is a great toolkit for those who want to release new viruses but don't have the skills to write a virus from scratch. DAME works very well with Turbo Assembler and MASM. I believe that DAME II will be coming out sometime this spring. At least that is what the author has promised. Among the new features will be more powerful encryption, stealth capabilities, and compatibility with Stacker and DR DOS compressed file systems. I have read that the author of DAME and DAME II will be coming out with a Virus Construction Set, which will allow point-n-click building of new viruses using object oriented techniques. It works sort of like a Mr. Potatohead, you point and click on the parts/modules you want and it builds it for you. You select the replication method, stealth capability, polymorphism, and payload module (there are several payloads, varying from playing music and showing graphics, to printing a text message on screan, to complete wipe out of the HD). The really wonderful thing is that you will be able to build your own modules and link them into the virus. I am sure a flourishing of third-party modules will occur. With the VCS, a 9 year old can build a competely new virus just by pointing, clicking, and dragging, popping up windows and choosing options. My oh my, aren't we in for fun times ahead... Thug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Thu, 11 Feb 93 11:49:55 PST To: cypherpunks@toad.com Subject: Re: Timed-Release Crypto Message-ID: <9302111948.AA22424@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Robin Hanson writes: >[This is a first post by a crypto-naive person - be kind.] >What came to my mind as I read Tim's message was various competing >timed-key servers, each publishing its public key associated with >various future dates, and promising to release the associated private >key on that date (but not before). Yes, a market or ecology of servers, with various competing capabilities and reputations. "Distributed trust" is quite effective. (Someone sent me private e-mail saying he didn't like my scheme because it wasn't as "mathematically solid" as pure encryption schemes. Let me point out that many crypto schemes involve issues of trust, distributed trust, collusion, and even trust. "Pure" schemes do not in general exist, except as very basic operations. As one example, there are no unforgeable "digital coins." And even the information-theoretically secure "dining cryptographers" protocol is unsecure given enough collusion. The role of reputations--common in business and interpersonal dealings--is generally ignored in the academic crypto community, who end up tearing their hair out over extremely complicated protocols that attempt to avoid issues of reputation and economic incentives. Folks like Dean Tribble and Robin Hanson have a lot to contribute to the actual realization of distributed, agoric crypto systems.) >You then encode your message with an m-of-n scheme using n such >server's keys for your chosen date, and assume at least m of them will >eventually publish their promised key, and assume no more than m of >them will release early. You then leave it with several escrow >services and ask them to try to decrypt it once a year with the new >year's keys. > >To prove to all that a server is untrustworthy, simply reveal its >private key ahead of time, and win a bond posted by the service (easy >to implement - encode some money with the public key, see if anyone >cashes it.) There are economies of scale in shared monitoring of >trust, so perhaps only a few dozen such servers would be needed. I don't follow this. How do you know a node (=server) hasn't just "peeked." (BTW, if you've properly split your message/key up, peeking by any one node will get them nothing--just bits--so they'll be disinclined to ever peek.) I don't see how anyone but the node itself can discover its private key, even if it cheats, peeks, or colludes. (Which is not to say that unreliable or dishonest nodes will not be revealed. I suspect it'll be more by testing agencies rather than by (somehow) having the private key revealed...even a dishonest node will keep its private key private. Possibly there are schemes that would allow proof of "early opening" (cheating) to be revealed, vaguely analogous to Chaum's scheme whereby digital money spent twice points to the spender...but offhand I don't see an approach.) >Hmm.. but how does the server get paid if the public key is public >knowledge? A node or server gets paid by the digital cash attached either at the time of arrival at the node (paying "rent" in advance, as it were), or after decrypting after some amount of time (paying upon "checking out," as it were). (Any message which doesn't include the necessary payments, by whatever terms the node has set, doesn't get stored, sent, etc.--we saw a lot of messages ending up in the bit buckets for failure to follow a remailer's protocols when we played the "Crypto Game" at the physical Cypherpunks meetings several months ago.) The messages or packets sent between nodes can have various sub-parts, including instructions for remailing (as with any remailer network), payments for various services (such as holding the message for 2 years, or splitting the message further, whatever), and so on. In general, each message is sent to a node, with only that node being able to open it (as it's encrypted with the public key of the node). Once opened, the node may find various other messages, payments, instructions, etc. If you meant something else by your question, I don't get it. Please ask it again. -Tim -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Robin Hanson Date: Thu, 11 Feb 93 12:58:09 PST To: cypherpunks@toad.com Subject: Re: Timed-Release Crypto In-Reply-To: <9302111948.AA22424@netcom.netcom.com> Message-ID: <9302112058.AA03778@ptolemy.arc.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain Timothy C. May asks (regarding my naive proposal): >I don't follow this. How do you know a node (=server) hasn't just >"peeked." ... If you meant something else by your question, I don't >get it. Please ask it again. Yeah I think my terseness led to some communication failure. I was imagining the key server publishing a key which thousands of folks might then use to close their time capsules. The key server doesn't know which messages where are closed with their key, and even if they did the messages are simultaneously closed with many different keys, so they'd need wide collusion to peek (including collusion with one of your escrow message holders). And as Dorn suggests the escrow holder of the message can't peek if "message itself could be encrypted using the intended eventual recipients public key". Dorn suggests: >The servers would generate a key pair on request, for a fee. Send you >the public key to encrypt the "message" for storage somewhere. I guess this might work, but now you have to be more specific in telling your escrow service where to look for public keys to decode you message. With just a few standard time-key servers, this isn't needed, and perhaps we could all share the costs of monitoring their trustworthyness. Needing just a few, the need might easily be met by charity. Robin From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pete@cirrus.com (Pete Carpenter) Date: Thu, 11 Feb 93 14:11:21 PST To: cypherpunks@toad.com Subject: Re: E Plurbis Doodah Message-ID: <9302112212.AA03149@ss2138.cirrus.com> MIME-Version: 1.0 Content-Type: text/plain > from: john.nieder@f33.n125.z1.fidonet.org > > There is a _bright side_ to this, however: Would such an > indifferent administration spend resources trying to break our codes > when it doesn't care what we have to say anyway? 8-) > JN Ah, if only it were so... Apparently you haven't heard about the new nomination for attorney general. A prosecutor from Florida with a "get-tough" reputation. Undoubtedly an anti-drug warrior. And since "everyone knows" that the only reason to hide information from our "great benevolent government" is to "cover-up illegal activites", I'm not quite so hopeful. "Don't blame me, I voted Libertarian" Pete Carpenter pete@cirrus.com Talk about your plenty, talk about your ills, One man gathers what another man spills. - Robert Hunter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: richard_mezirka@askinc.ask.com (Richard Mezirka) Date: Thu, 11 Feb 93 15:28:50 PST To: cypherpunks@toad.com Subject: pardon me, but it's been deathly quiet Message-ID: <9302112329.AA02896@askinc.ask.COM> MIME-Version: 1.0 Content-Type: text/plain regrets about the perhaps poor use of scarce bandwidth: sci.crypt has disappeared from my news server I haven't seen a cypherpunks mail item for some time... I used to see something daily, some very interesting/some just valuable to me for awareness raising value is anyone there or did all the things we're concerned about come true? Rich From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "John Coryell." Date: Fri, 12 Feb 93 13:57:41 PST To: cypherpunks@toad.com Subject: Re: Timed-Release Crypto In-Reply-To: <9302112058.AA03778@ptolemy.arc.nasa.gov> Message-ID: <9302122157.AA22875@toad.com> MIME-Version: 1.0 Content-Type: text/plain >I guess this might work, but now you have to be more specific in >telling your escrow service where to look for public keys to decode >you message. With just a few standard time-key servers, this isn't >needed, and perhaps we could all share the costs of monitoring their >trustworthyness. Needing just a few, the need might easily be met by >charity. > >Robin Considering what we've currently had to rely on, charity seems like as good a place to start as any. Perhaps when escrow clients operate like wais in conducting a search of the available sources, and utilizing feedback to reduce noise and identify likelihoods of correct decryption, or perhaps this would never work at all. Monitoring would still be necessary. John Coryell. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eli Brandt Date: Thu, 11 Feb 93 16:17:21 PST To: cypherpunks@toad.com Subject: Re: Viral encryption In-Reply-To: Message-ID: <9302120017.AA28034@toad.com> MIME-Version: 1.0 Content-Type: text/plain > From: thug@phantom.com (Murdering Thug) > I myself am very familiar with the virus underground, so for those who are > not, let me explain the two newest and most deadly virus techniques which > are being seen in the DOS world. [ discusses stealth viruses, around for, oh, five years at least; and the MtE. ] Reasonably accurate discussions, but let's leave the hype for _Time_ and McAfee. "Stealth" viruses can be detected in memory, if you make the mistake of getting infected in the first place. MtE-derived viruses enjoyed a window of about a month while they could not be detected by scanners; they had no such reprieve from integrity checkers. Big deal. (Well, from the point of view of a scanner writer, it must be a pain, but that's not the user's problem.) Cryptohash integrity checking is probably the way to go in the long run, but scanners still work. The "most deadly virus technique", in terms of number of infections caused, is probably that of boot-sector infection. Low-tech, but it seems to work. > Thug PGP 2 key by finger or e-mail Eli ebrandt@jarthur.claremont.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: corwin@Cayman.COM (Lord Among Panthers) Date: Thu, 11 Feb 93 13:46:35 PST To: cypherpunks@toad.com Subject: Timed-Release Crypto In-Reply-To: <9302112058.AA03778@ptolemy.arc.nasa.gov> Message-ID: <9302112145.AA17000@cuba.Cayman.COM> MIME-Version: 1.0 Content-Type: text/plain Robin sez >Dorn suggests: >>The servers would generate a key pair on request, for a fee. Send you >>the public key to encrypt the "message" for storage somewhere. > > I guess this might work, but now you have to be more specific in > telling your escrow service where to look for public keys to decode > you message. With just a few standard time-key servers, this isn't > needed, and perhaps we could all share the costs of monitoring their > trustworthyness. Needing just a few, the need might easily be met by > charity. The escrow services could run the time-key servers (since without the time-key servers, there would be less business for the escrow services). Getting keys would then be free and the cost of running the server could be subsidised from the cost of storing the message. corwin From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl Barrus Date: Thu, 11 Feb 93 20:42:11 PST To: cypherpunks@toad.com Subject: wired & batch file Message-ID: <199302120441.AA07645@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain Cypherpunks, Douglas Sinclair has notified me of a slight bug/irritation with the anonmail.bat script for MSDOS. When run with no parameters, file errors are reported since the batch file attempts to delete nonexistent files. So I fixed that and have submitted the revised version to the ftp site. Also, in unix I can redirect stderr to /dev/null ( 2> /dev/null). Is there a way to do this in MSDOS (I can't seem to find a way). This would make the hopmail.bat batch file (similar to hop.mail) easier to use since the PGP output will be suppressed. Finally, crypto is mentioned in WIRED magazine! It's on the "HYPE LIST" behind Object Oriented, Post-Modern, Raves, and ahead of Smart Drugs. Here is the paragraph on it (bottom of page 87): Forty years ago cryptography wasn't even popular with mathematicians. Now it's the hot topic on the net. You've got the export issue, always popular since it the [sic] NSA is the villain. There's the public key issue - RSA Inc. expressing concern over the public good, not their profit margins. Yeah right. Now we have the key-registration debate: Should PKC users have to register their keys? OK, it's a bad idea, but probably a government conspiracy to eliminate cash, as some rabid defenders of freedom are claiming. Then there's David Chaum, the Ted Nelson of the 90's, promoting his ingenious and impractical crypto-schemes. Since everyone wants to believe in nice techno solutions to messy socio-policital problems, expect this issue to continue its rise up the list. So, fellow rabid defenders freedom, who is Ted Nelson?? :-) I guess I'm too young... /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phil Karn (Phil Karn) Date: Thu, 11 Feb 93 23:09:26 PST To: thug@phantom.com (Murdering Thug) Subject: Re: Compressed/Encrypted Voice using Modems Message-ID: <9302120707.AA13840@servo> MIME-Version: 1.0 Content-Type: text/plain At 11:41 2/10/93 -0500, Murdering Thug wrote: >The best solution, as suggested by Miron is to use forward error correction. >There is plenty of bandwidth in a 19.2/21.6/24.0/28.8 kbps connection to >send CELP nybbles or bytes each along with their own ECC code. But modern high speed modems already do quite a bit of FEC. I really don't think more is really necessary. As long as the decryptor and voice decoder automatically resynchronize after an error, there's no real problem with letting a few through. It's certainly preferable to adding long (or variable) delay. The sychronization problem seems to occur in "real" (government) secure phones too. They take a second or two to unmute following loss of clock synchronization. But not every bit error causes loss of clock synch; only a really bad line will do that. Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Thu, 11 Feb 93 23:36:09 PST To: cypherpunks@toad.com Subject: Re: wired & batch file Message-ID: <9302120734.AA07610@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Karl Barrus writes: > Finally, crypto is mentioned in WIRED magazine! It's on the >"HYPE LIST" behind Object Oriented, Post-Modern, Raves, and ahead of >Smart Drugs. Here is the paragraph on it (bottom of page 87): And I'm sure you all know "Wired" is preparing a major article on the Cypherpunks and crypto. I've seen the Steven Levy rough draft and it looks good. >So, fellow rabid defenders freedom, who is Ted Nelson?? :-) I guess >I'm too young... You _must_ be young! Lucky you. Ted Nelson is the chief popularizer (and early architect, to be fair) of "hypertext," or nonlinear, linked writing. As in being able to click on this word, "hypertext," and see lots of threads taking you off to various other places, articles, sidebars, and so on. Hypertexts thus transcend the simple linear writing style enforced on us by paper and books. Nelson wrote an extremely influential book called "Computer Lib," circa 1975, which described hypertext and accurately predicted many of today's most important trends. Microsoft Press reprinted it, with corrections and addditions, a few years back. Definitely recommended! His project, known as "Xanadu," has been developing for close to 30 years. About 10 or so years a team of programmers nucleated around Xanadu to commercialize it. Known as the Xanadu Operating Company, it was funded by Autodesk (maker of Autocad) from 1988 until just a few months ago, when Autodesk decided to reorient its efforts. XOC may still be seeking alternative funding. Our own Dean Tribble is centrally involved, and other participants included Mark Miller, Roger Gregory, and various others (some of whom show up on this list, or at the physical Cypherpunks meetings). Apple's "HyperCard" was a poor imitation, in the sense that full bidirectional links were not supported (and some other limitations, though in fairness to Bill Atkinson and Apple, the original product, codenamed "WildCard," was not intended to be full hypertext.) (I use a true hypertext writing system called "StorySpace," for the Mac. Other platforms have their own such programs. Nothing as grand as Xanadu, though. And there's a newsgroup called alt.hypertext if you're interested.) Ted Nelson is living in the Bay Area, working on various projects. He's shown some interest in crypto things, and talked to some of us at a recent Hackers Conference about the implications. Hypertext is definitely a good idea, but the commercialization has been slow in coming. -Tim May > >/-----------------------------------\ >| Karl L. Barrus | >| elee9sf@menudo.uh.edu | <- preferred address >| barrus@tree.egr.uh.edu (NeXTMail) | >\-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Thu, 11 Feb 93 23:38:01 PST To: cypherpunks@toad.com Subject: Re: wired & batch file Message-ID: <9302120736.AA07718@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Karl Barrus writes: > Finally, crypto is mentioned in WIRED magazine! It's on the >"HYPE LIST" behind Object Oriented, Post-Modern, Raves, and ahead of >Smart Drugs. Here is the paragraph on it (bottom of page 87): And I'm sure you all know "Wired" is preparing a major article on the Cypherpunks and crypto. I've seen the Steven Levy rough draft and it looks good. >So, fellow rabid defenders freedom, who is Ted Nelson?? :-) I guess >I'm too young... You _must_ be young! Lucky you. Ted Nelson is the chief popularizer (and early architect, to be fair) of "hypertext," or nonlinear, linked writing. As in being able to click on this word, "hypertext," and see lots of threads taking you off to various other places, articles, sidebars, and so on. Hypertexts thus transcend the simple linear writing style enforced on us by paper and books. Nelson wrote an extremely influential book called "Computer Lib," circa 1975, which described hypertext and accurately predicted many of today's most important trends. Microsoft Press reprinted it, with corrections and addditions, a few years back. Definitely recommended! His project, known as "Xanadu," has been developing for close to 30 years. About 10 or so years a team of programmers nucleated around Xanadu to commercialize it. Known as the Xanadu Operating Company, it was funded by Autodesk (maker of Autocad) from 1988 until just a few months ago, when Autodesk decided to reorient its efforts. XOC may still be seeking alternative funding. Our own Dean Tribble is centrally involved, and other participants included Mark Miller, Roger Gregory, and various others (some of whom show up on this list, or at the physical Cypherpunks meetings). Apple's "HyperCard" was a poor imitation, in the sense that full bidirectional links were not supported (and some other limitations, though in fairness to Bill Atkinson and Apple, the original product, codenamed "WildCard," was not intended to be full hypertext.) (I use a true hypertext writing system called "StorySpace," for the Mac. Other platforms have their own such programs. Nothing as grand as Xanadu, though. And there's a newsgroup called alt.hypertext if you're interested.) Ted Nelson is living in the Bay Area, working on various projects. He's shown some interest in crypto things, and talked to some of us at a recent Hackers Conference about the implications. Hypertext is definitely a good idea, but the commercialization has been slow in coming. -Tim May > >/-----------------------------------\ >| Karl L. Barrus | >| elee9sf@menudo.uh.edu | <- preferred address >| barrus@tree.egr.uh.edu (NeXTMail) | >\-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phiber Optik Date: Thu, 11 Feb 93 21:43:13 PST To: ebrandt@jarthur.Claremont.EDU (Eli Brandt) Subject: Re: Viral encryption In-Reply-To: <9302120017.AA28034@toad.com> Message-ID: <199302120541.AA06625@eff.org> MIME-Version: 1.0 Content-Type: text/plain > > > From: thug@phantom.com (Murdering Thug) > > I myself am very familiar with the virus underground, so for those who are > > not, let me explain the two newest and most deadly virus techniques which > > are being seen in the DOS world. > > [ discusses stealth viruses, around for, oh, five years at least; and > the MtE. ] > > Reasonably accurate discussions, but let's leave the hype for _Time_ > and McAfee. "Stealth" viruses can be detected in memory, if you make > the mistake of getting infected in the first place. MtE-derived > viruses enjoyed a window of about a month while they could not be > detected by scanners; they had no such reprieve from integrity > checkers. Big deal. (Well, from the point of view of a scanner > writer, it must be a pain, but that's not the user's problem.) > Cryptohash integrity checking is probably the way to go in the long > run, but scanners still work. > > The "most deadly virus technique", in terms of number of infections > caused, is probably that of boot-sector infection. Low-tech, but it > seems to work. > > > Thug > > PGP 2 key by finger or e-mail > Eli ebrandt@jarthur.claremont.edu > I'm sick and tired of all the virus hoo-hah myself. The only "anti-virus software" a hacker needs is DEBUG. And maybe your favorite sector editor utility, like DISKEDIT. Anything more, and you're an embarassment. Why don't you just send your life savings to McAfee while you're at it. I could go and quote P. T. Barnum right now, but I think my point is made. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: M..Stirner@f28.n125.z1.FIDONET.ORG (M. Stirner) Date: Fri, 12 Feb 93 03:28:59 PST To: cypherpunks@toad.com Subject: E pluribus doodah Message-ID: <4868.2B7B7534@fidogate.FIDONET.ORG> MIME-Version: 1.0 Content-Type: text/plain from: john.nieder@f33.n125.z1.fidonet.org * Reply to msg originally in Cypherpunks BK> Currently, Jock Gill is BK> working in an office located in the Old Executive Office Building BK> across the street from the White House. At this point, he is BK> working alone, without a staff. This week's news indicates to me this will probably not improve. BK> The White House itself employs a large BK> staff to handle snail mail. According to Monday night's news, this is from where these vaunted "symbolic" 25% White House staff cuts will come. BK> All things in their time. Once the BK> E-mail address was circulated together with the heading the "White BK> House", everyone understandably believed a real system was up and BK> running. Yes, silly us...particularly with the "CLINTON" AOL address. BK> SUGGESTION: Use the compuserve address you have judiciously, BK> reserving it for absolutely vital contacts. Oh, yes, _certainly_! The _vital_ stuff should go into a nonexistant system. Naturally! BK> Until such time that a BK> real public access White house E-mail system is operational, BK> consider relying on the traditional means of contacting the BK> administration. Given what they had to start with from the BK> previous administration (scratch), I have every reason to expect BK> that Jeff Eller and Jock Gill will work well--and as quickly as BK> possible--to get an interactive system up and running. But it will BK> take time and patience. Can anyone say, "VAPORWARE"? BK> We can all help them achieve that effort BK> best if we refrain from acting as if that non-existent system were BK> already in place. PLEASE HELP RELAY THIS CONTEXT AND SUGGESTION TO BK> OTHER NETWORKS AND INDIVIDUALS. Thanks. Pass it around? You bet. It's f*cking _hilarious_! My guess is that this gaffe will (or at least ought to) get Gill fired, assuming he survives this "symbolic" staff downsizing. I might add that nothing could be more "symbolic" than the announcement that the cuts will come from those who actually respond to public input. This "go away & don't bother us" move on the part of the Clinton administration indicates that it obviously doesn't care _what_ America thinks. . There is a _bright side_ to this, however: Would such an indifferent administration spend resources trying to break our codes when it doesn't care what we have to say anyway? 8-) JN ... We want information./You won't get it!/By hook or by crook, we _will_! ... Forgive your enemies but remember their names. ___ Blue Wave/QWK v2.12 -- M. Stirner - via FidoNet node 1:125/555 UUCP - ...!uunet!hoptoad!kumr!fidogate!28!M..Stirner INTERNET - M..Stirner@f28.n125.z1.FIDONET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Barry.Kapke@f33.n125.z1.FIDONET.ORG (Barry Kapke) Date: Fri, 12 Feb 93 03:58:40 PST To: Cypherpunks@toad.com Subject: White House email address (fwd) Message-ID: <4871.2B7B8BC2@fidogate.FIDONET.ORG> MIME-Version: 1.0 Content-Type: text/plain ============================================================================= From: DOUGLAS COFFMAN Date: Thu, 11 Feb 1993 18:01:53 EDT ----------------------------Original message---------------------------- Please pass this info along. January 31, 1993 Important Information RE: E-Mail to the White House Yesterday, I saw several postings related to the E-mail address for the White House. Along with a good number of others, I worked throughout the campaign as part of a network of E-mail volunteers for the Clinton campaign, so I can pass along some important information about that E-mail account. The account is actually the personal compuserve account of Jock Gill. Jock worked hard (along with a handful of programming volunteers, BBS operators, listserver maintainers, and computer sophisticates at places such as Marist College, MIT, San Francisco, Chicago, and elsewhere) during the campaign to put together an E-mail system for national campaigning. The system was later expanded to accommodate all three major Presidential campaigns. It was an innovative, highly successful effort and it played a huge role in getting campaign position statements out to a wide public. Things posted from that address found their way into the virtual reality as the messages got passed along many networks from their original posting. Several weeks before the Inauguration of President Clinton, Jeff Eller was appointed by the President-Elect to have overall charge of establishing something which has never existed--an interactive public access E-mail system into the White House and into other offices of the administration. Jock Gill was then hired by the administration to work under Jeff Eller. Currently, Jock Gill is working in an office located in the Old Executive Office Building across the street from the White House. At this point, he is working alone, without a staff. His current assignment is to use the E-mail system (as during the campaign) to issue official copies of White House statements, the texts of press briefings and press conferences, copies of Executive Orders and Presidential Memos, and the like to the virtual world of E-mail. Since the compuserve box is a regular personal mail box, it gets filled quickly, especially given the high volume of mail now beginning to arrive with the broad dissemination of his address. Those of you who have sent E-mail to that address may well have received an error message stating that the box is full. That's another way of saying it has been overwhelmed. Jock has asked those of us who have been part of the volunteer E-mail team to help him out while he works to get a good interactive system up and running. Basically, he has asked that everyone cooperate and not begin sending a barrage of E-mail to that compuserve address. The White House itself employs a large staff to handle snail mail. Actually, at this point in the development of the White House E-mail system, you will probably get your message through to the administration quicker through ordinary snail mail and telephone. Later, once the administration's E-mail team develops the system they want and need, E-mail contacts should became the easier route. All things in their time. Once the E-mail address was circulated together with the heading the "White House", everyone understandably believed a real system was up and running. Not quite yet. SUGGESTION: Use the compuserve address you have judiciously, reserving it for absolutely vital contacts. Until such time that a real public access White house E-mail system is operational, consider relying on the traditional means of contacting the administration. Given what they had to start with from the previous administration (scratch), I have every reason to expect that Jeff Eller and Jock Gill will work well--and as quickly as possible--to get an interactive system up and running. But it will take time and patience. We can all help them achieve that effort best if we refrain from acting as if that non-existent system were already in place. PLEASE HELP RELAY THIS CONTEXT AND SUGGESTION TO OTHER NETWORKS AND INDIVIDUALS. Thanks. Snail Mail Address and Phone Numbers -- White House White House Numbers: The President (202) 456-1414 White House Comment Line (202) 456-1111 (To register your opinion on an issue) When bill signed or vetoed (202) 456-2226 Vice President (202) 456-2326 (202) 456-7125 Mailing Address: The White House 1600 Pennsylvania Avenue, N.W. Washington DC 20500 -- On the Net, Douglas J. "Lefty" Coffman lefty@mtu.edu (Preferred) LEFTY@MTUS5.BITNET or LEFTY@MTUS5.cts.mtu.edu B0 f- w+ g++ k(+) s h r =============================================================================-- Barry Kapke - via FidoNet node 1:125/555 UUCP - ...!uunet!hoptoad!kumr!fidogate!33!Barry.Kapke INTERNET - Barry.Kapke@f33.n125.z1.FIDONET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Fri, 12 Feb 93 09:40:38 PST To: ld231782@longs.lance.colostate.edu Subject: Re: Tagging copyrighted text Message-ID: <9302121739.AA21361@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Another thought on "ld231782"'s idea about high-speed networks and copyrights: >But think about this: with the >speed and ubiquity of networks, it now becomes possible for every >author or creative artist to keep the only copies of his work. Then, he >could post "links" to it anywhere in the world. When people pass around >the work, they wouldn't pass around the work itself, they'd pass the >"link". Whenever someone wants to view the work, the link points to >the unchanging address for instantaneous downloading. A very small >transaction charge is billed to the receiver by the sender. With fast enough networks, we may see a big decline in sales of programs to end-users, as the software is made available as "on-line services." (Obviously this has always been going on, with service bureaus, circuit design services, etc.) To make this very concrete, I just installed a new release of the American Heritage Dictionary, a complete edition with definitions, thesaurus, anagrams, roots in Latin, Greek, German, Indo-European, etc. Look up a word and one gets an entire screenful of stuff, including detailed etymologies, usages, etc. Now what happens when a "dictionary server" offers to look up a word for, say, 10 cents? With fast enough networks, of the sort ld231782 proposes, this could replace the current system in which folks buy their own copies. (One would still need very high bandwidth programs like editors, word processors, drawing programs, etc., but some classes of software would be amenable to this kind of remote access use, especially with very fast networks.) There may be attempts to limit this, as with the laws which ban rental of CDs (but not videos, presumably because few people have two VCRS, while those renting CDs can presumably easily diub them onto cassettes). This could also reduce the costs of entry to the market, as new programs could be offered for sale or access in a low-cost way, such as through information markets like AMIX. I'm not taking a moral stand on either side, just noting one more consequence of extremely high-speed networks. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "DrZaphod" Date: Fri, 12 Feb 93 15:01:50 PST To: CypherPunks@toad.com Subject: RE: MSDOS AnonMail.Bat Message-ID: <36540.drzaphod@ncselxsi> MIME-Version: 1.0 Content-Type: text/plain In Message Thu, 11 Feb 1993 22:41:04 -0600, Karl Barrus writes: > Also, in unix I can redirect stderr to /dev/null ( 2> /dev/null). >Is there a way to do this in MSDOS (I can't seem to find a way). This >would make the hopmail.bat batch file (similar to hop.mail) easier to >use since the PGP output will be suppressed. Use "> nul" to redirect to null. IBM only used 3 character device names. And on WIRED.. now that I've heard the stories I'll have to pick up my copy! TTFN! DrZaphod [AC/DC] / [DnA][HP] [drzaphod@ncselxsi.uucp] Technicolorized From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "L. Detweiler" Date: Fri, 12 Feb 93 10:54:02 PST To: cypherpunks@toad.com Subject: Re: Viral encryption In-Reply-To: <199302120541.AA06625@eff.org> Message-ID: <9302121852.AA07368@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain >I'm sick and tired of all the virus hoo-hah myself. The only "anti-virus >software" a hacker needs is DEBUG. And maybe your favorite sector editor >utility, like DISKEDIT. Anything more, and you're an embarassment. >Why don't you just send your life savings to McAfee while you're at it. >I could go and quote P. T. Barnum right now, but I think my point is made. Unfortunately most of humanity is not in the category of "hacker", and we should be considerate of them. While we tout cryptography for example we have to remember that the only way that it will get into the mainstream is if it is integrated very nicely into foolproof user-friendly (sorry, the term makes me cringe a bit too) software. I don't see any constructive purpose served by viruses, and if anybody in this group is advocating or even pursuing their development, I think that has just brought the quality of the list down several notches, and really damaged the credibility of the speakers. Definitely, they are interesting to study, but the havoc they wreak is incalculable. To the extent that they encourage designers to create more straightjacket-type security mechanisms, they are detrimental to the goal of simple and straightforward access to computer technology, and significantly undermine confidence in and use of that technology. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Fri, 12 Feb 93 10:38:12 PST To: cypherpunks@toad.com Subject: Hasty analogy (WAS: Viral encryption) Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Friday, 12 Feb 1993, Phiber Optik wrote - PO> I'm sick and tired of all the virus hoo-hah myself. PO> The only "anti-virus software" a hacker needs is DEBUG. PO> And maybe your favorite sector editor utility, like DISKEDIT. PO> Anything more, and you're an embarassment. Why don't you just PO> send your life savings to McAfee while you're at it. I could PO> go and quote P. T. Barnum right now, but I think my point is PO> made. My apologies for strayiing even further from the topic, but Phyber's comments would not let me let this sleeping dog lie. Strictly using DEBUG is a bit ridiculous for the "masses", but I can understand your sentiment, at least to that end. As far as I'm concerned, I can isolate _any_ change in my operating environment (be it DOS, Novell NOS, UNIX or whatever, for that matter) with the utilities that accompany the operating system (and of course, a couple of home-brewed ones to boot). Viruses are simply nuisances, for those who are adept enough to bop around in assembly code. Your disdain for "anti-virus software" is shared by many -- even shared by myself, to a certain degree. Every time I read an advertisement in a trade rag that boasts, "Can now find and eradicate new and unknown viruses!" or "Now! Can kill the deadly Mutation Engine virus!", I can only shake my head and snicker. However, there are a couple of genuine "good guys" out there in computer land that produces some excellent "anti-virus" software. Dr. Alan Solomon (UK) and Fridrik Skulason (Iceland), both of whom I know personally, produce perhaps the most effective and timely virus detection software in the business. Yes, they both will tell you that they use DEBUG to trace code and disassemble. Sara told me that you were rather impetuous. ;-) Further discussions relating to thhis topic should be moved to comp.virus (virus-l@lehigh.edu) or directed to me by email. Paul Ferguson | "Sincerity is fine, but it's no Network Integration Consultant | excuse for stupidity." Alexandria, Virginia USA | -- Anonymous fergp@sytex.com (Internet) | sytex.com!fergp (UUNet) | 1:109/229 (FidoNet) | PGP public encryption key available upon request. --- fergp@sytex.com (Paul Ferguson) Sytex Systems Communications, Arlington VA, 1-703-358-9022 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Absinthe@debug.cuc.ab.ca Date: Fri, 12 Feb 93 20:53:02 PST To: cypherpunks@toad.com Subject: RSA Message-ID: MIME-Version: 1.0 Content-Type: text/plain Read about you guys awhile back in Mondo, seeing if I can get more info? Also, recent byline in Sci Am about PGP, do you know a good source of RSA software? do you have info on either Zimmerman's E-Mail address or E.Miller's mailing list? Any info appreciated, thanx. -----------------------------------=> The Crystal Wind is the Storm, and the Storm is Data, and the Data is Life. Absinthe@debug.cuc.ab.ca From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: sdw@sdwsys.lig.net (Stephen D. Williams) Date: Fri, 12 Feb 93 21:09:58 PST To: elee9sf@Menudo.UH.EDU (Karl Barrus) Subject: Re: anonymous script In-Reply-To: <199302100657.AA06626@Menudo.UH.EDU> Message-ID: <9302130504.AA07864@sdwsys.lig.net> MIME-Version: 1.0 Content-Type: text/plain > > Cypherpunks, > > Out of curiosity, what are the approximate computer ratios among this > list? That is, how many people use MSDOS, how many use Mac's, how > many Amigas, many have Unix, how many have VMS? Sun Unix, Interactive Unix, Linux, kids with a MSDOS game machine.... > > I'm just curious because it recently struck me that not everyone here > is running Unix, and thus can't really use the scripts I've written > (which help use the anonymous remailers). So I wrote a helper program > in C++ for MSDOS, but after looking at the code, I've decided to bury > it and replace it with the following MSDOS script (at bottom of this > message). ... > | Karl L. Barrus | > | elee9sf@menudo.uh.edu | <- preferred address > | barrus@tree.egr.uh.edu (NeXTMail) | sdw From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: sdw@sdwsys.lig.net (Stephen D. Williams) Date: Fri, 12 Feb 93 21:18:27 PST To: miron@extropia.wimsey.com (Miron Cuperman) Subject: Re: Compressed/Encrypted Voice using Modems In-Reply-To: <1993Feb10.193843.20507@extropia.wimsey.bc.ca> Message-ID: <9302130510.AA08073@sdwsys.lig.net> MIME-Version: 1.0 Content-Type: text/plain > > -----BEGIN PGP SIGNED MESSAGE----- > > thug@phantom.com (Murdering Thug) writes: > > >I don't know if CELP requires an error-free transmittion stream from > >codec to codec. If it doesn't then that's great, I hope it self-synchronizes > >itself after a byte or two of garbage coming through. Big deal, so you hear > >a click or pop of static, so what.. you get that with analog lines. > > CELP resyncs. Not sure how fast. Maybe after a tenth of a second or so. > > On a side note, we are finishing up an implementation of CELP on the > TMS320C5x. This is a 20 MIPS integer chip. We are taking up less > than 15 MIPS. We also know how to write error corrected CELP (such > that bits that cause more significant degradation are protected > better). Does everyone know that the new Zyxel's have CELP builtin? Don't know details yet... sdw From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: edgar@spectrx.Saigon.COM (Edgar W. Swank) Date: Sat, 13 Feb 93 03:08:21 PST To: Cypherpunks Subject: Re: anonymous script Message-ID: MIME-Version: 1.0 Content-Type: text/plain My thanks to Karl Barrus. I'm one of the MSDOS users and I appreciate his effort in providing an MSDOS script for anonymous remailing. -- edgar@spectrx.saigon.com (Edgar W. Swank) SPECTROX SYSTEMS +1.408.252.1005 Silicon Valley, Ca From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Sat, 13 Feb 93 02:07:09 PST To: cypherpunks Subject: ["Vinton G. Cerf": Technology Policy and Information Infrastructure] Message-ID: <9302131007.AA06784@toad.com> MIME-Version: 1.0 Content-Type: text/plain I sent him some sound bites about Internet policy and about crypto policy. I'll send them to Cypherpunks too. John ------- Forwarded Message To: trustees:;@isoc.org, isoc-interest@sgi.com, ietf@CNRI.Reston.VA.US, iab@isi.edu, iesg@CNRI.Reston.VA.US, Members:;@isoc.org Subject: Technology Policy and Information Infrastructure Date: Wed, 10 Feb 93 08:25:06 -0500 From: "Vinton G. Cerf" Message-Id: <9302100825.aa02728@IETF.CNRI.Reston.VA.US> Dear Internauts and friends, I have been invited to testify before the US House Subcommittee on Technology on the subject of technology policy and information intrastructure. To prepare my testimony, it would be helpful to have SHORT (please!) comments, suggestions, "bullets" as input, so that Internet Society ideas and considerations can be represented (or, at the least, offer some national and international perspective on a matter of global importance). If you want to send something on this point, please send it ONLY to: vcerf@cnri.reston.va.us. DO NOT SEND IT TO THE ENTIRE LIST OF ADDRESSEES (or they will do something terrible to me). Many thanks for letting me disturb your busy mailboxes, and thanks in advance for your ideas. Vint p.s. I need any inputs by end of February ------- End of Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Seth Morris Date: Fri, 12 Feb 93 23:42:46 PST To: tcmay@netcom.com (Timothy C. May) Subject: Re: Tagging copyrighted text In-Reply-To: <9302121739.AA21361@netcom.netcom.com> Message-ID: <9302130720.AA22872@lambada.oit.unc.edu> MIME-Version: 1.0 Content-Type: text Timothy May writes: > To make this very concrete, I just installed a new release of the American > Heritage Dictionary, a complete edition with definitions, thesaurus, > anagrams, roots in Latin, Greek, German, Indo-European, etc. Look up a word > and one gets an entire screenful of stuff, including detailed etymologies, > usages, etc. > > Now what happens when a "dictionary server" offers to look up a word for, > say, 10 cents? With fast enough networks, of the sort ld231782 proposes, > this could replace the current system in which folks buy their own copies. > (One would still need very high bandwidth programs like editors, word > processors, drawing programs, etc., but some classes of software would be > amenable to this kind of remote access use, especially with very fast > networks.) I'd point out that with unlimited Telnet access, I can already use dictionaries and quote books, thesauri and other references, at reates varying from free to hundreds of dollars an hour.... The only software I "need" to do this is an OS and a comm program. This sounds like a great way to convince the holdouts of the value of encryption: if services are offered, over comm links, available easily from the home, with a minimum of fuss, to perform popular, resource intensive searches/services (quote books, dictionaries, come to mind, many of the things Gopher does), then the only software a user needs is (1) an OS (2) X server (or other screen manager/UI manager) (3) comm program (integrated into screen manager w/drag-and-drop probably necessary in this day and age, when using things like a baby is c considered "mature technology" (4) encryption package... If I cannot sign my requests (automagically, I suppose), then I can disavow billing, and if the service cannot encrypt the reply, any listener can receive "free" responses, perhaps over time duplicating much of the work and creativity that went into creating the service and selling it. I hate to support something like encryption with economics (the issues are deeper than that), but it sounds like an argument that would please many people. I just have to look at Prodigy (yech) sales with modems (or Windows (double-yech) with systems!) to see the infiltration of a useful and powerful thing like online service (or GUI/device independence) into a previously reluctant market to see what a little convincing can do. (Remember Nintendo? Before they started their ad campaign, noone was buying dedicated game machines, then they convinced everyone that everyone else was playing, soon they were as common as TV's, in a market still reeling from Atari!) I also hate to suggest charging for something already free! Hopehully I'm thinking of something (a) cheap, (b) convenient (which Gopher is not, I feel), and (c) better. It just jumped into my head how tied up with encryption ALL telecom issues are, even ones we've been doing for years now. Just look at how CI$ has had to change as more users jumped on, or the difference between CI$ and AOL or Prodigy. I'm new to this list, and probably repeating something axiomatic, but it seemed that with "extreme high speed networks" comes an assumption of extreme load (seems reasonable to me), and that means (1) commercial exploitation (possibly a good thing!), (2) need for security, and (3) the usual lag of technological penetration from the trailblazers to the huddled befuddled, with the trading of glitz for substance, name for talent, and pretty for powerful. > There may be attempts to limit this, as with the laws which ban rental of > CDs (but not videos, presumably because few people have two VCRS, while > those renting CDs can presumably easily diub them onto cassettes). If you assume that some of these systems (like the ones already online) will be legal and entreprneureal(sp?), this might still hold! > This could also reduce the costs of entry to the market, as new programs > could be offered for sale or access in a low-cost way, such as through > information markets like AMIX. Am I correct in deducing that encryption cannot be offered in this way? What other services are in this category? > I'm not taking a moral stand on either side, just noting one more > consequence of extremely high-speed networks. > Oh, can someone drop me a line with more information on digital cash? I'm new here, like I said. I'm a math major on leave of absence, currently unemployed (interview monday... crossing fingers), lately working as a programmer or in support. I've been interested in public key cryptography since the '79(?) Scientific American article (I was 13 when I read it, in '83... may have been one of the things that pushed me towards math) and am glad to finally get to play. (20 digit keys in BASIC/6502 on a VIC-20 were fun, but that's all!) Seth Morris (seth.morris@launchpad.unc.edu) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Sat, 13 Feb 93 03:02:33 PST To: cypherpunks@toad.com, gnu Subject: FCC Proposed Ruling on Scanners That Receive Cellphone Transmissions Message-ID: <9302131102.AA09849@toad.com> MIME-Version: 1.0 Content-Type: text/plain Please at least write a one-page letter in response to this proposed ruling. The idiots in Congress decided that banning radios was preferable to allowing (or requiring) decent encryption in cellular phones. Now the FCC is making rules to implement the Congressional ban. They should hear from us, loud and clear, that this is completely backwards and wrong. Your letter should reference Docket Number 93-1 and should clearly state the subject on which you are commenting. *Then* comment... John ------- Forwarded Message Message-Id: <199302111305.AA17580@eff.org> Date: Thu, 11 Feb 1993 08:10:14 -0500 To: gnu@toad.com (John Gilmore), barlow@eff.org, jberman@eff.org, mkapor@eff.org, blau@eff.org, farber@central.cis.upenn.edu From: Daniel J. Weitzner Subject: FCC Proposed Ruling on Scanners That Receive Cellphone Transmissions The file attached here was received today and is too long for inclusion in a regular issue of the Digest. It is submitted for your comments and consideration. You might want to send your comments to the FCC as well. PAT From: raisch@ora.com (Rob Raisch) Subject: FCC Proposed Ruling on Scanners That Receive Cellphone Transmissions Organization: O'Reilly & Associates, Inc. Date: Thu, 11 Feb 1993 05:10:24 GMT 47 CFR Parts 2 and 15 [ET Docket No. 93-1; FCC 93-1] Radio Scanners That Receive Cellular Telephone Transmissions AGENCY: Federal Communications Commission. ACTION: Proposed rule. SUMMARY: This Notice of Proposed Rule Making proposes to deny equipment authorization to radio scanners capable of receiving transmissions in the Domestic Public Cellular Radio Telecommunications Service. This action is taken in response to the Telephone Disclosure and Dispute Resolution Act (Pub. L. 102-556). The intended effect of this action is to help ensure the privacy of cellular telephone conversations. DATES: Comments must be submitted on or before February 22, 1993, and reply comments on or before March 8, 1993. ADDRESSES: Federal Communications Commission, 1919 M Street, NW., Washington, DC 20554. FOR FURTHER INFORMATION CONTACT: David Wilson, Office of Engineering and Technology, (202) 653-8138. SUPPLEMENTARY INFORMATION: This is a summary of the Commission's Notice of Proposed Rule Making in ET Docket No. 93-1, FCC 93- 1, adopted January 4, 1993, and released January 13, 1993. The full text of this decision is available for inspection and copying during normal business hours in the FCC Dockets Branch (room 230), 1919 M Street, NW., Washington, DC. The complete text of this decision also may be purchased from the Commission's duplicating contractor, Downtown Copy Center, at (202) 659-8657 or 1990 M Street, NW., suite 640, Washington, DC 20036. Paperwork Reduction The following collection of information contained in this proposed rule has been submitted to the Office of Management and Budget for review under section 3504(h) of the Paperwork Reduction Act (44 U.S.C. 3504(h)). Copies of this submission may be purchased from the Commission's duplicating contractor, Downtown Copy Center, at (202) 659-8657 or 1990 M Street, NW., suite 640, Washington, DC 20036. Persons wishing to comment on this collection of information should direct their comments to Mr. Jonas Neihardt, Office of Management and Budget, room 3235 NEOB, Washington, DC 20554, (202) 395-4814. A copy of any comments filed with the Office of Management and Budget should also be sent to the following address at the Federal Communications Commission: Federal Communications Commission, Office of the Managing Director, Paperwork Reduction Project, Washington, DC 20554. For further information contact Ms. Judy Boley, (202) 632-7513. OMB Number: None. Title: Scanning Receiver Compliance Exhibit. Respondents: Businesses or other for profit, small businesses/organizations Action: New collection. Frequency of Response: On occasion reporting. Estimated Annual Burden: Number of respondents: 40. Annual hours per respondent: 0.25. Total annual burden: 10. Needs and Uses: An exhibit accompanying a Form 731 Application for Equipment Authorization will determine compliance of applicants requesting authorization to market scanning receivers and frequency converters with Congressionally mandated regulations. The regulations prohibit the marketing of radio scanners capable of intercepting, or being modified to intercept, cellular telephone conversations. Summary of the Notice of Proposed Rule Making: 1. By this action, the Commission proposes to amend 47 CFR parts 2 and 15 to prohibit the manufacture or importation of radio scanners capable of receiving frequencies allocated to the Domestic Public Cellular Radio Telecommunications Service. This action is in response to the Telephone Disclosure and Dispute Resolution Act (Act), Pub. L. 102-556. 2. The Domestic Public Cellular Radio Telecommunications Service ("Cellular Radio Service") provides telephone service to mobile customers. Cellular telephones use frequencies in the bands 824-849 MHz and 869-894 MHz to connect their users to other cellular system users and to the Public Switched Telephone Network. 3. As defined in 47 CFR part 15 scanning receivers, or "scanners," are radio receivers that automatically switch between four or more frequencies anywhere within the 30-960 MHz band. In order to control their potential to cause harmful interference to authorized radio communications, the rules require that scanners receive an equipment authorization (certification) from the Commission prior to marketing. 4. In the past five years, 22 different models of scanning receivers capable of receiving cellular telephone transmissions have been issued grants of equipment authorization. During this same period, ten other models capable of tuning frequencies between 806 and 900 MHz except for the cellular bands have also been authorized. Several publications currently on the market describe relatively simple modifications that users can make to many of the latter scanning receivers to enable that equipment to receive cellular telephone transmissions. 5. The Telephone Disclosure and Dispute Resolution Act requires that the Commission, by April 26, 1993, prescribe and make effective regulations denying equipment authorization for any scanning receiver capable of: Receiving transmissions in the frequencies allocated to the domestic cellular radio service, Readily being altered by the user to receive transmissions in such frequencies, or Being equipped with decoders that convert digital cellular transmissions to analog voice audio. The Act also stipulates that, beginning one year after the effective date of the regulations adopted to satisfy the above requirements, no receiver having the above capabilities shall be manufactured in the United States or imported for use in the United States. 6. In accordance with the Act, we are proposing to deny equipment authorization to scanning receivers that tune frequencies used by cellular telephones. We are also proposing to require applicants for the authorization of scanning receivers to include in their applications a statement declaring that their receivers cannot be tuned to receive cellular telephone transmissions. 7. Also in accordance with the Act, we are proposing to require that scanning receivers be incapable of being readily altered by the user to operate within the cellular bands. To assist us in determining whether a scanner complies with this requirement, we propose to require applicants for scanning receiver equipment authorization to include in their applications a statement pledging that their receivers cannot be readily altered to receive cellular telephone transmissions. We also propose to prohibit the authorization of any scanning receiver for which cellular coverage can be readily restored by the user. We solicit comment on this proposed reporting requirement and on the definition of "readily altered." We also seek comment on whether additional information, such as why the receiver cannot be readily altered, should be required. 8. In further compliance with the Act, we propose to deny equipment authorization to any scanning receiver that can be equipped with decoders that convert digital cellular transmissions to analog voice audio. We invite comment on the potential impact of this requirement on existing models of scanning receivers. 9. There currently are a number of frequency converters on the market that can be used in conjunction with scanners that receive frequencies below 800 MHz to enable the reception of cellular telephone transmissions. We are proposing to deny equipment authorization to converters that tune, or can be readily altered by the user to tune, cellular telephone frequencies. We will require that applicants for FCC equipment authorization of frequency converters used with scanners include in their applications a statement pledging that the converters cannot be easily altered to enable a scanner to receive cellular transmissions. We seek comment on whether this statement should also include evidence indicating why the converter cannot be easily modified. 10. The Initial Regulatory Flexibility Analysis is contained in the text of the Notice. 11. Comment Dates Pursuant to applicable procedures set forth in 47 CFR 1.415 and 1.419, interested parties may file comments on or before February 22, 1993, and reply comments on or before March 8, 1993. In order to comply with the requirement of the Telephone Disclosure and Dispute Resolution Act that FCC rules be promulgated within 180 days of enactment, we will proceed with this Notice without furnishing a prior text as provided by Article 607 of the United States-Canada Free-Trade Implementation Act of 1988 (Pub. L. 100-499, 102 Stat. 1851). To do so would frustrate achievement of a legitimate domestic objective. In addition, the Commission is not likely to be able to accommodate requests for extension of the comment periods. To file formally in this proceeding, you must file an original and five copies of all comments, reply comments, and supporting comments. If you want each Commissioner to receive a copy of your comments, you must file an original plus nine copies. You should send comments and reply comments to Office of the Secretary, Federal Communications Commission, Washington, DC 20554. Comments and reply comments will be available for public inspection during normal business hours in the Dockets Reference Room of the Federal Communications Commission, 1919 M Street, NW., Washington, DC 20554. 12. Ex-Parte Rules-Non-Restricted Proceeding This is a non-restricted notice and comment rule making proceeding. Ex parte presentations are permitted, except during the Sunshine Agenda period, provided they are disclosed as provided in Commission rules. See generally 47 CFR 1.1202, 1.1203 and 1.1206(a). 13. For further information on this proceeding contact David Wilson, Technical Standards Branch, Office of Engineering and Technology, 202-653-8138. List of Subjects in 47 CFR Parts 2 and 15: Communications equipment, Wiretapping and electronic surveillance. Federal Communications Commission. Donna R. Searcy, Secretary. Parts 2 and 15 of title 47 of the Code of Federal Regulations are proposed to be amended as follows: PART 2-FREQUENCY ALLOCATIONS AND RADIO TREATY MATTERS; GENERAL RULES AND REGULATIONS 1. The authority citation for part 2 continues to read as follows: Authority: Secs. 4, 302, 303 and 307 of the Communications Act of 1934, as amended, 47 U.S.C. 154, 154(i), 302, 303, 303(r) and 307. 2. Section 2.975 is amended by adding a new paragraph (a)(8) to read as follows: 2.975 Application for notification. (a) * * * (8) Applications for the notification of receivers contained in frequency converters used with scanning receivers shall be accompanied by an exhibit indicating compliance with the provisions of 15.121 of this chapter. * * * * * 3. Section 2.1033 is amended by adding a new paragraph (b)(12) to read as follows: 2.1033 Application for certification. * * * * * (b) * * * (12) Applications for the certification of scanning receivers under part 15 shall be accompanied by an exhibit indicating compliance with the provisions of 15.122 of this chapter. * * * * * PART 15-RADIO FREQUENCY DEVICES 1. The authority citation for part 15 continues to read as follows: Authority: Secs. 4, 302, 303 and 307 of the Communications Act of 1934, as amended, 47 U.S.C. 154, 302, 303 and 307. 2. Section 15.37 is amended by adding a last sentence to paragraph (b), and adding a new paragraph (f), to read as follows: 15.37 Transition provisions for compliance with the rules. * * * * * (b) * * * In addition, receivers are subject to the provisions in paragraph (f) of this section. * * * * * (f) The manufacture or importation of scanning receivers, and frequency converters used with scanning receivers, that do not comply with the provisions of 15.121 shall cease on or before April 26, 1994. Effective April 26, 1993, the Commission will not accept applications for equipment authorization for receivers that do not comply with the provisions of 15.121. This paragraph does not prohibit the sale or use of authorized receivers manufactured in the United States, or imported into the United States, prior to April 26, 1994. 3. Section 15.121 is added to read as follows: 15.121 Scanning receivers and frequency converters used with scanning receivers. Scanning receivers, and frequency converters used with scanning receivers, must be incapable of operating (tuning), or readily being altered by the user to operate, within the frequency bands allocated to the Domestic Public Cellular Radio Telecommunications Service. Receivers capable of "readily being altered by the user" include, but are not limited to, those for which the ability to receive transmissions in the restricted bands can be added by clipping the leads of, or installing, a diode, resistor and/or jumper wire; or replacing a plug-in semiconductor chip. Scanning receivers, and frequency converters used with scanning receivers, must also be incapable of converting digital cellular transmissions to analog voice audio. ------- End of Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Sat, 13 Feb 93 04:19:30 PST To: cypherpunks Subject: [gnu@toad.com: Re: Technology Policy and Information Infrastructure ] Message-ID: <9302131219.AA13076@toad.com> MIME-Version: 1.0 Content-Type: text/plain ------- Forwarded Message To: "Vinton G. Cerf" , gnu@toad.com Subject: Re: Technology Policy and Information Infrastructure Date: Sat, 13 Feb 93 01:43:31 -0800 From: gnu@toad.com Sound bites for Congress re technology policy and information infrastructure: * Government investment invariably brings government control, which is harmful to the development of a communications medium in a free and open society. * The Government seized control of telegraphy, radio, and television early in their development, and they have never had full First Amendment protection. * Private, interactive electronic media involve Fourth and Fifth Amendment issues as well. * The Executive Branch is already advocating broad wiretapping, and banning of privacy technologies, and they don't even own the network. If the government owned the network, there'd be no stopping them. * The risk of moving society into media where individual rights are regularly abridged is too great. Economics is pushing us into individual electronic communication, regardless. * If Congress truly believes in the Bill of Rights, it should get the hell out of the networking business and stay out of it. John Gilmore (not speaking for) Electronic Frontier Foundation (but ask EFF if they want to say something like this...) ------- End of Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Sat, 13 Feb 93 04:21:32 PST To: cypherpunks Subject: [Re: Crypto Technology Policy] Message-ID: <9302131221.AA13150@toad.com> MIME-Version: 1.0 Content-Type: text/plain ------- Forwarded Message Message-Id: <9302130952.AA06229@toad.com> To: "Vinton G. Cerf" Subject: Re: Technology Policy and Information Infrastructure Date: Sat, 13 Feb 93 01:52:35 -0800 From: gnu@toad.com Vint, if your testimony will touch on "technology policy" as it relates to cryptograpy policy, then here are a few more "sound bits": * Privacy and authenticity technologies are key to reliable and trustworthy social and business interactions over networks. * Current government policies actively prohibit and inhibit the research, design, manufacturing, sale, and use of these technologies. * Taxpayers have been investing many billions of dollars per year in these technologies, in the NSA "black budget", but have seen no return on this investment. * Current "cold war" policy should be turned on its head. Privacy is one of the fundamental rights from which the Bill of Rights was derived. Government policy should encourage privacy technologies. Government controls on cryptography should be completely removed. * The taxpayer investment in privacy technologies should be returned to the taxpayers by declassifying NSA research and encouraging its widespread deployment to protect domestic civilian communications. ------- End of Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pozar@kumr.lns.com (Tim Pozar) Date: Sat, 13 Feb 93 07:30:38 PST To: gnu@toad.com (John Gilmore) Subject: Re: FCC Proposed Ruling on Scanners That Receive Cellphone Transmissions In-Reply-To: <9302131102.AA09849@toad.com> Message-ID: MIME-Version: 1.0 Content-Type: text/plain John Gilmore wrote: > Please at least write a one-page letter in response to this > proposed ruling. The idiots in Congress decided that banning radios > was preferable to allowing (or requiring) decent encryption in > cellular phones. Now the FCC is making rules to implement the > Congressional ban. They should hear from us, loud and clear, > that this is completely backwards and wrong. > > Your letter should reference Docket Number 93-1 and should clearly > state the subject on which you are commenting. *Then* comment... > > John I should add, it needs to be formated properly or it will not be read into the record and just tossed. Some where around here I have an example folks can use. I will dig it up and post it in a day or so. Tim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "DrZaphod" Date: Sat, 13 Feb 93 16:38:12 PST To: CypherPunks@toad.com Subject: Re: Letter to FCC Message-ID: <39954.drzaphod@ncselxsi> MIME-Version: 1.0 Content-Type: text/plain In Message Sat, 13 Feb 93 7:29:25 PST, kumr.lns.com!pozar@netcomsv.netcom.com (Tim Pozar) writes: > I should add, it needs to be formated properly or it will not be read >into the record and just tossed. Some where around here I have an >example folks can use. I will dig it up and post it in a day or so. > Well this is a nice little way for the government to bypass public opinion. "If it's not formatted right we won't read it." DrZaphod [AC/DC] / [DnA][HP] [drzaphod@ncselxsi.uucp] Technicolorized From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: geoffw@nexsys.net (Geoff White) Date: Sat, 13 Feb 93 13:40:46 PST To: cypherpunks@toad.com Subject: PGP Customs investigation Message-ID: <9302132122.AA13118@nexsys.nexsys.net> MIME-Version: 1.0 Content-Type: text/plain This might be old news by now but for what it's worth ... ----- Begin Included Message ----- [stuff deleted ... ] Subject: PGP Customs investigation Content-Length: 1235 X-Lines: 34 Status: RO >Date: Fri, 12 Feb 93 14:47:55 -0800 >Originator: pgp-dev@oc.com >Errors-To: hughes@soda.berkeley.edu >Reply-To: pgp-dev@oc.com >Sender: pgp-dev@oc.com >Version: 5.5 -- Copyright (c) 1991/92, Anastasios Kotsikonas >From: prz@sage.cgd.ucar.EDU (Philip Zimmermann) >To: >Subject: PGP Customs investigation > > >I just got a call from a criminal investigator from the US Customs >in San Jose. She wants to fly out here to Colorado next Thursday to >ask me how PGP got out of the USA. I told her I didn't export it, >but software published on domestic Internet sites can leak overseas. >She said I was not legally obligated to answer her questions, but that >she would like to come here and ask me questions about the program, and >any other information I wanted to provide on how it got exported. >She had a copy of the PGP 2.0 User's Guide (and, I presume, the software). > >I thought this bit of news would be of general interest to PGPeople. > > >Philip Zimmermann >12 Feb 93 > > > ----- End Included Message ----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pozar@kumr.lns.com (Tim Pozar) Date: Sat, 13 Feb 93 17:17:34 PST To: cypherpunks@toad.com Subject: Re: Letter to FCC In-Reply-To: <39954.drzaphod@ncselxsi> Message-ID: MIME-Version: 1.0 Content-Type: text/plain DrZaphod wrote: > In Message Sat, 13 Feb 93 7:29:25 PST, > kumr.lns.com!pozar@netcomsv.netcom.com (Tim Pozar) writes: > > I should add, it needs to be formated properly or it will not be read > >into the record and just tossed. Some where around here I have an > >example folks can use. I will dig it up and post it in a day or so. > > Well this is a nice little way for the government to bypass public > opinion. "If it's not formatted right we won't read it." Ever try to mail order tickets for Grateful Dead concerts? :-) Tim -- Internet: pozar@kumr.lns.com FidoNet: Tim Pozar @ 1:125/555 Snail: Tim Pozar / KKSF / 77 Maiden Lane / San Francisco CA 94108 / USA Voice: +1 415 788 2022 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fnerd@smds.com (FutureNerd Steve Witham) Date: Sat, 13 Feb 93 17:45:13 PST To: cypherpunks@toad.com Subject: Gold code? Message-ID: <9302132253.AA24202@smds.com> MIME-Version: 1.0 Content-Type: text/plain Could someone tell me (privately) what a Gold code is? Or, could someone resend me the message that described it? (I think it was in a thread about digital cellular phones.) thanks, -fnerd From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ssandfort@attmail.com Date: Sun, 14 Feb 93 13:38:28 PST To: Extropians@gnu.ai.mit.edu Subject: BattleZone Message-ID: <9302142138.AA24608@toad.com> MIME-Version: 1.0 Content-Type: text _________________________________________________________________ FROM THE VIRTUAL DESK OF SANDY SANDFORT ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ATTENTION: Cypherpunks and Extropians--Free Fun For those of you who live in the San Francisco Bay Area, or will be visiting 25-26 February, you are invited to play a free game at BattleZone. BattleZone is an indoor, paintball combat field. On the morning of either the 25th or the 26th, Channel 2 will be doing a live report on BattleZone. If you are interested in being televised while playing this very intense, high adrenaline game, send me an e-mail note with your voice phone numbers and the best times to get in touch with you. I will call and/or e-mail you with details. S a n d y ssandfort@attmail.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ssandfort@attmail.com Date: Sun, 14 Feb 93 13:41:12 PST To: Extropians@gnu.ai.mit.edu Subject: Computer Game Software Message-ID: <9302142141.AA24638@toad.com> MIME-Version: 1.0 Content-Type: text _________________________________________________________________ FROM THE VIRTUAL DESK OF SANDY SANDFORT ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ATTENTION: Cypherpunks and Extropians--South East Asian Markets If you are involved with recreational or educational software, I can assist you or your company to distribute it overseas. I have a very aggressive, very reliable business associate in Singapore, who would like to distribute your computer game and educational software throughout South East Asia. If you would like to know more, let me know and I will get in touch with you. This is a very easy way for you to increase the profitability of your software products. S a n d y ssandfort@attmail.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: scott@shrug.dur.ac.uk (Scott A. McIntyre) Date: Mon, 15 Feb 93 04:26:29 PST To: cypherpunks@toad.com Subject: Join in? Message-ID: MIME-Version: 1.0 Content-Type: text/plain Could I be added to this list, if at all possible? Thanks, Scott From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: root@rmsdell.ftl.fl.us (Yanek Martinson) Date: Mon, 15 Feb 93 22:07:46 PST To: cypherpunks@toad.com Subject: dc-nets Message-ID: MIME-Version: 1.0 Content-Type: text/plain Just a quick note to let anyone interested know that I'm still working on a dc-net implementation. I've had some problems with the nodes getting out of synch and am implementing some sort of ack/commit protocol. I'm also trying to make it work over TCP links in addition to e-mail. -- Yanek Martinson yanek@novavax.nova.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: scott@shrug.dur.ac.uk (Scott A. McIntyre) Date: Tue, 16 Feb 93 03:16:24 PST To: cypherpunks@toad.com (Cypherpunks) Subject: Cyphering on the NeXT Message-ID: MIME-Version: 1.0 Content-Type: text/plain I've got a NeXTstation colour and am dabbling with the various tools that are available for electronic encryption. As you may know, NeXT developed a Fast Elliptical Encryption system (FEE) based on public key technology, but was prohibited from exporting it due to US law; so the dropped the tool from their NeXTmail system which was set for International distribution. I have however found PGP recently (but can not get it to compile; I'm no programmer so I'm just bumbling throug the code fixing what I can by trial and error, not wise, I know), and a few other tools (kerberos)... I'd be interested in hearing from anyone else who is using any form of encryption on their NeXTs for electronic mail, how they implemented it, what they see as alternatives and so on. Ta, Scott --- EMAIL: S.A.McIntyre@durham.ac.uk OR scott@shrug.dur.ac.uk (NeXTmail) SNAIL: Pyschment of Departology, University of Durham, Durham, DH1 3LE "Did you know that the computer invented itself?" - SNL From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gkennedy@ccs.carleton.ca (Garry Kennedy) Date: Tue, 16 Feb 93 12:09:08 PST To: cypherpunks@toad.com Subject: re:subscription Message-ID: <9302162008.AA10150@superior.YP.nobel> MIME-Version: 1.0 Content-Type: text/plain Subscribe. Gary Kennedy gkennedy@ccs.carleton.ca From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: scott@shrug.dur.ac.uk (Scott A. McIntyre) Date: Tue, 16 Feb 93 08:49:02 PST To: cypherpunks@toad.com (Cypherpunks) Subject: Attn: Todd Steigerwald Message-ID: MIME-Version: 1.0 Content-Type: text/plain Todd, I am not able to mail you with the answer to your query as your mailer just said you were todd@imaginatio which is something less than complete...if you can mail me (S.A.McIntyre@durham.ac.uk) with your complete mail address, I can tell you how to get PGP working on the NeXT...I've been playing with it all afternoon! Scott From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Wed, 17 Feb 93 12:18:04 PST To: cypherpunks@toad.com Subject: Re: Timed-Release Crypto Message-ID: <9302172016.AA12281@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Dave Deltorto writes (about my idea for timed-release crypto): >Well, yes, Tim, but what about the MTBF rating fo disk drives and or other >storage media? Any such message would also be relying on the turst that the >disk it's stored on, the mail system and or the organization it was sent to >for storgae are still going to be around. Now, if there were dedicated places Loss of hardware over the years due to unreliability is unlikely to be the main issue, for several reasons: 1. Modern MTBFs for large disk drives are approaching 100,000 hours, or well over 10 years. The drives are likelier to be voluntarily retired first. And newer drives, including archival optical drives, are even more reliable (the drives may crash, but optical media survive). For the drives that _do_ fail, backup strategies exist, as with all storage of critical files. To wit, if your point is correct, then the failures of some disk drives at banks, insurance companies, etc., should be producing some fraction of "unrecoverable losses" each year. That they are not, because of robust backup and redundant storage methods, is evidence that crypto time vaults will also be reasonably secure. (Granted, you wouldn't want to trust your $100,000 deposit for 20 years on Joe Random's aging Amiga 1000.) 2. A relatively large file by today's standards, e.g., 10 megabytes, will be a very small file by the standards of 10 years from now. The upshot is that new and more reliable storage methods (and transmission methods) will make storage of such small files quite trivial. (And remember that since the pieces are encrypted, physical duplication for backups, redundant storage, etc., is not a compromise of security.) 3. The most reputatable crypto time vaults will of course be careful not to lose client files, especially not for such mundane reasons as disk drive failures. 4. M-out-of-n voting strategies are likely in any case, to deal with collusion of some of the nodes. That is, a file will be split into pieces such that any 8 out of 12 pieces, for example, are sufficient to recover the original file. (Encryption is a separate issue, though obviously related.) 5. The files are likely to be moved around a lot, anyway, making hardware failures manageable on an instantaneous basis (that is, bad nodes, etc., can be compensated for when the time comes to reroute the files). Thus, a critical file does not just get "parked" at one site for 30 years. >where such t-r crypto msgs could be stored, such as a digital "bank" (where >they would no doubt charge a storage fee, possibly necessitating that each >such msg would be able to "peel off" digicredits from itself every year to >guarantee paying for it's own upkeep in case you were no longer aropund to >sign checks), the question of whether or not it would BE there in 30 years >might be moot, but that's a whole 'nother discussion. "Persistent institutions" is what I call these systems or trusts that last for many decades. If such systems can be built, using some of the ideas discussed here in this group, then interesting new financial and political structures are possible. Imagine an anonymous, distributed trust that has $10 billion in crypto-assets and a "goal" of funding nanotech or cryonics research. (Lots of complicated stuff yet to be considered in enough detail on how such "goals" might be stored, acted on, etc. For the sake of simplicity, think of it as a kind of Howard Hughes Medical Foundation, which once owned the Hughes Corporation, but which is not located in any one single country....) >Still, I find your idea very compelling and full of merit. Thanks. Lots more work is needed. -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: deltorto@aol.com Date: Wed, 17 Feb 93 11:10:02 PST To: cypherpunks@toad.com Subject: Re: Timed-Release Crypto Message-ID: <9302171328.tn22198@aol.com> MIME-Version: 1.0 Content-Type: text/plain Tim May contributed a fascinating bit of thinking on timed-release messages, including this: >>"Aha!," I hear you exclaim, "Tim's scheme depends solely on the trust of >>these escrow agents, and that's no different from depositing a sealed >>envelope with your friendly lawyer and asking him to promise not to peek." Well, yes, Tim, but what about the MTBF rating fo disk drives and or other storage media? Any such message would also be relying on the turst that the disk it's stored on, the mail system and or the organization it was sent to for storgae are still going to be around. Now, if there were dedicated places where such t-r crypto msgs could be stored, such as a digital "bank" (where they would no doubt charge a storage fee, possibly necessitating that each such msg would be able to "peel off" digicredits from itself every year to guarantee paying for it's own upkeep in case you were no longer aropund to sign checks), the question of whether or not it would BE there in 30 years might be moot, but that's a whole 'nother discussion. Still, I find your idea very compelling and full of merit. dave From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl Barrus Date: Wed, 17 Feb 93 14:35:24 PST To: cypherpunks@toad.com Subject: digital store? Message-ID: <199302172234.AA25466@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain Cypherpunks, I've received mail from a bank user who wonders what to do with the "money". I responded that there really isn't too much reason to spend your money now, given that there isn't too much to buy :-) I've been trying to think of something the bank customers can do to trade bills, sort of a fixed monetary economic experiment. Anybody have ideas? Right now, bank customers can contact each other anonymously by using remailing headers set up for the remailer elee7h5@rosebud.ee.uh.edu - use the get command to receive a list of headers (for more info see the new help file). The only thing I can think of right now that people can do is play "mental poker" and use digital bills. Of course, messages back and forth need to be encrypted because such activity can be seen as gambling, although of course there is no real money involved. I'm working on a help file/FAQ for the bank, but I want to finish writing hop.mail for MSDOS first, and that isn't going as fast as I would like since I find the DOS scripting language to be, well... inadequate. /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wayner@cs.cornell.edu (Peter Wayner) Date: Wed, 17 Feb 93 15:30:07 PST To: cypherpunks@toad.com Subject: Gambling... Message-ID: <9302172328.AA29824@brokk.cs.cornell.edu> MIME-Version: 1.0 Content-Type: text/plain If there is no "real" money involved then you might want to consider running a betting operation on sports games or some other popular betting activity. Of course, many of us would probably rather bet on the release date of the 586 then some random ball game because that is where our expertise lies... :-) -Peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: lefty@apple.com Date: Thu, 18 Feb 93 10:45:53 PST To: cypherpunks@toad.com Subject: Re: Trapdoors Message-ID: <9302181844.AA06137@apple.com> MIME-Version: 1.0 Content-Type: text/plain Sandy Sandfort wonders: >How do we know the proposed legislation wasn't just a smoke >screen? Isn't it possible that the Feds have already compromised >Intel or MicroSoft? Is there some way to be sure that the new >486 chip running your computer isn't recording each PGP or RSA >private key you generate? No, nor do we having any particular way of knowing that Packard-Bell doesn't install an extremely tiny person into each keyboard they sell, studiously copying down each one of your key strokes. How in the world would the computer's CPU be able to distinguish the generation of a PGP or RSA private key from any other computation? -- Lefty (lefty@apple.com) C:.M:.C:., D:.O:.D:. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Thu, 18 Feb 93 10:50:25 PST To: cypherpunks@toad.com Subject: Re: Trapdoors Message-ID: <9302181848.AA20187@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain >How do we know the proposed legislation wasn't just a smoke >screen? Isn't it possible that the Feds have already compromised >Intel or MicroSoft? Is there some way to be sure that the new >486 chip running your computer isn't recording each PGP or RSA >private key you generate? > S a n d y ssandfort@attmail.com Sandy has discovered the deep dark secret of crypto! I worked for Intel from 1974 to 1986 and can confirm this to be the case. Every crypto key is secretly recorded by Intel microprocessors. Motorola processors do not yet record keys, which I why use a Macintosh. The specific instruction is the so-called "NSA instruction" which John Gilmore identified some time ago. Sun Microsystems was ordered by the NSA to redesign their chips to capture keys, which is why the SPARC processor was introduced. SPARC stands for "Sun Processor Allowing Remote Capture." Once the keys have been captured and stored on the user's hard disk (notice how the drives occasionally turn on a night?), they are forwarded to the NSA and National Surveillance Organization by "screen saver" programs, like "After Dark," which were actually written by the Berkeley Microsystems cut-out operation of the NSO. Real hackers don't use cutesy screen saver programs. This new automated system is much more convenient than the previous system, where the FBI and NSO had to break into homes and offices in order to retrieve the keys the Intel processors had recorded. -Klaus! von Future Prime, Cypherpunk and Extropian From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: kelly@netcom.com (Kelly Goen) Date: Thu, 18 Feb 93 12:50:01 PST To: cypherpunks@toad.com Subject: Re: Chip Level Back Doors In-Reply-To: <9302181756.AA28225@toad.com> Message-ID: <9302182048.AA04620@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain > > _________________________________________________________________ > FROM THE VIRTUAL DESK OF SANDY SANDFORT > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > I'm relatively new to the list, so this may be an idea that's > already been dealt with. If so, please let me know off-line. > > PGP was created as an end-run to legislation that would have > mandated trapdoors in all encryption hardware/software sold in > the U.S. Fortunately, such legislation has been defeated to > date. > > How do we know the proposed legislation wasn't just a smoke > screen? Isn't it possible that the Feds have already compromised > Intel or MicroSoft? Is there some way to be sure that the new > 486 chip running your computer isn't recording each PGP or RSA > private key you generate? > > S a n d y ssandfort@attmail.com > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > Actually I would like to respond to this one, from a technical level silicon compilers use a process known as auto_insert logic, this a a process where known gate libraries are automatically inserted in the design of a chip, a gate level trapdoor may then be created by designing a multiple level interdiction program, (virus tech immediately came to mine on this one do to my work in both the MS-DOS and Unix virus/security area, the first attack is on the base OS that the OS for the cad package, generally its some variety of Unix(tm), next the CAD package that manages the chip design, and finally the silicon compiler itself, now while all these steps are essentially trivial to an informed engineer in the business they are essntially opaque to those outside of the design/foundry end for chip design, could they be attacked in this fashion to create a gate level backdoor ??? With a modest investment intime and money by an attacker no,doubt if he subverts an engineer on the project of interest.,-- whish could be at the CAD software ivendor, the OS vendor for the cad platform, now while design verification techniques are used in most chip houses it should be relatively trivial to bypass that given the complexity of todays designs... is it possible?? damn right, Has it happened yet ??? I wouldnt know you tell me... I worked on the CAD end, the OS end, and the Silicon compiler end as well as having the skills needed to the the open holes in the whole process... finding out a chip design had been compromised wouldnt surprise me in the least... A Chip level backdoor to reach into the middle of a running systems and grab public keys is another magnitutde of complexity above what we are discussing on the gate level... is it possibile? most certainly... It would cost immensely however, and would require the coorperation or subversion of several steps in the chain A LOT more code has to be hidden in those auto_insert libraries and the design verification process has to be MUCH more widely compromised, and I believe performance hits WOULD be detectable at the end user level WHAT do YOU think cheers kelly From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: root@rmsdell.ftl.fl.us (Yanek Martinson) Date: Thu, 18 Feb 93 11:42:43 PST To: ssandfort@attmail.com Subject: Trapdoors (Not Very Likely) Message-ID: MIME-Version: 1.0 Content-Type: text/plain > Intel or MicroSoft? Is there some way to be sure that the new > 486 chip running your computer isn't recording each PGP or RSA > private key you generate? This is not very likely. There would be several problems for anyone attempting this. First, where do you store it? On-chip non-volatile memory? Second, how would the chip know that it was generating a private key? This would almost require artificial intelligence. You can't just scan for a sequence of instructions currently used by PGP, for they change with each version released. Or would it store ALL data that passes through it? Third, how useful would that be? What if you generate your keys on a sub-notebook computer which you carry with you or store in a secure place at all times. So, no, this is not something you need to worry about. -- Yanek Martinson yanek@novavax.nova.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pmetzger@shearson.com (Perry E. Metzger) Date: Thu, 18 Feb 93 13:42:33 PST To: cypherpunks@toad.com Subject: Re: Trapdoors Message-ID: <9302181938.AA10578@maggie.shearson.com> MIME-Version: 1.0 Content-Type: text/plain > From: ssandfort@attmail.com > > How do we know the proposed legislation wasn't just a smoke > screen? Isn't it possible that the Feds have already compromised > Intel or MicroSoft? Is there some way to be sure that the new > 486 chip running your computer isn't recording each PGP or RSA > private key you generate? If you could actually build a 486 such that it was capable of this task, you are a far better chip designer than any I know of. Not merely are we to expect that the 486 is capable of recording anything, but we are also to expect that its capable of solving a computationally undecidable problem as well. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dmandl@shearson.com (David Mandl) Date: Thu, 18 Feb 93 13:45:42 PST To: cypherpunks@toad.com Subject: Re: Trapdoors Message-ID: <9302181948.AA21706@tardis.shearson.com> MIME-Version: 1.0 Content-Type: text/plain > _________________________________________________________________ > FROM THE VIRTUAL DESK OF SANDY SANDFORT > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ [...] > Isn't it possible that the Feds have already compromised > Intel or MicroSoft? Is there some way to be sure that the new > 486 chip running your computer isn't recording each PGP or RSA > private key you generate? > > S a n d y ssandfort@attmail.com > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ You may be right. For example, I know for a fact that all 386/486 chips trap files with the string "Liz" in them--this is so that the NSA can capture and read love letters from me to my girlfriend. I have been getting around this by changing my pet names for her constantly, and placing the string "Liz" at random points in massive junk files to waste the spooks' disk space. Inconvenient, but it works. Ciao. --Dave. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jim@tadpole.com (Jim Thompson) Date: Thu, 18 Feb 93 12:58:33 PST To: cypherpunks@toad.com Subject: Re: Trapdoors Message-ID: <9302182057.AA00885@tadpole.tadpole.com> MIME-Version: 1.0 Content-Type: text/plain > The specific instruction is the so-called "NSA instruction" which John Gilmore > identified some time ago. > > Sun Microsystems was ordered by the NSA to redesign their chips to capture > keys, which is why the SPARC processor was introduced. SPARC stands for > "Sun Processor Allowing Remote Capture." Interestingly enough, V9 SPARC has a population count (number of bits set in word) instruction that was put in specificly at the request of No Such Agency. Jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: whitaker@eternity.demon.co.uk (Russell E. Whitaker) Date: Thu, 18 Feb 93 07:10:41 PST To: cypherpunks@toad.com Subject: MEETING: 4th Cypherpunks U.K. Message-ID: <1159@eternity.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain 4th Cypherpunks meeting, London ------------------------------- Will be held Saturday, 20 February 1993, at 1400 in the office of: FOREST 4th Floor 2 Grosvenor Gardens London SW1W 0DH 071-823-6550 This location is 2 blocks from Victoria Station, at the corner of Hobart Place, near Buckingham Palace. The entrance is the very last at the end of the office block, and is diagonally across the street from a cabbie shelter and a bank of BT payphones. If you have trouble finding us, call the above number or page me on 081-812-2661. Attendees, as always, are encouraged to bring their laptop and portable computers, for on-site PGP public key exchange and certification. Those who have already generated PGP 2.n public keys, but who aren't bringing their own machines, should bring diskettes with their public keys. As is usually the rule in this crowd, please don't copy your secret key on these diskettes... Amongst the usual topics of discussion will be: * An introduction to data privacy for novices * Further developments in U.K. anonymous remailers * Further developments in U.K. PGP key servers (telnet, ftp, email) .. and some interesting developments in re attempted anti-privacy legislation in the U.K. and elsewhere. Our special guest Saturday will be Dr. Whitfield Diffie, who will join us informally for the meeting, before his return to the U.S. It looks to be a good meeting. All are welcome. In liberty, Russell Earl Whitaker whitaker@eternity.demon.co.uk Communications Editor AMiX: RWhitaker EXTROPY: The Journal of Transhumanist Thought Board member, Extropy Institute (ExI) ================ PGP 2.0 public key available ======================= From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Thu, 18 Feb 93 17:30:29 PST To: w8sdz@TACOM-EMH1.Army.Mil (Keith Petersen - MACA WSMR) Subject: Re: toad.com mailing list postings from possible virus authors In-Reply-To: <9302181507.14268.w8sdz@TACOM-EMH1.Army.Mil> Message-ID: <9302190130.AA08277@toad.com> MIME-Version: 1.0 Content-Type: text/plain Keith, Kenneth: I have been busy both cutting a GDB release (which isn't done yet) and dealing with immediate management needs at my company. But your concerns are also of grave concern to me, so I'll take the time to answer you fully. I am uninterested in censorship of discussion of *any* topic on mailing lists through my machine. Your opinion is that this is inappropriate use of the Internet. I own the machine free and clear. I personally pay its network bills. If you examine its net connectivity and the associated connection contracts, you will find that the machine is attached via a worldwide network that explicitly promises not to censor any traffic UNLESS AND UNTIL a court of law -- not you -- has decided that that traffic is actually illegal. And my machine sends email traffic for any host (other than a short list known to be on uncensored networks) to uunet, which is explicitly authorized by NSF to forward uncontrolled outside traffic (e.g. from uucp sites) into the NSFnet. You see, I anticipated that third parties would want to control what I and my friends might want to talk about using this wonderful networking technolgy. And we aren't interested in your opinion. No offense intended, Keith -- I think you have done some truly great work for the community. But when you imply that conversations though my machine are in any way illegal or inappropriate, you've overstepped my respect for you. > This person appears to be a virus > author, one who knows virus authors, and/or one who encourages such > activity. Thank you, Senator McCarthy. I believe that thug@phantom.com is not a smart-card-carrying member of the virus authors' guild, but I'm not sure. I think that the attitude that it's OK for "computer scientists" or "virus researchers" to talk about viruses, to dissect them in detail, and to write or modify them, but it isn't OK for anyone else to do so, is two-faced and objectionable. Security by obscurity -- forcing people to be unaware of issues and threats like these, whether by explicit censorship, pressure on intermediate sites, or by social ostracism -- not only doesn't remove the threat, but is an affront to our open society. If you think that the public should be protected from the *content* of the particular message that was forwarded to me, I recommend that you look at recent issues of Info Security News (formerly ISPNews), one of the better trade rags covering security products. They seem to be running an article series by Alan Solomon on exactly how stealth viruses work, and they provided a lot more details than the overview posting that came through toad.com. I've seen articles in the Sep/Oct and Nov/Dec 1992 issues so far. Just as important to the cypherpunks posting was the author's exploration of the impacts on society resulting from the technology (the movement toward memory-protected and permission-controlled operating systems, the impacts of automating virus creation so that children can do it, etc). The Solomon articles focused completely on technical issues, leaving the reader in the dark about how to cope over the next few years. My own opinion is that viruses are what will finally put a stake through the heart of DOS. It's a dirty job, but somebody has to do it. If true, or even 10% likely, it's something that a hundred million people had better talk about, so they can prepare for it. John Gilmore gnu@toad.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Thu, 18 Feb 93 17:40:18 PST To: gnu@toad.com Subject: toad.com mailing list postings from possible virus authors Message-ID: <9302190140.AA08377@toad.com> MIME-Version: 1.0 Content-Type: text/plain This is the message I received which complained about "inappropriate use of the Internet". He also phoned me to complain. I know the cyperpunks already know this, but Dave Farber's audience might not have thought about the implications for free speech of having the government build a multi billion dollar Internet replacement. Bureaucrats and random complaints from third parties on such a network *will* cause you grief about what you are allowed to say and do. The company I buy networking from is Alternet, and because they exist, I can protect myself from this sort of meddling. They will not be able to compete with the taxpayer funded "national information infrastructure", and my only option, if I want to be on the net, will be to hook up under the government's rules. If after seeing this this exchange you still don't believe me, talk to someone at a controversial broadcast radio station. Radio is living under that yoke *now*, and they have some real stories to tell. John Date: Tue, 16 Feb 1993 12:53:14 -0500 (EST) To: gnu@cygnus.com (John Gilmore) Cc: CMcDonald@WSMR-SIMTEL20.Army.Mil (Chris McDonald), krvw@cert.org ("Kenneth R. van Wyk") Subject: toad.com mailing list postings from possible virus authors From: w8sdz@TACOM-EMH1.Army.Mil (Keith Petersen - MACA WSMR) Message-Id: <9302161253.16494.w8sdz@TACOM-EMH1.Army.Mil> John, below is the posting I called about. In my opinion this is inappropriate use of the Internet. This person appears to be a virus author, one who knows virus authors, and/or one who encourages such activity. What is the policy of toad.com concerning such postings? Keith -- Keith Petersen Maintainer of the MS-DOS archive at WSMR-SIMTEL20.Army.Mil [192.88.110.20] Internet: w8sdz@TACOM-EMH1.Army.Mil or w8sdz@Vela.ACS.Oakland.Edu Uucp: uunet!umich!vela!w8sdz BITNET: w8sdz@OAKLAND > From: thug@phantom.com (Murdering Thug) > Subject: Re: Viral encryption > To: cypherpunks@toad.com > Date: Thu, 11 Feb 93 11:47:43 EST > > As Mr. Ferguson pointed out, polymorphic viruses are making their way into the > DOS world. This is a problem in the short term, but not in the long term > because people will be changing to memory-protected & file-permission based > operating systems like NT, OS/2 and Unix, where it is very difficult for > most kinds of virus to spread. > > I myself am very familiar with the virus underground, so for those who are > not, let me explain the two newest and most deadly virus techniques which > are being seen in the DOS world. > > The first is something called "Stealth" viruses. Stealth viruses imbed > themselves into DOS and intercept disk read calls from applications. If > those read system calls are reading non .EXE or .COM files, then they are > processed normally. However when an application such as virus scanning > program is reading in .COM and .EXE files (in order to scan them for virus > code), the stealth code in DOS intercepts this and returns to the application > what the .EXE or .COM file would look like if it wasn't infected by the > stealth virus. Thus, all virus checking programs can be decieved in this > manner. There are steps to get around this, like booting off of a > write-protected floppy disk (with a clean copy of DOS on it) and running > the virus checking program directly from that floppy. But people seldom > do that, so the stealth technology is a worthwhile one for virus creators > to pursue. > > The second is called "Polymorphic" viruses. These are viruses which > contain a tiny encryption/decryption engine. The great thing about > polymorphic viruses is that they encrypt themselves with a different key > each time they replicate (make a new copy of themselves). The small > amount of virus bootstrap code which is not encrypted is changed in each > replication by dispursing random NOP's throughout the virus boostrap code. > Thus each sample of polymorphic virus looks completely different to > virus checking programs. The virus checking programs cannot use > "signature" byte strings to detect polymorphic viruses. > > I have seen something called D.A.M.E., also known as Dark Avenger > Mutation Engine. This is a freeware polymorphic library/kernel/toolkit > which allows anyone to take an ordinary virus and wrap it in a polymorphic > shell. Thus each new copy of the virus will look completely different > as it replicates. D.A.M.E. is a great toolkit for those who want to > release new viruses but don't have the skills to write a virus from > scratch. DAME works very well with Turbo Assembler and MASM. > I believe that DAME II will be coming out sometime this spring. At > least that is what the author has promised. Among the new features > will be more powerful encryption, stealth capabilities, and compatibility > with Stacker and DR DOS compressed file systems. I have read that the > author of DAME and DAME II will be coming out with a Virus Construction > Set, which will allow point-n-click building of new viruses using > object oriented techniques. It works sort of like a Mr. Potatohead, > you point and click on the parts/modules you want and it builds it for > you. You select the replication method, stealth capability, > polymorphism, and payload module (there are several payloads, varying > from playing music and showing graphics, to printing a text message on > screan, to complete wipe out of the HD). The really wonderful thing > is that you will be able to build your own modules and link them into > the virus. I am sure a flourishing of third-party modules will occur. > > With the VCS, a 9 year old can build a competely new virus just by > pointing, clicking, and dragging, popping up windows and choosing options. > > My oh my, aren't we in for fun times ahead... > > Thug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ssandfort@attmail.com Date: Thu, 18 Feb 93 09:56:43 PST To: cypherpunks@toad.com Subject: Trapdoors Message-ID: <9302181756.AA28225@toad.com> MIME-Version: 1.0 Content-Type: text _________________________________________________________________ FROM THE VIRTUAL DESK OF SANDY SANDFORT ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ I'm relatively new to the list, so this may be an idea that's already been dealt with. If so, please let me know off-line. PGP was created as an end-run to legislation that would have mandated trapdoors in all encryption hardware/software sold in the U.S. Fortunately, such legislation has been defeated to date. How do we know the proposed legislation wasn't just a smoke screen? Isn't it possible that the Feds have already compromised Intel or MicroSoft? Is there some way to be sure that the new 486 chip running your computer isn't recording each PGP or RSA private key you generate? S a n d y ssandfort@attmail.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wixer!jonl@bigtex.cactus.org (Jon Lebkowsky) Date: Fri, 19 Feb 93 07:11:58 PST To: gnu@toad.com (John Gilmore) Subject: Re: toad.com mailing list postings from possible virus authors In-Reply-To: <9302190130.AA08277@toad.com> Message-ID: <9302190302.AA17901@wixer> MIME-Version: 1.0 Content-Type: text/plain > > This person appears to be a virus > > author, one who knows virus authors, and/or one who encourages such > > activity. > > Thank you, Senator McCarthy. I believe that thug@phantom.com is not > a smart-card-carrying member of the virus authors' guild, but I'm not sure. > > I think that the attitude that it's OK for "computer scientists" or > "virus researchers" to talk about viruses, to dissect them in detail, > and to write or modify them, but it isn't OK for anyone else to do so, > is two-faced and objectionable. Security by obscurity -- forcing > people to be unaware of issues and threats like these, whether by > explicit censorship, pressure on intermediate sites, or by social > ostracism -- not only doesn't remove the threat, but is an affront to > our open society. I agree completely. thug was doing me & others like me a favor by explaining in clear terms this next in a series of viral threats to our systems' integrity, and I figger I owe him thanks...burning him at the stake would be kinda rude, considering.... jonl From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: thug@phantom.com (Murdering Thug) Date: Thu, 18 Feb 93 18:25:31 PST To: cypherpunks@toad.com Subject: Re: toad.com mailing list postings from possible virus authors In-Reply-To: <9302190140.AA08377@toad.com> Message-ID: MIME-Version: 1.0 Content-Type: text/plain With regard to Mr. Peterson: I think we are finally seeing the net gestapo coming out of the woodwork. We all knew they are on the net, we just couldn't pinpoint who exactly they were. This Peterson fellow seems to think he is the self-appointed protector of decency on the net. I have run across this Peterson fellow before, and he seems to have this crazed desire to call up (by voice) system administrators to complain about the net postings and mailing list postings of users at those sites, and then threaten further action if his demands are not met. My previous encounter with Mr. Peterson occurred rather indirectly. Apparently, a novice user here at phantom.com mistakenly mailed a posting about gay lifestyles to some mailing list that Mr. Peterson was on. Being a net nazi, Mr. Peterson proceeded to call up the sysadm of phantom.com and threatened to call up phantom.com's feed site (PSInet) complaining about "inappropriate use of the net" and threatened to ask PSI to cut phantom.com from the net. This would not have worked since PSI is a commercial feed provider, but I can see where this gestapo tactic would work on sites who get their feeds for free/cheap from universities and other non-commercial sites. Is this guy on a power trip or something? And who the fuck appointed him to watch over what is being said on the net? Re: my virus posting As you can read from the posting itself, there is nothing in there that technically allows anyone to write a virus based on my words. Nor is there anything in there that encourages people to write viruses. But that's not the real issue, even if my post contained such information, I think I am free to send it along to whever I wish. The fact that my post was devoid of such information, only makes Peterson look even more foolish than he already does. If anything, my post was meant to be humerous and sarcastic. Especially that part about how 9 year olds will be able to point-and-click together viruses within a year, and how overpaid underachievers like Peterson and his cronies in the virus-protection-racket are powerless to stop this from occuring. I think the other thing that made Peterson fly off the handle was the fact that I am writing under an alias, an especially offensive one like "Murdering Thug". I'm sure if my virus post came from a "respected" and "approved" individual like McAfee or John Dvorak, he wouldn't have raised an eyebrow. In fact Dvorak wrote an Editorial in PC Magazine about a year back which was VERY similar to my post. In his editorial he discussed D.A.M.E. and Stealth viruses, and explained how they worked in similar detail as I have done. Did Mr. Peterson write a letter to PC Magazine to complain? I think not. He knows that someone like Dvorak could make him look like the true idiot that he is. Mr. Peterson, I am glad your are showing your gestapo personality in front of the entire net. Your underhanded tactics of threatening system administrators with harassing voice phone calls will be exposed to the net community at large, and YOU will be the one who is mocked and censured, and rightly so. Respectfully, Murdering Thug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl Barrus Date: Fri, 19 Feb 93 07:11:44 PST To: cypherpunks@toad.com Subject: hopmail.bat for MSDOS Message-ID: <199302190429.AA10835@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain Cypherpunks & cypherpunkettes :-) At long last I beleive a working version of hopmail written in the MSDOS scripting is finished. I've tested it and it seems to work (and I even sent messages with DOS CRLF's instead of unix NL and had no problems), but if you find problems let me know. I'm assuming you are like me in that my pc doesn't have a dedicated net connection, so the scripts just prepare file, but don't mail them. You would upload the file to your network account and go from there. Warning: the code is ugly, but I plead innocence, citing the constraints of the language! I've never used so many goto's since my last BASIC program ~11 years ago. I think in the future I'll just write DOS stuff in C/C++, with system calls, and offer source with executables, so you can recompile if you've think I've added secret password catching commands :-) I'd use 4DOS and other enhancements like some people have suggested (thanks!) but I want to be sure as many people as possible can use the script, so using just plain old DOS seems the best way to go. Well, the best way to go in DOS. I'll write a help file and offer it, the script, and anonmail.bat up for ftp. Quickly, because getting input from the user in DOS is a real pain/impossible without resorting to extra programs/assembly hacks , all parameters are just entered on the command line. Type hopmail and a short help screen will appear. Now I'll clean up the digital bank and circulate the source to those interested. ---------8< -- cut here -- >8---------- @echo off rem hopmail.bat - allows routing a message through various remailers rem extropia not supported just yet rem Karl Barrus - elee9sf@menudo.uh.edu rem if no parameters, print help file if '%1'=='' goto help rem get file name shift set filename=%0 if not exist %filename% goto errnofile rem check mode shift set mode=0 if '%0'=='1' set mode=1 if '%0'=='2' set mode=2 if '%mode%'=='0' goto errmode rem set up encrypted pgp header echo :: > zzztemp1.txt echo Encrypted: PGP >> zzztemp1.txt echo. >> zzztemp1.txt rem create null message echo. > zzztemp3.txt rem get email address shift set to=%0 if '%to%'=='' goto errmail :repeat shift if '%0'=='' goto finish if '%0'=='1' set rto=hh@pmantis.berkeley.edu if '%0'=='2' set rto=hh@cicada.berkeley.edu if '%0'=='3' set rto=hh@soda.berkeley.edu if '%0'=='4' set rto=hal@alumni.caltech.edu if '%0'=='5' set rto=remailer@rebma.mn.org if '%0'=='6' set rto=elee7h5@rosebud.ee.uh.edu if '%0'=='7' set rto=phantom@mead.u.washington.edu if '%0'=='8' set rto=hfinney@shell.portal.com rem set up remailing request header echo :: > zzztemp2.txt echo Request-Remailing-To: %to% >> zzztemp2.txt echo. >> zzztemp2.txt rem append previous message copy zzztemp2.txt + zzztemp3.txt zzztemp4.txt > nul del zzztemp2.txt rename zzztemp4.txt zzztemp2.txt if '%0'=='1' goto none if '%0'=='2' goto none if '%0'=='3' goto none pgp -ea zzztemp2.txt %rto% > nul copy zzztemp1.txt + zzztemp2.asc zzztemp3.txt > nul goto next :none copy zzztemp2.txt zzztemp3.txt > nul :next set to=%rto% goto repeat :finish if '%mode%'=='1' goto incmessage rem append, user chose create to receive echo -----cut here---- >> %filename% copy %filename% + zzztemp3.txt zzztemp4.txt > nul echo. >> zzztemp4.txt echo To reply, save everything below the cut here marks >> zzztemp4.txt echo Type your reply below the blank line two lines above >> zzztemp4.txt echo Mail resultant file to %to% >> zzztemp4.txt del %filename% rename zzztemp4.txt %filename% goto done :incmessage rem user chose create header to send copy zzztemp3.txt + %filename% zzztemp4.txt > nul del %filename% rename zzztemp4.txt %filename% echo Remember to mail %filename% to %to% goto done :help echo Usage: hopmail filename mode address remailer# [remailer#]... echo Mode: echo 1: Mail a file via anonymous remailers echo 2: Create a remailing header and append to a file echo. echo Address: echo for mode 1, destination address echo for mode 2, your address echo. echo Remailers: echo 1: hh@pmantis.berkeley.edu echo 2: hh@cicada.berkeley.edu echo 3: hh@soda.berkeley.edu echo 4: hal@alumni.caltech.edu echo 5: remailer@rebma.mn.org echo 6: elee7h5@rosebud.ee.uh.edu echo 7: phantom@mead.u.washington.edu echo 8: hfinney@shell.portal.com rem echo 9: remail@extropia.wimsey.com goto end :errmode echo Error: mode must be 1 or 2 goto end :errmail echo Error: no destination specified goto done :errnofile echo Error: file %filename% does not exist goto end :done del zzz*.* :end From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Fri, 19 Feb 93 07:10:33 PST To: cypherpunks@toad.com Subject: Defending Free Speech and Liberty Message-ID: <9302190714.AA23494@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Cheers for John Gilmore in his defense of free speech and liberty! The Net.Nazi who apparently criticized him for inappropriate use of the Net clearly understands neither the nature of free exchange of ideas nor the relative innocuousness of Murdering Thug's article on viruses. Thug's article on polymorphic viruses was factual and made some good points, and certainly was not very controversial. And even if it was controversial, so what? Frankly, Thug's article was pretty tame (no offense, Thug...a lot of our postings are pretty tame). I've seen more details elsewhere on the Dark Avenger Mutation Engine, so big deal! (The "virus construction kit" idea was also recently the subject of an article in one of the trade rags, and I recall Steve Gibson writing at least two fairly alarmist and detailed articles on polymorphic viruses for "Infoworld." And the trade journal "Computers and Security" has extensive coverage of all of these virus technologies.) As with so many things that the cop and spy mentalities want kept secret from the riffraff, who gains by keeping the secrets? The Bulgarian virus writers (could this whole "Bulgarian" thing be just part of the propaganda campaign by the SPA and GoreTechs to ensure a "safe" network, a la NREN? Just a thought.) certainly will be a lot more current than casual readers of a brief article. If discussion of viruses is discouraged--or even banned--who will benefit? Ordinary citizens will be kept in the dark, while the virus guys at Los Alamos and the Army Center for Signal Warfare (Vint Hill Station, VA) will continue to let out contracts for virus warfare to MITRE and their ilk, while bogus stories get out (like the supposed viruses planted in equipment bound for Iraq just before the war started), and while the supposed "good guys" like Fred Cohen (he wrote the first big study of viruses and brunnering) are busy proposing "good viruses" that would seek out tax evaders, deadbeat Dads, and other subversives! (Lord, save us from the fools!). Meanwhile, the French SDECE is spying on everyone they can and probably was behind CLODO (Comite Liquidant ou Detoumant les Ordinateurs), the anti-computer terrorist group. The better to scare the populace, don't you know? I say, let's expand the scope of the Cypherpunks list to include more discussion of viruses. We can't let it become a monopoly of the Authorities (the Brunner Authority instead of the Turing Authority?) The "Cypherpunk Ethic" says we don't trust authority to tell us how to compute, and we don't understand defense methods until we understand attack methods. QED. Frankly, I expect the next target of the powerfreak authorities to be our work on anonymous remailers and digital money. They'll come to see that as a bigger threat than mere viruses. -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peter honeyman Date: Fri, 19 Feb 93 07:11:30 PST To: cypherpunks@toad.com Subject: the revocation blues Message-ID: <9302190448.AA10424@cygnus.com> MIME-Version: 1.0 Content-Type: text/plain this certainly presents a challenge for the trust web. i suppose the key ring needs a "kill" list. peter ------- Forwarded Message Newsgroups: alt.security.pgp,sci.crypt From: perry@jpunix.com (John A. Perry) Subject: Key Revocation Problems Organization: J. P. and Associates, Dickinson, TX Date: Tue, 16 Feb 1993 23:56:35 GMT Message-ID: Keywords: PGP keys - -----BEGIN PGP SIGNED MESSAGE----- Hello Everyone! Several of us have been wrestling with a key revocation problem for some time now. When I first installed PGP 2.1 I had a weird chain of events follow. I generated my personal key and sent a copy of my public key to Vesselin Bontchev and Ken van Wyk. This key was posted to one of the large keyrings almost immediately. Several hours later, I was still playing with PGP and suffered a disk crash. I had not yet had a chance to back up my keyring. Needless to say, I lost the keyring and now I have no way to revoke the key. The specific key I'm talking about is 0x76A3. The key I currently use, 0xB199 is the one I plan on using from now on. It is backed up frequently of course. About a week ago I sent a signed message to Vesselin explaining the problem and he agreed to add his own comments, sign it, and post it to alt.security.pgp and sci.crypt. The message seems to have fallen through the cracks which is why I'm posting this message. I'm sure if Vesselin, explorer@iastate.edu, and warlord@mit.edu are reading this, they will add their own verifications of this problem. If I receive the errant message from Vesselin, I'll repost it also. In the meantime, if you feel this is enough verification to remove the public key 0x76A3 from your public keyring, I sure would appreciate it. If you require further verification, I will be glad to discuss it on the phone. My home number is 713-534-3653 and my work number is 409-772-2706 (the secretary). I apologize for any inconvenience. At least this fluke chain of events may show everyone the importance of backing up your PGP keyrings often. Remember 0xB199 is the good one!! - -----BEGIN PGP SIGNATURE----- Version: 2.1e iQCVAgUBK4F/K1oWmV4X/7GZAQHRvAP/QYDZU8xD7v4y4SJbE1bgp2FVTQWOt106 YJjOAXSyKQuZKQVxLOSF2c4kq0PS3+kUQedWTvccxB6koUAp6gscBg4UFWYQAQc5 Tu5QIE/c9XHhmergEKGpVz9GDVPiolMJbKh3Ni6q/Wul8T65vtT+y9alN8KDIJZt IGTeSspNtVo= =whcq - -----END PGP SIGNATURE----- - -- John A. Perry - perry@jpunix.com jpunix!perry PGP 2.1 signature available by fingering perry@phil.utmb.edu ------- End of Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phiber Optik Date: Fri, 19 Feb 93 07:10:55 PST To: gnu@toad.com (John Gilmore) Subject: Re: toad.com mailing list postings from possible virus authors In-Reply-To: <9302190140.AA08377@toad.com> Message-ID: <199302190537.AA28048@eff.org> MIME-Version: 1.0 Content-Type: text/plain Granted the idiocy of Mr. High-and-Mighty Army Man's opinion of what people can and can't say, I couldn't help but point out two silly things in the message he's complaining about: [stuff deleted] > > each time they replicate (make a new copy of themselves). The small > > amount of virus bootstrap code which is not encrypted is changed in each > > replication by dispursing random NOP's throughout the virus boostrap code. > > Thus each sample of polymorphic virus looks completely different to > > virus checking programs. The virus checking programs cannot use > > "signature" byte strings to detect polymorphic viruses. > > Either he's explaining it wrong, or the author is actually foolish enough to think that people won't simply just IGNORE the randomly placed NOPs and only consider the other instruction codes in forming a signature(s). Wowie. Real programmers know that the strength of polymorphic code lies in the fact that the same instruction can be coded as numerous different opcodes on Intel processors. And... > > I have seen something called D.A.M.E., also known as Dark Avenger > > Mutation Engine. This is a freeware polymorphic library/kernel/toolkit Why does he keep referring to MtE, as "DAME"??? It never ceases to amaze me how such an elementary and sophomoric subject as viruses can cause the strangest reactions from some people. I think it has something to do with the noxious connotations of the word 'virus'. Maybe if we all just agreed to call them 'nuisance programs', like flies on a horse's rear-end, they wouldn't cause such fool panic. On a finer note, I know a couple more of my "non-privacy in the phone system" messages are in order, I was pleased by the response I got. I'll try and work myself into the mood. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ssandfort@attmail.com Date: Fri, 19 Feb 93 07:10:51 PST To: cypherpunks@toad.com Subject: LIST RULES Message-ID: <9302190553.AA16486@cygnus.com> MIME-Version: 1.0 Content-Type: text _________________________________________________________________ FROM THE VIRTUAL DESK OF SANDY SANDFORT ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ In a recent post, John Gilmore wrote: "Keith, Kenneth . . . I am uninterested in censorship of discussion of *any* topic on mailing lists through my machine . . . the machine is attached via a worldwide network that explicitly promises not to censor any traffic UNLESS AND UNTIL a court of law --not you -- has decided that that traffic is actually illegal." Because I agree COMPLETELY with what John wrote, I'm somewhat miffed at him for his seeming lack of constituency. Recently, I posted a notice on this list about a software business contact I have in South East Asia. John sent me a terse note asking me not to "advertise" on the list. I was a bit surprised at his response for several reasons. First, a founding Cypherpunk regular, Tim May, suggested I post my question the list when I asked him if he knew anyone working on recreational software. Second, I have had several polite enquiries from list members who where interested in what I posted. Finally, nobody else was offended enough to complain. I sent a respectful note to John asking him, among other things, if I had violated some prohibition of which I was unaware. John's response was: "Please consider this message a prohibition against advertising. Apparently nobody else on the list needed to hear it, except you, since you are the first person to abuse the list in this way." Now I fully agree that it's John's ball, and I will play by his rules, but I find it hard to reconcile John's public tolerance with his private prohibition. Does ANYONE else feel abused? I hope not. What do others on this list think about "commercial" postings? I will not "advertise" on the list as long as John prohibits it. But I sincerely hope his prohibition does not discourage others from discussing the issues it raises. I would like to hear what the rest of you think. S a n d y ssandfort@attmail.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: geoffw@nexsys.net (Geoff White) Date: Fri, 19 Feb 93 09:17:43 PST To: w8sdz@TACOM-EMH1.Army.Mil Subject: Re: toad.com mailing list postings from possible virus authors Message-ID: <9302191709.AA02257@nexsys.nexsys.net> MIME-Version: 1.0 Content-Type: text/plain > Subject: Re: toad.com mailing list postings from possible virus authors > From: w8sdz@TACOM-EMH1.Army.Mil (Keith Petersen - MACA WSMR) > Content-Type> : > text> > Content-Length: 2643 > X-Lines: 59 > Status: RO > > John, by quoting and reposting without my permission, my private > message to you to a public mailing list you have violated the Federal > Communications Privacy Act of 1986. > > PUBLIC LAW 99-508--OCT. 21, 1986 > > TITLE II--STORED WIRE AND ELECTRONIC COMMUNICA- > TIONS AND TRANSACTIONAL RECORDS ACCESS > > ss. 2702. Disclosure of contents > > "(a) Prohibitions.--Except as provided in subsection (b)-- > "(1) a person or entity providing an electronic > communication service to the public shall not knowingly > divulge to any person or entity the contents of a > communication while in electronic storage by that service; > and > "(2) a person or entity providing remote computing > service to the public shall not knowingly divulge to any > person or entity the contents of any communication which > is carried or maintained on that service-- > "(A) on behalf of, and received by means of > electronic transmission from (or created by means of > computer processing of communications received by > means of electronic transmission from), a subscriber > or customer of such service; and > "(B) solely for the purposed of providing storage or > computer processing services to such subscriber or > customer, if the provider is not authorized to access > the contents of any such communications for purposes > of providing any services other than storage or > computer processing. Keith, Maybe you should read more carefully... > "(b) Exceptions.-- A person or entity may divulge the > contents of a communication-- > "(1) to an addressee or intended recipient of such > communication or an agent of such addressee or intended > recipient; > "(2) as otherwise authorized in section 2516, > 2511(2)(1) , or 2703 of this title; > "(3) with the lawful consent of the originator or an > addressee or intended recipient of such communication, or > the subscriber in the case of remote computing service; I think John is the "intended recipient of such communication" as I am also an "intended recipient" of this communication from you, which I will post to cypherpunks so others can see what kind of person you are. If your intention is to "threaten" with this kind of foolishness, then I must warn you, I consider this type of behavior harassment due to the confrontive nature of your post. Let it go on record that I don't expect to be harassed, intimidated or "threatened" and I think the Internet rules are VERY clear about this type of behavior. Geoff White (GW67) geoffw@nexsys.net From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@pmantis.berkeley.edu Date: Fri, 19 Feb 93 09:51:53 PST To: cypherpunks@toad.com Subject: anonymous mail Message-ID: <9302191753.AA12638@pmantis.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain This message routed through 7 remailers, sent around 11:45 CST 2/19/93: pmantis -> soda -> alumni -> rosebud -> mead -> shell -> buffalo All welcome the new remailer Rusty has set up! Also, congrats to Chael Hall for his efforts - I'm testing his remailer as well for inclusion in various scripts. (Eric, I'm not getting any responses back from your remailer @cicada for some reason, even if I just use it as a single hop) Look for the 8 remailer routing confirmation coming soon - also through rebma. If there's some temporary problem with cicada and it's fixed, look for the 9 remailer hopping message. And if that shows, look for the 10 remailer routed message (now that's security) utilizing extropia if I have to build the headers myself!! Question: of the unix users, who does NOT have access to ksh (via your login shell or #!/bin/ksh or somewhere else)? Rewriting hop.mail in ksh would allow me to support extropia, and reverse the chaining direction (that is, route the mail as you specify and not actually in reverse) DOS folks can expect hopmail.exe (source + executable) because I don't think its possible in the native batch language. Well, I guess you can figure out who this is, so /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Shipley Date: Fri, 19 Feb 93 10:27:47 PST To: cypherpunks@toad.com Subject: Re: toad.com mailing list postings from possible virus authors In-Reply-To: <9302190302.AA17901@wixer> Message-ID: <9302191826.AA23693@edev0.TFS> MIME-Version: 1.0 Content-Type: text/plain >> Thank you, Senator McCarthy. I believe that thug@phantom.com is not >> a smart-card-carrying member of the virus authors' guild, but I'm not sure. where do I sign up to join the "virus authors' guild"? I hear that the news letter is wonderful/informative and self propagating. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Anonymous@cs.Buffalo.EDU Date: Fri, 19 Feb 93 08:07:20 PST To: cypherpunks@toad.com Subject: PGP anonymous remailer Message-ID: <9302191606.AA13301@armstrong.cs.Buffalo.EDU> MIME-Version: 1.0 Content-Type: text/plain Ok, I have finally decided that my remailer is ready for public use. I think I have finally worked all the bugs out of it enough so that it runs very smooth. In case you want to write something to me... Here is my *own* PGP key. Rajesh (Rusty) Babani - babani@cs.buffalo.edu -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.1 mQCNAislEwoAAAEEAKpPvevD7zlGmpbB9nYhqJghthanWvfoQlKXPa/sJe6B+Ztt lbCVcLHZ4IpQfmcZ0hZqsKjQRunRFk1pT4woQsDSHJjax80xnrUwaLkPTOADahay FCQ6+NqV/7vWLR/XaJ7wxTGwtoCi/69jOfidKIj1HY6cpnImue7qIk/4gBkDAAUR tC1SYWplc2ggKFJ1c3R5KSBCYWJhbmkgPGJhYmFuaUBjcy5idWZmYWxvLmVkdT4= =wZaf -----END PGP PUBLIC KEY BLOCK----- The address where I am running an anonymous remailing server based on Eric Hughes' perl scripts is: To use the server, put "Request-Remailing-To: " into the header of the message, and send it to the server address. If your mailer won't let you put things into message headers, instead make the first line of your message body be just the two characters "::", and make the next line be "Request-Remailing-To: ", and make the next line be blank. The "::" tells the remailer to take the following lines, up to a blank one, and put them into the header. Also, make sure that you include a subject: line in your message, otherwise, the messge will be sent to a black hole. You will not hear from the message again. To use PGP with the remailer, first compose a message like above then encrypt the message using the remailer's public key. Then, in the message body, make the first line be just the two characters "::", and make the next line be "Encrypted: PGP" and make the next line be balnk. Here is my anonymous remailer's PGP public key: Anonymous Remailer - babani@cs.buffalo.edu -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.1 mQCNAitx/vQAAAEEAOUPjAfSeFmMsq7eWN47LzOwdSXmXoArMJOcBZ0bB3NRR3Nc BF7ZIIbY5m/b/rBn6+IimthV/aa39hKOSPPnFZn7kxIAUwoolMmxUUPJRzcRcTDK bsgLMCPfDuE8MWj0R960oaAFEE+yCCoDNiyPl6goN3XluVeie+ehVSuMvgdRAAUR tCpBbm9ueW1vdXMgUmVtYWlsZXIgPGJhYmFuaUBjcy5idWZmYWxvLmVkdT4= =BdRu -----END PGP PUBLIC KEY BLOCK----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Anonymous@cs.Buffalo.EDU Date: Fri, 19 Feb 93 08:15:39 PST To: cypherpunks@toad.com Subject: Test the new remailer Message-ID: <9302191614.AA13658@armstrong.cs.Buffalo.EDU> MIME-Version: 1.0 Content-Type: text/plain I encourage everyone to at least send a test message through the remailer so that I can lay my fears thtat the reamailer is not working down to rest. Not only that... it's really easy. Try it! -- +==== Internet: babani@cs.buffalo.edu ===+======== Amateur-Radio: N2LYC ======+ ! Bitnet: V078LNGT@ubvms.BITNET | UUCP: rutgers!ub!babani ! ! Alternate: an173@cleveland.freenet.edu | Plsure dpnds on the othrs prmison. ! +== PGP key available. (If you don't know what a PGP key is... find out!) ==+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: kelly@netcom.com (Kelly Goen) Date: Fri, 19 Feb 93 11:23:14 PST To: cypherpunks@toad.com Subject: Re: toad.com mailing list postings from possible virus authors (fwd) Message-ID: <9302191921.AA20295@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Forwarded message: > From cypherpunks-request@toad.com Fri Feb 19 07:53:56 1993 > From: Phiber Optik > Message-Id: <199302190537.AA28048@eff.org> > Subject: Re: toad.com mailing list postings from possible virus authors > To: gnu@toad.com (John Gilmore) > Date: Fri, 19 Feb 93 0:37:18 EST > Cc: cypherpunks@toad.com > In-Reply-To: <9302190140.AA08377@toad.com>; from "John Gilmore" at Feb 18, 93 5:40 pm > > Granted the idiocy of Mr. High-and-Mighty Army Man's opinion of what people > can and can't say, I couldn't help but point out two silly things in the BY Jove I think you have hit it, People go nto the military because they have an inner need to be controlled and to control to the point of violence if need be( for the military in general and the army , marines and and special intelligence agencies>, they are after all as their prime mission capable of extreme violence and the taking of human life, as a means of social control. Law enforcement seems to have very similiar mentality as well, with CONTROL being the agenda and reason for existance-- Suppose we think of guerilla products such as PGP and anoynmous posting mechanisms and forwarders in their larger social sense As behaviour modification for those who would have our privacy as well as our lives. No social insult is intended by this message about mr peterson or the military /intelligence/police community. We should remember however that with the same body of individuals as just described we are dealing with seriously maladjusted individuals who have an inate need to control others, such has been adequately demonstrated by the individuals attempted supression of Murdering Thug's constitutionally protected speech, instead of taunting them maybe we should be finding ways to prevent our tax dollars from supporting them in their evil OBSCENE fantasies of violence and Control I for one am DAMN TIRED of being censored supressed and persecuted by the military/Law Enforcement/Intelligence community . I am also putting my time in next project with peace/activist/political groups such as the christic action peace groups(you know the folks who use to sue the fed over intelligence abuses by the CIA/NSA/DEA/DIA crouwd) Well i their national organization was wiped out by lawsuit by bush and and company and changes in their tax status. These were and are the same people suing the CIA over the La-penca bombing in honduras of Journalists during the times of the contras in Nicgura. They while their agenda is a good bit more political than ours have been the only ones for years keeping the federal government at bay by lawsuit. They need technical assistance, hookins to peacenet and Econet and general help, considering the widespread nature of the problem we are fighting here maybe we should consider very actively promultagating PGP and DC style anoymous networks among the pease/political/human rights group. It would provide convenient crypto-noise of PGP messgaes and greatly increase the amount of money that the federal government has to spend investigating and force them to spread themselves even more thinly...:) It should also be remembered that the primary impact of products like PGP and DC style nets beyond the privacy implications is economic. Investigating citizens cost real tax dollars, the intelligence oversight committees are not going to let the NSA et al keep asking for more money year after year and the same holds true for the law enforcement community, where a witch hunt was possible before public domain crypto systems such as PGP were available, now because of the blackout in communications to the intelligence community, they are getting very nervuous, people can now communicate secretly about the best way to end the influence of a massively overbloated cold war community and stop paying the bills for same... if you were in THEIR shoes wouldnt you be seeking ways to keep ATLAS from shrugging??? cheers kelly P.s. sorry for the long and drawn out nature and the rambling style and the non-techical content, and I do feel it was important to express myself in the fashion I have... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pozar@kumr.lns.com (Tim Pozar) Date: Fri, 19 Feb 93 11:29:02 PST To: gnu@toad.com Subject: Re: Letter to FCC In-Reply-To: <39954.drzaphod@ncselxsi> Message-ID: MIME-Version: 1.0 Content-Type: text (Tim Pozar) writes: > I should add, it needs to be formated properly or it will not be read >into the record and just tossed. Some where around here I have an >example folks can use. I will dig it up and post it in a day or so. Here is the format of the letter. It need to be in there by this Monday! So Fed-Ex today! --- Before the FEDERAL COMMUNICATIONS COMMISSION Washington, DC 20554 In the matter of ) ) Amendment of Parts 2 and 15 to ) Prohibit Marketin of Radio Scanners ) ET Docket No. 93-1 Capable of Intercepting Cellular ) Telephone Conversations ) _COMMENTS OF [FULL NAME OF COMPANY]_ _INTRODUCTION_ [Full name of company] (hereinafter "[abbreviation of company]") respectfully submits its comments to the above captioned _Notice of Proposed Rule Makeing_ ("NPRM"). [Abbreviation of company] is a [description of company]. _BACKGROUND_ blah, blah, blah _DISCUSSION_ blah, blah, blah _CONCLUSION_ blah, blah, blah Respectfully submitted [Name of Person] [Full name of company] -- Internet: pozar@kumr.lns.com FidoNet: Tim Pozar @ 1:125/555 Snail: Tim Pozar / KKSF / 77 Maiden Lane / San Francisco CA 94108 / USA Voice: +1 415 788 2022 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Wayner Date: Fri, 19 Feb 93 08:35:03 PST To: cypherpunks@toad.com Subject: For other news on SDECE and foreign intell ops... Message-ID: <199302191633.AA04683@access.digex.com> MIME-Version: 1.0 Content-Type: text/plain Check out a new book by Peter Schweitzer entitled _Friendly Spies_. (Atlantic Monthly Press). It tells plenty of stories about how many US companies are the targets for foreign economic intelligence. To me, it is the best argument for the government to _encourage_ the widespread use of strong cryptography. -Peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: geoffw@nexsys.net (Geoff White) Date: Fri, 19 Feb 93 11:52:27 PST To: cypherpunks@toad.com Subject: Re: toad.com mailing list postings from possible virus authors Message-ID: <9302191941.AA00340@nexsys.nexsys.net> MIME-Version: 1.0 Content-Type: text/plain Boy, some people... They get a .mil on the end of their logins and they think their the cops of the world or something :) geoffw From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: kelly@netcom.com (Kelly Goen) Date: Fri, 19 Feb 93 12:07:36 PST To: cypherpunks@toad.com Subject: Re: Defending Free Speech and Liberty (fwd) Message-ID: <9302192006.AA26951@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Forwarded message: > From cypherpunks-request@toad.com Fri Feb 19 11:55:16 1993 > Message-Id: <9302191910.AA05405@longs.lance.colostate.edu> > To: tcmay@netcom.com (Timothy C. May) > Cc: cypherpunks@toad.com > Subject: Re: Defending Free Speech and Liberty > In-Reply-To: Your message of "Thu, 18 Feb 93 23:14:44 PST." > <9302190714.AA23494@netcom.netcom.com> > Date: Fri, 19 Feb 93 12:10:23 -0700 > From: "L. Detweiler" > X-Mts: smtp > > [t.c. May] > >I say, let's expand the scope of the Cypherpunks list to include more > >discussion of viruses. We can't let it become a monopoly of the Authorities > >(the Brunner Authority instead of the Turing Authority?) > > I say, unless it has to do with cryptography, please don't. Does > anybody else want a lot of virus articles on this list? I found the > original thug article a bit questionable, as I said. But a new list > (viruspunks?) might be a good idea. > Count a vote in for viruspunks... I too wish to keep cipherpunks clean even though I love viruses and I wish to have a pure thread about applied crypto and anonymity techniques... -- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "L. Detweiler" Date: Fri, 19 Feb 93 11:08:08 PST To: peter honeyman Subject: Re: the revocation blues In-Reply-To: <9302190448.AA10424@cygnus.com> Message-ID: <9302191906.AA05283@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain peter honeyman >this certainly presents a challenge for the trust web. >i suppose the key ring needs a "kill" list. From: perry@jpunix.com (John A. Perry) >Several of us have been wrestling with a key revocation >problem for some time now. >Several >hours later, I was still playing with PGP and suffered a disk crash. I >had not yet had a chance to back up my keyring. Needless to say, I >lost the keyring and now I have no way to revoke the key. I don't get it. The point of revocation is to remove a *compromised* key, one that someone has potentially copied, etc. If there is no chance that the key can be accessed, how is this a problem? I guess the problem is that only one key can be associated with one person (identity) per keyring? Then I would say the thing to do is propagate the new key through the trust network in the same way it was originally established...? This isn't really a deficiency in the software, is it? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Fri, 19 Feb 93 12:08:34 PST To: cypherpunks@toad.com Subject: Spreading Encryption to Political Groups Message-ID: <9302192007.AA27273@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Kelly Goen expresses his outrage about the powerfreaks controlling the police/spy/military agencies and encourages us to help spread encryption and privacy technology to the groups figthing the government: >and company and changes in their tax status. These were and are the same >people suing the CIA over the La-penca bombing in honduras of >Journalists during the times of the contras in Nicgura. They while their >agenda is a good bit more political than ours have been the only ones for years >keeping the federal government at bay by lawsuit. >They need technical assistance, hookins to peacenet and Econet and general >help, >considering the widespread nature of the problem >we are fighting here maybe we should consider very actively >promultagating PGP and DC style anoymous networks among the >pease/political/human rights group. It would provide >convenient crypto-noise of PGP messgaes and greatly increase >the amount of money that the federal government has to spend investigating and >force them to spread themselves even more thinly...:) I agree completely. Even though I'm a libertarian (small "l") anarchocapitalist who happened to vote for Perot (who has his defects!), I support some (but not all) of the liberal agenda. Especially as regards getting the government out of our lives. (And where I part company with many on the left is in the areas of interference in free markets, anti-discrimination laws, and other statist invasions of freedom and privacy.) From the Cypherpunks I have met, either at the physical meetings or at places like the Hackers Conference, I would say that about 50% are strongly libertarian/anarchist, about 20% are liberal/leftist, and the rest I don't know about. What's the point? That we should follow Kelly's advice and make some contacts with those in other movements. I suspect this may be happening anyway, as Phil ZImmermann has said he wrote PGP partly to help peace activists and the like. Just my opinion, of course. -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "L. Detweiler" Date: Fri, 19 Feb 93 11:11:39 PST To: tcmay@netcom.com (Timothy C. May) Subject: Re: Defending Free Speech and Liberty In-Reply-To: <9302190714.AA23494@netcom.netcom.com> Message-ID: <9302191910.AA05405@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain [t.c. May] >I say, let's expand the scope of the Cypherpunks list to include more >discussion of viruses. We can't let it become a monopoly of the Authorities >(the Brunner Authority instead of the Turing Authority?) I say, unless it has to do with cryptography, please don't. Does anybody else want a lot of virus articles on this list? I found the original thug article a bit questionable, as I said. But a new list (viruspunks?) might be a good idea. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pozar@kumr.lns.com (Tim Pozar) Date: Fri, 19 Feb 93 12:39:12 PST To: pozar@kumr.lns.com (Tim Pozar) Subject: Re: Letter to FCC In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: text I just got a call back from Dave Wilson of the FCC and told me that there is a minor change in the form I sent out. Everything after the "INTRODUCTION" line should be double spaced. Tim -- Internet: pozar@kumr.lns.com FidoNet: Tim Pozar @ 1:125/555 Snail: Tim Pozar / KKSF / 77 Maiden Lane / San Francisco CA 94108 / USA Voice: +1 415 788 2022 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: kelly@netcom.com (Kelly Goen) Date: Fri, 19 Feb 93 12:43:43 PST To: cypherpunks@toad.com Subject: Spreading Encryption to Political Groups (fwd) Message-ID: <9302192042.AA03154@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Forwarded message: > From cypherpunks-request@toad.com Fri Feb 19 12:28:13 1993 > Date: Fri, 19 Feb 93 12:07:00 -0800 > Message-Id: <9302192007.AA27273@netcom.netcom.com> > To: cypherpunks@toad.com > From: tcmay@netcom.com (Timothy C. May) > Subject: Spreading Encryption to Political Groups > > > Kelly Goen expresses his outrage about the powerfreaks controlling the > police/spy/military agencies and encourages us to help spread encryption > and privacy technology to the groups figthing the government: > > Even though I'm a libertarian (small "l") anarchocapitalist who happened to > vote for Perot (who has his defects!), I support some (but not all) of the > liberal agenda. Especially as regards getting the government out of our > lives. (And where I part company with many on the left is in the areas of > interference in free markets, anti-discrimination laws, and other statist > invasions of freedom and privacy.) > > -Tim May > > -- > Timothy C. May | Crypto Anarchy: encryption, digital money, > tcmay@netcom.com | anonymous networks, digital pseudonyms, zero > 408-688-5409 | knowledge, reputations, information markets, > W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. > Higher Power: 2^756839 | Public Key: MailSafe and PGP available. As a further note I have been in communication with John Dinardo who has been spreading a LOT of information of this type around the net and who was responsible for my personal awareness of the PROMIS/INSLAW/BCCI/Cabazon affair , A reporter named Danny Casarlo lost hist life in the middle of this, The investigative journalist and whistleblower community has many among it who would come forward if onyl a anonymity guranteed by technology(not by a sysadms promise not to look) type of network such as David Chaums thoughts express... The information that could then come forth could make the effects of crypto spread to the common man MUCH more pronounced and help us put ALL of the cold warriors in therapy where they so obviously need to be... JUST for the record I am a randist... not a socialist AND it makes nodifference to me what a socialist says he/she/it no matter what political stripe or pursuasion or sexual orientation has an equal right of access to privacy and anonymity if our constitution is to survive the onslaught of the federal intelligence communitys move from the cold war to the drug war. cheers kelly > -- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: kelly@netcom.com (Kelly Goen) Date: Fri, 19 Feb 93 12:53:46 PST To: tcmay@netcom.com (Timothy C. May) Subject: Re: Spreading Encryption to Political Groups In-Reply-To: <9302192007.AA27273@netcom.netcom.com> Message-ID: <9302192052.AA04411@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain By the way thanks for your support and I LOVE your .sig do you mind if I plagarize parts of it??? cheers kelly -------- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: kelly@netcom.com (Kelly Goen) Date: Fri, 19 Feb 93 13:24:17 PST To: cypherpunks@toad.com Subject: Political reasons to spread Crypto(warning FLAME-BAIT) Message-ID: <9302192122.AA08664@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain To All, For those of us who have chosen to stand up and be counted as leaders in our electronic democracy, it is important to remember the economic impact activities and experiments such as the ones cypherpunks conduct have on the social fabric of control that the government seeks to have pervasive throughout our society. Leaders in other communities such as the Black/Gay/Minorities/Women have been crushed, murdered/assasinated and have had their rights trampled on by the Federal Intelligence community. Buses such as COINTELPRO/MK ULTRA and other actions against american citizens have been legion thoughout the existance of the federal intelligence community Their budgets for intelligense, spying, murder are secret, so called black budgets and their activities among us have been largely hidden being covered up by what ever means necessary. The federal government has perverted virtuall every instrument,concept,iand theory that has been handed it all in this insane reasoning of "For reasons of National Security", Well I for one am DAMN sick of seeing the constitution flushed down the drain by those marching morons in their haste of expediency, I am damn sick of seeing my hard earned dollars go to support Wars of suppression in El Salvador and Brazil where torture and Murder is both taught by the intelligence community in this country and promulgated, Death squads and other instruments of suppressiooon are still commonplace south of the border and the DRUG war is now listed as the reason, GIVE ME A BREAK what about the CIA retrofit base in Mena, Arkansas. What about the contra/drug scandal. What About That damn rascal ex-president BUSH, and dont think that means Clintons are any cleaner. Well I for one am taking that stand I earlier suggested and making DAMN sure this gets into all the hands of the groups mentioned, as in my original publication of PGP 1.0 for Phil 2 years ago.... I am scared very scared, and when I get scared I dont cower I fight back by whatever legal means are left me... PGP and DC style protocols are effective LEGAL weapons that have an extreme economic impact on the gathering of illicit electronic intelligence by the federal intelligence community from the citizens of this country and others in the political movements WE as leaders in spreading this new technology to those groups can have a very REAL WORLD effect in stopping murder, torture and political supression. US readers have to be cautioned NOT to export Crypto technology from our borders telling others where to find it and how to set it up and use it is PERFECTLY LEGAL however. OK I will shut up now and let the flames roar!!!! :) A slightly agitiated CryptoAnarchist/Peace Activist/cypherpunk cheers kelly -------- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: geoffw@nexsys.net (Geoff White) Date: Fri, 19 Feb 93 13:53:14 PST To: cypherpunks@toad.com Subject: code that works with mailtool Message-ID: <9302192126.AA00662@nexsys.nexsys.net> MIME-Version: 1.0 Content-Type: text/plain Anybody have some code that lets me use pgp with sun's v3 mailtool In a selective way? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Sauron ( Who did you expect? ) Date: Fri, 19 Feb 93 13:46:24 PST To: cypherpunks@toad.com Subject: SUBSCRIBE Message-ID: <9302192145.AA24096@phobos.unm.edu> MIME-Version: 1.0 Content-Type: text/plain SUBSCRIBE From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com (Bill_Stewart(HOY002)1305) Date: Fri, 19 Feb 93 12:36:31 PST To: cypherpunks@toad.com Subject: Re: toad.com mailing list postings from possible virus authors Message-ID: <9302192035.AA03205@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text John - thanks for opposing censorship, having integrity, finding ways to set up a non-censorable system, and for letting us know about Keith's letter. AlterNet folks - thanks for providing Internet access in a way that's not only usable for commercial communications, but is outside government funding and control. If Al Gore's plans go through, I just can't *wait* to see what happens when Jesse Helms discovers that Congress controls the Next Generation Cable TV net.... Thug - never did like your psuedonym :-). But thanks for writing a somewhat crypto-related note that lets us non-DOS followers know a bit more about what virus problems may be hitting the machines around us - interesting stuff. Geoff - thanks for posting Keith's mail with the ECPA excerpt. It's nice to have confirmation that the ECPA explicitly permits originators, addressees, and intended recipients of electronic communication to divulge its contents, and interesting that it does not forbid service providers to divulge the contents of communication if they are otherwise authorized to see it, which John obviously was. Keith - neither of us are lawyers, but if you wanted to complain about the legality of posting email by the recipient, you'll have to look at copyright laws, presuming that the ECPA language doesn't override copyright where the two conflict. But threatening people like that was in poor taste, just as requesting censorship was. John's posting of your request for censorship was appropriate - if you wanted to complain about Thug's public postings, an open letter to him would have been more appropriate. You've been a big help to the computing community, and we appreciate it, and I realize that viruses are a major problem to providing a site like Simtel. But lighten up, man! Miss Manners, if you're reading this (:-)) - thanks for your recent comments on NPR's Morning Edition about email ettiquette! (She said that it was generally informal, and that expectations of it staying private are unrealistic, given the ease of misrouting mail as well as people's tendencies to repeat things, and we might as well get used to it.) We're doing what we can to improve the technology for private communications, but technology isn't the whole problem, and it's going to take a while before we figure out the sociology of it.... Bill Stewart, somewhere in New Jersey From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: kelly@netcom.com (Kelly Goen) Date: Fri, 19 Feb 93 15:55:44 PST To: cypherpunks@toad.com Subject: Social effects of UNrestricted Crypto Message-ID: <9302192354.AA00932@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain "What does the Federal Intelligence Community Fear" #1. President Bush in a little notice move during the height of the Iraq war had a ceratin statute in the vast body of (un)LAW that compromise the National Security Act. It became a violation of that same act to publish a photo or information about a federal intelligence community member. Thus all their actions are effectively hidden from view. With anonymous posting and forwarding mechanisms it becomes easily for whistle-bloweres and Political activists to circumvent that antithesis to the 1st amendment of the constitution and expose all of the hidden plots of a vastly overbearing federal bueracracy The Federal Government knows this fact as their actions regarding cryptography for the past 40 years shows it. Cryptography has a very REAL world effect in exposing corruption while preventing or inviting retribution from those selfsame federal lawbreakers Truly anonymous posting/forwarding networks being totally beyond their ability to coerce/interdict or penetrate scare the living hell out of them. Imagine a SUNDEVIL type federal operation(witchhunt) where ALL of the defendents email/posting are either encrypted or anonymized :) it would pose some very hard problems for the investigators(witchunters) what are your thoughts? cheers kelly p.s. Imagine an federal investigation where the investigators became the investigated with the help of anonymous networks digitized video clips and photos and easily obtainable/ publicly available investigative Databases oops is this forbidden speech also??? better watch what I say the Godamn US ARMY may be listening!! From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "DrZaphod" Date: Fri, 19 Feb 93 20:47:54 PST To: CypherPunks@toad.com Subject: Re: LIST RULEz Message-ID: <58805.drzaphod@ncselxsi> MIME-Version: 1.0 Content-Type: text/plain In Message Fri, 19 Feb 93 19:56:41 +45722724, Marc Horowitz writes: >It is conventional to avoid blatant commercial traffic on the Internet >and the USENET. Part of this is because of the Acceptable Use >Policies which exist on parts of the net. But a lot of it is that >people generally don't want to see random advertisements. I throw >them away when the come in the paper mail; I don't want them in my >email, either. > Is this a problem on CypherPunks? I havn't seen a single message here that made me jump out of my seat and scream "I don't need to see this on CypherPunks!" It's not like we're getting continual junk posts advertising trucks or something! I say, "Don't let it bug ya until we start seeing a junk trend on the list." What do you guyz say? TTFN! Oh.. and I'm an AnArChIsT if anybody [including NSAs database] was wondering. DrZaphod [AC/DC] / [DnA][HP] [drzaphod@ncselxsi.uucp] Technicolorized From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "A.J. Janschewitz" Date: Fri, 19 Feb 93 16:10:54 PST To: cypherpunks@toad.com Subject: Re: Political reasons to spread Crypto(warning FLAME-BAIT) In-Reply-To: <9302192122.AA08664@netcom.netcom.com> Message-ID: <2939240668.3.p00258@psilink.com> MIME-Version: 1.0 Content-Type: text/plain Not flame bait in this forum, I hope. I posted a message (very genteel by comparison) in alt.security.pgp and was informed of my ignorance for advancing the theory that legislated standards should always be suspect, lest we lose what little privacy we have left. If keeping the details of my life out of the government's data maw is anarchy, give me a brick. ==a.j.== PGP key available on request or from the usual servers. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Fri, 19 Feb 93 16:57:56 PST To: ssandfort@attmail.com Subject: Re: LIST RULES In-Reply-To: <9302200002.AA11651@toad.com> Message-ID: <9302200056.AA22028@deathtongue.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain It is conventional to avoid blatant commercial traffic on the Internet and the USENET. Part of this is because of the Acceptable Use Policies which exist on parts of the net. But a lot of it is that people generally don't want to see random advertisements. I throw them away when the come in the paper mail; I don't want them in my email, either. The exceptions are lists where advertising is explicitly permitted, and lists whose purpose is advertisements. Many vendors maintain lists to which they send pricing information, new product announcements, etc. This is fine, because I can ignore those lists without missing anything I might really be interested. If someone were involved with, say, selling licenses to use PGP legally, or an electronic bank or escrow service, I think that might be OK, since it is of *direct* interest to this list. But even that is a shady area. If I want commercials, I subscribe to one of the appropriate lists. You wouldn't want me discussing cooking techniques or airline travel on cypherpunks , because it's not appropriate, and there are separate forums for those topics. Think of advertising the same way, and it appears not like censorship, which it isn't, but simply staying on the topic, which it is. Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: kelly@netcom.com (Kelly Goen) Date: Sat, 20 Feb 93 12:10:10 PST To: cypherpunks@toad.com Subject: WHAT Can we do? Message-ID: <9302200614.AA15345@netcom> MIME-Version: 1.0 Content-Type: text/plain OK So I am preparing a posting for alt.activism, misc.activism.prog alt.activism.d and alt.conspiracy, alt.anarchy and alt.society.revolution. As well as alt.native!!. I also plan to spread these postings into peacenet and econet. I plan a Monograph series with titles such as How to get find and use PGP for political and non-technical types. How to use PGP for the Investigative reporter. How to use PGP and a PAX anonymous posting Mechanism to become a whistle blower. Political/Whistleblowing/Investigative uses of David Chaum anonymous networks. 101 Political uses for an Anonymous Remailer How to investigate and expose the investigators safely and easily via use of DC Networks and Investigative Databases. How to digitise Video and Still photos and spread them anonymously via DC style networks and PAX Encrypted Anonymous posting Mechanisms. Ad nauseam, I need volunteers to work on the monograpghs and people to proofread. Some of the soures I am using are the Security, Anonymity and Privacy FAQ parts 1-3. And at present although PAX has been shutdown we can use combinations of multihop anonymnous remailers and sites like the penet site in finland to ensure anonymity. Sites and Volunteers are needed for more remailers, PGP key Servers and PAX anonymous Posting mechanisms -- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@pmantis.berkeley.edu Date: Fri, 19 Feb 93 23:23:19 PST To: cypherpunks@toad.com Subject: anonymous mail Message-ID: <9302200724.AA17077@pmantis.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain This message routed through 8 remailers, sent around 11:50 CST 2/19/93: pmantis -> soda -> alumni -> rebma -> rosebud -> mead -> shell -> buffalo Actually, rewriting hop.mail and anon.mail in PERL might be a good idea... Signed, ?@?.?[.?]* From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ssandfort@attmail.com Date: Fri, 19 Feb 93 16:02:43 PST To: cypherpunks@toad.com Subject: LIST RULES Message-ID: <9302200002.AA11651@toad.com> MIME-Version: 1.0 Content-Type: text Todd is new to the nets. He sent the following to me by mistake. He sent me another message and asked me to forward it to Cypherpunks. ------------- Begin Forwarded Message ------------- Date: Fri Feb 19 12:08:02 -0700 1993 From: internet!alembic.com!todd (Todd Steigerwald) Subject: Re: LIST RULES To: !ssandfort Content-Length: 956 I will not "advertise" on the list as long as John prohibits it. But I sincerely hope his prohibition does not discourage others from discussing the issues it raises. I would like to hear what the rest of you think. I do not argue with the decision to prohibit blatant advertising, however, with the increasing awareness of the internet and its potential, there is going to be more and more individuals that will want to extend beyond what it is currently being employed for. Regardless about individual feelings and ideals as to how and what the net should be used for, the issues WILL become increasingly debated, more than likely resulting in the eventual acceptance of advertising. Simply put it is the new marketing frontier- many many people are seeing that already, and the beliefs of the few will not serve to stop it-as bad or good as that may be. I will apologise beforehand since I am new to the net, but who is John? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: deltorto@aol.com Date: Sat, 20 Feb 93 01:43:45 PST To: cypherpunks@toad.com Subject: Back-Door Man Message-ID: <9302200128.tn02698@aol.com> MIME-Version: 1.0 Content-Type: text/plain >> How do we know the proposed legislation wasn't just a smoke >> screen? Isn't it possible that the Feds have already compromised >> Intel or MicroSoft? Is there some way to be sure that the new >> 486 chip running your computer isn't recording each PGP or RSA >> private key you generate? >> >> S a n d y ssandfort@attmail.com Sheesh. I guess you just have to stand back and admire this level of paranoia. Can we establish a 'Cypherpunks Paranoia Achievement Award' for this? Shortly thereafter Sandy sez: "Hey, wait a minnit... just _why are you voting for ME?" Technically, Kelly G.'s suggestion notwithstanding, I think this is definitely a computationally-impossible task. However: in a very specific circumstance, such as some foreign spook who's already under surveillance by the feds, I suppose it's possible to create a one-time special chip that might record keystrokes (or transmit them to a van, etc.) and then be replaced *physically* with a replacement. The intelligence necessary to coordinate an operation such as this, however, is pretty involved. Personally, since I have NO interest in offing the President, I doubt they're gonna bother with me. Not only that, but also this: imho, it's more than _probable_ that the Feds have compromised both Intel & Microsoft, but, as the old Polish saying goes: "You can put your shoes in the oven, but that don't make 'em biscuits." d-d-dave From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: George A. Gleason Date: Sat, 20 Feb 93 02:44:18 PST To: ssandfort@attmail.com Subject: Re: LIST RULES Message-ID: <199302201041.AA02340@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain I agree with ssandfort that a total ban on advertising on the list is a not-good thing. Commercial speech is still speech, and censorship is still censorship. Here's a possible win-win solution: on any commercial message, the subject header should say "advertising included" or some obvious words or abbreviations to that effect. This way, those who wish to avoid such messages can do so painlessly, those who wish to read them can do that, and one more potential for restriction is eliminated. -gg From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: visionary@peg.apc.org Date: Sat, 20 Feb 93 07:04:17 PST To: cypherpunks@toad.com Subject: RE: Advertising on the net Message-ID: <9302201420.AA14623@igc.apc.org> MIME-Version: 1.0 Content-Type: text/plain Whilst the arguments "against" online advertising are many and are BOUND to be the most vocal, I'd just like to put in a pitch that counters that thread. I really like to see what people are up to - if that means they are tryin to earn a living from their activities, then thats fine by me. So I like to see good, clever, informative and interesting advertising material - PROVIDED it is NOT posted repeatedly ad nauseam - i'd forgive once, twice, thrice over a period of a month or so - then if it came in again I'd shout! If you look closely at what actually comes across from all quarters i think you'd agree that we do receive a lot of "advertising" in many subtle guises. Gee - even crediting a magazine from which an article is swiped is a form of advertising ;-) I view the net as a way of life... as such i would even LIKE to be able to order all sorts of things via email. For instance if some of the more prolific writers among us wanted to earn something from their writing, then i believe it would be very acceptable to make books, journal subscriptions, limited print-runs etc available in an online catalog - again, providing it was interesting, informative reading in its own right then I would have no objection whatsoever. I could probably wax lyrical with many other examples, but i'm sure you get my drift. I'm very interested in this debate and hope that some sensible guidelines may be formulated by such discussion. Naturally, in moderated newsgroups, this issue is clearly dealt with... but yet is it correct that the moderator be the "all-powerful" hand of CUT or KEEP. You may also gather from the above that i am totally against censorship of ANY sort - fully knowing what a can of worms that opens up in regard to online communications. ...looking forward to hearing more... enuf from me :-) Michael Ney PO Box 566 Milsons Point NSW 2061 Australia Tel: (+61-2) 692-8168 Email via APC: peg:visionary via Internet: visionary@peg.apc.org Engaged in graphic design, photography, journalism and publishing. No job too small - will work within budget limitations - fast service! ...But that wasnt an advert - I was just telling you about myself :-) ________________ VISIONARY MEDIA _____________________________________ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: strat@intercon.com (Bob Stratton) Date: Sat, 20 Feb 93 07:04:10 PST To: cypherpunks@toad.com Subject: anonymous mail In-Reply-To: <9302200724.AA17077@pmantis.berkeley.edu> Message-ID: <9302201442.AA21465@intercon.com> MIME-Version: 1.0 Content-Type: text/plain >>>>> On Fri, 19 Feb 1993 23:24:43 -0800, nobody@pmantis.berkeley.edu said: nobody> Remailed-By: Tommy the Tourist nobody> This message routed through 8 remailers, sent around nobody> 11:50 CST 2/19/93: pmantis -> soda -> alumni -> rebma nobody> -> rosebud -> mead -> shell -> buffalo Are you sure? If that's true, then someone along the way is munging the headers pretty badly, because my Received: lines show it going from pmantis -> toad.com -> me --Strat, being a mailer weenie From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jordan@imsi.com (Jordan Hayes) Date: Sat, 20 Feb 93 08:06:37 PST To: cypherpunks@toad.com Subject: RE: Advertising on the net Message-ID: <9302201549.AA12245@IMSI.COM> MIME-Version: 1.0 Content-Type: text/plain It's not so much the advertising I object to, but all the "conversation" that gets repeated each time the issue comes up. Give it a rest. Stay on the topic. Keep your laser handy. Anyone get very far with the CELP stuff yet? I forget: is it or isn't it "acceptable use" to implement Diffie-Helman in code you don't sell? What if you sell it later? At what point do you need to license it? /jordan From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl Barrus Date: Sat, 20 Feb 93 09:27:34 PST To: cypherpunks@toad.com Subject: anonymous mail In-Reply-To: <9302201442.AA21465@intercon.com> Message-ID: <199302201726.AA25317@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain Earlier, Bob Stratton wrote: >Are you sure? If that's true, then someone along the way is munging >the headers pretty badly, because my Received: lines show it going >from >pmantis -> toad.com -> me That's right, because each remailer attempts to discard as much of the header as possible. Otherwise it wouldn't be anonymous - if I were to send a message to you through rosebud and the headers showed the path from me to rosebud and rosebud to you, you'd know where the message really came from! So the header of an anonymously mailed message should make it look like the message originated from the last hop. /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stu Klingman Date: Sat, 20 Feb 93 12:17:03 PST To: ssandfort@attmail.com Subject: LIST RULES and Advertising Message-ID: <9302202014.AA00308@netmail.microsoft.com> MIME-Version: 1.0 Content-Type: text/plain I know my reaction when being hit with the ad was, "Hey! what the fuck is this!?", followed by, "Okay, this person doesn't know any better". If you've been on the net for a while, you'd know that ads are >most< tre gauch. If we really want to resolve the censorship stigma and still be able to ignore the ads, perhaps we could put AD: in front of any ad that was RELEVANT to the list, and then we could filter them out, or not, as the case may be.I've got to admit, the idea of reading ads pertinent to the cypherpunks list intrigues me. Judges? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Anonymous@cs.Buffalo.EDU Date: Sat, 20 Feb 93 09:15:46 PST To: cypherpunks@toad.com Subject: Re: anonymous mail Message-ID: <9302201714.AA11332@armstrong.cs.Buffalo.EDU> MIME-Version: 1.0 Content-Type: text/plain Bob Stratton stated in the last message: >Received: by toad.com id AA00166; Sat, 20 Feb 93 07:04:10 PST >Return-Path: >Received: from cygnus.com by toad.com id AA00161; Sat, 20 Feb 93 07:04:08 PST >Received: from intercon.com by cygnus.com (4.1/SMI-4.1) > id AA18518; Sat, 20 Feb 93 06:43:27 PST >Received: by intercon.com (911016.SGI/920928.RS) > for cypherpunks@toad.com id AA21465; Sat, 20 Feb 93 09:42:09 -0500 >>>>>> On Fri, 19 Feb 1993 23:24:43 -0800, nobody@pmantis.berkeley.edu said: > nobody> This message routed through 8 remailers, sent around > nobody> 11:50 CST 2/19/93: pmantis -> soda -> alumni -> rebma > nobody> -> rosebud -> mead -> shell -> buffalo > >Are you sure? If that's true, then someone along the way is munging >the headers pretty badly, because my Received: lines show it going >from > >pmantis -> toad.com -> me This is correct in the same way I can see that the message sent from you was sent from intercon.com -> cygnus.com -> toad.com -> me -- +==== Internet: babani@cs.buffalo.edu ===+======== Amateur-Radio: N2LYC ======+ ! Bitnet: V078LNGT@ubvms.BITNET | UUCP: rutgers!ub!babani ! ! Alternate: an173@cleveland.freenet.edu | Plsure dpnds on the othrs prmison. ! +== PGP key available. (If you don't know what a PGP key is... find out!) ==+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: deltorto@aol.com Date: Sat, 20 Feb 93 09:28:45 PST To: cypherpunks@toad.com Subject: Quiet Nights @ the Keyboard with Ren & Stimpy Message-ID: <9302201228.tn04104@aol.com> MIME-Version: 1.0 Content-Type: text/plain To Keith Peterson: I guess it must get a bit quiet there at your keyboard in the room where you sit chillin' day in and day out Maintaining that ol' MS-DOS archive at WSMR-SIMTEL20.Army.Mil, huh? I guess I can understand wanting to bust out in expression if indeed you find it inconvenient to do literally. I mean no disrespect - after all, I don't know you at all, but _really_ now - these comments of yours are so misplaced! Even a cursory view of Mr. Thug's missal cannot possibly construe his comments as encouraging virus authors! His observations are in the finest spirit of our treasured Fourth Estate - the dissemination of information for the protection of everyone concerned. For example, being a non-DOS user, I had never before heard of these Stealth, etc. viruses before reading his description and I can sure tell you that I will now know to warn every DOS user I meet to immediately switch their OS to one where there is less inclination and more barriers to the construction of destructive viruses. Okay that was a bit tongue-in-cheek, but you get the idea. To put this in martial terms for you, I recommend a strategy where you acquire your targets a bit more carefully before launching. Lao Tsu offers good advice on this sort of thing - 'premature attack reveals one's own weaknesses' etc. Since your weakness appears at first glance to be a fickle respect for the rights of other citizens to privacy and free speech, I encourage you to instead get out and oxygenate your lungs and shake out all that tension before you open your metaphorical mouth and insert your figurative foot. Remember, we all go about defending this great nation of ours in our own ways and though my way may not be your way, it may be a good way anyway. This is not to say that I don't encourage you to voice your opinion about anything you want to at any time. I am proud to live in a country where we can all agree to disagree. Just don't touch my freedom, Keith. I will defend to the death your, Thug's and my right to say whatever the hell we want to about anything we fucking well please anytime and anywhere. In future, then, please be more judicious in the pursuit of your ideals. To My Fellow Cypherpunks: Be always vigilant, my friends. Those who would tell you that up is down and right is left might well be coming out of the sun above and behind you even now. It's a hard thing to express clear views of something so rotten to the corps, but _someone_ has to do it. Happy Trails, d2t From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: deltorto@aol.com Date: Sat, 20 Feb 93 09:28:46 PST To: cypherpunks@toad.com Subject: Re: LIST RULES Message-ID: <9302201229.tn04106@aol.com> MIME-Version: 1.0 Content-Type: text/plain >>_________________________________________________________________ >> FROM THE VIRTUAL DESK OF SANDY SANDFORT >>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >>[etc. etc.] >>What do others on this list think about "commercial" postings? Sandy, I have to agree with John that it's philosophically inappropriate to discuss non-cryptographic topics on this list. Like many others, I come here to discuss ideas and technical concepts in an intellectual environment and to learn about how to protect everyone's privacy from people who know a hell of a lot more than I do about the mechanics of digital privacy. Anything that deviates from that had better, imho, do it quickly and as an aside to something more in line with the purpose of this list. I think you're respectful of that, and I don't have any _particular_ problem with what you posted, but probably because your msg stuck out _like a sore thumb_ (and thus the hyperbolic characterization of it as 'abuse') from the body of the normal discussion here and because he is a naturally cautious (thank goodness for that!) person, John probably mentioned this to you in the best terse way he knows how. My impression of John is that he is not prone to overreact, but rather that he prefers to deliver a srtaightforward warning with sufficient emphasis to avoid having to do it twice. Please get in touch with those of us who might have responded to your posting through more discrete channels. I sense that we need not discuss this any further here. d2t PS: As an aside to the topic of commercialism, I'd just like to point out what a hell of a nice job Zig is doing with the latest build of MacPGP (2.1e87). Attaboy, Zig! From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: thug@phantom.com (Murdering Thug) Date: Sat, 20 Feb 93 11:12:04 PST To: cypherpunks@toad.com Subject: Free Speech Is Not The Issue, Opression/Harassment Is. Message-ID: MIME-Version: 1.0 Content-Type: text/plain With regard to the Peterson affair: I am very glad to read all the responses that I have seen both publically on the cypherpunks list, and privately in encouraging letters I have received in mail. I want to write responses to all these great letters, but I have received far too many. I would like to thank all of you who support first ammendment rights, and who have told me that found my virus post informative and useful. However, let us really ask ourselves if free speech is the real issue here. Yes, I know free speech is a major theme that comes out of all this, but I don't think that it's the most imporant one. There are always loonies who wish to yell and hollar about what should be censored. Whether it's on the radio like the FCC/Howard Stern affair, on television, in the movies, on records/tapes/CD's (like Tipper Gore and her gang). Those kinds of people will always exist, and I don't see why people expect them not to exist on Usenet/Internet as well. What *REALLY* pisses me off about Peterson is his use of underhanded tactics like threats, intimidation, and harassment. I don't want to go toe to toe with Peterson, because when it comes to underhanded tactics, I can teach him a thing or two, and make his life a living hell should I decide to do so. Fortunately for him, I am well beyond that adolescent stage and mode of thinking. I think Peterson should realize that there are people out there who can and will retaliate against him should he harass them in any way. Just because so far he has run into compliant and intimidated system admins, doesn't mean his luck will hold up. Eventually he will run into someone who takes this kind of stuff VERY personally, especially if they are awaken from their nap by a harassing and threatening phone call from Peterson. If Peterson keeps up his reign of terror, I would not be surprised if he is not dragged into court one of these days by someone whose personal, moral and financial interests conflict with Peterson's desire to squash free speech. A case can easily be made against Peterson in a court of law for harassment, intimidation, and various civil rights charges having to do with trying to deny others their constitutional rights. And I guarantee you that there will be plenty of system administrators and others who would be happy to testify against him. I recommend to Mr. Peterson that he watch his step in trying to step on other people's constitutional rights. One day he may just step on a land mine. I phrase this in terms that a person in the military could understand. Until such time as Peterson blows his legs off, I think it's up to all of us to guard free speech by telling all system administrators on the net about Peterson and his reign of terror, and asking them to publically expose him each and every time he tries to assault our freedom of speech through threats, initimidation, and harassment. Murdering Thug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Chael Hall) Date: Sat, 20 Feb 93 12:04:46 PST To: cypherpunks@toad.com Subject: Remailer changes Message-ID: <9302202001.AA28280@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain After playing around with my .maildelivery file for a while, I figured out how to make messages to the remailer go to it even if nothing in the header indicates that it should be remailed (just the "::" as the first line) and still receive all of my other mail. So, you can use it just like the other Cypherpunks remailers out there now. Could somebody send me the official instructions for another remailer so I can *plagarize* them and save myself some work? :) Thanks in advance. NoWhere Remailer: nowhere@bsu-cs.bsu.edu Chael Hall -- Chael Hall nowhere@bsu-cs.bsu.edu, 00CCHALL@BSUVC.BSU.EDU, CHALL@CLSV.Charon.BSU.Edu (317) 285-3648 after 5 pm EST From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: SANDBERG@GUMBY.BCASD.AZ.HONEYWELL.COM (Jabe Sandberg) Date: Sat, 20 Feb 93 14:34:09 PST To: cypherpunks@toad.com Subject: UnSubscribe Message-ID: <930220153249.2400045b@GUMBY.BCASD.AZ.HONEYWELL.COM> MIME-Version: 1.0 Content-Type: text/plain Please remove me from the list. Thanks. sandberg@gumby.bcasd.az.honeywell.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: RFORBES@Gems.VCU.EDU Date: Sat, 20 Feb 93 15:03:15 PST To: cypherpunks@toad.com Subject: Remove from list Message-ID: <01GUYCFQ63Z690O773@Gems.VCU.EDU> MIME-Version: 1.0 Content-Type: text/plain Please remove my name from this list. Interesting stuff but I can't keep up, only signing on 1-2 times a week. Thanks. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: John.Nieder@f33.n125.z1.FIDONET.ORG (John Nieder) Date: Sat, 20 Feb 93 23:58:41 PST To: cypherpunks@toad.com Subject: FINE, BUT NOT HERE Message-ID: <4976.2B873232@fidogate.FIDONET.ORG> MIME-Version: 1.0 Content-Type: text/plain from: john.nieder@f33.n125.z1.fidonet.org * Reply to msg originally in Cypherpunks > [t.c. May] > >I say, let's expand the scope of the Cypherpunks list to include more > >discussion of viruses. > I say, unless it has to do with cryptography, please don't. BK> I too wish to keep cipherpunks BK> clean even though I love viruses and I wish to have a pure thread about BK> applied crypto and anonymity techniques... Roughly my sentiments as well. Virii are interesting, but so are handguns & the Swedish Bikini Team; none belong in CYPHERPUNKS, however, in Mr. Nieder's opinion (which may or may not be humble). JN ... "A dog in a sidecar is always a treat for other motorists." M. Stirner --- Blue Wave/Opus v2.12 [NR] -- John Nieder - via FidoNet node 1:125/555 UUCP - ...!uunet!hoptoad!kumr!fidogate!33!John.Nieder INTERNET - John.Nieder@f33.n125.z1.FIDONET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: John.Nieder@f33.n125.z1.FIDONET.ORG (John Nieder) Date: Sun, 21 Feb 93 05:59:43 PST To: cypherpunks@toad.com Subject: FINE, BUT NOT HERE Message-ID: <4983.2B878448@fidogate.FIDONET.ORG> MIME-Version: 1.0 Content-Type: text/plain from: john.nieder@f33.n125.z1.fidonet.org * Reply to msg originally in Cypherpunks > [t.c. May] > >I say, let's expand the scope of the Cypherpunks list to include more > >discussion of viruses. > I say, unless it has to do with cryptography, please don't. BK> I too wish to keep cipherpunks BK> clean even though I love viruses and I wish to have a pure thread about BK> applied crypto and anonymity techniques... Roughly my sentiments as well. Virii are interesting, but so are handguns & the Swedish Bikini Team; none belong in CYPHERPUNKS, however, in Mr. Nieder's opinion (which may or may not be humble). JN ... "A dog in a sidecar is always a treat for other motorists." M. Stirner --- Blue Wave/Opus v2.12 [NR] -- John Nieder - via FidoNet node 1:125/555 UUCP - ...!uunet!hoptoad!kumr!fidogate!33!John.Nieder INTERNET - John.Nieder@f33.n125.z1.FIDONET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ld231782@longs.lance.colostate.edu Date: Sat, 20 Feb 93 19:35:48 PST To: cypherpunks@toad.com Subject: whistleblower newsgroup? Message-ID: <9302210334.AA02268@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain Mulling over K. Goen's somewhat rambling, irate, and paranoid prose (but nevertheless mildly entertaining) has caused various random ideas to pop into my head on how to get pseudonymity/anonymity into the mainstream and even the spotlight, toward the goal of widespread public recognition, acceptance, and use to the point of dependence, all in a nonthreatening way. First of all, there have been a lot of famous uses of anonymity and pseudonymity, esp. in literature. It might be interesting for PR purposes to collect a long list of everyone who has used aliases. When people start saying `wow, he's my favorite author, I didn't know he was someone else' that would be great. A sort of long history of anonymity and pseudonymity would be perfect. Deep Throat, Voltaire, Mark Twain, I think even Scott Fitzgerald was a pseudonym. Also, what about anonymous letters? Did Martin Luther first post the `indulgence complaints' anonymously? I'm sure there's some cases where anonymous information changed the course of world history significantly (esp. during wars). Anonymous tips leading to big busts, that kind of thing. (Remember the Lockerbie plane terrorist crash? There was an anonymous tip to authorities that virtually pinpointed the flight origination and bomb mechanism.) Anybody know any, please send them to me, and I'll summarize to the group and credit you. (please give references where possible.) If it works out I'll donate it to K. Goen, assuming he hasn't been arrested or hospitalized by then :) Next idea: How about a newsgroup devoted to `whistleblowing' where anonymity is encouraged? It could even be `anonymously moderated' where all the postings are guaranteed to go through an anonymous server before posting. (Whoever wanted to be *really* sure could anonymize the message before posting.) I haven't seen *any* newsgroups dedicated to looking at government abuses from the "inside" (this would be for employees esp.) I can imagine all kinds of neat little secrets about our government's illustrious practices leaking out.. The potential for `good' is good, esp. if the notices refer to ways of *saving money* and *eliminating waste*. A sort of patriotic taxpayer watchdog group! Although the possibility for `bad' is good too, people might just use it as a way of getting revenge. (Despite what others may think here, I hope it wouldn't turn into a sort of perpetual incitement to revolution and anarchy...) The group might overlap into private industry too, although the federal government assuredly provides the most fodder... Now, think about how much immense *press* and *publicity* that some government abuses get. They can really be legendary (remember the $600 toilet seats?). Now, suppose that just coincidentally a major press story that got out *originated* in this anonymous group. Wow! That would be a story in itself, worthy of the evening news. Can't you imagine some blank-faced, clueless reporter saying ``the story was first reported on a network bulletin board devoted to anonymous reporting of government abuses.'' Allright! Hey, it could get to the point where reporters start watching it for hot tips! There are already a lot of big Washington groups that try to monitor the government, and this could be a real catalyst for them. So I'm putting out the idea. Maybe someone well-versed in the newsgroup addition protocol can take care of the details. (Ladies and gentlemen, fasten your seat belts, I think we're in for some hellacious turbulence ahead...) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Christo Delaroderie Date: Sat, 20 Feb 93 19:55:59 PST To: cypherpunks@toad.com Subject: Unscribe me Message-ID: <199302210354.AA03588@bach.udel.edu> MIME-Version: 1.0 Content-Type: text/plain Please remove me from your mailing list. ctd From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: covin@cs.uchicago.edu Date: Sun, 21 Feb 93 07:08:13 PST To: cypherpunks@toad.com Subject: Re: whistleblower newsgroup? Message-ID: <9302211506.AA18925@tartarus.uchicago.edu> MIME-Version: 1.0 Content-Type: text/plain Well, now here's an idea that might help to sell anonymity: what if a major world power were governed under a republican system in which votes for public officials were filed anonymously, to protect each citizen's right to unrestricted political opinions? -David From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eli Brandt Date: Sun, 21 Feb 93 13:01:24 PST To: cypherpunks@toad.com Subject: Re: anonymous mail In-Reply-To: <9302191753.AA12638@pmantis.berkeley.edu> Message-ID: <9302212101.AA26262@toad.com> MIME-Version: 1.0 Content-Type: text/plain > Question: of the unix users, who does NOT have access to ksh (via your > login shell or #!/bin/ksh or somewhere else)? You might want to work in perl, which would make the scripts work under Unix and DOS, at least. Is there a Mac perl? Oh, you might want to add the remailer on this account to your circumnavigation. It could use some more traffic -- I've seen about 5K through here in the past couple of months. Still no PGP; has anyone gotten it to work (generate keys, specifically) on a Symmetry? > | Karl L. Barrus | PGP 2 key by finger or e-mail Eli ebrandt@jarthur.claremont.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Sun, 21 Feb 93 13:27:06 PST To: cypherpunks Subject: Remarks of John Perry Barlow to the First International Symposium on National Security & National Competitiveness Message-ID: <9302212127.AA26790@toad.com> MIME-Version: 1.0 Content-Type: text/plain Date: Sun, 21 Feb 1993 07:35:20 -0500 To: interesting_people@aurora.cis.upenn.edu From: Dave Farber Remarks of John Perry Barlow to the First International Symposium on National Security & National Competitiveness McLean, Virginia December 1, 1992 I can't tell you the sense of strangeness that comes over someone who earns his living writing Grateful Dead songs, addressing people who earn their livings as many of you do, especially after hearing the last speaker. If you don't appreciate the irony of our appearing in succession, you have no sense of irony at all. You and I inhabit very different worlds, but I am pleased to note, as my presence here strongly suggests, these two worlds may be growing closer. The reason I am here has absolutely nothing to do with the Grateful Dead. I'm here because I met a fellow named Mitch Kapor in 1989. Despite obvious differences, I felt as if we'd both been up in the same saucer or something...that we shared a sense of computers being more than just better adding machines or a better typewriters. We saw that computers, connected together, had the capacity to create an environment which human beings could and did inhabit. Yesterday, I was encouraged to hear evidence that [former Presidential Science Advisor] Dr. Jay Keyworth and [Conference Organizer and former CIA agent] Robert Steele, might have been up in that saucer too. The people who share this awareness are natives of the future. People who have a hard time with it may always be immigrants. When Mitch and I saw that computers had created a place, we started asking some questions about what kind of place it was....what were the operating terms and conditions of this place, what kinds of people already lived there, who was going to inhabit it, what was going on in it, did it have a name? We decided to name it Cyberspace, after Bill Gibson's description of a futuristic place rather like it which we found in his novel Neuromancer. Rather than being a figment of Bill's imagination, we felt that Cyberspace was already up and happening. Indeed, if you're having trouble with the concept, ask yourself where phone conversation takes place. That's right. Cyberspace is where you are when you're on the phone. It's also where most of your money is, unless you keep it in Krugerands buried out in the garden...which I suppose some folks in this room might just do. It's also...and I think this is very important... the place where the greater part of the world's business is happening now. So it's a highly significant locale, and yet it's invisible to most of the people who are in it every day of their lives. I believe it was Marshall McLuhan who said, "We don't know who it was that discovered water, but we're pretty sure it wasn't a fish..." In any case, when EFF first got together, our principal concern was making certain the U.S. Constitution applied to Cyberspace. We could see the government, specifically the Secret Service, taking actions which made it obvious that they didn't quite get it. They didn't seem to be acting out malice, but they were, at best, differently clued. They clearly didn't understand that the First Amendment applied as certainly to bytes as it did to ink on paper. At the time we thought that we could just hire a few nasty civil liberties lawyers from New York to put the fear of God in them, and that would be that. But it's been like tugging at a thread on your sweater, where you begin to pull, and pretty soon you have more thread on the ground than on your back. It turns out that there are questions raised in this environment to which we don't have good answers. Indeed, it turns out that this is a place where the First Amendment...along with just about every other law on the planet...is a local ordinance. There are no clean jurisdictional boundaries. This is a place which may always be outside the law. This may be an unwelcome concept, but it is true, and it is something we will all have to grapple with as society moves into the virtual world. I believe you folks in the Intelligence Community are going to challenged by these issues as directly as anyone. This is because intelligence, and especially the CIA and NSA, are supposed to work under stern guidelines intended to separate the domestic from the foreign. You're not supposed to be conducting domestic surveillance. Well, in Cyberspace, the difference between domestic and foreign, in fact the difference between any country and any other country, the difference between us and them, is extremely blurry. If it exists at all... This is also an economic environment in which everyone seems to be everywhere at once. I hear you're becoming interested in protecting American Business from foreign espionage. But against this "everywhereness" it becomes very difficult to say, "Alright, this is our guy, this is General Motors, we're going to take care of his interests." Nothing is so cleanly delineated. These are a few of the fundamental changes which arise as a result of literally moving out of the world of experience and onto the map of information. Another one which is especially pertinent to the people in this room, is what happens when you have direct e-mail access to every member of your organization. This can have a terrifically decentralizing effect on structure. It weakens hierarchy. It flattens the organization. It can create one hell of a lot of confusion, even as it speeds response time. There are in this room representatives of some tall and rigid outfits. Prepare for the possibility that your organization is about to go all flat and squishy due to tenderizing influence of e-mail. We are also looking at a complete redefinition of ownership and property. I mean, we now have the mind as our principle source of commercial goods. At last it seems we can we can really get something for nothing. As recently as fifteen years ago all new wealth derived from minerals extraction or agriculture. Everything else was simply passing it around. No longer must you rip your goods from the ground. You don't have to wait for the sun to grow some. New wealth can be had by just sitting around and rubbing some facts together...essentially what you folks have been doing all along. This economy of virtual substance is a fundamental change and one which you can exploit if you're willing. We're also looking at some fundamental shifts in the nature of property. This is going to be relevant to you as you move into a more open interaction with the rest of the world. In an information economy, much depends on the sanctity of copyright. But copyright, it turns out, derives most of its force from the physical manifestation of intellectual property. Copyright protects expression, the thing that happens when you print a book or press a record. In Cyberspace, you don't get that manifestation. It never goes physical. So the bottles we have been relying on for the protection of our intellectual goods are disappearing, and, since we've been selling bottles and not wine all along, we will soon have a lot of wine and nothing to put it in. Interesting problems will arise. They're already upon us. In any case, when EFF saw the multitude of things going on in this arena, we battened ourselves down for the long haul, and we are dealing with a whole range of issues, including the Open Platform initiative. Which is our effort to try to deploy something like universal data service. We believe that the best thing that could happen for the American economy, and actually the best thing that could happen for liberty on the Planet Earth, would be to make everyone capable of jacking in if they want to. We find that other countries are lagging in this. For example, the Japanese see absolutely no use for high speed personal data connections. The folks at NTT certainly can't see any reason to trade their 70,000 operators on digital switches. So we have a significant leg up on the Japanese that is not well known in this country. Another thing that we are working on is the FBI's Digital Telephony proposal which is, as you may know, the idea that we should stop all telecommunications progress in this country in order to accommodate the FBI is just amazing to me, and yet it somehow manage to live on Congress. Also, for those of you whose badges say U.S. Government [code for National Security Agency], we are trying to overturn NSA's data encryption embargo. It's our position that trying to embargo software is like trying to embargo wind. This is a fact that you are going to have to come to grips with. Digitized information is very to stamp classified or keep contained. This stuff is incredibly leaky and volatile. It's almost a life form in its ability to self-propagate. If something hits the Net...and it's something which people on there find interesting...it will spread like a virus of the mind. I believe you must simply accept the idea that we are moving into an environment where any information which is at all interesting to people is going to get out. And there will be very little that you can do about it. This is not a bad thing in my view, but you may differ... I'm going to talk a little bit now about the very nature of information. This conference, I must say, has blown me away. I had no idea there were people in your [the intelligence] community talking about these things. I am pleased and gratified by the folks I have met here and talked to personally, but I want to reiterate Dr. Keyworth's phrase yesterday: which is that government, especially American government, must end its obsession with secrecy. We must do so because we are engaged in...and I don't want to use the word warfare here...we are engaged in form of economic competition where our principal advantage is our ability to distribute information. It is not our ability to conceal it. Perhaps this has always been true. Let me tell you a story. Last year, I was addressing the computer security establishment at the Department of Energy. These are the people in charge of protecting the computers that nuclear weapons get designed on. The other keynote speaker at this conference was, uh, Edward Teller. [Laughter.] Yeah, well, I was pretty sure if evil walked the planet, its name was Edward Teller. Anyway, I got up and said that I wasn't sure that DOE's secrecy was an asset. I wasn't going to say that it was a liability, so much as beside the point. After all, I know how to make an atomic bomb. You give me five and a half pounds of weapons grade plutonium and a week in my garage and I'll give you a nuclear weapon. It will be dirty, but it will work. The problem for anyone who wants to do this is that they can't get enough industrial capacity ginned up to create the plutonium. I mean, I just can't get my high temperature gas diffusion centrifuges to work. Indeed, it takes a whole society to put them together, even if the design information is available. It is not the information, which is readily available, that is crucial. It is the ability to execute that is the critical factor. I was interested to see how Dr. Teller would respond to that. To my surprise and satisfaction, he got up and agreed with me completely. He went on to say that he had never found a nuclear secret that the Russians could not obtain within a year of its development. Where they couldn't compete with us was in the areas where we were wide open. He cited the electronics industry, saying that at the end of World War II, we were about 20 years ahead of the Russians in nuclear weapons design, and roughly neck and neck in the electronics. Both sides entered a closed program on nuclear weapons design. And we went into a wild free-for-all in electronics. I mean, you should know that in the computer business, there are so many loose lips, you actually have to really try not to learn what you competitor is up to. Computer scientists are the meetingest bunch of people you ever saw, and when they meet, they tell one anther everything. The results of this approach speak for themselves. As Dr. Teller pointed out, by the time the Russians quit being a threat, they had moved to a position of parity with us in nuclear weapons, but they were 25 to 30 years behind us in electronics. I suspect one reasons for this conference is to figure out how you guys are going to make your living now that the Party's Over. I believe the Intelligence Community still has a role. We are entering the Information Age. And Information, after all, is what you do. You have an edge in the field, and I would hate to see you blow your lead. But there are some serious issues about information which must be dealt with, and they have almost nothing to do with whether it is open or closed. The real questions regarding information relate to usability...whether or not it is meaningful, whether or not it is relevant, whether or not it accurate, whether or not it is genuinely useful. There is, for example, an enormous amount of information on the Net. But the signal-to-noise ratio on the net is terrible. There's an awful lot of racket. So I suppose you do get a kind of secrecy, rather as in those fancy restaurants with the highly reflective walls, where you can hear the people shouting at you at your table, but you can't make out what anyone else is saying for the hub-bub. It's the intimacy of white noise. You folks have some expertise in an important function: sorting out that which is relevant from the huge spray of data that is coming at everyone. That is an important problem that is largely overlooked...so far the software solutions to it don't strike me as being much good. We talk about "smart agents" but they aren't smart, they're pretty dumb. You send them out and they return with too much. The problem is that the difference between data and information is meaning, something machines know little of. To determine whether data are meaningful, whether they are, in fact, information, you must pass them through a human mind. There is also a question of authority, reliability, and bias. For example, I think one of the things you will find in using open sources is that most media are intentionally designed to evoke a fearful response in the reader. I mean, fear sells, as well you know. Perhaps you have an important role in certifying the reliability of materials in open circulation. Perhaps you are already engaged in it. I recently got a call from a friend who is an expert on computer networking in the Confederation of Independent States, or whatever they call what's left of the Evil Empire these days. He was in a terrible state. He said, "I just got visited by the CIA, I don't know what to do. They showed up and wanted to know all about my most recent report. I'm afraid they're going to try to make me a CIA agent!" A scary thought, eh? I told him, "Look, it seems to me you already are a CIA agent." They're just trying to figure out if you're a good one!" We may find that there are many CIA agents, of widely varying reliability. The real CIA agents will have the subtler job of finding out which of them is telling the truth. The most important problem which the intelligence community must now confront relates to your own bureaucratic sclerosis and the pace at which information moves through your honeycomb of secrecy. The future, as IBM is learning, will be to the supple and swift and not necessarily to the mighty. In a world moving as rapidly as this one, information becomes incredibly time sensitive. Even if you do...as I think you absolutely must...eliminate the unnecessary classification within and without your organizations, you still have all the cumbersome buffers of bureaucracy to contend with. As I was preparing these remarks, I considered coming in here and suggesting that you break up the CIA into about five different private companies and go into business. That's probably too good an idea to implement. But it seems worthy of consideration. There is something that happens to your sense of urgency when you have a bottom line. You know that if you don't deliver, someone else will, which might be exactly the though to leave you on. I would like to thank you very much for your indulgence of an entirely different perspective. I've genuinely enjoyed this opportunity to get to know you. ------- End of Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sun, 21 Feb 93 13:58:03 PST To: cypherpunks@toad.com Subject: Trapdoors In-Reply-To: <9302182057.AA00885@tadpole.tadpole.com> Message-ID: <9302212154.AA02012@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Jim writes: >Interestingly enough, V9 SPARC has a population count (number of bits >set in word) instruction that was put in specificly at the request of >No Such Agency. Does anybody have a good idea what applications this is useful for? My first thought is that it's a very quick way to do linear error detection codes, since this instruction directly computes the Hamming weight of a code word. I can also see it being useful to detect correlations between sequences, such as a trial random stream and a known pseudorandom number generator. One would XOR the streams together and then count bits to calculate a correlation frequency. Other ideas? Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sun, 21 Feb 93 14:19:41 PST To: cypherpunks@toad.com Subject: New document for ftp. Message-ID: <9302212215.AA05824@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Hal Finney recently sent me an instruction manual for the cypherpunks remailers. Its on the ftp site. soda.berkeley.edu:pub/cypherpunks/hal's.instructions Spread the words. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sun, 21 Feb 93 14:32:28 PST To: cypherpunks@toad.com Subject: RSA licensing policy In-Reply-To: <9302201549.AA12245@IMSI.COM> Message-ID: <9302212228.AA07818@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >Anyone get very far with the CELP stuff yet? I forget: is it or isn't >it "acceptable use" to implement Diffie-Helman in code you don't sell? >What if you sell it later? At what point do you need to license it? This letter is not intended to start a flame war about patent rights, licensing, or anything similar. Reply directly to me. I've spoken with Jim Bidzos, president of RSADSI, about this very issue recently. They have a very easy to understand principle that governs the use of their patents. I am rephrasing it; at no time was this actually spoken. It's very simple: "If you make money with it, so do we." Their licenses are not out of line with patent licenses generally (and not just computer-related ones). If you make public domain software and use it for personal use, RSADSI will not come after you. If you make commercial software and sell it without obtaining a license, they will after you. If you use the software as a "mission-critical" part of your business and do not obtain a license, they will come after you. There are grey areas between these two poles. I do not address them. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: henry strickland Date: Sun, 21 Feb 93 14:28:36 PST To: hughes@soda.berkeley.edu (Eric Hughes) Subject: Re: Trapdoors In-Reply-To: <9302212154.AA02012@soda.berkeley.edu> Message-ID: <9302212232.AA12362@versant.com> MIME-Version: 1.0 Content-Type: text/plain # From cypherpunks-request@toad.com Sun Feb 21 14:14:43 1993 # # Does anybody have a good idea what applications this is useful for? The old CDC CYBER machines had population count in its instruction set. Perhaps some scientific-type programmers would know what they used it for. The CYBER did not have a lot of instructions -- they were pretty practical about what they put in. i.e. != VAX # My first thought is that it's a very quick way to do linear error # detection codes, since this instruction directly computes the Hamming # weight of a code word. That was always my assumption. Anyway, it's not unprecedented. strick strick@osc.versant.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Sun, 21 Feb 93 15:02:12 PST To: hughes@soda.berkeley.edu Subject: Re: Trapdoors Message-ID: <9302212253.AA14109@servo> MIME-Version: 1.0 Content-Type: text/plain A bit count instruction would be very handy in a project I've been working on lately, which is a new packet radio link level protocol for amateur packet radio. This protocol uses forward error correction, so it needs a highly reliable way to delimit the start of each physical link frame. A pseudo-random "sync" sequence is the standard way to do this, and you detect it with a correlator. The bit count instruction would come in handy here, since the only other fast way to do it is to use table lookup. Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Anonymous@cs.Buffalo.EDU Date: Sun, 21 Feb 93 11:56:43 PST To: cypherpunks@toad.com Subject: Re: whistleblower newsgroup? Message-ID: <9302211955.AA12769@armstrong.cs.Buffalo.EDU> MIME-Version: 1.0 Content-Type: text/plain >How about a newsgroup devoted to `whistleblowing' >where anonymity is encouraged? It could even be `anonymously moderated' >where all the postings are guaranteed to go through an anonymous server >before posting. (Whoever wanted to be *really* sure could anonymize the >message before posting.) I haven't seen *any* newsgroups dedicated to looking >at government abuses from the "inside" (this would be for employees esp.) >I can imagine all kinds of neat little secrets about our government's >illustrious practices leaking out.. The potential for `good' is good, Excellent idea. I am a government official who has blown the whistle on several major abuses, and have trusted friends in the media. I can see to it that if alt.whistleblowers becomes real, it will be read. Submissions should be to a mailbox that renders the articles anonymous before they go public. There might be an alt.whistleblowers.d for discussion where members of the press could (here's where crypto-tech comes in) post requests for further information. PGP (or whatever) sigs could serve as press "credentials" and interested reporters could post their public keys to a trusted repository. This has a lot of merit. Since we know that the press is the only effective means by which a tale of government abuse can be told, this could change the way government does business, knowing that honest people have nothing to fear by pointing out the crooks. I've seen it happen ... makes you feel good. -- +==== Internet: babani@cs.buffalo.edu ===+======== Amateur-Radio: N2LYC ======+ ! Bitnet: V078LNGT@ubvms.BITNET | UUCP: rutgers!ub!babani ! ! Alternate: an173@cleveland.freenet.edu | Plsure dpnds on the othrs prmison. ! +== PGP key available. (If you don't know what a PGP key is... find out!) ==+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Sun, 21 Feb 93 13:42:20 PST To: cypherpunks@toad.com Subject: Anon mailers Message-ID: MIME-Version: 1.0 Content-Type: text/plain Greets. Would someone be kind enough to post a listing of available anonymous remailers? And perhaps (as Kelly earlier interjected) be willing to compose a "how-to" and "why-for" text as well. As you might imagine, interest in this topic is picking up. Cheers. --- fergp@sytex.com (Paul Ferguson) Access <=> Internet BBS, a public access internet site Sytex Communications, Arlington VA, 1-703-358-9022 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: babani@cs.Buffalo.EDU (Rusty Babani) Date: Sun, 21 Feb 93 12:05:55 PST To: cypherpunks@toad.com Subject: Last message about wistleblowing. Message-ID: <9302212004.AA13024@armstrong.cs.Buffalo.EDU> MIME-Version: 1.0 Content-Type: text/plain The last message about whistle blowing ended up in my mailbox because the request-remail-to line was formatted wrong. I simply forwarded on to the list seeing as it wasn't too much work. I just want people to know that *I* wasn't the originator of the messgae even though it has my signature on it! Thanks. The anonymimity of the original sender was still protected, howver. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: kelly@netcom.com (Kelly Goen) Date: Sun, 21 Feb 93 18:09:47 PST To: cypherpunks@toad.com Subject: Political and social action, cypherpunk assisted (fwd) Message-ID: <9302220208.AA04250@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Forwarded message: > From gnu@toad.com Sun Feb 21 12:27:13 1993 > Message-Id: <9302212028.AA25645@toad.com> > To: farber@cis.upenn.edu, gnu@toad.com, barlow@eff.org > Cc: kelly@netcom.com > Subject: Political and social action, cypherpunk assisted > Date: Sun, 21 Feb 93 12:28:10 -0800 > From: gnu@toad.com > > Kelly, I think you should also add some more mainstream groups like > talk.environment, talk.politics.misc, alt.politics.homosexuality, > alt.society.civil-liberty, alt.society.civil-disob, > comp.society.privacy, alt.privacy, comp.org.eff.talk. This is not > just a tool for conspirators, anarchists, and revolutionaries, though > the FBI and NSA would love to pigeonhole us that way. It's for anyone > who wants to exercise their Constitutionally-protected rights to > privacy or anonymity. > > John > I agree completely John, in fact I have had a talk with Phil Z. and have his best wishes in this area, one thing that has come up recently is putting together COMPLETE packages of Binaries of PGP for various platforms, along with hopper email preparation scripts, programs to email or otherwise get news to a newsgroup, or emailing list. minimal configurations for the amove. EASY installation scripts and/or instructions to install and verify correct installation of same, perhaps a Video could be prepared that could be distributed throught the community cable channel network or borrowable thought a public for the community station could be arrange, the main thing I see is spreading this tech far and wide first to the groups that have the most need of it and then to the mainstream. A foreign site at present is best for the complete packages because of US ITAR regulations, although uncoercible platforms such as toad.com and hosts in the edu domain could also be perhaps a contribution to the situation. I see the CLEAR and present DANGER if we dont start treading this new legal ground quickly and establish legal precedent by action and litigaion if need be. Our rights will be abridged and condensed so fast you wont even be able to reply "thank you Mr. Webster" before people start assuming a Maxmillian code of Justice instead of the one granted us by the US Constitution. I see Privacy and anonymity as Inalienable rights reserved to the people under the 9th amendment. I also view the ITAR regulations classifying crypto as a weapon/munition as putting crypto under the purview of the second amendment under the right to keep and bear arms. I also hold that expression of free thoughts feelings and the tangilbe manifestion of same known as software to be forms of protected speech under the first amendment. As I am a member of society who always will test the letter of the law n these areas to the limit, I now realize that the socalled crypto-war with the federal government has to have a broad base of public support before we are adjudged criminals by the govt controlled press in this country and have our rights trampled under like the way all groups have had theirs trampled under by the govt. I for one dont wish to wake up in some morning with some federal agents gun stuck up my nostril such as happened in the sundevil raids. RICO seizures are currently illegally used by the federal lackeys to totally circumvent all the protections of the bill of rights and to acquire shamelessly computer hardware for local, state and federal law enforcement agencies. Can you say THEFT!!.. Can you say Violation of the 4th amendment of the US Constitution!! Oh DAMN!! I went and got passionately political again... OK I will shutup... for now... besides I have to answer all of this fascinating e-mail I seem to be getting... And work on this document... cheers kelly From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eli Brandt Date: Sun, 21 Feb 93 19:42:22 PST To: cypherpunks@toad.com Subject: msdos perl In-Reply-To: Message-ID: <9302220342.AA07039@toad.com> MIME-Version: 1.0 Content-Type: text/plain > Slight complaint: The only available port of perl to DOS is 386 or > higher only, The perl419x.zip in simtel:msdos/perl doesn't even use the 386. However, those without 386 + memory manager may have a bit of a hard time with memory. I don't know about the perl4019.zip in the same directory; I snarfed it to check, but it has no docs (and I don't care to disassemble for 386 code!) > CrysRides Eli ebrandt@jarthur.claremont.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Crys Rides Date: Sun, 21 Feb 93 17:14:04 PST To: Eli Brandt Subject: Re: anonymous mail In-Reply-To: <9302191753.AA12638@pmantis.berkeley.edu> Message-ID: <9302220111.AA20996@ucunix.san.uc.edu> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- >>>>> On Sun, 21 Feb 93 13:00:03 PST, Eli Brandt said: Eli> You might want to work in perl, which would make the scripts work under Eli> Unix and DOS, at least. Is there a Mac perl? Slight complaint: The only available port of perl to DOS is 386 or higher only, so will definately limit your effective use more than an executeable or batch file. As for a Mac Perl, a quick scan of my Camel book doesn't turn up a mention of one. I could have missed it. Eli> PGP 2 key by finger or e-mail Eli> Eli ebrandt@jarthur.claremont.edu CrysRides -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK4gkOpSqD+bQ7So3AQEO/gP+PeGnx2c+pYJwjJmrX9pQS074sQj3/ZaC WwOMLj6JOKxcuFBWmRru9u+bB9WWIVmswSmF7IN69RbmNCOuSxPkjzfyZXmMBqkk HzUJFZVOI6CKTi8POmfUuJD6kORTUjgoW2Jj3NycCDb6mdX2ysLrVJfz4LXKEm0B Yl5M/CBju+M= =37Z/ -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Kelly Goen Date: Sun, 21 Feb 93 21:07:03 PST To: cypherpunks@toad.com Subject: New Directions on the Internet-Privacy what are the threats... Message-ID: <9302220425.AA05986@cds9041> MIME-Version: 1.0 Content-Type: text/plain Hi all, to John Gilmore in particular... John I would like to use the incident I discussed with you in encrypted mail as a start to discussing what the technical/programmed threats to privacy on the Internet using just simple scripts and programs available on the Internet. I agree that is does range somwhat far from the usual fare of crypto but it began as a PGP-key-server to mailing list correlation and it definitely illustrates the current threat there is to privacy... I would like to use the toad.com site as an example while not revealing the list contents in the open posting due to personal feelings and ethics about privacy... how do you and the list feel about this new topic area... thanx and cheers kelly (oklahoma) goen p.s. The response I have gotten for my call to action has been gratifying indeed I will get back to everyone of you as time and preparation of the FAQ permits... I welcome ALL of your suggestions, critiques and help as well as pointers to programs and information... btw is "Digital Privacy" off the presses yet and if so where can I get a copy in the silicon valley area... best of luck to all the members of this list and thanx again... -------- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fnordbox!loydb@cs.utexas.edu (Loyd Blankenship) Date: Mon, 22 Feb 93 09:27:50 PST To: cypherpunks@toad.com Subject: Government Encryption Message-ID: <9302220445.AA00b4f@fnordbox.UUCP> MIME-Version: 1.0 Content-Type: text/plain Recently there was a thread on a public-key program that would involve a central, government-backed-or-authorized agency to issue key pairs and serve as a repository. Could someone please post some details on this -- I seem to have gotten it into my head that this is how PEM works, and I don't know whether I'm right or just medicated. :-) Loyd *************************************************************************** * loydb@fnordbox.UUCP Call the Fnordbox BBS * Loyd Blankenship * * GEnie: SJGAMES 2 v32bis lines, 24 hrs * PO Box 18957 * * Compu$erve: [73407,515] 512/444-2323 * Austin, TX 78760 * * cs.utexas.edu!dogface!fnordbox!loydb * 512/447-7866 * *************************************************************************** From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Bruce.Baugh@p23.f40.n105.z1.fidonet.org (Bruce Baugh) Date: Mon, 22 Feb 93 08:45:22 PST To: cypherpunks@toad.com Subject: subscribe Message-ID: <730377978.AA01324@therose.pdx.com> MIME-Version: 1.0 Content-Type: text/plain Please add me to your mailing list. Thanks! UUCP !qiclab!therose INTERNET: therose.fidonet.org FIDONET: 1:105/7.0 UUCP <> FidoNet(tm) Gate is a public service provided by therose.pdx.com. **Reply messages should not be sent to/through therose.pdx.com** From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jay Prime Positive Date: Mon, 22 Feb 93 00:57:57 PST To: cypherpunks@toad.com Subject: Computer Virus Origins In-Reply-To: <9302190714.AA23494@netcom.netcom.com> Message-ID: <9302220055.aa26050@hermix.markv.com> MIME-Version: 1.0 Content-Type: text/plain It has been a bit of a sore point with me for some years. When Fred Cohen wrote his thesis he credited Len Adelman ((the A in RSA) our professor at the time) with coining the term "virus". In fact it was I who did this. It was I who introduced the class to the concept of computer viruses. I developed the idea with a guy named Eric ??? with whom I worked at the time. It was in private with Eric that I came up with the name (or perhaps he may have sugested it). I based the idea on the "worm" from one of John Brunner's novels which I had just read. The name is a natural choice for this class of program, and I don't doubt that others may have nearly simultaneuosly come upon the same idea. I certainly didn't write the first virus. j' (computer virus meme source) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Crys Rides Date: Mon, 22 Feb 93 03:52:21 PST To: Eli Brandt Subject: msdos perl In-Reply-To: <9302220342.AA07039@toad.com> Message-ID: <9302221150.AA00474@ucunix.san.uc.edu> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- >>>>> On Sun, 21 Feb 93 19:41:06 PST, Eli Brandt said: > Slight complaint: The only available port of perl to DOS is 386 or > higher only, Eli> The perl419x.zip in simtel:msdos/perl doesn't even use the 386. Eli> However, those without 386 + memory manager may have a bit of Eli> a hard time with memory. I don't know about the perl4019.zip in Eli> the same directory; I snarfed it to check, but it has no docs (and Eli> I don't care to disassemble for 386 code!) The executeable in the file you refer to can also be ftp'd from tandem.com, it's source site, in the directory /pub/perl. To quote the README file for that directory: Last updated: Saturday, February 1, 1992 Latest bcdos version of Perl: 1.4 This is a port of Perl 4.019 to MS-DOS using Borland C++ V3.0. It will NOT compile with versions of BC++ prior to 3.0. The port is complete given the functionality of DOS versus UNIX. Support will be added in the future for ndbm() routines using GNU-ndbm (when I get around to it !). The port makes use of Borland's VROOM technology and pretty much *requires* access to extended memory. There is approx. 300+ Kbytes of memory available ^^^^^^^^ for Perl scripts. The amount of memory available can be checked using two user subroutines added via Larry Wall's usersub.c hook. &heapfree() - returns size of far heap in bytes &stkfree() - returns size of free stack The port also makes use of xspawn() (available from Simtel or Wuarchive if you look hard enough) and will swap itself to either extended memory or disk when Perl invokes the system() call. This leaves about 605 Kbytes of memory available for DOS apps on my 386 machine running DOS 5.0. I've run this port of Perl against all the test cases supplied in the normal Perl release. They all work except those that call perl again (not enough memory !) or have specific UNIX dependencies (that dont work on DOS - too bad !). This version of Perl has been tested on both 286 and 386 machines with and without extended memory. If you find problems on a specific machine I would like to hear about them but don't necessarily commit to fix them. As per the Artistic and GNU licenses, you get what you paid for and your on your own ! There are three files herein: bcv14_perl4-019.zip Contains all the source files. There are only one or two files that have changed from the standard 4.019 release (nice job lwall on portable code !). bcv14_perl4-019E.zip Contains the executeable for perl PERL.EXE and all the library files for perl. If you don't intend to re-build PERL, then THIS IS THE FILE FOR YOU ! xspawn34.zip This file contains the xspawn routine used by bcdos_Perl to swap out to extended memory or disk when running child processes. It is identical to the the one that can be found on simtel or wuarchive. Nota bene re extended memory; This port attempts to reserve 128K bytes of extended memory for the VROOM arena. A 64K arena ran like a DOG so this is about the optimum size of memory versus speed. Happy hacking ! Stuart G. Phillips N6TTO/G8HQA/DA4BM/OZ... (you get the idea) [stu@tandem.com] I've not encountered a non 286/386/486 with extended memory, which this file says it requires. Plus there is no testing on machines other than those. I've attempted to run this on an antiquated 8088. It simply executes and drops back to the command line without action. Much as I feel perl would be an easy and useful way to code this up, I don't feel it's a tool with the broadest reach at this time for DOS. Sorry. > CrysRides Eli> Eli ebrandt@jarthur.claremont.edu CrysRides again -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK4i64JSqD+bQ7So3AQGA9wP/bcK1XiUJD2fCv6DslWXF9SGJjpg+XmZT UbIXgk34EpQV2dvbpIv8Rb8w9kKHEsj+sb+Koxad2m2qDJPa0rPYD4VzUbBHEmIC DTctXvcemjlwzLRHp19Udn3nMchtvnEz2hb0ZkTyBkuVJYrkU5r8HgCr2etpPgyX IWwBsIINGGo= =6W7Q -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl Barrus Date: Mon, 22 Feb 93 06:20:49 PST To: cypherpunks@toad.com Subject: list of remailers Message-ID: <199302221419.AA04336@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain Paul Ferguson asks for a list of remailers. Here's it the latest one I have: 1: hh@pmantis.berkeley.edu 2: hh@cicada.berkeley.edu 3: hh@soda.berkeley.edu 4: nowhere@bsu-cs.bsu.edu 5: ebrandt@jarthur.claremont.edu 6: hal@alumni.caltech.edu 7: remailer@rebma.mn.org 8: elee7h5@rosebud.ee.uh.edu 9: phantom@mead.u.washington.edu 10: hfinney@shell.portal.com 11: babani@cs.buffalo.edu 12: remail@extropia.wimsey.com NOTES: #1-#5 no encrypted remailing requests #5-#12 support encrypted remailing requests; public key available #2 requires remailing request to appear in header (am working on a PERL script which will do this) #12 requires encryption (message and header together) #7,#12 introduce larger than average time delay (which is probably a desirable thing!) It's been a good week for remailers - three of them came to my attention (nowhere@bsu, ebrandt@jarthur, babani@cs)! /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Bruce.Baugh@p23.f40.n105.z1.fidonet.org (Bruce Baugh) Date: Mon, 22 Feb 93 23:39:17 PST To: cypherpunks@toad.com Subject: unsubscribe Message-ID: <730436572.AA01330@therose.pdx.com> MIME-Version: 1.0 Content-Type: text/plain I find that I must ask to have this address removed from your mailing list. Sorry for the inconvenience. UUCP !qiclab!therose INTERNET: therose.fidonet.org FIDONET: 1:105/7.0 UUCP <> FidoNet(tm) Gate is a public service provided by therose.pdx.com. **Reply messages should not be sent to/through therose.pdx.com** From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mark@coombs.anu.edu.au (Mark) Date: Sun, 21 Feb 93 14:19:32 PST To: ebrandt@jarthur.Claremont.EDU (Eli Brandt) Subject: Re: Sources for perl code In-Reply-To: <9302212101.AA26262@toad.com> Message-ID: <9302212218.AA27312@coombs.anu.edu.au> MIME-Version: 1.0 Content-Type: text/plain >You might want to work in perl, which would make the scripts work under >Unix and DOS, at least. Is there a Mac perl? On coombs.anu.edu.au in /pub/perl/misc/perl.code.sources there is a list of places to get perl source/binaries for Ataris, IBMs, Macs, and VMS. Unix is available everywhere in the GNU sections of ftp archives. Also there is a large number of scripts in /pub/perl/scripts. See the README file for usage details and for the European mirror site. The INDEX file lists each script and gives a short description. Hope this helps, Mark mark@coombs.anu.edu.au From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Mon, 22 Feb 93 10:18:19 PST To: cypherpunks@toad.com Subject: Key Registration Message-ID: <9302221816.AA13316@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain >Recently there was a thread on a public-key program that would involve a >central, government-backed-or-authorized agency to issue key pairs and >serve as a repository. Could someone please post some details on this -- >I seem to have gotten it into my head that this is how PEM works, and I >don't know whether I'm right or just medicated. :-) > >Loyd The proposal was slightly different and has not been officially proposed as any kind of law. Here are some more details: * Dorothy Denning, noted cypto and security expert, floated a trial balloon at the Computer Security Conference last fall. (I summarized it and posted it to sci.crypt, where more than 1000 messages related to this thread, "A Trial Balloon to Ban Encryption?," eventually appeared.) * Under her proposal, a user of P-K methods would take his _private_ key and encrypt it to the _public_ key of an agency like the Justice Department (which I'll use from now on to represent the government side). The encrypted key would then be placed in a repository with another agency, perhaps a private agency like the CPSR or even the EFF. The key storage agency obviously could not read the messages (as they would be encryped to the Justice Deparment's key). * A properly-obtained warrant could then be presented to the key repository, obtaining the specific key. The Justice Department could then decrypt with its private key and thus have the private key of the user. * Ostensibly, this prevents the Justice Department from simply snooping through whatever messages it wishes to read. * There are some obvious practical and constitutional issues: - What happened to constitutional rights to privacy? Analogously, must one escrow personal diaries? Install tape recorders in all private places and escrow copies of all tapes? (Lots of comparisons to free speech, to gun control, etc.) - What happens when people register the "wrong" key? Is this even detectable? - If "noise" is sent, will the Justice Department demand the "key" be presented? How? And what penalties for noncompliance? - Many applications demand dynamic generation of keys---many public keys, many session keys, etc. How will these be registered? What fees? - It seems likely that a key registration scheme will also place limits on many of the things we hold dear on this list--digital money, anonymous systems, remailers, and all the other wonders of crypto anarchy. There's a lot more. And there was a lot of debate in sci.crypt about this. Fortunately, I don't see any further moves to make this a law. But it may come in a few years. -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eli Brandt Date: Mon, 22 Feb 93 10:42:31 PST To: cypherpunks@toad.com Subject: Re: msdos perl In-Reply-To: Message-ID: <9302221842.AA20199@toad.com> MIME-Version: 1.0 Content-Type: text/plain > The executeable in the file you refer to can also be ftp'd from > tandem.com, it's source site, in the directory /pub/perl. To quote > the README file for that directory: > The port makes use of Borland's VROOM technology and pretty much *requires* > access to extended memory. There is approx. 300+ Kbytes of memory available > ^^^^^^^^ (emphasis not mine) Which means a 286, not a 386. If there are a lot of people out there on 8086 machines, sorry. People with that particular problem are going to have a hard time running most modern software, let alone Unix ports. > This version of Perl has been tested on both 286 and 386 machines with > and without extended memory. > CrysRides PGP 2 key by finger or e-mail Eli ebrandt@jarthur.claremont.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: an5877@anon.penet.fi (deadbeat) Date: Mon, 22 Feb 93 10:18:03 PST To: cypherpunks@toad.com Subject: Bug in the anon.penet.fi remailer Message-ID: <9302221721.AA07390@anon.penet.fi> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- I believe I have uncovered a serious bug in the Finnish anonymous remailer, one that allows me to piece together anonymous id's and actual email addresses. I'm reluctant to publish the details here, but I'll explain how it works if you send me your email address. > DEADBEAT -----BEGIN PGP SIGNATURE----- Version: 2.1 iQBFAgUBK4kCn/FZTpBW/B35AQEOkgF/euVoBz+q3iOb8oAFWaF5n/lPIIv76L0y eT0bYJl7RebSiyV8tWzXWNibZrPn1aPc =6ZVT -----END PGP SIGNATURE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help@anon.penet.fi. Due to the double-blind system, any replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin@anon.penet.fi. *IMPORTANT server security update*, mail to update@anon.penet.fi for details. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: eric_r@zeus.c-engr2.siu.edu (Eric Rainbolt) Date: Mon, 22 Feb 93 09:59:31 PST To: cypherpunks@toad.com Subject: Cancel subsciption Message-ID: <9302221755.AA08329@zeus.c-engr2.siu.edu> MIME-Version: 1.0 Content-Type: text/plain please unsubscribe me from the mailing list ejr From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eli Brandt Date: Mon, 22 Feb 93 12:43:38 PST To: cypherpunks@toad.com Subject: Re: Being kind to 8086 users - was: Re: msdos perl In-Reply-To: <9302222004.AA00911@anchor.ho.att.com> Message-ID: <9302222043.AA22967@toad.com> MIME-Version: 1.0 Content-Type: text/plain > There's one part of the market that's still heavily populated with > 8086 machines - portables. Good point. Perhaps maintaining compatibility with this particular archaism is not a bad idea after all. Urk. > Bill Stewart Eli ebrandt@jarthur.claremont.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: scott@shrug.dur.ac.uk (Scott A. McIntyre) Date: Mon, 22 Feb 93 04:52:41 PST To: cypherpunks@toad.com (Cypherpunks) Subject: PGP question Message-ID: MIME-Version: 1.0 Content-Type: text/plain I'm sure this isn't the right place for this question, but what the hell. I've added a second mailing address to my public key, but this causes a validity error (unknown sigantor) when checked with -kc. How can I go about making that go away so that people who check will not be greeted by this message? Only been in PGP a week, Scott From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pmetzger@shearson.com (Perry E. Metzger) Date: Mon, 22 Feb 93 11:10:37 PST To: jpp@markv.com Subject: Re: Computer Virus Origins Message-ID: <9302221811.AA14814@maggie.shearson.com> MIME-Version: 1.0 Content-Type: text/plain > From: Jay Prime Positive > It has been a bit of a sore point with me for some years. When Fred > Cohen wrote his thesis he credited Len Adelman ((the A in RSA) our > professor at the time) with coining the term "virus". In fact it was > I who did this. It was I who introduced the class to the concept of > computer viruses. I developed the idea with a guy named Eric ??? with > whom I worked at the time. It was in private with Eric that I came up > with the name (or perhaps he may have sugested it). I based the idea > on the "worm" from one of John Brunner's novels which I had just read. Brunner's novel explicitly mentions the notion of viruses as well as tapeworms. Remember the "phages"? A phage is a virus. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Anonymous) Date: Mon, 22 Feb 93 10:29:05 PST To: cypherpunks@toad.com Subject: No Subject Message-ID: <9302221825.AA18161@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- I believe I have uncovered a serious bug in the Finnish anonymous remailer, one that allows me to piece together anonymous id's and actual email addresses. I'm reluctant to publish the details here, but I'll explain how it works if you send me your email address. > DEADBEAT -----BEGIN PGP SIGNATURE----- Version: 2.1 iQBFAgUBK4kCn/FZTpBW/B35AQEOkgF/euVoBz+q3iOb8oAFWaF5n/lPIIv76L0y eT0bYJl7RebSiyV8tWzXWNibZrPn1aPc =6ZVT -----END PGP SIGNATURE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help@anon.penet.fi. Due to the double-blind system, any replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin@anon.penet.fi. *IMPORTANT server security update*, mail to update@anon.penet.fi for details. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: deltorto@aol.com Date: Mon, 22 Feb 93 13:00:39 PST To: cypherpunks@toad.com Subject: Rambo Lives Message-ID: <9302221330.tn00927@aol.com> MIME-Version: 1.0 Content-Type: text/plain >>kelly@netcom.com >> >> [stuff removed] >> ...the military in general and the >>army , marines and and special intelligence agencies>, they >>are after all as their prime mission capable of extreme violence and the >>taking of human life, as a means of social control. >>Law enforcement seems to have very similiar mentality as well, >>with CONTROL being the agenda and reason for existance-- >>Suppose we think of guerilla products such as PGP and anoynmous >>posting mechanisms and forwarders in their larger social sense >>As behaviour modification for those who would have our privacy >>as well as our lives ...and thus the government's decision to consider PGP (a privacy mechanism) as "munitions." At first I thought it was outrageous, but it all makes curious sense somehow when you bop yourself on the head the right way, doesn't it? I say we should ensure that as many citizens as possible get ahold of PGP as soon as possible. After all, the NRA would have us believe that it's every citizen's right to "bear arms," so why shouldn't we (especially those who choose not to carry firearms like me) all have whatever sort of weapon we choose to "carry?" That's all for now, excuse me while I go hurl. All this crap really makes me a bit ill, to tell you the truth. I only want the same respect I give to other people, not a lot of static from a bunch of haircuts with sidearms. d2t PS: Keep this in mind the next time you see someone you love patronize a Rambo-style movie or play a game of shoot-'em-up Ninten do - this is where the Bad Guys get their funding, lads. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: deltorto@aol.com Date: Mon, 22 Feb 93 13:00:39 PST To: cypherpunks@toad.com Subject: Proposal - The 'Peterson.mil' Virus List Message-ID: <9302221331.tn00928@aol.com> MIME-Version: 1.0 Content-Type: text/plain Yo, Punks I propose that we establish another list dedicated to the study of viruses and name it after Keith Peterson. After all, why shouldn't he get some credit for awakening a sleeping giant? I want to know more about viruses so I can protect myself from government-created viruses and so I can learn about the various mechanisms involved. In addition, the study of self-promulagting code has very positive implications for the study of "smart email." For those of you who haven't been following the exploits of General Magic and their Telescript protocol, there will soon be mail which "delivers itself" to the right location. I'm sure our members at General Magic can illuminate this subject further. The implications of this technology reach into the world of encryption and viruses and certainly further into the realm of privacy discussions. Wot say, all? d2t From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: treason@gnu.ai.mit.edu Date: Mon, 22 Feb 93 10:33:42 PST Subject: No Subject Message-ID: <9302221832.AA09541@spiff.gnu.ai.mit.edu> MIME-Version: 1.0 Content-Type: text/plain Does anyone know the status of this product? Is it proprietary? What encryption algorityhms does it use? Are there any flaws in it? treason@gnu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Mon, 22 Feb 93 10:53:54 PST To: Cypherpunks Subject: Government encryption Message-ID: <930222183917_74076.1041_DHJ70-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain Loyd Blankenship asks whether PEM involves having a government agency create key pairs. I think this may be confusing two different issues. PEM does not involve having anyone else create key pairs for you. You create your own keys and keep the private key secret just as in any other public key system. However, PEM requires you to get a "certificate" from an agency in order to use the system. The certificate-issuing agency is typically expected to be your employer or your university, from my reading of the RFC's. Large institutions like these would issue certificates, which are basically similar to PGP's key signatures, which certify that you are who you say you are. The large institutions themselves would have their own public keys signed by an agency higher in some key-signing hierarchy. Last I checked, the top of the hierarchy was the company RSADSI; they would certify the companies and the companies would certify the employees. I think this part may have changed a little in the last few drafts of the new RFC. So, there's not really any government involvement. There is a centralized hierarchy for key signatures, but key generation is still an individual activity. Oh, yes, there may also be a charge for getting your key signed; this charge might be borne by the company/university in some cases. There is also a provision to get a certificate outside this system; these "persona" certificates wouldn't really vouch for anything but they would let you use PEM. I'm not sure what they will cost. The other idea which Loyd might have been mixing up with this was Dorothy Denning's proposal several months ago that all users of public key systems be required to register their secret keys with some quasi-governmental agency. (Originally she proposed the Justice Department, then later suggested an independent group.) This way if the government wanted to spy on your communications, it would have to get a court order (as it does now, in theory, for wiretaps), and take this court order to the key-holding agency to get them to reveal your secret keys. Then it could read your messages. This proposal was subjected to a very strong attack led largely by our own Tim May. It soon became known as the "lead balloon" for its lack of support and has not been heard of recently. I don't think anyone would be terribly surprised if some variant were to resurface, though. Hal Finney From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mccoy@ccwf.cc.utexas.edu (Jim McCoy) Date: Mon, 22 Feb 93 11:49:17 PST To: fnordbox!loydb@cs.utexas.edu (Loyd Blankenship) Subject: Re: Government Encryption In-Reply-To: <9302220445.AA00b4f@fnordbox.UUCP> Message-ID: <9302221947.AA12383@tramp.cc.utexas.edu> MIME-Version: 1.0 Content-Type: text Loyd Blankenship (fnordbox!loydb@cs.utexas.edu) writes: > To: cypherpunks@toad.com > Subject: Government Encryption > > Recently there was a thread on a public-key program that would involve a > central, government-backed-or-authorized agency to issue key pairs and > serve as a repository. Could someone please post some details on this -- This "rumor" seems to be the result of two different, but not necessarily better, events. The first is an Usenet posting by Dorothy Denning (anyone have a copy of this posting/report BTW, I seem to have lost mine and only have the 400K or responses in sci.crypt...) and an article in the July 1992 CACM by Ron Rivest that suggested that people be required to register thier _private_ keys with some government authority so that feds with a warrant (and anyone with enough cash to bribe the civil servant sitting at the "private-key desk") can break open messages and files encrypted using PKE. The other is the PEM RFC that talked about certification authorities (and mentioned that government institutions could be one type of, but not the only type of, certification authority. The two seem to have come together into one nifty rumor that gives paranoid people ulcers and causes the rest of us to be a little more vigilant... > I seem to have gotten it into my head that this is how PEM works, and I > don't know whether I'm right or just medicated. :-) No, not really. PEM specifies a standard for exchange of encrypted mail messages, but does not enforce a particular method of key certification. They do talk a lot about certification authorities, but these are not necessarily government institutions. Check out RFC1113-1115 at your friendly neighborhood RFC server. The mrr-password.ps file on soda.berkeley.edu in /pub/cypherpunks goes into a lot of detail about CAs so you might also want to check that one out. jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@rosebud.ee.uh.edu Date: Mon, 22 Feb 93 12:44:13 PST To: cypherpunks@toad.com Subject: Beware of anon.penet.fi message! Message-ID: <9302222044.AA22982@toad.com> MIME-Version: 1.0 Content-Type: text/plain Beware of the message about the security bug in the anon.penet.fi software! If you do as requested, and send your true email address to an5877@anon.penet.fi then he will see both your true email address and your anonymous address (if you have one - if you don't, you will be assigned one and he will see that). Any future use you make of this anonymous server (say, to post anonymously) will appear under that same anonymous address - and this person will know your true email address that goes with it. an5877's message appears to be a trick, designed to collect anonymous/real address pairs. Johan Helsingius should take action against this trickster. Since he is learning other people's real addresses, perhaps it would be appropriate for his own real address to be revealed. But, this does point out that these systems which automatically assign anonymous addrsses have several security flaws. Johan has already had to introduce a "password" feature to make it more difficult to send fakemail that appears to be from a particular email address through the server, thus revealing the corresponding anonymous address when it is delivered. an5877's trick is a variant on one discussed in news.admin.policy where it is pointed out that you can mail to someone via anon.penet.fi and ask for information; when the return mail comes back it will be from that person's anonymous address. So again you can pair up real and anonymous addresses. These are serious problems. We need some discussion of how to avoid these simple tricks for defeating the anonymity while still having an easy-to-use system. ::Xavier:: From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: cp@jido.b30.ingr.com (Craig Presson) Date: Mon, 22 Feb 93 12:58:17 PST To: cypherpunks@toad.com Subject: Re: Trapdoors In-Reply-To: <9302212232.AA12362@versant.com> Message-ID: <199302222055.AA18782@jido.b30.ingr.com> MIME-Version: 1.0 Content-Type: text/plain In <9302212232.AA12362@versant.com>, henry strickland writes: |> # From cypherpunks-request@toad.com Sun Feb 21 14:14:43 1993 |> # |> # Does anybody have a good idea what applications this is useful for? |> |> The old CDC CYBER machines had population count in its instruction |> set. Perhaps some scientific-type programmers would know what they |> used it for. The CYBER did not have a lot of instructions -- they |> were pretty practical about what they put in. i.e. != VAX More precedent: DG Eclipses have a COB (COunt Bits) instruction. Interestingly enough, there seems to be no such instruction in the VAX (This from R'ingTFM. I have pitifully little VAX experience.) ^ / ------/---- cp@jido.b30.ingr.com (Craig Presson) / / From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com (Bill_Stewart(HOY002)1305) Date: Mon, 22 Feb 93 12:05:06 PST To: cypherpunks@toad.com Subject: Being kind to 8086 users - was: Re: msdos perl Message-ID: <9302222004.AA00911@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text The discussion on porting perl to MS-DOS led to the following comment: > >*requires* access to extended memory. There is approx. 300+ Kbytes of memory available > > ^^^^^^^^ > Which means a 286, not a 386. If there are a lot of people out there on > 8086 machines, sorry. People with that particular problem are going to > have a hard time running most modern software, let alone Unix ports. There's one part of the market that's still heavily populated with 8086 machines - portables. Especially cheap, lightweight portables, and palmtops like the HP95LX, which people might use to do their private email from, or carry around to exchange PGP keys with, or use as a smartcard for digicash and remote access to networks. Another part is DOS emulation running on real machines - I think lots of that is 8086-like. 640K RAM is a hard limit to live with, and sometimes you just can't do it, but it's nice if people don't *gratuitously* make their software not fit here. There's lots of real work that can still be done on them, and really patient people can even run Unix-like operating systems such as Minix. Bill Stewart From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl Barrus Date: Mon, 22 Feb 93 13:19:35 PST To: cypherpunks@toad.com Subject: remailer scripts Message-ID: <199302222118.AA18542@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain Douglas Sinclair helped me uncover a subtle problem which may arise in the use of the remailer scripts: since errors are redirected to /dev/null or nul, if a key is untrusted (or isn't there), the script will hang, waiting for input from a prompt you don't see. New versions of hop.mail, hop.send, and anon.mail should be up at the ftp site soon... If anybody feels like porting these scripts to the Mac, Amiga, or VMS, please feel free! I know zippo about these platforms, as far as batch languages. Also, regarding compatibility with pc's - although the MSDOS script language could stand some big time improvement, it seems the best to use for max portability. But I'll definitely attempt a PERL translation and then the folks who can use PERL will be able to. /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: an5877@anon.penet.fi (deadbeat) Date: Mon, 22 Feb 93 20:56:30 PST To: cypherpunks@toad.com Subject: Re: Beware of anon.penet.fi message! Message-ID: <9302230431.AA28945@anon.penet.fi> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Xavier hit the nail on the head -- my note was a subterfuge, intended to reveal the association between anonymous id's and email addresses. I think it's wrong for anon.penet.fi to operate this way. > DEADBEAT -----BEGIN PGP SIGNATURE----- Version: 2.1 iQBFAgUBK4lD7/FZTpBW/B35AQGiCQF9HFeDhXk7FV9mhIMh9zGmxblLvCt8bszr 4daRmyo8/cJMK7Y5V7kfQN05CEdJo6oc =KalQ -----END PGP SIGNATURE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help@anon.penet.fi. Due to the double-blind system, any replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin@anon.penet.fi. *IMPORTANT server security update*, mail to update@anon.penet.fi for details. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: an5877@anon.penet.fi (deadbeat) Date: Mon, 22 Feb 93 22:53:28 PST To: cypherpunks@toad.com Subject: Re: Beware of anon.penet.fi message! Message-ID: <9302230609.AA05038@anon.penet.fi> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Xavier hit the nail on the head -- my note was a subterfuge, intended to reveal the association between anonymous id's and email addresses. I think it's wrong for anon.penet.fi to operate this way. > DEADBEAT -----BEGIN PGP SIGNATURE----- Version: 2.1 iQBFAgUBK4lD7/FZTpBW/B35AQGiCQF9HFeDhXk7FV9mhIMh9zGmxblLvCt8bszr 4daRmyo8/cJMK7Y5V7kfQN05CEdJo6oc =KalQ -----END PGP SIGNATURE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help@anon.penet.fi. Due to the double-blind system, any replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin@anon.penet.fi. *IMPORTANT server security update*, mail to update@anon.penet.fi for details. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: David Reeve Sward Date: Mon, 22 Feb 93 13:27:17 PST To: cypherpunks@toad.com Subject: Re: Beware of anon.penet.fi message! In-Reply-To: <9302222044.AA22982@toad.com> Message-ID: MIME-Version: 1.0 Content-Type: text/plain Excerpts from list.cypherpunks: 22-Feb-93 Beware of anon.penet.fi mes.. by nobody@rosebud.ee.uh.edu > These are serious problems. We need some discussion of how to avoid these > simple tricks for defeating the anonymity while still having an easy-to-use > system. Perhaps a new header such as X-Anon-Doubleblind: yes|no defaulting to yes...? As was said, the doubleblind system is a great idea, but incomplete if you want to correspond to someone without revealing your anon id. -- David Sward sward+@cmu.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jthomas@kolanut.mitre.org (Joe Thomas) Date: Mon, 22 Feb 93 13:31:55 PST To: cypherpunks@toad.com Subject: Re: Anon bug Message-ID: <9302222129.AA02099@kolanut> MIME-Version: 1.0 Content-Type: text/plain an5877@anon.penet.fi (deadbeat) wrote: >> I believe I have uncovered a serious bug in the Finnish anonymous >> remailer, one that allows me to piece together anonymous id's and >> actual email addresses. >> >> I'm reluctant to publish the details here, but I'll explain how it >> works if you send me your email address. To which Julf replied: >Hmm. How about letting me know about it so that I have a chance to fix >it? I'm worried that the "serious bug" might be that the system won't prevent the gullible from mailing "deadbeat" their e-mail addresses through penet. Once they've done that, he can "piece together" their anonymous IDs and email addresses quite easily. I hope I'm wrong about this, though... Joe (Who is not writing virii at the MITRE Corporation... not doing much at all, really) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jumping Jack Flash Date: Mon, 22 Feb 93 14:48:22 PST To: cypherpunks@toad.com Subject: Mac HD Cypher... Message-ID: <9302222248.AA25236@toad.com> MIME-Version: 1.0 Content-Type: text/plain Does anyone know of a way or program that can completely encrypt a hard drive o n a macintosh computer so that only the person that knows the key can decrypt i t? I am looking for a crypt that is completely IMPENETRABLE!!! Your help would be appreciated, Jumping Jack Flash From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: The Phantom Date: Mon, 22 Feb 93 16:51:07 PST To: cypherpunks@toad.com Subject: Unbreakable MacHD encryption Message-ID: MIME-Version: 1.0 Content-Type: text/plain You could also look at the new Norton Utilities package -- It says it uses DES as the encryption engine. Matt Thomlinson University of Washington, Seattle, Washington. Internet: phantom@u.washington.edu phone: (206) 528-5732 PGP 2.1 key availaible via email or finger phantom@hardy.u.washington.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Mon, 22 Feb 93 17:00:03 PST To: cypherpunks@toad.com Subject: Remailer Use In-Reply-To: <9302230010.AA11413@bsu-cs.bsu.edu> Message-ID: <9302230056.AA16126@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Re: not discriminating between remailer mail and user mail. The problem of persons uneducated in remailers not distinguishing between different kinds of mail is a problem that will scale badly. It looks like a problem that will have to be solved for any design which relies on user accounts for remailing. I have one suggestion, but I'd like to hear others. Suggestion--Put a big "Comment:" field in each remailed message which explains what is going on. Regular users will get tired of it, no doubt. Perhaps it could be called "X-Remailer-Education:" Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Mon, 22 Feb 93 17:21:05 PST To: cypherpunks@toad.com Subject: whistleblower newsgroup? In-Reply-To: <9302210334.AA02268@longs.lance.colostate.edu> Message-ID: <9302230117.AA18417@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain The moderator to alt.whistleblower, instead of a person's mail address, could be a mail alias which invokes a header field stripper. That way it would be impossible to post to the group with your identity in the header. Every posting anonymous! Sort of like a mathematical dual of alt.forgery. I would also suggest a periodic posting explaining exactly how secure that is. (Proof against casual attack, but not against local or global network monitoring.) It seems easy enough. I'd do it myself if I had root anywhere. The perl scripts for remailing would be easily hacked. You could even retain the automatic PGP decryption for the more informed, the more paranoid. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mccoy@ccwf.cc.utexas.edu (Jim McCoy) Date: Mon, 22 Feb 93 15:28:18 PST To: cypherpunks@toad.com Subject: Re: Mac HD Cypher... In-Reply-To: <9302222248.AA25236@toad.com> Message-ID: <9302222327.AA14360@tramp.cc.utexas.edu> MIME-Version: 1.0 Content-Type: text Jumping Jack Flash writes: > > Does anyone know of a way or program that can completely encrypt a hard > drive on a macintosh computer so that only the person that knows the key > can decrypt it? That depends, do you want to be able to use the drive once it has been encrypted (e.g. decrypt on-demand for necessary files) or do you just want to turn the whole thing into a lump of jumbled bits that must be decrypted en masse to be usable again? If you are looking for the former then I believe that there is a product out there called FileLock or something similar that will let you encrypt fils, folders, and entire drives in a method that requires a password to gain access again. I think that it also does this "on demand" so that you can have an encrypted file that asks you for the password when you pull it up in your word processor (or a folder that asks for the password when you want to get a file from it), etc. If you just want to lock the whole drive then I believe that there is a DES package that will let you crunch a while drive. > I am looking for a crypt that is completely IMPENETRABLE!!! No such beast exists. jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: treason@gnu.ai.mit.edu Date: Mon, 22 Feb 93 14:30:13 PST To: cypherpunks@toad.com Subject: moby crypt Message-ID: <9302222227.AA01364@spiff.gnu.ai.mit.edu> MIME-Version: 1.0 Content-Type: text/plain Ok ok, my mailer is geeking, it has no real mailer here anyway. None the less I wanted to know if moby crypt is available, wher and what encryption method it utilizes...I was told it supported several formats... What are they?? What are the flaws? treason@gnu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: eric@Synopsys.COM Date: Mon, 22 Feb 93 17:53:47 PST To: cypherpunks@toad.com Subject: Re: Remailer Use Message-ID: <199302230152.AA02878@gaea.synopsys.com> MIME-Version: 1.0 Content-Type: text/plain Eric Hughes writes: >> Suggestion--Put a big "Comment:" field in each remailed message which >> explains what is going on. Regular users will get tired of it, no >> doubt. Perhaps it could be called "X-Remailer-Education:" >> >> Eric My solution to this has two parts. Part 1: mixes should refuse to resend mail to anywhere except the owner of the mix or other (registered with it) mixes. Part 2: someone should provide a service that sends a standard text message to an arbitrary address. The text message should tell the recipient how to run a mix and register it with the network of mixes. It will also say that someone wishes to contact them anonymously. This should help calm people's fears that they might be held responsible for abusive messages sent through a mix under their control. It is hard for someone to complain about receiving an anonymous message when they had to explicitly run a piece of software to be able to receive any anonymous messages at all. The incentive structure for this system encourages people to run mixes if they want to retain anonymity. It has an advantage over filters that keep a list of places to not send to: it is a positive filtering scheme, rather than a negative one, and thus should scale better. The person who runs the standard text sender of part 2 can feel comfortable being responsible for the messages sent out because they wrote or approved the text. They can throttle the service so the message can only be sent occasionally to any given address, and block it entirely for anyone who requests it. For this to work, we need to have an easily installable mix package that will run on a large variety of machines. Not easy, but it should be where we're heading anyway. -eric messick (eric@synopsys.com) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Mon, 22 Feb 93 18:18:28 PST To: cypherpunks@toad.com Subject: Timed-Release Crypto In-Reply-To: <9302101955.AA09009@netcom.netcom.com> Message-ID: <9302230205.AA23892@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain By coincidence, I was thinking about time-release protocols the other day. I've got most of a system worked out, but I need to write it up and look at it for a while to make sure it works. what I think I have is a system in which the sender is given a key by a beacon which he can verify, at issuance time, will be revealed by the beacon at some future time. The implementation (but not the basic idea) relies on using multiple public RSA keys with the same modulus. I know there are some attacks against this, but I don't know their nature. If someone who knows about this (or knows where to find out) could contact me I would be most appreciative. As far as sending money into the future goes, there are some tradeoffs between anonymity of payment, length of time in the future, and message size. Anonymity of payment is difficult, since digital cash has to expire in order for the bank not have to keep ever huger lists of deposited numbers. Large payments are less frequent anyway, and provide less covering traffic. If you continuously rotate your money into the future, therefore, all the steps must be encapsulated, making the size of the message grow linearly with the number of hops. One might be able to use a financial intermediary for anonymity, though. It's not obvious to me that this will work. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Mon, 22 Feb 93 18:14:12 PST To: cypherpunks@toad.com Subject: PC Eudora Message-ID: <9302230211.AA24235@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain I sent some mail to pc-eudora-info@qualcomm.com about the status of an MSDOS version of eudora that worked over a straight serial line (i.e. a modem dialup) rather than a TCP/IP stack. The reply I got back said that they had talked about it, but had not planned it in yet. Anybody itching to do the world a favor who can do this should contact them directly and volunteer. Consider this an open invitation. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: paul@fairgate.com (Paul Robichaux) Date: Tue, 23 Feb 93 05:50:52 PST To: Crys Rides Subject: Re: anonymous mail Message-ID: MIME-Version: 1.0 Content-Type: text/plain >Eli> You might want to work in perl, which would make the scripts work under >Eli> Unix and DOS, at least. Is there a Mac perl? > >... As for a Mac Perl, a quick scan of my >Camel book doesn't turn up a mention of one. I could have missed it. There is indeed a Mac perl; it exists as a standalone app and an MPW tool. I'll post the location tomorrow if I remember to look it up; the Internet-abled can try archie. -Paul -- Paul Robichaux, KD4JZG | Fairgate Technologies: Macintosh support, paul@fairgate.com | training, and development. ..uunet!xavax!fairgate!paul | 'ripem' PEM key available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mccoy@ccwf.cc.utexas.edu (Jim McCoy) Date: Mon, 22 Feb 93 16:33:42 PST To: cypherpunks@toad.com Subject: Re: Rambo Lives In-Reply-To: <9302221330.tn00927@aol.com> Message-ID: <9302230032.AA15285@tramp.cc.utexas.edu> MIME-Version: 1.0 Content-Type: text deltorto@aol.com > >>kelly@netcom.com [...] > >>Law enforcement seems to have very similiar mentality as well, > >>with CONTROL being the agenda and reason for existance-- Not meaning to be an appologist for law enforcement agencies (some of whom have gone off the deep end, this much is true...) but the purpose of law enforcement agencies is to enforce the laws and protect the populace. If you disagree with what they are doing, change the laws. Most of them are people doing a thankless job that I would never want to have... > >>Suppose we think of guerilla products such as PGP and anoynmous > >>posting mechanisms and forwarders in their larger social sense > >>As behaviour modification for those who would have our privacy > >>as well as our lives > > ...and thus the government's decision to consider PGP (a privacy mechanism) > as "munitions." At first I thought it was outrageous, but it all makes > curious sense somehow when you bop yourself on the head the right way, > doesn't it? While we now look at this classification as "munitions" as somewhat silly, please remember when ITAR was established: 1943. At the time the US was at war, cryptographic devices were _real machines_, computers occupied entire buildings. The government did not decide to classify PGP as munitions, it classified _all_ cryptographic machines and processes as munitions (materials necessary for war) and at the time it was a very easy equivalence to make. There is a very good article about this by Peter Denning (and other crypto-related articles) in the July 1992 issue of Communications of the ACM. Now advanced cryptographic methods are used in private communications and business but the old definitions remain... > I say we should ensure that as many citizens as possible get ahold of PGP as > soon as possible. Definitely. Spread the source. jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Crys Rides Date: Mon, 22 Feb 93 15:48:25 PST To: Eli Brandt Subject: Re: Being kind to 8086 users - was: Re: msdos perl In-Reply-To: <9302222004.AA00911@anchor.ho.att.com> Message-ID: <9302222334.AA07621@ucunix.san.uc.edu> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- >>>>> On Mon, 22 Feb 93 12:42:23 PST, Eli Brandt said: > There's one part of the market that's still heavily populated with > 8086 machines - portables. Eli> Good point. Perhaps maintaining compatibility with this particular Eli> archaism is not a bad idea after all. Urk. Second reason for compatibility that I was too sleep-depped to think of this morning in my reply, is that do we really want to assume the position that for the reasonable chunk of possible users out there using 8088 or 8086 processors that we're going to tell them if they don't plunk down the cash for a new system they can't get the anonymity those more wealthy than them can?;> Sounds just a trifle arrogant to me, but then... > Bill Stewart Eli> Eli ebrandt@jarthur.claremont.edu CrysRides -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK4lWZpSqD+bQ7So3AQHhhgP/TddlrWx4hKQCeudOD3/v11ObegGCyqzj ul3ZrDjcDsr5UTunBwpuN3Dt+UP/LBO3kccDM6o3BWLo4LdlWQR1cHa+UGlBnhon gUkXVaRTSq4J4yz0BH0yYMCgdLeZu9nMl/DwqZX1GUwT85XwwONbp28yky+v5RFp Ok7D259A5q4= =SZ9t -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Chael Hall) Date: Mon, 22 Feb 93 16:13:55 PST To: cypherpunks@toad.com Subject: Remailer Use Message-ID: <9302230010.AA11413@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain I would like to let everyone who hasn't already figured it out know that I did *not* originate the message that was posted to Cypherpunks through my account. I do not know where it came from, but it reached my account with the destination address of the cypherpunks list because the message that came back to me from the list said that "Anonymous " originated the message. That indicates that it went through the remailer. If it were from me, it would say "Chael Hall " as the return address. Another identifying characteristic is the "X-Remailed-By: Anonymous " header line. Just remember, don't believe everything you read. Chael Hall -- Chael Hall nowhere@bsu-cs.bsu.edu, 00CCHALL@BSUVC.BSU.EDU, CHALL@CLSV.Charon.BSU.Edu (317) 285-3648 after 5 pm EST From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: an5877@anon.penet.fi (deadbeat) Date: Mon, 22 Feb 93 22:33:49 PST To: cypherpunks@toad.com Subject: Re: Beware of anon.penet.fi message! Message-ID: <9302230604.AA04535@anon.penet.fi> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- This is a longer response to the warning posted by Xavier. > Beware of the message about the security bug in the > anon.penet.fi software! Indeed. > If you do as requested, and send your true email address to > an5877@anon.penet.fi then he will see both your true email > address and your anonymous address (if you have one - if you > don't, you will be assigned one and he will see that). Any > future use you make of this anonymous server (say, to post > anonymously) will appear under that same anonymous address - and > this person will know your true email address that goes with > it. You got me. I meant only slight malice here: I had intended to "expose" a few email/anon associations to highlight the problem. The problem became apparent to me when I sent pseudonymous mail to a prominent person on this list; his reply exposed his pseudonymous id at anon.penet.fi, surely without his knowledge. > an5877's message appears to be a trick, designed to collect > anonymous/real address pairs. Johan Helsingius should take > action against this trickster. Since he is learning other > people's real addresses, perhaps it would be appropriate for his > own real address to be revealed. Now that would be a _very_ serious "bug" in the anon.penet.fi remailer (or, more accurately, in its administration); I am confident Johan Helsingius will reject this suggestion. > But, this does point out that these systems which automatically > assign anonymous addrsses have several security flaws. Johan > has already had to introduce a "password" feature to make it > more difficult to send fakemail that appears to be from a > particular email address through the server, thus revealing the > corresponding anonymous address when it is delivered. I think that merely masks the real problem. > an5877's trick is a variant on one discussed in > news.admin.policy where it is pointed out that you can mail to > someone via anon.penet.fi and ask for information; when the > return mail comes back it will be from that person's anonymous > address. So again you can pair up real and anonymous > addresses. I missed that discussion, or I wouldn't have wasted your (our) time. > These are serious problems. We need some discussion of how to > avoid these simple tricks for defeating the anonymity while > still having an easy-to-use system. Any ideas? For starters, I think the default behavior of anon.penet.fi is badly broken. But a more serious problem with anon.penet.fi and the other remailers I am aware of is the necessity that we pseudonymous clients have to rely on the integrity of their administrators to keep our pseudonyms private. In the face of social pressure, such as Xavier's, that may be asking a lot. > ::Xavier:: DEADBEAT -----BEGIN PGP SIGNATURE----- Version: 2.1 iQBFAgUBK4lr4/FZTpBW/B35AQGqeAF/UBefmNprQacueYazdvhAKMF4nA+2vl44 /+FMACnWjd7yaoG99VeyhO/S6vptT1UB =yZRb -----END PGP SIGNATURE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help@anon.penet.fi. Due to the double-blind system, any replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin@anon.penet.fi. *IMPORTANT server security update*, mail to update@anon.penet.fi for details. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: an5877@anon.penet.fi (deadbeat) Date: Mon, 22 Feb 93 22:33:29 PST To: cypherpunks@toad.com Subject: Re: Remailer Use Message-ID: <9302230604.AA04598@anon.penet.fi> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- > I would like to let everyone who hasn't already figured it out > know that I did *not* originate the message that was posted to > Cypherpunks through my account. I do not know where it came from, > but it reached my account with the destination address of the > cypherpunks list because the message that came back to me from the > list said that "Anonymous " originated the > message. That indicates that it went through the remailer. If it > were from me, it would say "Chael Hall " > as the return address. Another identifying characteristic is the > "X-Remailed-By: Anonymous " header line. > Just remember, don't believe everything you read. In the case of pseudonymous mail, don't believe _anything_ you read! I don't see why Chael Hall is going to all this trouble to refute a message that I don't even remember ... Did I miss something important? (Or outre?) Or (duh!) is he talking about _my_ earlier message? DEADBEAT -----BEGIN PGP SIGNATURE----- Version: 2.1 iQBFAgUBK4lx8vFZTpBW/B35AQGnfwF/YdHtdc6B+oslFno9+rCowlph7GteEZF+ ot8jlZRA+gW+Sa1bpBUkV6ZryBlHYQMQ =KMZW -----END PGP SIGNATURE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help@anon.penet.fi. Due to the double-blind system, any replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin@anon.penet.fi. *IMPORTANT server security update*, mail to update@anon.penet.fi for details. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Chael Hall) Date: Mon, 22 Feb 93 16:53:29 PST To: cypherpunks@toad.com Subject: Remailer Changes Message-ID: <9302230050.AA14615@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain I had an idea just a bit ago. Here is the scenario: a user wants to know what my anonymous ID for nowhere@bsu-cs.bsu.edu is on anon.penet.fi. All he has to do is send a message like the following to my account: From: whomever@wherever.com To: nowhere@bsu-cs.bsu.edu X-Anon-To: anXXXX@anon.penet.fi <-- his anon ID ... Then, that message will eventually get to him with my remailer's anonymous ID on it! That ID is the same as my personal ID. Oops... So, I made up a refuse list for the remailer. Any address that contains a "to" address that is on my refuse list will not be mailed to. Complete addresses can be used or just partial ones (for example "anon.penet.fi".) I know that this also makes it impossible to mail to other users on the penet site... Oh, well. I just implemented the refuse list, so it will just "eat" any message that is sent to an address on the refuse list. No error message is sent back to the user, it just doesn't get sent. So, I guess my anonymous ID is safe afterall. :) I would suggest that everyone else (if they haven't already) refuse to remail to anon.penet.fi if their remailer is setup on their personal account. Chael Hall -- Chael Hall nowhere@bsu-cs.bsu.edu, 00CCHALL@BSUVC.BSU.EDU, CHALL@CLSV.Charon.BSU.Edu (317) 285-3648 after 5 pm EST From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Brad Huntting Date: Mon, 22 Feb 93 19:38:42 PST To: cypherpunks@toad.com Subject: Re: Rambo Lives In-Reply-To: <9302230032.AA15285@tramp.cc.utexas.edu> Message-ID: <199302230337.AA19045@misc.glarp.com> MIME-Version: 1.0 Content-Type: text/plain >> I say we should ensure that as many citizens as possible get ahold of PGP as >> soon as possible. > Definitely. Spread the source. But to realy get PGP going (or PEM for that matter) will require wide spread key distribution. It's clear that such distribution mechanisms are not going to arise out of any "respectfull" institutions mostly because of the legal entanglements they present. Perhaps the time has come for "alt.pgp.keyrings". A standard format for postings could allow them to be automatically added to global keyrings at usenet sites everywhere. Several security issues will have to be addressed before this can work. brad From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Mon, 22 Feb 93 20:58:46 PST To: cypherpunks@toad.com Subject: Unforgotton topic Message-ID: MIME-Version: 1.0 Content-Type: text/plain I realize that this has already been an old topic amonst you folks, but I just wanted to post a summary I found rather striking and an issue I know still leaves a bad taste in our collective mouths - "Threats to Privacy", "FBIs Wiretapping Proposal Thwarted", extracted from Boardwatch Magazine, February, 1993, pages 19 - 22 ( BBS Legislative Watch, Shari Steele, EFF) - "In a move that worried privacy experts, software manufacturers and telephone companies, the FBI proposed legislation to amend the Communications Act of 1934 to make it easier for the Bureau to perform electronic wiretappiing. The proposed legislation, entitled 'Digital Telephony,' would have required communications service providers and hardware manufacturers to make their systems 'tappable' by providing 'back doors' through which law enforcement officers could intercept communications. Furthermore, this capability would have been provided undetectably, while the communications was in progress, exclusive of any communications between other parties, regardless of the mobility of the target of the FBI's investigation, and without degradation of service. "The privacy implications are frightening. Today, all sorts of information about who we are and what we do, such as medical records, credit reports and employment data, are held on electronic databases. If these databases have government-mandated 'tappability,' this private information could be accessed by anyone tapping in. In addition, the language in the proposed bill is vague. This is especially troubling since, under the proposal, the Department of Justice (DOJ) can keep communications products off the market if it determines that these products do not meet the DOJ's own vague guidelines. This will probably result in increased costs and reduced competitiveness for service providers and equipment manufacturers, since they will be unlikely to add any features that may result in a DOJ rejection of their entire product. And to add insult to injury, the FBI proposal suggests that the cost of this wiretapping 'service' to the Bureau would have to be borne by the service provider itself, which ultimately means you and I will be paying higher user fees. "The Electronic Frontier Foundation organized a broad coalition of public interest and industry groups, from Computer Professionals for Social Responsibilty (CPSR) and the ACLU to AT&T and Sun Microsystems, to oppose the legislation. A white paper produced by the EFF and ratified by the coalition, entitled, 'An Analysis of the FBI Digital Telephony Proposal,' was widely distributed throughout the Congress. Senator Patrick Leahy (D-Vermont) and Representative Don Edwards (D-California), chairs of two key committees, referred to the EFF paper as they delayed the introduction of the FBI's proposal. As Leahy stated before the Senate, 'Our goal is to assist law enforcement,' but 'without jeopardizing privacy rights or frustrating the development of new communications technologies.' The Justice Department lobbied hard in the final days to get Congress to take up the bill before Congress adjourned, but the bill never even found a Congressional sponsor (and was therefore never officially introduced). The FBI will almost certainly reintroduce "Digital Telephony" when the 103rd Congress convenes in January." 8<------------ End Article -------------- Take a stance. Voice your opinion. Write your congressman! Paul Ferguson | "Sincerity is fine, but it's no Network Integration Consultant | excuse for stupidity." Alexandria, Virginia USA | -- Anonymous fergp@sytex.com (Internet) | sytex.com!fergp (UUNet) | 1:109/229 (FidoNet) | PGP public encryption key available upon request. --- fergp@sytex.com (Paul Ferguson) Access <=> Internet BBS, a public access internet site Sytex Communications, Arlington VA, 1-703-358-9022 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl Barrus Date: Mon, 22 Feb 93 18:57:37 PST To: cypherpunks@toad.com Subject: remailers & anon.penet Message-ID: <199302230256.AA03720@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain Earlier, Chael Hall presented a creative and ingenious way to get somebody's pseudonym on anon.penet.fi (well, at least the pseuodynm's of remailers, if any). But I think the attack won't work because Johan recently put a password requirement into his software: with no password, the message will bounce back. Thus, in the attack described, the message will wind up in your mailbox, alerting you that somebody is trying to figure out your id! Geez, this is somewhat exciting - reminds me of a _True Names_ world in which others are constantly trying to figure out your real identity while working to conceal theirs! /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Mon, 22 Feb 93 11:23:05 PST To: Anonymous Subject: Re: Anon bug In-Reply-To: <9302221825.AA18161@bsu-cs.bsu.edu> Message-ID: <9302222030.aa09433@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > I believe I have uncovered a serious bug in the Finnish anonymous > remailer, one that allows me to piece together anonymous id's and > actual email addresses. > > I'm reluctant to publish the details here, but I'll explain how it > works if you send me your email address. > > > DEADBEAT Hmm. How about letting me know about it so that I have a chance to fix it? Julf (admin@anon.penet.fi) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Mon, 22 Feb 93 19:25:06 PST To: CYPHERPUNKS Subject: Anon address attack... Message-ID: <930223022107_74076.1041_DHJ66-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- It seems like there are several problems that arise from this "automatic" anonymization of messages sent through the Penet remailer. You have these security threats which involve people being tricked into sending messages through the remailer in such a way that the recipient knows the true email address from where the messages are coming. (I think that is what happened here with "deadbeat", because otherwise why would he have asked people to send their email addresses? He wouldn't need email addresses since he could reply to people without knowing them, by just using a "reply" command in his mailer.) (It's interesting that he also sent his message via one of the Cypherpunks remailers. Maybe he thought they worked like the Penet remailer and he could break anonymity on those as well.) Another problem that people have complained about is when they respond to an anonymous posting, they get a message from Penet saying that they now have an anonymous ID assigned. This confuses and bothers some people. We had some debate about this issue here several months ago (before Penet was operating, I think). One question is, if I send mail to anonymous person A, does that mean or imply that I should be made anonymous to A? This is to some extent a matter of expectations. Some people argued that should be no expectation of anonymity in this case; A is the one who wants to be anonymous, not the people who are sending to him/her. Others replied that since some anonymous remailers already worked this way, there would be an expectation of anonymity, and so the safest assumption was to anonymize all messages since people can always override the anonymity by revealing their true addresses. I think these attacks on Penet re-open these questions. Evidentally there is positive harm that can occur by automatically anonymizing all messages which pass through a remailer. (BTW, I certainly don't mean here to be presuming to tell Julf what he should or should not do with Penet. I'm just taking that as an example. We have discussed adding similar functionality to our Cypher- punks remailers. The main problem occurs when sending a message to an anonymous Penet address. For the other uses of the Penet remailer, for anonymous posting and for mail to a non-anonymous address, it's more reasonable to assume that anonymization is desired. (Otherwise, why would they be using the service?) But when sending a message to an anonymous address, it's not known whether the sender wants to be anonymized or not. One possibility (which might not be that easy technically) would be to assign a new anonymous ID for each such message through the Penet server. This means that you would get a _different_ anonymous ID for each of these messages, preventing an attacker from pairing up your "usual" posting ID with your email address. (Perhaps this anonymous ID creation could be suppressed with another X- command, as proposed earlier, but this could be the default behavior.) It might be hard to keep track of that many anonymous ID's, but perhaps they could be kept active for only a limited period of time (several weeks or months) and retired after that. It might seem that people should just be careful about what they send through Penet, but there are some problems with this. What do you do if you get a message from an5877@anon.penet.fi asking for advice on cryptography mailing lists? If you reply, your questioner can figure out who the reply is coming from, and sees your Penet alias. There is no way to prevent this from happening currently. Also, I have seen proposals that anonymous ID's should be made less recognizable, so that instead of an5877@anon.penet.fi we would have joe@serv.uba.edu. In such a situation it might be tedious to scrutinize every email address we send to (via replies, for example) to make sure it isn't a remailer where you have an anonymous ID. All in all, I think some changes need to be made in how anonymous addresses are used and implemented in order to provide reasonable amounts of security. Hal Finney -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK4lfIagTA69YIUw3AQGzQAQApOduiD7P2C26f7ml5tcOJf6xQff7bdV0 qw+zjOevW6hSBunOY59Qstkk5uQ2CoEALDAyUfKRsy7dionBAtCJYlwfX7uclHKL Sonor8bg0NPHMP8SV/antacq00fK3b5wtiFFMn3WsjCvSEjhGoB9SIE/TB/zL9Et Ow8JEodP488= =cXHd -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: JTUCKER@VAX2.CSTP.UMKC.EDU Date: Mon, 22 Feb 93 19:35:54 PST To: cypherpunks@toad.com Subject: No Subject Message-ID: <01GV1CASVU1C9QVVEO@vax2.cstp.umkc.edu> MIME-Version: 1.0 Content-Type: text/plain Unsubscribe From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peter honeyman Date: Mon, 22 Feb 93 19:24:15 PST To: wcs@anchor.ho.att.com (Bill_Stewart(HOY002)1305) Subject: Re: Being kind to 8086 users - was: Re: msdos perl In-Reply-To: <9302222004.AA00911@anchor.ho.att.com> Message-ID: <9302230324.AA00302@toad.com> MIME-Version: 1.0 Content-Type: text/plain > There's one part of the market that's still heavily populated with > 8086 machines - portables. c'est what? you must mean palmtops. laptops and notebooks run op systems like mach, bsd, plan 9, etc. -- they're not running on 8086s. of course, i can see wanting to run on an 8086 if it's guaranteed that it can't run perl. peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Shipley Date: Mon, 22 Feb 93 22:28:37 PST To: Brad Huntting Subject: Re: Rambo Lives In-Reply-To: <199302230337.AA19045@misc.glarp.com> Message-ID: <9302230626.AA08227@edev0.TFS> MIME-Version: 1.0 Content-Type: text/plain >Perhaps the time has come for "alt.pgp.keyrings". A standard format >for postings could allow them to be automatically added to global >keyrings at usenet sites everywhere. Several security issues will >have to be addressed before this can work. > the newsgroup alt.security.pgp has semi-regular keyring posting From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Mon, 22 Feb 93 20:34:43 PST To: CYPHERPUNKS Subject: Remailer to anon.penet.f Message-ID: <930223033603_74076.1041_DHJ26-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain Chael Hall points out that remailer operators who use their personal accounts for the remailing are vulnerable to having their anon.penet.fi pseudonyms (if any) discovered by users who request remailing to that site. For those operating remailers based on the Perl scripts originally written by Eric Hughes which I modified, I use the following maildelivery file to prevent the attack Chael mentioned: # # field pattern action/ string # result (quote included spaces) # Request-Remailing-To anon.penet.fi file A Bitbucket Anon-To anon.penet.fi file A Bitbucket Request-Remailing-To "" pipe A remail.pl Anon-To "" pipe A remail.pl Encrypted PGP pipe A pgpmail.pl * "" pipe ? recurse.pl This puts any message to anon.penet.fi into a file called Bitbucket. My slocal.pl script does not support the slocal/maildelivery feature which deletes a message, so this is the closest I can come. (I suppose another alternative would be to pipe it into "cat > /dev/null". That would look like: Request-Remailing-To anon.penet.fi pipe A "cat > /dev/null" I haven't tried this one.) BTW, if anyone has made changes to the remailer scripts, please send them to me. I would like to clean up the scripts a little, add more error checking, and submit a new version to the FTP site. Hal Finney From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peter honeyman Date: Mon, 22 Feb 93 19:38:12 PST To: cp@jido.b30.ingr.com (Craig Presson) Subject: Re: Trapdoors In-Reply-To: <199302222055.AA18782@jido.b30.ingr.com> Message-ID: <9302230338.AA00441@toad.com> MIME-Version: 1.0 Content-Type: text/plain > Interestingly enough, there seems to be no such instruction in the > VAX ... but i believe the vax has ffs (find first set) instruction, which seems to have similar uses (whatever they may be). peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eli Brandt Date: Mon, 22 Feb 93 23:00:28 PST To: cypherpunks@toad.com Subject: Re: Anon address attack... In-Reply-To: <930223022107_74076.1041_DHJ66-1@CompuServe.COM> Message-ID: <9302230700.AA03047@toad.com> MIME-Version: 1.0 Content-Type: text/plain > One possibility (which might not be that easy technically) would be to > assign a new anonymous ID for each such message through the Penet server. I was thinking of installing a trivial hack in my remailer, such that upon demand it adds some random (essentially unrepeatable) cruft to the From: line, placing it as a name field so as to have no addressing significance. I believe penet assigns IDs based on this line, so chaining this to a penet-style remailer would provide "hit-and-run" anonymity -- even if the remailer wants nothing of the sort. The social desirability of this could be questioned, but it certainly seems more secure to built pseudonyms on top of something like this (using PGP sigs to provide a solid identity) than through the presently-popular approach. Comments? (Julf?) > Hal Finney PGP 2 key by finger or e-mail Eli ebrandt@jarthur.claremont.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: an5877@anon.penet.fi (deadbeat) Date: Mon, 22 Feb 93 23:12:55 PST To: cypherpunks@toad.com Subject: Re: Beware of anon.penet.fi message! Message-ID: <9302230608.AA04870@anon.penet.fi> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- David, > As was said, the doubleblind system is a great idea, but incomplete > if you want to correspond to someone without revealing your anon id. Well, I don't agree that doubleblind is a great idea. For example, if at any time, Alice sends pseudonymously to Bob, Bob can not reply directly: this would expose his identity at anon.penet.fi. Bob must reply through a remailer. Note the irony -- Bob must take special steps to protect his pseudonym because anon.penet.fi is acting affirmatively to conceal his actual identity. If Bob slips up and simply replies, he is exposed. Hal, > (It's interesting that he also sent his message via one of the Cypherpunks > remailers. Maybe he thought they worked like the Penet remailer and > he could break anonymity on those as well.) Actually, I don't know why my message went through a Cypherpunks remailer -- I didn't ask it to. I don't know of any weaknesses in the Cypherpunks remailers (other than extreme vulnerability to social engineering). > Evidentally there is positive harm that can occur by automatically > anonymizing all messages which pass through a remailer. ... For > anonymous posting and for mail to a non-anonymous address, it's more > reasonable to assume that anonymization is desired. ... But when > sending a message to an anonymous address, it's not known whether the > sender wants to be anonymized or not. I think it's imperative that the sender use X-Anon-To to be pseudonymous. This is consistent with the principle of least astonishment. > It might seem that people should just be careful about what they > send through Penet, but there are some problems with this. What do > you do if you get a message from an5877@anon.penet.fi asking for > advice on cryptography mailing lists? If you reply, your questioner > can figure out who the reply is coming from, and sees your Penet > alias. There is no way to prevent this from happening currently. A Cypherpunks remailer can be used to conceal the correspondent's pseudonymous identity. > Also, I have seen proposals that anonymous ID's should be made less > recognizable, so that instead of an5877@anon.penet.fi we would have > joe@serv.uba.edu. In such a situation it might be tedious to > scrutinize every email address we send to (via replies, for example) > to make sure it isn't a remailer where you have an anonymous ID. It would be a real boon to make pseudonyms less prominent -- this seems to have kicked over a hornet's nest on USENET (even though pseudonyms have been quietly in use for years). But were this the case, scrutiny would be an understatement. > All in all, I think some changes need to be made in how anonymous > addresses are used and implemented in order to provide reasonable > amounts of security. I agree that more discussion is in order. I'm especially concerned about the broader issues regarding anonymity through remailers. DEADBEAT -----BEGIN PGP SIGNATURE----- Version: 2.1 iQBFAgUBK4mrrvFZTpBW/B35AQE+PQGAh69FcaATFD05lIuhqqK8ZMmV+8xNi/LN 7kxDSgFgB9J/A9rRgAL6S1Ux2ojU4opP =RGlc -----END PGP SIGNATURE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help@anon.penet.fi. Due to the double-blind system, any replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin@anon.penet.fi. *IMPORTANT server security update*, mail to update@anon.penet.fi for details. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phiber Optik Date: Mon, 22 Feb 93 21:00:43 PST To: honey@citi.umich.edu (peter honeyman) Subject: Re: Trapdoors In-Reply-To: <9302230338.AA00441@toad.com> Message-ID: <199302230459.AA27220@eff.org> MIME-Version: 1.0 Content-Type: text/plain > > > Interestingly enough, there seems to be no such instruction in the > > VAX ... > > but i believe the vax has ffs (find first set) instruction, which seems > to have similar uses (whatever they may be). > > peter > But that's not a population count (all bits set count) instruction. In the Motorola 68020/30/40, there's BFFFO, for Bit Field Find First One, if anyone was curious about 'find first set' instructions. Might as well mention that the 386/486 have BSF and BSR, Bit Scan Forward and Reverse, but now we're just getting into run-of-the-mill bit manipulation. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Anonymous) Date: Mon, 22 Feb 93 21:08:59 PST To: cypherpunks@toad.com Subject: No Subject Message-ID: <9302230505.AA04240@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Xavier hit the nail on the head -- my note was a subterfuge, intended to reveal the association between anonymous id's and email addresses. I think it's wrong for anon.penet.fi to operate this way. > DEADBEAT -----BEGIN PGP SIGNATURE----- Version: 2.1 iQBFAgUBK4lD7/FZTpBW/B35AQGiCQF9HFeDhXk7FV9mhIMh9zGmxblLvCt8bszr 4daRmyo8/cJMK7Y5V7kfQN05CEdJo6oc =KalQ -----END PGP SIGNATURE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help@anon.penet.fi. Due to the double-blind system, any replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin@anon.penet.fi. *IMPORTANT server security update*, mail to update@anon.penet.fi for details. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: an5877@anon.penet.fi (deadbeat) Date: Mon, 22 Feb 93 22:56:28 PST To: cypherpunks@toad.com Subject: Re: Remailer to anon.penet.f Message-ID: <9302230608.AA04938@anon.penet.fi> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- > This puts any message to anon.penet.fi into a file called Bitbucket. > My slocal.pl script does not support the slocal/maildelivery feature > which deletes a message, so this is the closest I can come. (I suppose > another alternative would be to pipe it into "cat > /dev/null". That > would look like: > > Request-Remailing-To anon.penet.fi pipe A "cat > /dev/null" > > I haven't tried this one.) I think this is exactly the wrong thing to do. Cypherpunks remailers are essential for preventing accidental exposure of Finnish pseudonyms. DEADBEAT -----BEGIN PGP SIGNATURE----- Version: 2.1 iQBFAgUBK4mwX/FZTpBW/B35AQF94gGAqqTUhXSKlb6CcsXNJ9T1eq2Hf5Qs3MKt N18Y20a+azul5d/Y4DnMfD62sCWhMD/v =A5c6 -----END PGP SIGNATURE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help@anon.penet.fi. Due to the double-blind system, any replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin@anon.penet.fi. *IMPORTANT server security update*, mail to update@anon.penet.fi for details. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Anonymous) Date: Mon, 22 Feb 93 22:43:07 PST To: cypherpunks@toad.com Subject: No Subject Message-ID: <9302230639.AA09661@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- > I would like to let everyone who hasn't already figured it out > know that I did *not* originate the message that was posted to > Cypherpunks through my account. I do not know where it came from, > but it reached my account with the destination address of the > cypherpunks list because the message that came back to me from the > list said that "Anonymous " originated the > message. That indicates that it went through the remailer. If it > were from me, it would say "Chael Hall " > as the return address. Another identifying characteristic is the > "X-Remailed-By: Anonymous " header line. > Just remember, don't believe everything you read. In the case of pseudonymous mail, don't believe _anything_ you read! I don't see why Chael Hall is going to all this trouble to refute a message that I don't even remember ... Did I miss something important? (Or outre?) Or (duh!) is he talking about _my_ earlier message? DEADBEAT -----BEGIN PGP SIGNATURE----- Version: 2.1 iQBFAgUBK4lx8vFZTpBW/B35AQGnfwF/YdHtdc6B+oslFno9+rCowlph7GteEZF+ ot8jlZRA+gW+Sa1bpBUkV6ZryBlHYQMQ =KMZW -----END PGP SIGNATURE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help@anon.penet.fi. Due to the double-blind system, any replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin@anon.penet.fi. *IMPORTANT server security update*, mail to update@anon.penet.fi for details. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Anonymous) Date: Mon, 22 Feb 93 22:45:15 PST To: cypherpunks@toad.com Subject: No Subject Message-ID: <9302230642.AA09719@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- This is a longer response to the warning posted by Xavier. > Beware of the message about the security bug in the > anon.penet.fi software! Indeed. > If you do as requested, and send your true email address to > an5877@anon.penet.fi then he will see both your true email > address and your anonymous address (if you have one - if you > don't, you will be assigned one and he will see that). Any > future use you make of this anonymous server (say, to post > anonymously) will appear under that same anonymous address - and > this person will know your true email address that goes with > it. You got me. I meant only slight malice here: I had intended to "expose" a few email/anon associations to highlight the problem. The problem became apparent to me when I sent pseudonymous mail to a prominent person on this list; his reply exposed his pseudonymous id at anon.penet.fi, surely without his knowledge. > an5877's message appears to be a trick, designed to collect > anonymous/real address pairs. Johan Helsingius should take > action against this trickster. Since he is learning other > people's real addresses, perhaps it would be appropriate for his > own real address to be revealed. Now that would be a _very_ serious "bug" in the anon.penet.fi remailer (or, more accurately, in its administration); I am confident Johan Helsingius will reject this suggestion. > But, this does point out that these systems which automatically > assign anonymous addrsses have several security flaws. Johan > has already had to introduce a "password" feature to make it > more difficult to send fakemail that appears to be from a > particular email address through the server, thus revealing the > corresponding anonymous address when it is delivered. I think that merely masks the real problem. > an5877's trick is a variant on one discussed in > news.admin.policy where it is pointed out that you can mail to > someone via anon.penet.fi and ask for information; when the > return mail comes back it will be from that person's anonymous > address. So again you can pair up real and anonymous > addresses. I missed that discussion, or I wouldn't have wasted your (our) time. > These are serious problems. We need some discussion of how to > avoid these simple tricks for defeating the anonymity while > still having an easy-to-use system. Any ideas? For starters, I think the default behavior of anon.penet.fi is badly broken. But a more serious problem with anon.penet.fi and the other remailers I am aware of is the necessity that we pseudonymous clients have to rely on the integrity of their administrators to keep our pseudonyms private. In the face of social pressure, such as Xavier's, that may be asking a lot. > ::Xavier:: DEADBEAT -----BEGIN PGP SIGNATURE----- Version: 2.1 iQBFAgUBK4lr4/FZTpBW/B35AQGqeAF/UBefmNprQacueYazdvhAKMF4nA+2vl44 /+FMACnWjd7yaoG99VeyhO/S6vptT1UB =yZRb -----END PGP SIGNATURE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help@anon.penet.fi. Due to the double-blind system, any replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin@anon.penet.fi. *IMPORTANT server security update*, mail to update@anon.penet.fi for details. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Anonymous) Date: Mon, 22 Feb 93 22:57:35 PST To: cypherpunks@toad.com Subject: No Subject Message-ID: <9302230654.AA10264@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Xavier hit the nail on the head -- my note was a subterfuge, intended to reveal the association between anonymous id's and email addresses. I think it's wrong for anon.penet.fi to operate this way. > DEADBEAT -----BEGIN PGP SIGNATURE----- Version: 2.1 iQBFAgUBK4lD7/FZTpBW/B35AQGiCQF9HFeDhXk7FV9mhIMh9zGmxblLvCt8bszr 4daRmyo8/cJMK7Y5V7kfQN05CEdJo6oc =KalQ -----END PGP SIGNATURE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help@anon.penet.fi. Due to the double-blind system, any replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin@anon.penet.fi. *IMPORTANT server security update*, mail to update@anon.penet.fi for details. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Anonymous) Date: Mon, 22 Feb 93 23:13:41 PST To: cypherpunks@toad.com Subject: No Subject Message-ID: <9302230710.AA11131@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- > This puts any message to anon.penet.fi into a file called Bitbucket. > My slocal.pl script does not support the slocal/maildelivery feature > which deletes a message, so this is the closest I can come. (I suppose > another alternative would be to pipe it into "cat > /dev/null". That > would look like: > > Request-Remailing-To anon.penet.fi pipe A "cat > /dev/null" > > I haven't tried this one.) I think this is exactly the wrong thing to do. Cypherpunks remailers are essential for preventing accidental exposure of Finnish pseudonyms. DEADBEAT -----BEGIN PGP SIGNATURE----- Version: 2.1 iQBFAgUBK4mwX/FZTpBW/B35AQF94gGAqqTUhXSKlb6CcsXNJ9T1eq2Hf5Qs3MKt N18Y20a+azul5d/Y4DnMfD62sCWhMD/v =A5c6 -----END PGP SIGNATURE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help@anon.penet.fi. Due to the double-blind system, any replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin@anon.penet.fi. *IMPORTANT server security update*, mail to update@anon.penet.fi for details. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Anonymous) Date: Mon, 22 Feb 93 23:18:19 PST To: cypherpunks@toad.com Subject: No Subject Message-ID: <9302230715.AA11401@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- David, > As was said, the doubleblind system is a great idea, but incomplete > if you want to correspond to someone without revealing your anon id. Well, I don't agree that doubleblind is a great idea. For example, if at any time, Alice sends pseudonymously to Bob, Bob can not reply directly: this would expose his identity at anon.penet.fi. Bob must reply through a remailer. Note the irony -- Bob must take special steps to protect his pseudonym because anon.penet.fi is acting affirmatively to conceal his actual identity. If Bob slips up and simply replies, he is exposed. Hal, > (It's interesting that he also sent his message via one of the Cypherpunks > remailers. Maybe he thought they worked like the Penet remailer and > he could break anonymity on those as well.) Actually, I don't know why my message went through a Cypherpunks remailer -- I didn't ask it to. I don't know of any weaknesses in the Cypherpunks remailers (other than extreme vulnerability to social engineering). > Evidentally there is positive harm that can occur by automatically > anonymizing all messages which pass through a remailer. ... For > anonymous posting and for mail to a non-anonymous address, it's more > reasonable to assume that anonymization is desired. ... But when > sending a message to an anonymous address, it's not known whether the > sender wants to be anonymized or not. I think it's imperative that the sender use X-Anon-To to be pseudonymous. This is consistent with the principle of least astonishment. > It might seem that people should just be careful about what they > send through Penet, but there are some problems with this. What do > you do if you get a message from an5877@anon.penet.fi asking for > advice on cryptography mailing lists? If you reply, your questioner > can figure out who the reply is coming from, and sees your Penet > alias. There is no way to prevent this from happening currently. A Cypherpunks remailer can be used to conceal the correspondent's pseudonymous identity. > Also, I have seen proposals that anonymous ID's should be made less > recognizable, so that instead of an5877@anon.penet.fi we would have > joe@serv.uba.edu. In such a situation it might be tedious to > scrutinize every email address we send to (via replies, for example) > to make sure it isn't a remailer where you have an anonymous ID. It would be a real boon to make pseudonyms less prominent -- this seems to have kicked over a hornet's nest on USENET (even though pseudonyms have been quietly in use for years). But were this the case, scrutiny would be an understatement. > All in all, I think some changes need to be made in how anonymous > addresses are used and implemented in order to provide reasonable > amounts of security. I agree that more discussion is in order. I'm especially concerned about the broader issues regarding anonymity through remailers. DEADBEAT -----BEGIN PGP SIGNATURE----- Version: 2.1 iQBFAgUBK4mrrvFZTpBW/B35AQE+PQGAh69FcaATFD05lIuhqqK8ZMmV+8xNi/LN 7kxDSgFgB9J/A9rRgAL6S1Ux2ojU4opP =RGlc -----END PGP SIGNATURE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help@anon.penet.fi. Due to the double-blind system, any replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin@anon.penet.fi. *IMPORTANT server security update*, mail to update@anon.penet.fi for details. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Mon, 22 Feb 93 23:55:33 PST To: Cypherpunks Subject: anon.penet.fi hacking Message-ID: <930223074743_74076.1041_DHJ21-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain Well, I think I have deduced the identity of "Deadbeat" from his posting style. I don't think Julf should say who he is. This was an important demonstration of a weakness in the security of the remailers. The Penet remailer seems now to require a password for all messages; at least, I wasn't able to send to an5877@anon.penet.fi ("Deadbeat") without using my password. So chaining through Cypherpunks remailers to Penet would seem not to be possible now. Unless Eli's suggestion works - having our remailers put out a random "From:" line (perhaps just on mail to Penet?) might cause Penet to issue a new pseudonym for that apparent new user. This would be kind of wasteful from Penet's perspective - all those pseudonyms are never going to be re-used. But it might allow this form of chaining, without compromising the pseudonym of the remailer operator. (I had put my patch into the maildelivery file before Johan instituted his password system, when I realized this weakness existed. I forgot to mention it here at the time. My motivation was to protect my own Penet pseudonym.) Another possibility would be for there to be a command to Penet to allow users to send truly anonymous mail, mail which does not have a meaningful "From" line (and in particular which does not have the user's Penet pseudonym displayed as the "From" address). We could set our remailers to use that command for any mail sent to Penet. Mail sent with that command would not need a password. This would be an alternative way for users to deal with some of the other attacks, such as the one Deadbeat demonstrated. Hal P.S. - My, the list has sure been lively today. Looks like we beat Extropians again on volume! From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "DrZaphod" Date: Tue, 23 Feb 93 07:49:34 PST To: CypherPunks@toad.com Subject: posting and posting and posting. Message-ID: <10525.drzaphod@ncselxsi> MIME-Version: 1.0 Content-Type: text/plain In Message Tue, 23 Feb 93 12:16:29 GMT, Tony Kidson writes: >One reason the list has been so busy is that DEADBEAT's messages >seem to be being posted both through penet and through a cypherpunks >remailer. I was just going to ask about that.. I've gotten the same message from DEADBEAT about 4 times.. DrZaphod [AC/DC] / [DnA][HP] [drzaphod@ncselxsi.uucp] Technicolorized From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: deltorto@aol.com Date: Tue, 23 Feb 93 03:50:51 PST To: cypherpunks@toad.com Subject: Dead(beat) give-away Message-ID: <9302230651.tn06928@aol.com> MIME-Version: 1.0 Content-Type: text/plain "an5877@anon.penet.fi" (aka "deadbeat") sez: >> I believe I have uncovered a serious bug in the Finnish anonymous >> remailer, one that allows me to piece together anonymous id's and >> actual email addresses. >> >> I'm reluctant to publish the details here, but I'll explain how it >> works if you send me your email address. I smell something, and it's not my FPU overheating! Anyone who's "reluctant" to discuss a flaw in an anon remailer HERE... is definitely NOT on the up-and-up. Somebody "out" this weasel, PRONTO! (please!) d2t From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: deltorto@aol.com Date: Tue, 23 Feb 93 03:50:49 PST To: cypherpunks@toad.com Subject: Mac HD Cypher... mostly Message-ID: <9302230651.tn06929@aol.com> MIME-Version: 1.0 Content-Type: text/plain >>From: DDLEEDS@vm.cmp.ilstu.edu >>Subj: Mac HD Cypher... >> >>Does anyone know of a way or program that can completely encrypt a hard drive >>on a macintosh computer so that only the person that knows the key can decrypt it? Well, I don't know about "impenetrable" other than my first girlfriend when I was 9's underpants, but FWB's Hard Disk ToolKit (aka HDT) provides, besides very nice control over all aspects of SCSI drive configuration, three levels of 'protection': a driver-level password (keeps yer granny out) and two levels of block-by-block encryption - simple password-based (keeps your savvy mate from editing the file blocks and recovering your loveletters) or DES (keeps most non-Fed attackers out). The advantage of this device-driver level encryption is that the drive can be used normally as long as you know the password. Otherwise, if some spook with a warrant tries to mount it down at his office, he has to fill out a shitload of forms, FedEx it to Fort Meade and wait a few days for the lads in the lab to crack it for him before he can come back with the 'cuffs. I recommend giving the drive an HDT driver-level access password as well as DES encryption if you're really concerned that your girlfriend is gonna see the shit you been writing about her to that other chick. I use these options on a couple of 44 MB SyQuest removeables. I sleep pretty well at night (when I sleep, that is). >>I am looking for a crypt that is completely IMPENETRABLE!!! Dream on, Smedley. Anyone who's ever graduated from Paranoid U. can tell you that when the chips are down (i.e. the New Sons of Armageddon come a-knockin' at yer shack), DES is about as secure as my third girlfriend when I was 12's panties - not very. OK, so I enjoyed puberty, sue me... >>Your help would be appreciated, >> >> >>Jumping Jack Flash You can find HDT mentioned in any decent Mac 'zine. Happy Jumping. d2t PS: I'd tell you FWB's phone number in the 415 (SF) area, but that might sound like advertising. :-) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: robichau@lambda.msfc.nasa.gov (Paul Robichaux) Date: Tue, 23 Feb 93 06:12:07 PST To: cypherpunks@toad.com Subject: Mac Perl info Message-ID: <9302231410.AA18658@lambda.msfc.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain As {promised | threatened} in my message to the list last night, here's the info file for Mac Perl, available at fine FTP sites like nic.switch.ch (the original site and holder of this file.) I don't use Perl myself, but you can contact either Matthias or Tim (see below); they have both been helpful with other stuff in the past. Regards, -Paul, posting from work for once WELCOME TO MPW PERL This is Perl for the Mac, ported to MPW C by Matthias Neeracher and Tim Endres . It runs every program in the test suite that you could it reasonably expect to, and some you probably didn't expect. Feel free to give this program away according to the terms stated in the README file. System Requirements Perl really likes MPW. The standalone version is not much use yet. Some of the really cool features require ToolServer, System 7, and enough RAM (Notably stuff like `CFront MacApp.cp`, while (<Å.c>) or open(XXX, "Catenate Å.c |")) Some of the files barely compile with 5 megabytes of RAM. Bugs, Suggestions, Damnations Please send your bug reports and/or fixes to (It is rather unlikely that any of the bugs are relevant to the UNIX version). Mailing list There is now a mailing list for announcing new releases, sharing scripts, and discussions about how to make MPW Perl change your life. To subscribe, send a mail to Revision History 24Jan93 4.0.6 - choose() for files no longer includes the terminating null character. - rename() and TCP sockets work better (thanks to Brad Pickering for reporting these bugs). - standalone version can read scripts from its data fork and accepts more startup files. - (hopefully) improved the documentation a little. Added ObiWan support. 20Dec92 4.0.5 - Supports sockets and symbolic links. - "ask", "answer" and "pick" are now builtins with a slightly changed syntax (sorry). - A few mac scripts are now provided in :t:mac and :macscripts: - The application now always searches for a #! line first. If none is found, the script is executed anyway, but the file has to be read twice. 27Sep92 4.0.4 This release upgrades the Mac version to UNIX patchlevel 35. 08Jun92 4.0.3 This release supports opendir (In fact, I thought the last one'd already support it. Thanks to Mike Meckler for reporting this bug). dbmopen & friends are now supported. 20Jan92 4.0.2 First public release. -- Paul Robichaux, KD4JZG | May explode if disposed of improperly. Mission Software Development Div. | Printed on recycled phosphors. New Technology, Inc. | ** PGP 2.0 key available on request ** From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Mon, 22 Feb 93 22:52:31 PST To: Eric Hughes Subject: Re: whistleblower newsgroup? In-Reply-To: <9302230117.AA18417@soda.berkeley.edu> Message-ID: <9302230751.aa16701@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > The moderator to alt.whistleblower, instead of a person's mail > address, could be a mail alias which invokes a header field stripper. > That way it would be impossible to post to the group with your > identity in the header. Every posting anonymous! Sort of like a > mathematical dual of alt.forgery. > > I would also suggest a periodic posting explaining exactly how secure > that is. (Proof against casual attack, but not against local or > global network monitoring.) > > It seems easy enough. I'd do it myself if I had root anywhere. The > perl scripts for remailing would be easily hacked. You could even > retain the automatic PGP decryption for the more informed, the more > paranoid. Well, I hereby volunteer anon.penet.fi for such use. I already have the posting stuff in place, and .fi is outside US jurisdiction.... It would be a one-line hack to disable the anon id generation for posters to that group... So the security concerns re anon.penet.fi mentioned on this list wouldn't apply... Now I only have to get PGP up on the damned Interactive UNIX... Or switch to bsd/386 or something... Julf (admin@anon.penet.fi) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Duncan Frissell <71562.3445@CompuServe.COM> Date: Tue, 23 Feb 93 06:08:33 PST To: Subject: RE: Advertising on the net Message-ID: <930223140021_71562.3445_CHT76-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain Nothing like jumping into the middle with one's first posting... Denizens of the nets have to realize that there are some extreme social deviates out here who go beyond sodomy, go beyond working for the FDA, go beyond rape as an instrumentality of war, go beyond voting and actually believe that adverting is an ennobling human activity. Think about it. Poor Michael in the last few episodes of "Thirtysomething" suffering existential angst because he was great at advertising but considered it an unworthy occupation for a man. If he'd only known that advertising=mass markets=low prices=wealth beyond the dreams of ancient Kings. Lack of advertising=Moscow before 1990. If we have to accept your deviations (voting for the short fascist with the bad haircut and the funny ears par example) you have to accept ours. We can live with each other without too much trouble. Duncan Frissell **************************************************************************** * * * * * YOUR AD HERE * * * * * **************************************************************************** PS - If you post a message about the existence and availability of PGP, you are *ADVERTISING*. Naughty, naughty, naughty. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peter honeyman Date: Tue, 23 Feb 93 06:30:24 PST To: Duncan Frissell <71562.3445@CompuServe.COM> Subject: Re: Advertising on the net In-Reply-To: <930223140021_71562.3445_CHT76-1@CompuServe.COM> Message-ID: <9302231430.AA10258@toad.com> MIME-Version: 1.0 Content-Type: text/plain 'scuse me if i'm failing to recognize sarcasm ... you can think what you like, but the fact remains that the cypherpunks list was created with a specific set of topics in mind. people subscribe to the list to discuss those specific topics. there is plenty of room in cyberspace for discussions of any sort you like, including the merits of advertising. but not here. ok? peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 23 Feb 93 09:31:42 PST To: cypherpunks@toad.com Subject: Beware of anon.penet.fi message! In-Reply-To: <9302230851.aa19921@penet.penet.FI> Message-ID: <9302231728.AA20762@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Currently to mail to person 1234 at penet, you send mail to anon1234@penet.fi This mail goes out anonymously from the sender, either using an existing mail address or creating one. But if one were able to reach person 1234 also with the email address, say, name1234@penet.fi the behavior could be _not_ to make this posting anonymous. To wit, the 1234 indicates that you are replying to a pseudonymous recipient, and the anon/name pair indicate whether the sender is anonymous. Thus no change in default behavior, and no new header lines. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Tue, 23 Feb 93 00:04:20 PST To: deadbeat Subject: Re: Beware of anon.penet.fi message! In-Reply-To: <9302230604.AA04535@anon.penet.fi> Message-ID: <9302230851.aa19921@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > I meant only slight malice here: I had intended to "expose" a few > email/anon associations to highlight the problem. The problem became > apparent to me when I sent pseudonymous mail to a prominent person on > this list; his reply exposed his pseudonymous id at anon.penet.fi, > surely without his knowledge. I think this would be fixed by the "X-Anon-Anonymize: no" (or whatever) hack. But for reasons I have outlined in the earlier round of discussions, it can't be the default. Comments? > > an5877's message appears to be a trick, designed to collect > > anonymous/real address pairs. Johan Helsingius should take > > action against this trickster. Since he is learning other > > people's real addresses, perhaps it would be appropriate for his > > own real address to be revealed. > > Now that would be a _very_ serious "bug" in the anon.penet.fi remailer > (or, more accurately, in its administration); I am confident Johan > Helsingius will reject this suggestion. Definitely. I might block someone from using the server, but never (ok, "never say never") expose somebody. > > But, this does point out that these systems which automatically > > assign anonymous addrsses have several security flaws. Johan > > has already had to introduce a "password" feature to make it > > more difficult to send fakemail that appears to be from a > > particular email address through the server, thus revealing the > > corresponding anonymous address when it is delivered. > > I think that merely masks the real problem. It fixes *one* problem. I really appreciate suggestions for other solutions. > > These are serious problems. We need some discussion of how to > > avoid these simple tricks for defeating the anonymity while > > still having an easy-to-use system. > > Any ideas? For starters, I think the default behavior of anon.penet.fi > is badly broken. There has been a lot of discussion about this, and I'm afraid it's too late to change the *default* behavior now... > But a more serious problem with anon.penet.fi and the > other remailers I am aware of is the necessity that we pseudonymous > clients have to rely on the integrity of their administrators to keep > our pseudonyms private. In the face of social pressure, such as > Xavier's, that may be asking a lot. True. And that's why PGP-based stuff & remailer chains is the way to go for "hard" anonymity. But for posting to general newsgroups, we also need a system with working return paths. This doesn't seem possible with current remailer chain systems. Julf (admin@anon.penet.fi) P.S. In case I forgot to announce it, as you could see from the message I'm replying to, PGP stuff doesn't get stripped at anon.penet.fi anymore..... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: an5877@anon.penet.fi (deadbeat) Date: Tue, 23 Feb 93 07:31:29 PST To: cypherpunks@toad.com Subject: No subject Message-ID: <9302231437.AA00626@anon.penet.fi> MIME-Version: 1.0 Content-Type: text/plain In-reply-to: Johan Helsingius' message of Tue, 23 Feb 1993 10:52:16 +0200. <9302231011.aa20353@penet.penet.FI> -----BEGIN PGP SIGNED MESSAGE----- > > Well, I don't agree that doubleblind is a great idea. > > Neither do I. But many of the users of anon.penet.fi are > not very computer-and-email-literate, and they have been using other > services, providing double-blind. Unfortunate, but too late to change now... Can you elaborate on those other services? The Finnish remailer is the only one I'm aware of. Also, I'm confused about these "not very computer-and-email-literate" users -- aren't they forced to use an X-Anon-Password header? I'm surprised there hasn't been more ruckus about the default behavior. There must be many folks whose identities have been inadvertantly exposed. > What we can do is to provide better ways for those who *are* computer > literate enough to use extra headers etc. I don't think this will help. With my mail environment, I have to go to lengths to send an anonymous message, concocting X-Anon-To and X-Anon-Password headers. It's worth the effort, since this helps to preserve the secrecy of my pseudonymous identity. But the first time I mess up, and send an unfettered message to an anon.penet.fi client, I am unmasked. What I'm saying is that I'm hip to headers; it's the simple stuff that trips me up. And I still don't understand how the unfettered message gets past the X-Anon-Password filter. > > I think it's imperative that the sender use X-Anon-To to be > > pseudonymous. This is consistent with the principle of least > > astonishment. > > But in this case I feel the principle of least astonishment is overruled > by the principle of least risk of accidental exposure. I think the risk of accidental exposure is heightened by the default behavior of the Finnish remailer. Maybe we're using the same words to describe different things. > I think that hornet's nest needed to be kicked. But I am also > disappointed that not enough people defend the need for anonymity in > places like news.admin.policy. Some of us gave up on USENET policy long, long ago. Personally, I stick to the alt.* groups. > I think pseudonyms *should* be prominent - as you have noticed, anon.penet.fi > adds an explicit warning at the end of every message. In time, I hope such warnings will be unnecessary, as people grow accustomed to the use of pseudonyms. DEADBEAT -----BEGIN PGP SIGNATURE----- Version: 2.1 iQBFAgUBK4o0+PFZTpBW/B35AQGlcAF/UC0HNtSoIQe2arEoK5uzkjX+7fCwPUqC l/2o0wifS7SLGLfoshQpd3vaczDktaBV =TPtY -----END PGP SIGNATURE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help@anon.penet.fi. Due to the double-blind system, any replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin@anon.penet.fi. *IMPORTANT server security update*, mail to update@anon.penet.fi for details. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mvario@inode.com (MICHAEL VARI) Date: Tue, 23 Feb 93 07:11:00 PST To: cypherpunks@toad.com Subject: REQUEST Message-ID: <3498908CAA@inode.com> MIME-Version: 1.0 Content-Type: text/plain Subj: Request To: cypherpunks-request@toad.com I would like to request to be placed on the cypherpunks mailing list. Thank you, Michael Vario mvario@inode.com ___ Blue Wave/QWK v2.12 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Nickey MacDonald Date: Tue, 23 Feb 93 06:07:48 PST To: cypherpunks list Subject: Some questions Message-ID: MIME-Version: 1.0 Content-Type: text/plain {I have been reading the list for about a week now... This is my first post... I hope this is not a FAQ...} I am looking for solutions to a situation that people may find familiar... Say you have a text file that contains sensitive configuration data (in a particular case, the cross-index of anonymous ids and real mail addresses) taht you want a program to be able to read, but you want it stored in encrypted format. (Which means you will decrypt it each time you read it, and rewrite it in encrypted form when needed. It will only exist in decrypted in the computers RAM.) Is there some sort of scheme that will allow this, without having to have a user present to enter the password at startup (a pain if its supposed to be an unattended program, such as a remailer) or having the password compiled into the program... Also, I have seen a number of references to DC nets... I must confess I have never heard of the term before... can someone enlighten me? --- Nick MacDonald i6t4@jupiter.sun.csd.unb.ca From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Tue, 23 Feb 93 00:21:49 PST To: Eli Brandt Subject: Re: Anon address attack... In-Reply-To: <9302230700.AA03047@toad.com> Message-ID: <9302230920.aa20039@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > I was thinking of installing a trivial hack in my remailer, such that > upon demand it adds some random (essentially unrepeatable) cruft to > the From: line, placing it as a name field so as to have no > addressing significance. I believe penet assigns IDs based on this > line, so chaining this to a penet-style remailer would provide > "hit-and-run" anonymity -- even if the remailer wants nothing of the > sort. The social desirability of this could be questioned, but it > certainly seems more secure to built pseudonyms on top of something > like this (using PGP sigs to provide a solid identity) than through > the presently-popular approach. Comments? (Julf?) I think we should come up with a more socially acceptable solution. Widespread use of hit-and-run abuse on the net would certainly lead to actions against sites such as anon.penet.fi. Some method that preserves a return path is needed for a *general* posting facility (alt.whistleblowers etc. would be special cases). And... Please remember anon.penet.fi has something like 13000 existing users. And most of them have been using other anonymous posting hosts with the same limitations/defaults as anon.penet.fi. So we can't change everything overnight... Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: an5877@anon.penet.fi (deadbeat) Date: Tue, 23 Feb 93 08:19:50 PST To: cypherpunks@toad.com Subject: Re: Beware of anon.penet.fi message! Message-ID: <9302231520.AA03498@anon.penet.fi> MIME-Version: 1.0 Content-Type: text/plain In-reply-to: Johan Helsingius' message of Tue, 23 Feb 1993 09:32:54 +0200. <9302230851.aa19921@penet.penet.FI> -----BEGIN PGP SIGNED MESSAGE----- > > The problem became > > apparent to me when I sent pseudonymous mail to a prominent person on > > this list; his reply exposed his pseudonymous id at anon.penet.fi, > > surely without his knowledge. > > I think this would be fixed by the "X-Anon-Anonymize: no" (or whatever) > hack. But for reasons I have outlined in the earlier round of > discussions, it can't be the default. Comments? If it's not the default behavior, then it will be a recurring problem. > There has been a lot of discussion about this, and I'm afraid it's too > late to change the *default* behavior now... Why? It seems to me the X-Anon-Password header was a pretty major change, yet you made that change to preserve people's pseudonymous identities. The instant challenge is just as grave, don't you think? > P.S. In case I forgot to announce it, as you could see from the message > I'm replying to, PGP stuff doesn't get stripped at anon.penet.fi > anymore..... Great stuff. Thanks. DEADBEAT -----BEGIN PGP SIGNATURE----- Version: 2.1 iQBFAgUBK4o8FfFZTpBW/B35AQFQgwF/QU9NQmgtFKfv+KMoghtSwTL/e8vh3G4b vwlZy3yWF6D4+LVAnOEcuh0gvxJSNi51 =hD4O -----END PGP SIGNATURE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help@anon.penet.fi. Due to the double-blind system, any replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin@anon.penet.fi. *IMPORTANT server security update*, mail to update@anon.penet.fi for details. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Tue, 23 Feb 93 10:10:18 PST To: cypherpunks@toad.com Subject: Dining Cryptographers Nets--An Introduction Message-ID: <9302231808.AA22381@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Nickey MacDonald writes: >Also, I have seen a number of references to DC nets... I must confess I >have never heard of the term before... can someone enlighten me? Here's a summary of the "dining cryptographers net" I wrote back in the pre-Cypherpunks days (which I later posted to the nascent Cypherpunks list). I'm posting it here because of the question just asked, thinking that others may be similary confused. (A "Glossary" also exists, and is in the "soda" archive site.) (I could apologize for the volume, but cyherpunks ought to be able to handle a few measly kilobytes of stuff. Besides, at least this won't go out multiple times to the list!) Understand that DC-Nets are further off in the future than the Cypherpunks-PAX-PENET-style remailers being discussed these last few months. Chaum-style mixes, based on his 1981 CACM letter, have yet to be implemented, let alone the more advanced DC-Net-style systems. Hal Finney, Marc Ringuette, and Yanek Martinson are some of the folks on this list who are interested in working on DC-Nets....Yanek even claims to have a primitive one running on his local machine and is interested in volunteers to test it on a larger basis. The "Information Liberation Front" also posted Chaum's entire 1988 paper, "The Dining Cryptographers Problem: Unconditional Sender and Recipient Untraceability." I suppose you could ask them to repost the article or forward it to you. Hope the newcomers enjoy this. To: Extropians@gnu.ai.mit.edu From: uunet!netcom.com!tcmay (Timothy C. May) Subject: Dining Cryptographers Date: Tue, 18 Aug 92 15:45:34 PDT Reply-To: uunet!gnu.ai.mit.edu!Extropians Marc R. has opened the door for me to get into some really exciting stuff: > > Tim May mentioned a new method from Chaum for defeating traffic analysis: > > > Chaum has since improved the tamper-responding "mix" by going to a pure > > software scheme which he calls "the Dining Cryptographers Protocol." It's > > described in Vol. 1, Number 1 of "Journal of Cryptology," 1988. If there's > > interest, I'll summarize it. > > Yes, please, Tim! > > > M. Complexity Warning: This stuff (I'm being informal) is easy once you get the basic idea. But getting the basic idea usually involves reading several articles on what RSA, digital signatures, etc., are all about, working out some examples, thinking about it, drawing pictures with other folks, and finally having an "Aha!" experience (in Werner Erhard's terms, you "get it"). The ASCII nature of the Net is not conducive to learning this stuff, despite the excellent summaries of crypto by Marc R. and Perry M. The almost-latest "Scientific American," August, has an article by David Chaum on digital money, and the latest "Spectrum," available at selected newstands, has several articles on security and cryptography. Also, there are lots of books. Look 'em up in a university library or flip through them at a large technical bookstore and pick the one you like the most. (I like a slim Springer-Verlag paperback, "Modern Cryptology," by Gilles Brassard, 1988, as a good intro to "modern"--as opposed to "classical"--crypto.) If the stuff in this posting, and on crypto in general, is beyond your current understanding, either ignore it, skim it and try to get the gist, or dig into the articles and books. Anyway, back to "The Dining Cryptographers Problem: Unconditional Sender and Recipient Untraceability," David Chaum, Journal of Cryptology, I, 1, 1988. Since this journal is hard to get, I'll discuss the article in some detail. (The techniques have major implications for anarchocapitalism and for Extropian ideas.) Abstract: "Keeping confidential who sends which messages, in a world where any physical transmission can be traced to its origin, seems impossible. The solution presented here is unconditionally or cryptographically secure, depending on whether it is based on one-time-use keys or on public keys. respectively. It can be adapted to address efficiently a wide variety of practical considerations." A word on terminology: "Unconditionally secure" means what it says: no computer will ever crack it. One-time pads are unconditionally secure...no code or cipher is involved, except the one-time pad, so the message is secure as long as the pad has not been compromised. "Cryptographically secure" means secure so long as various crypto ciphers are secure, which may be for a very, very long time (e.g., with very large primes, in RSA). Chaum describes some "dining cryptographers," which I will playfully change to "dining Extropians." (The term is of course a variant of the seminal "dining logicians problem" in computer science) Three Extropians are having dinner, perhaps in New York City. Their waiter tells them that their bill has already been paid, either by the NSA or by one of them. The waiter won't say more. The Extropians wish to know whether one of them paid, or the NSA paid. But they don't want to be impolite and force the Extropina payer to 'fess up, so they carry out this protocol (or procedure): Each Extropian flips a fair coin behind a menu placed upright between himself and the Extropian on his right. The coin is visible to himself AND to the Extropian on his left. Each Extropian can see his own coin and the coin to his right. STOP RIGHT HERE! Please take the time to make a sketch of the situation I've described. If you lost it here, all that follows will be a blur. I'm sparing you folks my attempt at an ASCII drawing! Each Extropians then states out loud whether the two coins he can see are the SAME or are DIFFERENT, e.g., "Heads-Tails" means DIFFERENT, and so forth. For now, assume the Extropians are truthful. A little bit of thinking shows that the total number of "DIFFERENCES" must be either 0 (the coins all came up the same), or 2. Odd parity is impossible. Now the Extropians agree that if one of them paid, he or she will SAY THE OPPOSITE of what they actually see. Remember, they don't announce what their coin turned up as, only whether it was the same or different as their neighbor. Suppose none of them paid, i.e., the NSA paid. Then they all report the truth and the parity is even (either 0 or 2 differences). They then know the NSA paid. Suppose one of them paid the bill. He reports the opposite of what he actually sees, and the parity is suddenly odd. That is, there is 1 difference reported. The Extropians now know that one of them paid. But can they determine which one? Suppose you are one of the Extropians and you know you didn't pay. One of the other two did. You either reported SAME or DIFFERENT, based on what your neighbor to the right (whose coin you can see) had. But you can't tell which of the other two is lying! (You can see you right-hand neighbor's coin, but you can't see the coin he sees to his right!) This all generalizes to any number of people. If none of them paid, the parity is even. If one of them paid, the parity is odd. But which one of them paid cannot be deduced. And it should be clear that each round can transmit a bit, e.g., "I paid" is a "1". The message "Attack at dawn" could thus be "sent" untraceably with multiple rounds of the protocol. The Crypto Ouija Board: I explain this to people as a kind of ouija board. A message, like "I paid" or a more interesting "Transfer funds from.....," just "emerges" out of the group, with no means of knowing where it came from. Truly astounding. Now there are many interesting wrinkles and elaborations to this protocol. I'll note just a few. 1. Collusion. Obviously the Extropians can collude to deduce the payer. This is best dealt with by creating multiple subcircuits (groups doing the protocol amongst themselves). Lots more stuff here. Chaum devotes most of the paper to these kind of issues and their solutions. 2. With each round of this protocol, a single bit is transmitted. Sending a long message means many coin flips. Instead of coins and menus, the neighbors would exchange lists of random numbers (with the right partners, as per the protocol above, of course. Details are easy to figure out.) 3. Since the lists are essentially one-time pads, the protocol is unconditionally secure, i.e., no assumptions are made about the difficulty of factoring large numbers or any other crypto assumptions. 4. Participants in such a "DC-Net" (and here we are coming to the heart of the "crypto anarchy" I have mentioned several times, and which is perhaps foolishly advertised in my .sig) could exchange CD-ROMs or DATs, giving them enough "coin flips" for zillions of messages, all untraceable! The logistics are not simple, but one can imagine personal devices, like smart card or Apple "Newtons," that can handle these protocols (early applications may be for untraceable brainstorming comments, secure voting in corportate settings, etc.) 5. The lists of random numbers (coin flips) can be generated with standard cryptographic methods, requiring only a key to be exchanged between the appropriate participants. This eliminates the need for the one-time pad, but means the method is now only cryptographically secure, which is often sufficient. (Don't think "only cryptographically secure" means insecure....the messages may remain encrypted for the next billion years) 6. Collisions occur when multiple messages are sent at the same time. Various schemes can be devised to handle this, like backing off when you detect another sender (when even parity is seen instead of odd parity). In large systems this is likely to be a problem. Solutions are left as an exercise. 7. Noise. Some participants may try to flood the circuit with spurious messages, to defeat the system or for whatever other reasons. This is still an issue. (If there's anything to take away from crypto, it's that nothing is as simple as it looks, that there are always devious ways to spoof, jam, and forge. I expect you've seen this from some of the debate on digital voting schemes.) What Can "DC-Net" Be Used For?: * Untraceable mail. Useful for avoiding censorship, for avoiding lawsuits, and for all kinds of crypto anarchy things. * Fully anonymous bulletin boards, with no traceability of postings or responses. Illegal materials can be offered for sale (my 1987 canonical example, which freaked out a few people: "Stealth bomber blueprints for sale. Post highest offer and include public key."). Think for a few minutes about this and you'll see the profound implications. * Decentralized nexus of activity. Since messages "emerge" (a la the ouija board metaphor), there is no central posting area. Nothing for the government to shut down, complete deniability by the participants. * Only you know who your a partners are....in any given circuit. And you can be in as many circuits as you wish. (Payments can be made to others, to create a profit motive. I won't deal with this issue, or with the issue of how reputations are handled, in this posting.) * The tamper-responding "digital mixes" can still be useful, and may supplement this purely software-based approach. * Digital money gets involved, too, both for payments in this system, and in terms of "alternative currencies." I'm not an economist, so I'll leave this for others to go into in more detail. Enough for now. Chaum's work is just the start. These systems can initially be set up for "innocuous" purposes like research into crypto techniques (not yet banned in the U.S.), role-playing games, religions, and the like. Once they get going, it'll be too late to stop the other things. Hope you liked this summary. Please read the articles...there's just no way my posting can do justice to them (though I admit I've concentrated my efforts on the political aspects, which "respectable" crypto researchers rarely mention, so perhaps the flavor here is a bit more Extropian than you'll find elsewhere.) --Tim (part of the "Too Many Tims!" Conspiracy) -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | RSA MailSafe Public Key: by arrangement From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Tue, 23 Feb 93 00:22:19 PST To: cypherpunks@toad.com Subject: Re: In-Reply-To: <9302230654.AA10264@bsu-cs.bsu.edu> Message-ID: <9302230933.aa20090@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > I think it's wrong for anon.penet.fi to operate this way. Well, then, how *should* anon.penet.fi operate? I really am open to suggestions... Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: an5877@anon.penet.fi (deadbeat) Date: Tue, 23 Feb 93 08:32:23 PST To: cypherpunks@toad.com Subject: Re: anon.penet.fi hacking Message-ID: <9302231549.AA05587@anon.penet.fi> MIME-Version: 1.0 Content-Type: text/plain In-reply-to: Tony Kidson's message of Tue, 23 Feb 1993 12:16:29 +0000. <2497@morgan.demon.co.uk> -----BEGIN PGP SIGNED MESSAGE----- > One reason the list has been so busy is that DEADBEAT's messages > seem to be being posted both through penet and through a cypherpunks > remailer. I don't know why this is happening -- my messages are being sent with headers To: anon@anon.penet.fi X-Anon-To: cypherpunks@toad.com Yet two copies are arriving, one from "an5877@anon.penet.fi (deadbeat)" and another from "nowhere@bsu-cs.bsu.edu (Anonymous)." Personally, I think the latter remailer is broken. DEADBEAT -----BEGIN PGP SIGNATURE----- Version: 2.1 iQBFAgUBK4pBIPFZTpBW/B35AQGqcAF9FmuI1E+L0hsWVFbshFQo96mmQoo3pRKt 22+lrGbZge7san/4PQnWmd93HjJEc97u =KGNP -----END PGP SIGNATURE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help@anon.penet.fi. Due to the double-blind system, any replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin@anon.penet.fi. *IMPORTANT server security update*, mail to update@anon.penet.fi for details. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl Barrus Date: Tue, 23 Feb 93 08:36:38 PST To: cypherpunks@toad.com Subject: pgpshell Message-ID: <199302231635.AA18689@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain Cypherpunks: A user new to unix, pgp, the net, etc. wrote to me asking for a "menu type of shell" to protect from switch overload. So I hacked this together pretty quickly and have given it a once over testing. It is meant for new pgp users; something which will help until they are more comfortable. I mailed to the original user, but I thought there may be wider interest. pgpshell: it pretty much just passes on arguments to pgp, nothing fancy, minimal functionality. /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ ------8< cut here >8----- #!/bin/sh # pgpshell: minimally functional script to help users of pgp # (I'm not claiming this yet) :-) # last update 2/23/93 echo " 1: encrypt a file" echo " 2: decrypt a file" echo " 3: conventionally encrypt a file" echo " 4: sign and encrypt a file" echo " 5: sign a file, result in ascii file" echo "" echo -n "choice: " read choice echo -n "Name of file? " read filename if [ ! -f "$filename" ] then echo "File $filename not found." exit 1 fi case "$choice" in 1) echo -n "User id? "; read user; pgp -ea $filename $user;; 2) pgp $filename;; 3) pgp -c $filename;; 4) echo -n "User id? "; read user; pgp -esa $filename $user;; 5) pgp -sat +clearsig=on $filename;; *) echo "Improper choice."; exit 1;; esac From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Tue, 23 Feb 93 00:52:04 PST To: Hal <74076.1041@compuserve.com> Subject: Re: anon.penet.fi hacking In-Reply-To: <930223074743_74076.1041_DHJ21-1@CompuServe.COM> Message-ID: <9302230955.aa20252@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > Well, I think I have deduced the identity of "Deadbeat" from his posting > style. I don't think Julf should say who he is. This was an important > demonstration of a weakness in the security of the remailers. Definitely! > The Penet remailer seems now to require a password for all messages; at > least, I wasn't able to send to an5877@anon.penet.fi ("Deadbeat") without > using my password. So chaining through Cypherpunks remailers to Penet would > seem not to be possible now. Unless you include your password in the message! Remember that anon.penet.fi can pick up the X-Anon-To: and X-Anon-Password: lines from the start of the message text - they don't have to be header fields. > Unless Eli's suggestion works - having our remailers put out a random > "From:" line (perhaps just on mail to Penet?) might cause Penet to issue a > new pseudonym for that apparent new user. This would be kind of wasteful > from Penet's perspective - all those pseudonyms are never going to be > re-used. But it might allow this form of chaining, without compromising the > pseudonym of the remailer operator. The social implications are more important. > Another possibility would be for there to be a command to Penet to allow > users to send truly anonymous mail, mail which does not have a meaningful > "From" line (and in particular which does not have the user's Penet > pseudonym displayed as the "From" address). We could set our remailers to > use that command for any mail sent to Penet. Mail sent with that command > would not need a password. This would be an alternative way for users to > deal with some of the other attacks, such as the one Deadbeat demonstrated. I repeat: for general postings, we have to come up with a way to provide anonymity while retaining a return path. Otherwise chaos ensues, just look at the most blatant misuses of anon postings witnessed recently! > P.S. - My, the list has sure been lively today. Looks like we beat > Extropians again on volume! Yeah... Haven't ben able to get away from my machine to have my morning shower yet (it's 10:30am in Finland). Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Anonymous) Date: Tue, 23 Feb 93 07:40:27 PST To: cypherpunks@toad.com Subject: No Subject Message-ID: <9302231537.AA28187@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain In-reply-to: Johan Helsingius' message of Tue, 23 Feb 1993 10:52:16 +0200. <9302231011.aa20353@penet.penet.FI> -----BEGIN PGP SIGNED MESSAGE----- > > Well, I don't agree that doubleblind is a great idea. > > Neither do I. But many of the users of anon.penet.fi are > not very computer-and-email-literate, and they have been using other > services, providing double-blind. Unfortunate, but too late to change now... Can you elaborate on those other services? The Finnish remailer is the only one I'm aware of. Also, I'm confused about these "not very computer-and-email-literate" users -- aren't they forced to use an X-Anon-Password header? I'm surprised there hasn't been more ruckus about the default behavior. There must be many folks whose identities have been inadvertantly exposed. > What we can do is to provide better ways for those who *are* computer > literate enough to use extra headers etc. I don't think this will help. With my mail environment, I have to go to lengths to send an anonymous message, concocting X-Anon-To and X-Anon-Password headers. It's worth the effort, since this helps to preserve the secrecy of my pseudonymous identity. But the first time I mess up, and send an unfettered message to an anon.penet.fi client, I am unmasked. What I'm saying is that I'm hip to headers; it's the simple stuff that trips me up. And I still don't understand how the unfettered message gets past the X-Anon-Password filter. > > I think it's imperative that the sender use X-Anon-To to be > > pseudonymous. This is consistent with the principle of least > > astonishment. > > But in this case I feel the principle of least astonishment is overruled > by the principle of least risk of accidental exposure. I think the risk of accidental exposure is heightened by the default behavior of the Finnish remailer. Maybe we're using the same words to describe different things. > I think that hornet's nest needed to be kicked. But I am also > disappointed that not enough people defend the need for anonymity in > places like news.admin.policy. Some of us gave up on USENET policy long, long ago. Personally, I stick to the alt.* groups. > I think pseudonyms *should* be prominent - as you have noticed, anon.penet.fi > adds an explicit warning at the end of every message. In time, I hope such warnings will be unnecessary, as people grow accustomed to the use of pseudonyms. DEADBEAT -----BEGIN PGP SIGNATURE----- Version: 2.1 iQBFAgUBK4o0+PFZTpBW/B35AQGlcAF/UC0HNtSoIQe2arEoK5uzkjX+7fCwPUqC l/2o0wifS7SLGLfoshQpd3vaczDktaBV =TPtY -----END PGP SIGNATURE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help@anon.penet.fi. Due to the double-blind system, any replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin@anon.penet.fi. *IMPORTANT server security update*, mail to update@anon.penet.fi for details. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pete@cirrus.com (Pete Carpenter) Date: Tue, 23 Feb 93 10:45:18 PST To: cypherpunks@toad.com Subject: KQED FM tuesday Message-ID: <9302231841.AA04053@ss2138.cirrus.com> MIME-Version: 1.0 Content-Type: text/plain The reference to a San Francisco radio station may seem a bit parochial, but I promise its related... I just heard a few minutes of their 'Forum' program. The topic was local reaction to Clinton's visit by spokesmen for SIA and AEA, plus the head of SGI. (Semicon Industry Assoc, American Electronics Assoc, Silicon Graphics) Someone called with concerns about privacy and wide spread use of encryption in cyberspace. If he had left it at that, a question about privacy, which everyone can grasp, he might have had his question answered. I would like to hear what these people had to say on this important topic. But no, the guy went off into a 'statement' about how the goverment wants to interfere with 'digital money', and the moderator cut him off, dry. No disscussion - substitute some other question about jobs. The moral of the story is - KISS! keep it simple, when talking about these issues to the general public. Privacy in the electronic age is something that everyone can understand. And quite a few 'regular' people are very much concerned. Offer wide spread public encryption technology as a solution to the problem. But PLEASE, don't gum up (public) disscussion with esoterica like 'digital money'. Most people don't even understand how 'regular' money works :-) Pete Carpenter pete@cirrus.com Talk about your plenty, talk about your ills, One man gathers what another man spills. - Robert Hunter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Tue, 23 Feb 93 00:52:21 PST To: mark@coombs.anu.edu.au Subject: Re: anon.penet.fi remailers In-Reply-To: <9302230753.AA18385@coombs.anu.edu.au> Message-ID: <9302231003.aa20289@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > I balk at Yet-More-F******-Header-Lines (YMFHL) but a _possible_ patch > is to have a: > > X-Show-My-Anon: yes|no (in the header), > > or: > > :: > X-Show-My-Anon: yes|no (in the body) Yes. Thinking about something like this. But what is teh best syntax? > (BTW I saw someone's .sig where they *advertised* their anon id on USENET. > Presumably this was because he thought thats what you had to do so others > could email them anonomously... obviously he wont be a whistle blower :) Well, it could be somebody who doesn't care about his/her own anonymity, but wants to make it as easy as possible to send anon mail to him/her. It's so much easier to mail to anXXXX@anon.penet.fi than to use stuff like user%host.domain@anon.penet.fi or hack around with strange extra X-Anon-* headers (especially with anally-retentive mailers etc.). Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Tue, 23 Feb 93 01:12:12 PST To: Anonymous Subject: Re: In-Reply-To: <9302230715.AA11401@bsu-cs.bsu.edu> Message-ID: <9302231011.aa20353@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > Well, I don't agree that doubleblind is a great idea. Neither do I. But many of the users of anon.penet.fi are not very computer-and-email-literate, and they have been using other services, providing double-blind. Unfortunate, but too late to change now... What we can do is to provide better ways for those who *are* computer literate enough to use extra headers etc. > > Evidentally there is positive harm that can occur by automatically > > anonymizing all messages which pass through a remailer. ... For > > anonymous posting and for mail to a non-anonymous address, it's more > > reasonable to assume that anonymization is desired. ... But when > > sending a message to an anonymous address, it's not known whether the > > sender wants to be anonymized or not. > > I think it's imperative that the sender use X-Anon-To to be > pseudonymous. This is consistent with the principle of least > astonishment. But in this case I feel the principle of least astonishment is overruled by the principle of least risk of accidental exposure. > > Also, I have seen proposals that anonymous ID's should be made less > > recognizable, so that instead of an5877@anon.penet.fi we would have > > joe@serv.uba.edu. In such a situation it might be tedious to > > scrutinize every email address we send to (via replies, for example) > > to make sure it isn't a remailer where you have an anonymous ID. > > It would be a real boon to make pseudonyms less prominent -- this > seems to have kicked over a hornet's nest on USENET (even though > pseudonyms have been quietly in use for years). But were this the > case, scrutiny would be an understatement. I think that hornet's nest needed to be kicked. But I am also disappointed that not enough people defend the need for anonymity in places like news.admin.policy. I think pseudonyms *should* be prominent - as you have noticed, anon.penet.fi adds an explicit warning at the end of every message. > > All in all, I think some changes need to be made in how anonymous > > addresses are used and implemented in order to provide reasonable > > amounts of security. > > I agree that more discussion is in order. I'm especially concerned > about the broader issues regarding anonymity through remailers. Agree 100%. Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Timothy Newsham Date: Tue, 23 Feb 93 13:27:05 PST To: cypherpunks@toad.com Subject: link encryption Message-ID: <9302232127.AA17003@toad.com> MIME-Version: 1.0 Content-Type: text/plain I have been working lately on a program to encrypt my modem traffic between home and the unix. I call the program 'link' for link encryption. Currently it uses DES and RSA, RSA to exchange a random session key and DES to encrypt all general traffic. I spent some time today cleaning up some of the code so that it would be more modular and portable. The unix end i is presentable now but would require a remote end to work along with it. I dont feel that my Amiga end is good enough to even use regularly, there are some bugs in the Amiga end, and I haven incorporated the most recent changes into it either. I wrote the code to be modular and hopefully easily attached to other term programs in hopes that people would patch some code into their favorite term program and use it. If anyone wants the unix code I'm giving it out now, It is a bit long so I wont post it to the list unless I get enough replies (aand not too many "dont post it!" replies). If anyone has an ftp site they wish to put it on that is fine too. I'm releasing the code into the public domain, do with it what you please. Its in no way complete, I plan to add more features and hopefully robustness to the code in the future. ... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Tue, 23 Feb 93 11:23:32 PST To: cypherpunks@toad.com Subject: The Futility of General Crypto Education? Message-ID: <9302231921.AA01808@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Pete Carpenter (welcome, Pete!) writes: ....stuff about a radio call-in show elided.... >But no, the guy went off into a 'statement' about how the goverment >wants to interfere with 'digital money', and the moderator cut him off, >dry. No disscussion - substitute some other question about jobs. > >The moral of the story is - KISS! keep it simple, when talking about >these issues to the general public. Privacy in the electronic age is >something that everyone can understand. And quite a few 'regular' people >are very much concerned. Offer wide spread public encryption technology >as a solution to the problem. > >But PLEASE, don't gum up (public) disscussion with esoterica like >'digital money'. Most people don't even understand how 'regular' >money works :-) Point well taken. Most of the stuff we talk about is almost too esoteric for _ourselves_ (well, at times), let alone for the public. Pete's point is that we should keep our message very simple, mostly by focussing on privacy. (This is a theme Tom Jennings has also pushed, even urging this list to drop references to "crypto," which he thinks connotes spies and secrets, and instead replace it with "privacy," which he thinks most people will find more palatable.) But I think trying to educate the public is an absolutely lost cause. The Libertarian Party has been trying for years, and just got the lowest vote percentage in their history. (I suspect the Peace and Freedom Party, or other parties, would admit the same thing.) The average voter believes in UFOs, ghosts, brain cancer from cellular phones, the dangers of nuclear power, psychics, the War on (Some) Drugs, and the whole "democracy" thing. She certainly won't take the time to learn about RSA, digital money, etc. We won't get crypto liberty via the ballot box, we'll get it only if the technology is sound and is deployed widely enough so that attempts to stop it are futile. This has been how the most important changes in society have occurred, from agriculture to printing to telephones: the technology filled some need, spread, and became unstoppable. Convincing the voters at the ballot box was never an issue. Having said this, I agree that there's some role for educating some fraction of the public, so I applaud the many fine efforts of the EFF, CPSR, and so on. And some of these efforts may delay legislation which would make otherwise delay the "Crypto Phase Change." And I suppose I agree with Pete that if and when public forums are held, common sense dictates that the really abstruse stuff be avoided--I know I'd flip to another station if the discussion turned to the intricacies of PERL scripts in remailers! :-} -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Anonymous) Date: Tue, 23 Feb 93 08:29:37 PST To: cypherpunks@toad.com Subject: No Subject Message-ID: <9302231626.AA01332@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain In-reply-to: Johan Helsingius' message of Tue, 23 Feb 1993 09:32:54 +0200. <9302230851.aa19921@penet.penet.FI> -----BEGIN PGP SIGNED MESSAGE----- > > The problem became > > apparent to me when I sent pseudonymous mail to a prominent person on > > this list; his reply exposed his pseudonymous id at anon.penet.fi, > > surely without his knowledge. > > I think this would be fixed by the "X-Anon-Anonymize: no" (or whatever) > hack. But for reasons I have outlined in the earlier round of > discussions, it can't be the default. Comments? If it's not the default behavior, then it will be a recurring problem. > There has been a lot of discussion about this, and I'm afraid it's too > late to change the *default* behavior now... Why? It seems to me the X-Anon-Password header was a pretty major change, yet you made that change to preserve people's pseudonymous identities. The instant challenge is just as grave, don't you think? > P.S. In case I forgot to announce it, as you could see from the message > I'm replying to, PGP stuff doesn't get stripped at anon.penet.fi > anymore..... Great stuff. Thanks. DEADBEAT -----BEGIN PGP SIGNATURE----- Version: 2.1 iQBFAgUBK4o8FfFZTpBW/B35AQFQgwF/QU9NQmgtFKfv+KMoghtSwTL/e8vh3G4b vwlZy3yWF6D4+LVAnOEcuh0gvxJSNi51 =hD4O -----END PGP SIGNATURE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help@anon.penet.fi. Due to the double-blind system, any replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin@anon.penet.fi. *IMPORTANT server security update*, mail to update@anon.penet.fi for details. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: an5877@anon.penet.fi (deadbeat) Date: Tue, 23 Feb 93 10:20:48 PST To: cypherpunks@toad.com Subject: No subject Message-ID: <9302231704.AA10557@anon.penet.fi> MIME-Version: 1.0 Content-Type: text/plain In-reply-to: Johan Helsingius' message of Tue, 23 Feb 1993 10:14:27 +0200. <9302230933.aa20090@penet.penet.FI> -----BEGIN PGP SIGNED MESSAGE----- > Well, then, how *should* anon.penet.fi operate? I really am open to > suggestions... I'll restrict my comments to anonymous email, but the application to anonymous USENET posting is analogous. I'll ignore messages of the sort From: Alice To: anon@anon.penet.fi X-Anon-To: Bob X-Anon-Password: zzz since it's clear that Alice's identity should be concealed in this case. The problem we're dealing with is the message of the sort From: Alice To: Bob Should the remailer expose Alice's identity in the message that it forwards to Bob? If it does so blindly, Alice's anonymous identity is subject to accidental exposure. If it does not conceal Alice's identity, then certain expectations of anonymity might not be realized (according to Johan). Here's a way out that will satisfy me and Johan: assign Alice a new pseudonym here and now, one that will be good for replies only. If Alice has registered with the remailer in the past, i.e., if she has a password, then she knows how to X-Anon-To:, but has opted not to. If she has not registered, then it is also appropriate to assign her a new ID. However, should she later register, I suggest she be given a new, permanent, password-protected ID, just in case her earlier reply inadvertently exposed her real ID (in the way we have been discussing). In essence, I'm suggesting that the Finnish remailer have two classes of anonymous IDs, one that is password protected, and one that is not. The former should never be used without the X-Anon-Password header. DEADBEAT P.S.: Another suggestion I would make is that the remailer _not_ strip In-Reply-To: headers. -----BEGIN PGP SIGNATURE----- Version: 2.1 iQBFAgUBK4pRavFZTpBW/B35AQGC2AF/Q+LZt6T+SupvLftQom7xlon7+8LOGLpX bSy1lT0XEyzPQ1nwCDGOr0+MF9KdwPEO =AoKd -----END PGP SIGNATURE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help@anon.penet.fi. Due to the double-blind system, any replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin@anon.penet.fi. *IMPORTANT server security update*, mail to update@anon.penet.fi for details. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Anonymous) Date: Tue, 23 Feb 93 08:39:34 PST To: cypherpunks@toad.com Subject: No Subject Message-ID: <9302231636.AA02040@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain In-reply-to: Tony Kidson's message of Tue, 23 Feb 1993 12:16:29 +0000. <2497@morgan.demon.co.uk> -----BEGIN PGP SIGNED MESSAGE----- > One reason the list has been so busy is that DEADBEAT's messages > seem to be being posted both through penet and through a cypherpunks > remailer. I don't know why this is happening -- my messages are being sent with headers To: anon@anon.penet.fi X-Anon-To: cypherpunks@toad.com Yet two copies are arriving, one from "an5877@anon.penet.fi (deadbeat)" and another from "nowhere@bsu-cs.bsu.edu (Anonymous)." Personally, I think the latter remailer is broken. DEADBEAT -----BEGIN PGP SIGNATURE----- Version: 2.1 iQBFAgUBK4pBIPFZTpBW/B35AQGqcAF9FmuI1E+L0hsWVFbshFQo96mmQoo3pRKt 22+lrGbZge7san/4PQnWmd93HjJEc97u =KGNP -----END PGP SIGNATURE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help@anon.penet.fi. Due to the double-blind system, any replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin@anon.penet.fi. *IMPORTANT server security update*, mail to update@anon.penet.fi for details. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: an5877@anon.penet.fi (deadbeat) Date: Tue, 23 Feb 93 09:56:24 PST To: cypherpunks@toad.com Subject: Re: posting and posting and posting. Message-ID: <9302231710.AA11001@anon.penet.fi> MIME-Version: 1.0 Content-Type: text/plain In-reply-to: DrZaphod's message of Tue, 23 Feb 1993 02:55:22 -0600. <10525.drzaphod@ncselxsi> -----BEGIN PGP SIGNED MESSAGE----- > I was just going to ask about that.. I've gotten the same message from > DEADBEAT about 4 times.. I don't think I'm to blame for this. I think the problem is with the "nowhere@bsu-cs.bsu.edu" remailer. DEADBEAT -----BEGIN PGP SIGNATURE----- Version: 2.1 iQBFAgUBK4pTXvFZTpBW/B35AQGOngGAuhLA0SX22r0UVC9kMVfK31SjSSrCLc5k +bRhYyMZXyQ/TfneslZ4/mIh/xAPD4MB =V7Fj -----END PGP SIGNATURE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help@anon.penet.fi. Due to the double-blind system, any replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin@anon.penet.fi. *IMPORTANT server security update*, mail to update@anon.penet.fi for details. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pmetzger@shearson.com (Perry E. Metzger) Date: Tue, 23 Feb 93 10:39:34 PST To: huntting@glarp.com Subject: Re: Rambo Lives Message-ID: <9302231649.AA00522@maggie.shearson.com> MIME-Version: 1.0 Content-Type: text/plain > From cypherpunks-request@toad.com Mon Feb 22 23:23:46 1993 > To: cypherpunks@toad.com > Subject: Re: Rambo Lives > Date: Mon, 22 Feb 1993 20:37:25 MST > From: Brad Huntting > Content-Length: 649 > > > >> I say we should ensure that as many citizens as possible get ahold of PGP as > >> soon as possible. > > > Definitely. Spread the source. > > But to realy get PGP going (or PEM for that matter) will require > wide spread key distribution. It's clear that such distribution > mechanisms are not going to arise out of any "respectfull" institutions > mostly because of the legal entanglements they present. > > Perhaps the time has come for "alt.pgp.keyrings". A standard format > for postings could allow them to be automatically added to global > keyrings at usenet sites everywhere. Several security issues will > have to be addressed before this can work. I see statements like this over and over again and I can't help but believe it is due to extremely widespread ignorance about PGP keys. There is no need for widespread key distribution, folks. If you want to communicate with someone, provided their key has been signed by someone who's signature you trust, you can just ask them, in the clear, to email you their key, and all should be just fine. Some people seem to obsessively keep hundreds and thousands of keys around. Why? Whats the point? You can always just get keys from people any time you like. There is no problem. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Tue, 23 Feb 93 09:01:58 PST To: Cypherpunks Subject: Beware of anon.penet.fi Message-ID: <930223165258_74076.1041_DHJ23-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain I'd like to verify that X-Anon-Doubleblind: no would mean that no X-Anon-Password would be needed with the message. This way, remailer operators who use their personal accounts for remailing could establish a Penet anonymous ID and password for personal use, and be confident that remailer users would not be able to send mail through Penet that would be delivered with that anonymous ID exposed. Also, we could patch the remailers to add the X-Anon-Doubleblind: no line to mail which goes out to Penet, just in case the user forgets. (I don't think there is a need for mail through one of our remailers to be delivered to Penet with an X-Anon-Password, since only the remailer operator knows the correct password to use, so virtually no one would be able to use this feature.) I am confused about the exact rules that Penet uses to decide when a password must be given. I get the impression that if no password has been registered, anonymous posting and mailing to non-anonymous addresses is forbidden, but you can still mail to anonymous addresses. If a password has been registered, you must give it to do any of these three things. Is this right? Hal From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl Barrus Date: Tue, 23 Feb 93 10:08:40 PST To: cypherpunks@toad.com Subject: double messages Message-ID: <199302231807.AA28212@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain Cypherpunks, This double & unexpected message problem reminds me of the problems I had when I attempted to chain pax and penet together. But that resulted in unexpected userids, not duplicate messages. And if an unexpected userid occured, then it would show in the message to cypherpunks from penet, assuming an5877 would say that that isn't his normal pseudonym. From what I understand, if someone does not have a penet id and uses penet to send to this list, that someone will be allocated a penet id, and allocation will be sent back to the original sender. Then, mail to penet with the remailing request to this list will show up as originating from the pseudonym established. So how in the world is Chael's remailer getting hold of the messages and forwarding them to this list? I know a few times in the past I've received mail addressed to me and the list (cc: cypherpunks@toad.com) and I've replied without noticing the cc: header, so my reply showed up in both places (now I try to look for the carbon copy header and delete it out!). But an5877 says that the header only contains the header he specified. Now Chael wrote the remailer software himself (is this true?) and I think he said there were several remailing request specifiers, one of which is X-Anon-To: user@host - the same one penet uses. So maybe an5877 is replying to messages with this header: To: anon@anon.penet.fi X-Anon-To: cypherpunks@toad.com Cc: nowhere@bsu-cs.cs.edu (If the header were this obvious, then I'm sure an5877 would catch it. But sometimes extra stuff shows in the header, like message id's, etc. so the cc: is hidden a bit) Then, the nowhere remailer would dutifully resend the message as instructed in the X-Anon-To: header. Of course, to get the cc: nowhere@bsu in the header in the first place would indicate that an5877 did try to use it at some point - for the original message? Well, its a bit far-fetched, but it does explain what is going on. /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Tony Kidson Date: Tue, 23 Feb 93 05:21:08 PST To: cypherpunks@toad.com Subject: Re: anon.penet.fi hacking Message-ID: <2497@morgan.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain One reason the list has been so busy is that DEADBEAT's messages seem to be being posted both through penet and through a cypherpunks remailer. Tony +-----------------+-------------------------------+--------------------------+ | Tony Kidson |`morgan' is an 8MB 486/33 Cat-| Voice +44 81 466 5127 | | Morgan Towers, |Warmer with a 670 MB Hard Disk.| E-Mail | | Morgan Road, |It resides at Morgan Towers in| tony@morgan.demon.co.uk | | Bromley, |Beautiful Down Town Bromley. | tny@cix.compulink.co.uk | | England BR1 3QE |Honda ST1100 ==*== DoD# 0801 | 100024.301@compuserve.com| +=================+===============================+==========================+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Tue, 23 Feb 93 09:38:43 PST To: Cypherpunks Subject: Doubled penet messages Message-ID: <930223173029_74076.1041_DHJ36-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain I see what's causing the double messages from Deadbeat. Penet puts an X-Anonymously-To: cypherpunks@toad.com into the header that it sends. (I'm not sure why it has to do this; isn't this redundant with the "To:" header?) The cypherpunks mailing list rebroadcaster keeps this header. The mailing list goes to Chael Hall's remailer. That remailer sees the X-Anonymously-To line in the header and thinks this message is a remailing request. (The other Cypherpunks remailers uses a different header line for their remailing requests.) That remailer then obediently sends the mail to Cypherpunks, and so we get two messages. Either Chael's remailer should not accept X-Anonymously-To as its remailing request, or Penet should not put X-Anonymously-To into the outgoing message headers. Perhaps this would be a good time to standardize the supported set of headers for remailing requests. Hal From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: eggo@STUDENT.umass.edu (Bullet in the Head) Date: Tue, 23 Feb 93 09:43:18 PST To: cypherpunks@toad.com Subject: Finding Mac PGP software? Message-ID: <9302231740.AA09941@titan.ucs.umass.edu> MIME-Version: 1.0 Content-Type: text I'm sure this is a FAQ, but can anyone point me to an FTP site where I can obtain PGP for the Macintosh? Does such a beast exist? Thanks for your time. +- eggo@titan.ucc.umass.edu Eat Some Paste -+ +- Yorn desh born, der ritt de gitt der gue, -+ +- Orn desh, dee born desh, de umn bork! bork! bork! -+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Anonymous@cs.Buffalo.EDU Date: Tue, 23 Feb 93 09:55:59 PST To: cypherpunks@toad.com Subject: two copies of deadbeat's mail... Message-ID: <9302231754.AA16626@armstrong.cs.Buffalo.EDU> MIME-Version: 1.0 Content-Type: text/plain Attention deadbeat... I'm getting two copies of your postings to cypherpunks from both anon.penet.fi and from nowhere@bsu-cs.bsu.edu. One copy is enough. Thanks. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "L. Detweiler" Date: Tue, 23 Feb 93 12:03:18 PST To: CYPHERPUNKS Subject: dispatches from the front lines of anonymity In-Reply-To: <930223022107_74076.1041_DHJ66-1@CompuServe.COM> Message-ID: <9302232001.AA01786@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain A few notes on the progress in anonymity: Eric Hughes suggests an alt.whistleblower with localized anonymizing. I like this, but I don't see how NNTP provides it. Wouldn't every server have to be modified or upgraded to support anonymizing? It would be trivial but I think we will find that the people in charge of NNTP are looking for ways to increase authentication and validation mechanisms, and would be hostile to the idea, althought that's definitely the place for it. As I hinted in an earlier message, the possibility of a centralized moderator stripping addresses, while already currently supported in the software mechanisms, is problematic because it is a single location with all the traffic--hence the need to go through independent anonymous servers first. But I think the localized header-stripping is totally superior to all this. Having a message bounce around a net a bit with *real* information is very vulnerable, when the ID could be stripped off at the source. Regarding the alt.whistleblower group, someone has proposed starting a .gov hierarchy on news.admin.policy very recently, and I sent along the proposal to him. Watch for new RFCs and vote with your email. For now I think the route to go is to get a group and let independent servers take care of anonymizing the traffic. Maybe the moderating address could pick a random remailer from a list of active ones--? I'd like to say a few things about what's going on in news.admin.policy right now. The thing has turned into quite a conflagation. But most notable is that Julf@penet has broken his silence on the really voracious drubbing he's getting, and come forward to say that he has taken actions against abusive posters, and is under severe amounts of stress--he said he spends 5 hrs some days answering email (administrative queries?) on the server. In one case an abusive poster crashed his system by mailbombing (filling it up with junk). K. Kleinpaste, who wrote original scripts that julf is using, IMHO is at best a hypocrite and at worst a traitor to the cause. He has attacked julf repeatedly on news.answers (most recently calling him a `bastard') for not implementing the `fire extinguisher' (killing abusive posters) or restricting group access, or using his own software for any of these purposes, despite originally providing it. In private email to him I find him very authoritarian and narrowminded on issues of anonymity and am frankly quite stunned he ever partook in the project. I think history will show very clearly that the great and tremendous popularity of the penet server (10,000 users in a few months) is due *precisely* to julf's decision to allow postings to all groups. Anyway, if ever there was a call for other server operators (not just account remailers)--this is it. We need people with as much control over their own site as possible. Stuff that is running without the knowledge of sysadmins at the site is great for experiments but its just not going to cut it for some very serious future uses that are approaching at the speed of light. Also, if anyone from EFF is listening, I think this could turn out to be one of the most important net.issues over the coming years. How about an EFF sponsored server? I suspect, if anybody did a fairly impartial study, instead of all the ranting and prejudice that is going on right now in news.admin.policy, that anonymous abuse is not extremely problematic or unmanagable compared to regular phantom/untraceable postings on Usenet. People are so vocal about `abuses' right now, but only because they tend to be highly visible. The anonymity is a red herring here. If julf@penet has 10,000 anonymous users, do we now have 10,000 times the problems on Usenet in general? Or *any* measurable fraction more than previously? I think this anonymous use is getting very high use right now. We are right in the midst of a major trend toward greater anonymized traffic. Stats on news.lists show that a lot of traffic is starting to get anonymized, traffic that was once (previously, probably) simply forged. They'll be plenty of people complaining from upset status quo. Tell them to take some virtual alkaseltzer. - - - I apologize for not bringing this to the attention of the list earlier, as it sort of seems to be a recent epiphany on the list, but julf@penet told me he added the password protection precisely for the forgery questions that are popping up. Also, something to note on forgery is that the forger may not necessarily *know* a person has an anonymous mail address on a given server, and the forgery may result in allocating a new anonymous ID for the forged address. The forger can tell the difference if the message simply goes through or he gets back a `you have been allocated xxx ID..' Also, note the simple scheme of serially allocating anonymous ID's could be a problem. If the infiltrator knows the rough date that someone was allocated a new ID, he could narrow down the range of IDs. For this reason randomly allocated IDs is a better idea. The infiltrator could even go around to new accounts all the time (or forge them) to get an idea where the server is in the allocation cycle. It seems to me that there are probably a lot of ID's that are not being used on these servers and the issue of when to get rid of old ID's is a big problem. Regarding some notes from Mr. Finney: >You have these security threats which involve people being tricked into >sending messages through the remailer in such a way that the recipient >knows the true email address from where the messages are coming. These are completely analogous to users being tricked into supplying passwords in regular login situations. Not a new problem. And anybody who hasn't figured out that you should *never* put any identifying information in the message itself is probably a little too clueless to be using the service in the first place. However, the idea of giving a warning in the use introduction is ok: ``under NO CIRCUMSTANCES EVER DO THIS'' type thing. >Another problem that people have complained about is when they respond >to an anonymous posting, they get a message from Penet saying that they >now have an anonymous ID assigned. This confuses and bothers some people. Tell them to try not to be so sensitive that a breeze causes themselves to panic. Its a new scheme but they need to get used to it. They can throw off the anonymity voluntarily any time they want by just including their ID in their message. But they shouldn't do this if they ever want to use the server in the future. Really, all this comes down to is that they get one extra reply in their mailbox other than usual--the one from the server saying `you now have this ID'. I think most people are recognizing that people complaining about this are just trying to be troublesome. The argument was called `pedantic' on news.admin.answers. >Evidentally >there is positive harm that can occur by automatically anonymizing >all messages which pass through a remailer. The problem is that the anonymity is implicitly requested by a message to the server. Hence replies are getting this anonymity. One possibility is an override switch in the header that leaves it entirely intact and the server just acts like another hub forwarder. But what is this `harm'? We have to recognize these complaints as completely frivolous and without merit. Please, don't find a problem where there is none, you will only complicate simplicity. One thing I'd like to see that no one has done is an `unlink' feature for servers that carry address alias tables, so the user can erase all trace of any previous transactions through the server (other than the mail). But maybe this is too close to the hit-and-run abuse out there. Maybe there is a compromise somewhere, like a waiting period before unlinking, during which complaints can be registered and possibly prohibit future use. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fnerd@smds.com (FutureNerd Steve Witham) Date: Tue, 23 Feb 93 21:33:09 PST To: cypherpunks@toad.com Subject: Re: Crypto goals Message-ID: <9302231806.AB16915@smds.com> MIME-Version: 1.0 Content-Type: text/plain >How about making a list of features we want, and/or a list of scenarios >we want to be able to handle? >... > executable but non-disassemblable code [is it possible?] >... >Have I missed anything? > >-- Marc Ringuette (mnr@cs.cmu.edu) Encrypted computing. This is even harder than non-disassemblable code. The idea is that you couldn't even tell what happened to the data if you watched it compute, tried again with slightly different inputs, etc. I've heard that some restricted sort of encrypted computing is possible with an exponential time cost! The main application I have in mind is a mix that would be trustworthy even if it was run by your worst enemies with the best computers in the world. This seems impossible but I don't have proof. -fnerd fnerd@smds.com (FutureNerd Steve Witham) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Anonymous) Date: Tue, 23 Feb 93 10:14:17 PST To: cypherpunks@toad.com Subject: No Subject Message-ID: <9302231810.AA09342@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain In-reply-to: DrZaphod's message of Tue, 23 Feb 1993 02:55:22 -0600. <10525.drzaphod@ncselxsi> -----BEGIN PGP SIGNED MESSAGE----- > I was just going to ask about that.. I've gotten the same message from > DEADBEAT about 4 times.. I don't think I'm to blame for this. I think the problem is with the "nowhere@bsu-cs.bsu.edu" remailer. DEADBEAT -----BEGIN PGP SIGNATURE----- Version: 2.1 iQBFAgUBK4pTXvFZTpBW/B35AQGOngGAuhLA0SX22r0UVC9kMVfK31SjSSrCLc5k +bRhYyMZXyQ/TfneslZ4/mIh/xAPD4MB =V7Fj -----END PGP SIGNATURE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help@anon.penet.fi. Due to the double-blind system, any replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin@anon.penet.fi. *IMPORTANT server security update*, mail to update@anon.penet.fi for details. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Timothy Newsham Date: Tue, 23 Feb 93 15:46:40 PST To: cypherpunks@toad.com Subject: scheme Message-ID: <9302232346.AA19000@toad.com> MIME-Version: 1.0 Content-Type: text/plain I posted this to sci.crypt, I would also like the opinion of the people on this list: --------------------------------------- I have posted about this before, but this time I decided to whip up some code so you can all see what I'm talking about and all the details. This encryption scheme uses XOR to encrypt data 1 character at a time. Because of this it is suitable for protocols where you need to send single bytes (or less) at a time. Examples of this would be interactive ascii. Also it is easily applicable to crippled lines like 7 bit lines. This is because if the plaintext is 7 bits you can send just the 7 bits after the XOR. Even more general you can use it to encrypt any size at a time, down to single bits if you just have 1 bit to send immediately and dont want to wait for more data to become applicable. Ok. So what are its disavantages? Syncronization, as soon as synchronization is gone thats it, its all over. Each block of 'pad' is generated from previous plaintext, if you cant figure out the previous plaintext you are lost. Notice it uses a hash() function, this could be anything, ie DES, or perhaps a one way function (no unhash() is ever needed). The algorithm is fairly simple, the beginning is a bit wierd and could have been done several ways. The first 8 bits in this implementation are used for synchronization. prog -e key file2 prog -d key file3 ok.. here it is.. poke holes in it. What are the weaknesses, is it totally unsecure? Is it as secure as the hash function (ie. if DES was used, is strength equivalent to the strength of DES?) -------------cut here--------------------------------------------- #define SIZE 8 #ifdef MEMCPY #define bcopy(s,d,l) memcpy(d,s,l) #endif usage(s) char *s; { printf("%s [-e|e|-d|d] key\n",s); exit(1); } main(argc,argv) char **argv; int argc; { char data[SIZE],pad[SIZE],c[1],c1[1],*p,key[SIZE]; int cnt,encrypt=0; if(argc!=3) usage(argv[0]); for(cnt=0;cnt0) { /* read characters, send them with our pad */ /* every time we run out of pad, we make new pad */ /* by hashing old data */ *c1 = *c ^ pad[cnt]; if(encrypt) /* data is the plain text always */ data[cnt]=*c; else data[cnt]=*c1; write(1,c1,1); if(++cnt==SIZE) { cnt=0; bcopy(data,pad,SIZE); hash(pad,key); } } } /* provide a block of random bits */ blkrand(block,len) int len; char *block; { srand(time(0)); while(len--) *block++ = (rand() >>7)&0xff; } /* hash a block, could be DES, or even a one way function */ hash(block,key) char *block,*key; { char b2[SIZE]; int i=SIZE; while(i--) b2[i] = *block++ ^ *key++; bcopy(b2,block,SIZE); } From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Anonymous) Date: Tue, 23 Feb 93 10:34:52 PST To: cypherpunks@toad.com Subject: No Subject Message-ID: <9302231831.AA12396@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain In-reply-to: Johan Helsingius' message of Tue, 23 Feb 1993 10:14:27 +0200. <9302230933.aa20090@penet.penet.FI> -----BEGIN PGP SIGNED MESSAGE----- > Well, then, how *should* anon.penet.fi operate? I really am open to > suggestions... I'll restrict my comments to anonymous email, but the application to anonymous USENET posting is analogous. I'll ignore messages of the sort From: Alice To: anon@anon.penet.fi X-Anon-To: Bob X-Anon-Password: zzz since it's clear that Alice's identity should be concealed in this case. The problem we're dealing with is the message of the sort From: Alice To: Bob Should the remailer expose Alice's identity in the message that it forwards to Bob? If it does so blindly, Alice's anonymous identity is subject to accidental exposure. If it does not conceal Alice's identity, then certain expectations of anonymity might not be realized (according to Johan). Here's a way out that will satisfy me and Johan: assign Alice a new pseudonym here and now, one that will be good for replies only. If Alice has registered with the remailer in the past, i.e., if she has a password, then she knows how to X-Anon-To:, but has opted not to. If she has not registered, then it is also appropriate to assign her a new ID. However, should she later register, I suggest she be given a new, permanent, password-protected ID, just in case her earlier reply inadvertently exposed her real ID (in the way we have been discussing). In essence, I'm suggesting that the Finnish remailer have two classes of anonymous IDs, one that is password protected, and one that is not. The former should never be used without the X-Anon-Password header. DEADBEAT P.S.: Another suggestion I would make is that the remailer _not_ strip In-Reply-To: headers. -----BEGIN PGP SIGNATURE----- Version: 2.1 iQBFAgUBK4pRavFZTpBW/B35AQGC2AF/Q+LZt6T+SupvLftQom7xlon7+8LOGLpX bSy1lT0XEyzPQ1nwCDGOr0+MF9KdwPEO =AoKd -----END PGP SIGNATURE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help@anon.penet.fi. Due to the double-blind system, any replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin@anon.penet.fi. *IMPORTANT server security update*, mail to update@anon.penet.fi for details. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Tue, 23 Feb 93 13:33:18 PST To: cypherpunks@toad.com Subject: Congratulations to All! Message-ID: <9302232131.AA17884@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain With all the volume on this list, and the controversy over "Deadbeat" (in both his/her content and the multiple postings), and the flame wars (not here, of course!) over the anonymous postings, I wanted to say a few things. I'll be brief. * Congratulations to all on the amazing progress being shown. The "problems" are themselves valuable learning experiences, spurring on new developments and forcing important issues to the fore. * The escapades of "Deadbeat" are especially valuable, as weaknesses are revealed and fixes are implemented. The sociology of anonymous systems is a largely unexplored territory. (From the phrasing he uses, "Deadbeat" seems to be one of our regular posters, and is clearly not some malicious outsider intent on destroying our system--and even if so, he's still doing us a service!). * Our own Lance Detweiler posted to sci.crypt a very long and excellent summary of anonymous mail, remailers, and general issues. It is still there, titled, "IDENTITY, PRIVACY, and ANONYMITY on the INTERNET." I'm surprised it hasn't been mentioned here more often. In fact, it ought to be posted to _this_ list, in case someone isn't reading sci.crypt (that's hard to believe, though). Others, like Hal Finney, have also posted recent summaries of remailers. * The "whistleblower" group idea is a good one, as is the "pools" idea. The whistleblower application is already in use via a modem system in Washington (I saw this mentioned about a year ago...I can dig up the details, maybe), though not using any form of crypto anonymity. I confess to having similar ideas some time back, which I mentioned at the first physical Cypherpunks meeting, in September, though I completely missed the importance in terms of _public relations_. In other words, I think it's a great idea. (The obvious benefits of an anonymous whistleblower group will make it hard for government types to object. Even if a lot of "noise" is posted (spurious claims, rumors, etc.), the exercise will be beneficial. And journalists who begin to dip into such a group for possible articles, will thus become educated themselves.) * The actions of the "*.army.mil" guys may have also spurred on some of our activists. What Kelly Goen is proposing to do--spreading these crypto anarchy methods to other politically active groups--is also a wonderful development. * It seems we are getting lots of newcomers to the list (though I keep seeing cancellations posted to the general list, too!). It might be nice to hear from them about their reactions. And perhaps Eric Hughes could occcasionally summarize list statistics, as he did several months back. For example, how many are now on the list? How many "*.mil" sites? Etc. * The recent interest by "Mondo 2000," "Wired," and "The Village Voice" in Cypherpunks activity and in digital privacy in general suggests we are doing something quite important and interesting. * All in all, I think amazing progress is being made. -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc.Ringuette@GS80.SP.CS.CMU.EDU Date: Tue, 23 Feb 93 10:56:17 PST To: cypherpunks@toad.com Subject: anonymous return addresses Message-ID: <9302231856.AA13893@toad.com> MIME-Version: 1.0 Content-Type: text/plain The recent penet troubles are a reminder that secure anonymous return addresses are a lot harder than secure anonymous mail with no return capability. Maybe it's time to go over the options available to us for anonymous return? 1. Remailer memorizes a pseudonym. I don't like this, mainly because it leaves the remailer operator vulnerable to pressure to reveal the correspondence between real and anonymous id's. It also opens up about a million possible security holes, as we've noticed. 2. The anonymous message includes a cryptographic "stamped self-addressed envelope" which contains a layered list of remailer addresses encrypted at each layer. This requires modified behavior of remailers; they must be willing to "unwrap" an address-list separately from the message body, and then "wrap" the entire message with the destination's public key, in order to disguise the correspondence between input and output. I think this has been discussed here before. Has anyone implemented it? I strongly suggest that this method be implemented in the cypherpunks remailers. Let's call it the SASE feature. What do you think? 3. The reply to an anonymous message can be posted in a public place encrypted for a key known only to the sender. Have I missed any important methods? -- Marc Ringuette (mnr@cs.cmu.edu) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: covin@cs.uchicago.edu Date: Tue, 23 Feb 93 12:22:27 PST To: cypherpunks@toad.com Subject: Digital Money/Anonymous mailing: an idea Message-ID: <9302232021.AA03088@zinnia.uchicago.edu> MIME-Version: 1.0 Content-Type: text/plain I haven't yet read enough on digital money to know the intricacies, but here's a possible use (note that a variant of this is possible *now*, due to the extremely insecure way that credit card charges are handled): If a good way of implementing digital cash were found (maybe it has been?), it would be possible to operate a truly anonymous *commercial* remailer. You send the remailer a message, encrypted by its public key, containing the message you want re-sent, the destination, and *payment for the service*. For hit&run anonymity the remailer doesn't even need to ever know who you are... The main advantage of this is that it would allow someone to run a remailer without having to fund it out of the goodness of their heart... It's a valuable service, and I'm sure there's a market... Also, it would provide a *real* use for digital cash, thus starting the ball rolling on that... Comments? -David From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Chael Hall) Date: Tue, 23 Feb 93 11:43:33 PST To: cypherpunks@toad.com Subject: Remailer FIXED! Message-ID: <9302231940.AA20219@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain Dearest Cypherpunks, I am really sorry about the remailer problem. It is unique to the configuration of anon.penet.fi and nowhere@bsu-cs.bsu.edu. In conjunction, they caused all of the anonymous postings to cypherpunks to be echoed. Anon.penet.fi inserts the "X-Anonymously-To" header field into outbound messages. Nowhere@bsu-cs.bsu.edu searches for "X-Anonymously-To" header fields and auto-remails to that address. I just changed the program so that the only header fields it will respond to are "X-Anon-To" and "Request-Remailing-To." Personally, I think that anon.penet.fi should use a different name than X-Anonymously-To *or* put it at the end of the message instead of within the header. I admit that my remailer was "broken" in the terms of others, so I have fixed it. This problem would have been fixed sooner if I had realized what was going on, but since I foolishly thought I didn't need to keep logs for my remailer anymore, I never saw the incoming messages, just the ones that cypherpunks@toad.com mailed back to me with *my* account name on them. I am terribly sorry for the inconvenience. Chael Hall -- Chael Hall nowhere@bsu-cs.bsu.edu, 00CCHALL@BSUVC.BSU.EDU, CHALL@CLSV.Charon.BSU.Edu (317) 285-3648 after 5 pm EST From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Tue, 23 Feb 93 04:52:26 PST To: David Reeve Sward Subject: Re: Beware of anon.penet.fi message! In-Reply-To: Message-ID: <9302231407.aa21810@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > Perhaps a new header such as > > X-Anon-Doubleblind: yes|no > > defaulting to yes...? Sounds OK. Will implement it ASAP. Thanks! Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mbrennan@netcom.com (Michael Brennan) Date: Tue, 23 Feb 93 15:03:28 PST To: cypherpunks@toad.com Subject: RE>Congratulations to All! Message-ID: <9302232301.AA28595@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Reply to Message-Id: <9302232131.AA17884@netcom.netcom.com> from tcmay@netcom.com (Timothy C. May) > It seems we are getting lots of newcomers to the list (though I keep > seeing cancellations posted to the general list, too!). It might be nice to > hear from them about their reactions. Actually, I may (regretfully) be sending in my cancellation as well. This group is fascinating, but I find most of the discussion goes right over my head. Also, the mail generated is just too voluminous. I log into my netcom account by modem (and use Eudora to retrieve my mail). Yesterday I had about 40 messages from this list, today I had over 70! Whew!!! That's a lot of mail to retrieve by modem. What I'd really like to see is a digest form of this list. Also, for newcomers like myself a FAQ would be of tremendous benefit. > The recent interest by "Mondo 2000," "Wired," and "The Village Voice" in > Cypherpunks activity and in digital privacy in general suggests we are > doing something quite important and interesting. I'd say you're quite right about that. Keep up the great work! ------------------------------------------------------------------------------ Michael Brennan Internet: mbrennan@netcom.com Applelink: M.BRENNAN Compuserve: 76206,2462 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Chael Hall) Date: Tue, 23 Feb 93 12:48:41 PST To: ld231782@longs.lance.colostate.edu (L. Detweiler) Subject: Re: dispatches from the front lines of anonymity In-Reply-To: <9302232001.AA01786@longs.lance.colostate.edu> Message-ID: <9302232045.AA28686@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain >Also, note the simple scheme of serially allocating anonymous ID's >could be a problem. If the infiltrator knows the rough date that >someone was allocated a new ID, he could narrow down the range of IDs. >For this reason randomly allocated IDs is a better idea. The >infiltrator could even go around to new accounts all the time (or forge >them) to get an idea where the server is in the allocation cycle. It >seems to me that there are probably a lot of ID's that are not being >used on these servers and the issue of when to get rid of old ID's is a big >problem. Here's an idea.... What if I added anonymous ID's to my remailer such that the following would occur: Messages with "Command: Create ID" header field will result in a random ID being allocated to that user's account (if one does not already exist) and mailed to the account. Messages with "X-Allow-Reply: yes" header field (for example) will result in the user's anonymous ID being sent to the recipient in a header field (not From: because I do not have alias capabilities on this system). Messages with "X-Anon-To: " will get forwarded to the anon ID's actual address. This is a sort of on-demand reply mechanism. I could make flags on the anon ID's so that I can disable a user's ID, set send/reply privileges, etc. If a user wants to change his ID, he could send "Command: Change ID" or "Command: Delete ID" to the remailer. Then, I could either setup a waiting period, make it require manual attention, or make it automatically do as requested. Since the program is written in C, about half of this is trivial. Making it secure is the most difficult part. By default, of course, messages would have no reply ability. Any user who replies will send mail to me. They would have to specifically place the X-Anon-To header line with the person's anon ID into the message. On the other hand, I could institute a serial number scheme where each message receives a serial number. Replies to that message for the period of a week or a month or whatever I choose will be forwarded to the sender. Each one has a different serial number no matter who it came from. Of course, this would require both a self-maintaining cross-reference list and an extra header field and/or work on the part of the person who replies. I was wondering, what is the opinion on this list (just reply to me, so we won't clog up cypherpunks any more than we (my remailer) already have) as to whether or not I should append a footer to remailed messages saying "Remailed by: nowhere@bsu-cs.bsu.edu" or some such nonesense that will let the recipient know that I did not write the message. My software already supports footer files, but I haven't been using them. >One thing I'd like to see that no one has done is an `unlink' feature >for servers that carry address alias tables, so the user can erase all >trace of any previous transactions through the server (other than the >mail). But maybe this is too close to the hit-and-run abuse out there. >Maybe there is a compromise somewhere, like a waiting period before >unlinking, during which complaints can be registered and possibly >prohibit future use. I tried to incorporate this unlink idea of yours into my above proposal. The above is the way I understand your idea. Is this correct? Chael Hall -- Chael Hall nowhere@bsu-cs.bsu.edu, 00CCHALL@BSUVC.BSU.EDU, CHALL@CLSV.Charon.BSU.Edu (317) 285-3648 after 5 pm EST From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Tue, 23 Feb 93 13:08:34 PST To: CYPHERPUNKS Subject: anon.penet.fi fixes Message-ID: <930223205851_74076.1041_DHJ65-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain Eric Hughes suggests: > Currently to mail to person 1234 at penet, you send mail to > > anon1234@penet.fi > > This mail goes out anonymously from the sender, either using an > existing mail address or creating one. But if one were able to reach > person 1234 also with the email address, say, > > name1234@penet.fi > > the behavior could be _not_ to make this posting anonymous. > > To wit, the 1234 indicates that you are replying to a pseudonymous > recipient, and the anon/name pair indicate whether the sender is > anonymous. Thus no change in default behavior, and no new header > lines. I'd extend Eric's idea to say that mail to a non-anonymous address (like Deadbeat's postings to Cypherpunks) should be shown as coming from "name5877" rather than "an5877". Then when we gullibly sent our true email addresses to him, our Penet anonymous ID's would not be revealed (because the "reply" command would send to "name5877" which would prevent the double-blinding). But, what would we do for anonymous Usenet posts (assuming those are still allowed)? If they are shown as coming from "an5877" as they are now, then Deadbeat's trick would work via posting to Usenet. ("Please send your current email address for information on the latest..."). If they are shown as coming from "name5877" then users who are accustomed to the old way of working will find themselves not being anonymized when they thought they would be. Deadbeat suggests: > Here's a way out that will satisfy me and Johan: assign Alice a new > pseudonym here and now, one that will be good for replies only. If > Alice has registered with the remailer in the past, i.e., if she has a > password, then she knows how to X-Anon-To:, but has opted not to. If > she has not registered, then it is also appropriate to assign her a new > ID. However, should she later register, I suggest she be given a new, > permanent, password-protected ID, just in case her earlier reply > inadvertently exposed her real ID (in the way we have been discussing). > > In essence, I'm suggesting that the Finnish remailer have two classes > of anonymous IDs, one that is password protected, and one that is not. > The former should never be used without the X-Anon-Password header. A problem with this is that I would have to remember, for each different anonymous communicant I send to, whether I am using my "password" ID or my "non-password" ID. The difference would come down to what method was used when I initially began communicating with this person. If the initial contact was in response to mail they sent to my "real" email address, then I must remember to use the "non-password" ID for all succeeding communication, on the theory that they know my real email address. OTOH, if the initial contact was to my anonymous address, then I have to remember to use my "password" ID for all following communication, so that I don't accidentally reveal my "non-password" ID, which some people can link to my real address. From this point of view, part of the problem appears to be the desire to live in both worlds - the real world and the shadow world. It will be hard to keep track of which world each communication is in. Perhaps Deadbeat's and Eric's ideas could be combined, where mail to real email addresses would come from "name5877", and replies to such addresses would use the "non-password" ID. This might help people keep track of how to reply to each message. I still think there is a problem with how anonymous posts should be labelled, and how replies to such posts should be handled. Hal From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Tue, 23 Feb 93 13:08:41 PST To: CYPHERPUNKS Subject: anonymous return addrs. Message-ID: <930223205911_74076.1041_DHJ65-2@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain Marc.Ringuette writes: 2. The anonymous message includes a cryptographic "stamped self-addressed envelope" which contains a layered list of remailer addresses encrypted at each layer. This requires modified behavior of remailers; they must be willing to "unwrap" an address-list separately from the message body, and then "wrap" the entire message with the destination's public key, in order to disguise the correspondence between input and output. I think this has been discussed here before. Has anyone implemented it? I strongly suggest that this method be implemented in the cypherpunks remailers. Let's call it the SASE feature. What do you think? I do think this is worth trying. The current remailers will do the "unwrapping" but they won't "re-wrap" in the public key of the next remailer. This means that the incoming and outgoing messages can be easily matched up since the non-address portion is the same. I'll look into trying something like this. One issue is how the remailer finds the public key of the next one in the chain. The simplest way would be for it to simply try a lookup on its PGP keyring using the outgoing email address, and if it matches, encrypt it. You'd want a special PGP keyring for this which had only remailer keys on it. (Or, it might be interesting to encrypt _all_ outgoing mail (even to destinations) if we had a key for that outgoing address. This might increase the utilization of PGP, although users probably would complain!) Even if not every remailer did this, you'd still get pretty good security if several of them did. Hal From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tomj@fido.wps.com (Tom Jennings) Date: Tue, 23 Feb 93 16:11:12 PST To: cypherpunks@toad.com Subject: Law&Disorder (fwd) Message-ID: <9302240009.AA00948@fido.wps.com> MIME-Version: 1.0 Content-Type: text A friend sent this to me... MODERN TIMES is a good bookstore! They've got lots 'o tech stuff, like internet info... definitely worth checking out. Anyways, the firs tone (Feb) was "Navigating the Internet: a crash course" by Eric Theise. How-to email, gopher, etc. I didn't know about it in time. I think this could be a good crowd to bring up cypherpunk issues with a more social, less hardcore tech perspective... time to stop preaching to the choir! (It's taken a while to find the door leading out of the choir... :-) Tom Jennings > From jerod23@well.sf.ca.us Tue Feb 23 10:35:44 1993 > Date: Tue, 23 Feb 1993 10:34:18 -0800 > From: Jerod Pore > Message-Id: <199302231834.AA12863@well.sf.ca.us> > To: tomj@fido.wps.com > Subject: Law&Disorder > > > Something closer, cheaper and probably more interesting than CFP > > news.1174: Monthly cyberspace series begins at Modern Times > > news.1174.39: fork: Not enough memory (estheise) Mon 22 Feb 93 15:44 > > Here's the press release for show number 2: > > > Jacking In: A Monthly Series on Cyberspace Literacy presents > LAW AND DISORDER ON THE ELECTRONIC FRONTIER > > Computer and telecommunications technologies hold great promise for > individuals and society. Increased access to information can enhance > transborder commerce, informed political participation, community > development, and public health, education, and safety. > > But, between activities of questionable legality and the countermeasures > taken by private parties and law enforcement officials, these > technologies are raising fundamental questions about our notions of > privacy, property, freedom of speech, and freedom of assembly. > > Join us for a evening of provocative readings and presentations by: > > - Bruce Sterling, journalist, editor, and author of *The Hacker > Crackdown*, *Islands in the Net*, *Schismatrix*, and co-author (with > William Gibson) of *The Difference Engine* > - Mike Godwin, General Counsel, Electronic Frontier Foundation, leading > advocate for extending Constitutional protections to cyberspace > - John Draper (a.k.a. Cap'n Crunch), wanted by the FBI for phone > cracking in the '60s, working to promote data encryption in the '90s > - Mitch Ratcliffe, Editor at Large, MacWEEK, and cofounder of This!Group, a > northern California organization working to publicize the benefits and > dangers of a highly-networked information society > - Bruce Koball, General Chair, Third Conference on Computers, Freedom > and Privacy, being held March 9-12, San Francisco Airport Marriott > > Sunday, March 7th, 7 pm > $3-$5 sliding scale > Modern Times Bookstore > 888 Valencia (19th/20th) > San Francisco, CA 94110 > (415)282-9246 -- Tom Jennings / tomj@fido.wps.com / World Power Systems / San Francisco CA From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Tue, 23 Feb 93 15:27:21 PST To: cypherpunks@toad.com Subject: Newbie comments. Message-ID: <9302232326.AA26860@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain I've been listening to this list quietly for about 2 weeks. Althought the signal to noize ration as been a bit low lately, ;^) it's been very interesting. I like the idea of alt.whistle.blowers, and support anything that promotes privacy, and Constitutional rights. But I have a (newbie?) question. Isn't it true that, at the network level, it is still possible to tell where a message came from and where it's going. That is, given the proper motivation, couldn't "and entity" sniff out all of this information and find out which machine a particular message came from. And from logs at that machine, which The Entity naturally has access to, It could find out who send the message. Just wondering..... Major suggestion: We need a FAQ! Well, that's about it. I'm still trying to get up to speed with pgp. +----------------------+----------------------------------------------------+ | J. Michael Diehl ;-) | I thought I was wrong once. But, I was mistaken. | | +----------------------------------------------------+ | mdiehl@triton.unm.edu| "I'm just looking for the opportunity to be | | Thunder@forum | Politically Incorrect! | | (505) 299-2282 | | +----------------------+----------------------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mark@coombs.anu.edu.au (Mark) Date: Mon, 22 Feb 93 22:29:37 PST To: cypherpunks@toad.com Subject: Re: Unbreakable MacHD encryption Message-ID: <9302230628.AA10278@coombs.anu.edu.au> MIME-Version: 1.0 Content-Type: text/plain I have used a product in the past called Hard Disk Deadbolt. It has from memory three encryption methods; quick-and-nasty hard-disk-deadbolt's-own (no idea on the security of this one) and DES. The first is fastest for stuff you dont want anyone to read but isnt super secret, whilst DES takes the longest. I liked the package all things considered. It was friendly, files didnt change size and it was speedy enough for my uses. Availability is unknown at this stage, ask in comp.sys.mac.* if you want. Mark mark@coombs.anu.edu.au From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 23 Feb 93 18:49:18 PST To: cypherpunks@toad.com Subject: dispatches from the front lines of anonymity In-Reply-To: <9302232001.AA01786@longs.lance.colostate.edu> Message-ID: <9302240246.AA03185@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >Eric Hughes suggests an alt.whistleblower with localized anonymizing. I >like this, but I don't see how NNTP provides it. Wouldn't every server >have to be modified or upgraded to support anonymizing? In an already supported sense, yes. As I understand it, when a moderated group is created, an email address for the moderator is propagated with it. So every time a moderated group is created, every server already is "modified". But the anonymity does not take place in NNTP. The news server mails every posting to the moderator's address. The header filtering take place on that machine, unbeknowst to the original NNTP server. I hear that this mechanism didn't used to work reliably, but that it now basically does. Comments? In addition, the direct mail address should be advertised independently, so that those without easy access to Usenet news can still use the system. >[...] I think we will find that the people in charge of NNTP are >looking for ways to increase authentication and validation mechanisms, The way to forge a posting to alt.whistleblower would be to post with your real address in it! That's not exactly a positive feedback loop for the outlaw. > [...] a centralized moderator stripping addresses, [...] is >problematic because it is a single location with all the traffic Granted. Thus the need for a periodic posting stating exactly what the security level of the system is. >But I think the localized header-stripping is totally superior to all >this. Agreed. That's why you publish the newsgroup entry point. Then a more sophisticated whistleblower could use a remailer chain to get to the access point. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Derek Atkins Date: Tue, 23 Feb 93 15:53:46 PST To: J. Michael Diehl Subject: Re: Newbie comments. In-Reply-To: <9302232326.AA26860@triton.unm.edu> Message-ID: <9302232352.AA05451@toxicwaste.MEDIA.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain > But I have a (newbie?) question. Isn't it true that, at the network > level, it is still possible to tell where a message came from and > where it's going. That is, given the proper motivation, couldn't "and > entity" sniff out all of this information and find out which machine a > particular message came from. And from logs at that machine, which > The Entity naturally has access to, It could find out who send the > message. Just wondering..... That is the point of encrypted, anonymous remailers. Since the message is encrypted, it looks like a random set of bits. If it gets re-encrypted at every stage, then the remailers can add random bits of data to change the size. They already change the headers. So, the only thing left to worry about is a FIFO problem. But that is easily solved. So, here is what happens: A message comes into a remailer (actually, a bunch of messages do, but that's not important). It comes in encrypted, so you can't read the message. The headers are stripped off in the remailer and the message is re-encrypted, so the data changes. If it gets stored an arbistrary length of time, and the outgoing order is different than the incoming order, than there is no way to figure out which message came from or went to where. There is a lot more to this, and a lot of other problems that need to be solved, but this is it in a nutshell. I hope it answers your question. I'm sure people will correct any mistakes I inadvertantly left in. -derek PGP 2 key available upon request, on the key-server: pgp-public-keys@toxicwaste.mit.edu -- Derek Atkins, MIT '93, Electrical Engineering and Computer Science Chairman, MIT Student Information Processing Board (SIPB) MIT Media Laboratory, Speech Research Group warlord@MIT.EDU PP-ASEL N1NWH From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mark@coombs.anu.edu.au (Mark) Date: Mon, 22 Feb 93 23:54:15 PST To: cypherpunks@toad.com Subject: anon.penet.fi remailers Message-ID: <9302230753.AA18385@coombs.anu.edu.au> MIME-Version: 1.0 Content-Type: text/plain >For example, if at any time, Alice sends pseudonymously to Bob, Bob can >not reply directly: this would expose his identity at anon.penet.fi. >Bob must reply through a remailer. > >Note the irony -- Bob must take special steps to protect his pseudonym >because anon.penet.fi is acting affirmatively to conceal his actual >identity. If Bob slips up and simply replies, he is exposed. This, unfortunately, is true. I *have* to use a remailer to hide any anon.penet.fi alias I have or the sender will see it and know I am (for eg) anon1234@penet. I balk at Yet-More-F******-Header-Lines (YMFHL) but a _possible_ patch is to have a: X-Show-My-Anon: yes|no (in the header), or: :: X-Show-My-Anon: yes|no (in the body) addition so people who reply to a message from penet can feed their real email address through the system rather than having it bounced to the recipient as their anon id. This would require either a smart mailer, checking exactly who the orig letter was addressed to (your anon or your real address) and inserting the line as appropriate. It *should* be automatic actually. All it has to do is check a local list of your anon addressed and if someone has mailed it then alter the above line as needed. This raises question of the security of local lists of your anon addrs of course.. but you get the idea.. Comments? (BTW I saw someone's .sig where they *advertised* their anon id on USENET. Presumably this was because he thought thats what you had to do so others could email them anonomously... obviously he wont be a whistle blower :) Mark mark@coombs.anu.edu.au From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 23 Feb 93 19:00:22 PST To: cypherpunks@toad.com Subject: anonymous return addresses In-Reply-To: <9302231856.AA13893@toad.com> Message-ID: <9302240257.AA03919@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Re: options for anonymous return Marc writes: > 1. Remailer memorizes a pseudonym. > 2. The anonymous message includes a cryptographic "stamped self-addressed envelope" which contains a layered list of remailer addresses encrypted at each layer. > 3. The reply to an anonymous message can be posted in a public place encrypted for a key known only to the sender. >Have I missed any important methods? A variant of (1) greatly increases the security. Have the remailer memorize an anonymous return address of type (2). The information that is contained in a remailer then, per pseudonym, is a. the pseudonym b. the address of the next remailer to use c. a block of stuff to be prepended to the outgoing mail. Presumably this is forwarding instructions for the next remailer. It would also be encrypted with the public key of the next remailer. Thus, even if the whole pseudonym mapping list were compromised, it would only reveal a list of sites to try and compromise next. And at some point the private remailer keys have to be compromised as well, since all the remailing instruction are encrypted with them. This system can also be chained, creating "routing pseudonyms" on various remailers and encrypted instructions pointing one pseudonym to another. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Tue, 23 Feb 93 12:35:15 PST To: Anonymous Subject: Re: In-Reply-To: <9302231537.AA28187@bsu-cs.bsu.edu> Message-ID: <9302231817.aa23700@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > > Neither do I. But many of the users of anon.penet.fi are > > not very computer-and-email-literate, and they have been using other > > services, providing double-blind. Unfortunate, but too late to change now.. > . > > Can you elaborate on those other services? The Finnish remailer is the > only one I'm aware of. The operating principles (and the early code) was copied from the general service Karl Kleinpaste was running at godiva. There has been two long-running servers serving some alt.* groups (alt.sex.*, alt.sexual.abuse.recovery) for years. > Also, I'm confused about these "not very computer-and-email-literate" > users -- aren't they forced to use an X-Anon-Password header? No. Not until now. And you can still post withaout it, and answer anonymous mail without it, and of course set the password to "none", disabling passwords altogether. > I'm surprised there hasn't been more ruckus about the default > behavior. There must be many folks whose identities have been > inadvertantly exposed. I know, looking at the error messages and missent mail, that there would have been hundreds of persons exposed without the default double-blind. > > What we can do is to provide better ways for those who *are* computer > > literate enough to use extra headers etc. > > I don't think this will help. With my mail environment, I have to go > to lengths to send an anonymous message, concocting X-Anon-To and > X-Anon-Password headers. It's worth the effort, since this helps to > preserve the secrecy of my pseudonymous identity. > > But the first time I mess up, and send an unfettered message to an > anon.penet.fi client, I am unmasked. No, once you set a password, the server won't let your message through unless it's OK! > And I still don't understand how the unfettered message gets past the > X-Anon-Password filter. Can you elaborate? I don't understand your question. Sorry, my english isn't what it ought to be... > > But in this case I feel the principle of least astonishment is overruled > > by the principle of least risk of accidental exposure. > > I think the risk of accidental exposure is heightened by the default > behavior of the Finnish remailer. Maybe we're using the same words to > describe different things. I beg to disagree. > > I think that hornet's nest needed to be kicked. But I am also > > disappointed that not enough people defend the need for anonymity in > > places like news.admin.policy. > > Some of us gave up on USENET policy long, long ago. Personally, I stick > to the alt.* groups. Right. Unfortunately. Because had you followed the discussion in news.admin.policy you would have realized thet sticking your head in the bush isn't going to help. Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Tue, 23 Feb 93 12:35:12 PST To: Anonymous Subject: Re: In-Reply-To: <9302231626.AA01332@bsu-cs.bsu.edu> Message-ID: <9302231822.aa23742@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > > There has been a lot of discussion about this, and I'm afraid it's too > > late to change the *default* behavior now... > > Why? It seems to me the X-Anon-Password header was a pretty major > change, yet you made that change to preserve people's pseudonymous > identities. The instant challenge is just as grave, don't you think? It still didn't affect much of the functionality. You can still post, and mail to anXXXX users without knowing anything about passwords or X-Anon headers. And you only need to set your password to "none" to get the old behaviour. Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Tue, 23 Feb 93 12:36:02 PST To: Hal <74076.1041@compuserve.com> Subject: Re: Beware of anon.penet.fi In-Reply-To: <930223165258_74076.1041_DHJ23-1@CompuServe.COM> Message-ID: <9302231843.aa23893@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > I'd like to verify that > > X-Anon-Doubleblind: no > > would mean that no X-Anon-Password would be needed with the message. X-Anon-Doubleblind: no would imply that the message goes straight thru, without any checks, stripping, or anything to the intended anonymous user. > I am confused about the exact rules that Penet uses to decide when a > password must be given. I get the impression that if no password has been > registered, anonymous posting and mailing to non-anonymous addresses is > forbidden, but you can still mail to anonymous addresses. If a password has > been registered, you must give it to do any of these three things. Is this > right? Right, except that if you don't register a password, you can still post. And if you set the password to "none" no password is needed for anything. Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Tue, 23 Feb 93 12:36:33 PST To: Eric Hughes Subject: Re: Beware of anon.penet.fi message! In-Reply-To: <9302231728.AA20762@soda.berkeley.edu> Message-ID: <9302231921.aa24595@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > Currently to mail to person 1234 at penet, you send mail to > > anon1234@penet.fi > > This mail goes out anonymously from the sender, either using an > existing mail address or creating one. But if one were able to reach > person 1234 also with the email address, say, > > name1234@penet.fi > > the behavior could be _not_ to make this posting anonymous. > > To wit, the 1234 indicates that you are replying to a pseudonymous > recipient, and the anon/name pair indicate whether the sender is > anonymous. Thus no change in default behavior, and no new header > lines. A great idea, Eric! Thanks! Oh, a minor correction, it`s an1234, not anon1234. So in the name of symmetry the non-anonymous path should be na1234. Now we only have to fight about what the From: line in anonymous messages ought to say, an1234 or na1234? Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Tue, 23 Feb 93 12:36:32 PST To: Hal <74076.1041@compuserve.com> Subject: Re: Doubled penet messages In-Reply-To: <930223173029_74076.1041_DHJ36-1@CompuServe.COM> Message-ID: <9302231927.aa24699@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > Penet puts an X-Anonymously-To: cypherpunks@toad.com into the header that it > sends. (I'm not sure why it has to do this; isn't this redundant with the > "To:" header?) No. The To: shows the real receiver, X-Anonymously-To: shows the address the message was originally sent to. Thus you know if the message was sent to your anonymous or real address. > Perhaps this would be a good time to standardize the supported set of > headers for remailing requests. Agree. Here is the anon.penet.fi set: X-Anon-To: - set by user, stripped by server X-Anon-Password: - set by user, stripped by server X-Anonymously-To: - set by server Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eli Brandt Date: Tue, 23 Feb 93 21:20:04 PST To: cypherpunks@toad.com Subject: Re: anonymous return addresses In-Reply-To: <9302240257.AA03919@soda.berkeley.edu> Message-ID: <9302240519.AA24254@toad.com> MIME-Version: 1.0 Content-Type: text/plain > A variant of (1) greatly increases the security. Have the remailer > memorize an anonymous return address of type (2). The information > that is contained in a remailer then, per pseudonym, is > > a. the pseudonym > b. the address of the next remailer to use > c. a block of stuff to be prepended to the outgoing mail. Presumably > this is forwarding instructions for the next remailer. It would > also be encrypted with the public key of the next remailer. This is an excellent idea! It would provide decent security without forcing J. Random User to figure out how to use the SASE block. You'd want to have a list of address/SASE pairs to use, choosing randomly from those that have not yet died. Oh, a complication. It would probably be necessary to be able to add new address/SASEs as they become available, to avoid death of your pseudonym through cumulative remailer attrition. But nobody but the owner can be allowed to add destinations, for obvious reasons. The only apparent way to handle this is to require a password at the time of pseudonym creation. One-way-hash it, and require it to add and remove destinations. It should be PK-encrypted on its way to the remailer, if possible. This approach does not require an identity to be irrevocably tied to a destination address, interestingly -- you can remove chains to your old address, and add ones to your new. Suggestions? Holes? Implementations? > Eric PGP 2 key by finger or e-mail Eli ebrandt@jarthur.claremont.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eli Brandt Date: Tue, 23 Feb 93 21:29:16 PST To: cypherpunks@toad.com Subject: Social engineering tips Message-ID: <9302240529.AA24454@toad.com> MIME-Version: 1.0 Content-Type: text/plain It might be helpful for those involved in the penet flamewar to refer to the service it provides as "pseudonymity" rather than "anonymity". This suggests some level of continuity, responsibility, moral fiber... well, maybe not *that*. But it's worth pointing out that getting a penet pseudonym is no different, really, than getting an account called "u7364250@csvax.uza.za". PGP 2 key by finger or e-mail Eli ebrandt@jarthur.claremont.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: kelly@netcom.com (Kelly Goen) Date: Tue, 23 Feb 93 21:39:13 PST To: cypherpunks@toad.com Subject: Newbie comments. (fwd) Message-ID: <9302240537.AA06252@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Forwarded message: > From cypherpunks-request@toad.com Tue Feb 23 15:40:37 1993 > From: J. Michael Diehl > Message-Id: <9302232326.AA26860@triton.unm.edu> > Subject: Newbie comments. > To: cypherpunks@toad.com > Date: Tue, 23 Feb 93 16:26:08 MST > X-Also-Known-As: Thunder > X-Goal-In-Life: To make a lot of money -- Wanna make a donation? > X-Mailer: ELM [version 2.3 PL8] > > I've been listening to this list quietly for about 2 weeks. Althought the > signal to noize ration as been a bit low lately, ;^) it's been very interesting. > > I like the idea of alt.whistle.blowers, and support anything that promotes > privacy, and Constitutional rights. > > But I have a (newbie?) question. Isn't it true that, at the network level, it > is still possible to tell where a message came from and where it's going. That > is, given the proper motivation, couldn't "and entity" sniff out all of this > information and find out which machine a particular message came from. And > from logs at that machine, which The Entity naturally has access to, It could > find out who send the message. Just wondering..... Hi there, well acutally at the network interface level all sorts of tricks are available... for example at the smtp daemon level all a snooper has to do is the following telnet toad.com smtp when the sendmail banner is seen then type VRFY cypherpunks That will yeild yet another line referring to cypherpunks-real which verifying will obtain ALL the mail addresses on this cypherpunks mailing list... I have a small fragment of perl which does the same trick recursively for every address on the cypherpunks mail list... why did I write such a thing... well I am writing a mail list to PGP key server extractor so I can automatically extract keys for members of cypherpunks-real... I didnt think of the privacy issue until some moments after I debugged the perl script and got it working... Similiar open holes exist at EVERY level of the Network and associated daemons and software, Johh and I have discussed this earlier via email and he as well as I dont feel its a REAL exposure as the means to protect yourself is well at hand... AND yes ALL network traffic can theoretically be traced thats when crackers and security admins start playing games with connection laundries and firewall as well as early warning systems... there are constraints to real world tracing... the Firewalls mailing list at Firewalls@GreatCircle.COM discusses these and other issues having to do with security at the network interface level > > Major suggestion: We need a FAQ! > > Well, that's about it. I'm still trying to get up to speed with pgp. > > +----------------------+----------------------------------------------------+ > | J. Michael Diehl ;-) | I thought I was wrong once. But, I was mistaken. | > | +----------------------------------------------------+ > | mdiehl@triton.unm.edu| "I'm just looking for the opportunity to be | > | Thunder@forum | Politically Incorrect! | > | (505) 299-2282 | | > +----------------------+----------------------------------------------------+ > cheers kelly -- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Timothy Newsham Date: Wed, 24 Feb 93 00:21:07 PST To: fnerd@smds.com (FutureNerd Steve Witham) Subject: Re: Crypto goals In-Reply-To: <9302231806.AB16915@smds.com> Message-ID: <9302240821.AA27032@toad.com> MIME-Version: 1.0 Content-Type: text/plain > > Encrypted computing. This is even harder than non-disassemblable code. > The idea is that you couldn't even tell what happened to the data if you > watched it compute, tried again with slightly different inputs, etc. > I've heard that some restricted sort of encrypted computing is possible > with an exponential time cost! > > The main application I have in mind is a mix that would be trustworthy > even if it was run by your worst enemies with the best computers in the > world. > > This seems impossible but I don't have proof. > > -fnerd > fnerd@smds.com (FutureNerd Steve Witham) > > How can multiple keys be chosen? The decryption key is needed to execute the code, it can either be (1) built into the hardware or (2) loaded in. In #2, if its loaded in, it can be had before it is loaded. In #1, how do you change keys? only people who know how to encrypt for that key can program the thing. If a public key scheme was used, the processor could be built with a private key inside, and you assemble and then encode in the public key, only the processor (and whoever else has the private key) can check the code. Quite a bit of complexity, also how do you do encryption in small enough units for the cpu to use? How do you decrypt w/ random access any part of the data? If you choose too large blocks (ie. cache) how do you keep enemy programs from grabbig already decrypted data? obviously some data must go out as plaintext (for I/O) then you have to keep track of which data is to always remain crypted and which needs to go to plaintext.. wow.. what a nightmare. I think its probably possible... sorry for the free-form :) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Wed, 24 Feb 93 01:13:36 PST To: cypherpunks@toad.com Subject: Enough's enough already Message-ID: <4JPgZB2w165w@sytex.com> MIME-Version: 1.0 Content-Type: text/plain Excuse me for dropping my two cents in here, but just what's the big, hairy deal? I apologize for initially bringing up the topic of self-encrypting viruses; had I known that folks would have reacted in such a childish manner, I would never have posted that topic at all. For those of you who wish to discuss it further, I'd suggest posting to comp.virus in the future. I suppose I would take it a tad more seriously when reading some of the posts that have drifted through this area, if they were originally posted to an area that was designed for virus banter. If this sounds like a plea for some sort of sanity check, then I must be coming across loud and clear. Now, I'd like to ask the cypherpunk readership to clarify the need (or perhaps a better term may be "desire") for anonymous remailers? Maybe I'm not getting the "big picture", but it would appear to me that insurance of private communications is the area of intended interest here. I know that someone may declare my query as naive, but if you feel strongly enough about a topic, why wouldn't you want the recipient to know who you are, where you are and who they can respond to? I think my train of thought is geared towards anon remailers protecting those who may operate in less than honorable means, without ethical guidelines and wishing to "hide" behind a veil of anonymity. Somehow, that just strikes me as less-than-honorable. (No, I was never a Marine. Army, yes. Marine, no.) Gee, I sure feel better. Paul Ferguson | Network Integration Consultant | "All of life's answers are Alexandria, Virginia USA | on TV." fergp@sytex.com (Internet) | -- Homer Simpson sytex.com!fergp (UUNet) | 1:109/229 (FidoNet) | PGP public encryption key available upon request. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Bill Sommerfeld Date: Tue, 23 Feb 93 21:28:49 PST To: hughes@soda.berkeley.edu Subject: dispatches from the front lines of anonymity In-Reply-To: <9302240246.AA03185@soda.berkeley.edu> Message-ID: <9302240423.AA00434@orchard.medford.ma.us> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Date: Tue, 23 Feb 93 18:46:17 -0800 From: Eric Hughes >Eric Hughes suggests an alt.whistleblower with localized anonymizing. I >like this, but I don't see how NNTP provides it. Wouldn't every server >have to be modified or upgraded to support anonymizing? In an already supported sense, yes. As I understand it, when a moderated group is created, an email address for the moderator is propagated with it. So every time a moderated group is created, every server already is "modified". That's how it *should* work, not how it *does* work. In real life, moderator addresses are distributed "out of band" to a relatively small number of "backbone" sites; all the rest of the sites merely forward the mail to a "backbone" site. Making a newsgroup moderated in the absence of a moderation address is an easy way to make it "read-only"; I think the folks who run the fj.* groups do this instead of sending rmgroups (which are generally ignored). - Bill -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCWAgUBK4r4H69wjZexL7jBAQGBagQBAbrZ42usqd/JhdWqtMNbS6PmXHfSCcA7 5qvi34i/vSe0lKc4t5JFys4S7+4OCkR8URniwOhcDGMXoXMTfeonbqNakselMJn3 m3l0Zz/vmA8ZcY0eS0F27AVwydooIVSdRiI5TFVFOLrnOzSpmyBxYzgzavnG0jRm T8vecJTtYqXf =VFG/ -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Dave Banisar Date: Tue, 23 Feb 93 20:22:33 PST To: CYPHERPUNKS@toad.com Subject: Re: Finding Mac PGP software? Message-ID: <9302232325.AA06567@hacker2.eff.org> MIME-Version: 1.0 Content-Type: text/plain MacPGP is available at mac.archives.umich.edu via gopher and FTP. FYI. The most recent copies of the pgp site list are available from the CPSR archive at cpsr.org /cpsr/crypto along with quite a few other files on crypto and privacy that may be of interest to the cypherpunks readers. > > I'm sure this is a FAQ, but can anyone point me to an FTP site > where I can obtain PGP for the Macintosh? Does such a beast exist? > Thanks for your time. > > +- eggo@titan.ucc.umass.edu Eat Some Paste -+ +- > Yorn desh born, der ritt de gitt der gue, -+ +- > Orn desh, dee born desh, de umn bork! bork! bork! -+ > > From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: M..Stirner@f28.n125.z1.FIDONET.ORG (M. Stirner) Date: Wed, 24 Feb 93 05:11:21 PST To: cypherpunks@toad.com Subject: Pgp v 2.2 Message-ID: <5029.2B8B3A11@fidogate.FIDONET.ORG> MIME-Version: 1.0 Content-Type: text/plain According to a message I read today on the Fidonet Public Keys conference, PGP is now in version 2.2 & is available off CompuServe. Has anyone seen this yet? If this is for real, let's get this thing circulating pronto. . ~ . M. ... "Huh? BILL Clinton??? I thought I voted for GEORGE Clinton!!!" ___ Blue Wave/QWK v2.12 -- M. Stirner - via FidoNet node 1:125/555 UUCP - ...!uunet!hoptoad!kumr!fidogate!28!M..Stirner INTERNET - M..Stirner@f28.n125.z1.FIDONET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Tue, 23 Feb 93 23:23:25 PST To: CYPHERPUNKS Subject: Front lines of anon. Message-ID: <930224071703_74076.1041_DHJ29-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain Lance Detweiler writes: > >You have these security threats which involve people being tricked into > >sending messages through the remailer in such a way that the recipient > >knows the true email address from where the messages are coming. > > These are completely analogous to users being tricked into supplying > passwords in regular login situations. Not a new problem. And anybody > who hasn't figured out that you should *never* put any identifying > information in the message itself is probably a little too clueless to > be using the service in the first place. However, the idea of giving a > warning in the use introduction is ok: ``under NO CIRCUMSTANCES EVER DO > THIS'' type thing. It's not that simple. "Deadbeat" reported that he discovered this problem when he sent mail via Penet to a list member asking a question. When that person replied, it exposed his anonymous ID. There was no need to put identifying information in the message itself. The mere fact that a particular message is being replied to gives away the true email address of the sender (because that is the address to which the question was directed). This means that if you receive mail asking an innocent question, like, "what is the address to subscribe to cypherpunks?", you need to be aware of whether that question came from the Penet remailer or one like it. If so, you need to take extra care when you respond so that your anonymous ID is not revealed. > The problem is that the anonymity is implicitly requested by a message > to the server. Hence replies are getting this anonymity. One > possibility is an override switch in the header that leaves it entirely > intact and the server just acts like another hub forwarder. But what is > this `harm'? We have to recognize these complaints as completely > frivolous and without merit. I don't think so. It seems to me that the current system makes it easy to accidentally expose your anonymous ID. If more people start operating pseudonym-based remailers it will be that much more difficult to keep track of whether you want to be anonymized or not. I think technical solutions are needed along the lines suggested by Eric Hughes and Deadbeat. Hal P.S. How about Deadbeat posting a public key? He keeps signing his messages but I can't check them. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mjr@netcom.com (Matthew Rapaport) Date: Wed, 24 Feb 93 08:22:13 PST To: cypherpunks@toad.com Subject: Anonymity vs accountability - a balanced view (maybe?) Message-ID: <9302241620.AA25561@netcom2.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Concerning the discussions of privacy, and anonymity on various USENET groups, attacks on Johan Helsingus, etc. I'd like to add my two cents... If we are going to convince the USENET community as a whole of the value of anonymity it seems to me we must also recognize the propriety and value of what seems to be the dominant sentiment on the USENET now, that being that accountability and responsibility (for what you say) reflected in a real identification is also valuable, and under most ordinary circumstances is more desirable then not. Putting it another way, I think most of the USENET community would accept the argument that access to anonymity is something that we should all have. It is a desirable thing, but it becomes desirable only under certain circumstances (e.g. active persecution, or a real threat of same, by a government or corporation, etc). Most of the time, it is better that people "stand for what they say" and accept the accountability that goes with non-anonymized postings. If we approach it this way I think we could achieve consensus at least to the degree that the existence of alias servers are generally supported. matthew rapaport Philosopher/Programmer At Large KD6KVH mjr@netcom.com 70371.255@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: kelly@netcom.com (Kelly Goen) Date: Wed, 24 Feb 93 08:38:42 PST To: cypherpunks@toad.com Subject: Re: Poor Man's Anonymous Remailer (fwd) Message-ID: <9302241637.AA20822@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Forwarded message: > From cypherpunks-request@toad.com Wed Feb 24 08:24:42 1993 > Date: Wed, 24 Feb 1993 11:08:17 -0500 > From: ghabrech@ultrix.ramapo.edu (The Knight of Ni) > Message-Id: <9302241608.AA09746@ultrix.ramapo.edu> > To: cypherpunks@toad.com, rubin@citi.umich.edu > Subject: Re: Poor Man's Anonymous Remailer > > I think the idea is just that it is an e-mail account. I don't think you have > any disk quota or such and probably can't even telnet or ftp from it. The > idea for this is privacy. The best way to keep someone from reading your > files is to make it so that they can't get their hands on 'em. > > George > it really doesnt work out... MANY ways are inherent in the scheme to eventually match a face with an account. If you always pay in cash, if you always where a mask(WAIT MASK??? well I think you get the IDEA) credit cards will; eventually be traced and bank accounts discovered unless one started taking their precautions before the information age... now the only absolute privacy/anonymity will be the ones that can insure it with technology cheers kelly -- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "DrZaphod" Date: Wed, 24 Feb 93 15:31:12 PST To: CypherPunks@toad.com Subject: RE: Poor Man's Anonymous Remailer Message-ID: <33176.drzaphod@ncselxsi> MIME-Version: 1.0 Content-Type: text/plain In Message 24 Feb 93 10:13:44 EST, Duncan/Lois Frissell writes: >Isn't an account that can't be traced to you anonymous? How about an (email >only) account for $3/month billed to you (no credit cards required). I think you're confusing pseunonymous with anonymous. The goal is to send data somewhere WITHOUT A TRACE as to where it came from. If you used a single e-mail address, [someone] could track it down, watch for logins, and trace the line. If you used MANY e-mail addresses it would clog the net.. remailers seem to be the way to go these days. TTFN! DrZaphod [AC/DC] / [DnA][HP] [drzaphod@ncselxsi.uucp] Technicolorized From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mbrennan@netcom.com (Michael Brennan) Date: Wed, 24 Feb 93 09:30:25 PST To: cypherpunks@toad.com Subject: Re: Law&Disorder (fwd) Message-ID: <9302241728.AA27534@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Everything is happening in the Bay Area. And I'm stuck down here in the L.A. wasteland (sigh). Oh well. At least there's mailing lists. ----------------------------------------------------------------------------- Michael Brennan Internet: mbrennan@netcom.com Compuserve: 76206,2462 Applelink: M.BRENNAN From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: cplai@csie.nctu.edu.tw Date: Tue, 23 Feb 93 17:44:40 PST To: cypherpunks@toad.com Subject: unsubscribe Message-ID: <9302240144.AA03740@csie.nctu.edu.tw> MIME-Version: 1.0 Content-Type: text/plain unsubscribe From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Duncan/Lois Frissell <71562.3445@CompuServe.COM> Date: Wed, 24 Feb 93 07:24:55 PST To: Subject: Poor Man's Anonymous Remailer Message-ID: <930224151344_71562.3445_CHT28-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain To compensate the List for consuming bandwidth with my "political" posting on advertising yesterday, I thought I'd offer some ideas on easy anonymous posting -- no remailers required. Isn't an account that can't be traced to you anonymous? How about an (email only) account for $3/month billed to you (no credit cards required). AT&T Mail (desperate for customers) charges $3/month per Email box with no setup fee. They do charge a minimum of 70 cents per message sent (50 cents if you use their pricy communications software) but they charge nothing to receive mail and give you an Internet address that looks like dfrissell@attmail.com. If you open a mail receiving service box in a nome de guerre (which is not hard to do in spite of what you might have heard), call AT&T Mail at (800) 624-5672 and sign up. After you receive your signon info, you can drop the box at the mail receiving service and just pay your future bills without a printed bill. They'll be happy to tell you what your balance is. You can logon to AT&T Mail anytime at (800) 624-5123. Use a payphone if you are really careful and enjoy anonymous posting without outside help and without having to worry about flaky remailers. Duncan Frissell From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Wed, 24 Feb 93 10:23:56 PST To: cypherpunks@toad.com Subject: Beware of anon.penet.fi message! In-Reply-To: <9302231921.aa24595@penet.penet.FI> Message-ID: <9302241820.AA11378@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Re: an1234 vs. na1234 Julf writes: >Now we only have to fight about what the From: line in anonymous >messages ought to say, an1234 or na1234? You can determine the From: line by looking at the destination. If the destination is to another alias, then you use "an1234", since the reply should appear to be coming from another alias. Using the "an1234" address triggers the aliasing mechanism. On the other hand, if the destination is to a non-alias mailbox, then use the "na1234" form. In this way the alias mechanism is not invoked upon reply. For messages with more than one addressee, split all the alias destinations into one message, and all the non-alias destinations into another. Set the From: line accordingly in each message. This avoids the attack of using a two-recipient message to invoke an incorrect alias behavior. For newsgroup postings, where no particular addressee is listed, and for mailing lists, I would suggest using "na1234", but this probably is a change in the default behavior for newsgroups. You would like newsgroups and mailing lists to act the same, and that means either keeping a list of mailing list entry points (ick), or using the "na1234" form. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: rubin@citi.umich.edu Date: Wed, 24 Feb 93 07:51:40 PST To: cypherpunks@toad.com Subject: Re: Poor Man's Anonymous Remailer In-Reply-To: <930224151344_71562.3445_CHT28-1@CompuServe.COM> Message-ID: <9302241551.AA05783@toad.com> MIME-Version: 1.0 Content-Type: text/plain I'm not sure I agree that it is a good idea to start having many accounts all over the place that are not traceable to their users. It seems like this would be a cracker's dream. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ghabrech@ultrix.ramapo.edu (The Knight of Ni) Date: Wed, 24 Feb 93 08:07:14 PST To: rubin@citi.umich.edu Subject: Re: Poor Man's Anonymous Remailer Message-ID: <9302241608.AA09746@ultrix.ramapo.edu> MIME-Version: 1.0 Content-Type: text/plain I think the idea is just that it is an e-mail account. I don't think you have any disk quota or such and probably can't even telnet or ftp from it. The idea for this is privacy. The best way to keep someone from reading your files is to make it so that they can't get their hands on 'em. George From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Aviel David Rubin Date: Wed, 24 Feb 93 09:02:15 PST To: cypherpunks@toad.com Subject: Re: Poor Man's Anonymous Remailer Message-ID: <9302241702.AA06872@toad.com> MIME-Version: 1.0 Content-Type: text/plain > it really doesnt work out... MANY ways are inherent in the scheme > to eventually match a face with an account. If you always pay > in cash, if you always where a mask(WAIT MASK??? well I think you get the IDEA) > credit cards will; eventually be traced and bank accounts discovered > unless one started taking their precautions before the information age... > now the only absolute privacy/anonymity will be the ones that can > insure it with technology > cheers > kelly No here's another application for anonymous cash. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: treason@gnu.ai.mit.edu Date: Wed, 24 Feb 93 10:13:58 PST To: cypherpunks@toad.com Subject: a project for those who like it Message-ID: <9302241812.AA12695@spiff.gnu.ai.mit.edu> MIME-Version: 1.0 Content-Type: text/plain I have been working on an idea or a secure chat system for internet and have up with some ideas. The concept is to runa server(a single server) to process the chat for up to say 50 users(more may lag you to death) using public key to secure the system. The server would be on an internet machine and the client would be on the users home pc. We use the home pc concept to avoid transporting raw data(unencrypted) over internet and phone lines. The basic gist (in a pseudo pseudocode) is this: CLIENT SIDE User runs client client asks for password (from pgp key) client checks for servers pgp public key user then connects to the network and such(dumb teminal, with hotkey to activate encryption/decryption) client connects to sever sending userid and hostname client asks for alias client sends server userid hostname start main function when message sent client encrypts with servers public key client sends message to server when message received client decrypts message with users public key (using password supplied at initiation) client displays it to users screen loop to start main function SERVER SIDE Admin starts server with server pgp password as a parameter server waits for connection server gets connection receives host and id server checks id table looking for legal user user is valid connect else boot user check and see if user is logged more than once if true boot both users alarm admin (* This is to make sure noone is lending out their account *) server matches user with pgp key start main function if message sent encrypt message with users pgp public key and sends it out if message received decrypt message sent by user using server secret key and password reencrypt it for each user on the server send message to each user loop to start main function The server would have a copy of each users public key, and a look up table with this format to tell which key is paired with which user: userid@host pgpkeyname When I say a user is logged in more than once in the above comment, I mean logged in on the server, not on his account. The id or hostname of the user is never displayed and cannot be retrieved. There is no similarity to irc, no channels, just one stream going to all users. The data will be encrypted in blocks, and sent out in blocks. There will need to be made some slight changes in pgp to get this to work. flaws: When entering a pgp password, and containing it in memory, this may be retreivable by the root or the server machine. Information will be temporarily stored in kmem, although disorderly, raw. People are stupid. Tell me what you think. People are already wrking on this project, but many more may be needed to bring it to its completion. Since I am not the IP programmer from hell, at this point I am doing the pc client. iI expect bitches about people saying people will use the server for illegal purposes, but because people can use a bathtub for illegal purposes if they wanted to, I will ignore them. Treason@gnu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Wed, 24 Feb 93 10:29:13 PST To: CYPHERPUNKS Subject: When's enough enough? Message-ID: <930224182016_74076.1041_DHJ43-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Paul Ferguson asks: > Now, I'd like to ask the cypherpunk readership to clarify the need (or > perhaps a better term may be "desire") for anonymous remailers? Maybe > I'm not getting the "big picture", but it would appear to me that > insurance of private communications is the area of intended interest > here. I know that someone may declare my query as naive, but if you > feel strongly enough about a topic, why wouldn't you want the > recipient to know who you are, where you are and who they can respond > to? There are several different advantages provided by anonymous remailers. One of the simplest and least controversial would be to defeat traffic analysis on ordinary email. Two people who wish to communicate privately can use PGP or some other encryption system to hide the content of their messages. But the fact that they are communicating with each other is still visible to many people: sysops at their sites and possibly at intervening sites, as well as various net snoopers. It would be natural for them to desire an additional amount of privacy which would disguise who they were communicating with as well as what they were saying. Anonymous remailers make this possible. By forwarding mail between themselves through remailers, while still identifying themselves in the (encrypted) message contents, they have even more communications privacy than with simple encryption. (The Cypherpunk vision includes a world in which literally hundreds or thousands of such remailers operate. Mail could be bounced through dozens of these services, mixing in with tens of thousands of other messages, re-encrypted at each step of the way. This should make traffic analysis virtually impossible. By sending periodic dummy messages which just get swallowed up at some step, people can even disguise _when_ they are communicating.) The more controversial vision associated with anonymous remailers is expressed in such science fiction stories as "True Names", by Vernor Vinge, or "Ender's Game", by Orson Scott Card. These depict worlds in which computer networks are in widespread use, but in which many people choose to participate through pseudonyms. In this way they can make unpopular arguments or participate in frowned-upon transactions without their activities being linked to their true identities. It also allows people to develop reputations based on the quality of their ideas, rather than their job, wealth, age, or status. The idea here is that the ultimate solution to the low signal-to-noise ratio on the nets is not a matter of forcing people to "stand behind their words". People can stand behind all kinds of idiotic ideas. Rather, there will need to be developed better systems for filtering news and mail, for developing "digital reputations" which can be stamped on one's postings to pass through these smart filters, and even applying these reputations to pseudonyms. In such a system, the fact that someone is posting or mailing pseudonymously is not a problem, since nuisance posters won't be able to get through. Other advantages of this approach include its extension to electronic on-line transactions. Already today many records are kept of our financial dealings - each time we purchase an item over the phone using a credit card, this is recorded by the credit card company. In time, even more of this kind of information may be collected and possibly sold. One Cypherpunk vision includes the ability to engage in transactions anonymously, using "digital cash", which would not be traceable to the participants. Particularly for buying "soft" products, like music, video, and software (which all may be deliverable over the net eventually), it should be possible to engage in such transactions anonymously. So this is another area where anonymous mail is important. We anticipate that computer networks will play a more and more important role in many parts of our lives. But this increased computerization brings tremendous dangers for infringing privacy. Cypherpunks seek to put into place structures which will allow people to preserve their privacy if they choose. No one will be forced to use pseudonyms or post anonymously. But it should be a matter of choice how much information a person chooses to reveal about himself when he communicates. Right now, the nets don't give you that much choice. We are trying to give this power to people. Hal Finney -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK4uRdKgTA69YIUw3AQGDRQP6AunUUIcsG99LdMDS9hKakJ4CcuMfPjjb SIDv/vLjAr+yWcHgu2+DtMaY1MD8+svJjfud/Q58ftupp6cm1Nvi8g/BfTUISMLj uNfOHWezx8vwPFBPiM3wJhQMLh+Cf2+O3fajEoIn8QLN+XRmJpBpbMmhYQ4l4rNt XCLX0Hi9BhE= =8/HS -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: bmullane@ultrix.ramapo.edu (JamesBond_007) Date: Wed, 24 Feb 93 10:18:15 PST To: cypherpunks@toad.com Subject: No Subject Message-ID: <9302241821.AA19804@ultrix.ramapo.edu> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- So, has pgp 2.2 really been released? does anyone know? Brian -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK4u8ZOrVZ1ozEurpAQHqHQQAuyNiSkIVW8WN0vh1mng6FGWMNTD0utgP STeeKX3zRyYKPHUQDLN+fCpQDqNdw5I0zn0iicw2DBMWfQSEYXPsmiGlhQLbz+A5 q5e2xxhZJdEj0D8G34GLE2L/uSE6ZlT4MMst7o/tdZi5WHp2pHx5M46QDYS2KzWJ aTEldUjbjNc= =Uje7 -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Wed, 24 Feb 93 11:42:15 PST To: treason@gnu.ai.mit.edu Subject: Re: a project for those who like it In-Reply-To: <9302241812.AA12695@spiff.gnu.ai.mit.edu> Message-ID: <9302241940.AA21343@tla.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain >> I have been working on an idea or a secure chat system for internet >> and have up with some ideas. A system such as this already exists at MIT. It's called zephyr. Currently, it uses kerberos (private-key) for authentication, and uses cleartext, but the system just pushes around bits. There's no reason a message couldn't be a public key encrypted message. ACLs already exist (based on the kerberos authentication), but the system is capable of supporting well over a thousand simultaneous clients, so they might not be necessary. The protocol is based on UDP, and is well-documented. Unix and macintosh clients exist; there are PC clients in development. If people want more information (up to and including the technical papers), look on athena-dist.mit.edu (it's a mail server, too). Or, I'll be happy to discuss it on the list. Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc.Ringuette@GS80.SP.CS.CMU.EDU Date: Wed, 24 Feb 93 12:31:26 PST To: cypherpunks@toad.com Subject: Anonymous flooding Message-ID: <9302242031.AA10553@toad.com> MIME-Version: 1.0 Content-Type: text/plain I wonder if full crypto anonymity as we envision it will be stable? I'm very concerned about the problem of anonymous users intentionally flooding the network with garbage in order to bring it to its knees. Current practice, in the non-anonymous world, is to trace excess traffic to its source and stop it from being generated. This will no longer be possible when true anonymity is available. This would particularly be a problem if a remailer is willing to forward an incoming message to more than one destination. In that case, by sending a single anonymous message, a saboteur could generate an exponential amount of net traffic. This would be bad. Two basic precautions for a remailer to take are 1. To require a 1-1 correspondence between input and output messages. 2. To require that the address portion of the message shrink at each step (preventing infinite loops). If this is done, then the saboteur's original message can be at most n-fold replicated, where n is the maximum number of remailer hops allowed. However, I still have some fundamental concerns that an anonymity-based system is vulnerable to flooding and denial of service by the bad guys, including Big Brother, who may wish to prevent effective use of such systems. This may make operating a remailer a difficult proposition. I'm discouraged. Any thoughts? -- Marc Ringuette (mnr@cs.cmu.edu) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Duncan/Lois Frissell <71562.3445@CompuServe.COM> Date: Wed, 24 Feb 93 12:25:12 PST To: Subject: Dining Crypto -- An Introduction Message-ID: <930224201510_71562.3445_CHT104-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain (Timothy May) Thanks for your repost of your message from the "Dawn of Time" (August 1992). Your list of "What DC Nets are Good For" was not specific enough for my taste. What DC Nets (untraceable communications) are good for: 1) Once voice/video/VR makes it to the nets and once we have enough bandwidth/speed even realtime communications can be untraceable: It's December 2000 and President Elect Clinton (Hilary) calls me for advice. The call goes to my "Virtual Communications Server" located "Somewhere on the Nets". The packets are forwarded to me after being split up and sent their various ways through anonymous remailers. My half of the conversation travels back the same way. The packets pay the anonymous remailers for their services with digital cash attached to their address headers. We notice no time lag because the nets are fast and the packets carry a "realtime" priority. With the proper setup, the President of the US will be talking to me without knowing (or being able to find out) where (or who) I am. 2) This means markets freed from even the theoretical possibility of regulation. Anything that can be digitized can be sold with no restraints save the absence of a willing buyer. Books, movies, VR epics, financial products, and all non-physical services can be traded without coercion (and without taxation). Remember too that "non-physical services" includes almost all management and professional services. The technique of "anonymous credentials" can be used to check out those you deal with. 3) The lack of regulation in the "spiritual realm" will distort market transactions in the still controlled "physical realm." People will tend to "unbundle" the non-physical aspects of their services and sell them on the nets even if it is less convenient to do so because of the *tax* savings. 4) The reduction is government "revenue" as economic activity transfers to the nets will induce a beneficial downward spiral in the authority and power of government. 5) People who become used to freedom in one part of their lives (their work and play on the nets) will not enjoy the coercion they suffer in the remainder of their lives (the place they sleep). They will have the motivation and the tools to liberate their whole lives. All without the Libertarian Party converting a single person. Freedom is a powerful recruiter. Duncan Frissell From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Wed, 24 Feb 93 15:50:09 PST To: cypherpunks@toad.com Subject: Re: Anonymous flooding Message-ID: <9302242348.AA20887@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Marc Ringuette worries about anonymous messages flooding the nets: >I wonder if full crypto anonymity as we envision it will be stable? >I'm very concerned about the problem of anonymous users intentionally >flooding the network with garbage in order to bring it to its knees. >Current practice, in the non-anonymous world, is to trace excess >traffic to its source and stop it from being generated. This will no >longer be possible when true anonymity is available. The simple solution: paid transmissions. Remailers pass on messages only if they receive the payment they've announced is their fee. While _some_ remailers may pass on messages for free (charity, policy, etc.), _their_ recipients are under no obligation (obviously) to continue to forward them if no postage is attached. This means the nets may indeed be filled with junk, but at least somebody has to pay for it--and the remailers are making nice profits. Economics thus provides a damping effect against runaway situations (as it does in so many areas that at first seem unstable). (The analogy with junk mail in the current postal system is apt: you may not like getting 10 pieces of junk mail a day, but at least you never have to pay for it directly...and the Postal System _likes_ "direct mail" (junk mail), as it pays the bills.) >This would particularly be a problem if a remailer is willing to forward >an incoming message to more than one destination. In that case, by sending a >single anonymous message, a saboteur could generate an exponential amount >of net traffic. This would be bad. Again, a remailer "willing to forward" to multiple destinations must pay for the transmission--and the recipients will of course look to see that _their_ remailing fees are paid. It is thus extremely expensive to "flood" the nets, as each message costs some amount to transmit to remailers, to remail, etc. And don't forget that most folks will likely have various forms of reputation filters running. The may scan incoming messages for interesting content, for messages from senders known to them, etc. As with our ordinary mail, the junk can be thrown away very quickly. > >Two basic precautions for a remailer to take are > 1. To require a 1-1 correspondence between input and output messages. > 2. To require that the address portion of the message shrink at each step > (preventing infinite loops). >If this is done, then the saboteur's original message can be at most >n-fold replicated, where n is the maximum number of remailer hops >allowed. Fine, some remailers may insist on a 1-1 correspondence, others may remail to as many sites as postage is provided for. The market can then decide which remailer to use. Businesses who take all paying customers generally outcompete those with arbitrarily set policies or their own ideas of rationing services (e.g., "But, sir, we can't let you buy five tubes of toothpaste--what if _everyone_ tried to buy five tubes?"). >However, I still have some fundamental concerns that an anonymity-based >system is vulnerable to flooding and denial of service by the bad guys, >including Big Brother, who may wish to prevent effective use of such >systems. This may make operating a remailer a difficult proposition. > >I'm discouraged. Any thoughts? Little need to be discouraged. There are a great many "covers" for anonymous mail, including legal consultations (attorney-client privilege), psychiatric consultations (ditto), religions ("Digital Confessionals--the Latest in Catholic Computing"), games (role-playing), and "personals" ads (as in newspaper ads that match partners, dates, etc., except mediated electronically in this case). Stopping any one of these will be tough, stopping them all would be very hard indeed. -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uri@watson.ibm.com Date: Wed, 24 Feb 93 13:15:37 PST To: cypherpunks@toad.com (cypherpunks) Subject: Re: Anonymous flooding In-Reply-To: <9302242031.AA10553@toad.com> Message-ID: <9302242113.AA16811@buoy.watson.ibm.com> MIME-Version: 1.0 Content-Type: text/plain Marc.Ringuette@GS80.SP.CS.CMU.EDU says: > I wonder if full crypto anonymity as we envision it will be stable? > I'm very concerned about the problem of anonymous users intentionally > flooding the network with garbage in order to bring it to its knees. > Current practice, in the non-anonymous world, is to trace excess > traffic to its source and stop it from being generated. This will no > longer be possible when true anonymity is available. Yes, this is a REAL danger. But if the network providers will charge per-packet fee (what an ugly idea :-), and no packet will be moved without being "taxed" (:-) - i.e. some digital cash removed from it's header (:-) - well, I see no reason, why somebody can't invest his $1,000,000 in shutting y'all up for a day (:-). > This would particularly be a problem if a remailer is willing to forward > an incoming message to more than one destination. In that case, by sending a > single anonymous message, a saboteur could generate an exponential amount > of net traffic. This would be bad. It only depends on who pays for each packet (:-). > However, I still have some fundamental concerns that an anonymity-based > system is vulnerable to flooding and denial of service by the bad guys, > including Big Brother, who may wish to prevent effective use of such > systems. This may make operating a remailer a difficult proposition. Yeah, THIS can be a problem: our Big Brother has enough money to do all the smelly things we discussed above... And if not - he'll tax us more... > I'm discouraged. Any thoughts? There's no way to limit Big Brother's power, except for getting rid of him altogether, I'm afraid... -- Regards, Uri uri@watson.ibm.com scifi!angmar!uri N2RIU ----------- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Theodore Ts'o Date: Wed, 24 Feb 93 14:18:18 PST To: Marc.Ringuette@GS80.SP.CS.CMU.EDU Subject: Re: Anonymous flooding In-Reply-To: <9302242031.AA10553@toad.com> Message-ID: <9302242216.AA16535@SOS> MIME-Version: 1.0 Content-Type: text/plain Date: Wed, 24 Feb 1993 15:11-EST From: Marc.Ringuette@GS80.SP.CS.CMU.EDU I wonder if full crypto anonymity as we envision it will be stable? I'm very concerned about the problem of anonymous users intentionally flooding the network with garbage in order to bring it to its knees. Current practice, in the non-anonymous world, is to trace excess traffic to its source and stop it from being generated. This will no longer be possible when true anonymity is available. I think the real problem won't be flooding, but the bad name full crypto anonymity will get when lusers start abusing the system to send harrassing email and hide behind the protection of an anonymous remailer. At MIT, we're considering to start up an anonymous remailer, but with the proviso that if we get a complaint about a particular pseudonym is used to send harassing email, or email with threatening violence, and some other well-defined occassions, that we would reveal, to the proper authorities, the email address used for sending replies back. A warning to that effect would be sent back to an email address the first time the anonymous contact service saw that particular email address, and assigned it a pseudonym address for replies. This way, users would have the proper expectations of privacy. Ultimately, I think this is the only way that anonymous remailers will be able to function. Otherwise, the public outcry the first time one of these remailers are abused will cause these full remailers to be shutdown, or otherwise cut off from the net. - Ted From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Wed, 24 Feb 93 17:23:43 PST To: cypherpunks@toad.com Subject: Internet is Not the Long Term Solution Message-ID: <9302250122.AA02771@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain I want to clarify some points about my earlier posting on how remailer fees fix the "anonymous flooding" problem which Marc Ringuette mentioned. Implicit in my comments were some assumptions which I ought to break out separately: * The current Internet, glorious as it is, is not the likely long term solution. The various bans and constraints on business interactions, on fees, on commercial use, etc., are major limits to what we're talking about here. (Some alternatives exist, like Alternet (sp?), but Internet is what most of us are now using.) * "Remailing fees" are the natural, free market solution to the costs of transmitting, decrypting, storing, and forwarding messages. But these fees run afoul of various Internet rules. * The Internet policy statements are often invoked by sysadmins and would-be censors (David Sternlight comes to mind) who are worried about uses, abuses, and out of the ordinary situations. Ditto for Prodigy and similar systems. The talk about bans on anonymous mail (nothing seriously proposed, so far as I know) reflect the government-dominated nature of the current Internet. * Though what we are doing with anonymous mail, remailers, digital pseudonyms, and even digital money is educational and even fun, I doubt any of us expects our "constructions" to persist, to be a real foundation for future digital economies. Well, at least I don't expect much to last. Instead, what we learn with these systems will be carried over to new kinds of networks, or on radically evolved descendants of today's networks. * These new kinds of networks may look more like descendants of FIDONet than of the Internet, in the sense of being more decentralized and outside the control of institutions and government agencies. (Some have argued that the Internet is already transnational and is already beyond the control of governments. This sounds plausible in theory, but in practice most Internet users _are_ subject to various rules about usage, about noncommercial use, etc.) * Some on this list have expressed distaste that remailing will have to be _paid for_ by someone (other than themselves). This is the way economics works. Remailers will act on the profit motive, and this in fact will do more to increase the numbers and types of remailers than anything else. When "Mom and Pop" remailer sites can be set up for the cost of a PC, hard disk, and perhaps a "hardware mix" (a Chaum-style tamper-resistant module which mixes incoming messages, stores them for sufficient latency, then remails them), then the profit motive will ensure lots of these remailers. * I'm not saying the current Internet will not evolve into such a network. In fact, the rapid growth in many countries and on many platforms may mean it already has enough momentum to become the type of network we need to develop these cyberspace constructs. But it's possible the form will be quite different. My crude timetable for the spread of crypto anarchy still has the 1993-5 period as a time of experimentation (such as we're doing), with more robust, profit-oriented enterprises appearing around 1996 or so. (A few brave souls may enter the market even earlier.) -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Breton Date: Wed, 24 Feb 93 14:42:18 PST To: Kelly Goen Subject: Re: Poor Man's Anonymous Digital Mail Drop In-Reply-To: <9302241637.AA20822@netcom.netcom.com> Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Wed, 24 Feb 1993, Kelly Goen wrote: > > I think the idea is just that it is an e-mail account. I don't think you have > > any disk quota or such and probably can't even telnet or ftp from it. The > > idea for this is privacy. The best way to keep someone from reading your > > files is to make it so that they can't get their hands on 'em. > > > > George > > > > it really doesnt work out... MANY ways are inherent in the scheme > to eventually match a face with an account. If you always pay > in cash, if you always where a mask(WAIT MASK??? well I think you get the IDEA) > credit cards will; eventually be traced and bank accounts discovered > unless one started taking their precautions before the information age... > now the only absolute privacy/anonymity will be the ones that can > insure it with technology > cheers > kelly > -- I'm not saying that the phony email-account scheme has a lot of merit, but it could surely be implemented: simply pay by money order from your local Christys each month, and, of course, order the initial service from a mail drop or something. I actually think the most reliable privacy methods are low-tech (e.g., pay for things w/ cash instead of checks or credit cards) but they involve sacrificing some of the convenience we may be accustomed to. Personally, I get my access free, and I wouldn't want to pony up the bucks to pay for a duplicate account... Peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Timothy E. Buchanan Date: Wed, 24 Feb 93 16:46:38 PST To: cypherpunks@toad.com Subject: unsubscribe Message-ID: <199302250045.AA00274@rintintin.Colorado.EDU> MIME-Version: 1.0 Content-Type: text/plain Please unsubscribe. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: parish@cactus.org (Tom Parish) Date: Wed, 24 Feb 93 16:28:40 PST To: cypherpunks@toad.com Subject: remove me from the list Message-ID: <9302250027.AA14977@cactus.org> MIME-Version: 1.0 Content-Type: text/plain Overload ... please remove me from the list. Thanks, Tom From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: an5877@anon.penet.fi (deadbeat) Date: Thu, 25 Feb 93 00:35:58 PST To: cypherpunks@toad.com Subject: Re: Anonymity vs accountability - a balanced view (maybe?) Message-ID: <9302250751.AA19616@anon.penet.fi> MIME-Version: 1.0 Content-Type: text/plain In-reply-to: Matthew Rapaport's message of Wed, 24 Feb 1993 08:20:43 -0800. <9302241620.AA25561@netcom2.netcom.com> -----BEGIN PGP SIGNED MESSAGE----- Matthew argues for balance in the USENET battle over pseudo/anonimity. Matthew is preaching to the choir. Folks who have watched USENET for any appreciable length of time know that reason is not highly prized there. Volume is. The self-apponted gods of the net can't stop us, they can only bitch about us. Let them. This is no different than any other USENET issue. The only way to win is not to play. DEADBEAT -----BEGIN PGP SIGNATURE----- Version: 2.1 iQBFAgUBK4wpGPFZTpBW/B35AQFppwF/fACfJjSLzYDi7LNCRCndyZwxTIRbpuIp G+G9pvcjA/dJQn6Z/AtDuyIe0guaihxS =VpJU -----END PGP SIGNATURE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help@anon.penet.fi. Due to the double-blind system, any replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin@anon.penet.fi. *IMPORTANT server security update*, mail to update@anon.penet.fi for details. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc.Ringuette@GS80.SP.CS.CMU.EDU Date: Wed, 24 Feb 93 19:05:54 PST To: cypherpunks@toad.com Subject: Re: Anonymous flooding Message-ID: <9302250305.AA17098@toad.com> MIME-Version: 1.0 Content-Type: text/plain [ Problem: anonymous flooding. Solution: digital postage stamps. ] Thanks, guys. Problem solved. Should've seen it myself. -- Marc Ringuette (mnr@cs.cmu.edu) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tlr1@acpub.duke.edu (Tristan Lanier Reid) Date: Wed, 24 Feb 93 18:57:00 PST To: cypherpunks@toad.com Subject: unsubscribe Message-ID: <9302250255.AA25442@soc2.acpub.duke.edu> MIME-Version: 1.0 Content-Type: text/plain Please remove me from your mailing list...thank you for your time. Tristan Reid tlr1@acpub.duke.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Timothy Newsham Date: Thu, 25 Feb 93 01:00:38 PST To: cypherpunks@toad.com Subject: link encryption Message-ID: <9302250900.AA22090@toad.com> MIME-Version: 1.0 Content-Type: text/plain ahh.. I just thought of something I should mention about that code I have sent out. I am releasing MY CODE to the public domain, but parts of the package are not mine :) In particular the RSA code and the DES code come from other places. I dont think there are any restrictions on the code, but they dont become public domain with my code :) Lets keep me out of trouble From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Wed, 24 Feb 93 19:52:26 PST To: tcmay@netcom.com (Timothy C. May) Subject: Re: Internet is Not the Long Term Solution In-Reply-To: <9302250122.AA02771@netcom.netcom.com> Message-ID: <9302250351.AA18094@steve-dallas.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain >> * The current Internet, glorious as it is, is not the likely long term >> solution. The various bans and constraints on business interactions, on >> fees, on commercial use, etc., are major limits to what we're talking about >> here. (Some alternatives exist, like Alternet (sp?), but Internet is what >> most of us are now using.) Agreed. The Internet, in it's current form, is not going to be the information center of the future. >> * "Remailing fees" are the natural, free market solution to the costs of >> transmitting, decrypting, storing, and forwarding messages. But these fees >> run afoul of various Internet rules. Yup. >> * These new kinds of networks may look more like descendants of FIDONet >> than of the Internet, in the sense of being more decentralized and outside >> the control of institutions and government agencies. (Some have argued that >> the Internet is already transnational and is already beyond the control of >> governments. This sounds plausible in theory, but in practice most Internet >> users _are_ subject to various rules about usage, about noncommercial use, >> etc.) This is where I disagree strongly. We are entering a time when the commercial advantages of internetworking are strong enough to cause the formation of a real, commercially built, non-government-controlled internet (small "i"). This network will be devoid of any AUP beyond simple legality, and will operate much like a common carrier: They won't care what you put on the wire unless someone brings it to their attention. I highly doubt that FIDONET is the model of the future. People are moving toward increased connectivity and real-time services, not the slow, store-and-forward model of FIDO and UUCP. The example of encrypted, untraceable real-time video requires internet technologies. Mail forwarding just doesn't cut it. >> * Some on this list have expressed distaste that remailing will have to be >> _paid for_ by someone (other than themselves). My major problem with this is that I'd rather not have to stamp each piece. I'd like to see a remailer sell me an unlimited-use ticket for a month, say. But this is what the free market is for. I'm sure someone will see their way to offering the service I want to buy. Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Wed, 24 Feb 93 23:19:57 PST To: cypherpunks@toad.com Subject: Re: Internet is Not the Long Term Solution Message-ID: <9302250718.AA07261@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Marc Horowitz writes, referring to my comments: >This is where I disagree strongly. We are entering a time when the >commercial advantages of internetworking are strong enough to cause >the formation of a real, commercially built, non-government-controlled >internet (small "i"). This network will be devoid of any AUP beyond >simple legality, and will operate much like a common carrier: They >won't care what you put on the wire unless someone brings it to their >attention. > >I highly doubt that FIDONET is the model of the future. People are >moving toward increased connectivity and real-time services, not the >slow, store-and-forward model of FIDO and UUCP. The example of >encrypted, untraceable real-time video requires internet technologies. >Mail forwarding just doesn't cut it. I wasn't very clear, or detailed, about this. I certainly didn't mean "like FIDONET" in the sense of a bunch of slow store-and-forward DOS-type machines. I agree with Marc that fast networks are the way to go. But the decentralized, privately-operated nature of FIODONET is intriguing, especially if combined with high-speed fiber optic networks and such. And many of the packetized messages we expect to see in with digital mixes will easily tolerate (and even require) some latency at each node. A large, diverse system of store-and-forward nodes may be very suitable for much of what we're talking about here. The long delays on the current FIDONET are of course unacceptable. (No point in arguing how much latency, how much delay is acceptable, etc., because it will all depend on the nature of the communications.) In summary, what I hope we get is a heterogeneous, decentralized, market-oriented mixture of networks, some very high speed, some slower speed, and some that are very slow but secure. So long as the Feds don't force the development in one direction, this is what I expect to see. >My major problem with this is that I'd rather not have to stamp each >piece. I'd like to see a remailer sell me an unlimited-use ticket for >a month, say. But this is what the free market is for. I'm sure >someone will see their way to offering the service I want to buy. Like Marc says, perhaps someone will offer this, though I doubt it. However, while passenger transportation systems can offer unlimited use tickets, the same is not generally the case with freight transportation (where someone might ship thousands of tons of freight on one ticket!). I doubt anyone will offer unlimited data transport for some fixed time period, for the same reason. -Tim -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Wed, 24 Feb 93 23:20:04 PST To: cypherpunks@toad.com Subject: Re: Anonymous flooding Message-ID: <9302250718.AA07276@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Johan Helsingius writes: >> Ultimately, I think this is the only way that anonymous remailers will >> be able to function. Otherwise, the public outcry the first time one of >> these remailers are abused will cause these full remailers to be >> shutdown, or otherwise cut off from the net. > >Exactly as has happened to anon.penet.fi. ;-) > > Julf Have I missed something? Has anon.penet.fi been shut down or cut off from the net? Please fill us in. I think most of us are rooting for you and your system (though some *.army.mil readers are probably not--they just can't stand the thought of defense secrets being sold on crypto anarchy nets!). -Tim -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Dave Banisar Date: Wed, 24 Feb 93 21:11:05 PST To: CYPHERPUNKS@toad.com Subject: Clinton/Gore on export controls Message-ID: <9302250013.AA39899@hacker2.eff.org> MIME-Version: 1.0 Content-Type: text/plain ------ Forwarded Message E X E C U T I V E O F F I C E O F T H E P R E S I D E N T THE WHITE HOUSE Office of the Press Secretary ______________________________________________________________ For Immediate Release February 22, 1993 REMARKS BY THE PRESIDENT AND VICE PRESIDENT TO SILICON GRAPHICS EMPLOYEES Silicon Graphics Mountain View, California 10:00 A.M. PST .... (All sorts of higly intereresting but ultimately irrelevant to this list's purpose deleted) THE VICE PRESIDENT: Let me start off on that. As you may know, the President appointed as the Deputy Secretary of Commerce John Rollwagon who was the CEO at Cray. And he and Ron Brown, the Secretary of Commerce, have been reviewing a lot of procedures for stimulating U.S. exports around the world. And we're going to be a very export-oriented administration. However, we are also going to keep a close eye on the legitimate concerns that have in the past limited the free export of some technologies that can make a dramatic difference in the ability of a Gaddafi or a Saddam Hussein to develop nuclear weapons or ICBMs. Now, in some cases in the past, these legitimate concerns have been interpreted and implemented in a way that has frustrated American business unnecessarily. There are, for example, some software packages that are available off the shelves in stores here that are, nevertheless, prohibited from being exported. And sometimes that's a little bit unrealistic. On the other hand, there are some in business who are understandably so anxious to find new customers that they will not necessarily pay as much attention as they should to what the customer might use this new capacity for. And that's a legitimate role for government, to say, hold on, the world will be a much more dangerous place if we have 15 or 20 nuclear powers instead of five or six; and if they have ICBMs and so forth. So it's a balance that has to be struck very carefully. And we're going to have a tough nonproliferation strategy while we promote more exports. THE PRESIDENT: If I might just add to that -- the short answer to your question, of course, is yes, we're going to review this. And let me give you one example. Ken told me last night at dinner that --he said, if we export substantially the same product to the same person, if we have to get one permit to do it we'll have to get a permit every time we want to do the same thing over and over again. They always give it to us, but we have to wait six months and it puts us behind the competitive arc. Now, that's something that ought to be changed, and we'll try to change that. We also know that some of our export controls, rules and regulations, are a function of the realities of the Cold War which aren't there anymore. But what the Vice President was trying to say, and he said so well -- I just want to reemphasize -- our biggest security problem in the future may well be the proliferation of nuclear and nonnuclear, like biological and chemical weapons of mass destruction to small, by our standards, countries with militant governments who may not care what the damage to their own people could be. So that's something we have to watch very closely. But apart from that, we want to move this much more quickly and we'll try to slash a lot of the time delays where we ought to be doing these things. ..... (even more material deleted) END10:41 A.M. PST ------ End of Forwarded Message If anyone is interested in the whole conference, I weill put it up on the CPSR Internet Library at cpsr.org /cpsr/clinton. Dave From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Theodore Ts'o Date: Wed, 24 Feb 93 22:03:27 PST To: Johan Helsingius Subject: Re: Anonymous flooding In-Reply-To: <9302250618.aa14970@penet.penet.FI> Message-ID: <9302250602.AA25287@SOS> MIME-Version: 1.0 Content-Type: text/plain Date: Thu, 25 Feb 93 07:01:04 +0200 From: Johan Helsingius Hmm... Could you briefly outline those "well-defined" occasions? How about this case: I send you a complaint about somebody who has repeatedly harrassed everybody soc.culture.india/tamil/srilanka with anonymous postings about faked reports about then indian army raping civilians in sri lanka? We haven't completely finished drafting those policies yet, so I can't give you a comprehensive answer. (If you have suggestions about where to draw the line, please send me email!) As far as your example goes: What I do now, when someone sends me a complaint like that, is I go to the Usenet newsgroup myself, and take a look at the flame war in progress. (Usually both sides are behaving like pre-schoolers fighting in a sandbox, but we'll let that pass.) Whether or not we would need to impose sanctions on someone because of their USENET postings is a very hard-to-define area, which ultimately comes down to a judgement call. Usually, we try not to censor people, although we do usually send them a note suggesting that the follow some basic Net Etiquette. So that might not be grounds for digging up the real email address. On the other hand, if someone posts a message threatening to kill the President, and the Secret Service shows up at your doorstep (and no, this is not a Hypothetical Example), I think we would very clearly have justification for trying to track down the identity of the person posting the message. Threats of violence in general would probably be grounds for tracking the person down and issuing sanctions of some kind. The basic idea is that there are certain uses of a psedonym remailer (I'm not using the word anonymous remailer because we wouldn't be offering true anonymity) which are obviously legitimate --- for example, an anonymous suggestion box, alt.personals, etc. On the other hand, there are certain activities which are clearly out of bounds --- threats of violence, harassment, etc. What to do in the middle ground will require some amount of judgement, so perhaps we won't be able to make the list completely well-defined. Although obviously, it would be best if that list were as well-defined as possible. - Ted From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: thug@phantom.com (Murdering Thug) Date: Wed, 24 Feb 93 22:10:40 PST To: cypherpunks@toad.com Subject: RE: POOR MAN'S ANONYMOUS REMAILER In-Reply-To: <33176.drzaphod@ncselxsi> Message-ID: MIME-Version: 1.0 Content-Type: text/plain DrZaphod writes: > I think you're confusing pseunonymous with anonymous. The goal is to > send data somewhere WITHOUT A TRACE as to where it came from. If you used a > single e-mail address, [someone] could track it down, watch for logins, and > trace the line. If you used MANY e-mail addresses it would clog the net.. > remailers seem to be the way to go these days. TTFN! Getting an anonymous account on Compuserve, AT&T Mail, MCI Mail or any of the other major services not only requires a mail drop, but also a number where they can call you back. Usually, a voice mailbox will do. Then it becomes a question of having enough phony id to get both the drop and the VMB, usually not a problem considering any cyberpunk worth his wieght in salt can get access to a 300 dpi color ink jet printer (ie: Deskjet 550C), a Polaroid camera, and a laminating machine, and put together enough good looking ID to fool almost anybody. BTW, don't try using phony ID to get a U.S. Mail Post Office box, because they are trained to spot that, not for the reason of preventing people from renting P.O. Boxes but to prevent people from cashing money orders under false names. Let us assume that obtaining an account on a major online service or major e-mail carrier is fairly easy. The question of traceability can be put to rest assuming that whatever e-mail provider you choose has offline messaging capability (ala NuPOP, Eudora, QWK, Compuserve CIM). Now assume you have a notebook or handheld PC (like the new Gateway Handbook). You can walk up to a payphone, download all your mail, then go to the park and reply to all the messages while sitting at a park bench eating a sandwitch and drinking coffee, then go to another payphone, and upload all your offline mail responses. Offline mail capability allows one to EASILY use payphones as points of access. You can download 50k of new mail in less than 2 minutes at 2400 baud, and in less than 30 seconds at 9600 baud from a payphone and then go about the rest of your day. An e-mail upload is even quicker. What could be simpler? However, make sure not to use a calling card when dialing up your e-mail service provider's point of presence. It's possible to use coins since the call will rarely be longer than 3 minutes, and never longer than 5 minutes unless you have huge uuencoded files coming into your mailbox, in which case it's probably best to be using a 9600 or 14,400 baud portable modem anyway. By the way, I think AT&T Mail has an 800 # dial-up that's free of per minute charges, it's used by people who don't have a local dialup in their area. I just realized that it's actually possible to be an anonymous UUCP site in the same manner, since UUCP is nothing more than an advanced offline download/upload protocol for news/mail/files. Assuming you can scam UUNET or PSI or whatever other UUCP provider by giving them false info, you could actually become a fully mobile, roaming, and anonymous UUCP site.. Scary, ain't it... :) Murdering Thug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: George A. Gleason Date: Thu, 25 Feb 93 01:07:18 PST To: cypherpunks@toad.com Subject: Re: Poor Man's Anonymous Remailer Message-ID: <199302250904.AA03970@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Duncan's posting about AT&T mail as a "poor man's anonymous mailbox" misses one crucial fact. The moment you dial an 800 number, you generate a record of your phone number via ANI, which means AT&T gets that information in realtime and can probably correlate it with your phone account and service address and name. If you want anonymity, never ever ever use any service which requires you call in via an 800 number. -gg@well.sf.ca.us From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mbrennan@netcom.com (Michael Brennan) Date: Thu, 25 Feb 93 01:03:13 PST To: cypherpunks@toad.com Subject: Re: Finding Mac PGP software? Message-ID: <9302250901.AA16429@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Dave Banisar writes: > MacPGP is available at mac.archives.umich.edu via gopher and FTP. Dave, I've tried ftp'ing to that site, but I get "unknown site". Is that really the correct address? I appreciate the info. ----------------------------------------------------------------------------- Michael Brennan Internet: mbrennan@netcom.com Compuserve: 76206,2462 Applelink: M.BRENNAN From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: John.Nieder@f33.n125.z1.FIDONET.ORG (John Nieder) Date: Thu, 25 Feb 93 05:00:34 PST To: cypherpunks@toad.com Subject: dispatches from the front lines of anonymity Message-ID: <5046.2B8CB524@fidogate.FIDONET.ORG> MIME-Version: 1.0 Content-Type: text/plain ("L. Detweiler") states: BK> the BK> possibility of a centralized moderator stripping addresses, while BK> already currently supported in the software mechanisms, is problematic BK> because it is a single location with all the traffic--hence the need to BK> go through independent anonymous servers first. But I think the BK> localized header-stripping is totally superior to all this. Having a BK> message bounce around a net a bit with *real* information is very BK> vulnerable, when the ID could be stripped off at the source. There is also the problem of those (like me) who access the internet from outside, through gates. The messages are not only marked with the point of origin automatically by the originating BBS's software, but are also subject to monitoring by any number of systems operators en route to internet. When all of the headers (including passwords for the anonymous servers) are in plaintext, the entire anonymous system seems compromised. While some servers I haven't tried yet seem to be PGPed, this doesn't seem to be the case with penet.fi. BK> How about an EFF sponsored server? Yes, and preferably at a site outside the US, just for good measure. There is an obvious appeal to having servers outside the jurisdiction of American law-enforcement busybodies. JN ... "A Few Years in the Absolute Elsewhere..." --- Blue Wave/Opus v2.12 [NR] -- John Nieder - via FidoNet node 1:125/555 UUCP - ...!uunet!hoptoad!kumr!fidogate!33!John.Nieder INTERNET - John.Nieder@f33.n125.z1.FIDONET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: John.Nieder@f33.n125.z1.FIDONET.ORG (John Nieder) Date: Thu, 25 Feb 93 05:00:34 PST To: cypherpunks@toad.com Subject: Enough's enough already Message-ID: <5047.2B8CB525@fidogate.FIDONET.ORG> MIME-Version: 1.0 Content-Type: text/plain * Reply to msg originally in Cypherpunks Paul Ferguson writes: BK> I know that someone may declare my query as naive, but if you BK> feel strongly enough about a topic, why wouldn't you want the BK> recipient to know who you are, where you are and who they can respond BK> to? I just had a chilling example of why last month. Someone who made my life a living hell (in real life, not cyberspace) "found" me again in a discussion in a tech newsgroup and sent me a "yoo-hoo!" e-note. I could have gone a long time without that. My identity was irrelevant to the discussion, but was unfortunately very relevant to making this nasty little surprise possible. As the penet.fi helpfile mentions, one of the concerns was for the privacy of those participating in theraputic discussions on such touchy subjects as incest and abuse. In that many theraputic disciplines stress a confessional mode of treatment, the security required for persons to "open up" must be (or appear to be) absolute. These electronic therapy groups may not appeal to you or me, but they have large followings and seem to serve a useful purpose for some. Maximum anonymity is desirable for those participants. I can think of several other very serious reasons for persons to desire untracable communications, but they go beyond the scope of the matter at hand. More to the point, in my experience I have found very little to be gained by revealing my true identity. The less known about me, the better for my personal security. That's the whole point of the privacy "movement." Who I am is nobody's business but mine. JN ... "Is it too late to get the Russians to drop a nuke on Washington?" --- Blue Wave/Opus v2.12 [NR] -- John Nieder - via FidoNet node 1:125/555 UUCP - ...!uunet!hoptoad!kumr!fidogate!33!John.Nieder INTERNET - John.Nieder@f33.n125.z1.FIDONET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Wed, 24 Feb 93 21:34:55 PST To: Theodore Ts'o Subject: Re: Anonymous flooding In-Reply-To: <9302242216.AA16535@SOS> Message-ID: <9302250618.aa14970@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain Teodore Ts'o writes: > At MIT, we're considering to start up an anonymous remailer, but with > the proviso that if we get a complaint about a particular pseudonym is > used to send harassing email, or email with threatening violence, and > some other well-defined occassions, that we would reveal, to the proper > authorities, the email address used for sending replies back. > > A warning to that effect would be sent back to an email address the > first time the anonymous contact service saw that particular email > address, and assigned it a pseudonym address for replies. This way, > users would have the proper expectations of privacy. Hmm... Could you briefly outline those "well-defined" occasions? How about this case: I send you a complaint about somebody who has repeatedly harrassed everybody soc.culture.india/tamil/srilanka with anonymous postings about faked reports about then indian army raping civilians in sri lanka? > Ultimately, I think this is the only way that anonymous remailers will > be able to function. Otherwise, the public outcry the first time one of > these remailers are abused will cause these full remailers to be > shutdown, or otherwise cut off from the net. Exactly as has happened to anon.penet.fi. ;-) Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Wed, 24 Feb 93 23:28:55 PST To: Theodore Ts'o Subject: Re: Anonymous flooding In-Reply-To: <9302250602.AA25287@SOS> Message-ID: <9302250805.aa15717@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > We haven't completely finished drafting those policies yet, so I can't > give you a comprehensive answer. (If you have suggestions about where > to draw the line, please send me email!) If you can come up with hard and fast rules that don't ultimately reflect your own views and biases, I would *love* to see them! What I'm claiming is that there can't ever be a clean-cut line, thus I am going for the policy of *never* releasing someone's true identity. Blocking is another matter... > As far as your example goes: What I do now, when someone sends me a > complaint like that, is I go to the Usenet newsgroup myself, and take a > look at the flame war in progress. (Usually both sides are behaving > like pre-schoolers fighting in a sandbox, but we'll let that pass.) > Whether or not we would need to impose sanctions on someone because of > their USENET postings is a very hard-to-define area, which ultimately > comes down to a judgement call. Usually, we try not to censor people, > although we do usually send them a note suggesting that the follow some > basic Net Etiquette. So that might not be grounds for digging up the > real email address. Censoring is not pretty, but still a long way off from actually exposing somebody. > On the other hand, if someone posts a message threatening to kill the > President, and the Secret Service shows up at your doorstep (and no, > this is not a Hypothetical Example), I think we would very clearly have > justification for trying to track down the identity of the person > posting the message. I don't think so. This morning there was an article in my local paper about an estonian poet who was convicted to 10 years of prison for having written songs threatening Stalin and the Party apparatchniks with "real revolution". Yes, this was USSR in the 50's, but... According to your example you would gladly have helped KGB to find out the real address of the poet, right? And I hope the response isn't "but the President of the USA is *not* Stalin, and The Secret Service is not the KGB...". > Threats of violence in general would probably be > grounds for tracking the person down and issuing sanctions of some kind. Ok. So how about the complaint I got today from rec.pets.cats where somebody had posted something about how he was poisoning and shooting the cats in the neighbourhood? > The basic idea is that there are certain uses of a psedonym remailer > (I'm not using the word anonymous remailer because we wouldn't be > offering true anonymity) which are obviously legitimate --- for example, > an anonymous suggestion box, alt.personals, etc. On the other hand, > there are certain activities which are clearly out of bounds --- threats > of violence, harassment, etc. What to do in the middle ground will > require some amount of judgement, so perhaps we won't be able to make > the list completely well-defined. Although obviously, it would be best > if that list were as well-defined as possible. What is legitimate for you might be (and certainly is, in some part of the world) for somebody else. And vice versa. And my apologies if I sound a bit harsh. I am still only sipping my morning coffee.... Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dmandl@shearson.com (David Mandl) Date: Thu, 25 Feb 93 09:19:02 PST To: cypherpunks@toad.com Subject: Re: Enough's enough already Message-ID: <9302251454.AA10413@tardis.shearson.com> MIME-Version: 1.0 Content-Type: text/plain > From: John.Nieder@f33.n125.z1.fidonet.org (John Nieder) > > Paul Ferguson writes: > > BK> I know that someone may declare my query as naive, but if you > BK> feel strongly enough about a topic, why wouldn't you want the > BK> recipient to know who you are, where you are and who they can respond > BK> to? > > I just had a chilling example of why last month. Someone who made my > life a living hell (in real life, not cyberspace) "found" me again in a > discussion in a tech newsgroup and sent me a "yoo-hoo!" e-note. I could > have gone a long time without that. My identity was irrelevant to the > discussion, but was unfortunately very relevant to making this nasty > little surprise possible. > Yup, there are dozens of reasons to want anonymity. This should be completely obvious to anyone moving in cypherpunk circles--or alt.sex circles, where, amazingly, some well-respected sexosophists actually spoke out against anonymous posting recently. No offense intended, but anyone who can't think of situations where anonymity is essential should get out more. Any first grader can list dozens of places where even mild blasphemy will get you locked up for a long time. [Begin Zerowork tangent] And even if you think the U.S. isn't one of them (which it is), keep in mind that most workplaces are effectively stalinist dictatorships, and bosses may not be thrilled about having their employees discuss crypto anarchy, the overthrow of governments, or S & M on the net. --Dave. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: thug@phantom.com (Murdering Thug) Date: Thu, 25 Feb 93 07:17:06 PST To: cypherpunks@toad.com Subject: Re: Poor Man's Anonymous Remailer In-Reply-To: <199302250904.AA03970@well.sf.ca.us> Message-ID: MIME-Version: 1.0 Content-Type: text/plain gg@well.sf.ca.us writes: > Duncan's posting about AT&T mail as a "poor man's anonymous mailbox" misses > one crucial fact. The moment you dial an 800 number, you generate a record > of your phone number via ANI, which means AT&T gets that information in > realtime and can probably correlate it with your phone account and service > address and name. If you want anonymity, never ever ever use any service > which requires you call in via an 800 number. There's an easy way to prevent your number from being passed to an 800 number owner via ANI. Simply place the call using a TSPS/OSPS ("0") operator. Say "I'm having trouble dialing 800-xxx-xxxx, could you please place the call for me?" Once the call goes out over another trunk line, your number is not passed on. If you have ever dialed those ANI "Demo" 800 numbers that read back your number via synthesized voice, and then tried calling them again using a TSPS operator, you'll know exactly what I'm talking about. This is at least the way it worked a while ago, I don't know if it still applies or of they modified TSPS consoles pass on the number. Perhaps Phiber could clarify this a bit and tell us if this still works, and if it still works in all areas, or what areas it would not work in. Still, like I recommended in my previous post, the best way to implement a poor man's anonymous mailer scheme is to use a notebook/handheld PC and making all calls from payphones using coins or 800 dial-up, never using your calling card. Murdering Thug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pmetzger@shearson.com (Perry E. Metzger) Date: Thu, 25 Feb 93 09:26:03 PST To: tcmay@netcom.com Subject: Re: Internet is Not the Long Term Solution Message-ID: <9302251614.AA09427@maggie.shearson.com> MIME-Version: 1.0 Content-Type: text/plain > From: tcmay@netcom.com (Timothy C. May) > > I want to clarify some points about my earlier posting on how remailer fees > fix the "anonymous flooding" problem which Marc Ringuette mentioned. > > Implicit in my comments were some assumptions which I ought to break out > separately: > > * The current Internet, glorious as it is, is not the likely long term > solution. The various bans and constraints on business interactions, on > fees, on commercial use, etc., are major limits to what we're talking about > here. (Some alternatives exist, like Alternet (sp?), but Internet is what > most of us are now using.) Alternet is part of the Internet. There is no central control on the internet -- only on segments of it. UUCP is even more anarchic... > * The Internet policy statements are often invoked by sysadmins and > would-be censors (David Sternlight comes to mind) who are worried about > uses, abuses, and out of the ordinary situations. Ditto for Prodigy and > similar systems. The talk about bans on anonymous mail (nothing seriously > proposed, so far as I know) reflect the government-dominated nature of the > current Internet. The NSF NET has policy statements. There are no policies for the internet and indeed given that the internet spans at least thirty or so national jurisidictions and tens of thousands of different networks its impossible to have one policy statment. The risk is that Al Gore and Company will manage to ram through their goverment managed internet which would put PSI and company out of business and which would permanently assure that most traffic passes through zones with draconian policies. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dnorris@ibeam.intel.com (Dave Norris) Date: Thu, 25 Feb 93 12:09:26 PST To: cypherpunks@toad.com Subject: Job Available Message-ID: MIME-Version: 1.0 Content-Type: text/plain Intel (Mobile Software Architecture and Technology group) is seeking a person to be responsible for all security issues related to mobile computers. Applicant should have a BS/MS Degree in Computer Science, and more than 2 years experience in software architecture. Experience in MSDOS and/or Windows development environment is required. Experience with software, network and/or portable computer security is desired. Authentication and Encryption experience is required. Experience with challenge/response devices and Defender(TM) type devices is desired. This individual will be a senior level individual contributor that will be responsible for all aspects of security in a laptop/palmtop environment. Problems must be identified and solutions advocated within Intel and to outside vendors. Prototypes and Proof-of-Concept software must be developed. Partial responsibilities include: Work with Corporate Business Development to recommend investment in outside security companies. Evaluate security products from outside vendors. Present portable security vision at trade shows and conferences. Be an Intel expert on security. Work with Corporate Information Services to incorporate new security products within Intel. The position is available in Hillsboro Oregon (a suburb of Portland). For more information please contact either Nancy Ohlson (503) 696-2572 or David Norris dnorris@ibeam.intel.com Please do not post responses to cypherpunks. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Fogleman Date: Thu, 25 Feb 93 09:48:11 PST To: cypherpunks@toad.com Subject: problem installing pgp on a sun4... Message-ID: <9302251745.AA26765@ack.adstest.analog.com> MIME-Version: 1.0 Content-Type: text/plain Cypherpunks, I downloaded 'pgp' from soda.berkeley.edu and 'unproto' from win.tue.nl, ran the Makefile (make sun4cc) and got a binary that passes the test given in setup.doc. However, I got the following warnings: "crypto.c", line 1445: warning: constant 256 is out of range of unsigned char comparison "crypto.c", line 1445: warning: result of comparison is always true (along with the same messages for line 2445.) Here are the relevant lines... from pgp.h: #define MAX_PATH 256 from crypto.c: unsigned char litfile[MAX_PATH]; ... 1445 --> if (litfile[0] < MAX_PATH) 2445 --> if (litfile[0] < MAX_PATH) I can see where this is a problem; 256 won't fit into eight bits. What is the correct way to fix this. Should MAX_PATH be set to something else? Thanks for your help, Eric Fogleman From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "L. Detweiler" Date: Thu, 25 Feb 93 12:00:28 PST To: cypherpunks@toad.com Subject: more ideas on anonymity Message-ID: <9302251959.AA02941@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain The question as to what specifically to prohibit being posted anonymously has come up, and is by far one of our most serious and sensitive considerations. Of course, the decision is largely in the hands of the anonymous server operator, but no generally accepted guidelines currently exist, and we might help some people and advance the cause by codifying `legitimate use'. First, let me assure you my intent and preference is that it should be as liberal as possible. Let's look at some of the options (I'm tiptoeing on eggshells here, please don't flame me too much): 1) operator makes decision for every posting brought to his attention. Things that would test this system: what about revisionists (not ugly-enough term) who claim that the Holocaust never happened? Or someone who is posting extremely provocative but fabricated data? (The first case happened on Prodigy--the censors let it through at one point, and was documented in a column by Alan Dershowitz, famous American lawyer defending e.g. Mike Tyson, and other major celebrities. The second case happened with the now infamous challenger transcript posting, where anonymous user of penet posts without any comment a `transcript' of shuttle crew dialog during the crash.) Here, I think one policy might be that if the poster seems to be repeatedly and blatantly fabricating the data himself, maybe some restriction or warning is in order. But if ever the poster includes `real source' (no matter how trashy) from the outside world, and makes it clear that they are not the originator, only the purveyor (`messenger'), perhaps this is less serious. (I think Mr. Helsingius' current standards in this area should be held up as an outstanding model of commitment to privacy and free speech.) 2) some kind of global system for keeping track of `abusive' posters. Here are some interesting ideas--how about lists circulated among anonymous server operators only (not public) that record barred users by their email address or even real identity? The lists could be categorized and tagged so that the administrator can prohibit use based on the seriousness of the offense. Here are some things that operators `might' look at: 1) ad hominem attacks 2) flame baiting 3) lying outright 4) defying Usenet conventions: posting copyrighted material, binaries to regular groups, massive amounts of data, etc. 5) number or existence of *any* complaints 6) `racist' remarks 7) terrorism 8) `harassment' 9) anything illegal in the poster's country (yes, tricky I know) ad infinitum ad nauseam. Maybe we could try to organize the severity of this kind of stuff, and classify servers as `type 1' or `type 2' and we can get a feel for how liberal or conservative the operator is. The operator would say which lists he subscribes to, and which lists your email address will go on if you abuse the site. Really extreme operators (like Mr. Kleinpaste) might actually be interested in `public' lists -- abusers get their email addresses, along with the offense, posted on the public list, i.e. `outed'. Now, I think a lot of this is pretty unpalatable, but we have things to gain by formalizing these mechanisms, and as long as the anonymous user is *warned* in the server intro-use message, and possibly even has ways of redress, and has choice of different servers, then the system could be fairly agreeable by most. Remember, no one is preventing operators from being conservative or liberal as they like, the only thing wanted is adherence to their stated policies. Look what we have to gain. Currently, there is a lot of censorship (attempts? conquests?) going on behind the scenes, as a recent episode here attests. No one really knows how effective in general it is currently to hunt down and bar `abusive' users (hence a lot of misinformation and paranoia about the effects of anonymous servers). If we could have some *statistics* that show x% of nonanonymous users get complaints and y% of anonymous ones do, this would be very useful for gauging the social impact of our technologies. (There could be some very surprising results---I get the impression that many very responsible people *prefer* anonymity, and conceivably the overall complaints on anonymity could even be *less*). 3) Possibility of net.trials Ok, so don't flame me too much on this one. But if `abusers' (this could be for anonymity on a local server, but eventually involve to other realms) were subject to a `trial by peers', imagine what this could do to enhance the legitimate reputation of networks. Suddenly, a judicial system. I certainly don't want to be known as an advocate of bringing in lawyers and bureaucrats. Actually, that's precisely why I'm proposing this, to prevent that scenario. Imagine that the net establishes these formal self-regulating mechanisms. People in the real-world law enforcement would be much less likely to become enraged by perceived abuses when they realize that there are intrinsic mechanisms for quelling the psychopaths (uhm, maybe, anyway). Also, if people weren't added to blacklists just by the caprice of one operator but after a perceived fair `trial', people at other sites would be much more willing to enforce the sentences of suspension, expulsion or whatever. An electronic trial by peers? (with voting at the end?) A very interesting idea. Each server may develop a kind of peer or family structure, keeping kin in line. Maybe everyone that replies to an anonymous message could vote in their header whether to get rid of the user, with the default `one vote of approval' (limit voting regularity). Approves add, complaints subtract. The user starts with some initial balance. If he gets down to zero, *poof*. Lots of `approval'? No problemo. Post something really outrageous? You might get enough zaps to lose it all. Imagine, this could improve the accountability of users in *general* (the mechanisms could be applied to new Usenet groups, for example, or if very trustworthy and fair even logins themselves). I've been a bit vague and ambiguous in some of these statements. This is because, as I hope has become clear, the kind of things that start out on anonymous servers could eventually have a much greater scope, so that it `behooves' us to develop effective and dynamic mechanisms for self-regulation. Keep in mind a lot of these things are happening already albeit in much less formal ways. For example, the convention is to send complaints to the system adminstrator at a site regarding their users, and they act as judge and jury (or use whatever other local procedures are in place). The user may or may not be able to justify their actions (redress). There is already a loose confederation of cooperation between administrators, esp. over extremely abusive posters. We already get somewhat public `trials' of extremists, where people put forward all the evidence on Usenet and argue both sides. `Enforcement' and `punishment' sometimes consists of revoking logins, feeds, or whatever. I think we ultimately stand to gain by `formalizing' a lot of the currently informal mechanisms in place. My feeling is that if we don't head off these issues at the pass, so to speak, Real World (tm) courts will start deciding them for us. Let's develop something we can be proud of and will be a model of excellence for the future, and not something frail and unstable. Perhaps our anonymous motto: ``I disagree with what you say but will defend to my death your right to say it.'' --Voltaire (written pseudonymously) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Christo Delaroderie Date: Thu, 25 Feb 93 11:13:35 PST To: cypherpunks@toad.com Subject: Unsubscribe me Message-ID: <199302251912.AA14389@bach.udel.edu> MIME-Version: 1.0 Content-Type: text/plain Please unscribe me. ctd From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mike Johnson Date: Fri, 26 Feb 93 01:20:53 PST To: newsham@wiliki.eng.hawaii.edu Subject: scheme Message-ID: <9302251625.A02767@smtplink.exabyte.com> MIME-Version: 1.0 Content-Type: text/plain > This encryption scheme uses XOR to encrypt data 1 character > at a time. Because of this it is suitable for protocols > where you need to send single bytes (or less) at a time. > Examples of this would be interactive ascii. Also it > is easily applicable to crippled lines like 7 bit lines. > This is because if the plaintext is 7 bits you can send > just the 7 bits after the XOR. Even more general you can > use it to encrypt any size at a time, down to single bits > if you just have 1 bit to send immediately and dont want > to wait for more data to become applicable. > Ok. So what are its disavantages? Syncronization, as > soon as synchronization is gone thats it, its all over. Each > block of 'pad' is generated from previous plaintext, if you > cant figure out the previous plaintext you are lost. > > Notice it uses a hash() function, this could be anything, ie > DES, or perhaps a one way function (no unhash() is ever needed). > The algorithm is fairly simple, the beginning is a bit wierd > and could have been done several ways. The first 8 bits in > this implementation are used for synchronization. > ...(source code omitted) If you use DES, you are just using a variation of DES in cipher block chaining mode. If you use some other hash function, your cipher is as weak as the hash function. If you use key bytes directly to XOR with, and never reuse key material, you have a variation of the one time pad (which is good, but takes LOTS of key material). If you reuse key material when XORing it directly, you have a weak cipher vulnerable to a known plain text attack. There is nothing really new here... For more info on this, if you have a PC and a modem, you can call a BBS at 303-938-9654, download CRYPTMPJ.ZIP, and read THESIS.DOC in that file. Perhaps one of you could put this file at an ftp site for wider distribution? The stuff in that file about data compression is kind of out of date, but the cryptographic information (including some source code) might be of interest to some others in this group. Mike Johnson mikej@exabyte.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Thu, 25 Feb 93 09:33:59 PST To: John Nieder Subject: Re: dispatches from the front lines of anonymity In-Reply-To: <5046.2B8CB524@fidogate.FIDONET.ORG> Message-ID: <9302251604.aa21585@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > There is also the problem of those (like me) who access the internet > from outside, through gates. The messages are not only marked with the > point of origin automatically by the originating BBS's software, but are > also subject to monitoring by any number of systems operators en route > to internet. When all of the headers (including passwords for the > anonymous servers) are in plaintext, the entire anonymous system seems > compromised. While some servers I haven't tried yet seem to be PGPed, > this doesn't seem to be the case with penet.fi. Penet.fi will be PGP:s as soon as I get PGP running reliably on the Interactive UNIX system I use. This weekend, I hope... But if you all keep coming up with other new features I have to add, I don't know how long it's going to take. And I have to upgrade the hardware as well, the load is getting so big the current server is running out of both CPU and disk. This weekend I will upgrade to a 486SX motherboard and a bigger disk. > BK> How about an EFF sponsored server? > > Yes, and preferably at a site outside the US, just for good measure. > There is an obvious appeal to having servers outside the jurisdiction of > American law-enforcement busybodies. Yeah, seems that (and the fact that I have 100% control not only of the site but of the network as well) is what has kept anon.penet.fi up this long... Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Fri, 26 Feb 93 01:44:59 PST To: cypherpunks@toad.com Subject: 1000 points of light? Message-ID: MIME-Version: 1.0 Content-Type: text/plain David Mandl writes - DM> Yup, there are dozens of reasons to want anonymity. This DM> should be completely obvious to anyone moving in cypherpunk DM> circles--or alt.sex circles, where, amazingly, some DM> well-respected sexosophists actually spoke out against anonymous DM> posting recently. No offense intended, but anyone who can't think DM> of situations where anonymity is essential should get out more. DM> Any first grader can list dozens of places where even mild DM> blasphemy will get you locked up for a long time. [Begin Zerowork DM> tangent] And even if you think the U.S. isn't one of them (which DM> it is), keep in mind that most workplaces are effectively stalinist DM> dictatorships, and bosses may not be thrilled about having their DM> employees discuss crypto anarchy, the overthrow of governments, or DM> S & M on the net. Point taken, however there will be those who will argue that, "S & M has no business being discussed on the net in the first place." Not exactly my sentiment, but you know the spiel. That type of "Stalinist dictatorship" mentality inherently exists in every nook and cranny of society, including the nets. My original post was not issued as a challenge, but merely a question to gauge some of the responses and justifications I hoped to receive. ;-) Cheers. Paul Ferguson | Network Integration Consultant | "All of life's answers are Alexandria, Virginia USA | on TV." fergp@sytex.com (Internet) | -- Homer Simpson sytex.com!fergp (UUNet) | 1:109/229 (FidoNet) | PGP public encryption key available upon request. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: corwin@Cayman.COM (Lord Among Panthers) Date: Thu, 25 Feb 93 14:53:44 PST To: cypherpunks@toad.com Subject: archives Message-ID: <9302252252.AA22873@cuba.Cayman.COM> MIME-Version: 1.0 Content-Type: text/plain Is there an archive for this list? thanx, corwin From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mark@coombs.anu.edu.au (Mark) Date: Wed, 24 Feb 93 23:05:32 PST To: cypherpunks@toad.com Subject: Re: a project for those who like it Message-ID: <9302250704.AA05982@coombs.anu.edu.au> MIME-Version: 1.0 Content-Type: text/plain >I have been working on an idea or a secure chat system for internet and have >up with some ideas. The concept is to runa server(a single server) to >process the chat for up to say 50 users(more may lag you to death) using >public key to secure the system. The server would be on an internet machine >and the client would be on the users home pc. We use the home pc concept >to avoid transporting raw data(unencrypted) over internet and phone lines. >The basic gist (in a pseudo pseudocode) is this: >Tell me what you think. People are already wrking on this project, but many >more may be needed to bring it to its completion. Since I am not >the IP programmer from hell, at this point I am doing the pc client. Hmmm, are you talking about '4m'? That is a similarly goaled communication system as well. Currently it exists in plain text format, between the clients and the (as of today, five) servers. The system has always been destined to have encryption built into it, from triple des and PK for the key transactions. To get into it quickly ftp /pub/misc/4m-212.tar.Z from ftp.santafe.edu and install. It runs on suns, bsd, aix and similar. I have an hpux port done by someone if it is required. It would seem smarter to develop an already existing and debugged instead of reinventing the wheel. Contact chasin@santafe.edu for details. Mark mark@coombs.anu.edu.au From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jay Prime Positive Date: Thu, 25 Feb 93 20:10:40 PST To: mbrennan@netcom.com Subject: Law&Disorder (fwd) In-Reply-To: <9302241728.AA27534@netcom.netcom.com> Message-ID: <9302252008.aa03961@hermix.markv.com> MIME-Version: 1.0 Content-Type: text/plain Ok, there are two of us here in LA. Any one (else) want to do a cypherpunk meat meet? j' From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Thu, 25 Feb 93 10:24:25 PST To: deadbeat Subject: Re: Re: Anonymity vs accountability - a balanced view (maybe?) Message-ID: <9302251927.aa23422@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > Folks who have watched USENET for any appreciable length of time know > that reason is not highly prized there. Volume is. > > The self-apponted gods of the net can't stop us, they can only bitch > about us. Let them. > > This is no different than any other USENET issue. The only way to win > is not to play. I have been trying to do that. But... Unfortunately they *can* stop a lot of us. Let's take anon.penet.fi as an example. A poor 386 box playing sitting duck for anyone who really wants to flood it (and Karl Kleinpaste, among others, has spoken about doing this on news.admin.policy). The other thing is that in some official circles news.admin.policy is regarded as some kind of semi-authority. If that group reaches a consensus to ban anon postings I would get hassled by at least the academic network in Finland, for "causing Finland a bad name on international networks". It wouldn't stop me, but might make my life a bit unconfortable. And it has managed to stop almost every anonymous posting service to date. Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Thu, 25 Feb 93 10:57:32 PST To: "Timothy C. May" Subject: Re: Anonymous flooding In-Reply-To: <9302250718.AA07276@netcom.netcom.com> Message-ID: <9302252003.aa23700@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > >Exactly as has happened to anon.penet.fi. ;-) > > Have I missed something? Has anon.penet.fi been shut down or cut off from > the net? Notice the ";-)". I made a failed attempt at irony. Should have learned never to try it in a foreign language ;-) > Please fill us in. I think most of us are rooting for you and your system > (though some *.army.mil readers are probably not--they just can't stand the > thought of defense secrets being sold on crypto anarchy nets!). Thanks! Appreciated! Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phiber Optik Date: Thu, 25 Feb 93 18:15:09 PST To: thug@phantom.com (Murdering Thug) Subject: Re: Poor Man's Anonymous Remailer In-Reply-To: Message-ID: <199302260212.AA10770@eff.org> MIME-Version: 1.0 Content-Type: text/plain > > gg@well.sf.ca.us writes: > > Duncan's posting about AT&T mail as a "poor man's anonymous mailbox" misses > > one crucial fact. The moment you dial an 800 number, you generate a record > > of your phone number via ANI, which means AT&T gets that information in > > realtime and can probably correlate it with your phone account and service > > address and name. If you want anonymity, never ever ever use any service > > which requires you call in via an 800 number. > > There's an easy way to prevent your number from being passed to an 800 > number owner via ANI. Simply place the call using a TSPS/OSPS ("0") operator. > Say "I'm having trouble dialing 800-xxx-xxxx, could you please place the > call for me?" Once the call goes out over another trunk line, your number > is not passed on. If you have ever dialed those ANI "Demo" 800 numbers > that read back your number via synthesized voice, and then tried calling > them again using a TSPS operator, you'll know exactly what I'm talking > about. This is at least the way it worked a while ago, I don't know if it > still applies or of they modified TSPS consoles pass on the number. > Perhaps Phiber could clarify this a bit and tell us if this still works, > and if it still works in all areas, or what areas it would not work in. It's OSPS, by the way, referring to AT&T's Operator Service Position System, operating on 5ESS switches, and the successor to TSPS. And it's double zero, ('00'), not a single one. '0' gets you your local BOC operator. Also, TSPS has been defunct for a number of years. Currently, ANI is not passed along by OSPS, but the area code is, so you're not completely anonymous. I wouldn't expect this to last for any stretch of time either, it isn't the most difficult thing in the world to simply pass the entire number along. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mark Turner Date: Thu, 25 Feb 93 15:02:39 PST To: mbrennan@netcom.com (Michael Brennan) Subject: Re: Finding Mac PGP software? In-Reply-To: <9302250901.AA16429@netcom.netcom.com> Message-ID: <9302252151.AA01607@clio.kram.org> MIME-Version: 1.0 Content-Type: text Michael Brennan is rumoured to have said.... > > Dave Banisar writes: > > MacPGP is available at mac.archives.umich.edu via gopher and FTP. > > Dave, I've tried ftp'ing to that site, but I get "unknown site". Is that > really the correct address? I appreciate the info. Also available in ftp.demon.co.uk:/pub/pgp. Regards, Mark. -- /\/\ark Turner Demon Systems / Demon Internet Home: mt@kram.org (PGP key available) 42 Hendon Lane, London Office: mark@demon.co.uk (+44 81 3490063) N3 1TT, England *** IP level dialup Internet connectivity for a tenner a month! *** PGP server: email to pgp-public-keys@demon.co.uk with subject 'help' From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: trump@pluto.ee.cua.edu (Louis Edward Trumpbour) Date: Thu, 25 Feb 93 19:51:12 PST To: cypherpunks@toad.com Subject: No Subject Message-ID: <9302260351.AA17473@pluto.ee.cua.edu> MIME-Version: 1.0 Content-Type: text/plain things on my mind well i am relatively new to the cypherpunks list so i have a few comments to make on my behalf. (1) i read in a message about the current rise in the member of subscribers and this rise was passively related to Mondo. There was also some concern expressed in this message about the number of people dropping the list and from those comments i reply that the list does generate an awful lot of mail. And this mail is often quite technical (well if i was talking from a technically illiterate point of view it would very technical... i generally can follow the idea and their technicality though) and this technicality is a turn off to the Mondo type. I know that Mondo has said allot about the problems of personal security on the information age but not in tech-speek... i believe that most of the Mondo types will unsubscribe from this list because it is not a part of their focal of interest. Yes the list talks about current issues but again from a technical point of view and for the Mondo crowed n general it is a real turn off. (2) Att Mail is nice. If anyone cares i will find out about what features it has... i.e. ftp, telnet, irc, etc... My sister is an Att employee and she is given an attmail.com address for her on the go and work sight mail... it is nice because i can stay in contact with her because Att mail has a 800 international dialup. My sister has a portable NCR computer with modem and can get my mail where ever she is. In 1992 she was back and forth from Puerto Rico and New Jersey for AT&T now she is all over Europe. A very nice convenience for the (wo)man on the run. (3) Am I from D.C. and i am unsure if the world knows about this but in November the Secret Service raided our 26oo meeting at the Pentagon City mall. I know that we here in D.C. have all the more concern about security and frequently use are PGP keys because there is little doubt that our BBS are being taped et cetera and i am certain that in the near future there will be an upsurge of us D.C. boyz to your list. (4) About DES. The data encryption standard is, no doubt in my mind, quite cracked by NSA. If it is not completely cracked it is at least very easy to get into by these boys. I have found that there is too much evidence that NSA has gotten in to DES pretty well. For starters (not a proof by the way) the cryptographers who work for NSA spend most of their time breaking encryption and its pretty mind boggling to think that no short cuts have been found to DES by a bunch of dedicated cyptographers. Damn if that was my job and my field of knowledge i am sure i would have at least a little short cut of some sort. So i have been doing a little work on DES but i am unsure about the validity of my ideas and their effects on encryption... if i do feel that i find something i will certainly let it out but i was just wondering if people had any DES source in all or any languages??? it would be very helpful to get cross language DES source... Well i hope that this note wasn't too boring but i felt that i had to get it out to the list. so hopefully i will get some From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Vince Tessier Date: Thu, 25 Feb 93 20:10:55 PST To: cypherpunks@toad.com Subject: Overload! Unsubscribe with regrets Message-ID: <199302260409.AA00210@vela.acs.oakland.edu> MIME-Version: 1.0 Content-Type: text/plain I regret that I do not have time to keep up with the volume of mail this list generates, and must unsubscribe. If, however, you are able to digestify all the mail into a single piece, I would be interested again. -- Vince -- Vince Tessier (vtessier@vela.acs.oakland.edu) "When guns are outlawed, only Carl Rowan will have guns." From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Thu, 25 Feb 93 21:36:58 PST To: trump@pluto.ee.cua.edu (Louis Edward Trumpbour) Subject: No Subject In-Reply-To: <9302260351.AA17473@pluto.ee.cua.edu> Message-ID: <9302260534.AA27732@bill-the-cat.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain >> (4) About DES. >> The data encryption standard is, no doubt in my mind, >> quite cracked by NSA. If it is not completely cracked it >> is at least very easy to get into by these boys. I have >> found that there is too much evidence that NSA has gotten >> in to DES pretty well. For starters (not a proof by the >> way) the cryptographers who work for NSA spend most of >> their time breaking encryption and its pretty mind >> boggling to think that no short cuts have been found to >> DES by a bunch of dedicated cyptographers. Damn if that >> was my job and my field of knowledge i am sure i would >> have at least a little short cut of some sort. I've heard this argument before. The NSA has a whole lot of people doing crypto, but (again, with no proof) I can't imagine that they have whole armies of people dedicated to breaking DES. The fact is, there are a lot of very good cryptomathemeticians in academia, who do publish their results. Shamir is an excellent example of this. The fact is, the best known attack requires 2^37 *chosen* plaintexts, more if the plaintexts must be ASCII. I also believe that nobody's security is perfect, and that if something as big as DES was broken, even at the NSA, we would have heard about it. If the world banking industry trusts DES for their trillions of dollars a day, I'm willing to trust it for my little, insignificant messages. Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: George A. Gleason Date: Fri, 26 Feb 93 01:38:21 PST To: ld231782@longs.lance.colostate.edu Subject: Re: more ideas on anonymity Message-ID: <199302260935.AA06571@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Re your posting on categories of offenses and so on. Agreed strongly that sites should post banners stating the policies they adhere to. I'd suggest the following division of offenses: 1) Anything involving physical violence, threats of violence, incitement to violence. (this includes acts such as rape, pedophelia etc., since these acts involve power as much as anything and can be seen as primarily violent acts) (this also includes things like Nazi propaganda where there is a historic precedent or strong undertone that violent acts are encouraged) 2) Other (not violent) crimes against persons or property. 3) Antisocial or questionable actions such as victimless crime, propagation of lies (for instance a faked Challenger transcript), violation of Net rules. Obviously these have descending levels of severity by most reasonable standards. I would not in any way make sysops or admins responsible for postings which may be illegal in their country of origin: both for pragmatic reasons (no one can possibly be held to know the laws in all the other participating countries) and for ethical reasons (stalinist coup in Russia; fascist consolidation in ex-Yugoslavia, now you have to play cop against dissidents from both; no thanks!). I believe unpopular opinions ought to be protected as long as they don't encourage illegal or violent actions. The test case for this is racism or some equivalent. If someone wants to argue a case that their race is the Master Race or whatnot, I can't see squelching them for making opinion-noise unless they're also e.g. advocating violence. Once we get in the opinion-censoring biz, it's a steep slippery slope. OTOH, we also shouldn't be an arm of LE, and hence the idea that discussing victimless crimes ought to be a very bottom-of-the-list kind of thing. -gg From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: George A. Gleason Date: Fri, 26 Feb 93 02:00:32 PST To: thug@phantom.com Subject: Re: Poor Man's Anonymous Remailer Message-ID: <199302260956.AA08793@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Re Thug & Phiber on the long-term chances that OSPS will forward the entire number to the destination.... The solution to this is Anonymous Diverters. You have pairs of telephone numbers set up. Callers come in on one side, and are connected to the other side behind a toll-restrictor that only allows calls beginning with 1-800+. The minimum configuration is two lines, one in and one out. With a PBX you can handle from three patches at one time all the way up to 10,000. I can provide hardware and associated programming to anyone who is interested in starting one of these services. When using an Anonymous Diverter, the destination 800-number only gets the ANI of the diverter's outgoing side. Now of course, Big Brother can simply watch the incoming side of the diverter if he wants to, but at least this keeps your originating number secret from the destination 800-number. Right now there are 900/976 numbers set up with this kind of service, but I don't see any evidence that they are designed for data applications; and the per-minute rates are typically way high. What is needed is a network of local service providers who can do the same job either free as a public service or at a reasonable cost. One way to provide service at reasonable cost is to have prepaid flat-rate cash accounts from regular subscribers and give each of them some kind of password (no ID there either; you pay cash and choose your password, it never ties in to your name or anything else). This is also something we can set up on our larger PBXs if you're interested. Come to think of it, we have a client whose PBX would be ideal for this, but we have to check with them. It would only be open on an after-hours basis of course, when they're not using the lines. And it won't cost them anything since those 800+ calls are free. Now also, if anyone in the Bay Area wants to set up one of these, the actual monthly cost is less than $50.00 for lines, plus line cards at the rate of about $600 per each eight trunks (four links through the system). Anyone interested...? We're going to be putting in a larger switch later this year which will also give us the ability to do those anonymous cash accounts such that you could have toll-call dialling privileges through the system on a prepaid basis. Anyone interested in *that*...? - gg@well.sf.ca.us From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mccoy@ccwf.cc.utexas.edu (Jim McCoy) Date: Fri, 26 Feb 93 00:37:48 PST To: cypherpunks@toad.com Subject: Re: Dining Crypto -- An Introduction In-Reply-To: <930224201510_71562.3445_CHT104-1@CompuServe.COM> Message-ID: <9302260836.AA23943@tigger.cc.utexas.edu> MIME-Version: 1.0 Content-Type: text [...] > 2) This means markets freed from even the theoretical possibility of > regulation. Anything that can be digitized can be sold with no restraints > save the absence of a willing buyer. Books, movies, VR epics, financial > products, and all non-physical services can be traded without coercion (and > without taxation). Remember too that "non-physical services" includes > almost all management and professional services. The technique of > "anonymous credentials" can be used to check out those you deal with. There is no way you can get around taxation if you intend on using this system in real life. Your system is much like that of a drug dealer, he gets all this money, but has no where to spend it until it has been laundered. They will get you at the banks or wherever you go to spend your money. The "War on Drugs" has really caused this kind of banking service to dry up, and unless you are moving millions of dollars a day no one is going to even look at you if you want to make your money untraceable... > 3) The lack of regulation in the "spiritual realm" will distort market > transactions in the still controlled "physical realm." People will tend > to "unbundle" the non-physical aspects of their services and sell them on > the nets even if it is less convenient to do so because of the *tax* savings. Death and taxes. You can't escape them, so lets drop that fantasy and concentrate on the rest. Your digital/untracealbe/untaxable cash can only purchase items from this shadow world of non-physical things, and that just doesn't pay the rent or put food on the table. The appetite of the taxation-beast will not diminish, and everyone will just end up having higher taxes on the physical elements of daily life that can't be stuffed on the wire. Sounds like this is going to be a world of info-elite tax dodgers...the public will love you... The unbundling of the physical and non-physical aspects are nice, but how many non-physical aspects of a service are there? There are a lot of things that can be done through a network, but there are still a lot of things that will never escape thier own tangibility; these are generally the things in life one cannot do without, like food, shelter, etc. > 4) The reduction is government "revenue" as economic activity transfers > to the nets will induce a beneficial downward spiral in the authority and > power of government. Yeah. Right... If only it were true... jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Fri, 26 Feb 93 02:42:34 PST To: Johan Helsingius Subject: Re: Moral dilemma. (not really) In-Reply-To: <9302260807.aa01498@penet.penet.FI> Message-ID: <9302261042.AA18729@toad.com> MIME-Version: 1.0 Content-Type: text/plain > This is ticket scalping, pure and simple (selling a ticket for higher > than its value. This is extremely illegal in the United States. This > is also a posting promoting a private enterprise for profit on the > internet, extremely unethical. This person, like most such complainers, is uninformed. They are taking advantage of your physical and informational distance from the actual situation: (1) It's completely a matter of local law whether "ticket scalping" is legal or not. Many jurisdictions have no problem with businesses investing in "ticket futures" in the hope that the price will rise. In any case, it is not "extremely illegal". Murder is "extremely illegal", except when done on behalf of a government. Scalping is a minor crime when it's a crime at all -- like jaywalking. (2) Promoting a private enterprise for profit on the Internet is completely legal and ethical. The Transatlantic link is certainly open to commercial business. Now, if they'd said "...on the Usenet" then there would be guidelines to follow, which mostly include sticking to the topic and not posting repetitive ads. I think that a single ticket ad in the Grateful Dead newsgroup is not out of line on either count. Especially given the number of people who end up looking for tickets because of bogus Grateful Dead Ticket Service policies. (3) Individuals selling things in "garage sale" mode are exempt from any ethical or moral Usenet/Internet restrictions on "commercial use" anyway. > Furthermore, the people who are doing this are selling what are known > as "taper tickets". These tickets are only available through the > Grateful Dead Ticket Service via mail order. The reason GDTS does > this is to help deter scalpers. Scalping tickets is a perfectly legitimate business enterprise. Scalping Grateful Dead tickets is even a commendable activity, considering the hassles that the Dead scene puts you through to get tickets. Personally, I only go when some friend offers me tickets, since it ain't worth the bullshit of tracking when to order (via email list or polling their phone service), sending in money orders within half a day of then, and following all the little regulations about the size and shape of the envelope, etc. A lot of places that have little `protected' markets like this, are going to find out what a free market is like. Good. John From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Fri, 26 Feb 93 03:01:57 PST To: cypherpunks@toad.com, gnu Subject: Re: more ideas on anonymity In-Reply-To: <199302260935.AA06571@well.sf.ca.us> Message-ID: <9302261101.AA18976@toad.com> MIME-Version: 1.0 Content-Type: text/plain We have to keep an eye on each others' knees here -- there's a tendency for a knee-jerk reaction not based on reality. Squabbling over what "crimes" or "antisocial acts" should disqualify one from being able to use anonymity is ***WAY*** missing the point. It is the people who have crossed one of those lines who need the protection the most! And, at least the US Supreme Court thinks it is in society's interest to protect them: The case is Talley v. California, 362 US 60 (1960), in which the Supreme Court invalidated an ordinance which prohibited the distribution of any handbill not bearing the name and address of the person who prepared it. The Court rejected the state's claim that the ordinance was necessary to help identify those responsible for fraud, false advertising, or libel. According to Tribe, the Court reasoned that "a ban on anonymous pamphleteering falls with much greater force upon individuals and groups who fear majoritarian disapproval and reprisal -- upon dissidents and upon the unpopular -- than upon those with widely approved messages to deliver." To quote a cypherpunk who usually has more sense: > I believe unpopular opinions ought to be protected [as long as they don't > encourage illegal or violent actions]. > Once we get in the > opinion-censoring biz, it's a steep slippery slope. I inserted the [ and ]. He forgot to note that he's *already* advocating opinion-censoring, and yes, he's already sliding down the slope. John Gilmore PS: There is no way to enforce rules on the content of messages sent through encrypted anonymous remailers. Think about it for a minute. All there needs to be is *one* remailer anywhere in the world, which will send any message to the final destination. Anyone can send an encrypted message to the "freedom-loving" remailer, via their local remailer. Even if the inputs to the freedom-loving remailer were tapped, the messages that arrived there would already be anonymous (headers stripped) and encrypted. Since what passes through the rest of the "freedom-hating" anonymous remailers is encrypted, they can't see the content anyway. You could prohibit encrypted messages through your freedom-hating remailer, but (1) that's easy to circumvent, and (2) what would be the point of your running a remailer? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: George A. Gleason Date: Fri, 26 Feb 93 04:02:15 PST To: gnu@toad.com Subject: Re: more ideas on anonymity Message-ID: <199302261159.AA19219@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain John, I missed where I might have been advocating censorship... maybe it's so late at night that my logic filter is getting fuzzy... Of course one can't see the content of an encrypted anonymised message, but the case I'm concerned with here is where someone receives an encrypted threat message or some such, and wants it traced. In that case there ought to be some means. I'm speaking from recent experience, having received what the Berkeley PD considered a credible death threat on my answering machine last week... Okay, maybe your point hinges on the "advocating violent acts" item. Well this is a pretty tight issue: hard to differentiate between someone advocating insurrection, advocating race war, and advocating going out in your own neighborhood and killing (whoever). Either way it is advocacy of violence against someone. And I honestly don't have a simple answer to that one. The main point I was trying to go for is pretty unambiguous, that direct threats of violent actions are much more significant than for instance advocacy of committing some victimless crime or another... but that's a dull-obvious one compared to the advocating violence item. Somehow I believe we're going to need to consider the threats & violence questions sooner or later, if for no other reason than to have some solutions at hand when it happens and people start clamoring for restrictions on public access to crypto and anonymity. (jeez my writing is a mess at this hour!) -gg From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: bill powell <71221.413@CompuServe.COM> Date: Fri, 26 Feb 93 01:23:26 PST To: Subject: my pgp key Message-ID: <930226091524_71221.413_EHL28-2@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.1 mQCNAirtyeIAAAEEALTnTD+eyIxauah9U6TfH+aSW1oawYnF/MWiPvxdPAI5oGaN xoMoJvmoGnidIxjNai7N16n4/suKAGta1eL5CXB7YYkRmDgkSYgP7phYQvZU4D6U 8TpdQ9pazK4DPdkS6EErS2PM0Pi184NJRpslh+FAfmNPWSWuO4bhudIf3n7fAAUR tClXaWxsaWFtIFBvd2VsbCA8NzEyMjEuNDEzQGNvbXB1c2VydmUuY29tPg== =45AN -----END PGP PUBLIC KEY BLOCK----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: John.Nieder@f33.n125.z1.FIDONET.ORG (John Nieder) Date: Fri, 26 Feb 93 07:41:26 PST To: cypherpunks@toad.com Subject: DES Message-ID: <5067.2B8E35E1@fidogate.FIDONET.ORG> MIME-Version: 1.0 Content-Type: text/plain * Reply to msg originally in Cypherpunks marc@Athena.MIT.EDU (Marc Horowitz) writes: BK> I also believe that nobody's security is perfect, and that if BK> something as big as DES was broken, even at the NSA, we would have BK> heard about it. If the world banking industry trusts DES for their BK> trillions of dollars a day, I'm willing to trust it for my little, BK> insignificant messages. I'm surprised that you haven't had 53 replies to this already, but in that you haven't I suppose I ought not let this go by unchallenged. In a _MicroTimes_ article by Jim Warren of the EFF, the unreliability of DES was discussed at length. In a nutshell, Marty Hellman of Stanford broke the "unbreakable" 54-bit DES _prior to its adoption as a standard_. He promoted the idea of a 64-bit DES instead, but was _opposed by the NSA_ for reasons we can all speculate upon at length. This opposition is the basis of the rumors (?) of DES being backdoored by the NSA. The upshot was that DES was adopted _after_ being demonstrably compromised. The postscript to this is that Hellman's proposed "unbreakable" 64-bit DES variant was later cracked as well. The post-postscript is an apocryphal story I personally got from an Israeli communications tech and minor spook. He claimed that DES was broken by the cryptanalytic arm of Israeli intelligence _in two hours_. It is relatively certain that a DES-encrypted cyphertext can be easily decrypted by well-equipped agencies. Whether decryption is now trivially accomplished by private parties is another question. JN ... "He isn't my president & these aren't my people." --- Blue Wave/Opus v2.12 [NR] -- John Nieder - via FidoNet node 1:125/555 UUCP - ...!uunet!hoptoad!kumr!fidogate!33!John.Nieder INTERNET - John.Nieder@f33.n125.z1.FIDONET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: John.Nieder@f33.n125.z1.FIDONET.ORG (John Nieder) Date: Fri, 26 Feb 93 07:41:22 PST To: cypherpunks@toad.com Subject: Re: dispatches from the front lines of anonymity Message-ID: <5068.2B8E35E2@fidogate.FIDONET.ORG> MIME-Version: 1.0 Content-Type: text/plain * Reply to msg originally in Cypherpunks julf@penet.FI (Johan Helsingius) writes: BK> Penet.fi will be PGP:s as soon as I get PGP running reliably on the BK> Interactive UNIX system I use. This weekend, I hope... But if you all BK> keep coming up with other new features I have to add, I don't know how BK> long it's going to take. It must seem a thankless task sometimes, I'm sure. One thing I noticed about penet.fi's processing of messages is that it at least scrapes off the trailing addresses automatically tacked on at the end of every outgoing message leaving all Fido BBSs. A test message sent via the babani remailer arrived anonymously, but with all three lines of the address footer (see below) attached. Hardly anonymous... > Yes, and preferably at a site outside the US, just for good measure. > There is an obvious appeal to having servers outside the jurisdiction of > American law-enforcement busybodies. BK> Yeah, seems that (and the fact that I have 100% control not only of BK> the site but of the network as well) is what has kept anon.penet.fi up BK> this long... Yes, and don't think that we don't appreciate your efforts! JN ... Criticism is nothing but a mild form of envy. --- Blue Wave/Opus v2.12 [NR] -- John Nieder - via FidoNet node 1:125/555 UUCP - ...!uunet!hoptoad!kumr!fidogate!33!John.Nieder INTERNET - John.Nieder@f33.n125.z1.FIDONET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Fri, 26 Feb 93 00:43:04 PST To: cypherpunks@toad.com Subject: Moral dilemma. Message-ID: <9302260807.aa01498@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain This is a typical example of the dilemmas faced by an anon posting operator. Here is my reply to the complaint from an user in rec.music.gdead. Don't feel good about it, but... ------- Forwarded Message To: Subject: Re: abuse of internet access > To whom it may concern: > > I direct your attention to the following post made on the rec.music.gdead > newsgroup: > > Article 30001 (26 more) in rec.music.gdead: > From: an13488@anon.penet.fi > Subject: Tickets available > Organization: Anonymous contact service > X-Anonymously-To: rec.music.gdead > Date: Thu, 25 Feb 1993 20:48:01 GMT > Lines: 28 > > > We have the following tickets available: > > Rosemont: > 3/9 12 tickets > 3/10 6 tickets, 4 taper tickets > 3/11 10 tickets, 8 taper tickets > > Richfield: > 3/14 12 tickets > > Landover: > 3/16 12 tickets > 3/17 12 tickets, 6 taper tickets > > > 3/17 12 tickets, 6 taper tickets > 3/18 6 tickets, 2 taper tickets > > Tickets will be sold for best offer. Include your phone number with your > bid. Winning bidders will be contacted by phone to arrange payment > and delivery of tickets. We accept Visa and Mastercard. Bids are > taken up to 5 days before the show, although we may contact you earlier > if we feel your bid is suficient to warrant immediate sale. > - ------------------------------------------------------------------------- > To find out more about the anon service, send mail to help@anon.penet.fi. > Due to the double-blind system, any replies to this message will be anonymized, > and an anonymous id will be allocated automatically. You have been warned. > Please report any problems, inappropriate use etc. to admin@anon.penet.fi. > *IMPORTANT server security update*, mail to update@anon.penet.fi for details. > > > This is ticket scalping, pure and simple (selling a ticket for higher than its > value. This is extremely illegal in the United States. This is also a posting > promoting a private enterprise for profit on the internet, extremely unethical. > > Furthermore, the people who are doing this are selling what are known a > s > "taper tickets". These tickets are only available through the Grateful Dead Ti > cket Service via mail order. The reason GDTS does this is to help deter scalpe > rs. I hereby request 2 courses of action from you: > > 1)You immediately suspend Internet access priveleges of the individual(s) > responsible for this posting. > > 2)You provide the individual's (or individuals') name(s) to the Grateful > Dead Ticket Service so they may take legal action against these criminals. > > I hope my letter is merely one of many that have reached you concerning this su > bject. I assure you, there are many people who will not tolerate this and > will do everything in their power to see that these people are caught and stopp > ed. Furthermore, if you are going to offer people anonymous Internet access, > be prepared to face the consequences when your clients break U.S. law. As far > as I am concerned, you are an accessory and should do everything in your power > to rectify this situation. > > I hope you take the time to respond and tell me what measures you have taken. I have sent the person a message informing him/her that the account will be blocked if the inappropriate postings continue. In an international world, where laws, customs and morals vary from one place and culture to another, and where a lot of people are trying to force their views onto others, the only way a service like anon.penet.fi can operate is by very simple and firm rules that are followed without exception. One rule is that I *never* reveal the true identity of an anon user, and another is that I *never* block access to the server without warning and without giving the person a chance to defend him/herself. I do understand your views, and I am very sympatetic to them, but I hope you also realize that inpartial service requires "blind" abiding to these rules. Julf ------- End of Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl Barrus Date: Fri, 26 Feb 93 07:24:55 PST To: cypherpunks@toad.com Subject: archives In-Reply-To: <9302252252.AA22873@cuba.Cayman.COM> Message-ID: <199302261523.AA06027@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain Cypherpunks, Recently, Corwin (one of the Nine Princes of Amber??) asked for an archive of the list. I've been saving articles since I joined - not all of them! - and currently sent them to another person. So right now I have them in my account in tar compressed format. I can also easily get MSDOS arj format. So if anyone else, especially folks new to the list, wants the back articles I've been saving, let me know. Eventually the FAQ for the list will be finished and new members can retreive that. My archive is split into different areas: digital cash, dc nets, anonymous mail, pools, timed crypto, misc topics, and probably some other stuff. My home computer is an MSDOS compatible, so files are named to comply with DOS restrictions! /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Anonymous@cs.Buffalo.EDU Date: Fri, 26 Feb 93 06:25:49 PST To: cypherpunks@toad.com Subject: Was: Poor man's anon server ... Message-ID: <9302261424.AA22409@armstrong.cs.Buffalo.EDU> MIME-Version: 1.0 Content-Type: text/plain There was a mention uptopic of ANI "demo" numbers. Anyone have one of them kicking about? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: hkhenson@cup.portal.com Date: Fri, 26 Feb 93 11:55:13 PST To: cypherpunks@toad.com Subject: Re: DES Message-ID: <9302261100.2.21205@cup.portal.com> MIME-Version: 1.0 Content-Type: text/plain My take on breaking DES would be to just try all 2**56th keys on a massively parallel machine, though there may be better approaches. Keith From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Fri, 26 Feb 93 10:04:55 PST To: Subject: Re: more ideas on anonymity Message-ID: <930226173222_74076.1041_DHJ72-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain I want to add to John Gilmore's point about the practical difficulty of controlling anonymous postings and mailings if you are going to allow them at all. Johan is taking a very principled position by promising not to reveal true identities behind the pseudonyms. Instead, he offers to warn abusers, and if problems continue, to block their access to the service. Unfortunately, as more remailer sites develop, this tactic may become ineffective. It will be possible to chain remailers together in different ways, so that the effect is that you can post through Johan's system from many different addresses. With multiple remailers and chaining there is no way for the final remailer in the chain to know when two messages are coming from the same person. This will mean that it will not, in practice, be possible to block access for a given user. We discussed this earlier in the context of anonymous email. I had received a complaint from a young lady about receiving some offensive anonymous mail through my remailer. (This story was resolved surprisingly, BTW: it turned out that it was a joke message sent by a good friend of hers, someone who knew one of the Cypherpunks and who knew about the remailers. So she is no longer upset about the message at all. But I didn't know this at the time.) Realizing that it would not be practical to do source blocking, my suggestion was to implement destination blocking: no mail from my remailer would go to this person. Eric Messick expanded upon this idea recently so that only people who had actually requested anonymous mail would receive it. (A variation would be to first send a note to a person saying, "I have some anonymous mail for you; please reply within 48 hours if you'd like to receive it, otherwise it will be deleted.") Other variations upon this approach could help to keep anonymous remailers politically acceptable. But the idea doesn't generalize well to anonymous posting, except to do as Johan has done and forbid posting to certain newsgroups (sci.*, news.*, I'm not sure what else). This throws out the good postings along with the bad, though. I think the bottom line is that it will be difficult to provide anonymous/pseudonymous postings in a way which won't elicit the kinds of strong objections Johan has been facing. His controls are OK for now, but in the long run I think they won't work. What would happen if Johan just started ignoring the objectors? What if he stopped reading his mail for a while and left the service operating? Would his newsfeed eventually get cut off by Finnish authorities goaded into action by email complaints? Are there ANY sites in the world which would be immune to such pressures? I read that at the Hacker's Conference, the owner of Portal offered to run a remailer. Would he be able to stand up to these pressures? How about John Gilmore's machine? He made a powerful argument recently that he was not subject to various restrictions. Would it be possible to run a remailer there, perhaps based on Johan's code, which simply ignored complaints and allowed anonymous postings to all groups? Hal Finney From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Coyote Jack Date: Fri, 26 Feb 93 12:46:55 PST To: cypherpunks@toad.com Subject: subscribe Message-ID: <9302262045.AA111886@mead.u.washington.edu> MIME-Version: 1.0 Content-Type: text/plain subscribe cjack@mead.u.washington.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phiber Optik Date: Fri, 26 Feb 93 11:06:38 PST To: John.Nieder@f33.n125.z1.fidonet.org (John Nieder) Subject: Re: DES In-Reply-To: <5067.2B8E35E1@fidogate.FIDONET.ORG> Message-ID: <199302261905.AA23369@eff.org> MIME-Version: 1.0 Content-Type: text/plain > > > * Reply to msg originally in Cypherpunks > marc@Athena.MIT.EDU (Marc Horowitz) writes: > > BK> I also believe that nobody's security is perfect, and that if > BK> something as big as DES was broken, even at the NSA, we would have > BK> heard about it. If the world banking industry trusts DES for their > BK> trillions of dollars a day, I'm willing to trust it for my little, > BK> insignificant messages. > > I'm surprised that you haven't had 53 replies to this already, but in > that you haven't I suppose I ought not let this go by unchallenged. > In a _MicroTimes_ article by Jim Warren of the EFF, the > unreliability of DES was discussed at length. In a nutshell, Marty > Hellman of Stanford broke the "unbreakable" 54-bit DES _prior to its > adoption as a standard_. He promoted the idea of a 64-bit DES instead, > but was _opposed by the NSA_ for reasons we can all speculate upon at > length. This opposition is the basis of the rumors (?) of DES being > backdoored by the NSA. The upshot was that DES was adopted _after_ > being demonstrably compromised. Slow down. Firstly, DES encrypts a 64-bit block with a 56-bit key. Are you talking about key lengths? It was originally proposed to use a 128-bit key space, alla IBM's LUCIFER. But they opted on the smaller key, which fuels this NSA conspiracy theory. The other major thing, are the S-boxes, which no one has been able to deduce the reasoning behind the choice of the values, and that's the source of the "backdoor" theory. Saying that Hellman "broke" anything is a bit strong. I remember reading a published paper, I believe by Hellman and one other, describing that they were able to WEAKEN DES (with a smaller key space for their experiment), using a statistical approach, and that this could possibly be applied to the DES standard. > The postscript to this is that Hellman's proposed "unbreakable" > 64-bit DES variant was later cracked as well. > The post-postscript is an apocryphal story I personally got from > an Israeli communications tech and minor spook. He claimed that DES was > broken by the cryptanalytic arm of Israeli intelligence _in two hours_. > It is relatively certain that a DES-encrypted cyphertext can be > easily decrypted by well-equipped agencies. Whether decryption is now > trivially accomplished by private parties is another question. > > JN Now this is just hearsay with no basis in fact, only rumor. It remains that DES's only real "weakness", is that a major corporation, sparing no expense, can have many massively-parallel machines at their disposal, and do an exhaustive search of the key space. Which is just to state the obvious, that as computing speed increases, the amount of time to do an exhaustive search decreases. This has nothing to do with crypto- graphic weaknesses in DES, as you're suggesting. If you're not just some NSA-paranoid wacko, reference some papers to back up your claims. Otherwise, you're just another NSA-conspiracy theorist, and part of the noise. We're all capable of suspecting underhandedness on the part of the NSA, but when you start misrepresenting your opinions as fact, you're being nonconstructive. It would be of interest to all cypherpunks to be kept abreast of the academic research being done in this area, and someone may wish to post a list of recommended papers to read on developments in cryptographic weaknesses. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Fri, 26 Feb 93 11:28:46 PST To: Hal <74076.1041@CompuServe.COM> Subject: Re: more ideas on anonymity In-Reply-To: <930226173222_74076.1041_DHJ72-1@CompuServe.COM> Message-ID: <9302261927.AA06725@tla.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain All of Hal's quesions are excellent, but I'm afraid he's asking the wrong people. The people we should be asking are people like Rick Adams and Bill Schraeder, since utimately, it is people like them who decide whether or not to sell their service to any given site in the face of unpopular activites. If any of you actually buy network service from these guys, drop them a note and ask! Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mccoy@ccwf.cc.utexas.edu (Jim McCoy) Date: Fri, 26 Feb 93 13:00:41 PST To: cypherpunks@toad.com Subject: Re: more ideas on anonymity In-Reply-To: <199302261159.AA19219@well.sf.ca.us> Message-ID: <9302262059.AA25682@tramp.cc.utexas.edu> MIME-Version: 1.0 Content-Type: text George A. Gleason writes: > > John, I missed where I might have been advocating censorship... [...] > > Okay, maybe your point hinges on the "advocating violent acts" item. Well > this is a pretty tight issue: hard to differentiate between someone > advocating insurrection, advocating race war, and advocating going out in > your own neighborhood and killing (whoever). Either way it is advocacy of > violence against someone. [...] In the U.S. at least, there is nothing illegal about advocating race war or violence against groups and classifications of members of society. What is illegal is inciting others to violent acts against a specific person or target. Saying "Kill all WASPs!" is not illegal, but saying "Kill John Doe!" could get you arrested. You are treading a thin line (and I would say have passed onto the wrong side....) if you begin establishing policy such that a particular group or set of beliefs is denied access without justification, but just because "they are X." If you try to censor the communications of those who you despise then you are no better than they are... jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: rubin@citi.umich.edu Date: Fri, 26 Feb 93 12:14:25 PST To: hkhenson@cup.portal.com Subject: Re: DES In-Reply-To: <9302261100.2.21205@cup.portal.com> Message-ID: <9302262014.AA00768@toad.com> MIME-Version: 1.0 Content-Type: text/plain > My take on breaking DES would be to just try all 2**56th keys on a > massively parallel machine, though there may be better approaches. > Keith This isn't breaking DES. The best any encryption scheme can hope for is to only be broken by exhaustive search. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Fri, 26 Feb 93 16:59:15 PST To: cypherpunks@toad.com Subject: What We Need to Censor Message-ID: <9302270057.AA04000@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain I, too, am disturbed and worried by the abuses and politically incorrect postings being sent through anonymous remailers, so I support the calls by some on this list for censorship of various "bad" postings. Topics for banning: - hatred, such as the hatred some have for particular operating systems (unless the hatred is for DOS, which is justifiable, and hence acceptable). - advocacy of violence, which is why postings about Rambo movies and various porno movies (violence against women, don't you know?) need to be blocked by remailers. "Women Against Pornography" will be happy to instruct us on what media materials are acceptable and what are not. Jesse Helms, who is working closely with Andrea Dworkin and other feminists, will be happy to provide a list of banned topics. - this ban on advocating violence will also of course cover discussions of the Mideast, Bosnia, and the student uprisings in China several years ago (there was a lot of advocacy of violence then--can't have a repeat of that!). Let's all chant: "Hey Ho, Hi Ho, "rec.guns" has got to go." - ethnic slurs and advocacy of racial superiority (unless it involves the heartfelt calls for action by our oppressed African-American brothers and sisters, who have every right to call us honkies and advocate burning down our cities--we just can't tolerate those who call themselves "Aryan-Americans"). - advocacy of illegal acts, including nearly all postings to alt.drugs, alt.sex.children, talk.bizarre, and sci.crypt.underground. Come to think of it, perhaps those groups should just be shut down? - anonymous phone calls apparently are possible...perhaps we can require all phone calls go through government-cleared operators? And I have even heard that anonymous letters--even threats, blackmail (wonder where _that_ name came from?), pornography, and extortion demands--are possible using the U.S. mail system! How can this be? What can we do? I know, let's censor the mail system the same way we plan to censor the Net! So, you anarchists, let's implement these bans on what goes through remailers! One small problem: how can we do this when everyone's a remailer? When multiple routes exist? When sites are in many countries? Hmmmhhh...perhaps we censors just need to shut down the nets and stop all this loose talk. -Tim, applying for a job as a Usenet censor -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Brad Huntting Date: Fri, 26 Feb 93 17:36:21 PST To: hkhenson@cup.portal.com Subject: Re: DES In-Reply-To: <9302261100.2.21205@cup.portal.com> Message-ID: <199302270134.AA07742@misc.glarp.com> MIME-Version: 1.0 Content-Type: text/plain > My take on breaking DES would be to just try all 2**56th keys on a > massively parallel machine, though there may be better approaches. A massively parallel colection of dedicated DES encryption hardware might be more cost effective if had alot of these things to crack. Speaking of which, does anyone know who makes "the DES chip" (is there more than one?)? I'd like to find a data sheet for it. brad From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Theodore Ts'o Date: Fri, 26 Feb 93 16:05:42 PST To: gnu@toad.com Subject: Re: more ideas on anonymity In-Reply-To: <9302261101.AA18976@toad.com> Message-ID: <9302270004.AA06652@SOS> MIME-Version: 1.0 Content-Type: text/plain From: gnu@toad.com (John Gilmore) Date: Fri, 26 Feb 93 03:01:53 -0800 Squabbling over what "crimes" or "antisocial acts" should disqualify one from being able to use anonymity is ***WAY*** missing the point. It is the people who have crossed one of those lines who need the protection the most! It is perhaps tempting to say that people committing antisocial acts and crimes should be protected, if the image that comes to your mind is the courageeous freedom fighter. On the other hand, it behooves us all to remember that "protecting criminals" also includes protecting the people who threaten rape, murder or other violence. It may be the case that in order to protect the "freedom fighter", we must also strike down the laws that protect us from the "axe murderer". But we must make this choice consciously. It is silly and stupid of us to be obsessed with protecting ourselves from the axe murderer, that we we are also surpressing basic freedomes. At the same time, however, we must not wax over-romantic thinking about the plight of the "freedom fighter", of the "angry young man", without remembering that there are also some really nasty people out there. While anonymity has its features, we would do well to acknowledge that it also has its dark side. That people may hide behind a remailer, and send hateful, petting, harrassing things that they might otherwise not say if they actually had to take personal responsibility for their actions. Keep in mind that part of the mystique of the "freedom fighter", who takes on the government in his/her selfless task of Democracy and the American Way, is his courage and his willingness to take personal risk and personal injury in his Quest For the Right. Would we have the same respect for a coward who evades his personal responsibility by sending petty, hateful mail through a remailer; who breaks laws that he/she thinks are unjust, but is unwilling to face the consequences of breaking said laws? Remember, a big part of civil disobedience is the willingness to be arrested. - Ted From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: John.Nieder@f33.n125.z1.FIDONET.ORG (John Nieder) Date: Sat, 27 Feb 93 07:19:45 PST To: cypherpunks@toad.com Subject: Re: DES Message-ID: <5085.2B8EFE60@fidogate.FIDONET.ORG> MIME-Version: 1.0 Content-Type: text/plain * Reply to msg originally in Cypherpunks phiber@eff.org (Phiber Optik) writes: BK> Slow down. Firstly, DES encrypts a 64-bit block with a 56-bit key. BK> Are you talking about key lengths? Yes. BK> It was originally proposed to use a BK> 128-bit key space, alla IBM's LUCIFER. But they opted on the smaller BK> key, which fuels this NSA conspiracy theory. As was their reaction to Hellman's proposal for a 64-bit key and any other proposed out-of-house improvement at that time. BK> Saying that Hellman "broke" anything is a bit BK> strong. I remember reading a published paper, I believe by Hellman and BK> one other, describing that they were able to WEAKEN DES (with a smaller BK> key space for their experiment), using a statistical approach, and that BK> this could possibly be applied to the DES standard. I refer you to Warren on this. It was my understanding of the article that Hellman had actually decrypted DES cyphertext prepared with the then-proposed 54-bit key standard. BK> If you're not just some NSA-paranoid wacko, BK> reference some papers to back up your claims. Otherwise, you're just BK> another NSA-conspiracy theorist, and part of the noise. Please, there's no need for abuse here. I was referring to a published column by Jim Warren of the Electronic Frontiers Foundation in _MicroTimes_, a Bay Area computer paper. I do not know if you consider Warren or the EFF to be reputable. I assumed Warren's statements were factual. The assertion that Israeli intelligence made short work of DES was presented as I got it - an interesting rumor from someone who has been a fairly-reliable source of information in the past. BK> We're all BK> capable of suspecting underhandedness on the part of the NSA, but when BK> you start misrepresenting your opinions as fact, you're being BK> nonconstructive. I was merely relating published assertions by the EFF. If you believe these to be incorrect, then I'd advise you to take the issue up with Warren. I have no "opinion" in the matter, only suspicions. A great many people with academic background superior to mine also share these. My own background is in applied rather than theoretical security. I defer to academics in academic matters, but know that in matters of top security it is difficult to invest confidence in any mechanism as mired in continuing controversy as DES. That's all. JN ... "Oceania, 'tis for thee..." --- Blue Wave/Opus v2.12 [NR] -- John Nieder - via FidoNet node 1:125/555 UUCP - ...!uunet!hoptoad!kumr!fidogate!33!John.Nieder INTERNET - John.Nieder@f33.n125.z1.FIDONET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: root@rmsdell.ftl.fl.us (Yanek Martinson) Date: Fri, 26 Feb 93 18:42:34 PST To: cypherpunks@toad.com Subject: DES chips Message-ID: MIME-Version: 1.0 Content-Type: text/plain > Speaking of which, does anyone know who makes "the DES chip" (is > there more than one?)? I'd like to find a data sheet for it. There's no such thing as "the DES chip". "Since publishing the Data Encryption Standard, NBS has validated 45 (as of May 7, 1991) hardware and firmware implementations. Approximately three implementations are validated each year. The list of companies with validated chips is quite varied. It contains very small companies as well as many of the large U.S. electronics corporations. The implementations range from firmware programmable read-only memories (PROMs), which implement only the basic DES algorithm, to electronic chips that provide several different modes of operation running at speeds up to 45 million bits per second." ... "Hardware implementations of DES are widely available in the United States at prices under $100; DES encryption boards that can encrypt stored and transmitted data in a personal computer are available for under $1000; and stand-alone encryption units may be purchased for under $3000." (This is from "The Data Encryption Standard, Past and Future" by Miles Smid and Dennis Branstad, first appeared in Proceedings of the IEEE, vol. 76, no. 5, May 1988) I'm sure that since this was written the number of implementations has increased, the prices decreased, and the speeds increased. -- Yanek Martinson yanek@novavax.nova.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Fri, 26 Feb 93 20:38:18 PST To: Subject: Re: more ideas on anonymity Message-ID: <930227024147_74076.1041_DHJ57-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain Ted Ts'o is right that anonymity can be used for many harmful purposes. On the other hand, as Tim May suggests, attempts to control the flow of information can easily lead to restrictions which do more harm than what they try to prevent. Although I assume that most people here share a commitment to the overall goals of what Tim calls "crypto anarchy", it's possible that we all have different reasons for our support. My own angle is that these techniques enhance privacy and provide power to individuals which can counterbalance the influence and authority of large institutions. I've been influenced in this mostly by the papers of David Chaum. For me, crypto anarchy is a way to oppose the constantly growing databases of information about each person, a way for individuals to take control of information about their own lives. This is why I like one particular justification for anonymous posting that I read, that people should be free to choose for themselves how much information to reveal when they post. I worry that, although the networks are in their infancy today, there may come a time when all information ever posted to Usenet is online, accessible, and searchable in a few seconds. The posters' email addresses may be cross-linked to their current names and addresses. Anything you post today may come back twenty years from now to haunt you. (Already, the archives are being kept, so all that is needed is technological improvements to put the information on-line and allow that huge volume of data to be usefully searched.) Now, you may say, so what, 99% of what is posted on Usenet couldn't possibly interest anyone anyway, and besides, I'm not posting anything anyone would care about. This may be true, but think about how much you reveal about yourself over a period of time if you are an active poster. Imagine all of that information being available to every potential employer or new neighbor. Imagine trying to run for public office! I simply don't like the idea of everyone I meet potentially knowing my hobbies, interests, political affiliations, sexual preferences, and so on. These same considerations apply in many other areas of our lives. Financial transactions can supply a lot of the same information. So can phone records. Perhaps someday our cars will be tracked routinely to collect information about where we go. Uncomfortable as I may be with personal and private facts being used by marketers and employers to evaluate me, there is also the possibility of even more sinister uses. Imagine how a dictatorship could exploit this much detailed information about the daily lives of its subjects. Probably "that will never happen here" but the mere possibility should provide another reason to guard our privacy. I imagine most people here agree with the thrust of these arguments, so I won't go on. But the point is that anonymous/pseudonymous communications can provide real benefits to all members of society. It's not just a romantic attraction to bomb-throwing revolutionaries or an elitist desire to escape the clutching hands of the greedy masses whcih drives us. I believe that the benefits that crypto anonymity can provide to society will clearly outweigh the problems. Hal Finney 74076.1041@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: edgar@spectrx.saigon.com (Edgar W. Swank) Date: Sun, 28 Feb 93 16:44:46 PST To: Cypherpunks Subject: Re: anon.penet.fi hacking Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Feb 23, Hal said: Unless Eli's suggestion works - having our remailers put out a random "From:" line (perhaps just on mail to Penet?) might cause Penet to issue a new pseudonym for that apparent new user. This would be kind of wasteful from Penet's perspective - all those pseudonyms are never going to be re-used. But it might allow this form of chaining, without compromising the pseudonym of the remailer operator. I would be cautious about a random "From:" line. I think penet will probably reject input that at least has does not have a valid (but not necessarily truthful) return address. For a while, Miron Cuperman's wimsey remailer was generating a bogus From address, something like "yeltsy@kremlin.vax.ru". I tried chaining this to penet to post to newsgroups, but my anonymous messages never appeared in the newsgroups. This was because, I think, penet sends a confirmation back to the sender. Since "kremlin.vax" is not in penet's net tables, this would cause the confirmation send to fail; my hypothesis is that this also causes the newsgroup post at penet to fail. One good From address to generate, at least for wimsey, would be pool0@extropia.wimsey.com but you would need to add some boilerplate explaining to the recipient that "pool0" is a group address and a return message may be seen by up to (number? 10-100?) persons unless it is encrypted. Wimsey could also establish its own penet password and automatically insert it whenever it detected a "to" address ending in penet.fi. It could also substitute the penet anonxxxx address for "pool0" in the above boilerplate. This would allow a penet return to pool0. Note that I don't mind too much if people know that they can reach Edgar Swank through pool0, because pool0 is also an address for many other people, so I can "plausibly deny" that any particular message addressed to pool0 is for me. I'd like to point out that so far the wimsey remailer is the only useful remailer from my point of view because it's the only one which allows me to delete the automatic sig. This is because it only forwards encrypted text and discards any appended unencrypted text. The other remailers were supposed to add a "kill line" to do the same thing, but as far as I know this never happened. -- edgar@spectrx.saigon.com (Edgar W. Swank) SPECTROX SYSTEMS +1.408.252.1005 Silicon Valley, Ca From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: root@rmsdell.ftl.fl.us (Yanek Martinson) Date: Fri, 26 Feb 93 19:44:49 PST To: ld231782@longs.lance.colostate.edu Subject: timestamps and signatures Message-ID: MIME-Version: 1.0 Content-Type: text/plain > ||use electronic ... public-key signatures, the kind that make it impossible > ||for one to deny having signed something. ^^^^^^^^^^^^^^^^^^ > ||^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > | Nice theory, but too simple. > | I can always deny signing something by claiming that my private key was > | compromised. I can even deliberately let it be known, if it's important > There's some very nice work by two people at Bell Labs (whose names I can't One of them is Stuart Haber (stuart@bellcore.com) > unforgeable digital timestamps. This is a much trickier problem than it firs > appears to be, but they have a nice solution. It's not too complicated. Basically, what you do is produce a hash of your text, and publish it widely in a medium that is being archived, and likely to be accessible and authenticable at a later time, for example by posting it in a classified ad in a large newspaper. Later, when verifying the timestamp one can get a copy of that newspaper from a library (or from several libraries, for greater security) and compare the published hash with that of the text. For greater efficiency, there's a simple way to combine a lot of messages and produce only one hash which is published. The information you get back and store as a part of the timestamp is enough to prove that this particular hash was one of the many combined to produce the published value. This system is actually operating, look in any Sunday New York Times in the Business Classifieds. > Given timestamps, we can then require that messages be not just > signed but dated. If my key becomes compromised, I revoke all > my signatures from some time on. By looking at the timestamp > that goes with the signature, we can determine whether it was > created before or after the compromise, and discard it if "after". Once can always claim that they "just found out" that their key has been compromised a year ago, and so deny having signed that signature. -- Yanek Martinson yanek@novavax.nova.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phiber Optik Date: Fri, 26 Feb 93 20:31:22 PST To: huntting@glarp.com (Brad Huntting) Subject: Re: DES In-Reply-To: <199302270134.AA07742@misc.glarp.com> Message-ID: <199302270428.AA02963@eff.org> MIME-Version: 1.0 Content-Type: text/plain > > > > My take on breaking DES would be to just try all 2**56th keys on a > > massively parallel machine, though there may be better approaches. > > A massively parallel colection of dedicated DES encryption hardware > might be more cost effective if had alot of these things to crack. > > Speaking of which, does anyone know who makes "the DES chip" (is > there more than one?)? I'd like to find a data sheet for it. > > > brad > Many manufacturers make DES chips. One that comes to mind is American Micro Devices, though I don't remember a part number off hand. I can find out and post it to the list. I do remember reading the data sheet, and it looked like a nice implementation. If I'm not mistaken, Motorola makes one as well, though it may have been obsoleted by improvements in speed. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jay Prime Positive Date: Sat, 27 Feb 93 01:01:40 PST To: cypherpunks@toad.com Subject: more ideas on anonymity In-Reply-To: <9302270004.AA06652@SOS> Message-ID: <9302270059.aa04036@hermix.markv.com> MIME-Version: 1.0 Content-Type: text/plain Umm.. Isn't all this talk about anonymous remail abuse really beging for an pseudonymous/anonymous certificate service? j' From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Fri, 26 Feb 93 22:17:19 PST To: cypherpunks@toad.com Subject: Biham and Shamir on cracking DES Message-ID: <9302270616.AA21786@milquetoast.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain This is, I believe, the state of the art in published techniques to break DES. Note that this attack is basically useless against one-time or short-lived keys, since there's no chance to make repeated chosen plaintext attacks against the key. Short form: If you can get me to encrypt 2**37 plaintexts *of* *your* *choice* against my key, you can crack it. Marc This info is forwarded from a friend. Eli Biham and Adi Shamir, "Differential Cryptanalysis of the full 16-round DES," December 19, 1991. The paper was announced in Dec. '91 on the net, and paper copies circulated from people who had gotten copies directly from Biham & Shamir. The paper was submitted to Crypto '92 and presented there on August 20, 1992. The Crypto '92 proceedings will be published by Springer-Verlag at some point, so you could also reference it this way: {\sl E.~Biham and A.~Shamir}, Differential Cryptanalysis of the full 16-round DES, {\sl Advances in Cryptology: Proceedings of Crypto '92}, E.~Brickell, ed., {\sl Lecture Notes in Computer Science}, Springer-Verlag, New York, to appear. Biham is at Technion - Israel Inst. of Tech. Shamir is at Weizmann Inst. of Science. I don't know of an FTP site where the paper is available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: George A. Gleason Date: Sat, 27 Feb 93 04:01:42 PST To: mccoy@ccwf.cc.utexas.edu Subject: Re: more ideas on anonymity Message-ID: <199302271158.AA29653@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain I agree with Jim that I may be treading a thin line on censorship, but consider the following: someone posts a series of inflammatory statements with the intent of stirring up trouble, attracts a following, and starts organising them for some kind of violence. Then one day along comes a message to start the race war or whatever. The next day there are a bunch of random acts of violence. Uh-oh... The point is that this is a broadcast medium, though without the limitations of conventional broadcast. I think we may end up facing these issues one way or another, sooner or later. Hopefully, LE can prevent violent acts by conventional means without resorting to limiting privacy. The thing is though, given the increasing cultural diversity in society and its resulting flattening of the normal curve of acceptable behavior, we're more and more going to be facing issues which are located in the depths of murky gray areas and in which we may find ourselves needing to tread fine lines, split hairs, and make all kinds of distinctions where there are no firm certainties. (run-on sentence alert!) -gg From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: deltorto@aol.com Date: Sat, 27 Feb 93 04:49:08 PST To: cypherpunks@toad.com Subject: Real World Kinda Guys Unite Message-ID: <9302270749.tn34786@aol.com> MIME-Version: 1.0 Content-Type: text/plain >>Hal >> >>P.S. How about Deadbeat posting a public key? He keeps signing his >>messages but I can't check them. Yeah. How 'bout that, 'Beat? At _least_ we'd have the false security of being able to check your Pkey now and then... I feel full of Piss and Vinegar, so I'm volunteering to help get this WhistleBlowers thingus up and rolling. First, we need to disseminate PGP in it's various forms (UNIX, Amiga, Mac, DOS, etc) to some news agencies (e.g. TV stations, newspapers, radio like KQED, etc.). I need each person who represents a platform to send me a full package of PGP with Docs that I can have duped for mailing (for educational purposes only). No charge. We'll begin with a core group of media people and see how it goes. I have floated a few trial balloons and they're ready to bite. I suspect that we'll see it take off like a rocket, as Tim May suggested. All this discussion is truly fascinating, but if it doesn't get out into the real world it ain't worth the media it's magnetized on. I guess I'm just a real world kinda guy. 1. Let's get a reasonably friendly anon remailer process going for them. It *must* come with complete instructions for the hapless many. Get writing and send 'em to me. I am working on some simple instructions for MacPGP and will post an example as soon as I can get through all the damn mail in my various mboxes. (Overload!) 2. Let's hook some Govt. employees into it ASAP and really get this whistleblowing thing going. I want to stir up some mud at the bottom like Kelly suggests and I want it done NOW. 3. I need help from ALL of you to do this. I am beginning to compile a comprehensive list of Govt Officials from the White House on down thru the Congress to the Cabinet and the Joint Chiefs. This database will include their various addresses (USM and email), their many phone and fax numbers, and other pertinent info (party, salary, etc.). Anyone can have a copy when I finish it. I hope to make it fairly administration-independent so it will last and will probably set up a process on CompuServe so that public can send in updates as officials are un-appointed, die and/or are voted out of office, etc. 4. Eventually, we'll do an anonymous posting to a massive number of Govt sites inviting WBlowers to post to the list and inviting Press people to log on and download the dirt. I will be at the Modern Times bookstore event on March 7th in San Francisco if anyone wants to discuss this. I would also dearly like to attend CFP, but I haven't yet found a way to do it without money (anyone who knows a way I can volunteer my way in and help out please say so - I'll sweep up after, anything...). d2t From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Sat, 27 Feb 93 07:13:52 PST To: "Timothy C. May" Subject: Re: What We Need to Censor In-Reply-To: <9302270057.AA04000@netcom.netcom.com> Message-ID: <9302270942.aa21741@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > So, you anarchists, let's implement these bans on what goes through remailers! > > One small problem: how can we do this when everyone's a remailer? When > multiple routes exist? When sites are in many countries? Er.. How about setting up net.interpol? A international net.police co-operation agency? > -Tim, applying for a job as a Usenet censor Julf, dreaming of traveling all over the world shutting down sites as a net.interpol undercover agent.... Way cool... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Dave Banisar Date: Sat, 27 Feb 93 07:38:09 PST To: CYPHERPUNKS@toad.com Subject: Hellman and DES Message-ID: <9302271040.AA45880@hacker2.eff.org> MIME-Version: 1.0 Content-Type: text/plain I've talked to Martin Hellman quite a few times (he came to my last crypto conference and gave an overview of the field), he has never said that he could crack true DES. When DES first came out, he was one of the people most actively opposing the 56 bit key as being too small. At the time, he estimated that a machine of parallel processors could be built for $10M that would crack DES keys easily. DES at the time was only supposed to be for 10 years and then a new system was supposed to replace it. Today, he advocates for security that you triple-DES your communications/files. At last word (and I may have missed any advancements in the flame wars on sci.crypt), Shamir and Biham had cracked up to 2^^46, thats still quite a ways computationally from 2^^56. Dave From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sat, 27 Feb 93 11:33:57 PST To: cypherpunks-announce@toad.com Subject: March 13 cypherpunks meeting Message-ID: <9302271922.AA00053@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Announcing: The First Annual Post-CFP cypherpunks meeting. The next physical meeting of cypherpunks will be March 13, 1993, at the usual time, noon, in the usual place, Cygnus Support Offices. This is one day after CFP-93, the third Conference on Computers, Freedom, and Privacy. CFP is an increasingly important conference concerning an only slightly broader spectrum of privacy issues than are normally discussed on the cypherpunks list. At the first CFP conference I met David Chaum, who awakened a latent interest in cryptography. This awakening led indirectly to the formation of this list. There will be people from all over the country there. We have set the date of our meeting so that they could attend. We are, in fact, going to give out an open invitation there. I would urge all of you who have been considering making a trek to come to one of these meetings to do so this time. And while I do not expect Dorothy Denning to show up (although she would be welcome, if uncomfortable), I do expect some surprises. Please surprise me yourself. If you need a place to stay, ask on the list. I myself am already putting up some friends before the conference. For that matter, I would urge all of you to come to the conference itself. If you can't afford to go, just remember that while the sessions you have to pay for, the hotel bar you do not. A word to the wise is sufficient. Thank you all. Eric ----------------------------------------------------------------------------- MEETING Date: Saturday, 13 March 1993 Time: 12:00 noon Where: Cygnus Support Offices, Mt. View, California SCHEDULE Meeting 12-6 Dinner 7-? AGENDA We have Arthur Abraham's talk on hash functions left over from last time, which was interrupted by a photo shoot. Scott Collins intimated that he'd have more results on random numbers. With the opportunity given to have so many people there, I'd suggest that discussion of cryptographic infrastructure would be appropriate, together with a goal setting session. Please discuss this on the list. ----------------------------------------------------------------------------- DIRECTIONS Cygnus Support 1937 Landings Drive Mt. View, CA 94043 +1 415 903 1400 switchboard +1 415 903 1418 John Gilmore Take US 101 toward Mt. View. From San Francisco, it's about a 40-minute drive. Get off at the Rengstorff Ave/Amphitheatre Parkway exit. If you were heading south on 101, you curve around to the right, cross over the freeway, and get to a stoplight. If you were heading north on 101, you just come right off the exit to the stoplight. The light is the intersection of Amphitheatre and Charleston Rd. Take a right on Charleston; there's a right-turn-only lane. Follow Charleston for a short distance. You'll pass the Metaphor/Kaleida buildings on the right. At a clump of palm trees and a "Landmark Deli" sign, take a right into Landings Drive. At the end of the road, turn left into the complex with the big concrete "Landmark" sign. Follow the road past the deli til you are in front of the clock tower that rises out of one of the buildings, facing you. Enter through the doors immediately under the clock tower. They'll be open between noon and 1PM at least. (See below if you're late.) Once inside, take the stairs up, immediately to your right. At the top of the stairs, turn right past the treetops, and we'll be in 1937 on your left. The door is marked "Cygnus". If you are late and the door under the clock tower is locked, you can walk to the deli (which will be around the building on your left, as you face the door). Go through the gate in the fence to the right of the deli, and into the back lawns between the complex and the farm behind it. Walk forward and right around the buildings until you see a satellite dish in the lawn. Go up the stairs next to the dish, which are the back stairs into the Cygnus office space. We'll prop the door (or you can bang on it if we forget). Or, you can find the guard who's wandering around the complex, who knows there's a meeting happening and will let you in. They can be beeped at 965 5250, though you'll have trouble finding a phone. Don't forget to eat first, or bring food at noon! I recommend hitting the burrito place on Rengstorff (La Costen~a) at about 11:45. To get there, when you get off 101, take Rengstorff (toward the hills) rather than Amphitheatre (toward the bay). Follow it about ten blocks until the major intersection at Middlefield Road. La Costen~a is the store on your left at the corner. You can turn left into the narrow lane behind the store, which leads to a parking lot, and enter by the front door, which faces the intersection. To get to the meeting from there, just retrace your route on Rengstorff, go straight over the freeway, and turn right at the stoplight onto Charleston; see above. See you there! John Gilmore From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sat, 27 Feb 93 12:11:00 PST To: cypherpunks@toad.com Subject: more ideas on anonymity In-Reply-To: <9302270059.aa04036@hermix.markv.com> Message-ID: <9302272007.AA03400@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain > Umm.. Isn't all this talk about anonymous remail abuse really beging >for an pseudonymous/anonymous certificate service? Well, yes. There has been a huge conflagration on the pem-dev list lately concerning naming issues, X.500, etc. I am somewhat disturbed by what I see as a fundamental mentality of PEM: the desire to lift intact all existing political, economic, and social relationships into the electronic domain. Naming is done in the ISO way, that is, subordinated to existing national boundaries. Individuals are expected to be registered in the naming hierarchy. Identities in the electronic world are expected to map to entities in the real world. Does this not seems fundamentally limiting to the potential of the electronic world? I agree with Tim that we have made good progress. But we need more than simple remailers. We need people to use remailers, and we need to make that easy to do. We need key distribution mechanisms. We need better meeting spaces than mailing lists and Usenet newsgroups and private mail. We need markets and contracts. If we wish to re-envision the world, we must do so while there is time to implement it. Let us proceed quickly. Onward. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sat, 27 Feb 93 12:44:52 PST To: cypherpunks@toad.com Subject: more ideas on anonymity In-Reply-To: <930227024147_74076.1041_DHJ57-1@CompuServe.COM> Message-ID: <9302272041.AA05983@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Hal writes: >For me, crypto anarchy is a way to oppose the constantly growing >databases of information about each person, a way for individuals to >take control of information about their own lives. For many transactions, identity is not an issue fundamental to the transaction. If I pay cash to you for an item, I have not made any implicit promise to pay you at a later date, as I have if I've paid with credit (card or account). Every obligation I might have to you I have already fulfilled, fulfilled by paying cash. My name is not relevant here. If I perform some service for you, and you acknowledge that the service is complete as performed, then you have no need for my identity. (As far as the two of us are concerned. Other parties intrude on this interaction usually.) Therefore, should not discrimination against anonymity when names are not germane be considered (depending on one's ideology) unreasonable, inefficient, coercive, intrusive, or illegal? Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sat, 27 Feb 93 13:02:53 PST To: cypherpunks@toad.com Subject: more ideas on anonymity In-Reply-To: <9302251959.AA02941@longs.lance.colostate.edu> Message-ID: <9302272059.AA07351@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >[...] and we might help some people and advance the cause by >codifying `legitimate use'. The only perfectly unambiguous position is that every use is a legitimate use. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: geoffw@nexsys.net (Geoff White) Date: Sat, 27 Feb 93 13:15:50 PST To: hughes@soda.berkeley.edu Subject: Re: March 13 cypherpunks meeting Message-ID: <9302272107.AA05936@nexsys.nexsys.net> MIME-Version: 1.0 Content-Type: text/plain I live in Mountain View about 2 miles from Cygnus (a short drive or long walk) and can have a few people crash at my house. I have lots of floor space But not many beds (I do have two sofas) I think I can comfortably sleep 3 and sleep 5-6 in a pinch. My address is 316 Escuela Ave. #62 MTV CA. I have an apartment not a house, It's clean but not lavish. I do have a small internet so you can get e-mail and I'm one-hop away from the Internet. You don't have to pay me money but you do have to buy your own food and bring your own supplies. No smoking in the house but you can smoke out on the balcony. send me e-mail if you are interested. ------------------------------------------------------------------------------- NEXUS SYSTEMS/CYBERTRIBE-5 Editor/Instigator/Catalyst : Geoff White Production Crew : Universal Movement Trinity --PGP Public key available upon request-- ------------------------------------------------------------------------------- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sat, 27 Feb 93 13:18:50 PST To: cypherpunks@toad.com Subject: dispatches from the front lines of anonymity In-Reply-To: <9302240423.AA00434@orchard.medford.ma.us> Message-ID: <9302272115.AA08914@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Re: alt.whistleblower moderation I wrote: >So every time a moderated group is created, every server already is >"modified". Bill writes: >That's how it *should* work, not how it *does* work. In real life, >moderator addresses are distributed "out of band" to a relatively >small number of "backbone" sites; all the rest of the sites merely >forward the mail to a "backbone" site. Well, we can weekly publish the submission address. It would take slightly more intelligence on the part of the would-be poster. What are exactly the politics of propagating this moderator's address, anyway? Is it particularly difficult? Is it automated? Please advise. alt.whistleblower, in addition to being a public good, is a great way to raise hell. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mjr@netcom.com (Matthew Rapaport) Date: Sat, 27 Feb 93 15:02:13 PST To: cypherpunks@toad.com Subject: More ideas on anonymity Message-ID: <9302272259.AA29137@netcom2.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Hal <74076.1041@CompuServe.COM> writes... >I think the bottom line is that it will be difficult to provide >anonymous/pseudonymous postings in a way which won't elicit the kinds of >strong objections Johan has been facing. His controls are OK for now, >but in the long run I think they won't work. This may be an example of an intractable problem. A case where legitimate interests are mutually exclusive at least in practice of not in theory. If Johan has restricted output due to pressure from those communities, then he has already been forced to hobble his service's most significant *potential* benefit to the community. If a serious whistlblower were to come along with some serious evidence and credibility, it is likely that he/she would want to post his/her evidence in one or more of the groups Johan has locked out! I mean no aspersion on Johan here, he is laboring under pressure I'm sure, and he is a pioneer in all of this, and we are sharing his experience. I don't mean to take political sides either, both sides of the debate have legitimate arguments. In the one other post I made on this topic before, I received but one reply remarking that I "was preaching to the choir". On the one hand, we have the principle of free speech and the right to privacy and even anonymity if we so choose it. Taken in an unrestricted way, this principle is rather radical (politically). True there are areas of our social and political lives where a right to privacy and anonymity are both desirable and generally accepted/practiced (these vary of course in different parts of the world). But there are other equally common areas in which they are not. The strongest pressure against anonymity on the Usenet comes from quarters where a strong positive pressure exists, on *principle* for posters to "declare themselves", to "stand behind their words". In a realm where egalitarianism, semi-anarchy, and bad signal/noise ratio already make for a questionable mix or product value, "naming yourself" is a significant benchmark. Even in these groups, most participants would recognize the need for access to anonymity when it was really "justified", but such cases are believed to be fairly few and far between. as gg pointed out: >The point is that this is a broadcast medium, though without the >limitations of conventional broadcast. The mutually exclusive nature of these principles emerges in practice from what a former boss of mine called the human "ornery" factor. In this case that some number of individuals will exercise their "right to anonymity" not because they have to, but just because it's there. Believe me I sympathize with this view. It keeps authorities and would-be authorities on notice that there are those who will test the limits of their rights and signal the rest of us if they are eroding. I also accept Hal's argument that we are protecting ourselves from possible future abuses of central authority. But I also sympathize with the sentiments of the other side, that most of the time it is desirable to put your name where your mouth/keyboard is. A consensual solution to this problem depends on a common political viewpoint, something that is certainly not in the cards for contemporary net participants. Of course a solution may one day be "imposed", but that will not likely be to anyone's liking. The likely direction of such an imposition is signaled by what Dave Clunie experienced at PAX and what Johan is now experiencing as well. matthew rapaport Philosopher/Programmer At Large KD6KVH mjr@netcom.com 70371.255@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: strat@intercon.com (Bob Stratton) Date: Sat, 27 Feb 93 12:40:04 PST To: cypherpunks@toad.com Subject: more ideas on anonymity In-Reply-To: <9302272007.AA03400@soda.berkeley.edu> Message-ID: <9302272038.AA04777@intercon.com> MIME-Version: 1.0 Content-Type: text/plain >>>>> Eric Hughes writes: Eric> There has been a huge conflagration on the pem-dev list Eric> lately concerning naming issues, X.500, etc. I am Eric> somewhat disturbed by what I see as a fundamental Eric> mentality of PEM: the desire to lift intact all existing Eric> political, economic, and social relationships into the Eric> electronic domain. That doesn't surprise me in the least. There's a paradigm shift going on in the networking community, but it's difficult to tell which way it's going to land. The US, in have a very open, almost anarchic protocol development process based highly in meritocracy, built the core of the Internet while everyone else in the world was working to start passing 128-byte X.25 packets, and trying to decide how much to charge per packet. The unfortunate reality is that the same people overseas have found the "golden goose", and are trying to figure out how to domesticate it. The U.S. Government and the industry marketeers aren't helping, either. I see a growing bureaucratization of the standards process which may well not advance development much. Eric> ...Identities in the electronic world are expected to Eric> map to entities in the real world. I think a lot of this is a combination of the "One lifetime phone number would be great" phenomenon, and a lack of imagination regarding pseudonymity. I think that we should start writing RFCs for any and all applicable technologies and throwing them into the arena. At best, we might get stellar contributions, at worst, we might slow down the juggernaut that is the ISO. Eric> I agree with Tim that we have made good progress. But Eric> we need more than simple remailers. We need people to Eric> use remailers, and we need to make that easy to do. We Eric> need key distribution mechanisms. We need better Eric> meeting spaces than mailing lists and Usenet newsgroups Eric> and private mail. We need markets and contracts. I think that remailer authors should seriously consider spec'ing out their technology and publishing RFC's as soon as possible. The development of on-line markets seems to be one of the best-kept secrets on the Net. I only know of a handful (if that) of companies actively working on such things, but they're not known outside of their own backyards. Laissez faire, ---Strat From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: thug@phantom.com (Murdering Thug) Date: Sat, 27 Feb 93 16:31:17 PST To: cypherpunks@toad.com Subject: Re: more ideas on anonymity In-Reply-To: <9302272041.AA05983@soda.berkeley.edu> Message-ID: MIME-Version: 1.0 Content-Type: text/plain Eric Hughes writes: > > For many transactions, identity is not an issue fundamental to the > transaction. If I pay cash to you for an item, I have not made any > implicit promise to pay you at a later date, as I have if I've paid > with credit (card or account). Every obligation I might have to you I > have already fulfilled, fulfilled by paying cash. My name is not > relevant here. > > If I perform some service for you, and you acknowledge that the > service is complete as performed, then you have no need for my > identity. (As far as the two of us are concerned. Other parties > intrude on this interaction usually.) > > Therefore, should not discrimination against anonymity when names are > not germane be considered (depending on one's ideology) unreasonable, > inefficient, coercive, intrusive, or illegal? > Try telling this to the person behind the counter when you're trying to rent a car, rent a hotel room for the night, or rent a mailbox for 6 months. Not only do these people often ask for ID, but they get very upset if you're not paying by credit card. Discrimination against cash is widespread and rampant. Sure, if you bitch enough at them, and threaten to take them to court, they might allow you to rent a hotel room without ID and paying in cash. The thing is, they never ask for ID if you're paying by credit card since they assume the credit card is enough proof of who you are. But as soon as you start flashing some paper currency, they immediatly think that you're up to no good and won't let you purchase their product/service without some ID. Hotels, airlines, and car rental companies are notorious for doing this, especially if they think you're under 21. This brings up the question of using False ID when conducting perfectly legal transactions, in order to preserve one's privacy. Can anyone reading this list with a legal background answer whether this is legal or not? I am under the, perhaps erroneous, assumption that it is illegal to use false ID only when committing a crime (ie: purchasing alcahol while underage, renting a mail drop specifically for use in mail fraud, gaining admission to private property using false ID (trespassing)). However, is it illegal to use false ID in order to conduct perfectly legal transactions in order to preserve privacy/anonymity? How about it, any of you guys associated with the CPSR, EFF, or ACLU, can you answer this one? Murdering Thug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ld231782@longs.lance.colostate.edu Date: Sat, 27 Feb 93 19:00:25 PST To: cypherpunks@toad.com Subject: A Modest Proposal In-Reply-To: <9302272059.AA07351@soda.berkeley.edu> Message-ID: <9302280259.AA20523@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain me: >[...] and we might help some people and advance the cause by >codifying `legitimate use'. Eric Hughes >The only perfectly unambiguous position is that every use is a >legitimate use. Once again I'm very seriously disturbed at the sentiments presented by some eminent members of this list. I believe in free speech perhaps as rabidly as the next guy, but many of the most rabid advocates recognize that there are limitations on `freedom'. Everyone, please take the following remarks impersonally but seriously. Let me be very clear about this: I'm highly committed to pseudonymity and anonymity as new, revolutionary social tools. However, completely unrestrained anonymity (which, by the way, is related to but not equivalent to freedom of speech) is unworkable and extremely dangerous to *everybody* (not just corrupt government officials or big businesses that were so ignorant they didn't hire you). Anybody here that thinks that an anonymous service can act something like a Unix pipe that just passes the raw stuff through forever unhindered and uninterrupted is seriously deluding himself. Whoever does is ultimately discrediting and detrimental to the cause itself. If you think the problem is exclusively because of self-appointed puritannical `censors' on the net (which, I admit, exist), you are *wrong*. It gives me great anguish, dread and fear to read of `limitation' of anonymity misguidedly satirized as nothing but brutish censorship. You can submit and agree to some minor and essential self-regulating mechanisms, such as barring illegal and unrepetant users, `convicted' email addresses circulated among anonymous server operators voluntarily, a complaint-and-response system, perhaps even automated, etc. Or you can call it all the most obnoxious and insidious stab at your true God-given freedoms ever to ooze out of the sewer. But one exemplary and commendable somebody who posts here and has committed superhuman energy and dedication and commitment to the ideal of anonymity for the Usenet masses, running a server TODAY, recognizes that certain basic limitations are unpalatable but NECESSARY and CRUCIAL. And if you don't sufficiently protect yourselves (and unrestrained anonymity transfers to operators the most supreme exposure and vulnerability) you will inevitably be rudely, shockingly surprised at your liability and loss. ``Be careful what you wish for, you might get it.'' Everybody here that thinks anarchy is kinda neato should reconsider. By one meaning of anarchy, at least, you cannot have even the most basic of conveniences you have taken for granted, e.g. longtime social contacts or clothes, food, privacy, or whatever (and you'll not easily convince me there are more appealing variations thereof). Enclosed, an essay by a friend of mine... WHY DIGITAL ANONYMITY SHOULD BE UNRESTRICTED by D. Lewdud I want net anonymity to be completely unrestrained, and anybody who thinks otherwise is an unAmerican communist censor sleazebag Puritan prude spy who should be ruthlessly exposed and stoned for the sheer criminality of their ideas. I happen to like it when the Usenet groups I'm reading have a lot of irrelevant junk, with the signal-to-noise ratio approaching absolute zero. Anonymity is great for vicious flame wars and haranging diatribes, but anonymously posted binary files in science groups are the best, especially if they are posted multiple times and take many megabytes. In fact, if they crash my newsserver, that's even better. It gives me an enviable vacation during which I can look forward to the next assault and relish the inspiring poetry of it all. But then the narrowminded ignoramuses talk about shutting down some system or excluding some users, depriving me of my sheer joy. All this idiotic drivel about pornography and copyright violations sanctioned by taxpayer money. OF COURSE! That's everyone's right, to exploit all that gushing money in our government--that's why it's there. Clearly our corrupted officials don't know what to do with it besides pocket it. Why, if some bloated bureacrat misses his snack of caviar to subsidize this lovely GIF specimen, this masterpiece of nudity spread before me lasciviously, posted by some exemplary anonymous user, that's one small favor for humanity and a giant drool for me. Wow, think of what we could achieve and accomplish if we completely dismantled the NSA, the FBI, the CIA, and my local pig trough! (Ah, but not everybody objects to pornography, so maybe I'm preaching to the choir on that one.) I want to be able to get mailbombed with regularity, I like it when my system goes down and I am helpless and the cruel butt of other's jokes. Its fun! Esp. when I know where the mail is originating from, but the operator makes eloquent, impassioned, and irate speeches against stopping the flow based on Constitutional rights. I've started a collection of all the neat stuff I've received (millions of lines of exquisite profanity and threats), and to make room for it have gotten rid of all the other junk on my account like mail from my friends and family and my previously-favorite programs, which pale in comparison to records of the heights of eloquence of my tormentors. To think that others pay for this gives me great pangs of ecstasy. I paid good money for all my hardware, and my network connection is my pride and joy, and finaly I'm getting a return on my serious investment. Why, I'm so happy I'm going to buy another new computer to replace the last three that have crashed. Rather than put in the many hours required to repair them (which would definitely be gleeful), I've decided they'll go up on my mantle as monumental testaments to the grandeur of the great anonymous feats of humanity. I want to see illegal, sinister, and evil groups like the Mafia to flourish, using new technology like networks to perpetrate their patriotic services. The net is such a close-knit set of orderly people and upstanding citizens, I'm sure they'll love to join the party. I want them to be able to terrorize me without consequence. Anybody who objects clearly is wholly ignorant of the beautiful social implications wrought by this wonderful technological innovation, a blind mute living in a black and white closet and a zealot of thin line-drawing. Although I haven't personally yet had the great joy of this, I can't wait to receive an anonymous death threat or ransom notice via email, possibly even directed at a close relative or loved-one. In fact, I'm saving up as much digital money as possible right now for exactly this eventuality. Its my digital insurance fund. That this can all be completely untraceable with anonymity, well that's something as exhilarating as a quivering digital orgasm. Imagine the splendor of delivering an anonymous note to the mayor of New York and the world that in 15 minutes a large chunk under a large building, a symbol of international unity, will be conveniently rearranged, at only minor risk to nearby inhabitants! Wow, this could really advance the cause of establishing a vast electronic infrastructure for promoting all the splendid possibilities of digital anonymity. Considering what's happened to the country's `real' infrastructure, we need another! If the assurance of anonymity was absolute, it would really encourage everyone to find similarly noble uses of their own. Don't get me wrong. I'm totally free of bias for and prejudice against various uses of anonymity (anything less, of course, would be fascist totalitarianism). For example, I like individual terrorists just as much as the organized collections. They sound like they could be really completely uninhibited in their creative grasps of our true freedoms, and more numerous with their stellar utilizations. In fact, the potential for individual, unassociated citizens to thwart the abuses, and profoundly destabilize the foundations of frigid, faceless bureacracies like big telephone companies, and even the government, I find spine-tinglingly majestic---it even looks like this could soon happen. Imagine: nothing left but pure, omnipresent cyberspace! From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Sat, 27 Feb 93 21:10:31 PST To: cypherpunks@toad.com Subject: Censorpunks Demand Action Against "D. Lewdud" Message-ID: <9302280508.AA08174@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain The "Censorpunks" now demand that action be taken against the rantings of one "D. Lewdud," an apparent newcomer to this list! His calls for complete anonymity and even anarchy are dangerous and impermissable. He writes: >WHY DIGITAL ANONYMITY SHOULD BE UNRESTRICTED >by D. Lewdud > >I want net anonymity to be completely unrestrained, and anybody who >thinks otherwise is an unAmerican communist censor sleazebag Puritan >prude spy who should be ruthlessly exposed and stoned for the sheer >criminality of their ideas. (rest of this excellent, er, I mean "unacceptable," posting elided) Censorpunks, we cannot allow garbage like this to pollute our net! There ought to be a law! ....... But seriously, Lance Detweiler does raise some serious points. And I hope neither Lance, nor George Gleason, nor anyone else was too offended by my satire about censorship. I felt John Gilmore and others had made the "slippery slope" arguments well enough, and I would add my comments in the form of a satire (as I like to do...you ought to see some of my spoofs over on the Extropians list!). A few comments on Lance's points: Nobody has ever said the transition to crypto anarchy will be pleasant (remind me sometime to discuss how easy assassinations for pay will become, once untraceable and robust digital cash becomes possible--it'll curl your hair!). The key is that it's essentially unstoppable by simple legalistic means. New kinds of solutions, like "positive reputations," will have to evolve. (In this context, a positive reputation system means people only accept e-mail from names or digital pseudonyms they know or have reason to be interested in.) The stratagem of controlling flaky, bad, or illegal posts by cooperation of the remailers will not really work, as new digital pseudonyms will be easily generated (and only the last remailer, the one sending it to a pool or a newsgroup, has any real hope of "controlling" the content by reading the plaintext). At the risk of sounding like another satire, I could point to the obvious problems we have in free and open societies with _verbal_ abuse, threats, blackmail, lies, propaganda, and other unsavory behavior. I could then suggest that controls on free speech are needed (I can expect someone to chime in here with the chestnut about how you can't shout "Fire!" in a crowded theater...the Supreme Court justice who coined this later said he regretted ever doing so, as every censor used it to justify controls on speech). The price paid to reduce these nuisances is too high. By the way, I have some scenarios for how crypto anarchy may be fought, how it may fight back, what law enforcement may do, etc. These are from a 2.2 MB file for my still-unfinished novel on these topics. The relevant sections on crypto and crypto anarchy are about 200K. They're mostly in "MORE" format (an outliner for the Mac), and conversion to ASCII tends to produce some ugly line indentation problems (the subsections indent OK, but the following lines wrap back to the left margin). Still, perhaps I'll try to convert them into readable essays for this list, if there's any interest. -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Sat, 27 Feb 93 21:23:28 PST To: cypherpunks@toad.com Subject: Re: more ideas on anonymity Message-ID: <9302280521.AA00526@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Marc Horowitz writes: >With certain exceptions, like the mailbox example, most situations of >"rent foo" require the lessor to take a risk, and he wants *some* >assurance that he'll get his rented thing back. I'm not going to rent >a car to someone without ID, for cash, because I have no guarantee >that he isn't going to drive away with it and never come back. Precisely. The car rental company _does_ have a continuing relationship with you, at least until you return their car. (BTW, digital escrow services may allow relative anonymity--and perhaps true anonymity--while still assuring the rental car company that they'll get paid and will get their car back. Think of this as a surety bond...though I suppose that many of those who don't have credit cards, for economic reasons, will also not have $10,000 in cash laying around to post such a bond.) >I'm not saying discrimination against cash doesn't exist. It does, >and that's reprehensible. But not all cases of "plastic, yes, cash, >no" are discriminatory. I see nothing reprehensible about discrimination against certain kinds of payment. Maybe I don't want to carry $10,000 around in East L.A. and instead want to be paid with a cashier's check. Maybe I just think folding money has too many germs on it. The point is, nobody is being coerced into an economic transaction. If I offer my car for sale for $10,000 in copper pennies, that's the way it is. (There is some confusing legalistic stuff about debts and "legal tender," applying, as I understand it, to debts already incurred. But I'm arguing the principle, not the situaion in these Beknighted States.) -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Sat, 27 Feb 93 20:39:53 PST To: thug@phantom.com (Murdering Thug) Subject: Re: more ideas on anonymity In-Reply-To: Message-ID: <9302280438.AA26643@steve-dallas.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain >> > If I perform some service for you, and you acknowledge that the >> > service is complete as performed, then you have no need for my >> > identity. >> >> > Therefore, should not discrimination against anonymity when names are >> > not germane be considered (depending on one's ideology) unreasonable, >> > inefficient, coercive, intrusive, or illegal? >> >> Try telling this to the person behind the counter when you're trying >> to rent a car, rent a hotel room for the night, or rent a mailbox for >> 6 months. Thug, you didn't seem to get Eric's point. When I walk up to the newspaper guy on the corner, I hand him 35 cents, he hands me a paper. We're both happy. My name is irrelevant, because there's not a hell of a lot either of us can do to screw the other one over, so he doesn't need to know my name. I don't need to know his. With certain exceptions, like the mailbox example, most situations of "rent foo" require the lessor to take a risk, and he wants *some* assurance that he'll get his rented thing back. I'm not going to rent a car to someone without ID, for cash, because I have no guarantee that he isn't going to drive away with it and never come back. I'm not saying discrimination against cash doesn't exist. It does, and that's reprehensible. But not all cases of "plastic, yes, cash, no" are discriminatory. >> This brings up the question of using False ID when conducting >> perfectly legal transactions, in order to preserve one's privacy. Can >> anyone reading this list with a legal background answer whether this >> is legal or not? This is a very good question. Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Tony Kidson Date: Sun, 28 Feb 93 01:11:48 PST To: cypherpunks@toad.com Subject: Re: more ideas on anonymity Message-ID: <2829@morgan.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain In message <9302272006.AA16075@SOS> you write: > Date: Sat, 27 Feb 93 00:58:46 GMT > From: Tony Kidson > > Yes, we can justify protecting those who threaten these acts. > This is a *far* cry fpom protecting those who *commit* those > acts. > > Ah, I see you are an absolute free-speach advocate. The problem is that > the line between speech and acts can be fuzzy at times, especially in > the world of cyperspace model. What you say is true, but I still think that you need to have a substantive act, before you can apply *legal* sanctions. The way to prevent threats, is, as people have said in other posts, to prevent the reception of anonymous mail by those who do not want to receive it. I freely admit that I *am* a free speech advocate. I do not believe that you improve the condition of the world by preventing the speaking of undesirable words; Words should be countered by other words. Many people plan to put the world to rights over a beer in a bar. This may or may not include violent revolution. Are we to decree that this constitutes a violent criminal conspiracy? Speech does not harm anybody. People acting on other's speech is what does the harm. *Free* speech is indeed useful. It's when widely disseminated speech is in the hands of the few that its power can be wielded against the citizen and then it is unhealthy. Tony +-----------------+-------------------------------+--------------------------+ | Tony Kidson | PGP 2.1 Key by request | Voice +44 81 466 5127 | | Morgan Towers, | | E-Mail | | Morgan Road, | This Space | tony@morgan.demon.co.uk | | Bromley, | to Rent | tny@cix.compulink.co.uk | | England BR1 3QE |Honda ST1100 ==*== DoD# 0801 | 100024.301@compuserve.com| +-----------------+-------------------------------+----------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Sun, 28 Feb 93 00:13:48 PST To: cypherpunks@toad.com Subject: Reasons for Anonymity--A Long Selection Message-ID: <9302280811.AA12278@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain The following is part of an outline dealing with the topics on this list, maintained since 1990 for a novel-in-progress (the writing, that is) I've been working on for several years, off and on. In addition to using various databases and hypertext systems (ArchiText, from Brainpower, and StorySpace, from Eastgate Systems) for character developoment and plots, I have also relied heavily on MORE, a powerful outline processor from Symantec (MORE 3.0 is the direct descendent of ThinkTank, and feature "cloning," where a branch of the outline can be replicated in many places, allowing immediate hypertext-like jumps to distant parts of the outline, and also maintaining database coherency). Several people have requested that I make good on my offer to post certain parts of these notes, especially the parts dealing with "crypto anarchy" and how it may get developed, how it may be fought by the law enforcement types, what it can be used for, etc. As an exeriment, I'll post here just one medium-sized branch, from deep in the outline tree. "Reasons for Anonymity" seems in line with current list interest. (Note that most of these comments were written in 1990-91, so they may be slightly dated.) If the reaction is favorable, maybe I'll post more. Or, there may be other options, such as placing parts of the outline in the archive site. I've converted the nested outline structure to a flattened, Harvard-labelled text file. It may still not be the easiest to read, especially as many of the entries are intended only to jog my memory and to help me organize my thinking. Hope someone likes it. Reasons for Anonymity and Digital Pseudonyms I. many of the same reasons as with Caller ID, but many new reasons as well II. Physical Threats A. "corporate terrrorism" is not a myth: drug dealers and other "marginal" businessmen face this every day 1. extortion, threats, kidnappings B. and many businesses of the future may well be less "gentlemanly" than the conventional view has it 1. witness the bad blood between Intel and AMD, and then imagine it getting ten times worse 2. and national rivalries, even in ostensibly legal businesses (think of arms dealers), may cause more use of violence 3. Mafia and other organized crime groups may try to extort payments or concessions from market participants, causing them to seek the relative protection of anonymous systems a) with reputations 4. Note that calls for the threatened to turn to the police for protection has several problems a) the activities may be illegal or marginally illegal (this is the reason the Mafia can often get involved and why it may even sometimes have a positive effect, acting as the cop for illegal activities) b) the police are often too busy to get involved, what with so much physical crime clogging the courts C. extortion and kidnappings can be done using these very techniques of cryptoanarchy, thus causing a kind of arms race D. battered and abused women and families may need the equivalent of a "witness protection program" 1. because of the ease of tracing credit card purchases, with the right bribes and/or court orders (or even hacking), battered wives may seek credit cards under pseudonyms a) and some card companies may oblige, as a kind of politically correct social gesture b) or groups like NOW and Women Against Rape may even offer their own cards (1) perhaps backed up by some kind of escrow fund (2) could be debit cards E. people who participate in cyberspace businesses may fear retaliation or extortion in the real world 1. threats by their governments (for all of the usual reasons, plus kickbacks, threats to close them down, etcl) 2. ripoffs by those who covet their success... III. Needed for Certain Kinds of Reputation-Based Systems A. a respected scientist may wish to float a speculative idea 1. and be able to later prove it was in fact his idea IV. Legal Protection A. many transactions may be deemed illegal in some jursidictions 1. even in some that the service or goods provider has no control over a) example: gun makers being held liable for firearms deaths in the District of Columbia (though this was recently cancelled) 2. the maze of laws may cause some to seek anonymity to protect themselves against this maze B. "deep pockets" 1. it will be in the interest of some to hide their identities so as to head off these kinds of lawsuits (filed for whatever reasons, rightly or wrongly) 2. postings and comments may expose the authors to lawsuits for libel, misrepresentation, unfair competition, and so on (so much for free speech in these beknighted states) 3. employers may also be exposed to the same suits, regardless of where their employees posted from a) on the tenuous grounds that an employee was acting on his employer's behalf, e.g., in defending an Intel product on Usenet 4. this, BTW, is another reason for people to seek ways to hide some of their assets-to prevent confiscation in deep pockets lawsuits (or family illnesses, in which various agencies try to seize assets of anybody they can) 5. and the same computers that allow these transactions will also allow more rapid determination of who has the deepest pockets! C. moonlighting employees (the original concern over Black Net and AMIX) 1. employers may have all kinds of concerns, hence the need for employees to hide their identities 2. note that this interects with the licensing and zoning aspects D. to beat zoning and licensing requirements E. Scenario: Anonymous organ donor banks 1. e.g., a way to "market" rare blood types, or whatever, without exposing one's self to forced donation or other sanctions a) "forced donation" involves the lawsuits filed by the potential recipient b) at the time of offer, at least...what happens when the deal is consummated is another domain 2. and a way to avoid the growing number of government stings F. avoidance of prosecution or damage claims for writing, editing, distributing, or selling such "damaging" materials is yet another reason for anonymous systems to emerge: those involved in the process will seek to immunize themselves from the various tort claims that are clogging the courts 1. producers, distributors, directors, writers, and even actors of x-rated or otherwise "unacceptable" material may have to have the protection of anonymous systems 2. imagine fiber optics and the proliferation of videos and talk shows....bluenoses and prosecutors will use "forum shopping" to block access, to prosecute the producers, etc. V. Anonymity in Requesting Information, Services, Goods A. a la the controversy over Caller ID and 900 numbers: people don't want their telephone numbers (and hence identities) fed into huge consumer-preference data banks 1. of the things they buy, the videos they rent, the books they read. etc. (various laws protect some of these areas, like library books, video rentals) 2. subscription lists are already a booming resale market...this will get faster and more finely "tuned" with electronic subscriptions: hence the desire to subscribe anonymously B. some examples of "sensitive" services that anonymity may be desired in (especially related to computers, modems, BBSes) 1. reading unusual or sensitive groups: alt.sex.bondage, etc. a) or posting to these groups! b) recent controversy over NAMBLA may make such protections more desirable to some (and parallel calls for restrictions!) 2. posting to such groups, especially given that records are perpetual and that government agencies read and file postings (an utterly trivial thing to do) 3. requesting help on personal issues (equivalent to the "Name Witheld" seen so often) 4. discussing controversial political issues (and who knows what will be controversial 20 years later when the poster is seeking a political office, for example?) a) given that some groups have already (1991) posted the past postings of people they are trying to smear! 5. Note: the difference between posting to a BBS group or chat line and writing a letter to an editor is significant a) partly technological: it is vastly easier to compile records of postings than it is to cut clippings of letters to editors (though this will change rapidly as scanners make this easy) b) partly sociological: people who write letters know the letters will be with the back issues in perpetuity, that bound issues will preserve their words for many decades to come (and could conceivably come back to haunt them), but people who post to BBSes probably think their words are temporary c) and there are some other factors (1) no editing (2) no time delays (and no chance to call an editor and retract a letter written in haste or anger) (3) and letters can, and often are, written with the "Name Witheld" signature-this is currently next to impossible to do on networks (a) though some "forwarding" services have informally sprung up C. Businesses may wish to protect themselves from lawsuits over comments by their employees 1. the usual "The opinions expressed here are not those of my employer" may not be enough to protect an employer from lawsuits a) imagine racist or sexist comments leading to lawsuits (or at least being brought up as evidence of the type of "attitude" fostered by the company, e.g., "I've worked for Intel for 12 years and can tell you that blacks make very poor engineers.") 2. employees may make comments that damage the reputations of their companies a) Note: this differs from the current situation, where free speech takes priority over company concerns, because the postings to a BBS are carried widely, may be searched electronically (e.g., AMD lawyers search the UseNet postings of 1988-91 for any postings by Intel employees besmirching the quality or whatever of AMD chips), 3. and so employees of corporations may protect themselves, and their employers, by adopting pseudonyms D. Businesses may seek information without wanting to alert their competitors 1. this is currently done with agents, "executive search firms," and lawyers 2. but how will it evolve to handle electronic searches? 3. there are some analogies with filings of "Freedom of Information Act" requests, and of patents, etc. a) these "fishing expeditions" will increase with time, as it becomes profitable for companies to search though mountains of electronically-filed materials (1) environmental impact studies, health and safety disclosures, etc. (2) could be something that some companies specialize in E. Anonymous Consultation Services, Anonymous Stringers or Reporters 1. imagine an information broker, perhaps on an AMIX-like service, with a network of stringers a) think of the arms deal newsletter writer in Hallahan's The Trade, with his network of stringers feeding him tips and inside information (1) instead of meeting in secretive locations, a very expensive proposition (in time and travel), a secure network can be used (2) with reputations, digital pseudonyms, etc. 2. they may not wish their actual identities known a) threats from employers, former employers, government agencies b) harassment via the various criminal practices that will become more common (e.g., the ease with which assailants and even assassins can be contracted for) (1) part of the overall move toward anonymity c) fears of lawsuits, licensing requirements, etc. 3. Candidates for Such Anonymous Consultation Services a) An arms deals newsletter (1) an excellent reputation for accuracy and timely information (2) sort of like an electronic form of Jane's (a) with scandals and government concern (3) but nobody knows where it comes from (4) a site that distributes it to subscribers gets it with another larger batch of forwarded material (a) NSA, FBI, Fincen, etc. try to track it down b) "Technology Insider" reports on all kinds of new technologies (1) patterned after Hoffler's Microelectronics News, the Valley's leading tip sheet for two decades (2) the editor pays for tips, with payments made in two parts: immediate, and time-dependent, so that the accuracy of a tip, and its ultimate importance (in the judgment of the editor) can be proportionately rewarded (3) PK systems, with contributors able to encrypt and then publicly post (using their own means of diffusion) (a) with their messages containing further material, such as authentications, where to send the payments, etc. c) Lundberg's Oil Industry Survey (or similar) (1) i.e., a fairly conventional newsletter with publicly known authors (2) in this case, the author is known, but the identities of contributors is well-protected d) A Conspiracy Newsletter (1) reporting on all of the latest theories of misbehavior (as in the "Conspiracies" section of this outline) (2) a wrinkle: a vast hypertext web, with contributors able to add links and nodes (a) naturally, their real name-if they don't care about real-world repercussions-or one of their digital pseudonyms (may as well use cryptonyms) is attached i) various algorithms for reputations (1) sum total of everything ever written, somehow measured by other comments made, by "voting," etc. (2) a kind of moving average, allowing for the fact that learning will occur, just as a researcher probably gets better with time, and that as reputation-based systems become better understood, people come to appreciate the importance of writing carefully e) and one of the most controversial of all: Yardley's Intelligence Daily (1) though it may come out more than daily! (2) an ex-agent set this up in the mid-90s, soliciting contributions via an anonymous packet-switching sysem (a) refined over the next couple of years (b) combination of methods (3) government has been trying hard to identify the editor, "Yardley" (4) he offers a payback based on value of the information, and even has a "Requests" section, and a Classifed Ad section (5) a hypertext web, similar to the Conspiracy Newsletter above (6) Will Government Try to Discredit the Newsletter With False Information? (a) of course, the standard ploy in reputation-based systems (b) but Yardley has developed several kinds of filters for this i) digital pseudonyms which gradually build up reputations ii) cross-checking of his own sort iii) he even uses language filters to analyze the text (c) and so what? i) the world is filled with disinformation, rumors, lies, half-truths, and somehow things go on.... f) Other AMIX-like Anonymous Services (1) Drug Prices and Tips (a) tips on the quality of various drugs (e.g., "Several reliable sources have told us that the latest Maui Wowie is very intense, numbers below...") (b) synthesis of drugs (possibly a separate subscription) i) designer drugs ii) home labs iii) avoiding detection (2) The Hackers Daily (a) tips on hacking and cracking (b) anonymous systems themselves (more tips) (3) Product evaluations (anonymity needed to allow honest comments with more protection against lawsuits) 4. Newspapers Are Becoming Cocerned with the Trend Toward Paying for News Tips a) by the independent consultation services b) but what can they do? c) lawsuits are tried, to prevent anonymous tips when payments are involved (1) their lawyers cite the tax evasion and national security aspects F. Private Data Bases 1. any organization offering access to data bases must be concerned that somebody-a disgruntled customer, a whistleblower, the government, whoever-will call for an opening of the files a) under various "Data Privacy" laws b) or just in general (tort law, lawsuits, "discovery") 2. thus, steps will be taken to isolate the actual data from actual users, perhaps via cutouts a) e.g., a data service sells access, but subcontracts out the searches to other services via paths that are untraceable (1) this probably can't be outlawed in general-though any specific transaction might later be declared illegal, etc., at which time the link is cut and a new one is established-as this would outlaw all subcontracting arrangements! (a) i.e., if Joe's Data Service charges $1000 for a search on widgets and then uses another possibly transitory (meaning a cutout) data service, the most a lawsuit can do is to force Joe to stop using this untraceble service (b) levels of indirection (and firewalls that stop the propagation of investigations) G. Medical Polls (a la AIDS surveys, sexual practices surveys, etc.) 1. recall the method in which a participant tosses a coin to answer a question...the analyst can still recover the important ensemble information, but the "phase" is lost a) i.e., an individual answering "Yes" to the question "Have you ever had xyz sex?" may have really answered "No" but had his answer flipped by a coin toss 2. researchers may even adopt sophisticated methods in which explicit diaries are kept, but which are then transmitted under an anonymous mailing system to the researchers a) obvious dangers of authentication, validity, etc. H. Medical testing: many reasons for people to seek anonymity 1. AIDS testing is the preeminent example 2. but also testing for conditions that might affect insurablity or employment (e.g., people may go to medical havens in Mexico or wherever for tests that might lead to uninsurability should insurance companies learn of the "precondition") 3. except in AIDS and STDs, it is probably both illegal and against medical ethics to offer anonymous consultations a) perhaps people will travel to other countries VI. Anonymity in Belonging to Certain Clubs, Churches, or Organizations A. people fear retaliation or embarassment should their membership be discovered, now or later 1. e.g., a church member who belongs to controversial groups or clubs B. mainly, or wholly, those in which physical contact or other personal contact is not needed (a limited set) C. similar to the cell-based systems described elsewhere D. Candidates for anonymous clubs or organizations 1. Earth First!, Act Up, Animal Liberation Front, etc. 2. NAMBLA and similar controversial groups E. all of these kinds of groups have very vocal, very visible members, visible even to the point of seeking out television coverage F. but there are probably many more who would join these groups if there identities could be shielded from public group, for the sake of their careers, their families, etc. G. ironically, the corporate crackdown on outside activities considered hostile to the corporation (or exposing them to secondary lawsuits, claims, etc.) may cause greater use of anonymous systems 1. cell-based membership in groups H. the growth of anonymous membership in groups (using pseudonyms) has a benefit in increasing membership by people otherwise afraid to join, for example, a radical environmental group VII. Anonymity in Giving Advice or Pointers to Information A. suppose someone says who is selling some illegal or contraband product...is this also illegal? B. hypertext systems will make this inevitable VIII. Anonymous Voting in Clubs, Organizations, Churches, etc. A. a major avenue for spreading CA methods: "electronic blackballing," weighted voting (as with number of shares) 1. e.g., a corporation, perhaps one of JH's, issues "voting tokens," which can be used to vote anonymously a) or even sold to others (like selling shares, except selling only the voting right for a specific election is cheaper, and many people don't much care about elections) 2. a way to protect against deep pockets lawsuits in, say, race discrimination cases a) wherein a director is sued for some action the company takes-anonymity will give him some legal protection, some "plausible deniability" 3. is possible to set up systems (cf. Salomaa) in which some "supervotes" have blackball power, but the use of these vetos is indistinguishable from a standard majority rules vote a) i.e., nobody, except the blackballer(s), will know whether the blackball was used! b) will the government seek to limit this kind of protocol? (1) claiming discrimination potential or abuse of voting rights? B. will Justice Department (or SEC) seek to overturn anonymous voting? 1. as part of the potential move to a "full disclosure" society? 2. related to antidiscrimination laws, accountability, etc. C. Anonymous Voting in Reputation-Based Systems (Journals, Markets) 1. customers can vote on products, on quality of service, on the various deals they've been involved in a) not clear how the voting rights would get distributed b) the idea is to avoid lawsuits, sanctions by vendors, etc. (as with the Bose suit) 2. Journals a) a canonical example, and one which I must include, as it combines anonymous refereeing (already standard, in primitive forms), hypertext (links to reviews), and basic freedom of speech issues b) this will likely be an early area of use 3. this whole area of consumer reviews may be a way to get CA bandwidth up and running (lots of PK-encrypted traffic sloshing around the various nets) IX. the 100% traceability of public postings to UseNet and other bulletin boards is very stifling to free expression and becomes one of the main justifications for the use of anonymous (or pseudononymous) boards and nets A. there may be calls for laws against such compilation, as with the British data laws, but basically there is little that can be done when postings go to tens of thousands of machines and are archived in perpetuity by many of these nodes and by thousands of readers B. readers who may incorporate the material into their own postings, etc. (hence the absurdity of the British law) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: thug@phantom.com (Murdering Thug) Date: Sun, 28 Feb 93 06:59:19 PST To: cypherpunks@toad.com Subject: Real life pseudonyms (was re: more ideas on anonymity) In-Reply-To: <9302280245.AA59295@acs1.acs.ucalgary.ca> Message-ID: MIME-Version: 1.0 Content-Type: text/plain Douglas Sinclair writes: > I don't know the US laws on pseudos. However, here in Canada one is allowed > to go by whatever name one wishes PROVIDED it is not for fraudulent reasons. > This also includes signatures -- I can sign as whoever I wish. However, > if the contract has a clause saying "This is the name by which I am > legally and correctly known" then you are commiting fraud by signing with a > psuedo. This is in the fine print of a surprising number of things . I remember reading or hearing something similar as it applies in the United States. It seems that, as long as you're not committing a crime or a fraud, in the process, you may identify by whatever name you wish. Can anyone with a legal background confirm or deny this? However, I am wondering if it also legal to present false ID in order to insure your privacy/anonymity. And isn't misrepresenting your true identity considered to be a fraud in and of itself? For instance, can I walk into a U.S. bank, present false ID, and obtain a checking account to use for legitimate reasons? How about a credit card? Is this legal? I mean, I'm not stealing any money/products/services from anybody, I'm only using a pseudonym. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sun, 28 Feb 93 09:58:36 PST To: cypherpunks@toad.com Subject: anon user on cypherpunks list In-Reply-To: <9302281238.aa19179@penet.penet.FI> Message-ID: <9302281755.AA13087@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain I have changed the subscription name in the list to the "na" form, so the immediate problem for cypherpunks is fixed. But this problem will persist. Many, if not most, mailing lists are running automated list software and the address given in the subscription request is the address added. Even if the administrator manually changes the entry, the old one can be added right back. Mailing list software could be changed to notice penet anonymous addresses, but don't hold your breath for that to be deployed soon. There are two problems with the current anon@penet design that I see as fundamental. The first, widely discussed and the proximate cause of the above problem, is automatic pseudonym generation. The second is ensured by the first and is subtler: the remailer does not allow multiple pseudonyms per incoming email address. Multiple pseudonyms allow compartmentalization and has two benefits. The first benefit is unlinkability. I have sometimes wanted to argue both sides of an issue, but refrained because that is too confusing for most to follow. (The semiotics of "consistency/ignorability" and "one mind/one opinion" are fascinating and, here, digressing.) I might also wish to argue in two completely different fora and not have these seen as the same person. For every reason you might want a pseudonym in the first place, you might also want a "pseudonym from your pseudonym," especially if you use it a lot. The second benefit of compartmented identities happens when the pseudonym is revealed, either by choice or by chance. There are many situations when a temporary identity might be desired; I leave it to others to list them. With the current single-pseudonym system, one revelation of identity reveals all others. When there is no particular benefit to being seen as the same identity, I would rather have multiple identities for exactly this reason. As far as implementations go, having multiple pseudonyms requires that a separate "request for pseudonym" be added, as well as a way to indicate from which pseudonym (or none of them) mail should be from. I would suggest bouncing mail to "an" style addresses unless a pseudonym has been declared; the bounce message would, of course, contain instructions on how to obtain a pseudonym or use the "na" form. Therefore, I would suggest that a second version of the pseudonymous system at penet do away with automatic generation and support multiple pseudonyms. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sun, 28 Feb 93 10:09:40 PST To: cypherpunks@toad.com Subject: dispatches from the front lines of anonymity In-Reply-To: <9302281154.aa16279@penet.penet.FI> Message-ID: <9302281806.AA13608@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >A more important matter is the way the group should be implemented. >Moderated or unmoderated doesn`t matter, as the server already knows how >to send messages to moderated groups to the moderator. Actually, I was thinking that whistleblower@anon.penet.fi would _be_ the moderator. Then you just post directly. All the messages would come from that address, and no id's would be assigned. Since all messages are from "whistleblower", replies to a poster go right back out to the list, also anonymized. It's actually a much simpler system than is currently implemented, since id's arenit involved at all. >Pros are that it would make it very hard to track down the real >poster, cons that it would be impossible to tell the different >posters from each other, thus not enabling informers to earn good or >bad reputations, unless they include key signatures or something. PGP 2.1 contains the cleartext-signature feature, and the periodic posting to the list should mention this. This allows a real pseudonym to develop, just like we want. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jordan@imsi.com (Jordan Hayes) Date: Sun, 28 Feb 93 09:22:36 PST To: cypherpunks@toad.com Subject: Re: more ideas on anonymity Message-ID: <9302281608.AA14296@IMSI.COM> MIME-Version: 1.0 Content-Type: text/plain From thug@phantom.com Sat Feb 27 20:56:03 1993 Try telling this to the person behind the counter when you're trying to rent a car, rent a hotel room for the night, or rent a mailbox for 6 months. These are examples of transactions that are *ongoing* and thus are *not* satisfied by an initial cash payment. When you rent a car or hotel room, the transaction does not finish until you have left and the room has been inspected. At my mailbox service, I can incur charges for all kinds of things (receiving COD packages, receiving faxen, etc.) during the term of my rent. The thing is, they never ask for ID if you're paying by credit card since they assume the credit card is enough proof of who you are. No, the credit card says they can recover damages if you trash the room. /jordan From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jordan@imsi.com (Jordan Hayes) Date: Sun, 28 Feb 93 09:22:41 PST To: cypherpunks@toad.com Subject: Re: Real life pseudonyms (was re: more ideas on anonymity) Message-ID: <9302281619.AA14306@IMSI.COM> MIME-Version: 1.0 Content-Type: text/plain From thug@phantom.com Sun Feb 28 10:48:57 1993 For instance, can I walk into a U.S. bank, present false ID, and obtain a checking account to use for legitimate reasons? Banking and Tax regulations provide solid legal ground for requiring banks to verify identity and Tax status in the US. Answer: no. By definition, there are no "legitimate" reasons for having a checking account in this country that is unaccountable. There are plenty of other ways of hiding cash and money transactions without involving the US banking system. They don't want you to do this ... I'm not stealing any money/products/services from anybody, I'm only using a pseudonym. No, you're just avoiding the accountability of your money. This is akin to not reporting income. It's patently illegal. You can stand down your color PostScript printer now ... /jordan From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: strat@intercon.com (Bob Stratton) Date: Sun, 28 Feb 93 08:41:31 PST To: cypherpunks@toad.com Subject: Real life pseudonyms (was re: more ideas on anonymity) In-Reply-To: Message-ID: <9302281640.AA13450@intercon.com> MIME-Version: 1.0 Content-Type: text/plain >>>>> On Sun, 28 Feb 93 9:51:36 EST, thug@phantom.com (Murdering Thug) said: MT> I remember reading or hearing something similar as it MT> applies in the United States. It seems that, as long as MT> you're not committing a crime or a fraud, in the process, MT> you may identify by whatever name you wish. Can anyone MT> with a legal background confirm or deny this? Not being a lawyer, but an engineer with unhealthy interest in such matters, I've looked a few things up and it appears that in most relationships, using an assumed name is not fraud, unless "intent to defraud" is present. Needless to say that's not very clear-cut these days. MT> However, I am wondering if it also legal to present false MT> ID in order to insure your privacy/anonymity. And isn't MT> misrepresenting your true identity considered to be a MT> fraud in and of itself? Again, using aliases does not appear to be "malum in se", that is, evil in and of itself. BUT, one thing I found in the course of doing a Westlaw search on the use of Social Security Numbers:The federal laws on SSN use were amended for the purpose of preventing welfare fraud, and wound up with a potentially threatening modification. The law used to say that it was illegal to give an invalid SSN in certain circumstances, for the purpose of obtaining gov't benefits inappropriately. The bad news is that it says that, but with "or for any other purpose" appended. Thus, it appears that tossing around bogus SSNs (which are still on many driver's licenses - sigh) could well be an offense in and of itself. I'll try to dig up the citations. --Strat From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sun, 28 Feb 93 11:54:03 PST To: cypherpunks@toad.com Subject: A Modest Proposal In-Reply-To: <9302280259.AA20523@longs.lance.colostate.edu> Message-ID: <9302281950.AA17286@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain I wrote: >The only perfectly unambiguous position is that every use is a >legitimate use. and then L.D. wrote: >Once again I'm very seriously disturbed at the sentiments presented by >some eminent members of this list. I believe in free speech perhaps as >rabidly as the next guy, but many of the most rabid advocates recognize >that there are limitations on `freedom'. Gotcha. I make no claim above as to the propriety of an unambiguous position, merely that there is one and only one completely clear position. (There is another, that no use is legitimate, and we here conveniently ignore that one :-) The consequences of unambiguity must affect our discussions of this matter. If we desire unambiguity, then there is no need to distinguish between uses. If, however, the unambiguous solution is not desirable, then there must be decisions made about propriety. As with every other question of power, the real question is "_Who_ decides propriety?" The questions "What are significant criteria?", "When is the decision made?", and others are all subordinate to the question "Who decides?" Roughly speaking, there are three situations regarding anonymous communication: the sender, the carrier, and the receiver. In each of these, we can examine what decisions they are _able_ to make. As sender, I can choose who I present myself as, whom I send to to, what carriers I want, and what I want to say. As carrier, I can choose whom to accept messages from, whom to send them to, what content I am willing to pass. As receiver, I can choose what carriers to receive messages from, and from whom to accept mail. >Anybody here that thinks that an anonymous service can act something >like a Unix pipe that just passes the raw stuff through forever >unhindered and uninterrupted is seriously deluding himself. Well, an anonymous service _can_ do just that. Whether or not the rest of the world continues to communicate with them is a separate question, an important question in the short run to be sure. Acknowledgement that a procedure is an exigency does not make that procedure desirable of itself. All differential carriage based on content is censorship. I acknowledge the exigency of certain forms of censorship in currently deployed anonymous systems. Nonetheless, I will never desire censorship for its own sake and I will also fight to remove the conditions which make censorship exigent in the first place. The problem is, who decides what is exigent? We can either answer that question, or change the world so that we never need ask it. I decline to respond to the essay by Mr. D. Lewdud. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: chrmsync@mindvox.phantom.com (Chrome Sync) Date: Sun, 28 Feb 93 09:03:03 PST To: cypherpunks@toad.com Subject: Real life pseudonyms Message-ID: MIME-Version: 1.0 Content-Type: text/plain In the US, you can use any identity you like, provided you're not doing so to defraud anyone ... that is, if you do it to escape child care payments, that's fraud. If you do it to rent a mailbox, *provided you don't do anything otherwise illegal using the mailbox*, it's kosher. Start a checking account -- I don't see why not. I have a casual background in law/law enforcement, but got the first two examples from a law school grad. who is currently working for a law enforcement agency. I'lll have to run the third one by him ... Best, [ Cyber-Renaissance Man ] || || || Chrome Sync || || || [* & Frank Sinatra Fan *] From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sun, 28 Feb 93 12:11:20 PST To: cypherpunks@toad.com Subject: more ideas on anonymity In-Reply-To: <9302280438.AA26643@steve-dallas.MIT.EDU> Message-ID: <9302282008.AA17976@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >With certain exceptions, like the mailbox example, most situations of >"rent foo" require the lessor to take a risk, and he wants *some* >assurance that he'll get his rented thing back. I'm not going to rent >a car to someone without ID, for cash, because I have no guarantee >that he isn't going to drive away with it and never come back. Privacy costs. It is possible to create a company which offers insurance against damage and loss, paid for by the user, assigned to the owner. Such a policy could be presented to a car rental agency in lieu of your name. Your transaction with the rental agency would then be anonymous, even if your transaction with the insurer were not. Such an arrangement might even be preferable to a rental agency, since it means they don't have to go after individuals with shallow pockets in the event of damage or loss. I can even imagine such a company which offers standard policies for any number of different objects, written and digitally signed over the phone. Want to rent and apartment? Get your damage and last month's rent insured. There is already such a thing as "completion insurance" for construction and the like, purchased by the builder as a condition of contract. If the transaction costs of this and similar types of insurance were lowered, anonymity in the real world would increase. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Sun, 28 Feb 93 02:13:59 PST To: Matthew Rapaport Subject: Re: More ideas on anonymity In-Reply-To: <9302272259.AA29137@netcom2.netcom.com> Message-ID: <9302281129.aa16174@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > This may be an example of an intractable problem. A case where > legitimate interests are mutually exclusive at least in practice of not > in theory. True. Sigh. > If Johan has restricted output due to pressure from those communities, > then he has already been forced to hobble his service's most significant > *potential* benefit to the community. Just want to clarify this... I did block access to groups outside alt.* and soc.* for a week while the worst storm was raging, especially as Karl Kleinpaste was threatening to kill the server by flooding. I did re-establish the service as soon as there had been enough opposition to Karl's suggestion. At this point, only two groups are blocked, rec.nude and soc.singles, both as a result of a formal poll on the group in question. > If a serious whistlblower were to > come along with some serious evidence and credibility, it is likely that > he/she would want to post his/her evidence in one or more of the groups > Johan has locked out! I suppose this is why we are creating alt.whistleblowers. Other people could forward those messages to any potentially blocked groups. > I mean no aspersion on Johan here, he is laboring > under pressure I'm sure, and he is a pioneer in all of this, and we are > sharing his experience. I don't mean to take political sides either, > both sides of the debate have legitimate arguments. In the one other > post I made on this topic before, I received but one reply remarking > that I "was preaching to the choir". Well, I freely admit this is a learning experience for me. And I have also started to realize that at some point I'm going to have to shut donwn anon.penet.fi and set up Mark II, based on all the experience we all have gained in this process. And I really do appreciate all the enormously valuable experience and input this group has given me in this matter! > The mutually exclusive nature of these principles emerges in practice > from what a former boss of mine called the human "ornery" factor. In > this case that some number of individuals will exercise their "right to > anonymity" not because they have to, but just because it's there. Yes, I think I have seen enough good (bad) examples of this in action by now, but I am afraid I'm going to see a lot more... > Believe me I sympathize with this view. It keeps authorities and > would-be authorities on notice that there are those who will test the > limits of their rights and signal the rest of us if they are eroding. I > also accept Hal's argument that we are protecting ourselves from > possible future abuses of central authority. But I also sympathize with > the sentiments of the other side, that most of the time it is desirable > to put your name where your mouth/keyboard is. A consensual solution to > this problem depends on a common political viewpoint, something that is > certainly not in the cards for contemporary net participants. Right. So for now we will just have to do a tightrope act... Anyone know where I can get a pair of glittering thights? Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: swc@uc1.ucsu.edu (Stuart W. Card) Date: Sun, 28 Feb 93 09:09:37 PST Subject: a few opinions, unasked Message-ID: <9302281720.AA28414@uc1.ucsu.edu> MIME-Version: 1.0 Content-Type: text/plain 1) Within a couple of years I am going to be setting up a network of systems incorporating (among other functions) remailing. I won't know the 'true' identity of my subscribers any more than anyone else will. If someone PROVES to me that a particular pseudonymous account has been used for conspiracy to initiate force or committ fraud, I will shut it down. But then, the (former) user can just obtain a new pseudonymous account from me, and I won't even know it is the same guy. So what's the point? Quit discussing whether or not we SHOULD restrict anonimity or pseudonymity. We CAN'T, because there are jerks like me who will set up systems which will provide for total anonymity of subscriber applications. End of thread, I hope. 2) Use of false ID is illegal in New York State, and (I think) throughout the United States. The definition of false ID is fuzzy, however. If you modify your driver's license or other government-issued ID, definitely a crime. However, if you obtain legitimate ID from someone under a name other than the one you mostly use, that is not necessarily fake ID. for instance, if I am known to Joe's ID Cards-Are-Us as Mr. John Smith, and he issues me an ID card in that name, neither of us has committed a crime, UNLESS there is intent to use it to defraud or committ some other crime (such as obtain admission to an alcohol-serving establishment if under legal drinking age). How do I know? I moonlight as a bouncer at a bar, and (unique!) have actually read SOME of the applicable law. 3) The ratio of philosphical ramblings to pragmatic how-to information is pretty high. For me personally, that means (S+N)/N < 0 dB. Is there a forum for discussion strictly of how to do it on a commercial basis or society-affecting scale? I already have my philosophical house in order (IMnotsoHO) and can't afford to waste time in discussion vs action. I don't wish to insult anyone, this discussion here has tremendous value, just not to me right now. 4) Anyone got any idea how I plan to provide pseudonymous accounts on a commercial (read, I MAKE MONEY AT IT) basis, while maintaining total anonymity of subscriber applications (and pseudonymity of payments on account)? I have a plan, but would like to see if it is obvious before explaining it; also, I would like to see if there ar other ways to do it. Who is John Galt? -- Stuart W. Card From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Sun, 28 Feb 93 02:53:34 PST To: Eric Hughes Subject: Re: dispatches from the front lines of anonymity In-Reply-To: <9302272115.AA08914@soda.berkeley.edu> Message-ID: <9302281154.aa16279@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > Please advise. alt.whistleblower, in addition to being a public good, > is a great way to raise hell. True. Actually, I want to ask for some help/advice. I am about to implement alt.whistleblower on anon.penet.fi. But one thing I think I would like some input on is the description text of the newsgroup for the newsgroups file. A more important matter is the way the group should be implemented. Moderated or unmoderated doesn`t matter, as the server already knows how to send messages to moderated groups to the moderator. But how should it differ from other groups on anon.penet.fi? All groups will be able to accept PGP-encrypted messages, but I was thinking of making a.w a special case where id's aren't allocated at all, and every message would just come from "an000000" or something. Is this a good idea? Pros are that it would make it very hard to track down the real poster, cons that it would be impossible to tell the different posters from each other, thus not enabling informers to earn good or bad reputations, unless they include key signatures or something. Comments? Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Sun, 28 Feb 93 03:25:51 PST To: cypherpunks-request@toad.com Subject: anon user on cypherpunks list Message-ID: <9302281238.aa19179@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain Er... Seems somebody has added an13556@anon.penet.fi to the mailing list, causing every message on the list to go through the server. This results in everyone sending to the list being allocated an anon id! Could you please change the address to be na13556@anon.penet.fi instead, thus avoiding the problem (yes, I've implemented the feature, but I don't want to announce it yet, as there are some implications I want to fix first...). Also a *WARNING*... an13556@anon.penet.fi now knows the anon id of everyone who have not set a password on anon.penet.fi, and have sent messages to the list recently. So if you have been allocated an id as a result of mailing to the list, you probably want to mail me and ask to be deleted from the anon database. Julf (admin@anon.penet.fi) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Matthew J Miszewski Date: Sun, 28 Feb 93 11:55:56 PST To: cypherpunks@toad.com Subject: Fake ID to protect ID Message-ID: <23022813532303@vms2.macc.wisc.edu> MIME-Version: 1.0 Content-Type: text/plain With regard to Thug's question about the use of false identification for legal purposes, I did some cursory legal research on the subject. A search through LEXIS brings up only three cases throughout all of the federal and state scourts. The first case, and in fact the one most on point is a 1991 US court of appeals case (LEXIS 219121). In this case, the defendant attempted to utilize the 'Thug defense' of no intent to defraud. Unfortunately, the court held that the actual making of false identification papers was the illegal act and that the potential for illegal use was sufficient to merit prosecution. There are a few possible ways a good attorney could get around this ruling though. First of all, the case is not a 'published' decision. Therefore it really holds little fmore than persuasive authority:). Secondly, the defendant in this case actually was involved in a conspiracy to commit illegal acts (whereas Thug is only interested in protecting his true identity). Finally, there is an incredible void of case law on this specific subject. That means that a few cyber test cases making there way through the correct legal channels, argued in the correct way, could start an actually legally recognized 'thug defense'. Unfortunately, there are other problems (legal0 with the use of false ID. Misrepresentation can be both tortious and can be utilized to weasel out of otherwise sufficient contracts. For the interests on this list, it would probably be best to balance all of your interests and only use Thug's suggestions when you are in realistic fear of abuse of your identity. I will do further research on the subject (This was only a quick search). Anyone with other legal questions (NOT people looking for legal advice per se) that I might hellp out with (RESEARCH ONLY) mail me privately. mjmiski@macc.wisc.edu - Although I may detest what you say, I will defend with my life your right to say it - Voltaire From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: hkhenson@cup.portal.com Date: Sun, 28 Feb 93 14:22:39 PST To: cypherpunks@toad.com Subject: Re: EFF Speaks to CIA Message-ID: <9302281359.2.6481@cup.portal.com> MIME-Version: 1.0 Content-Type: text/plain A substantial number of you have probably seen this already, but if it missed--well, it is worth reading. Keith Henson ------ Remarks of John Perry Barlow to the First International Symposium on National Security & National Competitiveness McLean, Virginia December 1, 1993 I can't tell you the sense of strangeness that comes over someone who earns his living writing Grateful Dead songs, addressing people who earn their livings as many of you do, especially after hearing the last speaker. If you don't appreciate the irony of our appearing in succession, you have no sense of irony at all. You and I inhabit very different worlds, but I am pleased to note, as my presence here strongly suggests, these two worlds may be growing closer. The reason I am here has absolutely nothing to do with the Grateful Dead. I'm here because I met a fellow named Mitch Kapor in 1989. Despite obvious differences, I felt as if we'd both been up in the same saucer or something...that we shared a sense of computers being more than just better adding machines or a better typewriters. We saw that computers, connected together, had the capacity to create an environment which human beings could and did inhabit. Yesterday, I was encouraged to hear evidence that [former Presidential Science Advisor] Dr. Jay Keyworth and [Conference Organizer and former CIA agent] Robert Steele, might have been up in that saucer too. The people who share this awareness are natives of the future. People who have a hard time with it may always be immigrants. When Mitch and I saw that computers had created a place, we started asking some questions about what kind of place it was....what were the operating terms and conditions of this place, what kinds of people already lived there, who was going to inhabit it, what was going on in it, did it have a name? We decided to name it Cyberspace, after Bill Gibson's description of a futuristic place rather like it which we found in his novel Neuromancer. Rather than being a figment of Bill's imagination, we felt that Cyberspace was already up and happening. Indeed, if you're having trouble with the concept, ask yourself where phone conversation takes place. That's right. Cyberspace is where you are when you're on the phone. It's also where most of your money is, unless you keep it in Krugerands buried out in the garden...which I suppose some folks in this room might just do. It's also...and I think this is very important... the place where the greater part of the world's business is happening now. So it's a highly significant locale, and yet it's invisible to most of the people who are in it every day of their lives. I believe it was Marshall McLuhan who said, "We don't know who it was that discovered water, but we're pretty sure it wasn't a fish..." In any case, when EFF first got together, our principal concern was making certain the U.S. Constitution applied to Cyberspace. We could see the government, specifically the Secret Service, taking actions which made it obvious that they didn't quite get it. They didn't seem to be acting out of malice, but they were, at best, differently clued. They clearly didn't understand that the First Amendment applied as certainly to bytes as it did to ink on paper. At the time we thought that we could just hire a few nasty civil liberties lawyers from New York to put the fear of God in them, and that would be that. But it's been like tugging at a thread on your sweater, where you begin to pull, and pretty soon you have more thread on the ground than on your back. It turns out that there are questions raised in this environment to which we don't have good answers. Indeed, it turns out that this is a place where the First Amendment...along with just about every other law on the planet...is a local ordinance. There are no clean jurisdictional boundaries. This is a place which may always be outside the law. This may be an unwelcome concept, but it is true, and it is something we will all have to grapple with as society moves into the virtual world. I believe you folks in the Intelligence Community are going to be challenged by these issues as directly as anyone. This is because intelligence, and especially the CIA and NSA, are supposed to work under stern guidelines intended to separate the domestic from the foreign. You're not supposed to be conducting domestic surveillance. Well, in Cyberspace, the difference between domestic and foreign, in fact the difference between any country and any other country, the difference between us and them, is extremely blurry. If it exists at all... This is also an economic environment in which everyone seems to be everywhere at once. I hear you're becoming interested in protecting American Business from foreign espionage. But against this "everywhereness" it becomes very difficult to say, "Alright, this is our guy, this is General Motors, we're going to take care of his interests." Nothing is so cleanly delineated. These are a few of the fundamental changes which arise as a result of literally moving out of the world of experience and onto the map of information. Another one which is especially pertinent to the people in this room, is what happens when you have direct e-mail access to every member of your organization. This can have a terrifically decentralizing effect on structure. It weakens hierarchy. It flattens the organization. It can create one hell of a lot of confusion, even as it speeds response time. There are in this room representatives of some tall and rigid outfits. Prepare for the possibility that your organization is about to go all flat and squishy due to tenderizing influence of e-mail. We are also looking at a complete redefinition of ownership and property. I mean, we now have the mind as our principle source of commercial goods. At last it seems we can we can really get something for nothing. As recently as fifteen years ago all new wealth derived from minerals extraction or agriculture. Everything else was simply passing it around. No longer must you rip your goods from the ground. You don't have to wait for the sun to grow some. New wealth can be had by just sitting around and rubbing some facts together...essentially what you folks have been doing all along. This economy of virtual substance is a fundamental change and one which you can exploit if you're willing. We're also looking at some fundamental shifts in the nature of property. This is going to be relevant to you as you move into a more open interaction with the rest of the world. In an information economy, much depends on the sanctity of copyright. But copyright, it turns out, derives most of its force from the physical manifestation of intellectual property. Copyright protects expression, the thing that happens when you print a book or press a record. In Cyberspace, you don't get that manifestation. It never goes physical. So the bottles we have been relying on for the protection of our intellectual goods are disappearing, and, since we've been selling bottles and not wine all along, we will soon have a lot of wine and nothing to put it in. Interesting problems will arise. They're already upon us. In any case, when EFF saw the multitude of things going on in this arena, we battened ourselves down for the long haul, and we are dealing with a whole range of issues, including the Open Platform initiative. Which is our effort to try to deploy something like universal data service. We believe that the best thing that could happen for the American economy, and actually the best thing that could happen for liberty on the Planet Earth, would be to make everyone capable of jacking in if they want to. We find that other countries are lagging in this. For example, the Japanese see absolutely no use for high speed personal data connections. The folks at NTT certainly can't see any reason to trade their 70,000 operators on digital switches. So we have a significant leg up on the Japanese that is not well known in this country. Another thing that we are working on is the FBI's Digital Telephony proposal which is, as you may know, the idea that we should stop all telecommunications progress in this country in order to accommodate the FBI is just amazing to me, and yet it somehow manages to live on Congress. Also, for those of you whose badges say U.S. Government [code for National Security Agency], we are trying to overturn NSA's data encryption embargo. It's our position that trying to embargo software is like trying to embargo wind. This is a fact that you are going to have to come to grips with. Digitized information is very hard to stamp "classified" or keep contained. This stuff is incredibly leaky and volatile. It's almost a life form in its ability to self-propagate. If something hits the Net...and it's something which people on there find interesting...it will spread like a virus of the mind. I believe you must simply accept the idea that we are moving into an environment where any information which is at all interesting to people is going to get out. And there will be very little that you can do about it. This is not a bad thing in my view, but you may differ... I'm going to talk a little bit now about the very nature of information. This conference, I must say, has blown me away. I had no idea there were people in your [the intelligence] community talking about these things. I am pleased and gratified by the folks I have met here and talked to personally, but I want to reiterate Dr. Keyworth's phrase yesterday: which is that government, especially American government, must end its obsession with secrecy. We must do so because we are engaged in...and I don't want to use the word warfare here...we are engaged in a form of economic competition where our principal advantage is our ability to distribute information. It is not our ability to conceal it. Perhaps this has always been true. Let me tell you a story. Last year, I was addressing the computer security establishment at the Department of Energy. These are the people in charge of protecting the computers that nuclear weapons get designed on. The other keynote speaker at this conference was, uh, Edward Teller. [Laughter.] Yeah, well, I was pretty sure if evil walked the planet, its name was Edward Teller. Anyway, I got up and said that I wasn't sure that DOE's secrecy was an asset. I wasn't going to say that it was a liability, so much as beside the point. After all, I know how to make an atomic bomb. You give me five and a half pounds of weapons grade plutonium and a week in my garage and I'll give you a nuclear weapon. It will be dirty, but it will work. The problem for anyone who wants to do this is that they can't get enough industrial capacity ginned up to create the plutonium. I mean, I just can't get my high temperature gas diffusion centrifuges to work. Indeed, it takes a whole society to put them together, even if the design information is available. It is not the information, which is readily available, that is crucial. It is the ability to execute that is the critical factor. I was interested to see how Dr. Teller would respond to that. To my surprise and satisfaction, he got up and agreed with me completely. He went on to say that he had never found a nuclear secret that the Russians could not obtain within a year of its development. Where they couldn't compete with us was in the areas where we were wide open. He cited the electronics industry, saying that at the end of World War II, we were about 20 years ahead of the Russians in nuclear weapons design, and roughly neck and neck in the electronics. Both sides entered a closed program on nuclear weapons design. And we went into a wild free-for-all in electronics. I mean, you should know that in the computer business, there are so many loose lips, you actually have to really try not to learn what you competitor is up to. Computer scientists are the meetingest bunch of people you ever saw, and when they meet, they tell one anther everything. The results of this approach speak for themselves. As Dr. Teller pointed out, by the time the Russians quit being a threat, they had moved to a position of parity with us in nuclear weapons, but they were 25 to 30 years behind us in electronics. I suspect one reason for this conference is to figure out how you guys are going to make your living now that the Party's Over. I believe the Intelligence Community still has a role. We are entering the Information Age. And Information, after all, is what you do. You have an edge in the field, and I would hate to see you blow your lead. But there are some serious issues about information which must be dealt with, and they have almost nothing to do with whether it is open or closed. The real questions regarding information relate to usability...whether or not it is meaningful, whether or not it is relevant, whether or not it accurate, whether or not it is genuinely useful. There is, for example, an enormous amount of information on the Net. But the signal-to-noise ratio on the net is terrible. There's an awful lot of racket. So I suppose you do get a kind of secrecy, rather as in those fancy restaurants with the highly reflective walls, where you can hear the people shouting at you at your table, but you can't make out what anyone else is saying for the hub-bub. It's the intimacy of white noise. You folks have some expertise in an important function: sorting out that which is relevant from the huge spray of data that is coming at everyone. That is an important problem that is largely overlooked...so far the software solutions to it don't strike me as being much good. We talk about "smart agents" but they aren't smart, they're pretty dumb. You send them out and they return with too much. The problem is that the difference between data and information is meaning, something machines know little of. To determine whether data are meaningful, whether they are, in fact, information, you must pass them through a human mind. There is also a question of authority, reliability, and bias. For example, I think one of the things you will find in using open sources is that most media are intentionally designed to evoke a fearful response in the reader. I mean, fear sells, as well you know. Perhaps you have an important role in certifying the reliability of materials in open circulation. Perhaps you are already engaged in it. I recently got a call from a friend who is an expert on computer networking in the Confederation of Independent States, or whatever they call what's left of the Evil Empire these days. He was in a terrible state. He said, "I just got visited by the CIA, I don't know what to do. They showed up and wanted to know all about my most recent report. I'm afraid they're going to try to make me a CIA agent!" A scary thought, eh? I told him, "Look, it seems to me you already are a CIA agent." They're just trying to figure out if you're a good one!" We may find that there are many CIA agents, of widely varying reliability. The real CIA agents will have the subtler job of finding out which of them is telling the truth. The most important problem which the intelligence community must now confront relates to your own bureaucratic sclerosis and the pace at which information moves through your honeycomb of secrecy. The future, as IBM is learning, will be to the supple and swift and not necessarily to the mighty. In a world moving as rapidly as this one, information becomes incredibly time sensitive. Even if you do...as I think you absolutely must...eliminate the unnecessary classification within and without your organizations, you still have all the cumbersome buffers of bureaucracy to contend with. As I was preparing these remarks, I considered coming in here and suggesting that you break up the CIA into about five different private companies and go into business. That's probably too good an idea to implement. But it seems worthy of consideration. There is something that happens to your sense of urgency when you have a bottom line. You know that if you don't deliver, someone else will, which might be exactly the though to leave you on. I would like to thank you very much for your indulgence of an entirely different perspective. I've genuinely enjoyed this opportunity to get to know you. -- <<*>><<*>><<*>><<*>><<*>><<*>> Cliff Figallo fig@eff.org Electronic Frontier Foundation (617)576-4500 (voice) Online Communications Coordinator (617)576-4520 (fax) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Seth Morris Date: Sun, 28 Feb 93 12:04:18 PST To: julf@penet.fi (Johan Helsingius) Subject: Re: dispatches from the front lines of anonymity In-Reply-To: <9302281154.aa16279@penet.penet.FI> Message-ID: <9302281941.AA23759@lambada.oit.unc.edu> MIME-Version: 1.0 Content-Type: text > accept PGP-encrypted messages, but I was thinking of making a.w a > special case where id's aren't allocated at all, and every message would > just come from "an000000" or something. Is this a good idea? Pros are > that it would make it very hard to track down the real poster, cons that > it would be impossible to tell the different posters from each other, > thus not enabling informers to earn good or bad reputations, unless they > include key signatures or something. I like the idea, but would this make it impossible to respond anonymously and/or privately to a whistleblower? I couldn't write back privately to compare evidence if I didn't want to go public with my information yet (assuming that I had a similar interest, of course). Of course, if they have included a public key I could post an encrypted message to them, but is the idea to create a newsgroup where much of the traffic could conceivably be encrypted E-mail? But, on yet another hand (I feel like I'm in _A Mote in God's Eye_), if a regular informational posting in a.w discussed these issues, a whistleblower would be warned to post a publik key, a nom de guerre, and (maybe) a regular anon ID, if they wished, or to join an anon pool. To repeat: I do like the an00000 idea. But I think people may want E-mail response. Seth (Yay, I finally figured out +clearsig=on ! Now I need an option to add a oublic-key block to a message before signing automatically!) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Sun, 28 Feb 93 15:45:58 PST To: cypherpunks@toad.com Subject: CFP Costs Too Much! Message-ID: <9302282344.AA12538@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain (I'm copying Bruce Koball, General Chair of the CFP Conference, on this message, as I don't know if he gets the Cypherpunks list.) Dave Deltorto is one of several people I know, including myself, who don't like the prices of the upcoming Computers, Freedom, and Privacy Conference: >.... I would also dearly like to attend CFP, but >I haven't yet found a way to do it without money (anyone who knows a way I >can volunteer my way in and help out please say so - I'll sweep up after, >anything...). In my opinion, $405 is way too much to pay for this conference. Science Fiction conventions routinely get the use of major hotels at a far lower per head price (from $40-$125 is typical). The BayCon convention takes over most of the public facilities in San Jose's Red Lion Inn (several ballrooms, many smaller rooms, and most of the public lobby areas), has about 500 attendees (same as CFP), and charges less than $100 for 4 days (and one-day memberships are typically around $30). And the "Hackers Conference" has kept its cost down to around $300, which includes two nights lodging and all meals (very sumptuous meals, too). Granted, CFP puts out a nice transcript of the talks--credit them $20 for that. Granted, a couple of meals are thrown in--credit them another $30 or so. What's left is still too much. Yes, a "register early" discount exists/existed, but inasmuch as there's a nonzero risk someone can't attend (and hence loses what they paid, or some fraction of it), counting such discounts is not really kosher. There are several possible reasons for the high fees: 1. Price insensitivity. $405 is what the traffic will bear. Most attendees are subsidized by their law firms (which often charge $200 or more per hour, so $400 for a conference is practically invisible to them), their corporations, or the government (taxpayers). I suspect most targeted attendees are price-insensitive. I'm price-sensitive, because I have to _earn_ about $700-800 before taxes to pay for the $405 being charged, and I have better uses for $405 (like a new DAT machine). 2. "Everyone else is doing it." Conference prices have been skyrocketing the last few years, although some conferences (like the SF conventions I mentioned) are still price-conscious and hold down prices. If CFP meets their attendance goal of 550, I guess they'll have been justified to price it as they did (though the mix of attendees could still be an issue to consider). And if they fail to meet the goal of 550, even with the comped or subsidized attendees, perhaps they can reconsider their pricing. 3. Subsidies of journalists. In talking to several journalists and journalistic wannabees, I've found they're getting "comped" passes. Thus, the paying attendees are subsidizing the shmoozings and barhoppings of our journalist friends! (This is not meant as an insult to the journalists out there...I just can't see why they get subsidized attendance.) How important a factor this is depends on the number of journalists, of course. (With hundreds of new magazines every year, 50 channels of shit on the t.v. (to borrow a phrase), and thousands of newsletters on every conceivable subject, I am waiting for the day when there are more journalists at these kinds of conferences than nonjournalists! They can all talk to themselves, I guess.) 4. Other costs. And profits. Maybe it costs CFP much more to put on this conference than it does some of the other conferences I've mentioned. Maybe they have fewer volunteers. In any case, I wish them luck. They are free to set their rates as they wish. I don't plan to attend, in case I haven't already made that clear. -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eli Brandt Date: Sun, 28 Feb 93 16:23:50 PST To: cypherpunks@toad.com Subject: Re: anon user on cypherpunks list In-Reply-To: <9302281755.AA13087@soda.berkeley.edu> Message-ID: <9303010023.AA07585@toad.com> MIME-Version: 1.0 Content-Type: text/plain > For every reason you might want a pseudonym in the first place, you > might also want a "pseudonym from your pseudonym," especially if you > use it a lot. A specific example: I am presently running a survey of drug prices, and suggested that respondents might wish to reply through penet. Unfortunately, I realized that I could not respond to these messages without blowing my penet pseudonym. Fortunately, I had never actually used it, so I could safely "blow it". At present, if I need another penet pseudonym, I guess I'll create it through mail games. But IWBNI there were a built-in way to do this -- particularly for those who aren't able to hack mailers, who are the ones who really need a service such a penet in the first place. > Eric PGP 2 key by finger or e-mail Eli ebrandt@jarthur.claremont.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Theodore Ts'o Date: Sun, 28 Feb 93 13:57:19 PST To: tony@morgan.demon.co.uk Subject: Re: more ideas on anonymity In-Reply-To: <2829@morgan.demon.co.uk> Message-ID: <9302282156.AA25135@SOS> MIME-Version: 1.0 Content-Type: text/plain Date: Sat, 27 Feb 93 23:59:30 GMT From: Tony Kidson > Ah, I see you are an absolute free-speach advocate. The problem is that > the line between speech and acts can be fuzzy at times, especially in > the world of cyperspace model. What you say is true, but I still think that you need to have a substantive act, before you can apply *legal* sanctions. The way to prevent threats, is, as people have said in other posts, to prevent the reception of anonymous mail by those who do not want to receive it. Speech does not harm anybody. People acting on other's speech is what does the harm. *Free* speech is indeed useful. It's when widely disseminated speech is in the hands of the few that its power can be wielded against the citizen and then it is unhealthy. I see. So you don't believe in libel or slander laws. And NBC was perfectly justified in faking an explosion in a GM truck to show it was unsafe, and broadcast it on prime-time TV. And it didn't do anybody any harm at all. Uh huh. Try again..... - Ted From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sun, 28 Feb 93 17:14:14 PST To: cypherpunks@toad.com Subject: anon.penet.fi hacking In-Reply-To: Message-ID: <9303010111.AA12729@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >The other remailers were supposed to add a "kill line" to do the >same thing, but as far as I know this never happened. Your call for this went unacknowledged but nevertheless listened to. It was not until a week or two after the sig-kill stuff was over that I came up with a solution. The next revision of the remailer will have something like Body-Termination-Regex: The first character in the body that matches the regex, and every character after it, will be dropped. This not only makes it a one-liner in perl (!), but it means that the user can be as arbitrarily complex in recognizing sig blocks as the are able. Of course, we'll document the most common of these: Body-Termination-Regex: ^--$ For those of you who know nothing about regular expressions, this recognizes a line containing two minus signs and nothing else. If your signature adder does it some other way, it's pretty much automatically supported. You could also put more of your signature in the regex to ensure that it doesn't interfere unexpectedly with body content. Summary: user-defined, almost every case handled, not automatic. I hate my sample header field name. Please, someone think up a better one. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sun, 28 Feb 93 17:51:38 PST To: cypherpunks@toad.com Subject: Future of anonymity (short-term vs. long-term) In-Reply-To: <9303010103.AA08082@toad.com> Message-ID: <9303010148.AA16696@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Marc's short-term suggestion of bandwidth limiting from a particular source seems like a reasonable exigency. Let me suggest a way of doing that which does not require keeping long-term logs. Suppose your bandwidth limiter kept totals of all bytes sent in the last week. In order to keep that data current, it needs to know when to remove byte counts that are a week old. Thus it needs to keep logs of the last week's worth of messages, at least in byte count form. Instead of that, you can just make the byte count decay. Once a day, a process goes through the byte counts and reduces them. Remove any entries are <= 0. If this decaying byte count is bigger than some threshold, bounce the message. I would suggest that the reduction equation be linear: multiply by some constant between one and zero, and subtract off a fixed amount, drop the fractional part. The multiplicative factor, which I would set between .9 and 1.0, means that an occasional large file could be sent through without completely eliminating email delivery for a while. The subtractive amount cleans out the database more quickly. Comments? Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc.Ringuette@GS80.SP.CS.CMU.EDU Date: Sun, 28 Feb 93 16:43:02 PST To: cypherpunks@toad.com Subject: Future of anonymity (short-term vs. long-term) Message-ID: <9303010042.AA07783@toad.com> MIME-Version: 1.0 Content-Type: text/plain Lance Detweiler lists some problems with freely available anonymity, and suggests that those of us who are pushing for unrestricted anonymity are unwise. Many others on the list argue that unrestricted anonymity and privacy are necessary and even inevitable. First off, I should say that I think this is absolutely the most critical issue that we cypherpunks must address: how desirable is anonymity, what restrictions should we accept and/or push for, and what technological options can we offer as solutions? Secondly, I think that some of us are talking past each other, by ignoring the distinction between short-term and long-term solutions. Lance, for instance, concentrates on short-term problems with anonymity while ignoring some easy-to-implement fixes for these problems in the medium to long term. Tim May emphasizes the long-term inevitability of crypto anarchy while skipping lightly over the practical problems of sysops trying to keep their systems running in the short term. Let's recognize the distinction between short-term and long-term. To help you out, I offer this handy diagram, which I've filled in with my own opinions. Are restrictions on anonymity... Desirable Necessary Feasible ---------------------------------------------------- Short-term (3yrs) | No Some Yes | Medium-term (10yrs) | No No Partly | Long-term (20yrs) | No No Partly | ---------------------------------------------------- More discussion of specific issues to follow in another message. To sum up, my opinions are that in the short term, remailers must try to be good network citizens in order not to get kicked off the "one and only" network. In the long term, -- Marc Ringuette (mnr@cs.cmu.edu) Subject: Future of anonymity (SHORT-TERM) Lance Detweiler lists a few problems with freely available anonymity: - newsgroup noise - pornography GIFs - email bombs / crashed computers - Mafia & terrorist uses He seems to believe that the best way to combat these problems is to provide only limited anonymity, which is to be broken at the request of the proper authorities. [If I've misconstrued what you're saying, Lance, I apologize. Some cypherpunks are certainly saying this.] I disagree that it is necessary for a remailer operator to reveal the sender of a piece of mail under any circumstances, and I will not trust a remailer which does not IMMEDIATELY THROW AWAY the correspondence between input and output addresses. I won't try to argue in detail that partial anonymity is not very useful. I'll just say this: if a remailer operator must be a moral arbiter of when to release an anonymous address, then my assurance of anonymity becomes much more tenuous and subjective, and the legal burdens on the remailer operator become much greater. --- I'd now like to deal with the practical objections to this suggestion in the SHORT TERM. First, let's postulate that anonymity is a desirable thing to have, if we can limit its bad effects. If we could solve the worst of the practical problems, without keeping logs which allow tracing a message to its source, wouldn't it be desirable to do so? I would divide the problems into two types: problems with volume and problems with content. The first three of Lance's objections were volume problems; the last was a content problem. My answer to the problems with content: tough. It's a freedom of speech thing. The only legitimate concern I see, in the short term, is anonymous flooding. This is going to be one of the toughest objections to deal with in implementing an anonymous remailer, and one of the biggest practical concerns, because there is the real possibility of abuse of our poorly-controlled networks (for which the only remedy to date has been to trace the problem to its source). Here's my suggestion: let's provide remailers which guarantee not to flood the network with high volume, but keep no logs and are unable to trace messages back to their source. We can deal with the actual mechanism of such volume control later; my point is that I'm suggesting that the ONLY limitation we place on remailed messages is a volume limitation. This restriction could of course go away once we have digital postage stamps, but seems a reasonable one for remailers which don't charge money. Remailer operators will have I propose the following solution: that remailer operators voluntarily compile aggregate "volume reports" I would predict that the primary means by which anonymity will be restricted are: short-term: crackdowns on anonymous remailing sites medium to long term: by convincing most people to participate in "real person only" newsgroups and to use "real person only" email handlers. These limitations could be implemented via the PEM public key hierarchy, for instance. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sun, 28 Feb 93 18:05:54 PST To: cypherpunks@toad.com Subject: header field indicating an anonymous address Message-ID: <9303010202.AA17864@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Marc R. suggests that we standardize on a header field to indicate that a message was anonymous. I suggest "Anon-Sender:". There's already a "Sender:" field in RFC-822, indicating who sent the message, as separate from who wrote the message. The "Anon-Sender:" field should contain an email address for the maintainer of the remailer. Why? To facilitate complaints. :-) Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tlr1@acpub.duke.edu (Tristan Lanier Reid) Date: Sun, 28 Feb 93 15:37:08 PST To: cypherpunks@toad.com Subject: unsubscribe Message-ID: <9302282335.AA16782@soc13.acpub.duke.edu> MIME-Version: 1.0 Content-Type: text/plain Please unsubscribe me as I am unable to handle the volume of your mail. Thank you for your time. Sincerely, Tristan Reid tlr1@acpub.duke.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc.Ringuette@GS80.SP.CS.CMU.EDU Date: Sun, 28 Feb 93 17:03:49 PST To: cypherpunks@toad.com Subject: Re: Future of anonymity (short-term vs. long-term) Message-ID: <9303010103.AA08082@toad.com> MIME-Version: 1.0 Content-Type: text/plain Sorry, I sent my last message before it was ready (and before it got divided into two separate messages). It mostly says what I wanted it to, so I won't bother you with another version. On the SHORT-TERM end of things, I have two more thoughts on how to make truly anonymous remailers good net citizens: 1. Agree on a header line which identifies all messages coming out of our remailers. If someone wants to filter out all anonymous messages, I think we should help them to do so. 2. Here's my proposal for what kind of remailer logging to do: logging of source-to-destination mapping: NONE. destination logging: NONE. source logging: on a machine-by-machine basis, log the total input volume over a fairly long period, with some random noise added. When a source is providing too much volume, and it's not on your local list of "friendly" remailers, then take action to reduce the volume. I suggest that the first action should be to INCREASE THE DELAY to reduce the volume-per-unit-time of messages from that site. If the volume of spooled traffic from a site reaches a threshold, only then start throwing away messages. -- Marc Ringuette (mnr@cs.cmu.edu) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Chael Hall) Date: Sun, 28 Feb 93 17:08:13 PST To: cypherpunks@toad.com Subject: Re: anon.penet.fi hacking (fwd) Message-ID: <9303010104.AA23332@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain >I'd like to point out that so far the wimsey remailer is the only >useful remailer from my point of view because it's the only one >which allows me to delete the automatic sig. This is because it >only forwards encrypted text and discards any appended unencrypted >text. > >The other remailers were supposed to add a "kill line" to do the >same thing, but as far as I know this never happened. > >-- >edgar@spectrx.saigon.com (Edgar W. Swank) >SPECTROX SYSTEMS +1.408.252.1005 Silicon Valley, Ca Alright, I hear you, Mr. automatic sig (you really ought to append it only when you want it). I implemented a "kill line" in my remailer. All you have to do is put the line "--ignore--" exactly as that, no spaces after it, no spaces before it, just a line precisely like that and neither it nor the rest of the message will be put into the outgoing message. Edgar, you can test it by sending to my remailer on this account. Chael Hall -- Chael Hall nowhere@bsu-cs.bsu.edu, 00CCHALL@BSUVC.BSU.EDU, CHALL@CLSV.Charon.BSU.Edu (317) 285-3648 after 5 pm EST [non-automatic sig] From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com (Bill_Stewart(HOY002)1305) Date: Sun, 28 Feb 93 17:06:13 PST To: cypherpunks@toad.com Subject: Re: Real life pseudonyms (was re: more ideas on anonymity) Message-ID: <9303010106.AA15307@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text Jordan Hayes incorrectly (IMHO) states that "Banking and Tax regulations provide solid legal ground for requiring banks to verify identity and tax status in tehe US." There are really two halves to the problem: - accounts paying interest - this is taxable, so they DO need your SSN, and you even have to tell them if they should do backup withholding. So you can have multiple accounts under different names if you're energetic about it, but they'll have the same SSN if you've only got 1. So of course the IRS will know. - non-interest-paying checking accounts - remember those, from long ago ? :-) You could probably legally run a bank that didn't require SSNs for these, though most banks don't. I haven't read through the immense pile of bank laws to find out what it takes to become a bank, or how much you can do if you're not a registered bank. As far as "true names" go, in some states in the US, you can use any name you want unless it's for fraudulent purposes, e.g. California ; in other states they have this racket called "legally changing your name", where you have to convince a government honcho to let you rename yourself, with the implication that all your future transactions will happen under your _new_ true name; New York and New Jersey are into this sort of thing. (Offering a "name registration service" is a different game entirely, though the free market is less likely to do so if there's a government service already provided that you *have* to use for some purposes.) Some places make it easier than others to build up ID under a new name; the people I've known in the acting profession haven't had much trouble, and if you're young and keeping the same first name, the line "my parents were divorced and I used the other name when I lived there" seems to work fine; if you're female and keeping the same first name you can mumble something about your first husband or maiden name. In either case, the SS number is usually something you're stuck with, so you just have to avoid using it when you can. # Bill Stewart wcs@anchor.ho.att.com +1-908-949-0705 Fax-4876 # AT&T Bell Labs, Room 4M-312, Crawfords Corner Rd, Holmdel, NJ 07733-3030 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com (Bill_Stewart(HOY002)1305) Date: Sun, 28 Feb 93 17:39:52 PST To: cypherpunks@toad.com Subject: Re: dispatches from the front lines of anonymity Message-ID: <9303010139.AA15551@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text X-Real-Subject: Re: not assigning IDs for alt.whistleblower X-Real-From: Richard M. Nixon X-Real-Message-Body-Begin: It's probably a reasonable policy - anybody who wants to can add a signature line or equivalent giving themselves a pseudonym, and if they want private replies they can provide a PGP or RIPEM public key. A clean way to avoid the problem of encrypted replies cluttering up the newsgroup is to also create alt.whistleblower.followup or a.w.crypt, with similar non-assignment of ids, so readers can easily skip over the crypted private replies. If some whistleblower, or some whistlelistener, is more trusting, they can even post their an12345 address. I *would* recommend the following policies - - accept email in PGP, RIPEM, and also unencrypted MIME, X.400, and vanilla formats- not everybody who wants to blow a whistle has the right-shaped whistle handy. - publish an "official" method for defining what part gets posted - e.g. Anonymous-Subject: Use me instead of the main header Subject: Begin-Anonymous-Message-Body: ..... End-Anonymous-Message-Body: as part of the *text* of the message, so that people with different mailers can be sure about what parts get kept and what don't - it would be real annoying to have the signature-stripper delete the good parts of a message because they looked like signatures, or leave on the signatures because they looked like text, but some mailers won't let your do what you want with headers. Also publish a policy for messages that _don't_ contain them. A proper approach might be to use the MIME headers, but accept them from inside the message body as well as from the headers of proper MIME messages, so people can do them by hand. This has the added advantage of supporting Content-Transfer-Encoding: headers so you can tell more easily which encryption was used, and so senders of unencrypted messages can use compression or rot13 :-) to avoid having their message sent in obvious ascii. X-Real-Signature: "Maybe I _was_ a crook" X-Real-Message-Body-End: Bill # Bill Stewart wcs@anchor.ho.att.com +1-908-949-0705 Fax-4876 # AT&T Bell Labs, Room 4M-312, Crawfords Corner Rd, Holmdel, NJ 07733-3030 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Theodore Ts'o Date: Sun, 28 Feb 93 17:44:25 PST To: Marc.Ringuette@GS80.SP.CS.CMU.EDU Subject: Re: Future of anonymity (short-term vs. long-term) In-Reply-To: <9303010103.AA08082@toad.com> Message-ID: <9303010143.AA25226@SOS> MIME-Version: 1.0 Content-Type: text/plain Date: Sun, 28 Feb 1993 19:59-EST From: Marc.Ringuette@GS80.SP.CS.CMU.EDU 1. Agree on a header line which identifies all messages coming out of our remailers. If someone wants to filter out all anonymous messages, I think we should help them to do so. This would indeed be a considerate thing to do. In the short run, the only way a mailing list maintainer can avoid being abused by someone twit determined to hide behind your network of maintainers is to disallow anonymous postings altogether. Since John Gilmore, the maintainer of the Cypherpunks mailing list, is one of the absolute free speach advocates --- let me ask a question directly at you: What would you do if sometime next week, someone decided to flood the Cypherpunks mailing list with a large amount of trash postings, routed through different combinations of remailers? Let us assume that the trash is generated by grabbing varying snippets from USENET articles, so that current AI technology is not able to distinguish a true Cypherpunks submission from the flooded trash postings. What would you do? Now let's also suppose someone does the same thing to all of the GNU newsgroups. What would you do then? I ask these questions well aware that somewhere out there, some immature twit might get an idea from this scenario, and make the above questions less hypothetical. :-( (Sorry for sounding so cynical, but after being a News admin at MIT for a long time, and dealing with a lot of people suffering from severe cases of freshmanitis, I have a less than optimistic view about human nature.) source logging: on a machine-by-machine basis, log the total input volume over a fairly long period, with some random noise added. When a source is providing too much volume, and it's not on your local list of "friendly" remailers, then take action to reduce the volume. I suggest that the first action should be to INCREASE THE DELAY to reduce the volume-per-unit-time of messages from that site. If the volume of spooled traffic from a site reaches a threshold, only then start throwing away messages. This doesn't work. Someone clever could easily redirect the message through different (non-anonymous) SMTP servers before the message entered the remailer network; this would completely defeat the volume logging, and while the first hop would still be logged somewhere, unless the remailer administrator reveals the input/output address mapping, you'd still have no way to trace the message from the destination to the source. - Ted From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: thug@phantom.com (Murdering Thug) Date: Sun, 28 Feb 93 17:58:11 PST To: cypherpunks@toad.com Subject: Re: Real life pseudonyms (was re: more ideas on anonymity) In-Reply-To: <9302281619.AA14306@IMSI.COM> Message-ID: MIME-Version: 1.0 Content-Type: text/plain Jordon Hayes writes: > > From thug@phantom.com Sun Feb 28 10:48:57 1993 > > For instance, can I walk into a U.S. bank, present false ID, > and obtain a checking account to use for legitimate reasons? > > Banking and Tax regulations provide solid legal ground for requiring > banks to verify identity and Tax status in the US. Answer: no. By > definition, there are no "legitimate" reasons for having a checking > account in this country that is unaccountable. There are plenty of > other ways of hiding cash and money transactions without involving the > US banking system. They don't want you to do this ... Yes, I know they don't want me to do this because they don't respect my privacy. Not because I am doing anything illegal. If I pay my taxes on the money, I should be allowed to stash it anywhere I fucking please. > I'm not stealing any money/products/services from anybody, I'm > only using a pseudonym. > > No, you're just avoiding the accountability of your money. This is > akin to not reporting income. It's patently illegal. You can stand > down your color PostScript printer now ... I never said the checking account would be used for tax evasion. Assuming, I pay taxes on all my income, I don't see why it should be illegal to deposit it in a checking account under, let us say, my dogs name. Hell, there are these old ladies who die and leave all their money to their cats, right? So I assume the cats must have somekind of bank accounts / trusts. What if I want to set up a bank account for my dog? I don't see why that should be illegal. I mean if it's a problem with setting up accounts under non-existant people's identities, one could always use the family pet as the bank account holder. Thug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: strat@intercon.com (Bob Stratton) Date: Sun, 28 Feb 93 18:28:35 PST To: cypherpunks@toad.com Subject: header field indicating an anonymous address In-Reply-To: <9303010202.AA17864@soda.berkeley.edu> Message-ID: <9303010227.AA18304@intercon.com> MIME-Version: 1.0 Content-Type: text/plain >>>>> Eric Hughes writes: Eric> Marc R. suggests that we standardize on a header field Eric> to indicate that a message was anonymous. Eric> I suggest "Anon-Sender:". There's already a "Sender:" Eric> field in RFC-822, indicating who sent the message, as Eric> separate from who wrote the message. The "Anon-Sender:" Eric> field should contain an email address for the maintainer Eric> of the remailer. I think that's certainly a viable idea. Of course, the Sender: field is more honored in the breach than the observance by many mailers. Another thing to remember is "Errors-To:" which can save a lot of grief when handling bounces. Eric> Why? To facilitate complaints. :-) It would warm my heart to see questions like this come up at IETF meetings. Keep up the good work. --Strat From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Sun, 28 Feb 93 21:37:49 PST To: cypherpunks@toad.com Subject: Handling Abuses of Remailers Message-ID: <9303010536.AA10591@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain I'll keep this one very short. * To handle _abusive volumes_ through remailers, charge for remailing. Short term, this may be a problem, but this is the long term market solution. * To handle _abusive messages_ through remailers, ignore them. "Sticks and stones" and all that. Put positive reputation filters in place. Accept e-mail only through those you know or have reason to trust. As Sandy Sandfort so cogently put it, punish the perps, not the words of the perps. This is the basis of our society, and a good basis, too. -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sun, 28 Feb 93 21:40:04 PST To: cypherpunks@toad.com Subject: Re: A Modest Proposal Message-ID: <9303010536.AA07263@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain I wrote: >Acknowledgement that a procedure is an exigency does not make that >procedure desirable of itself. All differential carriage based on >content is censorship. I acknowledge the exigency of certain forms of >censorship in currently deployed anonymous systems. A member of the list wrote back to me to say that this went over his head because he wasn't a lawyer. I am not a lawyer either. Since a compact statement has been too compact, allow me to be more verbose. An exigency is something you do because you have to in order to accomplish something else. It's not something you do because someone told you to or because you promised to do it. Exigencies, if you don't like them, are often called 'necessary evils,' with all the connotations of that phrase. In this case, restrictions on remailers are an exigency, something you might have to do to stay on the net. Now just because you have to do something doesn't mean that's a good thing. In California, you have to give out your thumbprint in order to get a driver's license. Giving the thumbprint is an exigency. I did not want to do that; I don't think it's a good thing; I did it anyway because I wanted a driver's license more than I wanted my thumbprint not to be digitized. Differential means that two things are not the same and has the connotation that one is preferable to the other. Carriage is the noun form of the verb 'to carry' and in this context refers to the act of carrying an electronic message. Thus differential carriage is carrying some messages preferentially, such as refusing to mail to or from a particular site, or to delay or alter some messages but not others. I claim that all differential carriage where the differences in how the messages are carried arise from the content (or expected content) of those messages is, in fact, censorship and should be called such. If am operate an anonymous service and I refuse to pass a message because someone has complained about it, I have exercised a preference and created a difference in the way I treat the message. I have exercised censorship over that message. I have presented my service as a public utility, and yet I have created a difference in how I treat messages. My domain of potential censorship is not large, but it is there. It is an unfortunate fact of the internet that there will be pressure brought to bear against the operators of anonymous remailers, and that in the interim such pressure might be strong enough to force such operators off the net. Some restrictions against content might be necessary to keep these services online. If so, then I believe that these restriction should be implemented. I'd rather have the services running. Nonetheless, I deplore any such restrictions. And if it not perfectly clear by now, let me finally state that I am in agreement with Lance Detweiler on this point, that some restriction may be necessary in order to keep anonymous services online. But that said, I still don't like it. I will continue to dislike it, and I will work to make the necessity for restrictions disappear. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@alumni.cco.caltech.edu Date: Sun, 28 Feb 93 22:05:13 PST To: cypherpunks@toad.com Subject: Infrastructure Message-ID: <9303010605.AA10013@alumni.cco.caltech.edu> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Some time back there was some debate here about whether MIME ("Multipurpose Internet Mail Extensions") features could be exploited to make encryption easier to use. I didn't pay much attention at the time, because I didn't know anything about MIME. But then a couple of weeks ago John Gilmore posted about Metamail, a software system designed to make it easy to integrate MIME into commonly-used mailers. I've played with Metamail a bit, and I do think this could be a good approach. Metamail basically performs a mail-sorting function, automatically passing mail which has the MIME "Content-type" header to a filter or display program based on a very flexible "mailcap" file. To add PGP (or PEM, or RIPEM) support would be a matter of defining a Content-type header for this application, then creating the appropriate 1-line entry in the mailcap file. This does sound like a pretty easy way to add this capability. The nice thing is, Metamail has already done the work of figuring out how to patch a whole bunch of different mailers to add this support. By using metamail we would be leveraging off this already-existing work. Here are some excerpts from the "mailers.txt" file that comes with the distribution, written by Nathaniel S. Borenstein: > Abstract > > It is surprisingly easy to use the RFC1049 "Content-type" header to turn > virtually any mail reading interface into a multi-media mail reading > interface. Mail readers are simply modified to use the new "metamail" > program whenever they receive non-text mail. The metamail program is > itself easily customizable by the use of a "mailcap" file that specifies > the media types supported by a given site or user. Given the existence > of the metamail program, this document explains how to add multimedia > support to sixteen very different mail reading programs, including all > of the most popular UNIX mail reading programs and (so far) one DOS mail > reading program. > [...] > The Basic Idea > > Basically, there are only two things you have to do to each mail reading > program: > > 1. Make the mail reader notice the special header ("Content-type") that > marks a message as a non-text message. (In the case of mail readers > that already understand certain content-types, such as Andrew, the mail > reader must be modified only to deal with the content-types it does not > already know how to handle. > > 2. When the special header appears, instead of (or, if it's much > easier, in addition to) showing the user the body of the message, the > mail reader must send that body off to the metamail interpreter. The > metamail interpreter includes features that deal with the diverse > situations of terminal-oriented and window-oriented mail readers. > [...] > A Variety of Mail and Bulletin Board Reading Interfaces > > With this document, you can patch all of your site's mail reading > interfaces to support whatever multimedia formats are deemed useful at > your site. This means that those who regularly use the multimedia tools > can begin to send mail in those formats freely, without worrying about > the ability of any local user to interpret the mail. It is my intent to > make this document exhaustive; as time goes on, I hope it will grow to > include an ever widening set of mail reading interfaces. Currently it > includes all of the mail reading interfaces that I know to be in use > anywhere in Bellcore's research laboratories. > > Currently this document describes how to add support for the following > mail readers: > > Berkeley Mail (/usr/ucb/Mail, /usr/ucb/mail, and Tahoe mail) > SunMail (another version of Berkeley mail, but rather different) > Xmail (an X11 interface to Berkeley mail) > Mailtool (older versions of a SunTools interface to Berkeley mail) > Imail (Bellcore MICE mailer) > PCS readmail/rdmail/sreadmail (another Bellcore mailer) > MH -- Rand Message Handling System > XMH -- X11 Interface to Rand Message Handling System > Rmail -- GNU Emacs mail reading package > VM -- Another GNU Emacs mail reading package > MH-E -- Yet another GNU Emacs mail reading package (GNU interface to MH) > CUI -- Andrew low-end mail reader > VUI -- Andrew termcap-based mail reader > Messages -- Andrew multimedia mail reader > BatMail -- Andrew Emacs mail-reading interface > Elm -- Mail reader from HP. > Mush -- Yet another popular mail reader > Msgs -- simple Berkeley bulletin board reader > UUPC --a mail reading program for MS-DOS > TRN -- a threaded netnews reader. > > > If you have mail readers that are not dicussed here, you will still > probably find some of this code useful as a model. If you develop a > patch for some other mail reader, and you send it back to me, I'll > include it in future versions of this document. I am very impressed with the range of mailers covered here. Unfortunately, access to source is needed for most of the patches. But my guess would be that patched versions would become available even to people who don't have source. I'm not really sure what is happening with PGP specifically in terms of MIME. I think there has been some work done with PEM integration. There doesn't seem to be any reason why these programs can't integrate nicely with MIME, and this Metamail package looks like it might be the most cost-effective way of getting widespread encryption into use. Hal -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK5EwE6gTA69YIUw3AQHa3gP/d9rJg8FTE4glB3CbUy5skG8j0AS4qvGn ugFhor0RZYpZIrsZn+XXJaiaO6+7je8fdEuwO2SkFBS90p6D7vtR40hqPUPnc4io q4z4UYRwV3aIVMjWZqyDncYQUouUltXh9utwH7nsbZX4Md9vDWwuq9ck7DHZhT+m O7Zx1+44kRY= =4Kad -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jordan@imsi.com (Jordan Hayes) Date: Sun, 28 Feb 93 20:08:42 PST To: cypherpunks@toad.com Subject: Re: Real life pseudonyms (was re: more ideas on anonymity) Message-ID: <9303010316.AA24294@IMSI.COM> MIME-Version: 1.0 Content-Type: text/plain From wcs@anchor.ho.att.com Sun Feb 28 20:56:24 1993 non-interest-paying checking accounts - remember those, from long ago ? :-) You could probably legally run a bank that didn't require SSNs for these, though most banks don't. Banks need your SSN (at least) for being able to report to the IRS anything they are required to report. This can include interest payments, but also includes things like making cash transactions of more than $10k. Bank accounts *must* be fully documented in this country. Switzerland, and certain small islands have more lax rules. The USA does not. Privacy is one thing. Money is another, at least in this country. /jordan From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ld231782@longs.lance.colostate.edu Date: Sun, 28 Feb 93 21:18:45 PST To: cypherpunks@toad.com Subject: some PRACTICAL ideas on ... Message-ID: <9303010517.AA10570@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain Ahem, well, there have been some complaints of too much impractical philosophizing and ranting of late, so here's my penance. Notes on how to protect alias files, ideas on digital money, and an excerpt on computer raid techniques from The Hacker Crackdown by Bruce Sterling. (Disclaimer: In no way should any of this be contrued as encouraging or advocating destruction of evidence.) self-Encryption time bombs -------------------------- Some lost soul asked an excellent question about a week ago regarding how to protect things like the alias file of an anonymous server from attack, possibly using encryption. This is actually a very interesting and difficult problem, and I've been rolling it around in my brain a bit, and some things are now rattling out onto the keyboard. The question applies really in general: how do you simultaneously use and protect data from prying eyes? I don't think there are really any simple and ingenious approaches, or they might have been suggested by now. Actually, the silence on the topic assures me that its indeed rather difficult. One idea is to keep the only the encrypted version in permanent storage. Keep the usable copy in something volatile like memory (e.g. a Ramdisk). This makes it much less solid. Another idea is to have a `time-bomb' encryption device. Here's the idea applied to a remailer. Every few hours the remailer asks for the owner to type a password. If the meow isn't answered, it panics and locks up everything, electronically `burning' anything important and encrypting stuff that needs to be kept around. This of course is problematic because if someone grabbed the server they could utilize it in the time window. Ok, so imagine that the server can somehow `sense' whether its real owner is present and typing. This could mean that the owner types in a certain way or runs a dummy command at least once an hour or whatever, or has his foot on a footpedal or whatever. Again, the server panics if it sees something awry. Also, note that usually computers are switched off and cables unplugged when confiscated. If the interesting stuff is in only in RAM, no problemo. This gives other ideas though. When a certain cable is unplugged, *poof* goes certain data or whatever. Ideally there would be a daemon that is always alive (even with switched off power) that could deal with the signal that something bad has happened. Another idea is to check for operator signals at boot time. When the confiscator boots the computer (assuming they do, and not unplug the hard drive for analysis) the computer could look for the cue and say something like ``one monent, loading system'' while it is in a mad dash to encrypt everything important (but it must delete the password used for this at the end, of course!). Then it could give a regular login prompt and even let in the infiltrator. Finally, note that in raids usually the operator is taken away from the computer immediately (see attached notes) while the confiscators (I'm trying to stay neutral here) grab all the hardware. Hence, a `direct' signal to the computer that requires the operator to do something and the computer to respond is difficult in these situations. But the possibility of rigging panic-encrypt buttons in surreptitious places all over your house (flush!!!) is not completely outlandish. digital $$$ ----------- There seems to be a lot of interest in this topic. Now, unfortunately I think anyone who wants to set up a *real* bank on the internet right now and handle transactions via email would really swiftly arouse the fearsome ire and wrath of vast segments of the net. Whatever, I'd like to point out that it is entirely feasible *right now* using *credit cards*. There are obviously automated credit card machines that can make transactions solely electronically based only on that lovely *data* cypherpunks love so much (card # and exp. date). Maybe some even have RS232 interfaces! (for the brain dead, that means they'd be as trivial and familiar to interface to a computer as MODEMs!). Imagine this scenario: a banking server! user registers with the server by giving card data. He can then let other businesses make debits through the server to his account, with all the cryptographic/authentication assurances that this can only happen when he permits, of course. Anybody who ever started doing this, I think there should be at first *huge* amounts of verification, like email sent to the user asking for confirmation of every transaction, monthly statements, ceilings, etc. But *wow* think--its all entirely doable right now! If the banker wanted to he could even deal with requests to open real accounts with regular money. But this is probably much farther off--the idea of the server as nothing but a link to credit cards is very convenient and more accessable, it seems to me. (The case could be made, if initially the service was free, that no commercial service was being performed.) Imagine being able to write programs that send mail to a server to bill users for services. Neat! But OOH the phreakers would have a field day with this kind of thing if it wasn't AIRTIGHT SECURE. * * * Now a little transcription gift to the net. I found the following account of the typical `hacker raid' interesting. It comes from the book `The Hacker Crackdown' by Bruce Sterling (1992 Bantam books). p160 The account is mostly based on U.S. police tactics during the Operation Sun Devil raid in the early 1990s. A typical hacker raid goes something like this. First, police storm in rapidly, through every entrance, with overwhelming force, in the assumption that this tactic will keep casualties to a minimum. Second, possible suspects are removed immediately from the vicinity of any and all computer systems, so that they will have no chance to purge or destroy evidence. Suspects are herded into a room without computers, commonly the living room, and kept under guard--not *armed* guard, for the guns are swiftly holstered, but under guard nevertheless. They are presented with the search warrant and warned that anything they say may be held against them. Commonly they have a great deal to say, especially if they are unsuspecting parents. Somewhere in the house is the `hot spot'--a computer tied to a phone line (possibly several computers and several phones). Commonly it's a teenager's bedroom, but it can be anywhere in the house; there may be several such rooms. This `hot spot' is put in the carge of a two-agent team, the `finder' and the `recorder.' The finder is computer-trained, commonly the case agent who actually obtained the search warrant from a judge. He or she understands what is being sought and actually carries out the seizures: unplugs machines, open drawers, desks, files, floppy-disk containers, and so on. The recorder photographs all the equipment, just as it stands--especially the tangle of wired connections in the back, which can otherwise be a real nightmare to restore. The recorder also commonly photographs every room in the house, lest some wily criminal claim that the plice had robbed him during the search. Some recorders also carry videocams or tape recorders; however, it's more common for the recorder simply to take written notes. Objects are described an numbered as the finder seizes them, general on standard preprinted police inventory forms. Even Secret Service agents were not, and are not, expert computer users. They have not made, and do not make, judgments on the fly about potential threats posed by various forms of equipment. They may exercise discretion, they may leave Dad his computer, for intance, but they don't *have* to. Standard computer crime search warrants, which date back to the early 1980s, use a sweeping language that targets computers, most anything attached to a computer, most anything used to operate a computer---most anything that remotely resembles a computer--plus most any and all written documents surrouding it. Computer-crime investigators have strongly urged agents to seize the works. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Theodore Ts'o Date: Sun, 28 Feb 93 19:21:00 PST To: cypherpunks@toad.com Subject: Piercing anonymitiy and censorship Message-ID: <9303010319.AA25260@SOS> MIME-Version: 1.0 Content-Type: text/plain I noticed that in several postings, people have made the jump that revealing the real person (or the previous hop in a remailer chain) from an anonymous remailer is tantamount to censorship. I'd like to call into question that assumption. In many ways, I have a lot of sympathy with the Libertarian position --- whether or not I think it would realistically work as a system of governement is another question. In any case, I don't like censorship in any form. But disclosing who sent a particular piece of anonymous mail is not the same as censorship. I believe in free speach, but today, if someone violates the responsibility that goes along with free speach --- by yelling at the top of his/her lungs at 4am in the morning, when I am trying to sleep, or by libelling or slandering me ---- I have legal recourse; I can call the police and have him/her arrested for disturbing the peace, or I can sue him/her for libel or slander. But by making anonymous remailers airtight, you are removing the possibility for recourse, and thus removing the burden of personal responsibility from the sender of these messages. Perhaps there are people who believe Free Speech should be so much of an absolute that you should be allowed to scream at the top of their lungs at 5am in the morning in a residential area, and that libel and slander laws shouldn't exist. But it's not fair to call that a mainstream position. And it is unreasonable to assume that as an axiom. - Ted P.S. It is true that by revealing the identity of an user of a remailer, you are breaching their privacy --- however, most people also don't believe that the right to privacy is absolute. It certainly isn't explicitly listed in the U.S. Constitution. While, I also believe very strongly in a right to privacy, there are certainly times --- for example when someone is operating under a false name to commit fraudulent acts --- that a person's privacy should be breached. While it is much simpler to say "the right of privacy is always supreme over all other considerations", or "the right of free speech is supreme over all other considerations," that is a very simplistic view which I don't believe is very realistic. In any case, it is certainly not widely held. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jordan@imsi.com (Jordan Hayes) Date: Sun, 28 Feb 93 20:08:21 PST To: cypherpunks@toad.com Subject: Re: Real life pseudonyms (was re: more ideas on anonymity) Message-ID: <9303010324.AA24305@IMSI.COM> MIME-Version: 1.0 Content-Type: text/plain >>> So I assume the cats must have somekind of bank accounts ... [ maybe you're kidding? ] The way those old coots leave their money to their cat is to set up a trust with an executor (human) who pays the bills incured by the cat. The cat never actually receives money, just services that are paid for by the executor. ----- This is silly. You must (under US Banking Regulations) provide a SSN to open any kind of account. This includes (but is not limited to) non-interest bearing accounts. Any bank that would open you an account without proof of who you are is asking for a lot of trouble. /jordan From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ld231782@longs.lance.colostate.edu Date: Sun, 28 Feb 93 21:41:19 PST To: cypherpunks@toad.com Subject: more annoying philosophizing on anonymity Message-ID: <9303010540.AA10913@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain OK, I'll keep this brief. Yes, the postal service delivers anonymous mail. Yes, you can make anonymous telephone calls using pay phones. But like all hastily construed analogies, they fail in the magnified specifics. The problem here is that the fragile remailers being built right now are operated by *individual users*, while these other services are parts of vast public infrastructures. Now, until anonymous servers become part of the vast public infrastructure (I'll give us all the benefit of the doubt on this one), operators will be *extremely* vulnerable to what goes through their remailers. All this idealistic ranting about free speech is really inspiring (uhm, occasionally) but it doesn't help people whatsoever (in fact, it clearly is a very strong turn-off!) who want to establish remailers and anonymous posting services *right now*. For their sake, please switch off the impassioned speeches for unattainable lofty heights. (My previous message is my own feeble gesture of penance.) These people will go somewhere else if they find that our ideas are hopelessly naive, impractical, unrealistic, etc. Somehow, I just get the feeling that people won't be quite so uninhibited and be a bit more subdued when the first cypherpunk operator is jailed on contempt-of-court charges for refusing to decrypt his log/alias files, or prosecuted for destruction of evidence, or whatever. (Or maybe this would be a call-to-arms on the level of the Alamo or Pearl Harbor.) Mr. Ringuette is discerning in his view that some talking-past-each-other is going on based on issues of time frames and assumed/hidden agendas; and that the issue is the most serious one facing us *right now* is right on target. Please accept some minor sacrifices in the short term for some vast gains in the future. I think if we take the position that some ugly and gross mechanisms for anonymity limitations are put into place right now, they can be training wheels that will eventually mostly be taken off in the future, but in the meantime help to convince the world of our `good faith' intent, and serve as practical models for future systems. (What, you say we don't have good faith or practical systems? Maybe I'm seriously deluding *myself*.) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: hkhenson@cup.portal.com Date: Sun, 28 Feb 93 23:22:10 PST To: cypherpunks@toad.com Subject: Re: more annoying philosophizing on anonymity Message-ID: <9302282241.1.9858@cup.portal.com> MIME-Version: 1.0 Content-Type: text/plain Re this thread, and picking up a current theme, what do you think would happen if a message claiming to be responsible for the WTC blast came through an anon remailer? Keith Henson From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ALAN DORN HETZEL JR Date: Sun, 28 Feb 93 22:45:09 PST To: cypherpunks@indigo.mese.com Subject: anonymity + untraceable digital money = potential problems Message-ID: <00968D43.DD87FB00.21534@INDIGO.MESE.COM> MIME-Version: 1.0 Content-Type: text/plain Dear Group, I believe that I see a potential serious problem with they onset of truly unbreakable anonymous communication combined with untraceable digital cash. The problem is that crimes such as blackmail and extortion would become absolutely impossible to defend against. Kidnapping for ransome would get a LOT easier. One of the serious deterrents to crimes such as kidnapping is the probability that one will get caught attempting to communicate ones demands or collect the payment. If one can make TRULY anonymous demands and receive payment which is TRULY untraceable, one can strike without warning and then proceed virtually without risk. I could send you an anonymous note threating to poison your dog, kill your wife, burn down your house, whatever..., ... unless you pay me $$$ in untraceable digital cash. What can you do? You pay and I go my merry way with your money, or you assume I am bluffing and don't pay. MANY PEOPLE WILL NOT CALL THIS BLUFF, and there is the serious problem... I foresee a great way for jerks to "earn extra income in their spare time" threatening hundreds of people in mass anonymous mailings. Some of these folks will be scared enough to pay off. Where is the risk to the person who commits these acts? He's COMPLETELY anonymous! Food for thought. Dorn From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl Barrus Date: Sun, 28 Feb 93 21:24:01 PST To: cypherpunks@toad.com Subject: Cypherpunk remailers 03/01/93 Message-ID: <199303010522.AA03559@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain The list of cypherpunk remailers known to me: 1: hh@pmantis.berkeley.edu 2: hh@cicada.berkeley.edu 3: hh@soda.berkeley.edu 4: nowhere@bsu-cs.bsu.edu 5: ebrandt@jarthur.claremont.edu 6: hal@alumni.caltech.edu 7: remailer@rebma.mn.org 8: elee7h5@rosebud.ee.uh.edu 9: phantom@mead.u.washington.edu 10: hfinney@shell.portal.com 11: babani@cs.buffalo.edu 12: remail@extropia.wimsey.com NOTES: #1-5 no encryption of remailing headers #6-12 support encryption of remailing headers #2 requires remailing request to appear in header #12 requires text to be encrypted along with remailing request #7,#12 introduce larger than average delay /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Sun, 28 Feb 93 23:31:30 PST To: ld231782@longs.lance.colostate.edu Subject: Re: Anonymity in the real world In-Reply-To: <9302280259.AA20523@longs.lance.colostate.edu> Message-ID: <9303010731.AA18617@toad.com> MIME-Version: 1.0 Content-Type: text/plain > I want to see illegal, sinister, and evil groups like the Mafia to > flourish, using new technology like networks to perpetrate their > patriotic services... > Although I haven't personally yet had the great joy of this, I can't > wait to receive an anonymous death threat or ransom notice via email, > Imagine the splendor of delivering an anonymous note to the mayor of > New York and the world that in 15 minutes a large chunk under a large > building, a symbol of international unity, will be conveniently > rearranged, at only minor risk to nearby inhabitants! Wow, this could The person who wrote this stuff hasn't thought it through. Any of these things can and do happen right now over the telephone (anonymously) and through postal mail (anonymously). Somehow, society has not fallen into anarchy because anyone can drop a letter in a mailbox. Why not? (pause here and actually think about it...) > Wow, think of what we could achieve and accomplish if we > completely dismantled the NSA, the FBI, the CIA, and my local pig > trough! Now you are closer to reality. It appears that at least the DEA is getting *severe* funding cuts under President Inhalation. It's about time someone fired those thugs. > For example, I like individual terrorists just as > much as the organized collections. They sound like they could be > really completely uninhibited in their creative grasps of our true > freedoms, and more numerous with their stellar utilizations. There are two problems with terrorism. The first is that it is regularly practiced by governments -- against their own populations as well as against non-citizens -- so governments can't truly be too opposed to it. I'll give you the definition of terrorism from the CIA in 1980 (as reported by Admiral Stansfield Turner): Terrorism: The threat or use of violence for political purposes by individuals or groups ... when such actions are intended to shock, stun, or intimidate a target group wider than the immediate victims. ("Terrorism and Democracy", ISBN 0-395-43086-0, p. 181). If forcibly arresting someone and putting them in jail for selling drugs to a willing buyer doesn't fall squarely into this definition, I don't know what does. Every law that Congress passes "to send a message" falls into this definition -- it's to intimidate a group wider than the group who will be arrested and tried. The second problem is *not* that it's too hard to tap the phones of identified terrorists -- it's that you can't pick out the terrorists from the billions of other humans. Even police states have trouble with this, but they tend to provoke more people to become terrorists. Anonymity makes it possible (as in alt.whistleblowers) for people who know terrorists to safely expose them. Have you noticed that the way the Feds have attacked the Mob has been by convincing insiders to testify and giving them untraceable new identities (the "Witness Protection Program")? The beauty and the strength of an open society is that it brings all kinds of problems and conflicts out where everyone can see them and they can potentially be worked out -- BEFORE anyone sees a need to escalate to mass violence. In a rigidly structured society, by the time the government knows it needs to change, it has already been deposed. > In fact, > the potential for individual, unassociated citizens to thwart the > abuses, and profoundly destabilize the foundations of frigid, faceless > bureacracies like big telephone companies, and even the government, I > find spine-tinglingly majestic---it even looks like this could soon > happen. It has already happened. A small number of individuals have done this -- Freud, Marx, Moses, Jefferson, for example. Most profoundly destabilizing ideas are derived from the work of a single mind (nanotechnology for example). But most destabilization of bureacracies comes from ordinary change, not profound change, and the improved communication tools we're building will *help* individuals and bureacracies to deal with change. John Gilmore From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Sun, 28 Feb 93 20:43:20 PST To: CYPHERPUNKS Subject: Censorship... Message-ID: <930301043312_74076.1041_DHJ75-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain Ted Ts'o writes: > I noticed that in several postings, people have made the jump that > revealing the real person (or the previous hop in a remailer chain) from > an anonymous remailer is tantamount to censorship. I'd like to call > into question that assumption. "Censorship" is an emotional term. My New World Dictionary defines it as the act of censoring, and a censor as "an official with the power to examine publications, movies, television programs, etc. and to remove or prohibit anything considered obscene, libelous, politically objectionable, etc." I think this corresponds pretty closely with how we use the word. It suggests that a good test for whether an action is censorship is whether the prohibition is based on the content of the message along the lines above, where a message is controversial, obscene, etc. (Many Libertarians would argue that no private action can be censorship, that only government actions backed up by the threat of force can be. They might point to the word "official" in the definition above. I think that the more common use of the word would include the concept of private censorship; as, for example, in the case of a newspaper editor who kills a story because it attacks a powerful political friend of the editor. He can be considered an official of the newspaper.) Ted then gives the example of someone yelling at 4AM in the morning. Stopping this action would not be censorship by this test. You don't care about the content of his speech, just the volume. Ted also mentions libel and slander. Stopping these would apparently be censorship by the definition above (which explicitly mentions "libelous"). For the remailer cases, stopping usage due to excessive volume would not be censorship. It would be analogous to stopping someone from yelling at 4AM. Your restriction is not based on content. On the other hand, stopping usage due to the content of a message would be censorship, especially if it was due to the message content being "obscene, libelous, politically objectionable, etc." I think many of the attacks on anonymous messages based on content would in fact fall into these categories. I am not arguing here that censorship is wrong, although certainly the word has acquired negative connotations. It's interesting to see that stopping libel can be considered censorship, and this fact might cause those who believe in laws against libel to consider whether censorship may sometimes be good. If they do feel comfortable with that, then they can openly call for censorship by remailer operators without mincing words. Hal Finney From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Theodore Ts'o Date: Sun, 28 Feb 93 20:39:48 PST To: ssandfort@attmail.com Subject: Re: more ideas on anonymity In-Reply-To: <9303010240.AA10573@toad.com> Message-ID: <9303010438.AA25312@SOS> MIME-Version: 1.0 Content-Type: text/plain From: ssandfort@attmail.com Date: 1 Mar 93 02:36:10 GMT There is only one realistic and moral solution to threats of violence. Punish the perpetrators, not the messenger. Even in today's world, crimes are rarely solved by wiretaps, forensic science or any of that. Perps gets fingered by someone they know; perps confess; perps screw up and accidentally give themselves away; or the intended victim blows the perp's head off during an attempt to carry out the threat. Again, punish the perpetrators, not the messengers. I agree 1000%!!!! But in order to punish the perpetrators, it is first necessary to *identify* the perpetrators...... - Ted From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Colin Orion Chandler Date: Fri, 11 Feb 94 19:42:27 PST To: "Robert A. Hayden" Subject: Re: MOO: on the virtual meeting In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: text/plain I agree... I am a wizard on BayMOO, and I can tell you: Yeroc, Yea, Dr.J, and I all use tinyfugue... "Wizard used, wizard reccommended." ==|:-)= ___________________________________________________________________________ |---===================================--| /\ | | \ |_ _\ \ / | |---Colin Titus Orion Xavier Chandler----| \\ \ | | . | | > < | |---===================================--| \ \\ / \__/ _|\_|___|_/\_\ | | _____ | / \/ / / | |/\ __ \ __ "What year is it?" | / / \//\ "If it's not a | |\ \ \/\ \ _ __ /\_\ ___ ___ | \//\ / / Sun, it's not a | | \ \ \ \ \/\`'__\/\ \ / __`\ /' _ `\ | / / /\ / computer." | | \ \ \_\ \ \ \/ \ \ \/\ \L\ \/\ \/\ \ | / \\ \ .__ __ | | \ \_____\ \_\ \ \_\ \____/\ \_\ \_\ | \ \\ |_. | | |\ | -| | | \/_____/\/_/ \/_/\/___/ \/_/\/_/ | \/ __| I_| | \| __|/160| +________________________________________+_______________________________+ | Colin Chandler |"It can only be accountable to *human* error."-HAL9000| | (415) 388-8055 | orion@crl.com, wizard @ BayMOO (mud.crl.com 8888) | |________________________________________________________________________| On Fri, 11 Feb 1994, Robert A. Hayden wrote: > I also recommend, if you don't want to use emacs, that you look for the > client called 'tiny fugue'. That's what I connected with and it did a > very good job do keeping things sane. > > There are, of course, several other clients out there as well. Check the > rec.games.mud* FAQs for a list. > > ____ Robert A. Hayden <=> hayden@krypton.mankato.msus.edu > \ /__ -=-=-=-=- <=> -=-=-=-=- > \/ / Finger for Geek Code Info <=> In the United States, they > \/ Finger for PGP 2.3a Public Key <=> first came for us in Colorado... > -=-=-=-=-=-=-=- > (GEEK CODE 1.0.1) GAT d- -p+(---) c++(++++) l++ u++ e+/* m++(*)@ s-/++ > n-(---) h+(*) f+ g+ w++ t++ r++ y+(*) > > From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Sun, 28 Feb 93 21:15:28 PST To: cypherpunks@toad.com Subject: Re: more ideas on anonymity In-Reply-To: <9303010240.AA10573@toad.com> Message-ID: <9303010514.AA05974@deathtongue.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain >> One last note about practicality. We live in a world with pay >> telephones, which anyone may use to threaten anyone else, >> anonymously. Shall we eliminate pay phones? Today in the United >> States, a uniformed agent of the government will deliver your >> anonymous threat to your victims door for only US$0.29. Shall we >> eliminate the Postal Service? This is different than anonymous remailers currently. Why? Because pay phones and letters *cost* *money*. So, I have a proposal. Have someone *sell* signed keys, for real money. The only purpose of the signature is so that someone can verify that it's been paid for. It can be bought out of band. For example, I can email the signing agent my public key, and paper-mail a money order with no return address. Maybe in the future, we can just use digital money. When he gets my money, he signs my key and sends it back to me, possibly via some remailer or whatever. Now, when I send a message via a remailer, the mailer checks to see if the message has been signed by a key which has been signed by the key signing agent. If it has been, then it forwards the mail. If not, it doesn't. Now, here's the trick. If too many people complain about a particular sender (see below), the key gets revoked by the signing service. This means flooding newsgroups, slander, etc., *costs* *real* *money*. This is a big encouragement not to abuse the net, because it costs money. Perhaps we even have different levels of signing, based on costs. Pay $1, and the remailers will let you send to alt groups only. Pay $10, and you can send to alt, soc, misc, talk, and some set of high-traffic, low-signal lists. Pay $100, and you can post anywhere, including individuals. These are all example numbers, of course. - People can easily remain pseudonymous. - There is a monetary incentive not to be a bonehead. - Revocation is possible. There's no punishing wrongdoers, but people aren't likely to put much credence behind anonymous claims. - This works like the Real World. People with enough money can create false identites for themselves, anyway. - Remailer owners can choose which signing agents to trust. Other than monetary schemes might be able to be set up. For instance, if you can get five real, trustable people to vouch for your pseudonym, you win. If you screw up, their reputations become tarnished, as well. I guess all this is is a positive reputation scheme, bootstrapped by money, which is more important to some people than reputation, anyway. I mean, someone willing to go through the bother of spending $10 to get his key signed is either very bored, or has to have something to say. Now, back to complaints. What constitutes a complaint? Each certifier would probably have to decide this on their own. Some might choose never to revoke a signature. Some might do it only after some number of complaints. Some might come up with systems of arbitration, with judges, voting, and everything. The remailers can vote with their feet: whichever signing agents match the policies they like, they trust. And recipients (like newsgroups, mailing lists, or even individuals) can choose to accept messages only from remailers they "trust". So, we have a fairly complex system with multiple degrees of freedom, where endusers can pick and choose from among the policies they like best. This is sort of like credit card purchases. Hertz is willing to rent me a car based on Visa's evaluation of my creditworthyness. Similarly, large-public-mailing-list@site.domain can decide to accept messages from a given remailer, based on their published policies. Actually dealing with signatures isn't their problem. It's to the signing agent's advantage to be trustworthy, or else nobody will pay attention to his signatures, and nobody will give him money to sign their keys. Poof, a free market. It isn't simple, but I think one thing we can all agree on is that no solution to these problems we are facing will be both adequate and simple. Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phiber Optik Date: Sun, 28 Feb 93 21:50:55 PST To: tcmay@netcom.com (Timothy C. May) Subject: Re: CFP Costs Too Much! In-Reply-To: <9302282344.AA12538@netcom.netcom.com> Message-ID: <199303010549.AA21368@eff.org> MIME-Version: 1.0 Content-Type: text/plain It should be noted that journalists aren't the only people eligible for free admission. There's a scholarship program open to students/hackers/etc. If you can't get in free (it's obviously too late now), or otherwise be sponsored by an employer or other, the pricey fee does tend to exclude people who would otherwise benefit the conference and vice versa. What I can suggest, knowing the hotel it's going to be at (same as first), is hang out in the spacious lobby and mingle/eat/drink/etc. A number of people did this. Much of the "conference" is interaction with people, outside of the panels. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter & Date: Mon, 1 Mar 93 01:14:34 PST To: cypherpunks@toad.com Subject: Pgp with MH & MIME Message-ID: <9303010855.AA08526@merde.dis.org> MIME-Version: 1.0 Content-Type: text/x-pgp --------Enter additional text -----BEGIN PGP SIGNED MESSAGE----- > Some time back there was some debate here about whether MIME > ("Multipurpose Internet Mail Extensions") features could be exploited > to make encryption easier to use. I didn't pay much attention at the > time, because I didn't know anything about MIME. Here is my latest copy of "pgpedit", I have modified it to insert a "Content-Type" line to that MIME mailer will automaticly #!/usr/local/bin/perl #!/usr/local/bin/tperl4.036 # pgpedit V1.5 # Mon Mar 1 00:40:49 PST 1993 # Peter Shipley # to install (mh instructions) # place this script in your path (eg ~/bin) # create few links: # # ln -s /usr/local/mh/bin/repl ~/bin/pgprepl # ln -s /usr/local/mh/bin/comp ~/bin/pgpcomp # ln -s /usr/local/mh/bin/forw ~/bin/pgpforw # # Add the following to your .mh_profile: # # pgprepl: -editor pgpedit # pgpcomp: -editor pgpedit # pgpforw: -editor pgpedit # # To use just use the commands pgprepl or pgpcomp instead of repl or comp # # If you are Useing MH 6.8 with MIME you may also want to add the following: # # mhn-show-text/x-pgp: %ppgp -m '%F' # mhn-store-text/x-pgp: %m%P.pgp # # This `instruct' MH how to interpet the MIME header "Content-Type: text/x-pgp" # and have MH automaticly invoke pgp for devcryption or signature verification # require "sys/wait.ph"; #custom stuff here #default editor $defaulteditor="/usr/ucb/vi"; $pgpcommand="/usr/local/bin/pgp -sta +clearsig=on"; $debug=0; #test the arg count die "bad argument count" if ($#ARGV > 0); #set the umask to something really paranoid umask(07177); #set the path if there is not one $ENV{'PATH'} = '/bin:/usr/ucb:/usr/bin' unless $ENV{'PATH'}; # get the editor if ($ENV{'VISUAL'}) { $editor=$ENV{'VISUAL'} ; } elsif ($ENV{'EDITOR'}) { $editor=$ENV{'EDITOR'} ; } else { $editor = $defaulteditor; } $editor = $defaulteditor if $editor =~ /pgpedit/ ; # prepare the file. &prepfile($ARGV[0]); # run the editor &run($editor, $ARGV[0]); # have pgp sign the file &SignMailFile($ARGV[0]); # the end exit 0; sub SignMailFile { local($INPUT) = @_; local($BODY) = "/tmp/pgp$$.body"; local($PGPBODY) = "$BODY".".asc"; local(@header); print "$INPUT \n" if ($debug); open(INPUT, "+>>$INPUT" ) || die "failed to open $INPUT: $!\n"; seek(INPUT,0, 0); open(BODY, "+>$BODY") || die "failed to open $BODY: $!\n"; select(BODY); $| = 1; select(STDOUT); while () { last if (/^--------/); push (@header, $_); } if ($debug) { print STDERR "\n--header--\n"; print STDERR "@header \n" ; print STDERR "\n--BODY--\n"; print STDERR "$BODY \n" ; } while () { print BODY $_; } print STDERR "$pgpcommand $BODY\n" if ($debug); `$pgpcommand $BODY`; # &run($pgpcommand, $BODY); if (! $? ) { truncate(BODY, 0); unlink($BODY); close(BODY); truncate(INPUT,0); open(PGPBODY) || die "failed to open $PGPBODY: $!\n"; seek(INPUT, 0, 0); print INPUT @header; print INPUT "Content-Type: text/x-pgp; charset=\"us-ascii\"\n"; print INPUT "--------\n\n"; print INPUT ; } else { truncate(BODY, 0); unlink($BODY); close(BODY); if ( -f $PGPBODY ) { truncate(PGPBODY, 0); unlink($PGPBODY); close(PGPBODY); } } return; } sub prepfile { local($FILE) = @_; local(@data); open(FILE, "+>>$FILE" ) || die "failed to open $FILE: $!\n"; seek(FILE, 0, 0); while() { next if ( ?text/x-pgp? ); push (@data, $_); last if ( /^--------/ ); } # push (@data, "\n\n\n"); while() { last if (/^-----BEGIN PGP SIGNED MESSAGE-----/); } if( !eof(FILE) ) { while() { last if (/^-----BEGIN PGP SIGNATURE-----/); push (@data , $_); } seek(FILE, 0, 0); truncate(FILE, 0); print FILE @data; } close(FILE); return; } sub run { local($editor, $file) = @_; local($pid); FORK: { if ($pid = fork) { wait; } elsif (defined $pid) { # $pid is zero here if defined exec "$editor $file"; } elsif ($! =~ /No more process/) { # EAGAIN, supposedly recoverable fork error sleep 5; redo FORK; } else { # weird fork error die "Can't fork: $!\n"; } } return; } -----BEGIN PGP SIGNATURE----- Version: 2.1 iQBFAgUBK5HPZchmn7GUWLLFAQHGfgF9HFh4CwpEGi0UxYtswMA6VCxDSA/UaKzZ An7db1dLCOzZ3FEf7YjAi8Fi80482b+/ =j2S2 -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phiber Optik Date: Sun, 28 Feb 93 22:12:28 PST To: ld231782@longs.lance.colostate.edu Subject: Re: more annoying philosophizing on anonymity In-Reply-To: <9303010540.AA10913@longs.lance.colostate.edu> Message-ID: <199303010611.AA21525@eff.org> MIME-Version: 1.0 Content-Type: text/plain > > OK, I'll keep this brief. Yes, the postal service delivers anonymous > mail. Yes, you can make anonymous telephone calls using pay phones. > But like all hastily construed analogies, they fail in the magnified > specifics. The problem here is that the fragile remailers being built > right now are operated by *individual users*, while these other > services are parts of vast public infrastructures. Now, until anonymous > servers become part of the vast public infrastructure (I'll give us all > the benefit of the doubt on this one), operators will be *extremely* > vulnerable to what goes through their remailers. [stuff deleted] You fail to realize the obvious. Anyone who makes use of "vast public infrastructures" is also usually defenseless against the POWERS THAT BE, and fall victim to them abusing this power. Your snail mail can be intercepted/stolen and read at the command of the federales, any and all telephone calls can be intercepted/blocked/eavesdropped on. Sorry, but I'll take my chances with "fragile remailers", and the choice of use dictated by the positive reputations of both the remailer and the sender. Simple. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com (Bill_Stewart(HOY002)1305) Date: Sun, 28 Feb 93 23:09:07 PST To: cypherpunks@toad.com Subject: RISKS for alt.whistleblowers Message-ID: <9303010709.AA18343@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text I would expect two kinds of people to cause trouble for alt.whistleblowers: amateurs and professionals. Amateur troublemakers may cause the most volume of trouble, and the largest signal-to-noise problem, but the more serious concern is what happens if there's enough signal in the noise to be a threat to professionals, whether governments, corporations, or criminals. If I were a professional who wanted to stop a group like this, and options like court orders, violence, or confiscation weren't appropriate, I'd consider a few approaches like the following: - Flooding - it's really not hard, even with automatic protections - if you can emulate, or abuse, all the neighboring anon-remailers, you may even force disconnects from them. - Crying wolf, and other disinformation - if there are enough bogus posts, people will stop reading the newsgroup, and the talk.bizzare crowd wil take over because they're the only ones who can handle the noise .. - Posting libel, slander, child pornography, calls for violence, bomb threats followed by real bombings, blackmail requests, photographs of local politicians in real or fake compromising situations, and enough other legally dangerous material that the moderator and/or people who carry the newsgroup wouldn't be able to take the heat. It's really not all that hard, if somebody's serious about it. Crypto-anarchy is a good thing, but governments and other bad guys can hide behind it just as effectively as anarchists can. .... and the last count I've heard on the radio was that 19 separate groups have called in to claim responsibility for the World Trade Center bombing; some even called 911, though presumably they used pay phones ... Bill Stewart, somewhere out in Cyberspace From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ssandfort@attmail.com Date: Sun, 28 Feb 93 18:40:51 PST To: cypherpunks@toad.com Subject: Re: more ideas on anonymity Message-ID: <9303010240.AA10573@toad.com> MIME-Version: 1.0 Content-Type: text _________________________________________________________________ FROM THE VIRTUAL DESK OF SANDY SANDFORT ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Today, Theodore Ts'o raised the specter of libel and slander to justify some forms of censorship for anonymous remailers. He assumed, rhetorically, that if you believe in total freedom of speech, than you must not believe in libel or slander. He is correct, of course. Nevertheless, his implied conclusion is in error. He would have us give up free speech to uphold libel and slander. I say, let's give up the artificial concepts of libel and slander and uphold our freedom of speech. Can people be harmed by speech? Maybe yes, maybe no. But if so, that is the price that must be paid to avoid a far greater harm. Damnum absque injuria--there are some loses for which there is no remedy at law. If your girlfriend impugns your manhood, there may be harm. But should her speech be ILLEGAL? I think not. I'm sure that what NBC did was NOT libel or slander. It may have been fraud, though. In any event, if a free society chose not to make what NBC did illegal, that in no way implies that NBC was "perfectly justified" in faking an explosion. It just says society takes any remedy out of the hands of the state. Of course, NBC's acts have already damaged its own reputation karma. Serves 'em right, too. One last note about practicality. We live in a world with pay telephones, which anyone may use to threaten anyone else, anonymously. Shall we eliminate pay phones? Today in the United States, a uniformed agent of the government will deliver your anonymous threat to your victims door for only US$0.29. Shall we eliminate the Postal Service? (The answer is "yes," but for other reasons.) So what's the point? Why should we be any harsher on the networks than we are on all the other anonymous channels? There is only one realistic and moral solution to threats of violence. Punish the perpetrators, not the messenger. Even in today's world, crimes are rarely solved by wiretaps, forensic science or any of that. Perps gets fingered by someone they know; perps confess; perps screw up and accidentally give themselves away; or the intended victim blows the perp's head off during an attempt to carry out the threat. Again, punish the perpetrators, not the messengers. S a n d y ssandfort@attmail.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tony@morgan.demon.co.uk (Tony Kidson) Date: Mon, 1 Mar 93 08:33:53 PST To: cypherpunks@toad.com Subject: Re: more ideas on anonymity Message-ID: <2900@morgan.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain In message <9302282156.AA25135@SOS> you write: > Date: Sat, 27 Feb 93 23:59:30 GMT > From: Tony Kidson > > I see. So you don't believe in libel or slander laws. It's people believing and acting on the words that actually causes the damage. I believe that you must judge the reputation of the subject and issuer of any statement before you make up your mind to act on a statement. It is only possible to widely disseminate a libel if you have control of the means of dissemination. That, is not free speech. Where is the opportunity for contrary assertion by the person libelled? > And NBC was perfectly justified in faking an explosion in a GM truck to > show it was unsafe, and broadcast it on prime-time TV. And it didn't do > anybody any harm at all. Uh huh. Faking the explosion, was neither here or there. Did they deny GM the right of denial. Could they be sued by the people that they misled? I do believe in their right to say anything they like. They have a reputation to protect. How much reputation has an anonymous source? Are you going to believe an anonymous tip off until you have investigated it? If so bigger fool you. Tony +-----------------+-------------------------------+--------------------------+ | Tony Kidson | PGP 2.1 Key by request | Voice +44 81 466 5127 | | Morgan Towers, | | E-Mail | | Morgan Road, | This Space | tony@morgan.demon.co.uk | | Bromley, | to Rent | tny@cix.compulink.co.uk | | England BR1 3QE |Honda ST1100 ==*== DoD# 0801 | 100024.301@compuserve.com| +-----------------+-------------------------------+----------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Mon, 1 Mar 93 08:07:18 PST To: cypherpunks@toad.com Subject: anon.penet.fi hacking In-Reply-To: <9303010721.aa25945@penet.penet.FI> Message-ID: <9303011604.AA11556@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >> Body-Termination-Regex: ^--$ Julf writes: >Ok... Now.. Show me the regex that strips anything starting with '--', >such as '-----------------------------', except a PGP boundary line... OK. It's a mess. The backslash means line continuance. Remember that concatenation binds higher that alternation (|). ^--...([^B]|B[^E]|BE[^G]|BEG[^I]|BEGI[^N]|BEGIN[^ ]|BEGIN [^P]|BEGIN P[^G]\ |BEGIN PG[^P]) Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Sun, 28 Feb 93 23:02:24 PST To: Eric Hughes Subject: Re: anon.penet.fi hacking In-Reply-To: <9303010111.AA12729@soda.berkeley.edu> Message-ID: <9303010721.aa25945@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > The first character in the body that matches the regex, and every > character after it, will be dropped. This not only makes it a > one-liner in perl (!), but it means that the user can be as > arbitrarily complex in recognizing sig blocks as the are able. > Of course, we'll document the most common of these: > > Body-Termination-Regex: ^--$ Ok... Now.. Show me the regex that strips anything starting with '--', such as '-----------------------------', except a PGP boundary line... Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Pat Farrell" Date: Mon, 1 Mar 93 05:42:48 PST To: cfp93@well.sf.ca.us Subject: RE: CFP Costs Too Much! Message-ID: <31288.pfarrell@gmuvax2.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain In Message Sun, 28 Feb 93 15:44:21 -0800, tcmay@netcom.com (Timothy C. May) writes: >.... I would also dearly like to attend CFP, but I also would dearly love to attend CFP again. I went to last year's session on a student subsidy and loved it. It changed the direction of my academic study. I don't understand where CFP's organizers are coming from. I applied for a student tuition subsidy for this year, and heard nothing. I submitted a request for a "birds-of-a-feather" session to talk about key registration, and got Dorothy Denning, TC May, and Mike Godwin to tentatively agree to participate. I've heard nothing. It is much too late to get cheap airfare to SF, so I'm not going. I'm a student. I can't afford the $2000 that attending CFP will cost, including airfare, hotel, meals, conference fee, etc. I admit to having a part time job, which supports my wife, daughter, mortgage, and pays tuition and buys books. It sure doesn't pay well enough to afford CFP93. Pat Pat Farrell Grad Student pfarrell@cs.gmu.edu Department of Computer Science George Mason University, Fairfax, VA PGP Public key availble via finger #include From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Mon, 1 Mar 93 09:45:32 PST To: julf@penet.FI Subject: anon.penet.fi hacking In-Reply-To: <9303011752.aa19512@penet.penet.FI> Message-ID: <9303011742.AA15188@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Julf challenged: >Ok... Now.. Show me the regex that strips anything starting with '--', >such as '-----------------------------', except a PGP boundary line... I posted something which didn't quite work, as Julf says: >But... It still >doesn't strip off something starting with only "--" on a line by itself... ^--(|.|..|...(|[^B]|B[^E]|BE[^G]|BEG[^I]|BEGI[^N]|BEGIN[^ ]|BEGIN [^P]\ |BEGIN P[^G]|BEGIN PG[^P])) Some implementations don't support empty alternation, so that could be changed with the ? syntax, since (|a) and (a?) are the same. That should do it. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tribble@xanadu.com (E. Dean Tribble) Date: Tue, 2 Mar 93 00:58:40 PST To: uunet!Athena.MIT.EDU!tytso@uunet.UU.NET Subject: Piercing anonymitiy and censorship In-Reply-To: <9303010319.AA25260@SOS> Message-ID: <9303011845.AA22881@memexis.xanadu.com> MIME-Version: 1.0 Content-Type: text/plain Perhaps there are people who believe Free Speech should be so much of an absolute that you should be allowed to scream at the top of their lungs at 5am in the morning in a residential area, and that libel and slander laws shouldn't exist. But it's not fair to call that a mainstream I would like to separate the issues of hollering anything at 4am in residential areas from things like libel and slander. Disturbing people with your volume independent of its content is like blasting white noise at damaging volume levels. The remedies for it have nothing to do with speech, they have to do with disturbing the peace; your sound is crossing onto my property at intolerable levels. dean From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fen@genmagic.genmagic.com (Fen Labalme) Date: Mon, 1 Mar 93 11:37:02 PST To: tcmay@netcom.com (Timothy C. May) Subject: Re: CFP Costs Too Much! Message-ID: <9303011935.AA22448@> MIME-Version: 1.0 Content-Type: text/plain > In my opinion, $405 is way too much to pay for this conference. One note on the other side of the coin: Email announcements of the conference began in December of '92, including the complete pricing schedule: > Registration Fees are: > If mailed by: 7 February 8 March on site > Conference Fees: $300 $355 $405 > Tutorial Fees: $135 $165 $195 > Conference & Tutorial $435 $520 $600 Note that there was over a month's time to get registered at $300, and the price of registration is currently $355, *not* $405. Now I have to pay the $355 out of my own pocket (as Magic decided not to pay my way) and I understand the pain you feel with having to shell out such big bucks. But, for one reason or another, I believe that CFP has not done incredibly well financially, and they've got to cover their ass. One way to do that is by encouraging early registration, which smooths the planning process. So get your registration in now! > Registration is limited to 550 participants, so register early and save! > > By Mail: By Fax: > (with Check or Credit Card) (with Credit Card only) > CFP'93 Registration Send Registration Form > 2210 Sixth Street (510) 845-3946 > Berkeley, CA 94710 Available 24 hours > > By Phone: By E-Mail: > (with Credit Card only) (with Credit Card only) > (510) 845-1350 cfp93@well.sf.a.us > 10 am to 5 pm Pacific Time On the other hand, Glenn Tenney has done a remarkable job in keeping the price of Hackers down... Fen From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Mon, 1 Mar 93 12:01:37 PST To: cypherpunks@toad.com Subject: more ideas on anonymity In-Reply-To: <2900@morgan.demon.co.uk> Message-ID: <9303011958.AA24443@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >I do believe in their right to say anything they >like. They have a reputation to protect. How much reputation has >an anonymous source? Are you going to believe an anonymous tip >off until you have investigated it? If so bigger fool you. "How much reputation has an anonymous source?" I think this might be key to solving the "anonymous libel" problem. Simply declare "anonymous libel" an oxymoron! We might argue that otherwise libelous statements, when made anonymously, carry a presumption of falsity, for otherwise the speaker would be willing to speak truthfully in his or her own person. Or, in other words, "Coward! He must be lying!" Could some of the folks with LEXIS or WESTLAW access check and see if there is any case law where the social status of the speaker is brought into question? Perhaps Tony Kidson could tell us some of the effects of libel law in the UK. The US law, which grew out of British law, seems to have gone in the direction of reducing the power of a libel complaint, while British law has done the opposite. I can't speak for the UK, but those who live there could. In California, a very promising decision occurred last week: the first test of the anti-SLAPP law (Strategic Lawsuit Against Public Participation). The law is to prevent lawsuits designed to drain the resources of those exercising their First Amendment rights. It requires the plaintiff to show that they will probably win (I don't know what the wording of the actual test is). Defendants are entitled to recover attorney's fees and court costs. The suit was basically as follows. One comic book company published a Lensman comic. The heir to the Lensman rights stated in print that this company had not received permission. The comic book company sued the heir and the publisher of her words, claiming libel. The case was immediately dismissed based on the new anti-SLAPP law. The law is designed to protect First Amendment rights, but it looks like it will also have the salutatory effect of reducing libel claims generally. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Mon, 1 Mar 93 09:34:08 PST To: Cypherpunks Subject: anon.penet.fi hacking Message-ID: <930301171036_74076.1041_DHJ55-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain Eric shows a complicated regular expression, but I don't think it will match just --, because this line provides nothing to match the "." and "[^B]", etc. I think the real point is that Eric's idea allows the user to customize the regular expression to match the particular signature line used by his system. If the line is just --, he can use Eric's simple example. If it's something else, another line can be used to look for the match. Since it's not hard for users to find out how their signatures look it should not be hard to set up a pattern that will strip them. Hal From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jthomas@mango.mitre.org (Joe Thomas) Date: Mon, 1 Mar 93 09:25:01 PST To: cypherpunks@toad.com Subject: A novel (?) return address idea Message-ID: <9303011721.AA02070@mango> MIME-Version: 1.0 Content-Type: text/plain It seems clear now that the default behavior of the anon.penet.fi remailer (generating only one anonymous ID per user, and anonymizing all messages to other anon users with that ID) is inadequate. At the same time, Julf argues persuasively that users have come to expect that their replies to anonymous Usenet articles will be anonymized. The current na/an address workaround is okay, but I think we could do better. Here's my scheme: When a user first mails to or through a penet-style remailer, the remailer software will automatically allocate an ID for the sender's return address, as usual. _But_, it will keep this number secret, in an internal database. Let's consider this ID to be a binary number. The remailer appends to this ID number some "salt" bits (random bits, perhaps with some time-stamp info to guarantee that the same salt bits are never applied twice, if the RNG is weak). This collection of bits is then encrypted with a secret key only the remailer knows (note: this should _not_ be the secret half of a public/private key pair, for reasons that should become clear). The encrypted bit string is converted by a uuencode/armourtext process that produces characters that will be legal for an e-mail address. This is then used for a return address. When someone wants to reply to an anonymous message or post, the remailer decrypts the address, ignores the "salt" bits, looks up the anonymous ID in its database, and sends it on to the desired recipient. The advantage of this scheme is that no two messages will have the same return address, and no information about the sender can be gleaned from the return address; yet the remailer can allow replies to every message without keeping any more records than it does under the current version. A couple disadvantages could be running out of bits for the return address, and adding more encryption work for the remailer. You'd definitely have to own the machine, and implement some, er, different mailing software, since you'd have to accept mail for users with any random name whatsoever. And, of course, this method is only useful for penet-style remailers, not cypherpunk/mixnet remailers which should not remember anything about messages that pass through. What do you all think about this for a "Mark II" anon.penet.fi? Joe From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Mon, 1 Mar 93 03:05:13 PST To: "Bill_Stewart(HOY002" Subject: Re: RISKS for alt.whistleblowers In-Reply-To: <9303010709.AA18343@anchor.ho.att.com> Message-ID: <9303011215.aa06268@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > If I were a professional who wanted to stop a group like this, and options > like court orders, violence, or confiscation weren't appropriate, > I'd consider a few approaches like the following: > - Flooding - it's really not hard, even with automatic protections - True. But at least the source of the trouble would be hard to hide. > - Crying wolf, and other disinformation Yes. This might be the hardest one, and the one I have been worrying about. > - Posting libel, slander, child pornography, calls for violence, bomb threats We will have to accept the fact that we are sitting ducks. It all depends on how strong support we have. > It's really not all that hard, if somebody's serious about it. > Crypto-anarchy is a good thing, but governments and other bad guys can > hide behind it just as effectively as anarchists can. True. And that's why we have to abide to the old banner "united we stand, divided we fall". We need to support each other, and have organisations such as EFF supporting our cause as well. In many ways our case (with whistleblowers) is very similar to organisations such as Amnesty International. Single groups and individuals are easy to silence, but a big enough, distributed enough and visible enough organization with good communications channels is much harder to shoot down. Hmm... Maybe we ought to get in touch with people like Amnesty and offer our services to them as well? Anyway, let me give you a hypotetical case. Let's say anon.penet.fi starts running alt.whistleblower, and some suitable US organisation decides to shut it down. They can do it by using international political pressure - something that would definitely be effective if it was something that was done silently by agreement between the Finnish and the US government agencies involved. But it would be impossible if the thing was exposed to international media. Similarily for cases of putting pressure to telephone/network companies, or trying to kill the server with stuff breaking local laws or something. Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Mon, 1 Mar 93 03:06:52 PST To: nobody@alumni.cco.caltech.edu Subject: Re: Infrastructure In-Reply-To: <9303010605.AA10013@alumni.cco.caltech.edu> Message-ID: <9303011220.aa06293@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > I'm not really sure what is happening with PGP specifically in terms > of MIME. I think there has been some work done with PEM integration. > There doesn't seem to be any reason why these programs can't integrate > nicely with MIME, and this Metamail package looks like it might be the > most cost-effective way of getting widespread encryption into use. Definitely. The work I am doing on integrating PGP into anon.penet.fi is based on metamail. Makes it really easy to add PEM etc. Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Chael Hall) Date: Mon, 1 Mar 93 10:16:58 PST To: cypherpunks@toad.com Subject: anon.penet.fi confusion Message-ID: <9303011813.AA12208@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain I thought that someone would bring it up, but since no one has, I guess I will. Isn't is very easy to accidentally type na1234 or an1234 when intending the other? It's just a matter of transposing two characters. This could result in a user signing a message that is sent with the anonymous ID or accidentally sending the actual address when thinking it was anonymous. Since a password can be assigned, the prior could be eliminated, but the latter is still possible. I commend Johan for his work and appreciate the new service, regardless of how it may sound. Chael Hall -- Chael Hall nowhere@bsu-cs.bsu.edu, 00CCHALL@BSUVC.BSU.EDU, CHALL@CLSV.Charon.BSU.Edu (317) 285-3648 after 5 pm EST From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Mon, 1 Mar 93 03:27:25 PST To: "Timothy C. May" Subject: Re: Handling Abuses of Remailers In-Reply-To: <9303010536.AA10591@netcom.netcom.com> Message-ID: <9303011229.aa06385@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > * To handle _abusive volumes_ through remailers, charge for remailing. > Short term, this may be a problem, but this is the long term market > solution. > > * To handle _abusive messages_ through remailers, ignore them. "Sticks and > stones" and all that. Put positive reputation filters in place. Accept > e-mail only through those you know or have reason to trust. > > As Sandy Sandfort so cogently put it, punish the perps, not the words of > the perps. This is the basis of our society, and a good basis, too. All this is very well for a cypherpunks-type remailer, used by a small number of experienced users. But it doesn't apply very well to anonymous posting/mailing services for a large number of "simple" users (services like anon.penet.fi), nor to alt.whistleblower. Do we need to split up the list to handle the rather diferent threads? Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Mon, 1 Mar 93 03:29:49 PST To: Eric Hughes Subject: Re: header field indicating an anonymous address In-Reply-To: <9303010202.AA17864@soda.berkeley.edu> Message-ID: <9303011241.aa07850@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > I suggest "Anon-Sender:". There's already a "Sender:" field in > RFC-822, indicating who sent the message, as separate from who wrote > the message. The "Anon-Sender:" field should contain an email address > for the maintainer of the remailer. Anon.penet.fi has supported the Sender: field from the start. This has forced me to use an automatic script that send a message like this: (it gets to handle 20-30 messages/day) I don't think this was intended for me (anon@penet.fi, the anon server administrator, also working under names "daemon" and "julf"). I suppose you wanted to send it to an@anon.penet.fi, but accidentally replied to the envelope "Sender:" address instead of the "From:" orginator address... Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pmetzger@shearson.com (Perry E. Metzger) Date: Mon, 1 Mar 93 11:44:50 PST To: tytso@athena.mit.edu Subject: Re: more ideas on anonymity Message-ID: <9303011827.AA15335@maggie.shearson.com> MIME-Version: 1.0 Content-Type: text/plain > From: Theodore Ts'o > I see. So you don't believe in libel or slander laws. > > And NBC was perfectly justified in faking an explosion in a GM truck to > show it was unsafe, and broadcast it on prime-time TV. And it didn't do > anybody any harm at all. Uh huh. > > Try again..... I believe that Theodore is confusing the notion of tort and the notion of crime. Slander and Libel are torts, that is, they are civil matters. Prior restraint of speech is brought up in the context of CRIMINAL acts. As an example, obviously, if I promise you that what I am about to tell you is the true formula for a drug who's design I am selling you and I lie, I am liable under our contract. Also similarly, it is possible under various legal arguments to consider slander to be a tort. However, it is something different if the government claims that my saying "all green people should be killed" is a crime. Now, on the issue of slander, the notion of anonymity is largely unimportant. If I had walked into the middle of the street and ranted for an hour saying that GM trucks are unsafe, that would be largely ignored, as most anonymous denunciations likely are. The issue is if a non-anonymous individual or entity with credibility, like NBC, says something that is false. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Mon, 1 Mar 93 03:57:24 PST To: "Bill_Stewart(HOY002" Subject: Re: dispatches from the front lines of anonymity In-Reply-To: <9303010139.AA15551@anchor.ho.att.com> Message-ID: <9303011245.aa09219@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > A clean way to avoid the problem of encrypted replies cluttering up the > newsgroup is to also create alt.whistleblower.followup or a.w.crypt, > with similar non-assignment of ids, so readers can easily skip over > the crypted private replies. Good idea! Will implement! > I *would* recommend the following policies - > - accept email in PGP, RIPEM, and also unencrypted MIME, X.400, and vanilla > formats- not everybody who wants to blow a whistle has the right-shaped > whistle handy. Yes. Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Mon, 1 Mar 93 03:59:16 PST To: Marc.Ringuette@gs80.sp.cs.cmu.edu Subject: Re: Future of anonymity (short-term vs. long-term) In-Reply-To: <9303010042.AA07783@toad.com> Message-ID: <9303011309.aa09356@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > I disagree that it is necessary for a remailer operator to reveal the sender > of a piece of mail under any circumstances, and I will not trust a remailer > which does not IMMEDIATELY THROW AWAY the correspondence between input and > output addresses. I agree with your disagreement but disagree with your conclusion (huh?). IMHO a remailer operator should *NEVER* reveal any identities, but I also believe very strongly that especially if you provide a way to post news articles, there has to be a way to send replies to the original sender. Thus a remailer must maintain mapping info. Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Mon, 1 Mar 93 03:59:23 PST To: Eric Hughes Subject: Re: dispatches from the front lines of anonymity In-Reply-To: <9302281806.AA13608@soda.berkeley.edu> Message-ID: <9303011312.aa09448@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > Actually, I was thinking that whistleblower@anon.penet.fi would _be_ > the moderator. Then you just post directly. All the messages would > come from that address, and no id's would be assigned. Since all > messages are from "whistleblower", replies to a poster go right back > out to the list, also anonymized. Well, this was my original idea as well, but the ensuing discussion confused me. > It's actually a much simpler system than is currently implemented, > since id's arenit involved at all. Exactly. And it's already implemented. I just have to enable it. But it doesn't support PGP/MIME yet. > PGP 2.1 contains the cleartext-signature feature, and the periodic > posting to the list should mention this. This allows a real pseudonym > to develop, just like we want. Agree. But this requires us to really actively distribute PGP 2.1. Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tribble@xanadu.com (E. Dean Tribble) Date: Tue, 2 Mar 93 00:58:46 PST To: uunet!soda.berkeley.edu!hughes@uunet.UU.NET Subject: anon.penet.fi hacking In-Reply-To: <9303010111.AA12729@soda.berkeley.edu> Message-ID: <9303012157.AA23027@memexis.xanadu.com> MIME-Version: 1.0 Content-Type: text/plain Body-Termination-Regex: ^--$ I hate my sample header field name. Please, someone think up a better one. Alternatives: Sig-Pattern Sig-Regex End-Pattern dean From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tribble@xanadu.com (E. Dean Tribble) Date: Tue, 2 Mar 93 00:58:41 PST To: uunet!soda.berkeley.edu!hughes@uunet.UU.NET Subject: anon.penet.fi hacking The next revision of the remailer will have something like In-Reply-To: <9303010111.AA12729@soda.berkeley.edu> Message-ID: <9303012158.AA23036@memexis.xanadu.com> MIME-Version: 1.0 Content-Type: text/plain Body-Termination-Regex: The first character in the body that matches the regex, and every BTW I think this is just the right thing. Excellent idea! dean From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Mon, 1 Mar 93 04:25:40 PST To: "Edgar W. Swank" Subject: Re: anon.penet.fi hacking In-Reply-To: Message-ID: <9303011321.aa09556@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > I would be cautious about a random "From:" line. I think penet will > probably reject input that at least has does not have a valid (but not > necessarily truthful) return address. I have no way to check the validity of an address, unless it's syntactically illegal. > For a while, Miron Cuperman's wimsey remailer was generating a bogus > >From address, something like "yeltsy@kremlin.vax.ru". I tried > chaining this to penet to post to newsgroups, but my anonymous > messages never appeared in the newsgroups. This was because, > I think, penet sends a confirmation back to the sender. Since > "kremlin.vax" is not in penet's net tables, this would cause > the confirmation send to fail; my hypothesis is that this also > causes the newsgroup post at penet to fail. No, the posting must have failed fort some other reason. The problem is that you never know why, as the error messages don't reach you... > Wimsey could also establish its own penet password and automatically > insert it whenever it detected a "to" address ending in penet.fi. This could be one solution. But what do you do with bounces due to some user error? > I'd like to point out that so far the wimsey remailer is the only > useful remailer from my point of view because it's the only one > which allows me to delete the automatic sig. This is because it > only forwards encrypted text and discards any appended unencrypted > text. This will be solved using MIME. The .sig killer used at anon.penet.fi is a pain in the rear... Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pmetzger@shearson.com (Perry E. Metzger) Date: Mon, 1 Mar 93 14:06:12 PST To: tytso@athena.mit.edu Subject: Re: Future of anonymity (short-term vs. long-term) Message-ID: <9303011908.AA16594@maggie.shearson.com> MIME-Version: 1.0 Content-Type: text/plain > From: Theodore Ts'o > > Since John Gilmore, the maintainer of the Cypherpunks mailing list, is > one of the absolute free speach advocates --- let me ask a question > directly at you: What would you do if sometime next week, someone > decided to flood the Cypherpunks mailing list with a large amount of > trash postings, routed through different combinations of remailers? Let > us assume that the trash is generated by grabbing varying snippets from > USENET articles, so that current AI technology is not able to > distinguish a true Cypherpunks submission from the flooded trash > postings. What would you do? Now let's also suppose someone does the > same thing to all of the GNU newsgroups. What would you do then? > I know what I would do: I'd rig the list so it only took PGP signed messages, and then only from official subscribers. They could be anonymous, but they'd have to be operating under "known" pseudonyms. This is a "closed" list -- the Extropians list in principle works under much the same mechanism, only without PGP. This being in place, people who had not joined could not flood the list, and anyone flooding the list could be cut off. Note that just because one is in favor of free speech does not mean that one would necessarily permit arbitrary disruptions in one's living room, and being the list "owner" I think John would be much within his rights to stop non-communicative disruptive "noise" postings. > (Sorry for sounding so cynical, but after being a News admin at MIT for > a long time, and dealing with a lot of people suffering from severe > cases of freshmanitis, I have a less than optimistic view about human > nature.) I think that instead you should have a less than optimistic view of the quality of our current netnews software. The problem you list can be fixed with public key cryptography and some intelligent changes. For instance, there is an easy fix to the "idiots posting newgroups" messages that I heard Nat Howard propose years ago -- use public key signatures on newgroup messages, and each news administrator picks other administrators he trusts in the same sort of "web of trust" notion that PGP has. If the newgroup/delgroup message was posted by someone you trust you take it, otherwise you reject it. Given that, you are practically done. As another example, its easy to assure that moderated newsgroups are run just by the moderator -- he public key signs instead of posting with the "Authorized" header. Easy as pi. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Mon, 1 Mar 93 04:25:47 PST To: Eli Brandt Subject: Re: anon user on cypherpunks list In-Reply-To: <9303010023.AA07585@toad.com> Message-ID: <9303011328.aa09601@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > > For every reason you might want a pseudonym in the first place, you > > might also want a "pseudonym from your pseudonym," especially if you > > use it a lot. > > A specific example: I am presently running a survey of drug prices, > and suggested that respondents might wish to reply through penet. > Unfortunately, I realized that I could not respond to these messages > without blowing my penet pseudonym. Fortunately, I had never > actually used it, so I could safely "blow it". At present, if I > need another penet pseudonym, I guess I'll create it through mail > games. But IWBNI there were a built-in way to do this -- > particularly for those who aren't able to hack mailers, who are the > ones who really need a service such a penet in the first place. Agree. And I *think* I have come up with a way to handle it "safely". Will do a test implementation RSN. Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Mon, 1 Mar 93 04:25:51 PST To: Eric Hughes Subject: Re: anon user on cypherpunks list In-Reply-To: <9302281755.AA13087@soda.berkeley.edu> Message-ID: <9303011333.aa10348@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > I would suggest bouncing mail to "an" style addresses unless a > pseudonym has been declared; the bounce message would, of course, > contain instructions on how to obtain a pseudonym or use the "na" > form. This only works if the From: lines of postings show the "na" form, but this breaks the "historical" expectations of current users. > Therefore, I would suggest that a second version of the pseudonymous > system at penet do away with automatic generation and support multiple > pseudonyms. I might even try to do it in the current version. I might have worked out a way that doesn't break too much of the current functionality. Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Theodore Ts'o Date: Mon, 1 Mar 93 12:19:20 PST To: pmetzger@shearson.com Subject: Re: more ideas on anonymity In-Reply-To: <9303011827.AA15335@maggie.shearson.com> Message-ID: <9303012016.AA26328@SOS> MIME-Version: 1.0 Content-Type: text/plain Date: Mon, 1 Mar 93 13:27:24 EST From: pmetzger@shearson.com (Perry E. Metzger) Now, on the issue of slander, the notion of anonymity is largely unimportant. If I had walked into the middle of the street and ranted for an hour saying that GM trucks are unsafe, that would be largely ignored, as most anonymous denunciations likely are. The issue is if a non-anonymous individual or entity with credibility, like NBC, says something that is false. I don't know about that. It is certainly true that non-anonymous individual or entity with credibility, like NBC, can do the most amount of damage when they slander someone. But what about someone who sends 20 different mail messages, each through a different remailer path so they have different reply addresses, all of them detailing some similar (but false) story about how some GM truck went up in flames aftering being hit lightly by a Geo Metro? Or suppose someone sends 20 messages (all different) about how Perry Metzger stiffed him/her out of some amount of digital cash? I'd suspect you could do some real damage that way. Not as much, perhaps, as something like a faked demonstration tape broadcast on prime-time evening news, but damange nevertheless. - Ted From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fen@genmagic.genmagic.com (Fen Labalme) Date: Mon, 1 Mar 93 15:28:40 PST To: Theodore Ts'o Subject: Re: more ideas on anonymity Message-ID: <9303012327.AA23552@> MIME-Version: 1.0 Content-Type: text/plain > From: Theodore Ts'o > > Or suppose someone sends 20 messages (all different) about how > ---- ------ stiffed him/her out of some amount of digital cash? I'd > suspect you could do some real damage that way. In response to this, let me first quote Eric Hughes: > "How much reputation has an anonymous source?" I believe that this is the true question being asked. I believe that in the not-so-far-off future there will be an immense quantity of anonymous traffic on the nets, and I will set my filters to ignore the large percentage of it (though perhaps I may want to see notes with my name in them, or perhaps not). This doesn't mean I won't see *any* anonymous messages, as my positive reputation system will work to counter-balance the effect of the filter, and allow messages from anonymous sources that are connected to me via a "line of trust", that is, through a set of anonymous keys and signatures that prove to me that the source of the information is from someone that I trust, or that they trust, or... Further, pseudonymous posters may gain quite a bit of respect. As was earlier pointed out on this list, most posters to net news are today pseudonymous, for I know not if their real name is what their From: line states, but I learn to recognize and differentiate names (pseudonyms) bearing good info from those that know not what they say or those that just flame. It is from this last set of anonymous publishers that we may have the problem being discussed. For example, "NBC" may as well be an anonymous pseudonym, but we (well, a lot of the general public, anyway) have decided to place a fair amount of trust into them. This problem stems from people being too ready to abdicate their responsibility from having to think critically about the world around them, and the information they receive. In other words, the big problem, as we all know, is one of education. Just say "know"! Fen From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Shipley Date: Mon, 1 Mar 93 16:27:32 PST To: mccoy@ccwf.cc.utexas.edu (Jim McCoy) Subject: Re: ideas on an encrypted BSD filesystem (LONG, technical) In-Reply-To: <9303020004.AA01774@tramp.cc.utexas.edu> Message-ID: <9303020025.AA25924@edev0.TFS> MIME-Version: 1.0 Content-Type: text/plain >Greetings: > >I have been working on a few ideas I have to make a BSD system (like a >386BSD system on a nice fast PC) into a secure base system for a BBS that >is somewhat "raid-proof". The basic plan is the encrypt the filesystem and >use public key encryption to separate the system administrator from the >information contained within the system and make it harder to do blanket >searches of computer systems such as those I have seen happen in this area. >Here is a basic outline of what I plan on doing, any comments would be >appreciated. > my office mate and I were talking along simular lines, but for DOS. we were thinking of setting up disk/partition encryption software that works like the product "stacker" or "double disk". but instead of just compressing we encrypt. When the system boots it will ask for a password phrase, it you do not provide on the disk will not me accessable (it will just appear to be a unformated partition). Thus when you are raided and they power down your system, they will loose access to the date. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pmetzger@shearson.com (Perry E. Metzger) Date: Mon, 1 Mar 93 14:27:15 PST To: cypherpunks@toad.com Subject: Re: anonymity + untraceable digital money = potential problems Message-ID: <9303012153.AA22065@maggie.shearson.com> MIME-Version: 1.0 Content-Type: text/plain > From: ALAN DORN HETZEL JR > > Dear Group, > > I believe that I see a potential serious problem with they onset of > truly unbreakable anonymous communication combined with untraceable > digital cash. > > The problem is that crimes such as blackmail and extortion would become > absolutely impossible to defend against. Kidnapping for ransome would > get a LOT easier. I see serious problems with allowing people to take drugs. They can get addicted to them. Lets ban medicines. I see serious problems with allowing people to own guns -- they might commit crimes with them. I see serious problems with allowing people to speak freely -- they might blaspheme, or tell lies. Mr Hetzel, I'm an anarchist. I have very little "faith" in human beings, which means I don't trust big complicated structures run on the assumption that human beings are inherently trustworthy -- like governments, for example. I prefer systems that decentralize power and make it possible for people to operate without the necessity to trust each other. Yes, digital cash makes kidnapping easier. So, for that matter, do telephones and cash itself -- had money never been invented, anonymous kidnapping would have never been possible. However, the alternative to permitting market structures to take care of problems in a competitive way is to allow central structures in which we are asked to trust in the benificence of government officials. I'm not the trusting type. If history has had any lesson, it is that governments degenerate and are taken over by evil men, over and over and over. The structures needed to stop digital cash, anonymous postings, and the like would be so draconian as to assure that should a dictator ever wish to sieze power the structures needed to do so would be waiting for him. I'd prefer a system in which he would have to build them from scratch, even if it means one or two people can be blackmailed once in a while. Utopia isn't possible. I'd prefer, therefore, to settle for the best we can do. > > I could send you an anonymous note threating to poison your dog, kill > your wife, burn down your house, whatever..., ... unless you pay me > $$$ in untraceable digital cash. What can you do? Today, I could send you an anonymous note threatening to poison your dog if you don't leave $5000 in the poorbox at the corner church. What can you do right now? Easy. Watch your dog. The police have a myriad of techniques at their disposal. Their jobs have never been easy, but they have to cope with anonymous messages and untraceable cash thefts right now. To eliminate the capacity to use digital cash means to require monitoring of all speech and ban most international traffic, to prohibit strong cryptography and require key registration. Even then I'm not convinced that it would work because people would still try to avoid these restrictions. All technologies are fraught with dangers. All of them. The knife you use to slice your bread can be used to kill your wife. Shall we dispense with knives? Shall we pretend that we can unlearn what we know? A bright 10 year old with a computer can produce a cypher machine. Shall we lobotomize all ten year olds and destroy all the computers? You CANT put some djinni back in the bottle after you've rubbed the first time. We can't stop people from knowing things. At least the well meaning fools who advocate gun control have the fact that good machine shops aren't in practically every home on their side -- telephones, modems and computers are becoming ubiquitous, however, and they are all capable of aiding and abbetting in the criminal techniques you mention. Welcome to the world. Perry Metzger From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Timothy Newsham Date: Mon, 1 Mar 93 21:00:15 PST To: cypherpunks@toad.com Subject: tapping Message-ID: <9303020333.AA04345@relay1.UU.NET> MIME-Version: 1.0 Content-Type: text/plain [forwarded from elsewhere] > > [From Data Communications, January 1993] > > INVENTION CUTS CABLING TIES > > An inventor working from a garden shed in the U.K. has come up with a device > that enables PCs and other LAN equipment to send and receive data through > the plastic outer jacket of copper LAN cabling-- without piercing the > cabling. Called the Watsonlinc Cable Coupling Transformer, the device > allows users to attach LAN equipment at any point in a network without going > through time-consuming and costly cable attachment procedures. The > Watsonlinc, which must be placed directly next to a cable's outer jacket, > uses a proprietary technique to reduce noise interference while picking up > and transmitting data signals. Watsonlinc-equipped network interface cards > (NICs) will appear in the next 12 months, according to inventor Mike Watson > (Walton-on-Thames, U.K.), who says the device's production cost of about $5 > per unit will not significantly increase NIC sticker prices. The Watsonlinc > works with both shielded and unshielded twisted-pair copper cabling, is > small enough to fit on laptop PC internal adapters, and is capable of > handling all common LAN speeds, Watson says. The internationally patented > invention works just as well with voice signals. Predictably, it already > has been licensed for use in telephone surveillance equipment. > > From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nihilis@mindvox.phantom.com (Joel Boutros) Date: Mon, 1 Mar 93 14:34:46 PST To: cypherpunks@toad.com Subject: UNSUBSCRIBE Message-ID: MIME-Version: 1.0 Content-Type: text/plain UNSUBSCRIBE Love the list, just don't logon and 120 new posts is just too many, especially when I have to tell it apart from stuff straight to me... (maybe if I can get a 14400 dialup to telnet through) |:- nihilis@phantom.com -:| |:- Joel Boutros -:| From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pmetzger@shearson.com (Perry E. Metzger) Date: Mon, 1 Mar 93 15:21:51 PST To: cypherpunks@toad.com Subject: Re: more ideas on anonymity Message-ID: <9303012228.AA23306@maggie.shearson.com> MIME-Version: 1.0 Content-Type: text/plain > From: Theodore Ts'o > > Date: Mon, 1 Mar 93 13:27:24 EST > From: pmetzger@shearson.com (Perry E. Metzger) > > Now, on the issue of slander, the notion of anonymity > is largely unimportant. If I had walked into the middle of the street and > ranted for an hour saying that GM trucks are unsafe, that would be largely > ignored, as most anonymous denunciations likely are. The issue is if a > non-anonymous individual or entity with credibility, like NBC, says > something that is false. > > I don't know about that. It is certainly true that non-anonymous > individual or entity with credibility, like NBC, can do the most amount > of damage when they slander someone. > > But what about someone who sends 20 different mail messages, each > through a different remailer path so they have different reply > addresses, all of them detailing some similar (but false) story about > how some GM truck went up in flames aftering being hit lightly by a Geo > Metro? Or suppose someone sends 20 messages (all different) about how > Perry Metzger stiffed him/her out of some amount of digital cash? I'd > suspect you could do some real damage that way. Not as much, perhaps, > as something like a faked demonstration tape broadcast on prime-time > evening news, but damange nevertheless. I doubt it. As people get more and more used to the capacity to do such things, its likely that such anonymous accounts will be more and more untrusted. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Mon, 1 Mar 93 17:39:11 PST To: cypherpunks@toad.com Subject: Re: Future of anonymity (short-term vs. long-term) Message-ID: <9303020137.AA19657@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Ted Ts'o comments ruefully: >There doesn't seem to be a lot of realism in these discussions, which is >really bothering me. Oh, well.... > > - Ted There are certainly differing agendas and differing time horizons, as others have also noted (especially Marc Ringuette's analysis of time scales). Some are writing code to be put into their programs _tonight_, while others take a longer view. Some on this list operate real remailers, even world-famous remailers. The day to day discussion of mail protocols, PERL scripts, headers, REGEX stuff, and actual code submitted to the list is certainly pretty strong evidence that folks are deeply immersed in realism. Your own concerns about anonmity have also been well-received, I think, even if many of us disagree with you in some areas. Speaking for myself, I agree that some limits on anonymous posting may develop--this doesn't mean _we_ should put the limits in! (Granted, some of those operating remailers need to think about these issues. Johan Helsingius, for example, has done a very impressive job of balancing needs and threats and is considering how to deal with various kinds of abuses. Many on this list are contributing ideas. You can't get much more real than this.) Bugs, flaws, problems, cruftiness, and other defects exist. So what? That's the main point of trying to actually deploy these systems--to expose weaknesses, to try new approaches, to come out with "Mark II" versions of systems, and to have concrete examples to point to. As far a realism goes, the folks in this group have built real anonymous mailing systems, have been deeply involved in the PGP development (not me, certainly, but look at the PGP docs and you'll see some names from this list), and are working on many aspects of the evolution of digital privacy. As one who has been interested in this area since 1987, I think the progress in the last year or so has been nothing short of amazing. -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Mon, 1 Mar 93 17:47:45 PST To: cypherpunks@toad.com Subject: Future of anonymity (short-term vs. long-term) In-Reply-To: <9303020037.AA26459@SOS> Message-ID: <9303020144.AA01018@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Re: authenticated news software >Also, keep in mind that netnews is run >by lots of real sites, who have real assets which could be reached if >sued by RSA. Why is there a presumption that any such authenticated news software would be used without license? RSADSI is not trying to sit on their patents, but to make money from them. >There doesn't seem to be a lot of realism in these discussions, which is >really bothering me. What you believe to be real and what I believe to be real may be different. To claim that another is being unrealistic is to mask what is foremost a difference in belief. What assumptions here do you disagree with? If you are explicit, perhaps we can forge an agreement. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dclunie@pax.tpa.com.au (David Clunie) Date: Mon, 1 Mar 93 00:32:52 PST To: cypherpunks@toad.com Subject: Re: a few opinions, unasked Message-ID: <9303010733.AA14820@britt> MIME-Version: 1.0 Content-Type: text/plain > Who is John Galt? The man who said he would stop the motor of the world - and did. :) Where is John when you need him ? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mccoy@ccwf.cc.utexas.edu (Jim McCoy) Date: Mon, 1 Mar 93 16:06:22 PST To: cypherpunks@toad.com Subject: ideas on an encrypted BSD filesystem (LONG, technical) Message-ID: <9303020004.AA01774@tramp.cc.utexas.edu> MIME-Version: 1.0 Content-Type: text Greetings: I have been working on a few ideas I have to make a BSD system (like a 386BSD system on a nice fast PC) into a secure base system for a BBS that is somewhat "raid-proof". The basic plan is the encrypt the filesystem and use public key encryption to separate the system administrator from the information contained within the system and make it harder to do blanket searches of computer systems such as those I have seen happen in this area. Here is a basic outline of what I plan on doing, any comments would be appreciated. jim mccoy@ccwf.cc.utexas.edu ------------- 1. Purpose: To create a system that offers subscribers/users a greater level of privacy and security than offered in most BBS/unix systems. The basic goal is to make a system somewhat "raid-proof". Users have the ability to make thier files encrypted is such a manner that even the system administrator is unable to access/view the files. Through such a system I hope to create a sort of userspace that can allow an administrator to detach themselves from the actual content of the files in the system in a sort of "common-carrier" or "bookseller" philosophy that will offer both the admin and the user more protection from over-zealous law enforcement agents and unauthorized intruders. If the users so choose, they can create files that even the admin cannot access without modifying the system to spoof out keys during transmission. The system is designed to be very difficult (if not impossible) for external forces to gain access to information contained therein simply through possession of the physical hardware of the system. Essentially, I want to separate the information content of the system from the hardware (disk drives) of the system by creating a wall using public key encryption. Access to files can be controlled by the users to whom those files belong. 2. Some general conventions (mostly for lack of ASCII subscripting...): X_p = X's public key X_r = X's private key X_p(X_r) = X's private key encrypted with X's public key X_p(X_r1,X_r2...) = Private keys X_r1, X_r2, etc encrypted with pubkey X_p K = one-time key used for encrypting a file X_p(K) = File key K encrypted using X's public key In most cases, S_r and S_r are user for the system keys, U_r and U_p for user keys and G_r and G_p for public group keys. 3. Implementation: This system will be based upon BSD (386BSD specifically, because the source is there...) with the hopes of providing a set of low-level privacy and security options that others can use to provide secure BBS and general-access unix systems. The system is in not invulnerable to external attack and access of user's files without thier consent (known weaknesses are listed after implementation details), but it tries to make the system as "raid-proof" as possible. This privacy/security is implemented though the use of an encrypted filesystem and built-in support for management of the keys used for this encryption through public key encryption. 3.1 The filesystem In general, the system will encrypt the users' files using DES or IDEA using a one-time random key. This key will be encrypted with the user public key and stored with the file. When the file is accessed the key is decrypted from the private-key stored in memory and the file key is found and the file decrypted. Not all files are encrypted; whether or not a file is encrypted depends on its permissions. If a file is world-readable then it is not encrypted, if it does not have any r, w, or x permissions for world then the file is encrypted and the one-time key used for the encryption is stored in the inode structure. This structure contains space for holding both a "users" and a "group" entry for the encryption key K. At this point the DES v IDEA choice depends on whether or not there is any chip out there to do IDEA in hardware. If not, I will probably use DES (double or triple DES maybe...) because I can snag a card to do it and offload this burden from the basic system. 3.2 Groups The concept of "group" is also changed. Basically, I can't see any real benefit from the current implementation of groups in BSD, so I am going to dump it all and rebuild something in the holes left behind. The basic goal of these "groups" is to implement something more like access control lists than the standard Berkeley groups. At the moment, I am thinking of implementing two types of groups: public and personal. 3.2.1 ACLs A personal group is actually an ACL for a particular file. This group appears in a ls -g as "user-acl" (i.e. user "jdoe" sees the file's group as "jdoe-acl"). The default acl for files contains only the user as a member, but for each file they can add or remove people from the acl. This is implemented by creating a default user-acl entry in the group file and creating an entry for the user in the systems private acl list. When a user modifies the acl for a file a reference to the file is added to the private acl list and entries foe each user or public group added to the list are made in the following fashion: fileref:gid or uid:rwx:(S_p(U_p(K))):gid or uid:rwx:(S_p(U_p(K))... This holds the user id or group id, thier permissions, and the file key wrapped in the particular user's public key (the user added to the acl, not the owner of the file) and this is wrapped with the system public key. 3.2.2 Public groups The other type of group are the public groups, which are somewhat similar to the BSD groups, but differ in how they are created and how user's are added. Anyone can create a new public group. This facility is implemented with an application that simply asks the user for a unique name for the new group. When created the person creating the group is added to that group. From that point on, the membership of groups is controlled by the group members. When someone wants to enlist another person in a group, they sponsor the user, and the other members of the group are sent a message indicating the person who would be joining and the sponsor (groupnames are automatically made to be mail aliases for all group members as well). Each member of the group has the power to "blackball" a prospective member by returning a mail message to the group server with a no vote. Otherwise, when all members return yes votes, or a specified time period has elasped, the person is added to the group. The membership of groups is knowledge that is limited to the members of the group and the system. Groupnames and membership is not public knowledge, and unless you are a member of a group, a ls -g of a file with a particular group set to it will return only the number (group-name->gid mapping is not publicly accessible). The group listing is kept wrapped in the system public key, and each group is assigned it's own unique public/private keypair. The actual users do not know this key, it is held for them by the system, but they can change thier effective gid if they are a member of a group through a user command. The groupfile help by the system holds groups in the format: groupname:gid:G_p:U1_p(G_r):U2_p(G_r):... When a new member is "sponsored" the system uses the U_r of the sponsoring member to pull out the group private key from this file and puts the U_p(G_r) of the member they are sponsoring in a file similar to the group file, but holding "probationary members". Both the group file and the holding file for sponsored users are wrapped with the system public key. 3.3 System calls and access to privacy additions All of the addtions mentioned here are run through the kernel. User-level processes have no access to these facilities otther than through a few functions that will be added. Specifically, access to the additional entries in the inode holding the file key K and to the public and private keys held in memory will only be available to the kernel. The regular system calls that access this sort of information (stat, for example) will return what they normally return under BSD. Whether or not the data blocks they may access are encrypted or not is determined by the kernel and the keys assigned to a particular user process. There will be a few additional system calls and functions to allow people to change the group of thier process, perhaps to change the private/public key running with thier process, and some new user programs to manipulate the new additions will be created. For the most part, I am trying to make the applications and user processes run on top of this system as transparently as possible. 3.4 General notes These are just some notes about the system that I am lumping together under the category of "general". They include known weaknesses and general notes on the bahavior and operation of such as system. 3.4.1 User interface to operations The only significant difference a user will notice (other than the bizarre permissions stuff for acls and groups) is a slight modification to the login sequence. The user will enter thier login and password as always, and they will then be prompted for their private key wrapped in the systems public key. If successful they will have full access to thier files. If not they will still be able to login, but will not have a valid keypair assigned to them and will be unable to access files they have on the system that were encrypted. I ahve not decided yet if the system will broadcast it's public key to the user before asking for S_p(U_r) or if I should assume they know it and then let it croak if they are wrong or it has changed (allowing them to move around in a limited fashion with a process without a keypair and find the new key). I believe that the second option is somewhat better at defeating some spoofing methods, but I am not really sure... It should be noted that the public/private keypair that I have been talking about as belonging to specific users should not be a keypair they distribute. The key is only for access and encryption of files on the system and user's would be reminded often to use a completely different keypair for email, etc. 3.4.2 Known weaknesses Snooping on the line: There is nothing to prevent someone from tapping the line between the system and the user. All such communications are in cleartext and by tapping the line in such a way someone can get around the privacy safeguards installed in the system (they can see the decrypted text come down the wire to the user and don't need to get to the hardware). It would be really nice if I could do this whole thing encrypted using public key encryption, but I really don't feel like writing the necessary code for client programs so that non-technoid users could access the system. Compromising the system private key: Through perhaps the threat of violence or other nasty force, someone might be able to get the system private key out of the sysadmin. I have considered adding in a booby-trap of some sort, whereby the sysadmin could perhaps transpose a predetermined sequence from the private key and invoke a "slash and burn" on the system. The system private key may also be unknowingly compromised if it is not guarded carefully by the admin. This is particularly dangerous because it allows someone to essentially crack the entire system over time without anyone knowing. By having access to the system private key, the intruder/snooper can concievably snag private keys as they come in and decrypt user files, or even change the system keys and hold everything hostage... A few others that I am too tired to write down right now: This is basically designed to make it hard for someone to scan every user's files just by grabbing the physical hardware. Down here in the land where Steve Jackson Games had something like this happen to its BBS I want to make it difficult for the intruder. Not impossible, but force them to deal with each individual user as more than just another directory to search through and perhaps force them to be specific about what they want/are looking for if they have proper authority...or maybe make it so that the sysadmin could honestly say "Sorry, but even _I_ can't look at that file..." 3.4.3 System public and private key It may seem that I am wrapping a lot of stuff in the system public key when it is not necessarily needed. This is because I hope to set things up so that most, if not all, system files are not encrypted. The system protects those files or bits of information that might need a little bit more security through wrapping the piece in the system public key. The system private key is entered at the console at boot time (therefore it must always be booted by hand), the private key entered is tucked away in memory and is _never_ stored on disk (not even to swap space). The system private key seems to be the most important thing to hide, because if the system private key is discovered, it is possible to run the system in a spoof-mode or to gain access to a lot of things just through possesion of the hardware. If an improper private key is entered at boot up time things will fail fast because the system will be unable to properly access most user files and the system will also be unable to attach valid user private keys to thier processes because it will not be able to decrypt the S_p(U_r) packages users send at login. Another reason for sneaking in S_p as a wrapper for things is that it makes it much more difficult for someone with possesion of the hardware to substitute in a new public/private keypair for the system. They could put it in, but the files and group lists wrapped with the old key would still be inaccessible. The method for legitimately changing the system's public and private keys will require the admin having both the public and private keys for the system. This means that if an admin loses the system's private key the users are screwed, so the admin really needs to make sure this is not lost. Making a couple of copies on paper and storing them somewhere might not be a bad idea (I know someone who made a stencil of his asciified PGP private key and spray-painted it on a couple of walls of abandoned buldings around town. It fits in with the other graffiti, is much less fragile than a floppy disk, and only he knows what the graffiti means... :) ---------- This is my basic outline, I welcome any comments or ideas people have on beefing this up or problems in it that I may have overlooked. jim -all comm to and from system is encrypted using idea with the session key file system: -all files compressed and encrypted with IDEA or DES (DES if I can find a nice hardware implementation [the need for speed...] and otherwise IDEA in preference to DES) -when a file is read it is pulled up into an area of memory only the system can access and decrypted? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl Barrus Date: Mon, 1 Mar 93 16:30:44 PST To: cypherpunks@toad.com Subject: she's at it again :-) Message-ID: <199303020029.AA27124@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain Cypherpunks, (My apologies if this is already widely known; I haven't seen any mention of it on this list) In the March 1993 IEEE Spectrum magazine on pp. 16-17, Dorothy Denning again floats her support for digital telephony bill in an article entitled "Wiretapping and cryptography". I quote her: "Although government regulation of cryptography may be somewhat cumbersome and subject to evasion, we should give it full consideration. Regulated encryption would undoubtedly provide far greater security and privacy than no encryption at all, the current state of affairs for most personal and corporate communications." Regulated encryption!? This topic was discussed quite thoroughly in sci.crypt in response to Tim May's post. And the topic is still kicking... The article is very interesting, containing many oxymorons: "On the contrary, implementation of an intercept capability together with appropriate security measures is more likely to lead to telecommunication systems that are "smarter," more secure, and of commercial interest to other countries." "while often labeled as "anti-privacy," wiretapping actually serves to protect the privacy of law-abiding citizens and the business interests of corporations" /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Mon, 1 Mar 93 08:48:11 PST To: Eric Hughes Subject: Re: anon.penet.fi hacking In-Reply-To: <9303011604.AA11556@soda.berkeley.edu> Message-ID: <9303011752.aa19512@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > >Ok... Now.. Show me the regex that strips anything starting with '--', > >such as '-----------------------------', except a PGP boundary line... > > OK. It's a mess. The backslash means line continuance. Remember that > concatenation binds higher that alternation (|). > > ^--...([^B]|B[^E]|BE[^G]|BEG[^I]|BEGI[^N]|BEGIN[^ ]|BEGIN [^P]|BEGIN P[^G]\ > |BEGIN PG[^P]) Hats off to you, Eric! Much better than I could do! But... It still doesn't strip off something starting with only "--" on a line by itself... Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Mon, 1 Mar 93 18:41:36 PST To: cypherpunks@toad.com Subject: cryptographic activism Message-ID: <9303020238.AA15164@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Dave Deltorto, in a message to the list last week, was all fired up to start some real political activism in this country. More power to him. May I suggest publicly, though, Dave, that you broaden your focus? The US really does work pretty well. For example, Fourth Amendment protections agains search and seizure, while eroding in some ways, are still basically intact. I do not claim that the US does not have problems, just that the nature of governmental violence against its own citizenry is much lower here than in other countries. Therefore I suggest that we extend an international hand of cryptographic aid. I suggest that we start with Singapore. Singapore is highly industrialized has a good telecommunications base. So good, in fact, that it supports their national payment and identity card system. Purchases really are tracked and data is filtered to look for unusual behavior. The subway and the toll booths all take the payment card. Singapore is, in many ways, the crypto-anarchist's worst nightmare. I do not know if the government there has cryptography restrictions, but I'm sure they will soon, if only as reaction. So now is the time for all of you folks to start writing your steganographic (information-disguising) applications! They are actually useful here. I would suggest that interested parties listen in on soc.culture.singapore for a while, and then carefully broach the subject about deploying secure communications. This is about as real-world as it gets, folks. The need for cryptography as a tool against oppression is real. In the US and Europe we deploy it to prevent oppression in the future, and we must be grateful that is the future we speak about. Nevertheless, others are not so fortunate. It behooves us to consider them. Singapore is not the only place in the world this is useful; it is only my first suggestion. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ssandfort@attmail.com Date: Mon, 1 Mar 93 11:34:03 PST To: cypherpunks@toad.com Subject: Piercing anonymity and censorship Message-ID: <9303011933.AA00711@toad.com> MIME-Version: 1.0 Content-Type: text _________________________________________________________________ FROM THE VIRTUAL DESK OF SANDY SANDFORT ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Theodore Ts'o wrote: ". . . I don't like censorship in any form. But disclosing who sent a particular piece of anonymous mail is not the same as censorship." How about FORCING a third-party to make such a disclosure? It seems Ted would ask or force remailers to be the nets' policemen. If remailers are required to compromise the anonymity of their service, the "chilling" effect on speech IS censorship. ". . . there are people who believe . . . that libel and slander laws shouldn't exist. But it's not fair to call that a mainstream position. And it is unreasonable to assume that as an axiom." I never claimed that such a position was "mainstream" nor assumed it was an "axiom." I don't think I've seen ANY "ad populum" arguments (other than Ted's) on Cypherpunks, we tend to think for ourselves. ". . . *MOST PEOPLE* also don't believe that the right to privacy is absolute. It certainly isn't explicitly listed in the *U.S. CONSTITUTION"*. (Emphasis added.SS) Our desire for privacy is not the result of a *popularity contest* nor is it an argument from *authority*. Rather, it is derived from the logical requirements of freedom. "But in order to punish the perpetrators, it is first necessary to *identify* the perpetrators......" RE-READ my post, Ted. S a n d y ssandfort@attmail.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Theodore Ts'o Date: Mon, 1 Mar 93 16:39:05 PST To: pmetzger@shearson.com Subject: Re: Future of anonymity (short-term vs. long-term) In-Reply-To: <9303011908.AA16594@maggie.shearson.com> Message-ID: <9303020037.AA26459@SOS> MIME-Version: 1.0 Content-Type: text/plain Date: Mon, 1 Mar 93 14:08:14 EST From: pmetzger@shearson.com (Perry E. Metzger) I think that instead you should have a less than optimistic view of the quality of our current netnews software. The problem you list can be fixed with public key cryptography and some intelligent changes. As another example, its easy to assure that moderated newsgroups are run just by the moderator -- he public key signs instead of posting with the "Authorized" header. Easy as pi. And you have an over optimistic view about how fast new netnews software could be developed and deployed. Also, keep in mind that netnews is run by lots of real sites, who have real assets which could be reached if sued by RSA. There doesn't seem to be a lot of realism in these discussions, which is really bothering me. Oh, well.... - Ted From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Theodore Ts'o Date: Mon, 1 Mar 93 16:42:36 PST To: fen@genmagic.genmagic.com Subject: Re: more ideas on anonymity In-Reply-To: <9303012327.AA23552@> Message-ID: <9303020041.AA26464@SOS> MIME-Version: 1.0 Content-Type: text/plain Date: Mon, 1 Mar 1993 15:29:12 -0800 From: fen@genmagic.genmagic.com (Fen Labalme) I believe that this is the true question being asked. I believe that in the not-so-far-off future there will be an immense quantity of anonymous traffic on the nets, and I will set my filters to ignore the large percentage of it (though perhaps I may want to see notes with my name in them, or perhaps not). Well, unless and until this mythical "positive reputation filter" is developped, many people may deal with this by just not allowing anonymous traffic to be posted to Usenet (at least not via their site), and by simply not allowing anonymous traffic on their mailing lists. But that would be the free-market solution that everyone favors, I suppose. - Ted From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com (Bill_Stewart(HOY002)1305) Date: Mon, 1 Mar 93 16:45:37 PST To: cypherpunks@toad.com Subject: Re: anonymity + untraceable digital money = potential problems Message-ID: <9303020045.AA07711@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text > > From: ALAN DORN HETZEL JR > > Dear Group, > > I believe that I see a potential serious problem with they onset of > > truly unbreakable anonymous communication combined with untraceable > > digital cash. > > The problem is that crimes such as blackmail and extortion would become > > absolutely impossible to defend against. Kidnapping for ransome would > > get a LOT easier. Yes, some criminals would find blackmail, extortion, and kidnapping easier. But others would find it harder. Just think about who's most likely to demand half your salary and threaten you with violence if you don't pay, or take your house and not give it back unless you tell them the name they want, or throw you in a locked room and not let you out until you pay ransom? That's right! It's the *government*! I may not be as much of an anarchist as Perry, or maybe just more trusting :-), but I'd still feel a lot more secure if the government didn't know how much money I make and where to get it if they feel like taking it, and couldn't read my mail and accuse me of corresponding with known ANARCHISTS AND DRUG USERS AND FOREIGN NATIONALS AND MUNITIONS DEALERS (obviously I must be conspiring with them since I didn't turn them in) and quite frankly I'd like to be able to discuss different medicinal and recreational products with people without having to worry that they'll knock on my door one night and tear my house apart looking for things that aren't there, or things that were legal when I bought them but aren't now, and I'd like to be able to discuss interesting software without them coming and stealing my wife's home business laptop and laser printer because they couldn't find the disk drive on my VT-100 clone. I'm not paranoid, but I have friends who are :-), and I'd like to be able to talk to them on the phone without us worrying about wiretappers. And I have friends of friends who come from other countries, and maybe their papers aren't in order, and they don't want to go back to places where the governments are less concerned about human rights than our benevolent Immigration and Naturalization Service, or maybe they just like it here. And the lack of anonymous communication hasn't stopped the Mafia from burning down restaurants here in New Jersey or up in Rochester; it just means they've got to invest some of their profits in bribing cops. My friend's brother didn't get an anonymous postal-mail message, he got a visit from two big ugly guys he didn't know who told him how much protection would cost. On the other hand, my reading of Chaum's digicash paper makes it look like marked digicash may be possible, if the original account-holder wants to reveal the numbers and can trace the connection from the recipient's bank back to their bank, so kidnappers will still need money-launderers, though money-laundering will be easier. (Blackmailers still can get revenge by revealing their secrets, but at least you'll be able to be anonymous when you do some of the stupid things you could get blackmailed for :-) Bill Stewart, wcs@anchor.att.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Mon, 1 Mar 93 10:23:03 PST To: Eric Hughes Subject: Re: anon.penet.fi hacking In-Reply-To: <9303011742.AA15188@soda.berkeley.edu> Message-ID: <9303011914.aa20158@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > ^--(|.|..|...(|[^B]|B[^E]|BE[^G]|BEG[^I]|BEGI[^N]|BEGIN[^ ]|BEGIN [^P]\ > |BEGIN P[^G]|BEGIN PG[^P])) > > Some implementations don't support empty alternation, so that could be > changed with the ? syntax, since (|a) and (a?) are the same. Uh... Eric? Would it be ok to use it as a shocker example on the basic UNIX courses I do? Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Mon, 1 Mar 93 10:58:50 PST To: Joe Thomas Subject: Re: A novel (?) return address idea In-Reply-To: <9303011721.AA02070@mango> Message-ID: <9303011947.aa20452@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > The current na/an address workaround is okay, but I think we could do > better. Definitely agree! > Here's my scheme: > When someone wants to reply to an anonymous message or post, the > remailer decrypts the address, ignores the "salt" bits, looks up the > anonymous ID in its database, and sends it on to the desired > recipient. > A couple disadvantages could be running out of bits for the return > address, Lemmesee... Monocase, and can't use much more than letters, digits and some special signs. Could be feasible, but we would get some rather weird addresses... > and adding more encryption work for the remailer. This could be a problem. Anon.penet.fi is currently a feeble 25 Mhz 386, and I have already ordered the replacement, a 60 Mhz 486 to handle the load problems. > You'd > definitely have to own the machine, and implement some, er, different > mailing software, since you'd have to accept mail for users with any > random name whatsoever. Anon.penet.fi already does this. As long as we have something to pattern match for (to separate alt.sex.bestiality@anon.penet.fi from xy656b-akw@anon.penet.fi). > What do you all think about this for a "Mark II" anon.penet.fi? Have to sleep on it (it's 8:30pm here in finland), but it sounds feasible to me... Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Theodore Ts'o Date: Mon, 1 Mar 93 20:54:18 PST To: Eric Hughes Subject: Re: Future of anonymity (short-term vs. long-term) In-Reply-To: <9303020144.AA01018@soda.berkeley.edu> Message-ID: <9303020248.AA26533@SOS> MIME-Version: 1.0 Content-Type: text/plain Date: Mon, 1 Mar 93 17:44:23 -0800 From: Eric Hughes >There doesn't seem to be a lot of realism in these discussions, which is >really bothering me. What you believe to be real and what I believe to be real may be different. To claim that another is being unrealistic is to mask what is foremost a difference in belief. What assumptions here do you disagree with? If you are explicit, perhaps we can forge an agreement. Well, let's see.... the most recent assumption I disagreed with was the claim that we could implement full-fledged postive reputation filters, complete with the use of RSA, and deploy it on the Usenet in some sort of time-frame less than ten years out --- and even that is doubtful. Look at how many sites are running B News, long after C news has been out. Anonymous remailers are here *today*. Then there's assumption that anonymous ID's would automatically have no weight --- they may have very little weight, but even today, they probably have some weight. I could probably construct some sort of NSA conspiracy theory, and have it posted so it looked like it came from 20 different pseudonyms, and it probably would be believed by a lot of people. Fundamentally, however, there's the basic assumption that anarchy per se is good; which is a basic philosophical belief which I just plain disagree with. I have strong Libertarian leanings, although I don't necessarily believe in the Libertarian party --- however, complete and total anarchy goes far beyond what I believe is a reasonable or realistic way to run a society; that's basically a "might makes right" form of government. In cyberspace, most of the people on this list would probably be listed among the mighty: we understand computers, and cryptography, and how to use them, "much better than the average bear". So it is not surprising that there are many on this list who think crypto anarchy is a good thing; however, I am not convinced that this would be a terribly just or better society than what we have now --- the only difference which class of people would be in power. In any case, a basic assumption which seems to permeate the arguments made by various people on this list is that anarchy is good. Perhaps I am running away from an argument, but in my experience, it is rare that an argument with a religious fanatic bears any fruit, and it seems that there are people who such militant anarchists that futher discussion doesn't seem to have much of a point. How does that saying go? "Don't bother trying to teach a pig to sing. It just frustrates you, and annoys the pig." - Ted From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pmetzger@shearson.com (Perry E. Metzger) Date: Tue, 2 Mar 93 02:46:22 PST To: elee9sf@menudo.uh.edu Subject: Re: she's at it again :-) Message-ID: <9303020309.AA04736@maggie.shearson.com> MIME-Version: 1.0 Content-Type: text/plain > From: Karl Barrus > The article is very interesting, containing many oxymorons: > > "On the contrary, implementation of an intercept capability together > with appropriate security measures is more likely to lead to > telecommunication systems that are "smarter," more secure, and of > commercial interest to other countries." > > "while often labeled as "anti-privacy," wiretapping actually serves to > protect the privacy of law-abiding citizens and the business > interests of corporations" Ugh. File under "Abeit Macht Frei" along with slogans like "Freedom is Slavery". Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mccoy@ccwf.cc.utexas.edu (Jim McCoy) Date: Mon, 1 Mar 93 20:51:30 PST To: cypherpunks@toad.com Subject: Re: more ideas on anonymity In-Reply-To: <9303011827.AA15335@maggie.shearson.com> Message-ID: <9303020450.AA04260@tramp.cc.utexas.edu> MIME-Version: 1.0 Content-Type: text Perry Metzger writes: > > > From: Theodore Ts'o > > > I see. So you don't believe in libel or slander laws. > > > > And NBC was perfectly justified in faking an explosion in a GM truck to > > show it was unsafe, and broadcast it on prime-time TV. And it didn't do > > anybody any harm at all. Uh huh. > > > > Try again..... > > I believe that Theodore is confusing the notion of tort and the notion of > crime. > [disctinction between crimes and torts wrt slander and libel...] > > The issue is if a > non-anonymous individual or entity with credibility, like NBC, says something > that is false. > Remember the intent as well. It is not enough that one utters false statements, one must also intend to do damage with those statements (the "malice aforethoght" part). If I honestly thought that GM trucks were firebombs waiting to happen and told someone else I am not being libelous, but if I were to publish a statement that I knew was untrue (or one in which I was negligent in my research, but I am not sure about this...) then I might have a date in court in the near future... Either way, these actions are civil one, not criminal. The U.S. government is extremely limited in it's ability to use prior restraint to prevent publication of something (although there are many ways around the existing protections, as many on this list will undoubtably attest to.) jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: swc@uc1.ucsu.edu (Stuart W. Card) Date: Mon, 1 Mar 93 20:44:52 PST Subject: volume Message-ID: <9303020405.AA04367@uc1.ucsu.edu> MIME-Version: 1.0 Content-Type: text/plain I know better than to send an unsubscribe message to the whole list, but... I really like this stuff. I intend fully to set up my own remailer Real Soon Now :-) Unfortunately, the rigors of grad study + running a struggling business don't permit me to keep up with all the reading. So, thanks all, I'll be back this summer. -- Stuart W. Card From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: arcticus!Xenon (Christopher Eric Hanson) Date: Wed, 3 Mar 93 00:28:10 PST To: cypherpunks@toad.com Subject: Re: Handling Abuses of Remailers In-Reply-To: Message-ID: <9303020542.AA0061q@arcticus.UUCP> MIME-Version: 1.0 Content-Type: text/plain In article tcmay@netcom.com (Timothy C. May) writes: > * To handle _abusive volumes_ through remailers, charge for remailing. > Short term, this may be a problem, but this is the long term market > solution. Quick but relevant question: Assuming a commercial anonymous remailer were set up tomorrow, with (don't ask me how this would be done, it's hypothetical...) provable anonymity -- what should it charge per message, or per kilobyte of message? > -Tim May > tcmay@netcom.com | anonymous networks, digital pseudonyms, zero Chris - Xenon -- Xenon%arcticus@burner.com = Chris Hanson | Lord Xenon | Kelson Haldane I work, but you don't know who I work for, and I'm not on their machine(s). "There is no Truth. There is only Perception. To Perceive is to Exist." - Xen Home (303)745-0108|Work (303)696-8973|Flames (976)DEV-NULL|PGP2.1 key by req. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: swc@uc1.ucsu.edu (Stuart W. Card) Date: Mon, 1 Mar 93 20:35:00 PST Subject: Yanek Martinson Message-ID: <9303020446.AA04562@uc1.ucsu.edu> MIME-Version: 1.0 Content-Type: text/plain I tried to respond directly to Yanek Martinson directly without success. Could someone please directly e-mail me a good address for him? Thanks. -- Stu Card From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dclunie@pax.tpa.com.au (David Clunie) Date: Mon, 1 Mar 93 05:40:27 PST To: cypherpunks@toad.com Subject: Mail server for PGP sources Message-ID: <9303011339.AA15227@britt> MIME-Version: 1.0 Content-Type: text/plain I gather some people have had trouble obtaining sources for PGP. I have accumulated those I can and they are available from my mail server. If you can get these somewhere closer then great, but if desperate feel free to get them from here (as long as the load doesn't get out of hand I will keep it going). The address is "mail-server@pax.tpa.com.au". Help is available by sending in the message body: send help end An index of PGP files is available by sending in the message body: index pgp end And results in something like the following ... Date Size Index: pgp ---------- ------ ---------------------------- 1992/12/25 216K security/pgp/macpgp2.0.sit.hqx 1992/12/25 160K security/pgp/msiguide.zip 1992/12/25 33K security/pgp/ngclon11.zip 1992/12/25 168K security/pgp/pgp-ng.zip 1992/09/13 184K security/pgp/pgp20.zip 1992/09/13 376K security/pgp/pgp20src.zip 1992/12/25 536K security/pgp/pgp21.tar.Z 1992/12/25 192K security/pgp/pgp21.zip 1992/12/25 656K security/pgp/pgp21ami.lha 1992/12/25 240K security/pgp/pgp21os2.zip 1992/12/25 440K security/pgp/pgp21src.zip 1992/12/25 224K security/pgp/pgp21_next.tar.Z 1992/12/25 256K security/pgp/pgp21_sparc.tar.Z 1992/09/13 464K security/pgp/unix_pgp20.tar.Z Probably pgp21.tar.Z or pgp21.zip are what you want for unix or pcdos respectively. If anyone has a more recent mac version I will put that up too. david From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Tony Kidson Date: Mon, 1 Mar 93 20:54:06 PST To: cypherpunks@toad.com Subject: Libel UK Message-ID: <2957@morgan.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain In message <9303011958.AA24443@soda.berkeley.edu> you write: > Perhaps Tony Kidson could tell us some of the effects of libel law in > the UK. The US law, which grew out of British law, seems to have gone > in the direction of reducing the power of a libel complaint, while > British law has done the opposite. I can't speak for the UK, but > those who live there could. In the UK, We don't have a first amendment :-( The law has developed in such a way that anybody with funds available can silence criticism by issuing a writ. There is much more protection for public figures. for example Robert Maxwell, proprietor of Mirror Group Newspapers (& Pergammon Press amongst others) robbed his companies blind. Everybody knew that he was a crook, but nobody could say so because he had the financial clout to silence everybody who said so with libel writs. The UK needs anonymous posting far more than the US does. Regards Tony Kidson +-----------------+-------------------------------+--------------------------+ | Tony Kidson | PGP 2.1 Key by request | Voice +44 81 466 5127 | | Morgan Towers, | | E-Mail | | Morgan Road, | This Space | tony@morgan.demon.co.uk | | Bromley, | to Rent | tny@cix.compulink.co.uk | | England BR1 3QE |Honda ST1100 ==*== DoD# 0801 | 100024.301@compuserve.com| +-----------------+-------------------------------+----------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Theodore Ts'o Date: Mon, 1 Mar 93 21:21:58 PST To: mccoy@ccwf.cc.utexas.edu Subject: Re: more ideas on anonymity In-Reply-To: <9303020450.AA04260@tramp.cc.utexas.edu> Message-ID: <9303020520.AA26631@SOS> MIME-Version: 1.0 Content-Type: text/plain From: mccoy@ccwf.cc.utexas.edu (Jim McCoy) Date: Mon, 1 Mar 1993 22:50:03 -0600 (CST) > The issue is if a > non-anonymous individual or entity with credibility, like NBC, says something > that is false. > Either way, these actions are civil one, not criminal. The U.S. government is extremely limited in it's ability to use prior restraint to prevent publication of something (although there are many ways around the existing protections, as many on this list will undoubtably attest to.) You are all missing my point. I am well aware that libel and slander are civil actions; not criminal ones. However, they *all* *hinge* *on* *having* *someone* *to* *sue*. Today, it is generally not possible to be anonymous while broadcasting your views to a large number of people. The closest you can get to that is at a rally, and even then, since you are phyiscally present, there is some link between what you say and your identity; hence, there is a certain amount of personal responsibility in what you say publically. Anonymous remailers completely removes this check on undisciplined free speech; it is now possible to spout GIF images, rantings that Elvis is alive, the fact that Jim McCoy didn't beat his wife today --- all without any personal risk on the part of the broadcaster. While, this may be a feature in some cases, in other cases it is most definitely a BUG. If you ignore this, you are only burying your head in the sand. - Ted From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Tony Kidson Date: Mon, 1 Mar 93 20:52:37 PST To: cypherpunks@toad.com Subject: Re: anonymity + untraceable digital money = potential problems Message-ID: <2958@morgan.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain In message <9303012153.AA22065@maggie.shearson.com> you write: > Shall we > lobotomize all ten year olds and destroy all the computers? This is perhaps the first sensible suggestion that this group has come up with. Tony +-----------------+-------------------------------+--------------------------+ | Tony Kidson | PGP 2.1 Key by request | Voice +44 81 466 5127 | | Morgan Towers, | | E-Mail | | Morgan Road, | This Space | tony@morgan.demon.co.uk | | Bromley, | to Rent | tny@cix.compulink.co.uk | | England BR1 3QE |Honda ST1100 ==*== DoD# 0801 | 100024.301@compuserve.com| +-----------------+-------------------------------+----------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com (Bill_Stewart(HOY002)1305) Date: Mon, 1 Mar 93 22:10:11 PST To: cypherpunks@toad.com Subject: Re: A novel (?) return address idea Message-ID: <9303020609.AA10483@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text Joe Thomas's proposal for anonymous return addresses is nice: return_addr = printable_encoding( encrypt( K, (salt, userid) ) ) userid = substring( n, decrypt( K, print_to_binary( return_addr ) ) ) where userid is the remailer's pointer to the real email address / pubkey, K is a secret key in the remailer, and salt is different for each message. (printable encoding may need to be monocase for some mailers.) If you used DES encryption, you could do 32 bits of UID and 32 bits of salt, you can turn the 64 bits of cyphertext into 13 printable characters using an obvious 5bit encoding; a good choice for a mailer is to prepend an x x<13_char_encoding> ( e.g. xabcdefghijklm ) and not have any real UIDs starting with x, so your mail delivery program can easily tell what to hand to the remailer-reply process and what to deliver more normally. Aside from being nice round numbers, this lets you support 4 billion users with 4 billion messages each, but is this really the right balance? Many users, like x<13rand>@remailer.foo.com, will only send a few messages, while a few others, like mailer-daemon@crypto.bank.com, will send lots. Should we perhaps use a Class A - Class B - Class C approach like IP addresses, with the bits broken up 16/48 - 32/32 - 48/16 or maybe 24/40 - 32/32 - 56/8? Unlike IP, of course, these address spaces are local only, and the user probably shouldn't know the userid number - the class is really just advisory. X-Anon-Request-New-UserID: C X-Anon-Request-User-Class: C could be used to request a new / reused userid of class C. Ideas for the extra-secure implementations: - it might be interesting to use a separate internal secret key to store the mapping from (real-email, userid) -> email-publickey. Hiding the mapping from real-email <-> userid is tougher. - if you really want longer userid+salts much bigger than this, you've got to handle email names noticably longer than 16 characters, or play games with hashing to reduce the size of the email name. The main motivation would be to use encryption other than DES, such as a public-key system with blocks longer than 64 bits, but hashing increases the amount of information you have to store, and the annoyance of deciding how to age it, avoid overload, etc. Bill Stewart # Bill Stewart wcs@anchor.ho.att.com +1-908-949-0705 Fax-4876 # AT&T Bell Labs, Room 4M-312, Crawfords Corner Rd, Holmdel, NJ 07733-3030 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "DrZaphod" Date: Tue, 2 Mar 93 07:47:50 PST To: CypherPunks@toad.com Subject: Re: Future of anonymity (short-term vs. long-term) Message-ID: <6341.drzaphod@ncselxsi> MIME-Version: 1.0 Content-Type: text/plain In Message Mon, 1 Mar 93 21:48:39 -0500, Theodore Ts'o writes: > Well, let's see.... the most recent assumption I disagreed with was the > claim that we could implement full-fledged postive reputation filters, > complete with the use of RSA, and deploy it on the Usenet in some sort > of time-frame less than ten years out So this doesn't seem possible to you, does it? 10 years to me seems more than enough time to design the code and implement it in key places like USENET and mailing lists. 10 years AGO we were happy to have the tiny 5 1/4" floppy disk as opposed to the 8". Now we have flopptical and WORM.. Perhaps the world of mainframes moves slower than the rest of the world.. but that doesn't matter because in 10 years the many PCs will be on the internet with ISDN with plenty of free cycles to maintain [or consult] a database of positive reputations. > Fundamentally, however, there's the basic assumption that anarchy per se > is good; ... however, complete and total anarchy goes far beyond what I > believe is a reasonable or realistic way to run a society It's not a way to RUN a society... it just happens. > that's basically a "might makes right" form of government. Isn't that what we have now? If the DEA busted down your door could you defend yourself? If NSA wants to waste more of your money do they ask you? Because we have rules I think people are misled into thinking it's fair. Society will ALWAYS be a "might makes right" way of life.. the "might" is not necissarily physical power but it's still might. TTFN. DrZaphod [AC/DC] / [DnA][HP] [drzaphod@ncselxsi.uucp] Technicolorized From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: root@rmsdell.ftl.fl.us (Yanek Martinson) Date: Tue, 2 Mar 93 03:30:19 PST To: swc@uc1.ucsu.edu Subject: Yanek Martinson Message-ID: MIME-Version: 1.0 Content-Type: text/plain > I tried to respond directly to Yanek Martinson > directly without success. ^ I'm yanek@novavax.nova.edu (note, no l). -- Yanek Martinson yanek@novavax.nova.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jcoryell@nwu.edu (John Coryell.) Date: Wed, 3 Mar 93 07:47:20 PST To: cypherpunks@toad.com Subject: Just came back.. (fwd) Message-ID: <9303031545.AA04169@casbah.acns.nwu.edu> MIME-Version: 1.0 Content-Type: text/plain Newsgroups: alt.cyberspace From: andyc@rock.concert.net (Richard A Ciordia -- Personal Account) Subject: Just came back.. Message-ID: <1993Feb24.042117.12675@rock.concert.net> Organization: CONCERT-CONNECT -- Public Access UNIX Date: Wed, 24 Feb 1993 04:21:17 GMT Lines: 6 Just came back from a VR Lecture, hosted by one of the Directors at Autodesk. There are some new VR releases comming out that is Wicked.. Lower cost too. Anyhow... It was way cool.. 3d-Studio, for those who havent used, grab a copy it's a blast.. Easy to make, rend, animate.. Hasta.. Andy From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Al Billings Date: Tue, 2 Mar 93 08:53:19 PST To: jb@paris7.jussieu.fr Subject: Re: TIME magazine article about cyberpunks In-Reply-To: <00968e6d.50110011.20804@paris7.jussieu.fr> Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Tue, 2 Mar 1993 jb@paris7.jussieu.fr wrote: > I've just read an article about the cyberpunks (cypherpunks??) in > Time's n#9 issue. I feel it tells very well where it started it > why and by who. Actually, it is a rather typically badly written piece on the so-called "cyberpunks" and attempts to throw in the buzz words. It is factually inaccurate in places and the EFF is seeking a retraction for what was said about it in the article (the author passed 's problem when they asked for a retraction). From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Tiia Roth-Biester <72147.3504@CompuServe.COM> Date: Tue, 2 Mar 93 06:33:38 PST To: Subject: Re: Dining Crypto -- An Introduction Message-ID: <930302142453_72147.3504_EHC51-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain (Jim McCoy) >There is no way you can get around taxation if you intend on using this >system in real life. Your system is much like that of a drug dealer, he >gets all this money, but has no where to spend it until it has been >laundered. So in other words the earnings of the international banks located "offshore" and lending $trillions in the "Eurodollar" (now world financial) markets have been taxed for the last 30 years? Their balance sheets don't reflect these taxes. The new technology will let everyone "expatriate" themselves either actually or virtually. If, today, I am traveling in the South of France and writing the Great American Novel, I have no French tax liability and am not violating work permit laws even though I am working and may be earning $millions. (If I am or have been an American within the previous 10 years I would have US tax liability of course.) On the nets I can do a host of jobs while wandering around the world. In most countries I would have no income tax liability. Taxing me (or net entities created by me) would be even more difficult in a practical sense. >They will get you at the banks or wherever you go to spend your >money. The "War on Drugs" has really caused this kind of banking service >to dry up, Digital cash will be able to buy lots of goodies (entertainment, communication, non-physical services, and physical services once the VR interface improves sufficiently). Dumped into an account that is otherwise unconnected to you it can be accessed via smart cards, debit cards, and ATMs from anywhere in the world. It is still not that difficult to obtain a bank account somewhere in the world in a nome de guerre. >The appetite of the taxation-beast will not diminish, and everyone will >just end up having higher taxes on the physical elements of daily life >that can't be stuffed on the wire. Sounds like this is going to be a >world of info-elite tax dodgers...the public will love you... Actually the poor evade more taxes (as a portion of income) than the rich these days. The appetite of the beast has not stopped the forex markets from tripling in size since 1986 (quite a bit untaxed). Legally, services sold "internationally" are not subject to tax and there is no entity capable of levying such a tax. The nets exist in an "international" realm. As time goes on the percentage of gross world product that is non physical is bound to grow (the non-physical bits have been growing steadily for years). Once future Madonnas determine that they can double their take home pay by renouncing their American citizenship (either actually or virtually) and selling their voices and images via the nets things will change. If the coercive sector has to increase the taxes again and again on an ever smaller portion of gross world product, it will starve to death. >The unbundling of the physical and non-physical aspects are nice, but how >many non-physical aspects of a service are there? If your VR interface is good enough most services can be delivered non physically. Nonphysical services include: writing (anything), entertainment, law, much of medicine, all of management, telecoms, advertising and marketing, all of financial services. Once automation develops much of manufacturing will be non physical as you purchase "custom" goods made on the spot from downloaded patterns. Authority can be a delicate thing. On November 9th 1989 you would have been shot crossing the Berlin Wall without permission on November 11th 1989 you could cross at will. Many of your supposed restraints only apply to US citizens in any case. British citizens living "overseas" have no UK tax liability and this is true of the citizens of most countries. Everyone is "overseas" on the nets. Even though US expatriates have continuing liabilities, 60% of them are tax nonfilers according to an IRS study of tax compliance. Shattering geographical bounds shatters legal ones as well even in this day and age. Duncan Frissell From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Pat Farrell" Date: Tue, 2 Mar 93 06:34:14 PST To: cypherpunks@toad.com Subject: RE: she's at it again :-) Message-ID: <34377.pfarrell@gmuvax2.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain In Message Mon, 1 Mar 1993 18:29:29 -0600, Karl Barrus writes: > In the March 1993 IEEE Spectrum magazine on pp. 16-17, Dorothy >Denning again floats her support for digital telephony bill in an >article entitled "Wiretapping and cryptography". See also the March 1993 Communications of the ACM. Altho there is little new on the topic for most folks on this list. Sigh. Pat Farrell Grad Student pfarrell@cs.gmu.edu Department of Computer Science George Mason University, Fairfax, VA PGP Public key availble via finger #include From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Theodore Ts'o Date: Tue, 2 Mar 93 06:40:17 PST To: memexis!tribble@uunet.UU.NET Subject: Re: Piercing anonymitiy and censorship In-Reply-To: <9303011845.AA22881@memexis.xanadu.com> Message-ID: <9303021439.AA02074@SOS> MIME-Version: 1.0 Content-Type: text/plain Date: Mon, 1 Mar 93 10:45:32 PST From: memexis!tribble@uunet.UU.NET (E. Dean Tribble) I would like to separate the issues of hollering anything at 4am in residential areas from things like libel and slander. Disturbing people with your volume independent of its content is like blasting white noise at damaging volume levels. The remedies for it have nothing to do with speech, they have to do with disturbing the peace; your sound is crossing onto my property at intolerable levels. And again, I repeat..... with anonymous remailers, you no longer have a way to enforce said grounds of disturbing the peace ---- unless you do things like approach the finnish authorities and ask that penet be disconnected from the network for disturbing the peace of various Usenet groups..... - Ted From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Pat Farrell" Date: Tue, 2 Mar 93 06:53:08 PST To: cypherpunks@toad.com Subject: RE: she's at it again :-) Message-ID: <35501.pfarrell@gmuvax2.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain In Message Mon, 1 Mar 1993 18:29:29 -0600, Karl Barrus writes: > In the March 1993 IEEE Spectrum magazine on pp. 16-17, Dorothy >Denning again floats her support for digital telephony bill in an >article entitled "Wiretapping and cryptography". See also the March 1993 Communications of the ACM. Altho there is little new on the topic for most folks on this list. Sigh. Pat Farrell Grad Student pfarrell@cs.gmu.edu Department of Computer Science George Mason University, Fairfax, VA PGP Public key availble via finger #include From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jb@paris7.jussieu.fr Date: Tue, 2 Mar 93 01:26:46 PST To: cypherpunks@toad.com Subject: TIME magazine article about cyberpunks Message-ID: <00968e6d.50110011.20804@paris7.jussieu.fr> MIME-Version: 1.0 Content-Type: text/plain Hi there, I've just read an article about the cyberpunks (cypherpunks??) in Time's n#9 issue. I feel it tells very well where it started it why and by who. Cheers, jb From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mab@vax135.att.com Date: Tue, 2 Mar 93 07:30:09 PST To: mccoy@ccwf.cc.utexas.edu (Jim McCoy) Subject: Re: ideas on an encrypted BSD filesystem (LONG, technical) In-Reply-To: <9303020004.AA01774@tramp.cc.utexas.edu> Message-ID: <9303021525.AA16574@vax135.UUCP> MIME-Version: 1.0 Content-Type: text I've built something that has a similar flavor; it was presented at the works-in-progress session at the January '93 USENIX conference. A full paper (and hopefully the released software) will be forthcoming ("any day now"). Here's the abstract that was at USENIX: .TL A Cryptographic File System .AU Matt Blaze .AI AT&T Bell Laboratories Holmdel, NJ 07733 mab@research.att.com January 14, 1993 .PP As computing systems (especially distributed ones) grow in size, issues of data security and privacy become increasingly complex. Cryptographic techniques can help ensure that data are not read by unauthorized persons, but most encryption software requires either that special purpose application software be used or that the user manually encipher and decipher files as needed. .PP The Cryptographic File System (CFS) makes it easier to take advantage, in a secure manner, of file system services (storage, backup, etc.) on potentially insecure servers and networks. .PP CFS provides a transparent Unix file system interface to directory hierarchies which are automatically DES encrypted with user-specified keys. Users "attach" an encrypted directory by providing a key, the name of a directory where the encrypted files are to be stored, and the name of a cryptographic "mount point" to be created under /crypt. Directories under /crypt are accessible with all standard system calls and tools to the users who created them. The underlying encrypted files (with encrypted names) can reside on any accessible file system (including remote file systems such as NFS); routine system administration tasks, such as file backup and restore, can be performed on the encrypted directories in the ordinary manner without knowledge of the key. When run on a client workstation, CFS ensures that cleartext is never stored on a disk or transmitted over a network. CFS uses a standard portable NFS client interface and has has been implemented for a variety of Unix platforms. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mccoy@ccwf.cc.utexas.edu (Jim McCoy) Date: Tue, 2 Mar 93 08:34:19 PST To: 72147.3504@CompuServe.COM (Tiia Roth-Biester) Subject: Re: more ideas on anonymity In-Reply-To: <930302160011_72147.3504_EHC32-1@CompuServe.COM> Message-ID: <9303021632.AA07790@tramp.cc.utexas.edu> MIME-Version: 1.0 Content-Type: text Tiia Roth-Biester <72147.3504@CompuServe.COM> writes: > > (George A. Gleason) > > >1) Anything involving physical violence, threats of violence, incitement to > >violence. (this includes acts such as rape, pedophelia etc., > > Don't forget that this also includes government. I for one would favor > banning the advocacy of government from the nets. Serve them right . > Interesting that most people support murder, robbery, and slavery when > practiced in the name of the State but might shirk from supporting rape > in the service of the State. Sounds inconsistent to me. Not really. Since its foundation, the cornerstone of government is that it maintains the only legitimate monopoly on the use of violence. Like it or not, this is how it works and most of the sheep/citizens are quite happy to maintain this system. It is kind of ironic that you would propose to ban the advocacy of government on the nets considering the fact that without governement the nets would not be here in the first place. Sounds inconsistent to me... jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Tue, 2 Mar 93 10:36:25 PST To: cypherpunks@toad.com Subject: Re: anon.penet.fi hacking Message-ID: <9303021834.AA12367@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain > Body-Termination-Regex: ^--$ > > I hate my sample header field name. Please, someone think up a better > one. > >Alternatives: > >Sig-Pattern >Sig-Regex >End-Pattern > >dean In honor of Dorothy Denning's latest posting, how about: Sig-Heil The Feds will probably like this. -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Tue, 2 Mar 93 10:36:30 PST To: cypherpunks@toad.com Subject: Textual Analysis Message-ID: <9303021834.AA12381@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain "Tiia Roth-Biester" writes: >(Jim McCoy) > >>There is no way you can get around taxation if you intend on using this >>system in real life. Your system is much like that of a drug dealer, he >>gets all this money, but has no where to spend it until it has been >>laundered. > >So in other words the earnings of the international banks located "offshore" >and lending $trillions in the "Eurodollar" (now world financial) markets >have been taxed for the last 30 years? Their balance sheets don't reflect >these taxes. This reveals a minor and probably obvious weakness of pseudonyms--writing styles. As I was reading this post from apparent newcomer "Tiia Roth-Biester," and wondering at how a woman (I think Tiia is a woman's name) got interested in this list, I said to myself: "Wait a minute, this sounds exactly like Duncan Frissell!" Sure enough, Duncan wrote it. Imagine what can be done with word and phrase frequency analysis, with examination of punctuation styles (e.g., some people use _this_ for emphasis while others use *this*), and so on. Entropy measures, etc. Someday this may be important. -Tim -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Tue, 2 Mar 93 10:38:20 PST To: cypherpunks@toad.com, gnu Subject: Re: A novel (?) return address idea In-Reply-To: <9303021603.AA09007@mango> Message-ID: <9303021838.AA29102@toad.com> MIME-Version: 1.0 Content-Type: text/plain There seems to me to be a serious problem with the "novel return address" idea. The information that ties together multiple anonymous messages from the same person is out in the world, encrypted by a single key in a conventional cipher. If that single key is compromised, everyone's identity is exposed. (Or, at least, the correlation among all messages sent by that individual, even if their legal or email name is not revealed). Furthermore, breaking the key will be possible by sending test-probes and doing exhaustive search. E.g. if you add 128 bits of salt, someone can send five or ten messages to themself through the remailer, and accumulate ten encrypted addresses that are known to be for the same sender. When decrypted, these keys will have maybe a 16- or 32-bit "return address ID" and 128 bits of salt. The attacker can then search the key space for keys that include large numbers of identical bits when decrypting those ten keys. This search is easily amenable to parallelization, fast hardware also exists to do it, and it may be possible to find improved algorithms to use the knowledge of identical plaintext bits to speed up the search process. The idea also suffers from the dossier problem -- all the information about return addresses will exist in a single place (at the remailer site) where it's tempting for a government (or other adversary of privacy) to try for it. Keep thinking, folks! We aren't there yet... John From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pmetzger@shearson.com (Perry E. Metzger) Date: Tue, 2 Mar 93 12:59:20 PST To: tytso@athena.mit.edu Subject: Re: Future of anonymity (short-term vs. long-term) Message-ID: <9303021551.AA03777@maggie.shearson.com> MIME-Version: 1.0 Content-Type: text/plain > From: Theodore Ts'o > > From: Eric Hughes > > >There doesn't seem to be a lot of realism in these discussions, which is > >really bothering me. > > What you believe to be real and what I believe to be real may be > different. To claim that another is being unrealistic is to mask > what is foremost a difference in belief. > > What assumptions here do you disagree with? If you are explicit, > perhaps we can forge an agreement. > > Well, let's see.... the most recent assumption I disagreed with was the > claim that we could implement full-fledged postive reputation filters, > complete with the use of RSA, and deploy it on the Usenet in some sort > of time-frame less than ten years out --- and even that is doubtful. Oh, come ON. This is insane, Ted, and you know it. Project Athena didn't take ten years. RSAREF is out there -- someone could build a version of news that used public key for verifying moderation on newsgroups and control messages within a month if they felt like it -- and working part time, too. As for the rest, well, it shouldn't be too hard. For unmoderated lists, keep sets of users you want to read the messages of and verify signatures if forgery starts becoming a problem. Crude but it would work. > Look at how many sites are running B News, long after C news has been > out. Anonymous remailers are here *today*. Well, the folks running B News and C News will have to live without the public key extensions, and it will be their fault. The people with the public key extensions will have the benefits. Is it your argument that because some men are fools all must suffer, Ted? Lets say that tommorrow someone made available, for free, pills that cured all disease. Are we to say "no, thats bad, some idiots won't take them?" > Then there's assumption that anonymous ID's would automatically have no > weight --- they may have very little weight, but even today, they > probably have some weight. I could probably construct some sort of NSA > conspiracy theory, and have it posted so it looked like it came from 20 > different pseudonyms, and it probably would be believed by a lot of > people. Yeah, well, so what? Right now people post such things non-anonymously, or could forge such postings. People put out infinte supplies of garbage. I'd argue that the average church causes more damage than all the anonymous posters on Usenet ever could and those are perfectly legal. You aren't arguing for non-anonymity. You are arguing that free speech is bad. Well, fine. See if you can stop it, Ted -- the rest of us aren't playing along with that game. Given that you have no choice but to accept reality, why not quit bitching and just work on fixing the problem? The Extropians list works on a closed subscription system today, folks. Its crude -- no public keys involved, subscription checking done very ad hoc -- but it works. People ARE out there fixing these problems. If someone really thinks anonymity is going to be a problem, they can fix it, and it won't take ten years -- a couple of months of evenings would likely allow for overkill. > Fundamentally, however, there's the basic assumption that anarchy per se > is good; which is a basic philosophical belief which I just plain > disagree with. That isn't even an issue here, Ted. Anonymity exists whether we want it or not -- its like asking if gravity is a good idea. The anarchy issue is not part of this. Even you would have to recognise that its impossible even with a society as closed as the Soviet Union to stop anonymity, let alone in a society as free as ours. The choices are to live with it and find ways to cope or to try for draconian measures. One is practical -- the other is impractical and harmful in and of itself. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Tiia Roth-Biester <72147.3504@CompuServe.COM> Date: Tue, 2 Mar 93 08:08:35 PST To: Subject: Re: more ideas on anonymity Message-ID: <930302160011_72147.3504_EHC32-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain (George A. Gleason) >1) Anything involving physical violence, threats of violence, incitement to >violence. (this includes acts such as rape, pedophelia etc., Don't forget that this also includes government. I for one would favor banning the advocacy of government from the nets. Serve them right . Interesting that most people support murder, robbery, and slavery when practiced in the name of the State but might shirk from supporting rape in the service of the State. Sounds inconsistent to me. Duncan Frissell From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jthomas@mango.mitre.org (Joe Thomas) Date: Tue, 2 Mar 93 08:06:38 PST To: wcs@anchor.ho.att.com (Bill_Stewart(HOY002)1305) Subject: Re: A novel (?) return address idea Message-ID: <9303021603.AA09007@mango> MIME-Version: 1.0 Content-Type: text/plain wcs@anchor.ho.att.com (Bill_Stewart(HOY002)1305) write: > > Joe Thomas's proposal for anonymous return addresses is > nice: Thanks :^). [Nice summary deleted] > If you used DES encryption, you could do 32 bits of UID and > 32 bits of salt, you can turn the 64 bits of cyphertext into > 13 printable characters using an obvious 5bit encoding; > a good choice for a mailer is to prepend an x > x<13_char_encoding> ( e.g. xabcdefghijklm ) and not > have any real UIDs starting with x, so your mail delivery > program can easily tell what to hand to the > remailer-reply process and what to deliver more > normally. Yeah, I was thinking around 5 bits per character, and you have to pattern-match something. Could be "an-" or "x" or whatever... > Aside from being nice round numbers, this lets you > support 4 billion users with 4 billion messages each, but > is this really the right balance? Seems about right to me. If there's demand for a different mix, you can always add that later (with a different prefix to clue the software into how to interpret). Meanwhile this version could be implemented quickly, and would offer a good deal of security. As to what to use for the salt... If you don't expect users to send more than one message per second (at least, if they do, they won't mind both of them having the same return address) you can just use a straight timestamp -- Unix gives you 32 bits worth for free (as sec. since 1 Jan 1970). This guarantees you won't have loops from a PRNG. The time won't ever be reset to a past value. [other stuff deleted] I don't really think we need to do any encryption of the ID to address database, since only the remailer software should be using it. And while adding more salt bits might be nice (random bits increase strength against known plaintext attacks -- a danger since you know the approximate time, and that your ID will be the same in each message you send), I don't see how hashing could be useful, since it is one-way by definition. The remailer needs to both create and resolve return addresses. Is the source for the anon.penet.fi remailer available? I might have a crack at implementing this... Joe From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mjr@netcom.com (Matthew Rapaport) Date: Tue, 2 Mar 93 11:22:43 PST To: cypherpunks@toad.com Subject: Re: anon.penet.fi hacking Message-ID: <9303021921.AA12649@netcom2.netcom.com> MIME-Version: 1.0 Content-Type: text/plain >> Body-Termination-Regex: ^--$ > >Ok... Now.. Show me the regex that strips anything starting with '--', >such as '-----------------------------', except a PGP boundary line... > > Julf Ok... How about: Body-Termination-Regex: ^--$ Body-Termination-Exclude-Regex: ^-----BEGIN PGP [ A-Z]*-----$ Body-Termination-Exclude-Regex: ^-----END PGP [ A-Z]*-----$ Just EXPLICITLY exclude anything you don't want stripped... (Don't know if I got my regular expression just right, but I think you get the idea) At some point (maybe already) the average header collection will exceed the average message in size... Talk about overhead... :-) matthew rapaport Philosopher/Programmer At Large KD6KVH mjr@netcom.com 70371.255@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tribble@xanadu.com (E. Dean Tribble) Date: Wed, 3 Mar 93 01:31:20 PST To: cypherpunks@toad.com Subject: more ideas on anonymity In-Reply-To: <9303011958.AA24443@soda.berkeley.edu> Message-ID: <9303021951.AA26424@memexis.xanadu.com> MIME-Version: 1.0 Content-Type: text/plain "How much reputation has an anonymous source?" I think this might be key to solving the "anonymous libel" problem. Simply declare "anonymous libel" an oxymoron! We might argue that otherwise libelous statements, when made anonymously, carry a presumption of falsity, for otherwise the speaker would be willing to speak truthfully in his or her own person. Or, in other words, "Coward! He must be lying!" The perspective you propose is an easy way of orienting people towards positive reputations. If people consider an unestablished anonymous source as similar to a drunk on the street staggerring up to them, then sources start out with little positive reputation. For some things, anonymity is sufficiently valuable that its use doesn't discredit the source: crime tip-offs, inside corruption revealing, etc. In many of those cases, however, the source would need to establish their validity, which ties them back into the positive reputation game: an insider could reveal information that proves their inside knowledge, an informer could establish a long-term anonymous reputation, etc. In the case of the informer, police might still respond to random tips, but not with the same alacrity (yeah right) with which they respond to tips from established informers. dean From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: The Ministry of Silly Walks Date: Tue, 2 Mar 93 14:12:12 PST To: cypherpunks@toad.com Subject: No Subject Message-ID: <01GVC13HVSR890NADM@mr.alaska.edu> MIME-Version: 1.0 Content-Type: text/plain UNSUBSCRIBE From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: The Ministry of Silly Walks Date: Tue, 2 Mar 93 14:13:16 PST To: cypherpunks@toad.com Subject: No Subject Message-ID: <01GVC14UBOGK90NADM@mr.alaska.edu> MIME-Version: 1.0 Content-Type: text/plain Enjoyed this mailing list enormously, but am unable to keep up with the quantity of mail! Please unsubscribe me. Thanx =-=MwG=-= From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "DrZaphod" Date: Tue, 2 Mar 93 19:47:32 PST To: CypherPunks@toad.com Subject: Re: You Aren't [I'm Not] Message-ID: <47610.drzaphod@ncselxsi> MIME-Version: 1.0 Content-Type: text/plain > Date: Tue, 2 Mar 93 10:51:31 EST > From: pmetzger@shearson.com (Perry E. Metzger) > > **You aren't arguing for non-anonymity.** You are arguing that free > speech is bad. > > In Message Tue, 2 Mar 93 16:57:22 -0500, > Theodore Ts'o writes: > >**No, I am not argueing for non-anonymity.** Please stop defending your >position by putting misrepresentations in my mouth. Aren't these the same thing? TTFN! [Waiting for reply: "That's the same thing!"] DrZaphod [AC/DC] / [DnA][HP] [drzaphod@ncselxsi.uucp] Technicolorized From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fen@genmagic.genmagic.com (Fen Labalme) Date: Tue, 2 Mar 93 13:35:42 PST To: Theodore Ts'o Subject: Re: Piercing anonymitiy and censorship Message-ID: <9303022134.AA27063@> MIME-Version: 1.0 Content-Type: text/plain > Date: Mon, 1 Mar 93 10:45:32 PST > From: memexis!tribble@uunet.UU.NET (E. Dean Tribble) > > I would like to separate the issues of hollering anything at 4am in > residential areas from things like libel and slander. Disturbing > people with your volume independent of its content is like blasting > white noise at damaging volume levels. The remedies for it have > nothing to do with speech, they have to do with disturbing the peace; > your sound is crossing onto my property at intolerable levels. > > And again, I repeat..... with anonymous remailers, you no longer have a > way to enforce said grounds of disturbing the peace ---- unless you do > things like approach the finnish authorities and ask that penet be > disconnected from the network for disturbing the peace of various Usenet > groups..... > > - Ted Don't most news readers have "kill files" (sometimes known as "bozo filters")? I definately prefer decentralized solutions. Anyone mandating what I can and cannot read is slime (synonomous with censor), imo. I want to make that choice myself, thank you very nice. Fen From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pmetzger@shearson.com (Perry E. Metzger) Date: Tue, 2 Mar 93 12:58:54 PST To: tytso@athena.mit.edu Subject: Re: Piercing anonymitiy and censorship Message-ID: <9303021915.AA10138@maggie.shearson.com> MIME-Version: 1.0 Content-Type: text/plain > From: Theodore Ts'o > > Date: Mon, 1 Mar 93 10:45:32 PST > From: memexis!tribble@uunet.UU.NET (E. Dean Tribble) > > I would like to separate the issues of hollering anything at 4am in > residential areas from things like libel and slander. Disturbing > people with your volume independent of its content is like blasting > white noise at damaging volume levels. The remedies for it have > nothing to do with speech, they have to do with disturbing the peace; > your sound is crossing onto my property at intolerable levels. > > And again, I repeat..... with anonymous remailers, you no longer have a > way to enforce said grounds of disturbing the peace ---- unless you do > things like approach the finnish authorities and ask that penet be > disconnected from the network for disturbing the peace of various Usenet > groups..... Of course there are ways -- and they need not be so drastic. You could, for instance, simply prevent non-subscribers from posting to your list, and use public key to verify identities. This would allow you to swiftly stop abuse. I've already noted this twice. You've claimed this is impractical, but the tools to do this, AND WITHOUT PATENT PROBLEMS, already exist and would be cheap to implement. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tribble@xanadu.com (E. Dean Tribble) Date: Wed, 3 Mar 93 01:31:28 PST To: uunet!penet.FI!julf@uunet.UU.NET Subject: Future of anonymity (short-term vs. long-term) In-Reply-To: <9303011309.aa09356@penet.penet.FI> Message-ID: <9303022222.AA26658@memexis.xanadu.com> MIME-Version: 1.0 Content-Type: text/plain IMHO a remailer operator should *NEVER* reveal any identities, but I also believe very strongly that especially if you provide a way to post news articles, there has to be a way to send replies to the original sender. Thus a remailer must maintain mapping info. I like this. Does it make sense (and has it already been talked about?) to preserve the return information only for a limited time? dean From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tribble@xanadu.com (E. Dean Tribble) Date: Wed, 3 Mar 93 01:29:32 PST To: cypherpunks@toad.com Subject: implementing positive reputation systems Message-ID: <9303022249.AA26686@memexis.xanadu.com> MIME-Version: 1.0 Content-Type: text/plain The scheme I always think of when envisioning positive reputation systems is that I get the feed of everything I might be interested in, then sort and filter using whatever cleverness I desire. Occasionally (perhaps regularly) I exchange message with various people so that we can update our transitive reputation information. Eric Hughes and the recent discussion about volume problems got me thinking about how to implement positive reputations at server sites. I want a system in which the semantics are similar to the ideal scenario above, but lower overhead in bandwidth and in processing power for the receiver. I suspect that the mailing list server would provide filtering, and the receiver would provide sorting. This will let us create mailing lists with anonymous participants without letting them overwhelm the list. It controls volume, etc. Hmmmm.... Anyone with ideas, please send them to me (or the list) and I'll collect them and post them. dean From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jthomas@mango.mitre.org (Joe Thomas) Date: Tue, 2 Mar 93 11:59:50 PST To: gnu@toad.com (John Gilmore) Subject: Re: A novel (?) return address idea Message-ID: <9303021956.AA11428@mango> MIME-Version: 1.0 Content-Type: text/plain From: gnu@toad.com (John Gilmore): >There seems to me to be a serious problem with the "novel return >address" idea. The information that ties together multiple >anonymous messages from the same person is out in the world, >encrypted by a single key in a conventional cipher. [attack methods deleted] >The idea also suffers from the dossier problem -- all the >information about return addresses will exist in a single place (at >the remailer site) where it's tempting for a government (or other >adversary of privacy) to try for it. >Keep thinking, folks! We aren't there yet... Quite true. I guess I never really made it clear that I don't believe this return address method is very secure, just better than the current version available through anon.penet.fi. Certainly it's no reason to abandon the work on SASE's for cypherpunk remailers. My idea was just to make it difficult to associate different messages from the same anon user, while keeping anon.penet.fi's current framework. Now all messages from the same user bear the same return address (e.g. an1234). If you reveal your identity in one anonymized message, all of your past messages can be easily linked with you. Under the new scheme, associating two messages from the same sender would require breaking the remailer's cipher. Yes, it's possible, but it's not trivial. It's also possible to limit the damage done when a single key is compromised. Change keys periodically (weekly? daily?) and include a few bits at the front of the return address that will let the remailer know which key to decrypt the rest with. The dossier problem is a real one, of course. If Julf or his machine is compromised, all the aliases could be revealed. But that's true now, as well. Joe From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tribble@xanadu.com (E. Dean Tribble) Date: Wed, 3 Mar 93 01:29:30 PST To: uunet!Athena.MIT.EDU!tytso@uunet.UU.NET Subject: Future of anonymity (short-term vs. long-term) In-Reply-To: <9303020248.AA26533@SOS> Message-ID: <9303022349.AA26712@memexis.xanadu.com> MIME-Version: 1.0 Content-Type: text/plain >There doesn't seem to be a lot of realism in these discussions, which is >really bothering me. People often mistake being a wet blanket and finding lots of objections to thing with 'being realistic'. Is that what you are doing? Otherwise, given how much work I see people doing to both spread the ideas and to build tools, I can't imagine to what you are referring. People are building and deploying remailers, integrating crypto stuff into mail programs, testing anonymity, writing publilcations on teh subject, successfully suing government organizations for privacy violations, working towards positive reputation systems, etc. Pretty damn good for people's spare time. And certainly plenty 'realistic'. Discussion of visions and long term goals might qualify, but the grandiose visions we indulge in drive the day-to-day improvements we make on the technology and ideas about privacy that are available. What assumptions here do you disagree with? If you are explicit, perhaps we can forge an agreement. Well, let's see.... the most recent assumption I disagreed with was the claim that we could implement full-fledged postive reputation filters, complete with the use of RSA, and deploy it on the Usenet in some sort of time-frame less than ten years out --- and even that is doubtful. Look at how many sites are running B News, long after C news has been out. Anonymous remailers are here *today*. I must have missed that message. I looks like a munging together of lots of separate things that are in the works, and that will integrate in some reasonable way. As I put together my thoughts for an answer here, I realized that my summary of what's going on would better fit in a separate message. I'll send that later. conspiracy theory, and have it posted so it looked like it came from 20 different pseudonyms, and it probably would be believed by a lot of It would only be believed by people who tend to believe in that stuff. The people that read home.ec.cooking will just look at a message like that strangely and wonder what it has to do with cooking. There aren't many forums in which such a message is even appropriate. In the ones that are, I suspect acceptance would be slow for a sudden flurry of anonymous postings :-) Most of hte people who would believe that kind of thing easily simply aren't on the net. Fundamentally, however, there's the basic assumption that anarchy I don't even think Tim May believes that :-) I think the basic assumption is that government rstriction of freedom and privacy is *bad*. There's almost certainly more agreement with that. I certainly can't htink of time when it was good... necessarily believe in the Libertarian party --- however, complete and total anarchy goes far beyond what I believe is a reasonable or realistic way to run a society; that's basically a "might makes right" Anarchy is just a bad word because it brings to mind the image of utter lawlessness and destruction. I certainly want all the things typically (badly) supplied by the government: health care, police, fire, national defense, etc., I just don't think that we need the gov't to provide them. Any anarchy that I advocate has to support at least the level of society we have now, and I certainly believe that to be possible. there are people who such militant anarchists that futher discussion Labelling someone with a name, then insisting that it belongs to them is hardly a useful style of argument. How does that saying go? "Don't bother trying to teach a pig to sing. It just frustrates you, and annoys the pig." This is just righteousness that is intended to put people down. It just prompts flaming and doesn't contribute to the discussion. Finally, I would note that people are actively pursuing crypto stuff for a variety of reasons. I can disgree about philosophy and still productively cooperate with people. We contribute to each other's goals. What are your goals with respect to this stuff, and *what are you doing* to pursue them? You want more realism: what are *your* plans? Objecting to someone else's is easy. Doing something is hard (that's why I support other people doing something even if I don't quite agree with them). dean From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 2 Mar 93 15:57:42 PST To: cypherpunks@toad.com Subject: tapping In-Reply-To: <199303022155.AA04077@eff.org> Message-ID: <9303022354.AA27572@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >> > uses a proprietary technique to reduce noise interference while picking up >> > and transmitting data signals. >> > works with both shielded and unshielded twisted-pair copper cabling, is >> > small enough to fit on laptop PC internal adapters, Phiber writes: >Mike Watson rediscovers inductance, and the inductive tap. >Film at 11. Don't be so dismissive. There is something interesting going on here, even if it's not very complex. This thing works with _shielded_ pair. With twisted pair to begin with, you largely attenuate the inductive signal. (A very short lesson in physics: Current generates magnetic fields. Opposite travelling currents generate cancelling fields. Fields do not completely cancel because the wires are not in exactly the same place.) Shielding a twisted pair further attenuates a signal. It sounds to me like it's an inductive tap with some sort of phase locking built into it. By the mentioning networks, it indicates to me a digital signal. I doubt this thing would tap a POTS line carrying voice. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Tue, 2 Mar 93 12:57:14 PST To: Tiia Roth-Biester <72147.3504@CompuServe.COM> Subject: anarchism (was: Re: Dining Crypto -- An Introduction) In-Reply-To: <930302142453_72147.3504_EHC51-1@CompuServe.COM> Message-ID: <9303022055.AA24072@tla.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain >> If the coercive sector has to increase the taxes again and again on an >> ever smaller portion of gross world product, it will starve to death. Do all you anarchists out there really think that society can hold itself together, in any form, without government? I believe that government today has its hands in way to many places. I believe in downsizing government, but not in eliminating it. I believe in the free market, but I also believe that the free market can be abused, and that controls need to be in place to prevent that. (Those of you who don't believe me, look at the railroad industry in the end of the 19th century.) I believe in protecting our freedoms in whatever ways possible, but there are times when wiretaps and other such actions *are* the most expidient ways to investigate criminals. These views are inconsistent, I think. I will probably decide that absolute privacy through crypto is the most reasonable solution. But I'm still trying to think of compromises. IMHO, things like alt.whisteblowers, with airtight anonymity, will do far more to insure our rights than simply protecting our own privacy, since the former is active, and the latter is passive. Now that I'm in free-association mode, Perhaps a.w should be a heirarchy: a.w.search-and-seizure a.w.foia a.w.corrupt-politicians That's only what I thought of off the top of my head. If the New York Times or some publication of similar stature were to pick up the "best of" of all the different categories, research them, and publish them if they turn out to be true, this would have the result of making government far less corrupt, which would make me far more comfortable than just knowing the corrupt ones couldn't read my data. After all, even with perfect crypto (yeah, I know, can't be done), my *body* is still vulnerable, and they will still have guns and prisons. In the worst case, they don't *need* an excuse. After all, the real problem today is not that they might see what I say in private, but that they might decide they don't like it, and do something about it. If drugs, and prostitution, and all those non-PC things were legalized, the security of information would matter a lot less. I guess what I'm saying is that crypto is an imperfect solution to a real problem, and that while it lets us go on with our lives the way we think we should be able to, solving the real problem would be a lot better. This is not to say that I don't think crypto privacy doesn't have its place: a.w, abuse hotlines, etc. are all excellect examples. But instead of merely hiding from the system, perhaps we should also keep an eye to changing it. Whew. Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 2 Mar 93 16:32:46 PST To: cypherpunks@toad.com Subject: Poor Man's Time Release Crypto Message-ID: <9303030029.AA01349@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain An obvious but very important point about any time release protocol can be observed in the following one: 1. Publish some non-random encrypted data. 2. Wait. Computational increases will eventually make cracking the code feasible. Your secret will be revealed, but you just don't know when! Technological progress puts an upper bound on the amount of time a secret can remain secret. Likewise, Diffie-Hellman is forward secure, but only until taking discrete logs in the chosen ring is feasible. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Theodore Ts'o Date: Tue, 2 Mar 93 13:41:18 PST To: pmetzger@shearson.com Subject: Re: Piercing anonymitiy and censorship In-Reply-To: <9303021915.AA10138@maggie.shearson.com> Message-ID: <9303022139.AA02344@SOS> MIME-Version: 1.0 Content-Type: text/plain Date: Tue, 2 Mar 93 14:15:15 EST From: pmetzger@shearson.com (Perry E. Metzger) Of course there are ways -- and they need not be so drastic. You could, for instance, simply prevent non-subscribers from posting to your list, and use public key to verify identities. This would allow you to swiftly stop abuse. I've already noted this twice. You've claimed this is impractical, but the tools to do this, AND WITHOUT PATENT PROBLEMS, already exist and would be cheap to implement. If they are so cheap to implement them, could someone please implement them FOR THE USENET GROUPS? (Where you don't have a concept of subscribers or non-subscribers?) I here lots of *talk* of how easy it is to do this, or how easy it is to do that. If it's so easy, why doesn't someone prove it to the rest of us by actually doing it. I hate to bring the Real World down upon you guys, but talk is cheap; code sometimes isn't. - Ted From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Theodore Ts'o Date: Tue, 2 Mar 93 13:49:11 PST To: fen@genmagic.genmagic.com Subject: Re: Piercing anonymitiy and censorship In-Reply-To: <9303022134.AA27063@> Message-ID: <9303022147.AA02357@SOS> MIME-Version: 1.0 Content-Type: text/plain Date: Tue, 2 Mar 1993 13:36:13 -0800 From: fen@genmagic.genmagic.com (Fen Labalme) Don't most news readers have "kill files" (sometimes known as "bozo filters")? I definately prefer decentralized solutions. Anyone mandating what I can and cannot read is slime (synonomous with censor), imo. I want to make that choice myself, thank you very nice. I suppose that a kill file of something like ".*@remailer.site" for each of the remailers would filter out all of the anonymous kill files. It still would slow down everyone news reader's, though. And as a news admin, if someone anonymous user abuses USENET by sending large GIF's to a newsgroup, this filling up my news spool, I (and each individual news admin) can make the individual choice to mail each offending anonymous news posting to the postmaster@remailer.site. Is that what you meant by a decentralized solution? :-) - Ted From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Tiia Roth-Biester <72147.3504@CompuServe.COM> Date: Tue, 2 Mar 93 17:03:56 PST To: Subject: Re: more ideas on anonymity Message-ID: <930302214903_72147.3504_EHC47-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain >However, is it illegal to use false ID in order to conduct perfectly legal >transactions in order to preserve privacy/anonymity? How about it, any of >you guys associated with the CPSR, EFF, or ACLU, can you answer this one? >Murdering Thug Lexus research elided... >(Matthew J Miszewski) At Common Law, you could call youself anything you wanted as long as there was no intent to defraud. Generally you can still do this today. Matthew-In the case you dug up what sort of identity documents were used? Obviously, forging government ID documents is a separate crime. If you are signing something "under penlty of perjury" or "with a warranty of truthfullness" the person you are dealing with may be able to throw the agreement (whatever it is) out. There is also the possibility of legal action. You can cross the language out before signing (we are always free to negotiate) and hope that the bored clerk you are dealing with doesn't notice or if you are using forms that can be obtained in advance in blank you can remove the offending language and replace it with nondescript language using DTP technology. Avoid using government ID and substitute "soft ID" such as employment ID or school ID. Since anyone in America is free to form a "company" or a school ID can also be issued. Obtain a secured VISA card or a VISA debit card in a nome de guerre. This is pretty good ID. If the financial institution is overseas, you may not have to provide proof of identity. In this country (or Canada) bank accounts -- including secured credit card accounts -- can still be obtained in a nome de guerre if you work at it. If you aren't engaging in other illegal activity, prosecutions for using an alternate identity are rare. Duncan Frissell From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: deltorto@aol.com Date: Tue, 2 Mar 93 16:15:04 PST To: cypherpunks@toad.com Subject: 976-OVERDOSE Message-ID: <9303021655.tn55494@aol.com> MIME-Version: 1.0 Content-Type: text/plain Fellow Cypherpunks, I know that some of you have lives, jobs and studies and you probably, like me, are ofttimes overwhelmed by the sheer voluime of mail on this list. I have a simple proposal to solve th is problem: break the current list into topic areas. These would include: anon/pseudo_cpunks Anoymity/Pseudonymity remailers_cpunks Remailer Technology dining_cpunks DC Nets random-cpunks Random Generators digimoney_cpunks Digital Banking pgp_cpunks PGP App/Current Info <- new vers info/var. plat's ziplips_cpunks Crypto-Censorship fweee_cpunks Whistleblowers (The "Keith Peterson Area"?) physmtgs_cpunks Physical Meetings/Conferences <- CFP, events... and several more that I've forgotten, I'm sure... We should clearly state the general thread of each topic. People could subscribe to as many as they want to and thus dramatically reduce the amount of mail they get on topics about which they have little or no interest. I'm learning a lot from the list, but the sheer volume of the postings is becoming pretty unmanageable. We seem to have a range of subspecies developing, so it make sense to cater to them seperately. I hope we can remedy this situation before many more people have to unsubscribe. Most newcomers from Mondo articles, etc. should probably be subscribed to the list first, then maybe we could periodically post synopses of what's available on the other topics and let them wander in more deliberately. I hope everyone appreciates that my approach is geared toward bringing in more quality participation and not a flurry of curiousity-cats who dash in and out and post UNSUBSCRIBE mail to the whole list (thus gumming things up even further). What do you Punks think? I hope to see a comment or two about this from people, I think it's an issue whose time has come. "An ounce of prevention os worth a pound of cure" as they say. dave "verbum sat spaienti est" del torto From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phiber Optik Date: Tue, 2 Mar 93 13:56:43 PST To: newsham@wiliki.eng.hawaii.edu (Timothy Newsham) Subject: Re: tapping In-Reply-To: <9303020333.AA04345@relay1.UU.NET> Message-ID: <199303022155.AA04077@eff.org> MIME-Version: 1.0 Content-Type: text/plain > > > [forwarded from elsewhere] > > > > [From Data Communications, January 1993] > > > > INVENTION CUTS CABLING TIES > > > > An inventor working from a garden shed in the U.K. has come up with a device > > that enables PCs and other LAN equipment to send and receive data through > > the plastic outer jacket of copper LAN cabling-- without piercing the > > cabling. Called the Watsonlinc Cable Coupling Transformer, the device > > allows users to attach LAN equipment at any point in a network without going > > through time-consuming and costly cable attachment procedures. The > > Watsonlinc, which must be placed directly next to a cable's outer jacket, > > uses a proprietary technique to reduce noise interference while picking up > > and transmitting data signals. Watsonlinc-equipped network interface cards > > (NICs) will appear in the next 12 months, according to inventor Mike Watson > > (Walton-on-Thames, U.K.), who says the device's production cost of about $5 > > per unit will not significantly increase NIC sticker prices. The Watsonlinc > > works with both shielded and unshielded twisted-pair copper cabling, is > > small enough to fit on laptop PC internal adapters, and is capable of > > handling all common LAN speeds, Watson says. The internationally patented > > invention works just as well with voice signals. Predictably, it already > > has been licensed for use in telephone surveillance equipment. > > > > > > Mike Watson rediscovers inductance, and the inductive tap. Film at 11. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Theodore Ts'o Date: Tue, 2 Mar 93 13:58:53 PST To: pmetzger@shearson.com Subject: Re: Future of anonymity (short-term vs. long-term) In-Reply-To: <9303021551.AA03777@maggie.shearson.com> Message-ID: <9303022157.AA02360@SOS> MIME-Version: 1.0 Content-Type: text/plain Date: Tue, 2 Mar 93 10:51:31 EST From: pmetzger@shearson.com (Perry E. Metzger) You aren't arguing for non-anonymity. You are arguing that free speech is bad. No, I am not argueing for non-anonymity. Please stop defending your position by putting misrepresentations in my mouth. Believe me, I understand why anonymity has its features. I am just pointing out some of its bad sides, which you seem to refuse to accept even exist. If the only way you can defend your position is by ranting and raving and calling me a censorship-loving Nazi, then perhaps we should just end this discussion right here. - Ted From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Tue, 2 Mar 93 17:09:10 PST To: cypherpunks@toad.com Subject: Re: 976-OVERDOSE In-Reply-To: <9303021655.tn55494@aol.com> Message-ID: <9303030107.AA11675@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Dave, I suspect others will tell you what I'm telling you: we considered breaking up the list a while back, and concluded we should not. Some reasons: - much more work for list maintainers. What _you_ save by not having to hit the delete key as often will be more than made up for by Eric Hughes having to do a lot more work (and he refuses) - having as many sublists as you suggest would be way too much...we even decided that a simple split into "technical" and "political" was not warranted, at least not back then. (Perhaps this can be reconsidered, thought the extra list maintenance work is still an issue.) - many will post their messages to more than one group, to make sure it gets to the appropriate people - topics bounce around, anyway, so some groups would have no traffic (and folks would send messages like: "Hey, how come it's so quiet on cypherpunks.music?") - people would miss key debates and key developments because they didn't think some group was important. (And if and when they decided something was important, they'd probably then ask others to forward them relevant material.) - the solution is for people to quickly delete message topics they don't want to see. Off-line newsreaders like Eudora (for the Mac) are quite useful. -Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Alexander Chislenko Date: Tue, 2 Mar 93 14:53:31 PST To: cypherpunks@toad.com Subject: Textual analysis Message-ID: <199303022252.AA14712@ra.cs.umb.edu> MIME-Version: 1.0 Content-Type: text/plain Tim May writes: >Imagine what can be done with word and phrase frequency analysis, with >examination of punctuation styles (e.g., some people use _this_ for >emphasis while others use *this*), and so on. Entropy measures, etc. I know for sure that Soviet KGB did a lot of work in graphology and kept samples of print of every typewriter there was in the country. It might be easy to write a program that would randomly modify spacing, indentations, punctuation styles, spelling, replace words with random synonyms, reorder words in phrases, etc. It can eliminate most of the clues, excluding the concepts. You will have to compromise between the accuracy of the message and its privacy protection, but it is still something... Alexander Chislenko From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: thug@phantom.com (Murdering Thug) Date: Tue, 2 Mar 93 15:52:27 PST To: cypherpunks@toad.com Subject: Re: tapping In-Reply-To: <199303022155.AA04077@eff.org> Message-ID: MIME-Version: 1.0 Content-Type: text/plain Phiber Optik writes: > > > > > > > [forwarded from elsewhere] > > > > > > [From Data Communications, January 1993] > > > > > > INVENTION CUTS CABLING TIES [stuff deleted] > > > > > > works with both shielded and unshielded twisted-pair copper cabling, is > > > small enough to fit on laptop PC internal adapters, and is capable of > > > handling all common LAN speeds, Watson says. The internationally patented > > > invention works just as well with voice signals. Predictably, it already > > > has been licensed for use in telephone surveillance equipment. > > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > > > > > > > > Mike Watson rediscovers inductance, and the inductive tap. > Film at 11. And patents it! Gee, I wonder if I patent the RF transmittion, and start charging licensing fees like Watson does with inductance. Hell, some guy has a patent on using XOR in making inverse cursors on CRTs. Thug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: thug@phantom.com (Murdering Thug) Date: Tue, 2 Mar 93 15:56:52 PST To: cypherpunks@toad.com Subject: Re: Textual analysis In-Reply-To: <199303022252.AA14712@ra.cs.umb.edu> Message-ID: MIME-Version: 1.0 Content-Type: text/plain Tim May writes: >Imagine what can be done with word and phrase frequency analysis, with >examination of punctuation styles (e.g., some people use _this_ for >emphasis while others use *this*), and so on. Entropy measures, etc. I believe that such programs already exist. They are used to identify unknown authors of famous documents. I believe some of Shakespeare's work was under close scrutiny a number of years ago, as were the Fedaralist papers. There was an article in Byte about three or four years ago all about this kind of technology. Thug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com Date: Tue, 2 Mar 93 16:17:34 PST To: cypherpunks@toad.com Subject: Re: A novel (?) return address idea Message-ID: <9303030015.AA23087@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text John Gilmore writes: > There seems to me to be a serious problem with the "novel return > address" idea. The information that ties together multiple anonymous > messages from the same person is out in the world, encrypted by a > single key in a conventional cipher. I'm not sure there IS a good answer for anonymous news-posting with replies. For email, you can create a use-once-then-delete anonymous reply address, which hangs around until a reply happens or garbage-collection hits, but this isn't practical for news or multiple-recipient email - you need to keep an alias around for multiple replies to use. You can assign a new reply address for each posting, which is in some sense more secure, but it means that there are now many copies of the poster's email address and public-key (though multiple public keys may be a win.) But if the remailer site gets compromised, these are about as risky as multiple messages cryptically pointing to one copy of the address. (Unless the mapping from anon-reply-id to real-id is cryptographically protected.) (These comments also apply to the dossier problem below.) If the key-compromise issues you bring up below can be fixed, then this method is more secure than the one-anon-address-per-user for all postings method that seems to currently be in use, and if users can get a new return-address-id on request, and delete old return-address-ids on request (features you really need anyway), it's basically equivalent. > Furthermore, breaking the key will be possible by sending test-probes > and doing exhaustive search. E.g. if you add 128 bits of salt, > someone can send five or ten messages to themself through the > remailer, and accumulate ten encrypted addresses that are known to be > for the same sender. When decrypted, these keys will have maybe a 16- > or 32-bit "return address ID" and 128 bits of salt. The attacker can > then search the key space for keys that include large numbers of > identical bits when decrypting those ten keys. This search is easily Hmm. So it's not good enough to just lump 32 bits of address-id and 32 bits of salt together, because a key-search over 56-bit keys will trigger on the ones that get the same first 32 bits for multiple cyphertexts. What if you use triple-DES instead of single-DES as the cypher, which increases the key search space to at least 112 bits? This is presumably big enough, especially since the return-address-id doesn't directly give you the address, though that can be easier to crack. > The idea also suffers from the dossier problem -- all the information > about return addresses will exist in a single place (at the remailer > site) where it's tempting for a government (or other adversary of > privacy) to try for it. Deleting old addresses and getting new ones helps. Joe's suggestion of changing the keys also helps: including a few bits in the crypted address that are essentially another salt to let you pick the crypt key, but of course this means you need to keep ALL the older keys loaded in the system (or at least the last N), either stored (bad) or typed in (also bad.) I suppose you'd at least store them crypted. If you periodically dispose of the oldest ones, then you've limited the amount of time the correspondence is exposed, which is a good thing, but you've also made it impossible to reply to really old messages. (I guess a certain fraction of the postings will be requests for the poster of to repost something?) Also, this kind of remailer/reposter may still be chained - there's no need for the return address to be a _real_ return address. Bill Stewart From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pmetzger@shearson.com (Perry E. Metzger) Date: Tue, 2 Mar 93 19:46:10 PST To: tytso@athena.mit.edu Subject: Re: Piercing anonymitiy and censorship Message-ID: <9303030105.AA21682@maggie.shearson.com> MIME-Version: 1.0 Content-Type: text/plain > From: Theodore Ts'o > > Date: Tue, 2 Mar 93 14:15:15 EST > From: pmetzger@shearson.com (Perry E. Metzger) > > Of course there are ways -- and they need not be so drastic. You could, > for instance, simply prevent non-subscribers from posting to your list, > and use public key to verify identities. This would allow you to swiftly > stop abuse. I've already noted this twice. You've claimed this is impractical, > but the tools to do this, AND WITHOUT PATENT PROBLEMS, already exist and > would be cheap to implement. > > If they are so cheap to implement them, could someone please implement > them FOR THE USENET GROUPS? (Where you don't have a concept of > subscribers or non-subscribers?) I don't have time Ted, I have really busy schedule. But, this is the thumbnail of what you want. 1. Build a decent tool to handle the public key sigs on news format message files and tell you if the file sender corresponds with the signature -- a variant on RIPEM (more like a half hour hack) should be able to do this. 2. Change the shell scripts handling incoming control messages inside the news software to check signatures against a trusted list. 3. Set some scripts handling incoming moderated newsgroups that check the signature against a trusted list. 4. Build a tool that checks that incoming signed messages correspond with signatures stored in the signature database for the site, and somehow flag non-authenticated or otherwise bogus signed messages. Add a header line to give out this info so rn and other newsreaders can nuke non-authenticated messages or what have you. Sounds like this begins to give you a large fraction of what you want without changing too much, and I bet its a few days of hacking. Its primitive, but it seems like the right thing for a start and you can take it from there. I specify keeping signatures on your news server and checking them there to keep users from needing special new newsreaders and to keep them from needing to run the signature code over and over again; presumably they can trust their sysadmin and if they cant they can get new tools so they don't have to. > I here lots of *talk* of how easy it is to do this, or how easy it is to > do that. If it's so easy, why doesn't someone prove it to the rest of > us by actually doing it. I hate to bring the Real World down upon you > guys, but talk is cheap; code sometimes isn't. As I've said, I don't have time myself, but the above is really easy for someone with a good knowledge of C News, RIPEM and the like. The hardest part is handling a key database and doing key management since RIPEM has no such provisions, but you can likely fix that. Then there is the issue of getting RSA to permit your hacks to RIPEM to get out, which I suspect they would. Okay, maybe not a few days, but certainly not much of a challenge here and you have the start of the system we were talking about. Among other things, it fixes forged control messages (presumably you would leave cancel messages alone, but it could let you authenticate newgroup and delgroups, which is a big problem), forged moderated messages, and give you the start of what you would need to start ignoring unsigned messages or messages from users you don't like on newsgroups. The stuff for non-moderated newsgroups would be primitive, but it would be a start and would let users have the option of deciding what they want to do with non-authenticated messages. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pmetzger@shearson.com (Perry E. Metzger) Date: Tue, 2 Mar 93 19:41:35 PST To: cypherpunks@toad.com Subject: Re: Future of anonymity (short-term vs. long-term) Message-ID: <9303030107.AA21716@maggie.shearson.com> MIME-Version: 1.0 Content-Type: text/plain > From: Theodore Ts'o > > Date: Tue, 2 Mar 93 10:51:31 EST > From: pmetzger@shearson.com (Perry E. Metzger) > > You aren't arguing for non-anonymity. You are arguing that free > speech is bad. > > No, I am not argueing for non-anonymity. Please stop defending your > position by putting misrepresentations in my mouth. > > Believe me, I understand why anonymity has its features. I am just > pointing out some of its bad sides, which you seem to refuse to accept > even exist. Of course I accept that they exist. However, I believe the benefits outweigh the problems, and in any case it matters little what we think since we cannot reasonably stop such systems from arising. > If the only way you can defend your position is by ranting and raving > and calling me a censorship-loving Nazi, then perhaps we should just end > this discussion right here. I don't believe I called you a Nazi. I also believe you took my quote out of context. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: kwaldman@tanstaafl.extropy1.sai.com (Karl M Waldman) Date: Tue, 2 Mar 93 18:11:18 PST To: cypherpunks@toad.com Subject: anarchism (was: Re: Dining Crypto -- An Introduction) (fwd) Message-ID: <2b9406fd@tanstaafl.extropy1.sai.com> MIME-Version: 1.0 Content-Type: text/plain > (Those of you who don't believe me, look at the railroad industry in > the end of the 19th century.) No free market here, government gave them the land for the railroad for free or very low cost. > That's only what I thought of off the top of my head. If the New York > Times or some publication of similar stature were to pick up the "best Or maybe NBC could pick the best ones :-) > Marc The basic trouble with government is, no matter what the quality of ideas they have, they tend to put a gun to your head. "For your best interest of course" Voluntarily yours, Karl Waldman From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: root@rmsdell.ftl.fl.us (Yanek Martinson) Date: Tue, 2 Mar 93 17:52:18 PST To: cypherpunks@toad.com Subject: META: prefixes for easy filtering Message-ID: MIME-Version: 1.0 Content-Type: text/plain > is problem: break the current list into topic areas. A similar situation occurred a while ago on the Extropians list. Many people were complaining about excess volume, people were unsubscribing, and there was talk of splitting the list into many sublists. There are some problems with sublists. Many people would subscribe to all the lists, or many of them. List management chores ((un)subscriptions, bounces, address changes, etc) would increase. Many messages would get "cross-posted" to several or all lists, and thus would appear many times in everyone's mail box, thus even increasing the number of messages to sift through. There are other problems, which I will not mention now. I proposed a simple solution which is in use now, and has greatly increased the quality of the list, makes it easy for everyone to only read the messages they want, and does not require deployment of any new software. The actual volume has not decreased, probably it even increased. But the information flow is so much more manageable. The solution is the use of prefixes in Subject: lines. When you post, prefix your Subject: line with a short "tag" such as "ANON:", "DCNET:", "PGP:", "DCASH:", or others. For example, you would see subjects like PGP: new version available ANON: an new idea for anonymous replies etcetera. When reading your mail, just have your mailer sort the mail by Subject: line (if your mailer can't do that, get a new mailer), and all messages about PGP will come together, all messages about anonymous remailers will be in one area, etc. Then it's easy to delete them all without reading, to save them to a file for future reference, or to read them if that is a topic you are interested in. The beauty of this system is it's anarchistic nature. There is no need for people to maintain an official list of prefixes, or to vote on new ones (as is done with newsgroups), or to ask someone to create one (as would be necessary for mailing sublists). There's no need for the group as a whole to agree on anything. Just start using them. Try to find a logical prefix for each message that matches its subject area. Most likely people posting on the same topic will choose same or similar prefix. After some initial fluctuation, different prefixes for the same topic will converge to one that will become customary for that topic. New prefixes will pop up every once in a while, and the ones not used will fade from the group memory. This is a flexible, dynamic system. As a starting point I will make up a prefix for each of the sublists you proposed (if you don't like my prefix, use a different one!): ANON: anon/pseudo_cpunks Anoymity/Pseudonymity REMAIL: remailers_cpunks Remailer Technology DCNET: dining_cpunks DC Nets RANDOM: random-cpunks Random Generators DCASH: digimoney_cpunks Digital Banking PGP: pgp_cpunks PGP App/Current Info FLAME:-) ziplips_cpunks Crypto-Censorship WHISTLE: fweee_cpunks Whistleblowers (The "Keith Peterson Area"?) MEET: physmtgs_cpunks Physical Meetings/Conferences Here are some more: META: discussions on the list about the list itself, such as this post, or the post I am replying to which suggested splitting the list. Complaints about high volume, messages saying something does or does not belong on the list, etc, would use this prefix. ANNOUNCE: important messages that everyone may be interested in. FRIV: for jokes, parodies, other frivolous posts. If a post fits in more than one subject area, the main prefix should be put first, for sorting purposes. The other prefix(es) would follow, separated by slashes. For example "PGP/ANNOUNCE: new version available" or "RANDOM/FRIV: why not just flip coins?". This is in no way mandatory, it's just a convention that developed on Extropians, and it may be advantageous to use it, to ease further processing. Some other ideas: You can use procmail, elm filter, slocal, or any other mail processing tool to handle messages with different prefixes. For example if you are a very busy person, or are reading your mail over a low-speed link, you may want to save all REMAIL/ANNOUNCE messages in a "remailers" file, delete all FRIV, META, and FLAME messages, and for each other prefix, save the message to an appropriate folder for reading later. If you were not interested in discussion, but wanted to keep up on what's going on, you would have the filter delete all the messages from the mailin list that do not have an ANNOUNCE: prefix. Or, if you have enough time and/or are using a high-speed connection, you may just sort all the messages by Subject: thereby lumping all the messages on a subject together. Then you can decide which you are going to read first, which ones you want to delete, etc. If this idea takes off, and most people will start using prefixes, further evolution of the concept is possible. For example a group of extropians are developing some software on the list host machine that will let people customise their subscription, for example choosing not to receive messages with a certain prefix, not to receive messages that don't have a prefix, or choosing to receive only some selected prefixes, plus any new prefixes that come to use. All this is sometime in the future. Right now, let's start by just prefixing each subject line with an appropriate prefix. -- Yanek Martinson yanek@novavax.nova.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Wed, 3 Mar 93 01:13:37 PST To: cypherpunks@toad.com Subject: Let's look at this .... Message-ID: <6HNTZB1w165w@sytex.com> MIME-Version: 1.0 Content-Type: text/plain Okay, cypherpunks - I've watched enough "unsubscribe me" requests drop in, now I figure (that's a Virginia word, BTW) that since I'm silently digesting most of this nonsense, I can at least crop a few pennies in the mill from time to time. I've managed to irk several of you with the virus encryption post (a bona fide topic, for those of you who snicker); then with the "Why Anon (especially when there are twelve step programs) ?", but the federal deficit is peanuts to popcorn compared to the bandwidth wasted here. Lest I begin to resemble some cypher-drop-out (never happen), let's re-examine what we are now discussing: o Problems (solved yet?) with penet.fi o Arguments and innuendo regarding: _ digital cash _ digital anarchy (Gee, thanks, Tim.) _ digital bad-mouthing The one topic that _does_ interest me is the nonsensical fodder stemming from a post regarding the (actual?) governmental consideration to license keys. That just drops my carrier. This is probably the one reason why I tolerate the wasted bandwidth here -- there are many powerful souls amongst you (us) who can keep this bullshit from happening. On a serious note, I have been a programmer-slash-analyst from the card-punch days of not_so_old. My assembly programming began in the bowels of a IBM 360; somehow that weeded it's way into the desktop arena. Damned odd. Now I just put networks together. Much like tinker toys. My (long-winded) question is this: What are cypherpunk priorities? (NO, no, please do not cite the norms. I've heard 'em.) Where are we going with anon mailers? Are they going to serve us or cause us unlimited problems? (From a political point of view?) I stand _strongly_ behind private communications, and behind the right to privately encrypt. Personally, I do not think that it can be taken away from us. Thoughts? Cheers. Paul Ferguson | Network Integration Consultant | "All of life's answers are Alexandria, Virginia USA | on TV." fergp@sytex.com (Internet) | -- Homer Simpson sytex.com!fergp (UUNet) | 1:109/229 (FidoNet) | PGP public encryption key available upon request. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: root@rmsdell.ftl.fl.us (Yanek Martinson) Date: Tue, 2 Mar 93 19:49:14 PST To: cypherpunks@toad.com Subject: ANON: Textual analysis Message-ID: MIME-Version: 1.0 Content-Type: text/plain > This reveals a minor and probably obvious weakness of pseudonyms--writing > styles. We probably need "rephrasing remailers" which do some rudimentary grammar parsing on input text, and randomly substitute equivalent constructs such as switching active/passive voice, synonyms, changing the word order where it is insignificant, joining/splitting sentences, etc. Anyone here have any experience in NLP (natural language processing), specifically parsing english? A possible start would be to look at "grammar checker" programs that check for various grammatical mistakes/misusages and suggest improvements. Another starting point is language translation software. After your text has been translated automatically to spanish -> french -> german -> english, not much of the orignal style will remain. Hopefully, enough meaning will be preserved to allow understanding. Are there any public domain programs that do one of the above? One constraint on these is that the message must be present in clear text, so that it must be the last remailer in the chain. > examination of punctuation styles (e.g., some people use _this_ for > emphasis while others use *this*) This could be alleviated by using a standard markup format, such as MIME RichText, or the simpler markup convention recently proposed on the mime list. -- Yanek Martinson yanek@novavax.nova.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Theodore Ts'o Date: Tue, 2 Mar 93 19:59:15 PST To: pmetzger@shearson.com Subject: Re: Piercing anonymitiy and censorship In-Reply-To: <9303030105.AA21682@maggie.shearson.com> Message-ID: <9303030357.AA14312@SOS> MIME-Version: 1.0 Content-Type: text/plain The problem with trying to put RSA signed keys into Usenet is that it is simply not that simple. People aren't going to adopt the software overnight; it will take literally years before they adopt the software. In an earlier message, you said: Well, the folks running B News and C News will have to live without the public key extensions, and it will be their fault. The people with the public key extensions will have the benefits. That's just not true, and your proposed solution demonstrates that nicely. Until the majority of the poeple are posting signed messages, it is not useful to tell your newsreader to nuke all non-signed messages, as you suggested in your proposed solution --- you'd just be throwing out the signal with the noise...... Until nearly everyone on Usenet starts using the public key extension, we *all* will not have the benefits. There will be no way to distinguish the good (but unsigned messages) from the remailer abusers' unsigned (or untrusted) messages. - Ted From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Theodore Ts'o Date: Tue, 2 Mar 93 20:04:57 PST To: "DrZaphod" Subject: Re: You Aren't [I'm Not] In-Reply-To: <47610.drzaphod@ncselxsi> Message-ID: <9303030403.AA14595@SOS> MIME-Version: 1.0 Content-Type: text/plain Date: Tue, 2 Mar 93 13:13:25 CST From: "DrZaphod" Sender: ncselxsi!drzaphod@ncselxsi.netcom.com > In Message Tue, 2 Mar 93 16:57:22 -0500, > Theodore Ts'o writes: > >**No, I am not argueing for non-anonymity.** Please stop defending your >position by putting misrepresentations in my mouth. Aren't these the same thing? TTFN! Sorry; typo on my part. What I meant to say was "No, I am not arguing that free speach is bad." Mr. Metzger was putting words in my mouth when claimed that I was saying that. Anonymity and free speach are *NOT* the same thing. As I posited in an earlier message, which no one has yet to comment on, those two concepts are not the same thing. Sorry for the typo; in my outrage that he would stoop to such depths to make his point, and what I meant to say and what I actually typed weren't the same thing. - Ted From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Alexander Chislenko Date: Tue, 2 Mar 93 20:33:25 PST To: cypherpunks@toad.com Subject: Mailing request. Message-ID: <199303030432.AA26783@ra.cs.umb.edu> MIME-Version: 1.0 Content-Type: text/plain Could somebody send me today's mail? I lost it :( Thanks. Alex. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Giuseppe Cimmino <0005533039@mcimail.com> Date: Tue, 2 Mar 93 16:25:13 PST To: deltorto Subject: PGP distribution Message-ID: <23930302233832/0005533039ND1EM@mcimail.com> MIME-Version: 1.0 Content-Type: text/plain OK, a short note. I'm willing to round up some old 3 1/2" 720K floppies and time on a disk duplicator to facilitate PGP distribution at Interop here in DC next week. To be specific: If someone wants to organize the distribution, I'll help in the production. -Giuseppe From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eli Brandt Date: Tue, 2 Mar 93 23:40:45 PST To: cypherpunks@toad.com Subject: Re: anon.penet.fi hacking In-Reply-To: <930301171036_74076.1041_DHJ55-1@CompuServe.COM> Message-ID: <9303030740.AA11601@toad.com> MIME-Version: 1.0 Content-Type: text/plain > Eric shows a complicated regular expression, but I don't think it > will match just --, because this line provides nothing to match the > "." and "[^B]", etc. Instead of these ballooning regexps, how about just using Chael Hall's standardized "end of body" marker? Even if some people had to add it manually to each message, well, that's not a big deal. But I suspect that the people who have sigs being added by BBS software are going to have trouble adding strange header lines, even if they have the regexp expertise to construct them. Anyone who does control their sig, but doesn't want to take the trouble to include it only some of the time, can just add the marker. People might even be able to convince BBS sysops to add it to their autosigs. Or if this just looks too cluttered, maybe the sig-clipper header could just be "Signature-Lines:" -- clip that many, or none by default, and you're done. > Hal PGP 2 key by finger or e-mail Eli ebrandt@jarthur.claremont.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eli Brandt Date: Tue, 2 Mar 93 23:51:12 PST To: cypherpunks@toad.com Subject: Re: Future of anonymity (short-term vs. long-term) In-Reply-To: <9303020248.AA26533@SOS> Message-ID: <9303030751.AA11924@toad.com> MIME-Version: 1.0 Content-Type: text/plain > Fundamentally, however, there's the basic assumption that anarchy per se > is good; which is a basic philosophical belief which I just plain > disagree with. It's not an assumption, to begin with; I was not born an "anarchist". Nor is it a philosophical belief, in my case; it's a sociological conclusion. And I only claim that it's what I want, not that it's "good" for you -- that depends, for example, on whether you couldn't be happy except as an IRS employee. I'm not quite sure what you intend by your later comments on "religious fanatics", but any clarification or random flamage would best be done off-list. > - Ted PGP 2 key by finger or e-mail Eli ebrandt@jarthur.claremont.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eli Brandt Date: Wed, 3 Mar 93 00:14:38 PST To: cypherpunks@toad.com Subject: Re: more ideas on anonymity In-Reply-To: <9303020520.AA26631@SOS> Message-ID: <9303030814.AA12447@toad.com> MIME-Version: 1.0 Content-Type: text/plain > Today, it is generally not possible to be anonymous while > broadcasting your views to a large number of people. To do this for free, no. But you can send direct mail anonymously, although you can't get cheap bulk rates. > While, this may be a feature in some cases, in other cases it is > most definitely a BUG. True. Perhaps we should look at the problems of universal anonymity in contexts where they can already be observed -- like cellulose mail. It would be possible to implement a "postage" analog without a backed crypto currency. Each remailer could issue usage tickets, good for a certain flow per month. Issue them to individuals, and let them circulate. There are obvious problems; for one, transactions would be on a good-will basis, except in the case of trades to consolidate a block with a single remailer. This would produce allocation problems. In this mileau, a net.loser might be able to panhandle a truckload of tickets. On the up side, it's a good cover for getting currency up and running. With real postage, I think the problem would be negligible. I can imagine a custom developing that mail from nyms not on the "pass" list would have to include a certain fee just to make into the mailbox. A motivation pre-filter for just mail, at least. If mail transmission is flat-fee, such a system seems quite likely. > - Ted PGP 2 key by finger or e-mail Eli ebrandt@jarthur.claremont.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Wed, 3 Mar 93 01:16:53 PST To: cypherpunks@toad.com Subject: Re: Handling Abuses of Remailers Message-ID: <9303030915.AA21640@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain >In article tcmay@netcom.com (Timothy C. >May) writes: >> * To handle _abusive volumes_ through remailers, charge for remailing. >> Short term, this may be a problem, but this is the long term market >> solution. > > Quick but relevant question: Assuming a commercial anonymous remailer >were set up tomorrow, with (don't ask me how this would be done, it's >hypothetical...) provable anonymity -- what should it charge per message, >or per kilobyte of message? > >> -Tim May >> tcmay@netcom.com | anonymous networks, digital pseudonyms, zero > >Chris - Xenon I don't know. That's for the market to decide. This is not a glib answer. There is no "real" price for any service or commodity, only a complicated emergent market price that typically evolves and changes. An anonymous remailer (the "Mom and Pop" remailer I like to cite) may initially charge some price and find it is being undercut by others, or others are not matching its price. Prices will change, evolve. It is, however, that remailing prices will be much below a few pennies per 1 KB message, nor much above $2.00. I often use the crude estimate of $0.50 per remailing, suggesting that a 5-hop mailing will then cost about $2.50. (But once the infrastructure for remailer hops is in place, then even a single hop is basically enough--this may sound paradoxical, but think about it.) -Tim -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Tue, 2 Mar 93 23:01:06 PST To: CYPHERPUNKS Subject: REMAIL: Usage stats. Message-ID: <930303065109_74076.1041_DHJ45-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- I got mail from a remailer operator asking how he could keep some information about how much his remailer was being used without keeping logs of the messages. This seemed like a good feature so I have added it to my maildelivery file. This is how it looks now: # # field pattern action/ string # result (quote included spaces) # Request-Remailing-To "" pipe R "date >> LOG.REMAIL" Request-Remailing-To "" pipe A remail.pl Anon-To "" pipe R "date >> LOG.REMAIL" Anon-To "" pipe A remail.pl Encrypted PGP pipe R "date >> LOG.ENCRYPTED" Encrypted PGP pipe A pgpmail.pl * "" pipe ? recurse.pl The lines which say "date >> LOG.XXX" will append one line to the LOG.* file each time a remailing or decryption is done. That line will tell when it is done. No other information is kept to allow reconstruction of who sent the message or what it was. You can use "wc" to count how many lines are in the files, archive and/or delete them periodically, or do whatever you like. A couple of notes: When you have more than one line that matches a particular field/pattern (defined in the first two columns), use the letter R for the result code for the first ones, and A for the last. Also, be SURE you put quotes around the command string if it is more than one word. Otherwise ALL of your mail will DISAPPEAR! (I need to do a little work on the slocal.pl script to make it more robust about this. :-) If you're using slocal rather than slocal.pl this should still work. Hal Finney -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK5Qqe6gTA69YIUw3AQEYiAQArkTzGy4b2oFetX/AOzXjZ9Wpv8zlthCa rDs54X0mhw2fqe1zRt8VNw4X66qNwV1niyBMJV37IQsiCJVKXYI1ey3bRD5xNKGx FSZogubeoxIJFvKcVnLTe0l6bsRZpzSPRaePslXZsxb0t3ysDKKnzX0GJe0Zg8k0 +4d1mh8q5qQ= =+Bo3 -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: raob@mullian.ee.mu.OZ.AU Date: Tue, 2 Mar 93 13:45:58 PST To: rob@mullian.ee.mu.OZ.AU Subject: tapping Message-ID: <9303022144.22401@mullian.ee.mu.OZ.AU> MIME-Version: 1.0 Content-Type: text/plain [forwarded from elsewhere] > > [From Data Communications, January 1993] > > INVENTION CUTS CABLING TIES > > An inventor working from a garden shed in the U.K. has come up with a device > that enables PCs and other LAN equipment to send and receive data through > the plastic outer jacket of copper LAN cabling-- without piercing the > cabling. Called the Watsonlinc Cable Coupling Transformer, the device > allows users to attach LAN equipment at any point in a network without going > through time-consuming and costly cable attachment procedures. The > Watsonlinc, which must be placed directly next to a cable's outer jacket, > uses a proprietary technique to reduce noise interference while picking up > and transmitting data signals. Watsonlinc-equipped network interface cards > (NICs) will appear in the next 12 months, according to inventor Mike Watson > (Walton-on-Thames, U.K.), who says the device's production cost of about $5 > per unit will not significantly increase NIC sticker prices. The Watsonlinc > works with both shielded and unshielded twisted-pair copper cabling, is > small enough to fit on laptop PC internal adapters, and is capable of > handling all common LAN speeds, Watson says. The internationally patented > invention works just as well with voice signals. Predictably, it already > has been licensed for use in telephone surveillance equipment. > > ------- End of Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Wed, 3 Mar 93 09:01:49 PST To: cypherpunks@toad.com Subject: more ideas on anonymity In-Reply-To: <9303021951.AA26424@memexis.xanadu.com> Message-ID: <9303031658.AA14314@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >For some things, anonymity is sufficiently valuable that its use >doesn't discredit the source: crime tip-offs, inside corruption >revealing, etc. In many of those cases, however, the source would >need to establish their validity, "Externally verifiable" is the key phrase here. An anonymous allegation that Bush and Barb do unspeakable things their bedroom is much harder to verify than the location of Jimmy Hoffa's bones. The weekly posting for alt.whistleblower will contain an exhortation to include such information as can be verified without requiring the accused party to admit to something. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jthomas@mango.mitre.org (Joe Thomas) Date: Wed, 3 Mar 93 06:43:02 PST To: yanek@novavax.nova.edu Subject: ANON: Textual analysis Message-ID: <9303031439.AA22164@mango> MIME-Version: 1.0 Content-Type: text/plain > > This reveals a minor and probably obvious weakness of pseudonyms--writing > > styles. >We probably need "rephrasing remailers" which do some rudimentary >grammar parsing on input text, and randomly substitute equivalent >constructs such as switching active/passive voice, synonyms, changing >the word order where it is insignificant, joining/splitting sentences, >etc. Anyone here have any experience in NLP (natural language processing), >specifically parsing english? ... >Another starting point is language translation software. After your text >has been translated automatically to spanish -> french -> german -> english, >not much of the orignal style will remain. Hopefully, enough meaning >will be preserved to allow understanding. This whole problem looks to me to be AI-complete. I mean, I can't understand the manual from my Roland synth without a whole lot of head-scratching, and that was translated by a human! I don't think you're going to see a computer program giving intelligible rephrasing any time soon. The burden of disguising writing style may continue to fall on the author, but if everyone has the tools to statistically analyze their own messages before they send them, they'll at least see what they need to change around before sending. [I, for example, might decide to use sentences with fewer than three clauses...] Joe From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Wed, 3 Mar 93 09:50:26 PST To: cypherpunks@toad.com Subject: implementing positive reputation systems In-Reply-To: <9303022249.AA26686@memexis.xanadu.com> Message-ID: <9303031747.AA17054@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Dean writes: [emphasis added] >The scheme I always think of when envisioning positive reputation >systems is that I get the feed of __everything I might be interested__ in, >then sort and filter using whatever cleverness I desire. Marc Ringuette's observation about the distinction between content and volume is relevant here. The existence of high-volume noise sources (and let us not call this abuse, merely an undesirable consequence of the more desirable anonymity) means that you may not be able to get everything you might be interested in. Dean suggests filtering at the server. This just pushes the same problems with volume onto the server, which does have some benefit. I too would like to see suggestions. One of the basic problems with the model for internet news and mail transport is the presumption that the receiving side will generally accept everything it is handed. Rejections of transmission are treated as exceptions and not as primary elements of the protocols. In addition, the protocols do not provide, in advance of full transmission, a way for a receiver to determine whether to receive based on message size, receiver, or signature. The two protocols I am specifically referring to are NNTP (RFC-977) and SMTP (RFC-821). (For those of you not in the know about RFC's, that's where all the internet standards are. ftp to nic.ddn.mil in directory /rfc.) SMTP says who the sender is, but doesn't tell you the length of the message or anything else about it. NNTP allows you to receive the header and the body separately, an improvement, but the header can still be arbitrarily long. Each of these protocols, at minimum, should allow the receiver to look at the length of the message before it receives to see if it will accept that message. Likewise, sending other characteristics of a message prior to transmission of the whole would be desirable. Short messages might take less time to transmit than to negotiate, so providing length seems to be the first extension. It seems that you could implement length notification and rejection by only changing some of the informational messages, meaning that changes to the basic protocol and the drastic reworkings of software required could be alleviated. Flooding attacks seem important to prevent, and I think that the underlying protocols should enable this to the extent they can. The second-most useful thing to add to the server are those functions which require examination of the entire message body. I am foremost thinking of the hash function on top of which a signature is generated. Signature checking seems like a proper function for a server as a common resource. This is a separate subject. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Wed, 3 Mar 93 10:05:26 PST To: cypherpunks@toad.com Subject: Handling Abuses of Remailers In-Reply-To: <9303030915.AA21640@netcom.netcom.com> Message-ID: <9303031802.AA18266@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Re: remailer price schedules Tim writes: >I don't know. That's for the market to decide. >This is not a glib answer. While it is not glib, it is also not very useful for planning. As a general rule of thumb, market minima are set by costs, and market maxima are sent by alternatives. Alternatives in this case are alternate transport means, such as fax and snail mail, alternate carriers undertaken pseudonymously, e.g. attmail with a fake id, or free experimental services subsidized by academia and which don't work quite right. Costs are easier to calculate. Cost of a net connection, hardware, staff (i.e. your own) time, and financial transactions (i.e. Visa fees). Make a reasonable assumption that each message takes a certain amount of time to be processed on a certain class of machine (or measure it!), call some vendors (i.e. alternet). My guess on all this is that you could make an awful lot of money at a dime a hop for a less-than-10K message. Sell hops only in packages of a hundred, in order to reduce your finance charges. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pmetzger@shearson.com (Perry E. Metzger) Date: Wed, 3 Mar 93 07:58:07 PST To: tytso@athena.mit.edu Subject: Re: You Aren't [I'm Not] Message-ID: <9303031508.AA26458@maggie.shearson.com> MIME-Version: 1.0 Content-Type: text/plain > From: Theodore Ts'o > > Sorry; typo on my part. What I meant to say was "No, I am not arguing > that free speach is bad." Mr. Metzger was putting words in my mouth > when claimed that I was saying that. > > Anonymity and free speach are *NOT* the same thing. As I posited in an > earlier message, which no one has yet to comment on, those two concepts > are not the same thing. Yes they are, Ted. They are mathematically equivalent. If I can say anything, I can say it in code. If I can say anything, I can repeat what someone else said in code, possibly transforming it. Ta Da, remailers. To stop remailers, you will need to stop free speech. Please at least admit this much. It might be unpleasant, but in a society with no prior restraints on speech it is likely not possible to stop cryptographic systems to assure anonymity. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Wed, 3 Mar 93 00:34:30 PST To: Eli Brandt Subject: ANON: Re: anon.penet.fi hacking In-Reply-To: <9303030740.AA11601@toad.com> Message-ID: <9303030922.aa22669@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > Instead of these ballooning regexps, how about just using Chael > Hall's standardized "end of body" marker? Even if some people had > to add it manually to each message, well, that's not a big deal. > But I suspect that the people who have sigs being added by BBS > software are going to have trouble adding strange header lines, even > if they have the regexp expertise to construct them. Didn't we go through this at least twice already. Yes, your suggestion is perfectly OK for a "pure" cypherpunks remailer with sophisticated users. It is *NOT* OK for something like the typical anon.penet.fi user from alt.sexual.abuse.recovery or alt.transgendered. And at least anon.penet.fi allows for using the special header lines as part of the message body, to compensate for braindamaged mail systems. But some users might not even be *aware* that their systems add sigs - yes, I've come across a lot of those.... Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: kelly@netcom.com (Kelly Goen) Date: Wed, 3 Mar 93 10:18:37 PST To: cypherpunks@toad.com Subject: Wasted BAndwidth Message-ID: <9303031817.AA05176@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Forwarded message: > You are right that because of the right free speach, it is > impossible to prohibit remailers. However, while I don't believe in > prior restraint; but I do believe in personal responsibility. It is > certainly true that it is possible to construct a remailer service, > using cryptography, such that it would be impossible to trace it back to > the original sender. This class of remailer would generally not provide Well Ted I am not here to make ad-hominen attacks AND... there are a number of issues raised... Personal responsibility is a choice accepted by the person exercising THEIR right of free speech... it is important to remember that it is #1 and foremost a CHOICE... you CANT force an attitude of personal responsibility > So in this model, how can you provide personal responsibility? Well, I > would argue that the buck should stop at the remailer site. They are > the closest link to the chain of liability, and they have intentionally > performed measures which make it impossible find the next link in the > chain of liability. So, let the liability rest with the remailer site! > Now, I'm not a lawyer, and as far as I know, this legal theory hasn't > been tested in a court. So only time will tell what happens when these > remailers hit the real world. > > As far as remailers like Julf's are concerned, I very much like the idea > which Tim Moors suggested --- which is to have some method which the > identity between the input and output address could be revealed. This > provides general anonymity, but one that can be breached when someone > has abused that anonymity, as convicted by a jury of their peers. > Perhaps the way this could be reflected into the "real world" legal > system is that remailers which do keep a mapping between input and > output addresses, and which are willing to reveal them under appropriate > circumstances, would be exempt from being held liable for what comes out > of their remailer. > > Perhaps these are not the right sets of tools to be used to provide some > sort of controls over remailers so that the negative effects of these > remailers can be controlled. But it is our responsibility to consider > them, and not just pretend they don't exist. I hope we don't have the > attitude of "Vonce the rockets go up, who cares vere they come down? > That's not my department....." > > - Ted > Ted , you seem more concerned with how you and the particular cabal who agrees with you are going to control how others use their machines and software to ensure THEIR right of choice... Sorry but the attitudes you personally espouse just dont wash in the real world...Liability law is civil LAW... in most cases there are NO treaties between countries for laws such as libel... Anonymity will flourish... and in the VERY near future... it wont be dependent on the good-will of a sysadm or a government... there simply WONT be the means to control spread of anonymity tools Your viewpoint brings to mind an OLD saying "Those who would trade a little freedom for security deserve neither" and I apologize if I have misquoted here...I am afraid the scam of social control and responsibilty that you and others such as government practice and espouse is about over... "may you have an Interesting life" cheers kelly p.s. Atlas is shrugging -- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Wed, 3 Mar 93 10:40:24 PST To: cypherpunks@toad.com Subject: Let's look at this .... In-Reply-To: <6HNTZB1w165w@sytex.com> Message-ID: <9303031837.AA21712@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Paul Ferguson asks: "What are cypherpunk priorities?" Here's my list, in order: Technical track: 1. More remailer usage. You can't start rearranging the order of incoming and outgoing messages until you have messages to reorder. Right now routing is still hard, even using a script. Thus priority 1 implies number 2: 2. Outgoing rewriting systems integrated into mailers. Until one can say To: cypherpunks in their mailer and have this turned into a double-hop, fully encrypted message on the way out, I don't think you'll see a huge amount of traffic. 3. Mixing remailers. Until mailers mix, they are extremely vulnerable to network monitoring. Mixing is rearranging the order of incoming and outgoing messages, with a known lower bound on the number of messages it could have been rearranged with. Mixing also requires message size quantization, since reordering is only significant among messages of identical length. Note that this requires a significant volume of traffic per remailer. While this is a high priority, its implementation is not imminent. 4. Positive reputations. The very simplest reputation is a signature claiming identity. Deployment of signature-based communication fora is the first step. Political track: 1. Understand the nature of anonymity now and in the future. We are trying to improve the world, not just change it. It is therefore necessary that we try to the limits our ability to understand the effects of the social changes. 2. Making our arguments public. Once we have convinced ourselves, we have to convince others. This means public participation in conferences such as CFP, in the editorial pages of newspapers, in the IETF meetings, in Usenet newsgroups, and, if necessary, in courts. And a word of advice: Arguments are more effective the fewer shared assumptions between the parties there are. In particular, while you can convice another libertarian with a libertarian argument, you can't convince a socialist with one. Nevertheless, both libertarians and socialists desire open societies and personal privacy. We must base our arguments on deep shared culture if they are going to succeed. 3. Going international. There do and will exist national restrictions on various and different aspects of privacy goals. One can go around many of these restrictions by going around the nation involved. Knowledge is extremely difficult to contain, so let us make more of it, everywhere in the world! 4. Fighting restrictions on cryptography. In the US, that means getting actively engaged in fighting key registration ideas. This means preemptively writing your elected leaders _in advance_ of a specific issue. It also means writing about export restrictions in cryptography. In France, that means raising public awareness on cryptography restrictions and the eventual effects that will have on the open society there. In all countries, it requires vigilance. 5. Increasing awareness of privacy issues. Most think they have nothing to hide. Most also hate it when they get extremely detailed junk mail about their own lives. Teach the defense of privacy. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jthomas@mango.mitre.org (Joe Thomas) Date: Wed, 3 Mar 93 07:48:15 PST To: tribble@xanadu.com (E. Dean Tribble) Subject: Re: Future of anonymity (short-term vs. long-term) Message-ID: <9303031544.AA25573@mango> MIME-Version: 1.0 Content-Type: text/plain > IMHO a remailer operator should *NEVER* reveal any identities, but I > also believe very strongly that especially if you provide a way to post > news articles, there has to be a way to send replies to the original > sender. Thus a remailer must maintain mapping info. >I like this. Does it make sense (and has it already been talked >about?) to preserve the return information only for a limited time? It could make sense. It would make _practical_ sense in a scheme like the one I proposed (then amended thanks to John Gilmore's comments) in which the remailer encrypts the return addresses with a key that is regularly changed. Just forget the old keys after a certain amount of time. (BTW, forget I ever said anything about using timestamps as salt. The amount of known-plaintext per message is huge if you do that. Any PRNG would be better. I must have left my brain at home yesterday...) Joe From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fen@genmagic.genmagic.com (Fen Labalme) Date: Wed, 3 Mar 93 11:20:06 PST To: Eric Hughes Subject: Re: Handling Abuses of Remailers Message-ID: <9303031918.AA00242@> MIME-Version: 1.0 Content-Type: text/plain > Re: remailer price schedules > > My guess on all this is that you could make an awful lot of money at a > dime a hop for a less-than-10K message. Sell hops only in packages > of a hundred, in order to reduce your finance charges. Geeez, Eric! I'd think a penny a hop would be a pretty high price... And given that most messages go through two hops, then you'd really be giving your 2 cents worth! Note that there can be about 50 cypherpunks messages a day -- if each went through 2 hops at $0.10 / hop, as you proposed, that would be $10 / day in revenues for the remailers. Seems like a lot to me. I would support the idea if I felt that the system would quiet the flame wars, but I think rather it would simply quiet the poor... Fen From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fen@genmagic.genmagic.com (Fen Labalme) Date: Wed, 3 Mar 93 11:24:03 PST To: cypherpunks@toad.com Subject: Re: Let's look at this .... Message-ID: <9303031922.AA00249@> MIME-Version: 1.0 Content-Type: text/plain fergp@sytex.com (Paul Ferguson) writes: > The one topic that _does_ interest me is the nonsensical fodder > stemming from a post regarding the (actual?) governmental > consideration to license keys. That just drops my carrier. > This is probably the one reason why I tolerate the wasted bandwidth > here -- there are many powerful souls amongst you (us) who can keep this > bullshit from happening. Me too. It's not the only topic of interest to me, but one that I feel strongly about. Is there any suggested action that we can take? Fen From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Wed, 3 Mar 93 11:42:43 PST To: cypherpunks@toad.com Subject: You Aren't [I'm Not] In-Reply-To: <9303031741.AA19535@SOS> Message-ID: <9303031939.AA26579@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Ted writes: >[...] but I do believe in personal responsibility. I do not think this is an entirely forthright self-assessment. >It is certainly true that it is possible to construct a remailer >service, using cryptography, such that it would be impossible to >trace it back to the original sender. Let me call that strong anonymity. Let me also call the possibility for revealment weak anonymity. >So in this model, how can you provide personal responsibility? Well, I >would argue that the buck should stop at the remailer site. They are >the closest link to the chain of liability, and they have intentionally >performed measures which make it impossible find the next link in the >chain of liability. So, let the liability rest with the remailer site! I interpret you to mean that it is not personal responsibility for speech that you want, but the existence of someone to sue. The placement of liability on the remailer does not directly affect what the anonymous sender is going to say. The assignment of liability has, foremostly, legal consequences. The way I see that it will increase personal responsibility for speech is to make the legal climate (in the U.S., at least) impossible for strong anonymity. By eliminating strong anonymity, you can ensure that their anonymity is only conditionally revealed. Now, you haven't directly stated that you think that strong anonymity shouldn't exist. If this is what you think, plase say so directly. You can then make whatever argument you wish to support this position, but I, for one, would like to argue against clearly stated positions. >Now, I'm not a lawyer, and as far as I know, this legal theory hasn't >been tested in a court. So only time will tell what happens when these >remailers hit the real world. No, not only time will tell. This seems like an important enough point to legislate into existence before a court test. And for those with objections to making legislation, remember that the issue will be resolved publicly by law, but by lawyers in the courts. How about something like the following: "Speech made anonymously will carry a presumption of falsity in all consideration of tort resulting from said speech." >Perhaps these are not the right sets of tools to be used to provide some >sort of controls over remailers so that the negative effects of these >remailers can be controlled. One can eliminate the negative effects by eliminating the positive ones as well. I do believe strong anonymity to be one of these benefits. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Wed, 3 Mar 93 11:51:22 PST To: cypherpunks@toad.com Subject: Let's look at this .... In-Reply-To: <9303031922.AA00249@> Message-ID: <9303031948.AA27241@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Re: key registration >Me too. It's not the only topic of interest to me, but one that I feel >strongly about. Is there any suggested action that we can take? We have received word on the list about publications in both IEEE Spectrum and Communications of the ACM of Dorothy Denning's key registration proposals. What can we do? Flood their mailboxes with thoughful outrage. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: babani@cs.Buffalo.EDU (Rusty Babani) Date: Wed, 3 Mar 93 08:49:19 PST To: cypherpunks@toad.com Subject: Re: ANON: Textual analysis In-Reply-To: Message-ID: <9303031648.AA17469@armstrong.cs.Buffalo.EDU> MIME-Version: 1.0 Content-Type: text/plain Yanek Martinson stated in the last message: >From cypherpunks-request@toad.com Tue Mar 2 23:06:23 1993 >Subject: ANON: Textual analysis >Reply-To: yanek@novavax.nova.edu >> This reveals a minor and probably obvious weakness of pseudonyms--writing >> styles. > >We probably need "rephrasing remailers" which do some rudimentary >grammar parsing on input text, and randomly substitute equivalent >constructs such as switching active/passive voice, synonyms, changing >the word order where it is insignificant, joining/splitting sentences, That is insane... remailers are not the place where this kind of work should be taking place. If anything the user should run his document that (s)he wants stripped of grammer clues with software designed for that purpose on on his/her own machine. This way, the user can see immediate results. They don't have to wait anywhere from 1 minute to a few days to see the results of the "rephrasing remailer". -- +==== Internet: babani@cs.buffalo.edu ===+======== Amateur-Radio: N2LYC ======+ ! Bitnet: V078LNGT@ubvms.BITNET | UUCP: rutgers!ub!babani ! ! Alternate: an173@cleveland.freenet.edu | Plsure dpnds on the othrs prmison. ! +== PGP key available. (If you don't know what a PGP key is... find out!) ==+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Wed, 3 Mar 93 11:52:34 PST To: cypherpunks@toad.com Subject: REPS: Filters Against Unwanted Messages Message-ID: <9303031950.AA18115@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Attached below is a message wherein the author advertises in his .sig this item: "(anon. postings not read)" Simple, but it gets the point across. Expect to see more such declarations. In my off-line newsreader, Eudora, (which ironically is also the subject of the message attached below--must be a plot), it's easy enough to mark all the stuff from some anonymous site for deletion. Such "filters" are a basic kind of positive reputation system and are in use in many places. Some on this list have asked for this kind of filtering to be incorporated (somehow) into NetNews readers. Maybe this will come someday, but for now the best approach is to simply not read anonymous postings, if that's important to you. I want to also describe an important use of filters: Publishers almost never accept unsolicited material. Manuscripts "thrown over the transom," as the saying goes, are returned _unopened_ or sometimes just thrown away. And the publishers are careful to publicize this fact. Why? Mainly to head off charges that they or one of their writers "stole" an idea. Merely by opening the manuscript's envelope, they are exposing themselves, potentially, to lawsuits from would-be authors who claim to see elements of their ideas in someone else's "Movie of the Week" or Great American Novel. So publishers and editors scrupulously refuse to look at unsolicited manuscripts. (I have heard, anecdotally, that the onset of electronic submissions is causing them great distress. Without the option of "returned unopened," what are they to do? Various cryptographic solutions suggest themselves...this could be a small niche market for some cypherentrepreneur to fill, and could also be a way to get some P-K and reputation-filtering software out in the world.) Some forms of crypto-extortion can be handled the same way. (I described this approach to Dean Tribble a while back.) Simply advertise widely--like in your .sig--that you do not read messages unless they come from known sources. Would-be extortionists ("Deposit 10 kilocrypts in this account or I will do X") come to realize that they cannot easily contact their victim. To be sure, other channels exist (anonymous postal mail, phone calls, routing through other sources, etc.), but the lack of a direct channel makes the initial threat harder to issue. It's a kind of crypto speed bump. This approach, "I don't listen to extortion threats," is akin to "We don't negotiate with hostage takers." Far from perfect, but still a "damping" force. -Tim Here's the posting I cited earlier: >Newsgroups: netcom.general >Path: netcom.com!pfeiffer >From: pfeiffer@netcom.com (Kevin Pfeiffer) >Subject: Re: EUDORA for DOS? >Message-ID: <1993Mar3.171249.26738@netcom.com> >Organization: Pfeiffer Design Assoc. >X-Newsreader: TIN [version 1.1 PL8] >References: <1993Mar3.062411.9712@netcom.com> >Date: Wed, 3 Mar 1993 17:12:49 GMT > > You might look into pceudora... Can't speak for it, but Eudora (Mac) >seems well-designed. No matter what seems to break my connections (me, the >phone company, etc.) Eudora (and unix) leaves my mail intact at Netcom. >Knock on wood. >-- > * Kevin Pfeiffer (anon. postings not read) * >-- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Wed, 3 Mar 93 12:22:27 PST To: cypherpunks@toad.com Subject: Re: Handling Abuses of Remailers Message-ID: <9303032020.AA21829@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain (Sorry, Cypherpunks, for the ">" in this message--I made the classic mistake of sending this message only to Fen, hence this forwarded form. I'll try to watch this in the future!) >Fen Labalme believes Eric's "penny a hop" is still too expensive, especially >for "the poor": > >>Geeez, Eric! I'd think a penny a hop would be a pretty high price... And >>given that most messages go through two hops, then you'd really be giving >>your 2 cents worth! >> >>Note that there can be about 50 cypherpunks messages a day -- if each went >>through 2 hops at $0.10 / hop, as you proposed, that would be $10 / day in >>revenues for the remailers. Seems like a lot to me. >> >>I would support the idea if I felt that the system would quiet the flame >>wars, but I think rather it would simply quiet the poor... >> >>Fen > >You don't have to support the idea, Fen, you just have to open your own >remailing node! If you think you can do it more cheaply--perhaps subsidizing >the costs from your other income, or perhaps just doing it as charity--you are >completely free to do so. > >The "liquidity" of remailer hops (with the "Mark V" software that handles the >grunge automatically) will be quite interesting to see. Some will go for >minimum cost (one cheap hop), others will route messages through dozens of >hops. > >Services will arise which "rate" the quality of remailers, in terms of >pricing, security, latency, message sizes accepted, past experiences, etc. > >Bandwidths are increasing so rapidly and computer hardware is getting so >cheap, that I doubt even the poorest of the poor, in the U.S. at least, will >be unable to send these kinds of messages. The costs of transmission are just >so trivial compared to other costs that even poor people routinely pay. > >(Whether the poor and downtrodden will _want_ to participate in this Brave New >World is another matter. My guess is they will.) > >-Tim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Wed, 3 Mar 93 10:45:08 PST To: CYPHERPUNKS Subject: REMAIL: Juries... Message-ID: <930303173253_74076.1041_DHJ77-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain Tim Moors offers an interesting suggestion that a jury should be used to decide when a remailer operator should pierce the anonymity of an especially egregious poster. But I could see a way this could fail. If a post really is terrible, one might expect the poster to have taken some extra precautions. What if Tim's jury starts up, deliberates, argues, goes back and forth, and finally decides that the real email address of the poster should be revealed. When this is done, it may well turn out that the original email address was forged, or was another remailer which doesn't keep logs! This would mean that no replies to the message would have worked, but if the posting was harmful enough the poster might have been willing to give up the capability to receive private replies (he can always read followup postings on the newsgroup). In a case like this, all the effort on the part of the jury would have been wasted. We should also realize that, in a sufficiently bad case, there may well have been law enforcement involvement, anyway. If the harm is "real world" (not just something net folk would object to) then the jury activity may be superfluous, as court orders could have been used to force the remailer to reveal his mappings. I wonder, though, if Tim's jury could be married with Marc Horowitz's idea to have remailer operators support anonymous posting only from "approved" pseudonyms. Marc's idea was that people would literally buy approval of given digital pseudonyms (e.g. public keys). This approval would be granted by the operator(s) themselves, or buy some other agencies, and would be shown by a public log of signed pseudonymous public keys. Each message through the remailer would have to be digitally signed by one of these approved keys. (The approval process would be _completely anonymous_, that is, there would be _no_ correspondence between real identities and approved pseudonyms.) Then, if someone posted abusive messages, their approval could be cancelled. Their digital pseudonym (e.g. public key) would be removed from the list of approved "nyms" (I like Eli's shorthand). This way they could not post any more, at least unless they were willing to spend more of their hard-earned money to buy approval of another nym. This way we get the parallels to the postal service. If the approval agencies donated their earnings then this would not represent commercialization so it could even be done today. (Another thought along these lines would be to use Karl Barrus' digital bank to buy approval. I'm not sure this would work, but it's worth considering.) One weakness of Marc's proposal was what criteria would be used to yank approval of nyms. A person might be reluctant to pay real money for an approval certificate if he knew that it could be removed just because some blowhard complained about one of his postings. And remailer operators would be constantly forced to make judgement calls (as I gather Julf is today). Perhaps Tim's juries could serve this purpose. People would get their approval certificate removed only upon a jury's recommendation. The jury could even be specified in advance, composed of respected but fair members of the net community. If people had this kind of assurance that their posting privileges would be lost only under a fair system like this, they would be more willing to pay for an anonymous posting certificate. Hal Finney From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Theodore Ts'o Date: Wed, 3 Mar 93 09:43:12 PST To: pmetzger@shearson.com Subject: Re: You Aren't [I'm Not] In-Reply-To: <9303031508.AA26458@maggie.shearson.com> Message-ID: <9303031741.AA19535@SOS> MIME-Version: 1.0 Content-Type: text/plain Perry: You are right that because of the right free speach, it is impossible to prohibit remailers. However, while I don't believe in prior restraint; but I do believe in personal responsibility. It is certainly true that it is possible to construct a remailer service, using cryptography, such that it would be impossible to trace it back to the original sender. This class of remailer would generally not provide a return address mapping feature, since if the remailer can generate a return path, it can be revealed. There are ways to make it more difficult to reveal, but they still don't make it impossible. So Julf's remailer doesn't fall into this category, but ones where the input and output mappings are destroyed immediately do. So in this model, how can you provide personal responsibility? Well, I would argue that the buck should stop at the remailer site. They are the closest link to the chain of liability, and they have intentionally performed measures which make it impossible find the next link in the chain of liability. So, let the liability rest with the remailer site! Now, I'm not a lawyer, and as far as I know, this legal theory hasn't been tested in a court. So only time will tell what happens when these remailers hit the real world. As far as remailers like Julf's are concerned, I very much like the idea which Tim Moors suggested --- which is to have some method which the identity between the input and output address could be revealed. This provides general anonymity, but one that can be breached when someone has abused that anonymity, as convicted by a jury of their peers. Perhaps the way this could be reflected into the "real world" legal system is that remailers which do keep a mapping between input and output addresses, and which are willing to reveal them under appropriate circumstances, would be exempt from being held liable for what comes out of their remailer. Perhaps these are not the right sets of tools to be used to provide some sort of controls over remailers so that the negative effects of these remailers can be controlled. But it is our responsibility to consider them, and not just pretend they don't exist. I hope we don't have the attitude of "Vonce the rockets go up, who cares vere they come down? That's not my department....." - Ted From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Tony Kidson Date: Wed, 3 Mar 93 08:09:56 PST To: cypherpunks@toad.com Subject: Re: META: Support for prefixes Message-ID: <3098@morgan.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain In message you write: > > is problem: break the current list into topic areas. > > A similar situation occurred a while ago on the Extropians list. Many > people were complaining about excess volume, people were > unsubscribing, and there was talk of splitting the list into many > sublists. There are some problems with sublists. Many people would > subscribe to all the lists, or many of them. List management chores > ((un)subscriptions, bounces, address changes, etc) would increase. > Many messages would get "cross-posted" to several or all lists, and > thus would appear many times in everyone's mail box, thus even > increasing the number of messages to sift through. There are other > problems, which I will not mention now. > > I proposed a simple solution which is in use now, and has greatly > increased the quality of the list, makes it easy for everyone to only > read the messages they want, and does not require deployment of any > new software. The actual volume has not decreased, probably it even > increased. But the information flow is so much more manageable. > > The solution is the use of prefixes in Subject: lines. When you post, > prefix your Subject: line with a short "tag" such as "ANON:", > "DCNET:", "PGP:", "DCASH:", or others. For example, you would see > subjects like > > PGP: new version available > ANON: an new idea for anonymous replies > > etcetera. When reading your mail, just have your mailer sort the mail > by Subject: line (if your mailer can't do that, get a new mailer), and > all messages about PGP will come together, all messages about > anonymous remailers will be in one area, etc. Then it's easy to > delete them all without reading, to save them to a file for future > reference, or to read them if that is a topic you are interested in. > > The beauty of this system is it's anarchistic nature. There is no > need for people to maintain an official list of prefixes, or to vote > on new ones (as is done with newsgroups), or to ask someone to create > one (as would be necessary for mailing sublists). There's no need for > the group as a whole to agree on anything. Just start using them. > Try to find a logical prefix for each message that matches its subject > area. > > Most likely people posting on the same topic will choose same or similar > prefix. After some initial fluctuation, different prefixes for the same > topic will converge to one that will become customary for that topic. > > New prefixes will pop up every once in a while, and the ones not used > will fade from the group memory. This is a flexible, dynamic system. > > As a starting point I will make up a prefix for each of the sublists > you proposed (if you don't like my prefix, use a different one!): > > ANON: anon/pseudo_cpunks Anoymity/Pseudonymity > REMAIL: remailers_cpunks Remailer Technology > DCNET: dining_cpunks DC Nets > RANDOM: random-cpunks Random Generators > DCASH: digimoney_cpunks Digital Banking > PGP: pgp_cpunks PGP App/Current Info > FLAME:-) ziplips_cpunks Crypto-Censorship > WHISTLE: fweee_cpunks Whistleblowers (The "Keith Peterson Area"?) > MEET: physmtgs_cpunks Physical Meetings/Conferences > > Here are some more: META: discussions on the list about the list > itself, such as this post, or the post I am replying to which suggested > splitting the list. Complaints about high volume, messages saying something > does or does not belong on the list, etc, would use this prefix. > > ANNOUNCE: important messages that everyone may be interested in. > > FRIV: for jokes, parodies, other frivolous posts. > > If a post fits in more than one subject area, the main prefix should > be put first, for sorting purposes. The other prefix(es) would follow, > separated by slashes. For example "PGP/ANNOUNCE: new version available" > or "RANDOM/FRIV: why not just flip coins?". This is in no way mandatory, > it's just a convention that developed on Extropians, and it may be > advantageous to use it, to ease further processing. > > Some other ideas: > > You can use procmail, elm filter, slocal, or any other mail processing > tool to handle messages with different prefixes. > > For example if you are a very busy person, or are reading your mail > over a low-speed link, you may want to save all REMAIL/ANNOUNCE > messages in a "remailers" file, delete all FRIV, META, and FLAME > messages, and for each other prefix, save the message to an > appropriate folder for reading later. > > If you were not interested in discussion, but wanted to keep up > on what's going on, you would have the filter delete all the messages > from the mailin list that do not have an ANNOUNCE: prefix. > > Or, if you have enough time and/or are using a high-speed connection, > you may just sort all the messages by Subject: thereby lumping all the > messages on a subject together. Then you can decide which you are going > to read first, which ones you want to delete, etc. > > If this idea takes off, and most people will start using prefixes, further > evolution of the concept is possible. For example a group of extropians > are developing some software on the list host machine that will let people > customise their subscription, for example choosing not to receive messages > with a certain prefix, not to receive messages that don't have a prefix, > or choosing to receive only some selected prefixes, plus any new prefixes > that come to use. > > All this is sometime in the future. Right now, let's start by just > prefixing each subject line with an appropriate prefix. > > -- > Yanek Martinson > yanek@novavax.nova.edu > I fully support this call for prefixes by subject class. Tony +-----------------+-------------------------------+--------------------------+ | Tony Kidson | ** PGP 2.1 Key by request ** | Voice +44 81 466 5127 | | Morgan Towers, | The Cat has had to move now | E-Mail(in order) | | Morgan Road, | as I've had to take the top | tony@morgan.demon.co.uk | | Bromley, | off of the machine. | tny@cix.compulink.co.uk | | England BR1 3QE |Honda ST1100 -=<*>=- DoD# 0801 | 100024.301@compuserve.com| +-----------------+-------------------------------+--------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ghabrech@ultrix.ramapo.edu (Phil_Osfy) Date: Wed, 3 Mar 93 09:53:58 PST To: cypherpunks@toad.com Subject: Unsubscribe Message-ID: <9303031756.AA28930@ultrix.ramapo.edu> MIME-Version: 1.0 Content-Type: text/plain Please unsubscribe me. I am involved in a few other email groups and my load is way too high. I may resubscribe again, but for now can't handle it. Thanx George ghabrech@ultrix.ramapo.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Chuck Lever Date: Wed, 3 Mar 93 10:07:19 PST To: tytso@athena.mit.edu Subject: Re: You Aren't [I'm Not] In-Reply-To: <9303031508.AA26458@maggie.shearson.com> Message-ID: <9303031807.AA21650@toad.com> MIME-Version: 1.0 Content-Type: text/plain < > From: Theodore Ts'o < > < > Sorry; typo on my part. What I meant to say was "No, I am not arguing < > that free speach is bad." Mr. Metzger was putting words in my mouth < > when claimed that I was saying that. < > < > Anonymity and free speach are *NOT* the same thing. As I posited in an < > earlier message, which no one has yet to comment on, those two concepts < > are not the same thing. < < Yes they are, Ted. They are mathematically equivalent. If I can say < anything, I can say it in code. If I can say anything, I can repeat what < someone else said in code, possibly transforming it. Ta Da, remailers. < < To stop remailers, you will need to stop free speech. Please at least < admit this much. It might be unpleasant, but in a society with no < prior restraints on speech it is likely not possible to stop cryptographic < systems to assure anonymity. let me say that some of this discussion has certainly been mind- bending, and i appreciate having taken part. i would like to add my 2 pfennigs worth. anonymity and free speech are different in precisely this way: that we are free to say what we want doesn't mean we aren't also accountable for what we may say. when we can speak freely *and* anonymously, then we are no longer accountable for what we say. anonymous free speech is a *stronger* form of free speech; this is what i think perry is arguing. however, this stronger form of freedom means individuals are no longer accountable for their words or behavior; this, i believe, is ted's concern. i can see that some members of this list are interested in providing an environment where these fundamentally social issues are solved technically. however, this seems to be an issue which cries out for a social solution, with perhaps a technical implementation. they may be looking to (over)simplify these social issues so that they are *easily* solved technically, and this is where they might be going astray. in our society, for example, there are strong cultural restrictions on what we can say. these are not mandated by law. these are the rules of the game when it comes to existing in a particular culture. an instance of such rules might be "politeness vs. rudeness." accountability can have positive or negative affects. it seems to me that the usefulness of anonymous free speech hinges on whether the speaker should or should not be held accountable for her/his words. i can't find an easy technical way of making possible free speech which is beneficial, but limiting non-beneficial free speech. there may be, however, ways of structuring or socially incorporating anonymous free speech such that the benefial uses are encouraged, and the maleficient uses are reduced. but i feel strongly that the approach will have to be socially, not technically based. i don't think digital cash is a really equitable way of accomplishing this. as soon as economics are involved, individuals will be sucked into classes of "haves" and "have-nots". while markets are good, the effects on individuals can be horrendous, as serious as censorship. are we trying for meritocracy, or for rule based on who has the most dough? accountability is critical to those who can't protect themselves from the government or from other members of society. these are precisely the people who would be burned by such an economic system. this *is* what the media is for, right? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Ryan, Edmund J" Date: Wed, 3 Mar 93 10:23:40 PST To: Subject: No Subject Message-ID: <03MAR93.14444011.0177.MUSIC@MARISTB> MIME-Version: 1.0 Content-Type: text/plain Greetings, Please unsubscribe me. I'd appreciate it if cypherpunks had a digest. It would be easier to handle the mail volume. Virtually, Ed ------------------------------------------------------------------------ - Edmund J. Ryan Major: Computer Information Systems - - KL62@MARISTB Minor: Computer Science/Business - - Marist College --Cypherpunk--------Extropian------- - - Poughkeepsie, NY --Libertarian-------Voluntarist----- - - - - "Replace taxpayers with shareholders, - - regulators with customers: privatize!" - ------------------------------------------------------------------------ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: eknipp@lobo.rmhs.colorado.edu (Ethan Knipp) Date: Wed, 3 Mar 93 13:11:46 PST To: cypherpunks@toad.com Subject: PGP: Help! Message-ID: <9303032107.AA17969@lobo.rmhs.colorado.edu> MIME-Version: 1.0 Content-Type: text/plain Not to be stupid, but could somebody email me a plainspeak (Ok, I know some UNIX- I'm not *that* outta it) msg on what exactly pgp is, how to use it, and a copy of it. Thanx -- T'han The Unbeliever | "Fear is the mind killer."- Dune eknipp@lobo.rmhs.colorado.edu | Nobody believes what I say. | Laugh when life sucks. It helps. Future Autopian | From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Wed, 3 Mar 93 11:14:10 PST To: kelly@netcom.com (Kelly Goen) Subject: Re: Wasted BAndwidth In-Reply-To: <9303031817.AA05176@netcom.netcom.com> Message-ID: <9303031909.AA11228@dun-dun-noodles.aktis.com> MIME-Version: 1.0 Content-Type: text/plain (I'm also marc@mit.edu. This is my work account. Anyway....) I think Ted is merely trying to be realistic. Let me put it this way: You tell something embarrasing, but true, about Big Organization With Lots Of Money And Guns (BOWLOMAG). They're not going to *care* that the last remailer on the chain (who will, presumably, be identifiable) wasn't responsible for the message which was sent. They're just going to invade the building the remailing host is in, kill everyone in the room, and destroy the machine, and all the machines around it. If they don't know which is the remailer, they'll just blow up the whole block. They don't care. They're BOWLOMAG. After this happens a few times, remailer operators are going to think twice about passing anything which goes through their site. They don't want to be BOWLOMAG's next victim. And this is exactly what BOWLOMAG wants. Control by fear. Is this a likely scenario? Probably not. But in today's society, the very organizations you are rightly trying to protect yourself against are the ones with all the Money and Guns. And they could care less that it's mathematically impossible for you to monitor messages. They merely want it to stop. Will they blow up buildings? Not likely. But I'm sure for every Steve Jackson Games we hear about, there are other instances we don't. And the Secret Service is a much easier target than the CIA. >> Personal responsibility is a choice accepted by the person exercising >> THEIR right of free speech... it is important to remember that it is >> #1 and foremost a CHOICE... you CANT force an attitude of personal >> responsibility You can't force and attitude of personal responsibility, it is true. But you can still make people be responsible for their actions. Even if you don't think libel or slander is wrong, if I know who you are, and I can prove it, I can still sue you. As long as people are slinging quotes around: Liberty means responsibility. That is why most men dread it. - George Bernard Shaw, Liberty The sole end for which mankind are warranted, individually or collectively, in interfering with the liberty of action of any of their number, is self-protection. - John Stuart Mill, On Liberty, ch.1 People who want complete anonymity, without any way to make people answer for they actions, seem to want liberty without the responsibility. And, they would remove my ability to protect myself, by hiding the identity of my attacker. Is this what we want? Pseudonymity has its place in a free society, but there *must* be bounds on it. The recent idea of digital juries is a good one. (Maybe it's not new; I like it anyway.) This is better than trusting the government. I do not advocate censorship. I advocate responsibility. Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Wed, 3 Mar 93 16:05:11 PST To: cypherpunks@toad.com Subject: You Aren't [I'm Not] In-Reply-To: <9303032127.AA19605@SOS> Message-ID: <9303040002.AA25892@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain I thank Ted for such a clear reply. He writes: >Sorry for not being clear; I was merely speculating on how the Real >World might react to the presense of remailers. I actually think this >might be a reasonable response, and perhaps even a likely one. This was the other interpretation I came up with, yet it did not seem as likely to me as the one I assumed. Excuse me if I ever implied you were a freedom-hating, Dorothy-Denning-loving crypto-fascist. ;-) Yes, there are plenty of large organizations who sue at the drop of a hat. Yes, it is likely that remailer operators would get sued. I do think, however, there are legislative and judicial defenses. >Let's cast this into a physical world example. [anonymous bullhorn example deleted] The place that this example breaks down is that silence is a commons, and a communications network is not. Society finds it profitable to break up control of land into ownerships. It is not, on the other hand, profitable to do so with airspace as a sound-carrying medium, because the cost of shielding, in addition to being expensive, looks awful. Thus sound has remained a commons wherein all maintain an interest equal to their proximity. A communications network, however, is an artifact, _i.e._ an object created by design and technology. As such it has no status as commons unless the owners agree to grant it such. One might argue that the aggregate actions of backbone sites create such a commons. Granted, but the fact remains that the transmission of data in a particular way or in a particular form or structure is not fundamental to the medium. Like any other artifact, it can be changed. Furthermore, the analogy of shouting at the neighbors does not accurately reflect the facts of reception. The sound from a loudspeaker cannot be silenced except with great expenditure and loss of sightline. The speech of an anonymous posting source can be easily silenced with filter. There is a salient difference in effort here. The loudspeaker example is that of an additive medium; all sounds come over the same channel. A telecommunications network, however, is on the other end of the spectrum; every message comes in separately. The electronic medium is the most separable there is. Filtering is not possible for the loudspeaker; it is easy for the messages. And again, no one requires a carrier to carry anonymous messages. Practically speaking, you might easily end up with a situation like the alt.* hierarchy, where only certain subnets agree to exchange anonymous traffic. I suspect this is inevitable in the short term. >On the other hand, if you receive crank >calls, you are entitled to call your phone company, and they will make >an attempt track down the crank caller and turn over his identity to the >police, with the charge of harassment. But the phone company is not held liable when the call was made from a pay phone. >Whether or not it "shouldn't exist" is somewhat irrelevant, don't you >think? If people really want to put them up, they're going to exist. I don't think it is irrelevant. If we allow each person unlimited personal freedom, that freedom include the freedom not to cooperate with those one disagrees with. Since the power of groups is larger than the power of individuals, there is no such thing as unlimited personal action. To wit: "You may do what you like, but I don't have to help, and I may actively hinder you." >In any case, I don't believe the benefits of strong anonymity are worth >the negative consequences, and that most of the benfits of strong >anonymity are also provided by weak anonymity. Here is where we differ. I do believe that strong anonymity is desirable. I believe that weak anonymity is undesirable for the same reason that I believe key registration is undesirable. (That said, I think weak anonymity is not nearly as dangerous as key registration.) The similarity is this: that an action performed in expectation of one setting (privacy or anonymity) is later found to have been performed in another. [re: legislative protections of anonymous speech.] >One can pass legislation proclaiming this to be the case; legislation >has been passed declaring PI to be 3. The question is whether or not >this is a really a true statement the way the human mind works in >general. A law which states that from now on that pi will be three does not change the actual ratio of the circumference to the diameter. A law which says that certain facts of a situation are to be considered in a certain way in a court of law does, in fact, change the way those facts are considered. If someone makes a claim and it is rejected because of protecting legislation, then even if the person was offended, the law still says there is no redress. If you declared that claims of offense are to be disallowed, then they are disallowed, regardless of whatever perceived or even actual harm there is. Can such legislation could be passed? There's the rub. We can certainly work for it. >While tort law often seems to bear little or no resemblence to >the outside world, it is supposed to based on the real world. It is meant to describe society's reaction to the facts of the real world, not to describe the facts themselves. >On the other hand, if it is true that people will believe statements >made anonymously, and so real damage can be done as a result, then the >person who has been wronged should have every right to obtain >compensation for those damages. Any such legislation would not claim that people did or did not believe them. It would state that regardless of whether they did or not, that as a matter of public policy it would not matter. Your statement begs the question of whether anonymous speech can cause "real damage." I will leave this to another discussion. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: babani@cs.Buffalo.EDU (Rusty Babani) Date: Wed, 3 Mar 93 13:04:40 PST To: cypherpunks@toad.com Subject: ANON: My remailer Message-ID: <9303032103.AA26981@armstrong.cs.Buffalo.EDU> MIME-Version: 1.0 Content-Type: text/plain Due to circumstances beyond my control, I have had to take down the remailer that is running in my account. (read: If I put it back up again... my account will be taken away.) I only got a brief message from the system administrator stating "Running anonymous remailers is against University policy." Thus, since my account is more important (considering I need it for projects and the like...) than a remailer, I have taken it down. I'd appreciate it if you spread the word. -- +==== Internet: babani@cs.buffalo.edu ===+======== Amateur-Radio: N2LYC ======+ ! Bitnet: V078LNGT@ubvms.BITNET | UUCP: rutgers!ub!babani ! ! Alternate: an173@cleveland.freenet.edu | Plsure dpnds on the othrs prmison. ! +== PGP key available. (If you don't know what a PGP key is... find out!) ==+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Wed, 3 Mar 93 16:22:08 PST To: cypherpunks@toad.com Subject: SOCIETY: crypto impact In-Reply-To: <199303032336.AA26450@Menudo.UH.EDU> Message-ID: <9303040018.AA28660@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >Like any new technology, selling crypto to the public will be >difficult at first. I'll bet the telephone, something so vital to >today's society it is difficult to imagine functioning without it, was >tough to get going. For an interesting look at this, see _When Old Technologies Were New_; I've forgotten the author. It's about electrification and the telephone. And remember, just because there's opposition, it could still be a bad idea! :-) Let's not get too self-congratulatory here. >On a related note, it is amazing how much information about you >exists. [...] Some supermarkets were even testing a >system in which your purchases (scanned by the bar code reader) are >saved and indexed by your credit card or check! It really is unsettling. There is, in fact, a speculative market in personal information. Some of these companies doing supermarket systems had the collection systems developed, and then went looking for customers. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Theodore Ts'o Date: Wed, 3 Mar 93 13:28:39 PST To: Eric Hughes Subject: Re: You Aren't [I'm Not] In-Reply-To: <9303031939.AA26579@soda.berkeley.edu> Message-ID: <9303032127.AA19605@SOS> MIME-Version: 1.0 Content-Type: text/plain Date: Wed, 3 Mar 93 11:39:32 -0800 From: Eric Hughes >So in this model, how can you provide personal responsibility? Well, I >would argue that the buck should stop at the remailer site. They are >the closest link to the chain of liability, and they have intentionally >performed measures which make it impossible find the next link in the >chain of liability. So, let the liability rest with the remailer site! I interpret you to mean that it is not personal responsibility for speech that you want, but the existence of someone to sue. Sorry for not being clear; I was merely speculating on how the Real World might react to the presense of remailers. I actually think this might be a reasonable response, and perhaps even a likely one. Let's cast this into a physical world example. Suppose someone has developed a system which will allow someone to broadcast, over a bullhorn, at 150db, in your neighborhood. Suppose further that said system will allow anybody to broadcast over that source, at either free or at 10 cents a minute, in such a way that it is impossible to track down the source. Now suppose that this bullhorn (which is located on private property) starts spewing announcements and other people exercising their right of free speach, at all hours of the day and night. Now, then, let us explore the this example. In this example, is it reasonable to presume that it is each individual houseowner's responsibility to put up soundproofing, to protect themselves from unwanted noise? If so, why? Why not? And if the people of the neighborhood decided to get together and sue someone, who would be the likeliest target? Does this example apply to the remailer issue? Well, their are certainly examples that go both ways. For example, if you receive junk mail, you just throw it out. On the other hand, if you receive crank calls, you are entitled to call your phone company, and they will make an attempt track down the crank caller and turn over his identity to the police, with the charge of harassment. Now, you haven't directly stated that you think that strong anonymity shouldn't exist. If this is what you think, plase say so directly. You can then make whatever argument you wish to support this position, but I, for one, would like to argue against clearly stated positions. Whether or not it "shouldn't exist" is somewhat irrelevant, don't you think? If people really want to put them up, they're going to exist. In retrospect, it was a mistake for me to point out that it might be a bad idea to make that sort of services available, since I doubt any of the anonymity salwarts have been listening to me anyway. (It sometimes certainly as seemed like no one has really be listening to me, as some of the accusations of my being a censorship lover and being associated with some evil cabal (tm) seem to attest.) Some of my less than thoughtful outbursts were caused by my exasperation at how people were obviously not listening, and who were responding by name-calling and arguments that were completely beside the point. I apologize for those outbursts. In any case, I don't believe the benefits of strong anonymity are worth the negative consequences, and that most of the benfits of strong anonymity are also provided by weak anonymity. Hopefully, if strong anonymity does have the bad effects I fear, there will be ways for our society to correct for them --- for example, holding the administrators of the remailers liable for the damage caused by the remailers. This may not be the case, given things like international boundaries. But it is probably unproductive to argue about whether or not this will or will not happen. Time alone will tell. "Speech made anonymously will carry a presumption of falsity in all consideration of tort resulting from said speech." One can pass legislation proclaiming this to be the case; legislation has been passed declaring PI to be 3. The question is whether or not this is a really a true statement the way the human mind works in general. While tort law often seems to bear little or no resemblence to the outside world, it is supposed to based on the real world. This is why when someone is suing someone else for Libel, English Common Law states that you have meet three standards: (a) the statements must be false, (b) the speaker must have know the statements were false, and spoke them with malicious intent, and (c) real damages were incurred. (And that is what the plaintiff is sueing to recover for.) If what you say is true, that human beings have a presumption against believing statements made anonymously, then test (c) will fail automatically; no real damage would have occurred. In this case, the legislation is simply not needed. On the other hand, if it is true that people will believe statements made anonymously, and so real damage can be done as a result, then the person who has been wronged should have every right to obtain compensation for those damages. That's what the tort system is all about. - Ted From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl Barrus Date: Wed, 3 Mar 93 15:16:15 PST To: cypherpunks@toad.com Subject: REMAIL: updated list Message-ID: <199303032314.AA24899@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain (I intend to send this message to the list about once a month, or when "emergencies" arise) -----BEGIN PGP SIGNED MESSAGE----- Q1: What cypherpunk remailers exist? A1: The list of cypherpunk remailers known to me: 1: hh@pmantis.berkeley.edu 2: hh@cicada.berkeley.edu 3: hh@soda.berkeley.edu 4: nowhere@bsu-cs.bsu.edu 5: ebrandt@jarthur.claremont.edu 6: hal@alumni.caltech.edu 7: remailer@rebma.mn.org 8: elee7h5@rosebud.ee.uh.edu 9: phantom@mead.u.washington.edu 10: hfinney@shell.portal.com 11: remail@extropia.wimsey.com NOTES: #1-5 no encryption of remailing headers #6-11 support encryption of remailing headers #2 requires remailing request to appear in header #11 requires text to be encrypted along with remailing request #7,#11 introduce larger than average delay ============================================================ Q2: How do I use the cypherpunk remailers? A2: Instructions and helper scripts are available via anonymous ftp at soda.berkeley.edu (128.32.149.19) in the pub/cypherpunks directory. hal's.instructions instructions on how to use the remailers scripts.tar.Z various Unix scripts to assist remailer use anonmail.arj various MSDOS batch files to assist remailer use /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK5U6XoOA7OpLWtYzAQEuJgQAx3qgMv9ZTG0LXWuaUgfT+27NB9gQAFga 8f3L4Ew41JlaIqXAUqo8JUra9NjE9Xrgg5DFN31j1pTiGZOdCUc0qzq+R8Tvw8iC ujWvWKkoVExrPQqyArh+DSDeJdfykopL2I0W7NF0Z66Y13h89aNF1NN6H2W3Pf+I naWmJL6Oxd8= =S3XH -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Chael Hall) Date: Wed, 3 Mar 93 14:29:42 PST To: dclunie@pax.tpa.com.au (David Clunie) Subject: Re: ANON: My remailer In-Reply-To: <9303032153.AA17736@britt> Message-ID: <9303032218.AA03614@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain >What they probably mean is it is against their system administrator's >policy ! I would be very surprised if the governing body of the >university had a policy regarding this ! > >Not that you are in a position to argue of course. > >david Uhg... This is not a good sign. My remailer is running on a university computer system as well. I have been trying to get a SLIP connection for the past few months for my 386BSD system so that I can take part of the load off of their system and provide anonymity on my local hardware. The sysadmin don't know about my remailer and I am trying to keep them from finding out. Right now, my mail volume is so high that those messages are cloaked by the rest of my incoming and outgoing mail. Plus, it isn't used that much. I have approval for my mail servers, because we worked out a modification to slow down my program so it wouldn't flood the system with sendmail processes. Unfortunately, I don't have approval for the remailer, but at the same time, there has been no mention of it. In the login banner, it says, "This system will be monitored for unethical and malicious behavior." That sort of leaves it up to them to decide whether or not to shut down the remailer and they can just give a quick "it's not ethical" reason. Luckily, they like me. :) In the long run, I am working on a solution, but money is tight. Otherwise, I would have a T-1 coming directly into my house and all would be fine; well at least better. Enough rambling--I'm sorry to see a remailer demise and hope that mine will not fall under the unethical clause here. If I find a solution, you will be the first to know. Chael Hall -- Chael Hall nowhere@bsu-cs.bsu.edu, 00CCHALL@BSUVC.BSU.EDU, CHALL@CLSV.Charon.BSU.Edu (317) 285-3648 after 5 pm EST From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl Barrus Date: Wed, 3 Mar 93 15:37:49 PST To: cypherpunks@toad.com Subject: SOCIETY: crypto impact Message-ID: <199303032336.AA26450@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain Like any new technology, selling crypto to the public will be difficult at first. I'll bet the telephone, something so vital to today's society it is difficult to imagine functioning without it, was tough to get going. PROPONENT: "Just imagine the service and convenience!" OPPONENT: "What services and conveniences? I visit the people I want to talk to and conduct my business withing 5 miles of home." At the time there were no neat services or conveniences. Buying into new technology will cause resistance, since people are not going to miss what they do not have. However, I think some crypto technology will be easier to sell than others. It should be easy to convince people of the need for good encryption, the kind that can protect you or your company's financial information, mail, ideas, etc. Also, digital signatures and authentication techniques should face little resistance. Now, anonymous remailers and other privacy methods will be a little harder :-) (witness the debate over anonymous speech occuring right now!) On a related note, it is amazing how much information about you exists. Did anyone else watch a PBS documentary about this (sorry, I can't remember the name of it)? In the report, a writer researched how direct mail marketing departments seek out infomation - from going to the county court house and obtaining property and deed information, to using census information to classify your living habits, professional organizations you belong to, catalogs for mailing lists of various interests, etc. Some supermarkets were even testing a system in which your purchases (scanned by the bar code reader) are saved and indexed by your credit card or check! Banks could then sell this extremely valuable information to direct mail houses. /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: root@rmsdell.ftl.fl.us (Yanek Martinson) Date: Wed, 3 Mar 93 14:54:23 PST To: cypherpunks@toad.com Subject: ANON: un-filterable pseudonyms Message-ID: MIME-Version: 1.0 Content-Type: text/plain > In my off-line newsreader, Eudora, (which ironically is also the subject of > the message attached below--must be a plot), it's easy enough to mark all > the stuff from some anonymous site for deletion. This is only possible if there are few, well known, anonymous sites, and/or if all anonymous aliases look similar, such as an1234. How do you know if KSDF32@KMUVAX is an anonymous address, or a real user login? I also expect to see pseudonyms that look like real names. I don't think it would be too hard to pick a random first and last name from a list of real names, and create a From: line like jsmith@someplace.edu (John Smith) which will look just like a regular address. Even the remailers that don't create reply-able aliases could generate random real-looking From: lines, just to make the posts look non-anonymous. The only possible solution would be to ignore all messages not from addresses you trust. This is basically the "don't talk to strangers" policy. -- Yanek Martinson yanek@novavax.nova.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter & Date: Wed, 3 Mar 93 18:13:48 PST To: cypherpunks@toad.com Subject: a /etc/magic for the unix file command Message-ID: <9303040209.AA02043@merde.dis.org> MIME-Version: 1.0 Content-Type: text/x-pgp -----BEGIN PGP SIGNED MESSAGE----- to "teach" the Unix file(1) command to identify pgpfiles add the following to your /etc/magic file: # pgp hacks 0 short 0x9900 pgp key public ring 0 short 0x9501 pgp key security ring 0 string -----BEGIN\040PGP pgp armored data >15 string PUBLIC\040KEY\040BLOCK- public key blocK >15 string MESSAGE- message >15 string SIGNED\040MESSAGE- signed message >15 string PGP\040SIGNATURE- signature # -----BEGIN PGP SIGNATURE----- Version: 2.1 iQBFAgUBK5Vk5shmn7GUWLLFAQH7LwF9FxXXT2BldFcSQsRN1OzB8o5qauyFvOJq fXzOOEZxU+aAAS194IPzGwjysKEVn3m/ =sDtW -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Alexander Chislenko Date: Wed, 3 Mar 93 16:48:27 PST To: cypherpunks@toad.com Subject: META/PERSONAL: Thanks for mailing. Message-ID: <199303040047.AA05134@ra.cs.umb.edu> MIME-Version: 1.0 Content-Type: text/plain I am grateful to both people who sent me the mail I lost; I don't think I have a right to disclose their identity ;-) but I am grateful to them anyway, as well as to all those who might want to send it to me later - please don't - too bad I'll never know your names... Thanks anyway! BTW, I missed the point when people started using prefixes in message titles; was there an 'official' suggestion for it? Alex. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tim@atri.curtin.edu.au (Tim Moors) Date: Wed, 3 Mar 93 04:01:29 PST To: cypherpunks@toad.com Subject: ANON: Revealing identities Message-ID: <9303031201.AA13190@atri.curtin.edu.au> MIME-Version: 1.0 Content-Type: text/plain I sent the following to Julf earlier, and he encouraged me to post it to news.admin.policy and the cypherpunks list. He mentioned that "the mapping thing has been discussed recently". Feel free to tear it to shreds, but remember that it is only a rough idea at present: don't tell me I forgot to cross the 'l's (oops 't's). ---- 8< Cut Here 8< ---- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Anonymous Date: Tue Sep 07 12:37:41 1999 To: julf@penet.FI Subject: Revealing identities Message-ID: MIME-Version: 1.0 Content-Type: text/plain Johan, I haven't been paying close attention to the latest on the anonymity debate, so please tell me if the following has been raised before. In your message <9302260807.aa01498@penet.penet.FI> of Fri, 26 Feb 93 08:50:19 +0200 on the subject "Moral dilemma." to the cypherpunks list, you mentioned that >One rule is >that I *never* reveal the true identity of an anon user, While I believe that you should be able to use any policy you want for this sort of thing, I do not believe that both your server and this policy can survive together. Because you/the-server cannot censor the content of anonymous postings/mail (you lack the time, and knowledge of what is legal in every corner of the world), you can only withdraw someone's anonymous posting permission in response to complaints to something that they have already posted. I believe that eventually, someone will post something so damaging/incensing that sufficient pressure will be applied that either: the service cannot continue (e.g. disconnected from the network), or you will be forced to reveal or destroy the mappings between alias(es) and user(s). For example, on the cypherpunks list, the question of what would happen if someone claiming responsibility for the New York bombing posted through the anonymous server. Bodies in the US (from people providing parts of the Internet service through to political and criminal bodies such as the FBI/CIA/NSA) could easily apply very strong pressure. Unfortunately, I feel that this pressure will come sooner rather than later because there is nothing preventing people opposed to the anonymous service from making these postings merely to discredit your service. I think that there *MAY* be a way around this. I assume the reasons behind your non-disclosure policy are: i. You cannot decide which identities should be revealed. ii. Revealing an identity removes their anonymity from all of their previous postings, some of which may have had reason to be anonymous. For example, I think it "unjust" to reveal what someone wrote to alt.sex.abuse because they violated copyright or whatever in some other group. The second of these reasons could be avoided by permitting anonymous users to have a different alias for each posting that they make. This would increase the loading on the alias space and records of alias<->ID mappings. I can see no reason why you would need to reveal all of the aliases of one real identity. The decision of when an identity should be revealed could be left to a jury: If you receive a reasonable complaint about a posting (not just a flame, but something more significant such as copyright violation, libel, etc) then you would post this complaint to a group of anonymous jurors who decide on what action should be taken. The plaintiff and defendant could even argue their positions to the jury, and might advertise on a newsgroup asking for assistance from relevant groups (e.g. pro/anti-anonymity groups). The problem now is how to select the jury. Some factors are: i. The number of jurors influences the probability that the decision can be swayed because of the random composition of the jury. So one juror would be too few, 12 as used in orthodox courts might be reasonable, etc. ii. Jurors would not want to spend too much time on the case, so there should be an upper limit on the number of bytes transmitted by defendant and plaintiff, and the time span of the case. iii. The degree of "consensus" required for a decision. Perhaps 2/3 majority is OK, perhaps 75%. The larger the majority required, the less likely that the case will be swayed by the composition of the jury, but also the longer it would take to reach the decision. iv. The jury can't be composed just of users of the anonymous service because of their bias. Perhaps jurors could be selected at random from the names of people who have posted to the news in the past? v. Jurors would have to accept their position -- there's no use in having a juror who doesn't read the information passed to him/her. I feel that the problem of selecting a jury would be easier to solve than that of defending the anonymous service against the uproar that may result from some postings. With this judicial process, anonymous users would also be accountable for what they post. Some other issues would be i. What happens if the jury can't decide? ii. What sort of "punishment" is possible? Warning the person? Barring the person from anonymous posting? Revealing their identity to the necessary body? etc The idea is *VERY* rough at the moment, but perhaps it has some merit? As I see it, the good part for the anonymous service provider is that they do not have to participate in the process (apart from filtering trivial flaming cases from the judicial system), which will avoid claims of bias and lessens your already considerable load. Comments? Tim ---- 8< Cut Here 8< ---- Tim Moors __________________________________________________________ Australian Telecommunications Research Institute .-_!\ GPO Box U 1987 Email: tim@atri.curtin.edu.au / \ Perth, WA 6001 Phone: +61 9 351 3243 \_.-._/ Australia Fax: +61 9 351 3244 o "beLIEve" -- U2 Zoo TV Tour From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com (Bill_Stewart(HOY002)1305) Date: Wed, 3 Mar 93 18:04:54 PST To: cypherpunks@toad.com Subject: PGP: informal faq for eknipp Message-ID: <9303040204.AA12596@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text Eknipp asked for an overview of PGP; my reply to him bounced, but it's of enough possible general use that I'm inflicting it on the list. It's rough and rambling, but believe it if you need it...., and please send me any corrections if there are offensive errors. The details of corporate relationships regarding PKP and RSA are especially haphazard. Thanks; Bill -- "He wouldn't have wanted that _thing_ walking around with his name on it" ------ well, here's a rough overview and definitions, ignore the parts you know already. You can get a proper faq by ftp from rsa.com, in the directory pub/faq. Cryptography = writing stuff only authorized people can read. Real crypto depends on algorithms that are secure as long as the Bad Guys don't know the keys, even if they know everything else. Most of the interesting stuff depends on mathematical processes that take exponential amounts of time, so a 56-bit key would take 2**56 attempts to guess - you can't guess it a bit at a time in 56 steps. Factoring large numbers is believed to take roughly expontential time. M = plaintext message Cyphertext C = E(k, M), E = encryption function, k = key. Plaintext M = D(k, C) ITAR - International Traffic In Armaments Regulations - the US has a bunch of laws about exporting munitions, and crypto hardware and software count as munitions - algorithms are OK, but our Benevolent Govt KNOWS that foreigners aren't bright enough to turn algorithms into code. Lots of flamewars discuss exactly the boundaries, and the laws are contradictory about which bureaucrats are really in control, but nobody's wanted to get thrown in jail for arms dealing badly enough to force a court case .... Appears to apply to importing crypto also, though that hasn't been something anybody's made a big deal about. Other countries besides the US may have major restrictions as well. Alice and Bob - the people sending messages to each other. Eve may be eavesdropping, and Charlie may be around also, Secret-Key Cryptosystem, also called Symmetric-key or private-key - the same key k is used for E and D, or at least a closely related key that's easy to derive if you know the other one. DES = Data Encryption Standard = IBM/NSA-designed secret-key system, very widely used, keys 56 bits long which may be a bit short, some people worry there may be an trapdoor put there by NSA, but if I told you I'd have to kill you :-) Banks use it, for instance. IDEA - a Swiss-written secret-key system, maybe more secure than DES, newer anyway. Patented in Switz but not US, easy licensing. Public-Key CryptoSystem - Encryption key ke and Decryption key kd are related, but in a way that you can't determine kd knowing only ke. ke is called the public key and kd the private key - you can publish ke where everyone can see it and encrypt stuff to mail to you, you can decrypt with private key kd. (If you want to reply, you've got to get their public key.) Public-key algorithms are pretty slow, so generally people use create a random secret key, encrypt their message with a secret-key algorithm like DES, and encrypt the secret key with the recipient's public key; recipient decrypts the secret key with his private key, then uses it to decrypt the message. Digital Signatures - if you can do public-key crypto, then you can do the reverse as well to sign a message - you *decrypt* the message with your private key, and the recipient encrypts it with your public key - if it restores the original message, she knows it's good and knows that *you* sent it, because only you have your private key. For speed, you normally make a "hash" checksum of the message, and sign the hash instead of the whole thing. Some public-key algorithms can only be used for encryption, some only for signatures, some for both but you need different keys. MD-4 and MD-5 - Message Digest hashing algorithms from (?) Rivest, which are thought to be unforgeable, unlike the CRC checksums used by many programs which are easily forged. RSA - A public-key algorithm developed by Rivest, Shamir, and Adelman. It's the only well-known public-key algorithm that does everything everybody wants, including signatures and public-key, that's secure enough that you can't crack it as long as you use reasonably long keys. Unfortunately, it's patented in the US, by Public Key Partners, a company R, S, A, and friends started that owns most of the interesting patents related to public-key. On the other hand, to avoid having the NSA classify their patent right when they applied (the NSA can do that), they published the algorithm before applying, which means that it's public-knowledge in most of the world and you can't patent it there, even in places that do allow algorithm patents. Their claims about what techniques their patents cover are *very* broad; if you want to do anything public-key related in the US, you've got to deal with them or carry a BIG lawyer, and so far everybody's chosen to deal with them rather than risk a long expensive difficult court case, or else chosen to ignore or infringe their patent but not sell their products for cash, and hoped to get away with it. RSAREF - an RSA implementation from PKP, which you may use free for personal non-commercial use as long as you agree to follow a set of rules that are much less restrictive than they used to be; you can't export it outside the US and Canada, and can't change the interface without their permission, and a few other terms. Better implementations of RSA's algorithms have been done, but you can use this one free, with their permission. Or you can pay them money and get support for incorporating their techniques into your products. Key certification - Public Keys are usually long - RSA keys are often 1024 bytes. Public keys crypto is only secure if you can be SURE you have the public key for the person you're trying to send a message to, like Bob, and that Eve hasn't handed you HER public key instead - she could be intercepting all your mail to Bob, decrypting it, and re-encrypting with Bob's key. So you need to find a secure way to transmit public keys, where "secure" means it can't be forged without you knowing about it (though anybody can read them.) Publishing in the New York Times classified ads is one approach, as is any other broadcast method you can be SURE everyone gets correctly. Another method is to use digital signatures - somebody you trust, whose public key you can be sure you know accurately, gets Bob's public key from Bob, and signs it with their public-key. Since not everybody knows somebody who knows Bob, the problem can be handled by a chain or hierarchy of key certifications - Charlie signs Bob's, Dave signs Charlie's ... and You know Xerxes yourself. Or George Bush signs all the general's keys, the generals all sign the keys for the colonels under them, the colonels sign for the majors under them, .... and you can check some sergeant's key because it's got a certificate from his lieutenant on up to Bush, and Bush's key is in the Phone Book. PGP - Phil's Pretty Good Privacy program - a nice packaging of this technology that can be used easily to prepare secure email. The original version used RSA and a choice of DES or a home-brew secret-crypto system; the current version uses RSA and IDEA. For certification, the method is non-hierarchical - you have a "keyring" containing public keys you know, maybe with certificates, and you can sign the ones *you* trust and give your signed keyring to your friends. Hierarchies imply the potential for control; this is cooperative anarchy, and there's no chain of people you HAVE to obey to exchange keys. When PGP version 1 first came out, RSA yelled at Phil Zimmerman, the author, and told him he was risking patent infringement lawsuits and such if he didn't cease and desist, so he's no longer distributing it. But some of those SNEAKY FOREIGNERS *somehow* got a copy, and so ongoing development of PGP is taking place outside the US, unhindered by patent problems. Version 2.1 is out, 2.2 real soon. Parts of PGP are probably not covered by PKP's patents, and parts are clearly not covered by ITAR, but some parts are a problem. RIPEM - Mark Riordan's public-key email system, which uses RSAREF to do RSA, so it's legally kosher but not exportable, and is related to the internet Privacy Enhanced Mail stuff that was being developed for a while. Still real new, but probably Pretty Good also; I seem to remember its key certification was more hierarchical. ---- More PGP info - PGP was originally written for a DOS environment (there are problems trusting any system you don't totally control, and it's tough to say you totally control a multi-user system), but it's been ported to lots of things by now, including UNIX and some early Mac ports (work is in progress to make the Mac port feel like Mac-stuff rather than Unix-stuff.) You can get the source, compile it, play with it, and do anything you want that doesn't infringe PKP's patent, so remember not to use it to exchange keys with anyone or send them mail unless you've got a licensing agreement..... Once it's compiled, type pgp -h to get help, and/or read the documentation. Where to get things: The fun place to shop is nic.funet.fi, by anonymous ftp, but if you telnet to an archie server like archie.rutgers.edu (login as archie) you can ask it wher to find anything. Using a US site would be potentially better legally, and also cuts down on the bandwidth used between here and Finland.... Bill Stewart From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: babani@cs.Buffalo.EDU (Rusty Babani) Date: Wed, 3 Mar 93 18:15:47 PST To: cypherpunks@toad.com Subject: ANON: anon policy of UB Message-ID: <9303040214.AA09381@armstrong.cs.Buffalo.EDU> MIME-Version: 1.0 Content-Type: text/plain Here is a copy of the policy that my system administrator was refering to: From: gerland@ubvmsb.cc.buffalo.edu (James R. Gerland) Subject: UCS Computing Usage Policy. Date: 16 May 90 19:56:27 GMT CONDITIONS OF USE OF THE COMPUTING CENTER FACILITIES Academic Computing Services University Computing Services State University of New York at Buffalo March 4, 1988 The use of University at Buffalo academic computer systems by members of the university community is authorized by Academic Computing, University Computing Services. All classes of users (students, faculty, and staff members) have equal privileges and equal access to the Computing Center's facilities, and all have the responsibility to use the Computing Center's services in an effective, efficient, ethical, and legal manner. Every computer account issued by University at Buffalo is the responsibility of the person in whose name it is issued. As a result, acquiring an account in another person's name, or using an account without the explicit permission of the owner and the full knowledge of Academic Computing will be considered to be theft of services, and will be dealt with according to the "Student Rules and Regulations" and/or Chapter 514 of the New York State Penal Law. It is mandatory that the owner of an account be careful to keep the account secure by keeping the password secret, changing the password often, and reporting to Academic Computing when anyone else is using the account without permission. Authorized Use As a condition for use of the Academic Computing systems, all users are expected: (1) To respect the privacy of others. For example, users shall not intentionally seek information on, obtain copies of, or modify files or passwords belonging to others. (2) To respect the integrity of the University at Buffalo computing systems. For example, users shall not intentionally develop or use programs that harass other users, infiltrate a computing system, or damage or alter the software components of a computing system. (3) To not develop programs or use any mechanisms to alter or avoid accounting for the use of computing services or to employ means by which the facilities and systems are used anonymously or by means of an alias. For example, users shall not send messages or mail, or print files which do not show the username of the user using the system or which exhibit a username other than that of the sender. (4) To respect the legal protection provided by copyright and licenses held by the Computing Center. For example, users shall not make copies of a licensed computer program to avoid paying additional license fees. (5) To use the accounts only for University related purposes. For example, users shall not authorize individuals who are not associated with the University to use an account nor use the academic computers for non-university related work, without prior arrangements with Academic Computing. Violation of these conditions, i.e., unauthorized use of another person's account, tampering with other users' files or passwords, or harassment of other users is certainly unethical and possibly a criminal offense. Whenever Academic Computing becomes aware of a possible violation of these conditions, Academic Computing will initiate an investigation. In order to prevent further unauthorized activity, Academic Computing may suspend the authorization of computing services to the individual. Confirmation of unauthorized use of the facilities may result in the closing of accounts permanently, billing for computer time used for non-university endeavors, disciplinary action, and/or legal action. Responsible use Users are expected to use computing resources in a responsible and efficient manner consistent with the instructional, research, and administrative goals of the University. Users are expected to refrain from engaging in deliberately wasteful practices such as printing large amounts of unnecessary listings, performing endless unnecessary computations, or unnecessarily holding public terminals, tape drives, dial- up phone lines for long periods of time when others are waiting for these resources. In addition, the playing of games or using networks for purely recreational purposes when others are waiting for terminals represents irresponsible use of the equipment. Academic Computing prefers not to act as a disciplinary agency or to engage in policing activities. However, in cases of unauthorized or irresponsible behavior, Academic Computing does reserve the right to take remedial action, commencing with an investigation of the possible abuse. Users, when requested, are expected to cooperate in such investigations. -- +==== Internet: babani@cs.buffalo.edu ===+======== Amateur-Radio: N2LYC ======+ ! Bitnet: V078LNGT@ubvms.BITNET | UUCP: rutgers!ub!babani ! ! Alternate: an173@cleveland.freenet.edu | Plsure dpnds on the othrs prmison. ! +== PGP key available. (If you don't know what a PGP key is... find out!) ==+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Honeyman Date: Wed, 3 Mar 93 18:24:15 PST To: CypherPunks@toad.com Subject: Re: You Aren't [I'm Not] Message-ID: <9303040224.AA01178@toad.com> MIME-Version: 1.0 Content-Type: text/plain Date: Wed, 3 Mar 93 12:41:48 -0500 From: Theodore Ts'o Subject: Re: You Aren't [I'm Not] ... I don't believe in prior restraint; but I do believe in personal responsibility ... ... in this model, how can you provide personal responsibility? ted, when you say you favor personal responsibility, do you mean "i am in favor of people acting responsibly," which i take to be the sense of the first quote, or do you mean "i want there to be a way to hold people responsible for their actions," which i take to be the meaning of the second? (i favor the former, but am undecided about the latter. not that anyone asked ...) peter ps: pardon my wild excerpting; i hope it doesn't obscure. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: babani@cs.Buffalo.EDU (Rusty Babani) Date: Wed, 3 Mar 93 18:27:29 PST To: cypherpunks@toad.com Subject: Re: ANON: My remailer In-Reply-To: <9303032218.AA03614@bsu-cs.bsu.edu> Message-ID: <9303040226.AA10720@armstrong.cs.Buffalo.EDU> MIME-Version: 1.0 Content-Type: text/plain Chael Hall stated in the last message: >From cypherpunks-request@toad.com Wed Mar 3 17:44:33 1993 >From: nowhere@bsu-cs.bsu.edu (Chael Hall) >To: dclunie@pax.tpa.com.au (David Clunie) >>What they probably mean is it is against their system administrator's >>policy ! I would be very surprised if the governing body of the >>university had a policy regarding this ! > Uhg... This is not a good sign. My remailer is running on a >university computer system as well. I have been trying to get a SLIP I know that the remailer I was running wasn't the biggest kept secret, however, I made sure not to mention it to too many local people. I wonder if my sysadmin found out thru mail-logs or thru a pgp key server or somebody told him or what? I guess I'll never find out. > Enough rambling--I'm sorry to see a remailer demise and hope >that mine will not fall under the unethical clause here. If I find Chael, it might be wise to check out exactly what your "university's" policy concerning this is... before it's too late! -- +==== Internet: babani@cs.buffalo.edu ===+======== Amateur-Radio: N2LYC ======+ ! Bitnet: V078LNGT@ubvms.BITNET | UUCP: rutgers!ub!babani ! ! Alternate: an173@cleveland.freenet.edu | Plsure dpnds on the othrs prmison. ! +== PGP key available. (If you don't know what a PGP key is... find out!) ==+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: trump@pluto.ee.cua.edu (Louis Edward Trumpbour) Date: Wed, 3 Mar 93 18:51:18 PST To: cypherpunks@toad.com Subject: what is all o f this talk Message-ID: <9303040251.AA06498@pluto.ee.cua.edu> MIME-Version: 1.0 Content-Type: text/plain well i dislike this argument of anon remailers etc being bad or what not because people can threten or what not wiht it... this argument is pretty bogus since i could do the same thing from an inactive hacked account... but thats my haypenny also what is the true to life name of Unix's passwd encryption program of scheem ??? Louis From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Nickey MacDonald Date: Wed, 3 Mar 93 18:58:53 PST To: Peter & Subject: Re: a /etc/magic for the unix file command In-Reply-To: <9303040209.AA02043@merde.dis.org> Message-ID: MIME-Version: 1.0 Content-Type: text/plain Just a note... to save people some time... The fields for those additions to the magic file must be seperated by TABs.... --- Nick MacDonald | NMD on IRC i6t4@jupiter.sun.csd.unb.ca | PGP 2.1 Public key available via finger On Wed, 3 Mar 1993, Peter & wrote: > # pgp hacks > 0 short 0x9900 pgp key public ring > 0 short 0x9501 pgp key security ring > 0 string -----BEGIN\040PGP pgp armored data > >15 string PUBLIC\040KEY\040BLOCK- public key blocK > >15 string MESSAGE- message > >15 string SIGNED\040MESSAGE- signed message > >15 string PGP\040SIGNATURE- signature > # From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Theodore Ts'o Date: Wed, 3 Mar 93 20:28:12 PST To: Eric Hughes Subject: Re: You Aren't [I'm Not] In-Reply-To: <9303040002.AA25892@soda.berkeley.edu> Message-ID: <9303040426.AA24707@SOS> MIME-Version: 1.0 Content-Type: text/plain Date: Wed, 3 Mar 93 16:02:00 -0800 From: Eric Hughes A communications network, however, is an artifact, _i.e._ an object created by design and technology. As such it has no status as commons unless the owners agree to grant it such. One might argue that the aggregate actions of backbone sites create such a commons. Granted, but the fact remains that the transmission of data in a particular way or in a particular form or structure is not fundamental to the medium. Like any other artifact, it can be changed. True, like any other artifact, it can be changed. But then again, someone could try to change the status of sound as a "commons" as well. Perhaps the real problem is that there are a large number of people who are currently using mailing lists and Usenet newsgroups with the expectation that there are currently existing controls on the signal-to-noise levels and protection against mail bombs, which are being enforced by simple standards of personal (or at worse, site) accountability. So in affect, the common usage of these colections of sites has created a "commons" which you are proposing to take away. As an artifact, certainly that can be changed; and you are proposing that we change them. But then, who should bear the cost of this change? To bring this back to the house/anonymous bull horn analogy, that would be like deciding cease considering sound (or rather lack of sound) a commons, and expecting each home owner, who up until now enjoyed the relative peace and quiet of their neighborhood, to pay the cost of losing their sightlines, and needing to put up expensive shielding. Maybe there are good, sound, policy reasons for making this change. But out of fairness, one would think that the agents of change should be prepared to bear some of cost of that change. Without that, the homeowners will not be bought into such a change, and you can hardly blame them for resisting. Wouldn't you, in similar situations? And again, no one requires a carrier to carry anonymous messages. Practically speaking, you might easily end up with a situation like the alt.* hierarchy, where only certain subnets agree to exchange anonymous traffic. I suspect this is inevitable in the short term. Well, this really can only happen if a carrier can easily distinguish anonymous messages from non-anonymous messages. Out of fairness, I would argue for putting in a standard header which clearly labels a message as being anonymous, so that carriers can have the choice of whether or not they want to carry that message. Given the earlier discussion of doing filtering at the server level, this seems to fit right in. >On the other hand, if you receive crank >calls, you are entitled to call your phone company, and they will make >an attempt track down the crank caller and turn over his identity to the >police, with the charge of harassment. But the phone company is not held liable when the call was made from a pay phone. True; but the phone company is a common carrier. The networks today aren't. This could be changed by legislation, and that's something I would support, for networks. However, I doubt that such legislation would actually extend as far as protecting hosts on a network, such as remailer sites. It might happen, but it would definitely be a much harder sell. >On the other hand, if it is true that people will believe statements >made anonymously, and so real damage can be done as a result, then the >person who has been wronged should have every right to obtain >compensation for those damages. Your statement begs the question of whether anonymous speech can cause "real damage." I will leave this to another discussion. You misunderstand my argument. My argument is that if anonymous speech doesn't cause "real damage", then your proposed legislation isn't necessary, since real damage is a requirement for a successful libel action. On the other hand, if it does cause "real damage", then your proposed legislation would prevent someone who had been damaged from obtaining redress. So I would argue that such legislation would be bad public policy. - Ted From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Nickey MacDonald Date: Wed, 3 Mar 93 19:40:36 PST To: Eric Hughes Subject: A anon remailer addressing suggestion In-Reply-To: <9302281755.AA13087@soda.berkeley.edu> Message-ID: MIME-Version: 1.0 Content-Type: text/plain I 'm way behind on my cypherpunks mail.. I just hope this hasn't been recently discussed... How about implimenting an anonymous remailer where the return address is some sort of hash to the original id... maybe based on time or count of messages from that id, or something... Thus, two messages sent from the same person would have "differnt" return addresses... and you would never really keep an anonymous id... it would be constantly changing... but you could always be reached, even at your "previous" addresses... This would beg for some sort of pseudonym option, in case you wanted a stream of your messages to appear to come from the same person (granted with diff addresses). This could even be taken one step further, to include a small portion of your original message in any replies... but thats probably bit too much... :-) crude example: From: anonabcdefghijklmnopqrstuvwxyz0123456789@remailer.anon Subject: An idea ^^^^ Some weird has to return address From: anonabcdefghijkl0123456789zyxwtsrqponm@remailer.anon Subject: A second idea ^^^^ A new hash for a new mail message Am I just blowing hot air... or is this a worthwhile idea? --- Nick MacDonald | NMD on IRC i6t4@jupiter.sun.csd.unb.ca | PGP 2.1 Public key available via finger From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Wed, 3 Mar 93 14:52:32 PST To: Fen Labalme Subject: ANON: Re: Handling Abuses of Remailers In-Reply-To: <9303031918.AA00242@> Message-ID: <9303032301.aa28689@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > Note that there can be about 50 cypherpunks messages a day -- if each went > through 2 hops at $0.10 / hop, as you proposed, that would be $10 / day in > revenues for the remailers. Seems like a lot to me. Uh... If anon.penet.fi charged $0.10 / message for the 3000 messages a day it's curently handling that would give me $9,000/month - no problem upgrading the hardware! ;-) But... > I would support the idea if I felt that the system would quiet the flame > wars, but I think rather it would simply quiet the poor... *Quiet* the flame wars? I can already hear them scream "and he is even getting *money* from terrorizing the net!!" ;-) I think anon.penet.fi will have to remain a for-free, public service... Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: deltorto@aol.com Date: Thu, 4 Mar 93 03:27:38 PST To: cypherpunks@toad.com Subject: FWEE!: Whistleblower progress update Message-ID: <9303040630.tn06635@aol.com> MIME-Version: 1.0 Content-Type: text/plain Gang, First off, since I have just now been able to process some of the couple hundred msgs in my box, I'd like to respond to a good idea... >>From: yanek@novavax.nova.edu >> >> [good stuff removed] >> >>The solution is the use of prefixes in Subject: lines. When you post, >>prefix your Subject: line with a short "tag" such as "ANON:", >>"DCNET:", "PGP:", "DCASH:", or others. Excellent idea, Yanek, I like the elegance of it very much. However, I prefer to label all my Whistleblower posts with "FWEEE:" rather than the mundane "WHISTLE:" and besides, it's shorter. :-) Other than that, I like your suggestions,e and here are my (short) ones (marked with "-"): ANON: Anoymity/Pseudonymity -MIX: Remailer Technology DCNET: DC Nets RANDOM: Random Generators DCASH: Digital Banking PGP: PGP App/Current Info FLAME: Crypto-Censorship -FWEE!: Whistleblowers (T he "Keith Peterson Area"?) -MTGS: Physical Meetings/Conferences -------------- OK, now Whistleblowers --------------- Secondly, I suppose that everyone has by now heard about Bill Clinton's 800 numbers for government waste whistleblowers and anyone else to call. A great idea, and I applaud him for it (it'll keep Al Gore out of trouble for a while), but it's "kid stuff" compared to the picture I have in my mind for our Whistleblowers anonymous remailer system. Eventually, I would like to see anon msgs (some encrypted) alerting specific investigators about assassinations, military cost overruns, govt sex scandals, private sector insider trading and all sorts of other nefarious goings-on. This is gonna be GREAT! We're gonna "rock the world" of the rats out there. Over the next few weeks, I will post some plans like the one below for all of you to comment on. Among these will be a phased roadmap which will hopefully diagram for all Cypherpunks what needs to be done to get a true anon remailer up and running and populate it with juicy tidbits. Make no mistake, this is no small job: it will require a team effort. Prepare to be called on for small jobs, and feel free to refuse if the work is out of your league of if you haven't enough time. It'll get done: the People are counting on us. For now, we are in Phase 1: planning, design & data acquisition. Data Acq'n: I am now working on a database which will eventually cover all of Congress, the Executive, the Judiciary and the Pentagon. As noted before, this db will list email addresses wherever possible. Many Congresspeople do not currently have email, so we may even assist our elected officials in the process of getting looped in. We will send out our initial offers to some highly placed people to visit the Whistleblowers list and sign on, get a key and start paying attention. Phase 2 will be to spec out the remail and produce a preliminary set of instructions to be sent out with the invitation to participate. Phase 3 will be the initial remailer implementation and testing. Phase 4 will involve getting a few press and activist people to log on and get used to PGP and the whole idea. I expect by then that we may already have some whistles being blown. Later Phases will be discussed as I think of them, this is a rough preliminary sketch intended for comment. FYI: several Congressperson's offices have drooled audibly over the prospect and may contribute resources or assistance to our effort. I tend to think we should do this ourselves to avoid any sort of indebtedness to any official entity. In addition, a local SF TV news service has expressed real interest in getting a copy of PGP (DOS), so I will soon post a request for someone to supply that to a certain address (stay tuned). Again, I want to stress the importance of a central repository of all PGP versions for distribution for non-profit purposes such as being able to sign on to this list. The importance of ensuring that the software at this site is not compromised in any way is crucial, just to state the obvious. More later. Hope to see people at CFP and the Modern Times bookstore gig on Sunday. dave|evad PS: In future, I will be receiving mail from the Cypherpunks list at . any personal msgs can still be sent to me at . -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.1e mQCNAitfCt4AAAEEANk+zWV0Z1tnxsJm25BAvH2NI68RbNOaumDofJgVUL9BePQI HNNbOdu4gAmhcEXMvFVwu3vju4nh9qnzz7lYpw5Yh6TcgVI+vb9OsljfAR+ibhDN j5ParKfwZ+mexOCAfrgdt1z71XLY588qxs70ha6u76dvxUsdw6HBOF9KrwDlAAUT tCJEYXZpZCBEZWwgVG9ydG8gPGRlbHRvcnRvQGFvbC5jb20+ =YGwT -----END PGP PUBLIC KEY BLOCK----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dclunie@pax.tpa.com.au (David Clunie) Date: Wed, 3 Mar 93 13:56:04 PST To: cypherpunks@toad.com Subject: Re: ANON: My remailer Message-ID: <9303032153.AA17736@britt> MIME-Version: 1.0 Content-Type: text/plain > I only got a brief message from the system administrator stating > "Running anonymous remailers is against University policy." What they probably mean is it is against their system administrator's policy ! I would be very surprised if the governing body of the university had a policy regarding this ! Not that you are in a position to argue of course. david From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Theodore Ts'o Date: Thu, 4 Mar 93 05:56:13 PST To: Peter Honeyman Subject: Re: You Aren't [I'm Not] In-Reply-To: <9303040224.AA01178@toad.com> Message-ID: <9303041354.AA25816@SOS> MIME-Version: 1.0 Content-Type: text/plain From: Peter Honeyman Date: Wed, 3 Mar 93 21:22:27 EST ... I don't believe in prior restraint; but I do believe in personal responsibility ... ... in this model, how can you provide personal responsibility? ted, when you say you favor personal responsibility, do you mean "i am in favor of people acting responsibly," which i take to be the sense of the first quote, or do you mean "i want there to be a way to hold people responsible for their actions," which i take to be the meaning of the second? Yes, I mean the second interpretation; what generally tends to happen is that without the second, generally the first deteriorates over time. And "holding somone responsible for their actions" doesn't necessarilly mean throwing someone in jail, or sueing them for lots of money --- it can be as simple as their knowing that what they say can be traced back to them, and their own personal credibility is on the line. (As opposed to some pseudonym's credibility, which can always be discarded and a new one requested.) - Ted From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Honeyman Date: Thu, 4 Mar 93 06:51:18 PST To: CypherPunks@toad.com Subject: Re: You Aren't [I'm Not] Message-ID: <9303041451.AA15191@toad.com> MIME-Version: 1.0 Content-Type: text/plain Date: Thu, 4 Mar 93 08:54:56 -0500 From: Theodore Ts'o And "holding somone responsible for their actions" doesn't necessarilly mean throwing someone in jail, or sueing them for lots of money --- it can be as simple as their knowing that what they say can be traced back to them, and their own personal credibility is on the line. ted, do you think today's nets offer this assurance? i certainly do not. peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Breton Date: Thu, 4 Mar 93 06:54:30 PST To: Karl Barrus Subject: Re: SOCIETY: crypto impact In-Reply-To: <199303032336.AA26450@Menudo.UH.EDU> Message-ID: MIME-Version: 1.0 Content-Type: text/plain > On a related note, it is amazing how much information about you > exists. Did anyone else watch a PBS documentary about this (sorry, I > can't remember the name of it)? In the report, a writer researched > how direct mail marketing departments seek out infomation - from going > to the county court house and obtaining property and deed information, > to using census information to classify your living habits, > professional organizations you belong to, catalogs for mailing lists > of various interests, etc. Some supermarkets were even testing a > system in which your purchases (scanned by the bar code reader) are > saved and indexed by your credit card or check! Banks could then sell > this extremely valuable information to direct mail houses. Check out the books "Privacy for Sale" and "The Naked Consumer" for thorough treatments of this topic. Or read the *.privacy groups for a while.... Peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tribble@memex.com (E. Dean Tribble) Date: Fri, 5 Mar 93 00:45:42 PST To: uunet!cs.Buffalo.EDU!babani@uunet.UU.NET Subject: ANON: Textual analysis In-Reply-To: <9303031648.AA17469@armstrong.cs.Buffalo.EDU> Message-ID: <9303041831.AA03710@memexis.memex.com> MIME-Version: 1.0 Content-Type: text/plain >We probably need "rephrasing remailers" which do some rudimentary That is insane... remailers are not the place where this kind of work should be taking place. If anything the user should run his document Hardly insane. If the rephrasing software were available for Connection Machines and nothing else, then one would very much want a remailing server that would rewrite phrases for you. It'd be wonderful if it worked on Joe Schmoe's 286 box, but it's pretty unlikely. Until it does, using such capabilities built into remailers would be an improvement over the current situation. Note that I'm not making any claims that the technology is possible any time soon. dean From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Theodore Ts'o Date: Thu, 4 Mar 93 07:40:37 PST To: cypherpunks@toad.com Subject: Encrypted voice protocol? Message-ID: <9303041539.AA25836@SOS> MIME-Version: 1.0 Content-Type: text/plain People may find this very interesting..... the Pro Audio Spectrum 16 soundboard can play and record sound at the same time; as far as I know, this is the only commercially available board on the market that will do this. (Commercially available is important, because it means that people would be able to purchase said board cheaply, or perhaps alreadydy have.) So for roughly $200 US, and a little software, it should be possible to put together something that would do encrypted voice communications over the network. Is there any interest in developing some sort of standard protocol and software to do encrypted, compressed voice communications over TCP/IP? I can think some obvious design constraints right away; it should be device independent, which means it needs to be able to support multiple sampling rates, and negotiate sampling rates, in case one side as a limited range of sampling rates to choose from. It should support both multiple private and public key encryption algorithms, as well as multiple choicese of compression technologies. We'd probably want to have a core set of algorithms that everyone would be expected to support, for the sake of interoperability, and allow for people to experment with more powerful encryption/compression techniquese. And finally, for obvious reasons, at least one implementation should be developed in a non-COCOM country. :-) Is this something that people would be interested in working on? - Ted ------- Forwarded Message From: "Linux Activists" To: "Linux-Activists" Reply-To: "Linux-Activists" X-Note1: Remember to put 'X-Mn-Key: SOUND' to your mail body or header Subject: Linux-Activists - SOUND Channel digest. 93-2-4-3:1 X-Mn-Key: SOUND Sender: owner-linux-activists@joker.cs.hut.fi Date: Thu, 4 Mar 1993 08:25:39 +0200 From: hsavolai@cs.Helsinki.FI (Hannu Savolainen) Subject: Preliminary GUS driver available Date: Thu, 4 Mar 1993 02:29:29 +0200 Hi folks, There is a very early testing version of the GUS (Gravis Ultrasound) driver available at klingon.epas.utoronto.ca (the GUS archive site) in directory pub/pc/ultrasound/submit. This version contains a simple API which makes it possible to write applications for GUS under Linux. Since there is no such applications yet, this is just a hacker's release. *** This is just a pre pre pre alpha version. I will release an official version after a couple of months. The official and supported version is 1.0 which you propably have already *** Additionally this version contains some changes for SB and PAS users. It is for example possible to record and play at the same time with PAS16 (there is a new devicefile (/dev/dsp1 (minor 19)), whic is connected to the SB DSP emulator of PAS. ...... ------- End Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tribble@memex.com (E. Dean Tribble) Date: Fri, 5 Mar 93 00:45:39 PST To: uunet!genmagic.genmagic.com!fen@uunet.UU.NET Subject: Handling Abuses of Remailers In-Reply-To: <9303031918.AA00242@> Message-ID: <9303041853.AA03723@memexis.memex.com> MIME-Version: 1.0 Content-Type: text/plain I would support the idea if I felt that the system would quiet the flame wars, but I think rather it would simply quiet the poor... Not at all. It would merely prevent them from using those particular anonymous remailers. Still a problem, but much less of one. dean From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Theodore Ts'o Date: Thu, 4 Mar 93 07:57:30 PST To: Peter Honeyman Subject: Re: You Aren't [I'm Not] In-Reply-To: <9303041451.AA15191@toad.com> Message-ID: <9303041556.AA25853@SOS> MIME-Version: 1.0 Content-Type: text/plain From: Peter Honeyman Date: Thu, 4 Mar 93 09:49:10 EST Date: Thu, 4 Mar 93 08:54:56 -0500 From: Theodore Ts'o And "holding somone responsible for their actions" doesn't necessarilly mean throwing someone in jail, or sueing them for lots of money --- it can be as simple as their knowing that what they say can be traced back to them, and their own personal credibility is on the line. ted, do you think today's nets offer this assurance? i certainly do not. Not completely, no. But to a certain extent, yes. It is generally much more difficult to get a new account on a (same or differemt) computer system, then it is to get a new pseudonym assigned to you by a remailer, or to generate a new public/private key pair. So if you drag your email identity through the mud, you are damaging yourself. If today's nets did not have this characteristic, why are people building remailers in the first place?!? The answer, of course, is that they do have this effect. And, of course, if someone is truely abusive --- or perhaps isn't being intentially malicious, but by accident started a mail loop of some kind, perhaps involving a buggy vacation program --- you can always send mail to the postmaster of his/her site. There are definitely controls on undesireable behavior (whether intentional or non-intentional) which get lost when you move to a remailer based system. - Ted From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Honeyman Date: Thu, 4 Mar 93 08:05:18 PST To: CypherPunks@toad.com Subject: Re: You Aren't [I'm Not] Message-ID: <9303041605.AA16665@toad.com> MIME-Version: 1.0 Content-Type: text/plain ted, i think that with just a little of the right technical stuff, it is very easy to establish a nym in today's nets. e.g., if you buy a cheap unix box, it comes with uucp, so you can hook up to one of many anonymous uucp sites. that's easy. i know of several slip/ppp endpoints that aren't password protected. more every day, in fact. that's easy. perhaps it's this easy with fido. the point of remailers is to enable this technology to the technologically challenged. (as well as to explore the technical and social space that nyms define.) peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tribble@memex.com (E. Dean Tribble) Date: Fri, 5 Mar 93 00:45:36 PST To: cypherpunks@toad.com Subject: ANON: My remailer In-Reply-To: <9303032218.AA03614@bsu-cs.bsu.edu> Message-ID: <9303041907.AA03744@memexis.memex.com> MIME-Version: 1.0 Content-Type: text/plain Enough rambling--I'm sorry to see a remailer demise and hope that mine will not fall under the unethical clause here. If I find a solution, you will be the first to know. This is not intended as pressure. Coudln't you argue with their conclusion that it is unethical? If they were to make such a claim, it would certainly be a good opportunity to push them on the issue of free speech. dean From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: eichin@cygnus.com (Mark Eichin) Date: Thu, 4 Mar 93 11:11:40 PST To: tytso@Athena.MIT.EDU Subject: re: You Aren't [I'm Not] In-Reply-To: <9303041824.AA26578@SOS> Message-ID: <9303041910.AA28103@cygnus.com> MIME-Version: 1.0 Content-Type: text/plain > i know of several slip/ppp endpoints that aren't password protected. more > every day, in fact. >probably clamp down anyway, since presumably they didn't pay good money >for those resources to give them away free to anyone who can dail up to I was wondering about that -- I kind of assumed that Peter meant "real" endpoints that were unprotected because they provided service that way. For example, UUNET has (had?) a 1-900-GETSRCS (or something like that) UUCP dialin, the phone company mediated money handling, uunet didn't care who you were -- but as far as I know it would only allow file transfer. Are there any slip/ppp/uucp+rmail points that are "open" that aren't likely to dry up if they get widely announced? If so, please announce them! _Mark_ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@rosebud.ee.uh.edu Date: Thu, 4 Mar 93 11:09:55 PST To: cypherpunks@toad.com Subject: FLAME: Defending unpopular views Message-ID: <9303041909.AA20077@toad.com> MIME-Version: 1.0 Content-Type: text/plain From John Stuart Mill, On Liberty, 1859: [I]f any opinion is compelled to silence, that opinion may, for aught we can certainly know, be true. To deny this is to assume our own infalliabilty .... [T]hough the silenced opinion be an error, it may, and very commonly does, contain a portion of truth; and since the general or prevailing opinion on any subject is rarely or never the whole truth, it is only by the collision of adverse opinions that the remainder of the truth has any chance of being supplied .... [E]ven if the received opinion be not only true, but the whole truth; unless it is suffered to be, and actually is, vigorously and earnestly contested, it will, by most of those who receive it, be held in the manner of a prejudice, with little comprehension [of] or feeling [for] its rational grounds. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Theodore Ts'o Date: Thu, 4 Mar 93 10:26:19 PST To: Peter Honeyman Subject: Re: You Aren't [I'm Not] In-Reply-To: <9303041605.AA16665@toad.com> Message-ID: <9303041824.AA26578@SOS> MIME-Version: 1.0 Content-Type: text/plain From: Peter Honeyman Date: Thu, 4 Mar 93 11:03:53 EST ted, i think that with just a little of the right technical stuff, it is very easy to establish a nym in today's nets. e.g., if you buy a cheap unix box, it comes with uucp, so you can hook up to one of many anonymous uucp sites. that's easy. Buying a unix box and finding a UUCP connection is still a lot more effort than getting a new anonymous remailer pseudomnym. It certainly costs a lot more money! And if you continuously mailbomb someone, the victim still has the (somewhat tenuous) recourse of asking the upstream uucp site to cut off the miscreant. There are controls to reduce how much someone can abuse the network. i know of several slip/ppp endpoints that aren't password protected. more every day, in fact. that's easy. And if those endpoints were abused, the owners of said endpoints would probably clamp down and protect them. (If they're used too much, they'd probably clamp down anyway, since presumably they didn't pay good money for those resources to give them away free to anyone who can dail up to them.) There are controls to reduce how much someone can abuse the network. You seem to be proposing that all such controls be removed. - Ted From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peter honeyman Date: Thu, 4 Mar 93 10:44:15 PST To: CypherPunks@toad.com Subject: Re: You Aren't [I'm Not] In-Reply-To: <9303041824.AA26578@SOS> Message-ID: <9303041844.AA19612@toad.com> MIME-Version: 1.0 Content-Type: text/plain > Date: Thu, 4 Mar 93 13:24:58 -0500 > From: Theodore Ts'o > > There are controls to reduce how much someone can abuse the network. they are no more stringent than those employed by remailer operators. > You seem to be proposing that all such controls be removed. you are reading me wrong. peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: babani@cs.Buffalo.EDU (Rusty Babani) Date: Thu, 4 Mar 93 10:55:51 PST To: cypherpunks@toad.com Subject: PGP: removed from UB Message-ID: <9303041854.AA04739@armstrong.cs.Buffalo.EDU> MIME-Version: 1.0 Content-Type: text/plain This message came to me immidatly after I requested the sysadmin here at UB to upgrade to PGP to version 2.1 Do I need to explain this? ---------Begin Included Message----- Organization: University at Buffalo Date: Tue, 2 Mar 1993 00:20:53 GMT Path: acsu.buffalo.edu!ub!pjg From: ACSU Staff Subject: UNIX Change Notice -- pgp removed Product: pgp Version: 2 Systems: UCS public suns Change: removed Contact: pjg@acsu.buffalo.edu Effective: 2-March-93 Notes: given the questionable legal status of the PGP software it has been removed from UCS supported areas. people interested in authentication/privacy should use ripem. -- +==== Internet: babani@cs.buffalo.edu ===+======== Amateur-Radio: N2LYC ======+ ! Bitnet: V078LNGT@ubvms.BITNET | UUCP: rutgers!ub!babani ! ! Alternate: an173@cleveland.freenet.edu | Plsure dpnds on the othrs prmison. ! +== PGP key available. (If you don't know what a PGP key is... find out!) ==+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peter honeyman Date: Thu, 4 Mar 93 11:20:21 PST To: CypherPunks@toad.com Subject: Re: You Aren't [I'm Not] In-Reply-To: <9303041910.AA28103@cygnus.com> Message-ID: <9303041920.AA20297@toad.com> MIME-Version: 1.0 Content-Type: text/plain > Are there any slip/ppp/uucp+rmail points that are "open" that > aren't likely to dry up if they get widely announced? If so, please > announce them! no can do -- in fact, i regret opening my mouth in the first place. (i should have used a nym!) peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Chael Hall) Date: Thu, 4 Mar 93 12:05:00 PST To: babani@cs.buffalo.edu (Rusty Babani) Subject: ANON/ANNOUNCE: Sysadmin Policies at Universities (and high schools) In-Reply-To: <9303041854.AA04739@armstrong.cs.Buffalo.EDU> Message-ID: <9303042001.AA11479@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain > >This message came to me immidatly after I requested the sysadmin here >at UB to upgrade to PGP to version 2.1 Do I need to explain this? > > Notes: given the questionable legal status of the PGP software > it has been removed from UCS supported areas. people > interested in authentication/privacy should use ripem. It sounds like someone needs to take a stand against the UCS policies at Buffalo or else they are going to go farther and farther... Trust me, that is happening on this campus too. I used to go to high school here on the other end of campus. It was a new HS when I started (first graduating class) so they had a lot to learn. I walked in, found the manager of the LAN and other sundry computer duties, and told him, "I would like to help you out in any way I can. I would suggest enlisting my help, because you don't want me on the other side." I thought it was kinda cute with the right balance of cockiness... Well, he didn't enlist my help... He gave up coordination of the LAN after a lot of student troubles and the next guy was a real tyrant. If it weren't for the work of five "lab supervisors" (i.e. student assistants to the sysadmin) the system would have fallen last year. I was one of the five and we worked very hard to keep the students' interests in mind while steering policy to an open and simple system. Now that we are gone, they made the policy more restrictive step by step. A student presumably got access to the sysadmin's account and changed all of the Novell stuff around so that the students were sysadmin but the sysadmin couldn't get into the network at all. (oops) Now they have gone to a closed lab policy: each person has to run his/her student ID through a scanner, gets assigned a computer, and is watched like prey. Any files that have "questionable" content or are named "unsuitably" are deleted and the student loses his/her account for a few days. They are suspending kids for a week just because they bypass the program that lets the sysadmin view their screen. Granted, this LAN is owned and operated by the school, but they would not set a policy even when we proposed one to them that was in their favor (at the time). So, the policy changes from day to day and the students, being the oppressed, get the short end of the stick. I have taken myself out of the situation as much as I can... Strangely, I now work for the university's LAN support group, but they know better than to assign me to jobs dealing with the HS. The students have no voice there--I realize that minors do not have freedom of speech, but grievances should be heard and policy should be decided in an unbiased way. I disagree with some of what the students are doing, but I abhor the policy (or lack thereof) of dealing with "crimes" by the students. If you want to let Buffalo take a turn for the worse as far as policy goes, then don't say anything about their decisions. I would NONviolently oppose whatever you think is not right. The questions I have for you are: how do you get an account on their system? If every student is given one (like our VMS system at BSU) then they will likely not take it away if you fight for your rights. If you have to request the account and they disable them as soon as you no longer "need" them, you should be careful about which channels you use... I would have friends complain for you. :) Do it anonymously through a remailer... No matter what, if you are passive, you'll lose. Chael Hall -- Chael Hall nowhere@bsu-cs.bsu.edu, 00CCHALL@BSUVC.BSU.EDU (317) 285-3648 after 5 pm EST From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dclunie@pax.tpa.com.au (David Clunie) Date: Wed, 3 Mar 93 20:56:53 PST To: cypherpunks@toad.com Subject: Re: ANON: My remailer Message-ID: <9303040454.AA18059@britt> MIME-Version: 1.0 Content-Type: text/plain > I know that the remailer I was running wasn't the biggest kept secret, > however, I made sure not to mention it to too many local people. I > wonder if my sysadmin found out thru mail-logs or thru a pgp key > server or somebody told him or what? I guess I'll never find out. Why not just ask him/her ? And while you are at it, you could ask them why they developed such a policy. Though you are obviously obliged to respect it, there is no harm in asking them what their rationale is ... it would be nice to know whether the policy was adopted on purely theoretical grounds or whether they were responding to a specific pattern of misuse. I also noticed that the policy you posted made no reference to the privacy of plaintext email, or its lack thereof. david From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Chael Hall) Date: Thu, 4 Mar 93 14:14:13 PST To: cypherpunks@toad.com Subject: ANNOUNCE/ANON: Posting in alt.cyberpunk Message-ID: <9303042210.AA22524@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain For those who do not read alt.cyberpunk, I found an interesting article that I think is applicable to cypherpunks. Chael Hall --- Begin forwarded message Newsgroups: alt.cyberpunk Subject: internet and security Message-ID: From: strake@coos.dartmouth.edu (strake) Date: 3 Mar 93 02:18:51 GMT a request to all you folks out there. I am thinking of doing a research type paper on the internet and security. More to the point, I'm interested in how the internet users themselves view security. If internet and security strike some cord in you, please send me some email about your babblings. My goal is to get a general impression about how the people who use the net feel about the security measures that exist or may soon exist and whether or not they are a help or a hindrance to the net and its use. For the rest of you on a more specific note, here are some questions that hopefully will get your creative juices flowing. Do you think the internet is secure? What types of security measures would you like to see put in place? In an ideal world, how would security work? What would be protected? What kinds of measures would you need to gain access to the information? Should the DES be the standard for encryption? Do you think access should be restricted? (period, should all information just b e free?) Do you like people who make anonymous postings? Should a human have _any_ part of the anonymous servers? What do you think of Hackers? Do you like them? Are the a benefit? What do you think of the NSA, FBI, CIA, and everything else government related? If you knew how to hack into your bank account and change the amount of money yo u had, would you? If you have an answer to one (or all or anything in the middle) of these questions please email me back with your answer. Help me pass my classes and graduate. *grin* -- strake@dartmouth.edu its not pop, its not coke, its not soda. where I'm from its a 'soedaher' From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Fri, 5 Mar 93 01:13:40 PST To: cypherpunks@toad.com Subject: Privacy awareness (Was: Cypherpunks priorities) Message-ID: MIME-Version: 1.0 Content-Type: text/plain Eric Hughes writes - EH> 4. Fighting restrictions on cryptography. In the US, that means EH> getting actively engaged in fighting key registration ideas. This EH> means preemptively writing your elected leaders _in advance_ of a EH> specific issue. It also means writing about export restrictions in EH> cryptography. In France, that means raising public awareness on EH> cryptography restrictions and the eventual effects that will have on EH> the open society there. In all countries, it requires vigilance. Amen, brother. EH> 5. Increasing awareness of privacy issues. Most think they have EH> nothing to hide. Most also hate it when they get extremely detailed EH> junk mail about their own lives. Teach the defense of privacy. This is perhaps the most difficult feat to accomplish. Education and "awareness" are both strictly accomplished on a somewhat voluntary basis. For those who can absorb the importance and criticality of digital privacy, however, it's an eye-opener. A lot of folks have no idea how some of the proposed "legislation" would affect them personally. Cheers. Paul Ferguson | Network Integration Consultant | "All of life's answers are Alexandria, Virginia USA | on TV." fergp@sytex.com (Internet) | -- Homer Simpson sytex.com!fergp (UUNet) | 1:109/229 (FidoNet) | PGP public encryption key available upon request. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Chael Hall) Date: Thu, 4 Mar 93 14:41:08 PST To: nowhere@bsu-cs.bsu.edu (Chael Hall) Subject: Re: ANNOUNCE/ANON: Posting in alt.cyberpunk In-Reply-To: <9303042210.AA22524@bsu-cs.bsu.edu> Message-ID: <9303042237.AA24507@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain FYI, my personal responses: >Do you think the internet is secure? Nope... There are lots of "security holes" discussed in alt.hackers and related places. >What types of security measures would you like to see put in place? I don't think much security is necessary... If you must have some, let's make sure terrorists can't bomb the computer systems between me and the outside world so that my Internet work can get done. :) >In an ideal world, how would security work? What would be protected? >What kinds of measures would you need to gain access to the information? Well, I think each user should have a "public" area and a "private" area. Public stuff can be seen by anyone wandering by. That could be the casual observer using anonymous FTP or NFS mount or someone local to your system. Private stuff should be kept away from the sysadmin's eyes as well... There is no good way to do this, of course. I would like either of the following scenarios: sysadmin has a laissez-faire attitude to my files and how I use the system or sysadmin can't see or control either of the above. >Should the DES be the standard for encryption? No. >Do you think access should be restricted? (period, should all information just b >e free?) What I want protected should be protected and what I want available should be available. Right now, I have difficulty making what I have available to others. At the same time, I don't have enough quota to do any kind of work (my account is full with PGP 2.1, the remailer, and my mail. >Do you like people who make anonymous postings? On an individual basis, I like some and dislike some. >Should a human have _any_ part of the anonymous servers? Yes, the human should be there to answer questions and reboot the server when it hangs. :) >What do you think of Hackers? Do you like them? Are the a benefit? I like them and I think that much of the work that has been done for the good of the community has been done by hackers. I think it is important to be able to finger a soft drink machine at a university in another state. :) I vigorously agree that they are beneficial. >What do you think of the NSA, FBI, CIA, and everything else government related? Well, if that isn't a way to lump it all together... The government of the U.S. and the U.K. and Australia to some extent from what I have seen seem to believe that they need to have a hand in the control of computers, information, and computer communications of information. I think the should have access and possibly provide access for the poor, but they should not control any of the above. >If you knew how to hack into your bank account and change the amount of money yo >u had, would you? Is it traceable? ;) No, I wouldn't. I work for a modest sum and I spend that money as I see fit. I live comfortably on what I make, so I do not ask for more. When I find that it is too little, I will ask for more, but stealing is not necessary because I will be happy no matter how much I have (as long as I have computer access 24 hours a day). Chael Hall -- Chael Hall nowhere@bsu-cs.bsu.edu, 00CCHALL@BSUVC.BSU.EDU (317) 285-3648 after 5 pm EST From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Honeyman Date: Thu, 4 Mar 93 18:29:16 PST To: cypherpunks@toad.com Subject: Re: ANON/ANNOUNCE: Sysadmin Policies at Universities (and high schools) Message-ID: <9303050229.AA01270@toad.com> MIME-Version: 1.0 Content-Type: text/plain don't overreact -- they are withdrawing support of pgp (i'm surprised they offered it in the first place), but are they prohibiting users from building and using pgp? now *that* would be an outrage. are they? peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ghabrech@ultrix.ramapo.edu (Phil_Osfy) Date: Thu, 4 Mar 93 18:58:31 PST To: cypherpunks@toad.com Subject: unsubscribe Message-ID: <9303050301.AA21415@ultrix.ramapo.edu> MIME-Version: 1.0 Content-Type: text/plain PLEASE UNSUBSCRIBE ME!!!! ghabrech@ultrix.ramapo.deu errr..... edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl Barrus Date: Thu, 4 Mar 93 20:17:41 PST To: cypherpunks@toad.com Subject: CASH/REMAIL: combination Message-ID: <199303050416.AA01513@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Cypherpunks, Some people have made excellent suggestions regarding digital cash and anonymous remailers. I'm going to try to obtain another account from a friend in order to implement a remailer which accepts digital cash. (However, this will probably wait until I am able to upgrade the bank to PERL) Maybe future for "profit" anonymous services will work similarly, thus helping to cut down on remailer abuse since abusers must be willing to "pay" for the service. I don't think I can work in usenet posting as well (technical reasons not philosophical ones!) but the whole thing should be an interesting experiment anyway. The remailer will work like the others, except valid cash must be included or the remailer will not forward the message. For ease, a number of bills will be generated upon request, which will then be deposited as used. As a side effect, bank accounts will be incremented as well (too bad real banks don't work like this) so customers may "withdraw" more bills to use for remailing messages. Since the bank won't mail back confirmation of deposits (messages may be coming from other remailers, etc.) and it would be nice to have a way for you to see if your cash was accepted and your message forwarded, I think I'll have the bank accounts copied into the .plan file so you can finger the account, check your account number and balance, and determine whether or not the remail was successful. Of course, the full account number will not be displayed - perhaps the MD5 hash of an account number or whatever will be put in the file, along with the account balance. I'll also provide a command to obtain the .plan file via email, for those without finger. Actually, for the purposes of this experiment, it might be best to not use the new site in a chain. At least until the single hop mode works well! Nathan Estey suggested to me that traffic analysis could be made more difficult if messages under a certain length were padded, and message over the length were split and remailed a piece at a time. This will help, although I think it would be easier for the sender to include padding in the message itself (thus identical messages plus random padding will encrypt differently). Plus, the message may be multiply encrypted and thus padding cannot be added "inside." Maybe future mail software will automatically pad in addition to encrypt :-) I may implement a delay feature, which would help foil traffic analysis. Comments? /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK5bTsoOA7OpLWtYzAQEYMQP/WGUGNFiA9ftV7N8JRe01zLooa5b1hTaG Fh5eYiQflf9S1ttv0DCvZXo+6/yUVWLmPZHqG04xsnZXc6Z1SFw9C0zd3oP/kM9h 2IMrbrqF8ICNA8hSoDV97U2Rf+r0qpUVtSzgoOsuxw+4EVEkgjflNA9v8YJcL+Sv ZQR/6po1lU8= =QdR1 -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: avalon@coombs.anu.edu.au (Darren Reed) Date: Thu, 4 Mar 93 04:21:01 PST To: cypherpunks@toad.com Subject: Diffie-hellman Message-ID: <9303041219.AA28412@coombs.anu.edu.au> MIME-Version: 1.0 Content-Type: text/plain Does anyone know of any 'sample code' that can be ftp'd from around the place or anything which uses it ? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Fri, 5 Mar 93 00:51:03 PST To: Eric Hughes Subject: Re: more ideas on anonymity In-Reply-To: <9303031658.AA14314@soda.berkeley.edu> Message-ID: <9303050850.AA08447@toad.com> MIME-Version: 1.0 Content-Type: text/plain I heard today that the Federal Public Health Service has been trying to eliminate anonymous AIDS testing, but it's unlikely to disappear, at least in San Francisco. (The PHS claims to want peoples' identities so PHS can tell their sex partners that they're at risk. Though I haven't figured out how PHS plans to find out who's having sex with who.) It occurred to me that truly anonymous postings to online discussions about AIDS would allow people who have AIDS to discuss the changes it puts them through, without letting them be discriminated against by having their identities revealed. A video I saw about AIDS testing mentioned that if you get a positive result, you should be careful about who you tell, because there are still many unenlightened employers, landlords, insurance companies, etc. John From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: aa996@freenet.carleton.ca (Francoys Crepeau) Date: Thu, 4 Mar 93 22:22:44 PST To: cypherpunks@toad.com Subject: Please unsubscribe me Message-ID: <9303050621.AA01770@freenet.carleton.ca> MIME-Version: 1.0 Content-Type: text/plain Please unsubscribe me. Much as I find the subject quite interesting, I cannot at present devote enough time to read all of the information that comes up. I hope to be able to re-subscribe at a later date. With great regrets... -- --------------------------------------------------------------- | Francoys Crepeau, Ottawa, Canada (613) 565-7198 (VOICE) | | aa996@freenet.carleton.ca (613) 733-7191 (FAX) | --------------------------------------------------------------- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Bob Stratton Date: Fri, 5 Mar 93 00:53:21 PST To: cypherpunks@toad.com Subject: Re: Encrypted voice protocol? Message-ID: <9303050351.AA59962@horton.intercon.com> MIME-Version: 1.0 Content-Type: text/plain > Date: Thu, 4 Mar 93 10:39:20 -0500 > From: Theodore Ts'o > Subject: Encrypted voice protocol? > > > So for roughly $200 US, and a little software, it should be possible to > put together something that would do encrypted voice communications > over the network. Is there any interest in developing some sort of > standard protocol and software to do encrypted, compressed voice > communications over TCP/IP? > I don't know how many of you are at sites on the MBONE, or multicast backbone. There are already a few pieces of code out there for experimentation with transmission of audio and video information, in a variety of forms/encoding, and probably the most widely used tool, "vat - the Visual Audio Tool", already has provisions for carrying on encrypted audio teleconferences via IP. In fact, it's as simple as typing a key into a field, and the tool will DES en/decrypt the conference. --Strat, budding multicast weenie From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Fri, 5 Mar 93 09:49:13 PST To: cypherpunks@toad.com Subject: Privacy awareness (Was: Cypherpunks priorities) In-Reply-To: Message-ID: <9303051746.AA13510@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain I wrote: >EH> 5. Increasing awareness of privacy issues. Most think they have >EH> nothing to hide. Most also hate it when they get extremely detailed >EH> junk mail about their own lives. Teach the defense of privacy. Paul replies: > This is perhaps the most difficult feat to accomplish. I agree. I think junk mail may be one of the best examples from which to extrapolate for the general public. It becomes really clear exactly that they do know something, because it says so right on the letter. It's usually easier to get people thinking about their own lives than abstract privacy issues. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Fri, 5 Mar 93 10:43:32 PST To: cypherpunks@toad.com Subject: Re: Encrypted voice protocol? Message-ID: <9303051842.AA27887@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Bob Stratton writes: >I don't know how many of you are at sites on the MBONE, or multicast >backbone. There are already a few pieces of code out there for >experimentation with transmission of audio and video information, in a >variety of forms/encoding, and probably the most widely used tool, "vat - the >Visual Audio Tool", already has provisions for carrying on encrypted audio >teleconferences via IP. In fact, it's as simple as typing a key into a field, >and the tool will DES en/decrypt the conference. > >--Strat, budding multicast weenie I just read in the local paper about "Internet Radio," which sounds like some kind of transmission of compressed audio, if I have the details right. This could be interesting. The "Crypto Home Companion Show"? Anybody know anything about this? (The originator comes from Alexandria, Virginia, so perhaps Strat and our other D.C. area folks have heard more about this.) -Tim -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: babani@cs.Buffalo.EDU (Rusty Babani) Date: Fri, 5 Mar 93 07:57:09 PST To: cypherpunks@toad.com Subject: Re: ANON: Sysadmin Policies at Universities (and HS) In-Reply-To: <9303050229.AA01270@toad.com> Message-ID: <9303051556.AA19327@armstrong.cs.Buffalo.EDU> MIME-Version: 1.0 Content-Type: text/plain Peter Honeyman stated in the last message: >From cypherpunks-request@toad.com Thu Mar 4 23:20:49 1993 >From: Peter Honeyman >To: cypherpunks@toad.com >Subject: Re: ANON/ANNOUNCE: Sysadmin Policies at Universities (and high scho > >don't overreact -- they are withdrawing support of pgp (i'm surprised >they offered it in the first place), but are they prohibiting users >from building and using pgp? now *that* would be an outrage. No, not yet anyway. I've announced it in the local school newsgroups that I have pgp available in my directories (with world readable and executable permisions). But my original intent was to get pgp working in a system directory so that I wouldn't have to spare my own quota (what little I have of it). PGP eats up space! I'm begining to wonder if someday they'll say something like, "Stop using PGP or we'll close your account." That's when I'll seriously have to consider transferring. -- +==== Internet: babani@cs.buffalo.edu ===+======== Amateur-Radio: N2LYC ======+ ! Bitnet: V078LNGT@ubvms.BITNET | UUCP: rutgers!ub!babani ! ! Alternate: an173@cleveland.freenet.edu | Plsure dpnds on the othrs prmison. ! +== PGP key available. (If you don't know what a PGP key is... find out!) ==+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: babani@cs.Buffalo.EDU (Rusty Babani) Date: Fri, 5 Mar 93 08:35:43 PST To: cypherpunks@toad.com Subject: Re: ANON: Sysadmin Policies at Universities (and HS) In-Reply-To: <9303042001.AA11479@bsu-cs.bsu.edu> Message-ID: <9303051634.AA21842@armstrong.cs.Buffalo.EDU> MIME-Version: 1.0 Content-Type: text/plain Chael Hall stated in the last message: >From nowhere@bsu-cs.bsu.edu Thu Mar 4 15:03:59 1993 >Subject: ANON/ANNOUNCE: Sysadmin Policies at Universities (and high schools) >To: babani@cs.Buffalo.EDU (Rusty Babani) >>This message came to me immidatly after I requested the sysadmin here >>at UB to upgrade to PGP to version 2.1 Do I need to explain this? >> >> Notes: given the questionable legal status of the PGP software >> it has been removed from UCS supported areas. people >> interested in authentication/privacy should use ripem. > It sounds like someone needs to take a stand against the UCS policies >at Buffalo or else they are going to go farther and farther... Trust me, >that is happening on this campus too. I used to go to high school here [nice story about sudents and privacy deleted] > If you want to let Buffalo take a turn for the worse as far as >policy goes, then don't say anything about their decisions. I would ... >I have for you are: how do you get an account on their system? If They haven't changed their policy since 1988. That was when it was created and that is the same policy I had to sign to get an account one and a half years ago. VAX accounts and unix accounts on the time-share hosts are pretty much given to anyone who asks for one. Both these systems are very slow due to the high load in the daytime. Unix accounts on the special CS machines are only given to those who can prove they are in a CS related major. (I have all three types of accounts.) >NONviolently oppose whatever you think is not right. The questions I was doing this by running the remailer... However, they caught up with me. >I would have friends complain for you. :) Do it anonymously >through a remailer... No matter what, if you are passive, you'll lose. They seem to stand behind their policies and have even given me reasons as to why the policies are such. Here is the responce I got as to WHY I CANT RUN A REMAILER IN MY ACCOUNT... -------Begin Quote------- It has always been our policy that your accounts may only be used by you. Without such a policy, illegal and untracable actions may take place and these in turn put the University at serious legal risk. By installing such a mailer you are giving limited use of your account to the entire world. --------End Quote-------- Then he went on to say something to the effect of having an account is not a right but a privilage, etc. I think complaining would only hurt me right now. Even if I complain "Anonymously" I think they would be able to figure out who was behind the complaints. If I mailed a message form my account to them, they could easily trace it back to me if they wanted to... I would have to find another account on a machine not connected directly to UB to complain from. Of course, I would have to go the encrypted my messages to the anonymous remailers... all the way, and make it at MINIMUM a double hop message. It's possible. But is it worth the work especially since they seem pretty content with the policy the way it is? -- +==== Internet: babani@cs.buffalo.edu ===+======== Amateur-Radio: N2LYC ======+ ! Bitnet: V078LNGT@ubvms.BITNET | UUCP: rutgers!ub!babani ! ! Alternate: an173@cleveland.freenet.edu | Plsure dpnds on the othrs prmison. ! +== PGP key available. (If you don't know what a PGP key is... find out!) ==+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: babani@cs.Buffalo.EDU (Rusty Babani) Date: Fri, 5 Mar 93 08:47:40 PST To: cypherpunks@toad.com Subject: Re: ANON: Textual analysis In-Reply-To: <9303041831.AA03710@memexis.memex.com> Message-ID: <9303051646.AA22313@armstrong.cs.Buffalo.EDU> MIME-Version: 1.0 Content-Type: text/plain E. Dean Tribble stated in the last message: >From memexis!tribble@uunet.uu.net Fri Mar 5 03:44:47 1993 >Date: Thu, 4 Mar 93 10:31:17 PST >From: memexis!tribble@uunet.uu.net (E. Dean Tribble) >To: uunet!cs.Buffalo.EDU!babani@uunet.uu.net >Subject: ANON: Textual analysis > > >We probably need "rephrasing remailers" which do some rudimentary > > That is insane... remailers are not the place where this kind of work > should be taking place. If anything the user should run his document > >Hardly insane. If the rephrasing software were available for >Connection Machines and nothing else, then one would very much want a >remailing server that would rewrite phrases for you. It'd be >wonderful if it worked on Joe Schmoe's 286 box, but it's pretty >unlikely. I was under the impression that such software could be developed for Joe Schmoe's 286 box or even Joe Schmoe's 386 box or (if Joe is rich) his 486 box. The power of these computers shouldn't be underestimated. The first step is to develop the programs. Are there any programs redily available for testing and/or analysis on any type of platform? -- +==== Internet: babani@cs.buffalo.edu ===+======== Amateur-Radio: N2LYC ======+ ! Bitnet: V078LNGT@ubvms.BITNET | UUCP: rutgers!ub!babani ! ! Alternate: an173@cleveland.freenet.edu | Plsure dpnds on the othrs prmison. ! +== PGP key available. (If you don't know what a PGP key is... find out!) ==+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Fogleman Date: Fri, 5 Mar 93 09:03:31 PST To: cypherpunks@toad.com Subject: ANNOUNCE: Boston-area cypherpunks meeting? Message-ID: <9303051658.AA25665@ack.adstest.analog.com> MIME-Version: 1.0 Content-Type: text/plain Is there any interest in a meeting of Boston-area cypherpunks? (I've seen at least two mit.edus out there...) I'd be interested in meeting some of you in person, exchanging keys, etc. Eric Fogleman From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: robichau@lambda.msfc.nasa.gov (Paul Robichaux) Date: Fri, 5 Mar 93 10:39:05 PST To: cypherpunks@toad.com Subject: ANNOUNCE: Huntsville/Atlanta-area cypherpunks meeting? Message-ID: <9303051837.AA01339@lambda.msfc.nasa.gov.msfc.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain To echo Eric Fogleman's request for a Boston-area meeting, I'd like to know if there's any local interest in a southeast-US meeting. I'd like to hear from anyone within the quadrilateral with vertices at New Orleans, Atlanta, Huntsville, and Pensacola. As was mentioned, there are some preemptive actions we 'punks should be taking; many of them depend on coordinated action between people in the same geographic region. [And, of course, any other 'punk who happens to be in or near Huntsville is welcome to contact me.] -- Paul Robichaux, KD4JZG | May explode if disposed of improperly. Mission Software Development Div. | I'm not white- I'm Euro-American. New Technology, Inc. | RIPEM key on request. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Fri, 5 Mar 93 12:44:36 PST To: cypherpunks@toad.com Subject: You Aren't [I'm Not] In-Reply-To: <9303040426.AA24707@SOS> Message-ID: <9303052041.AA05452@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >Perhaps the real problem is that there are a large number of people who >are currently using mailing lists and Usenet newsgroups with the >expectation that there are currently existing controls on the >signal-to-noise levels Existing controls on the signal-to-noise ratio? However such postulated controls might function in practice, they don't function well enough to make Usenet useful to as many people as its bandwidth is capable of. I don't read Usenet any more. I can't find enough useful information in a short enough period of time. I have _no_ expectations about any controls of content on Usenet. Ted postulates that standards of accountability provide a control over the signal-to-noise level. I grant that. It does prevent the very worst excesses from occurring. It does provide an upper bound on noise in discussion groups. Yet this upper bound is ineffectual. Let us take the widely used analogy of Usenet as a sewer. Reading Usenet is like wading chest high through the muck. But am I reassured that there is an overflow valve so that it never gets past my chin? Hardly at all. I won't drown, to be sure; what a _slight_ comfort. (For those of you who want a much more graphic depiction of walking through sewers, read the relevant chapters in _Les Miserables_.) >and protection against mail bombs, I had thought that we had pretty clearly established that attacks on a system of content and of volume were of different natures. Lack of robustness in mail software makes a mailbomb possible, not lack of accountability. >As an artifact, certainly that can be changed; and you are proposing >that we change them. But then, who should bear the cost of this change? The structures need to be changed for much better reasons than to prevent anonymous attacks. I infer from your arguments that you think that our current communications fora, newsgroups and mailing lists, are not fundamentally broken. I do think they are fundamentally broken. (This doesn't mean that they are completely non-functional.) I think they are fundamentally broken because they do not facilitate human communication as they were intended. They did when they were small, I grant, but they did not scale well. They even continue to work when small and focused, but very few things with wide interest or large import remain small. We already have most of the features of anonymity and pseudonymity already online, in the system that already exist. I've made this point before; I'll make again now. I have never met most of the people I've conversed with online. I expect that I will never meet most of them. The personal responsibility that comes with personal contact is mostly not present online. The negative feedback loops that are normally present in face-to-face conversation are not present online, and it shows. One of the greatest lacks in online life is the lack of restraint. How many people online do you know who continue to rant about their own positions without engaging in dialectic with another? How many do you know who, even given FAQ's, continue to ask newbie questions? How many do you know who jump to answer with the conventional net-foolishness about whatever issue is at hand. (For a concrete example, consider patent legalities.) Lack of restraint causes far more problems that lack of accountability. We have most all of the disadvantages of pseudonymity, but hardly any of the advantages. Our correspondents are able to be determined readily by anyone with the ability to monitor (and that's quite a few people). We therefore cannot conduct our affairs online with the same amount of privacy we can create in the physical world. There is no assurance, when exposing the corruption of a powerful figure, that one's identity cannot be determined and punitive actions taken. Those who have some sort of taint imputed them by certain sections of society do not out of fear speak freely. The virtues of technically secure anonymity outweigh the negative effects. You can flame impersonally as much as you want right now, and there is no recourse. Yet you cannot keep private from your own sysadmin the identities of those with whom you communicate. Anonymity in communciations is fundamentally consistent with an open society dedicated to free speech. >To bring this back to the house/anonymous bull horn analogy, that would >be like deciding cease considering sound (or rather lack of sound) a >commons, and expecting each home owner, who up until now enjoyed the >relative peace and quiet of their neighborhood, to pay the cost of >losing their sightlines, and needing to put up expensive shielding. I will not press the point further than the following. Whereas we cannot change the physics of wave propagation in air, we can change where the cables are laid. >Maybe there are good, sound, policy reasons for making this change. But >out of fairness, one would think that the agents of change should be >prepared to bear some of cost of that change. Were there silence before in the neighborhood, I would agree. > And again, no one requires a carrier to carry anonymous messages. > Practically speaking, you might easily end up with a situation like > the alt.* hierarchy, where only certain subnets agree to exchange > anonymous traffic. I suspect this is inevitable in the short term. >Well, this really can only happen if a carrier can easily distinguish >anonymous messages from non-anonymous messages. The simple expedient of a standard header line has already been agreed upon. Re: crank calls > But the phone company is not held liable when the call was made from a > pay phone. >True; but the phone company is a common carrier. The networks today >aren't. This could be changed by legislation, and that's something I >would support, for networks. I think that networks will be common carriers, for the same reasons that phone companies became such: that having a common carrier is consistent with freedom of speech in an open society. >However, I doubt that such legislation >would actually extend as far as protecting hosts on a network, such as >remailer sites. You can't protect the network unless you *do* protect individual sites. The network as a whole is not a legal entity, only the companies and individuals that run them are. I have left off a reply of the libel issue for such a time after I have read up a little on the subject. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Fri, 5 Mar 93 12:57:42 PST To: cypherpunks@toad.com Subject: ANON: Sysadmin policies at universities In-Reply-To: <9303052014.AA26191@ack.adstest.analog.com> Message-ID: <9303052054.AA07423@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >In a truly free society, you have >the right to use your property as you see fit. And so does the university. Let us remember that in this case the university is a state university, which does not sove the problem, of course, but which does change it in some significant ways. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ghabrech@ultrix.ramapo.edu (Phil_Osfy) Date: Fri, 5 Mar 93 10:59:12 PST To: cypherpunks@toad.com Subject: Unsubscribe me!!!! Message-ID: <9303051901.AA01141@ultrix.ramapo.edu> MIME-Version: 1.0 Content-Type: text/plain Come on guys, I asked a couple of times already, UNSUBSCRIBE ME!!! UNSUBSCRIBE ME!!! UNSUBSCRIBE ME!!! UNSUBSCRIBE ME!!! UNSUBSCRIBE ME!!! UNSUBSCRIBE ME!!! UNSUBSCRIBE ME!!! UNSUBSCRIBE ME!!! UNSUBSCRIBE ME!!! UNSUBSCRIBE ME!!! UNSUBSCRIBE ME!!! UNSUBSCRIBE ME!!! UNSUBSCRIBE ME!!! UNSUBSCRIBE ME!!! UNSUBSCRIBE ME!!! UNSUBSCRIBE ME!!! UNSUBSCRIBE ME!!! UNSUBSCRIBE ME!!! UNSUBSCRIBE ME!!! UNSUBSCRIBE ME!!! UNSUBSCRIBE ME!!! UNSUBSCRIBE ME!!! UNSUBSCRIBE ME!!! UNSUBSCRIBE ME!!! UNSUBSCRIBE ME!!! UNSUBSCRIBE ME!!! UNSUBSCRIBE ME!!! UNSUBSCRIBE ME!!! UNSUBSCRIBE ME!!! UNSUBSCRIBE ME!!! Got the point? Thanx, ghabrech@ultrix.ramapo.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jordan@imsi.com (Jordan Hayes) Date: Fri, 5 Mar 93 11:28:57 PST To: cypherpunks@toad.com Subject: Re: ANON: Sysadmin Policies at Universities (and HS) Message-ID: <9303051904.AA25221@IMSI.COM> MIME-Version: 1.0 Content-Type: text/plain From babani@cs.buffalo.edu Fri Mar 5 13:56:06 1993 Here is the responce I got as to WHY I CANT RUN A REMAILER IN MY ACCOUNT... Why do you continue to think it's "your" account? If you want to have such a thing to call "your account" you're welcome to plunk down some $$$, buy a machine, get yerself a network link, and remail to your heart's content. If I were another CS student at UB, I would be bummed if the scarce (by your account, and by most others at universities) cycles I needed to get my homework done were being given away to folks all over the world via a remailer. That's all those machines need is more sendmail processes running :-) /jordan From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: rustman@netcom.com (Rusty Hodge) Date: Fri, 5 Mar 93 14:06:35 PST To: cypherpunks@toad.com Subject: Re: MISC: Internet Talk Radio In-Reply-To: Message-ID: <9303052205.AA23397@netcom2.netcom.com> MIME-Version: 1.0 Content-Type: text/plain > This is not really relevant to the topics of this list, but... > > From: tcmay@netcom.com (Timothy C. May) > > I just read in the local paper about "Internet Radio," which sounds like > > some kind of transmission of compressed audio, if I have the details right. > > Anybody know anything about this? > What they are going to do is produce talk radio programs in professional > audio studios, and then instead of broadcasting on the air, they will > convert it all to a large (estimated about 15MB) sound file, which is > then widely distributed using ftp, and played by anyone who wants, > on their workstation (or a PC with a sound card). Is that related to Internet TV, where professionally produced television shows are converted to digital video (a la Quicktime), and then the 200mb file is ftp'ed to the world? :-> -- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dmandl@shearson.com (David Mandl) Date: Fri, 5 Mar 93 12:05:59 PST To: cypherpunks@toad.com Subject: Re: Encrypted voice protocol? Message-ID: <9303051935.AA18846@tardis.shearson.com> MIME-Version: 1.0 Content-Type: text/plain > I just read in the local paper about "Internet Radio," which sounds like > some kind of transmission of compressed audio, if I have the details right. > > This could be interesting. The "Crypto Home Companion Show"? > > Anybody know anything about this? (The originator comes from Alexandria, > Virginia, so perhaps Strat and our other D.C. area folks have heard more > about this.) > > -Tim Yup, big article in the New York Times yesterday (front page!), and a smaller article in today's New York Newsday. Anyone out there have the time to post either of them to the group??? BTW, a friend and I are just wrapping up a big anthology on radio (the new issue of Semiotext(e), if anyone's interested). I would have loved to get this stuff in there, but alas, we just missed... --Dave. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: kelly@netcom.com (Kelly Goen) Date: Fri, 5 Mar 93 14:50:43 PST To: cypherpunks@toad.com Subject: ANON POLICY: was I`m not Message-ID: <9303052249.AA26423@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Forwarded message: > From cypherpunks-request@toad.com Fri Mar 5 13:38:47 1993 > Date: Fri, 5 Mar 93 16:26:11 -0500 > From: Theodore Ts'o > Message-Id: <9303052126.AA02211@SOS> > To: Eric Hughes > Cc: cypherpunks@toad.com > In-Reply-To: Eric Hughes's message of Fri, 5 Mar 93 12:41:24 -0800, > <9303052041.AA05452@soda.berkeley.edu> > Address: 1 Amherst St., Cambridge, MA 02139 > Phone: (617) 253-8091 > > Date: Fri, 5 Mar 93 12:41:24 -0800 > From: Eric Hughes > > Existing controls on the signal-to-noise ratio? > > Yet this upper bound is ineffectual. Let us take the widely used > companies and individuals that run them are. > > Sure you can; you can protect regional and national networks such as MUCH deleted > If you cause someone damage by your speech, and you maliciously did so > knowing that your speech was false, the person you harmed should be able > to recover damages from you, whether it is done over the phone or done > over a TCP/IP network. > > - Ted > > Fortunately... Libel is a totally ineffectual law for attempting to impose the kinds of censorship that Ted seems to be espousing. Libel and slander laws are OFTEN used by the powers that be (governmental, corporate etc) to silence the oppostion in matters of human rights, ecology etc... just because a charge of libel or slander has been made doesnt mean that the charges are just or proper... often it is merely an attempt to silence the opposition... The world of cyberspace crossing without form international boundaries for now is a shield against censorship due to the complex legalities involved... remailers in seperate countries careful chosen offer complete protection against Ted and his loyal opposition. (your cabal ted... :) BTW: for me... control=censorship,interdiction etc... cheers kelly -- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jcoryell%nwu.edu@UICVM.UIC.EDU (John Coryell.) Date: Fri, 5 Mar 93 16:17:56 PST To: cypherpunks@toad.com Subject: Re: Encrypted voice protocol? In-Reply-To: <9303051842.AA27887@netcom.netcom.com> Message-ID: <9303060017.AA26284@toad.com> MIME-Version: 1.0 Content-Type: text/plain >I just read in the local paper about "Internet Radio," which sounds like >some kind of transmission of compressed audio, if I have the details right. > >This could be interesting. The "Crypto Home Companion Show"? > >Anybody know anything about this? (The originator comes from Alexandria, >Virginia, so perhaps Strat and our other D.C. area folks have heard more >about this.) > >-Tim Wasn't this the subject of that article in the NYT the other day? John Coryell. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com (Bill_Stewart(HOY002)1305) Date: Fri, 5 Mar 93 11:55:09 PST To: cypherpunks@toad.com Subject: Re: Encrypted voice protocol? Message-ID: <9303051954.AA22260@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text (Carl - this is a reply to a cypherpunks mailing list mention of your program. Way to go, and good luck!) Internet Talk Radio also made the Front Page of the New York Times 3/4/93. The picture of Carl Malamud showed him in his office, with a computer near the front with "Internet Talk Radio" running on it, and a poster on the back wall saying "Freedom of the Press belongs to those who own one", put out by some computer company or other. Story by John Markoff, of course. It's basically going to be a half-hour audio segment, with interviews ("Geek of the Week") plus miscellaneous news and stories, kind of in the style of All Things Considered. Folks with high-end systems will be able to listen in real-time; folks with lower-end will need to download slowly and listen later. Size is about 15 MB, data rate 64 kb/s, estimated 2400-baud time 14 hours. I'm surprised he's not doing better compression than that, but (speculation) this may be broadcast-quality audio with ADPCM rather than telephone-quality 3kHz audio uncompressed? The broadcast will be split up into segments, so you can get pieces without downloading the whole thing. Initially it's audio-only but may add some multi-media stuff, especially for navigation through the sound files. GIFs of the guest would be an obvious extension.... Some good interviews with Nicholas Negroponte of MIT Media Lab and Paul Saffo of Institute for the Future. No mention of encryption, MIME, pricing, retransmission policy, etc. Some nice commentary on the relationship between this and the broadcast industry. Computer fu. Gratuitous NREN fu. No blood but a little Gore. Joe Bob says "Check it out!" Bill Stewart wcs@anchor.att.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: root@rmsdell.ftl.fl.us (Yanek Martinson) Date: Fri, 5 Mar 93 12:29:31 PST To: cypherpunks@toad.com Subject: MISC: Internet Talk Radio Message-ID: MIME-Version: 1.0 Content-Type: text/plain This is not really relevant to the topics of this list, but... > From: tcmay@netcom.com (Timothy C. May) > > I just read in the local paper about "Internet Radio," which sounds like > some kind of transmission of compressed audio, if I have the details right. > Anybody know anything about this? What they are going to do is produce talk radio programs in professional audio studios, and then instead of broadcasting on the air, they will convert it all to a large (estimated about 15MB) sound file, which is then widely distributed using ftp, and played by anyone who wants, on their workstation (or a PC with a sound card). I have an article on it, if you want me to send it to you, let me know. -- Yanek Martinson yanek@novavax.nova.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Duncan Frissell <76630.3577@CompuServe.COM> Date: Fri, 5 Mar 93 13:13:32 PST To: Subject: Re: Wasted BAndwidth Message-ID: <930305201210_76630.3577_EHL17-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain >They're not going to *care* that the last remailer on the chain (who >will, presumably, be identifiable) wasn't responsible for the message >which was sent. They're just going to invade the building the >remailing host is in, kill everyone in the room, and destroy the >machine, and all the machines around it. If they don't know which is >the remailer, they'll just blow up the whole block. They don't care > >I do not advocate censorship. I advocate responsibility. > > Marc In another couple of years, the "remailers" will not be *in* buildings but running as distributed processes on machines from Anchorage to Wellington. Hard to raid. You will be able to set up your own communications server located "somewhere on the nets" to handle message forwarding to you. Hard to raid a billion "processes". This over romatization of government power and violence is peculiar to writers of technothrillers and certain libertarians. You know who you are. Government is good at point force. It can bomb and raid fairly effectively. This ability to put a mass of organized muscle in the field was decisive in earlier technological eras. If you are fighting peasants bound to the soil or undisciplined barbarians, a Roman Square could prevail. Government is less able to apply force on a widespread basis. It depends on the respect, fear, or acquiescence of its subjects. If those weaken or disappear governments weaken or disappear. Markets apply "force" (incentives) across a wide front. They do not require fear or acquiescence to survive. They are self-enforcing. Even commies know trade. As we become stronger as individuals (I just spent a week's pay to buy more computing power (hardware) than existed on earth in 1955) we have less fear of (others) government and greater capabilities for self- government. The "anarchy" debates are beside the point. If the market is engaged in breaking down hierarchies, the government monopoly cannot stand either. King Canute cannot order back the sea. Radical restructuring (peristroika) is on the march. Strong individuals cannot avoid replacing "others government" with self government. Others government is only stable when a monopoly institution can maintain control over information and force. Information and force are becoming widely spread. We are seeing the collapse of the coercion metaphor at least in its wholesale form. When people and markets turn away from the state, it disappears. If its monopoly is broken, we will be in the realm of competing legal systems. Duncan Frissell From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Duncan Frissell <76630.3577@CompuServe.COM> Date: Fri, 5 Mar 93 13:13:21 PST To: Subject: UCS Computing Usage Policy. Message-ID: <930305201226_76630.3577_EHL17-2@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain >Here is a copy of the policy that my system administrator was referring to: > >From: gerland@ubvmsb.cc.buffalo.edu (James R. Gerland) >Subject: UCS Computing Usage Policy. So call the ACLU and see if they are interested. Buffalo is a State Uni and subject to the 1st Amendment. Sounds like they are censoring messages based on content (or lack of content in the case of anonymity. Could the University Post office refuse to accept or deliver anonymous letters? It is unlikely that a government could force a publisher to reveal the identity of an anonymous author. There are cases in point in which people wanted NAACP membership lists where the orders were overturned on the basis of freedom of association and speech. Likewise anti-mask ordinances in some cities. As long as your remailer wasn't causing volume problems, regulation would fall outside the "time, place, and manner" restrictions. Maybe the Electronic Frontier Foundation would be interested as well. Duncan Frissell From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Fogleman Date: Fri, 5 Mar 93 12:22:43 PST To: cypherpunks@toad.com Subject: ANON: Sysadmin policies at universities Message-ID: <9303052014.AA26191@ack.adstest.analog.com> MIME-Version: 1.0 Content-Type: text/plain Jordan Hayes responds to Rusty Babani: > From babani@cs.buffalo.edu Fri Mar 5 13:56:06 1993 > > Here is the responce I got as to WHY I CANT RUN A REMAILER IN > MY ACCOUNT... > > Why do you continue to think it's "your" account? > > If you want to have such a thing to call "your account" you're welcome > to plunk down some $$$, buy a machine, get yerself a network link, and > remail to your heart's content... I have to agree with Jordan on this. In a truly free society, you have the right to use your property as you see fit. And so does the university. Your right to free speech doesn't mean you have the right to someone else's soapbox. Eric Fogleman From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: kelly@netcom.com (Kelly Goen) Date: Fri, 5 Mar 93 16:03:33 PST To: cypherpunks@toad.com Subject: VOICE PRIVACY: Internet av phones Message-ID: <9303060002.AA04236@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Forwarded message: > From cypherpunks-request@toad.com Fri Mar 5 15:32:07 1993 > Date: Fri, 5 Mar 93 18:20:30 -0500 > From: Theodore Ts'o > Message-Id: <9303052320.AA02319@SOS> > To: Bob Stratton > Cc: cypherpunks@toad.com > In-Reply-To: Bob Stratton's message of Fri, 5 Mar 1993 03:51:59 -0500, > <9303050351.AA59962@horton.intercon.com> > Subject: Re: Encrypted voice protocol? > Address: 1 Amherst St., Cambridge, MA 02139 > Phone: (617) 253-8091 > > Date: Fri, 5 Mar 1993 03:51:59 -0500 > From: Bob Stratton > > I don't know how many of you are at sites on the MBONE, or multicast > backbone. There are already a few pieces of code out there for > experimentation with transmission of audio and video information, in a > variety of forms/encoding, and probably the most widely used tool, > "vat - the Visual Audio Tool", already has provisions for carrying > on encrypted audio teleconferences via IP. In fact, it's as simple > as typing a key into a field, and the tool will DES en/decrypt the > conference. > > That's a good start! Now all we need something which is a bit more > general in its selection of the asymmetric encryption algorithm, and > something which does public key for authentication and protection of the > assymetric session key. > > - Ted > would suggest a diffie-hellman key exchange protocol to ensure non-recovery of the session key... BTW at least your hearts in the right place Ted... cheers kelly -- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter & Date: Fri, 5 Mar 93 16:17:48 PST To: cypherpunks@toad.com Subject: yet another remailer Message-ID: <9303060015.AA07939@merde.dis.org> MIME-Version: 1.0 Content-Type: text/x-pgp -----BEGIN PGP SIGNED MESSAGE----- I have just set up a remailer on the system utter.dis.org the address for this remailer is remailer@utter.dis.org. utter.dis.org: is my home Sun Sparc Station thus you should not have worry about the local sysad shutting the remailer down. the system does not know that much about uucp aliases thus if you want it get there you should use internet style addressing. if anyone would like a direct uucp connection please email me. - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.1 mQBNAiuX3kAAAAECAMd6YkS3ylajgNSzX+wYLrpW03D+99OFvePQLlR5N+R5iZBr y4FbAMeDj+eCeEAqiEyNjUxHN5tGlqx1g6tk6KcABRG0JFJlbWFpbGluZyBTZXJ2 aWNlIDxyZW1haWxlckBkaXMub3JnPrQsIEFub255bW91cyBSZW1haWxlciA8cmVt YWlsZXJAdXR0ZXIuZGlzLm9yZz4= =cnrS - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: 2.1 iQBFAgUBK5ftAchmn7GUWLLFAQFbPwF+Jvtrkm9lR4GWCTFfB6BXWVl4SmJ7t7Wp a+lZaNZ+qC6TmUVJ3Eyq4jwPbDd3L25h =gkXN -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Theodore Ts'o Date: Fri, 5 Mar 93 13:27:31 PST To: Eric Hughes Subject: Re: You Aren't [I'm Not] In-Reply-To: <9303052041.AA05452@soda.berkeley.edu> Message-ID: <9303052126.AA02211@SOS> MIME-Version: 1.0 Content-Type: text/plain Date: Fri, 5 Mar 93 12:41:24 -0800 From: Eric Hughes Existing controls on the signal-to-noise ratio? Yet this upper bound is ineffectual. Let us take the widely used analogy of Usenet as a sewer. Reading Usenet is like wading chest high through the muck. But am I reassured that there is an overflow valve so that it never gets past my chin? Hardly at all. I won't drown, to be sure; what a _slight_ comfort. Touche'. Granted, the signal-to-noise ratio on Usenet varies widely. However, some groups still are able to function quite well, although perhaps not as well as they could in an ideal world. Just because they aren't working perfectly isn't an excuse to break them completely, or at least until this mythical positive reputation technology is implemented, debugged, and deployed on the all over Usenet. As far as the sewer analogy goes, what you are trying to do is to remove the overflow valve *now*, while not providing the drain to actually drain out all of the muck. While there has been some prototype designs which have been thrown about, I have yet to hear a coherent, realistic plan for how it could be installed on all or most of the Usenet servers and readers *today*. I had thought that we had pretty clearly established that attacks on a system of content and of volume were of different natures. Lack of robustness in mail software makes a mailbomb possible, not lack of accountability. However, this mail software is deployed all over the world, and is not going to change anytime soon. And again, I have yet to see a coherent and realistic protocol that will be able to screen out mailbombs while leaving "only the good stuff" on the SMTP layer --- let alone an implementation of the same. >Maybe there are good, sound, policy reasons for making this change. But >out of fairness, one would think that the agents of change should be >prepared to bear some of cost of that change. Were there silence before in the neighborhood, I would agree. There may not have been silence, but nevertheless, if the agents of change are going to increase the average sound level by 50db, it is unreasonable to assume that the people who will suffer from this noise increase, and who will have to go out of their way to implement soundproofing, etc. are going to sit back passively and let you screw them. You can't protect the network unless you *do* protect individual sites. The network as a whole is not a legal entity, only the companies and individuals that run them are. Sure you can; you can protect regional and national networks such as NEARnet, by making them common carriers. I think that would be a fine idea! However, that does not mean that people who connect to that network should then be also protected. In the same way, just because Nynex is a common carrier, it doesn't and shouldn't mean that anyone who uses Nynex to place a call is similarily protected from legal liability. If you cause someone damage by your speech, and you maliciously did so knowing that your speech was false, the person you harmed should be able to recover damages from you, whether it is done over the phone or done over a TCP/IP network. - Ted From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: babani@cs.Buffalo.EDU (Rusty Babani) Date: Fri, 5 Mar 93 13:32:19 PST To: cypherpunks@toad.com Subject: Re: ANON: Sysadmin Policies at Universities (and HS) In-Reply-To: <9303051904.AA25221@IMSI.COM> Message-ID: <9303052131.AA06942@armstrong.cs.Buffalo.EDU> MIME-Version: 1.0 Content-Type: text/plain Jordan Hayes stated in the last message: >From cypherpunks-request@toad.com Fri Mar 5 14:48:05 1993 >Date: Fri, 5 Mar 93 14:04:19 EST >From: jordan@imsi.com (Jordan Hayes) >Subject: Re: ANON: Sysadmin Policies at Universities (and HS) > > From babani@cs.buffalo.edu Fri Mar 5 13:56:06 1993 > > Here is the responce I got as to WHY I CANT RUN A REMAILER IN > MY ACCOUNT... > >Why do you continue to think it's "your" account? [argues that I should get my own network link and then run a remailer on "my" machine] >That's all those machines need is more sendmail processes running :-) Well, "the" account has "my" name stamped all over it. With a few resstrictions... I have full use of the account. But that's not proof. Here's proof... quoting from UB's own computing policy ... (which I am now THOUROULY familiar with! :-> ) >acquiring an account in another person's name, or using an account without >the explicit permission of the owner and the full knowledge of Academic ^^^^^ ... > It is mandatory that the owner of an account be careful to keep the ^^^^^ >account secure by keeping the password secret, changing the password ... Even the policy seems to agree that someone is an "owner" of a given account. It doesn't mention that ACS (Academic Computing Services) is the "owner" of the account. Need I say more? -- +==== Internet: babani@cs.buffalo.edu ===+======== Amateur-Radio: N2LYC ======+ ! Bitnet: V078LNGT@ubvms.BITNET | UUCP: rutgers!ub!babani ! ! Alternate: an173@cleveland.freenet.edu | Plsure dpnds on the othrs prmison. ! +== PGP key available. (If you don't know what a PGP key is... find out!) ==+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Derek Atkins Date: Fri, 5 Mar 93 13:35:29 PST To: Eric Fogleman Subject: Re: ANNOUNCE: Boston-area cypherpunks meeting? In-Reply-To: <9303051658.AA25665@ack.adstest.analog.com> Message-ID: <9303052134.AA00846@toxicwaste.MEDIA.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain I was speaking to some people here about that not that long ago. I'm not sure how many of the Boston Cypherpunks there are out there. Eric -- do you have a place in mind to meet? If not, I could probably arrange a room on campus. How many people would be interested in this? (Send mail to me instead of the cypherpunks list, to cut down on the traffic.) Also, when would be a good date to hold it? -derek PGP 2 key available upon request on the key-server: pgp-public-keys@toxicwaste.mit.edu -- Derek Atkins, MIT '93, Electrical Engineering and Computer Science Secretary, MIT Student Information Processing Board (SIPB) MIT Media Laboratory, Speech Research Group warlord@MIT.EDU PP-ASEL N1NWH From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: babani@cs.Buffalo.EDU (Rusty Babani) Date: Fri, 5 Mar 93 14:03:28 PST To: cypherpunks@toad.com Subject: Revocation of key... Message-ID: <9303052202.AA08479@armstrong.cs.Buffalo.EDU> MIME-Version: 1.0 Content-Type: text/plain Well, since the remailer won't be running in "my" account at UB anymore... I've issued a compromise certificate for the key to the remailer: Anonymous Remailer -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.1 mQCNAitx/vQAAAEEAOUPjAfSeFmMsq7eWN47LzOwdSXmXoArMJOcBZ0bB3NRR3Nc BF7ZIIbY5m/b/rBn6+IimthV/aa39hKOSPPnFZn7kxIAUwoolMmxUUPJRzcRcTDK bsgLMCPfDuE8MWj0R960oaAFEE+yCCoDNiyPl6goN3XluVeie+ehVSuMvgdRAAUR iQCVAgUgK5fLK+ehVSuMvgdRAQF7KQP/exSgzXs4GWB39ZwIGCuGvqlIeTaDOmSc Uru9F8LNO8ytz2BCxdQA3N5Aj9AzNL3U5Fhbum/ZhP0MmfrYqT3S+BjEvMNdFpTp 7K8ApRgx3upqcd6I4mhAgUjlygl4dHJl/b8kdblO7unzRq38vSxyiIOXLwlY33lF 9H/n3fWKlTi0KkFub255bW91cyBSZW1haWxlciA8YmFiYW5pQGNzLmJ1ZmZhbG8u ZWR1Pg== =S9lO -----END PGP PUBLIC KEY BLOCK----- -- +==== Internet: babani@cs.buffalo.edu ===+======== Amateur-Radio: N2LYC ======+ ! Bitnet: V078LNGT@ubvms.BITNET | UUCP: rutgers!ub!babani ! ! Alternate: an173@cleveland.freenet.edu | Plsure dpnds on the othrs prmison. ! +== PGP key available. (If you don't know what a PGP key is... find out!) ==+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Theodore Ts'o Date: Fri, 5 Mar 93 15:21:48 PST To: Bob Stratton Subject: Re: Encrypted voice protocol? In-Reply-To: <9303050351.AA59962@horton.intercon.com> Message-ID: <9303052320.AA02319@SOS> MIME-Version: 1.0 Content-Type: text/plain Date: Fri, 5 Mar 1993 03:51:59 -0500 From: Bob Stratton I don't know how many of you are at sites on the MBONE, or multicast backbone. There are already a few pieces of code out there for experimentation with transmission of audio and video information, in a variety of forms/encoding, and probably the most widely used tool, "vat - the Visual Audio Tool", already has provisions for carrying on encrypted audio teleconferences via IP. In fact, it's as simple as typing a key into a field, and the tool will DES en/decrypt the conference. That's a good start! Now all we need something which is a bit more general in its selection of the asymmetric encryption algorithm, and something which does public key for authentication and protection of the assymetric session key. - Ted From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ld231782@longs.lance.colostate.edu Date: Fri, 5 Mar 93 17:33:02 PST To: cypherpunks@toad.com Subject: USENET: musings on a new MUSENET In-Reply-To: <9303052041.AA05452@soda.berkeley.edu> Message-ID: <9303060131.AA02315@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain Interesting the conversation about accountability and free speech has turned toward discussing the weaknesses in Usenet. I've been thinking about Usenet software a lot, and think there are some fundamental methods that could vastly improve the dreary and oft-discussed-lamented-cursed signal-to-noise ratio. I would propose these ideas in some newsgroup devoted to the topic but these tend to be frequented by fuddy duddies with too much at stake in the current system and completely unimaginative and uninnovative, and interested in yucky stuff like strengthening authentication (in stark contrast to the sheer brilliance in our club). (For an existence proof, look at the brouhaha on anonymity in news.admin.policy.) Now, I think we should get a thread started on the ultimate news posting software system. Let's recall the totally ad hoc nature of the original Usenet, which just sort of *emerged* because people started writing and running software for it. I fully believe this could happen with `our' system, esp. if the systems are "workable" and very attractive, and *effective*. I propose to call it MUSENET, because it's what I'm musing on at the moment. Above I called authentication mechanisms `yucky', and I still believe that they should be avoided, or at least I want to be able to peruse groups with no posting restrictions. But the authentication technique really does improve signal-to-noise ratios. That is because, no matter what anybody tells you, it is really only used for holding users accountable for their posts, to the degree of complaining to their sysadmins. I submit that high-signal-to-noise and total freedom of posting (e.g. anonymity) are mostly mutually exclusive objectives, but unfortunately each equally preferrable. So, here's the idea. Let USENET continue to ferment in relative `peaceful anarchy', with total freedom in posting. Lets start MUSENET with significant registration mechanisms. Just having an internet account wouldn't cut it. Some groups might be invitation only, others you might fill out an application/background form and current members vote on you, or whatever. The system should allow as much flexibility across groups as possible. Wouldn't it be great if every new user had to pass a multiple choice test on the group's FAQ? (sort of like getting a poster's license!) Or that the faq was archived along with group postings? Wouldn't it be great to peruse lists of members, their backgrounds or ``electronic resumes'', and their interests? This all should be possible. (Imagine reading a neat post and reading about the accomplishments of the person behind it, where they work, etc.) Now, imagine that every group also has an associated 'metagroup' for discussions about the group itself, whether it should be split, posters that are abusing it and the actions against them, etc. *built into the software* would be mechanisms for "complaining" about a post. If a user gets too many complaints, depending on the group charter, he might be automatically expelled or suspended. I proposed earlier the idea of a bank account that people can credit or debit based on your postings, and membership dependent on nonbankruptcy! There could be "trials" and "proceedings" against the accused in the meta-group. Also, mechanisms for tracking article use would be great. People could vote on articles they *liked* also. Each group would automatically have an associated "supergroup" where the best articles are percolated up, not by posting, but by positive vote mechanisms. It would be a great honor to make it into certain of these groups. In fact, there might be a net-wide "super hall of fame" (or even a "hall of shame"). I'd also like to see a lot of tracking about when articles are saved, how long they are being read, that kind of thing--propagated back to the poster! Can you imagine what kind of effect that would have on quality? (er, maybe I mean `could'...) There is a tremendous amount of analysis of articles that is going on *completely behind the scenes* right now, totally separated from the articles themselves. Lets get that beautiful data into cyberspace! Group charters should be very specific about the mechanisms involved in the particular group, and what kind of speech will be tolerated, and how abuses will be dealt with. There should be some way for a group to approve their "official faq", or more than one of such. Maybe it would appear first as a regular article, and make it into FAQhood if there are enough positive votes. I also like the idea of "free-lance moderators" or "free-lance editors". The newservers would not only propagate articles but meta-articles built by these free-lance editors of their favorite articles, perhaps in a single group but ideally globally. These editors would be able to create very customized portfolios of their favorite articles, even with their own comments on the stuff, and anyone can read the portfolios instead of the raw unfiltered stuff. I think anyone should be able to become a free-lance moderator. I think many people will. There should be some way to keep around outstanding articles. I.e., if they get enough votes, they are archived on some machine (ideally, the site they originated from or whatever) and they can be referenced in future articles. I think there ought to be a new "pseudonymous FTP" where anybody with an internet account could set up a part of their directory for archiving their favorite articles, made available to other newsreaders, possibly on the local news server. (My luddite administrators can seem to deal with anonymous FTP.) Holy cow, I haven't even gotten to all the cryptography features. Traffic should be encrypted. Everybody has public and private keys with verification. No free posting--if an article is transmitted, it means that it really was written by someone, by strength of their password secrecy. Hashing on articles to ensure they're untampered, etc. I think people should get away from the point of view that any restrictions on posting are anti-free-speech. I see a lot of news admins pretend that they don't want more control, and that any such suggestion is an insult to their unimpeachible ethical standards. There is a lot of hypocrisy going on right now. Lets make control legitimate, something *everyone* can exercise. More control is not censorship. It is the means toward improving s/n drastically. Anonymity should be built into the software for the appropriate groups. *no* tracking (e.g. storing machine routing paths) should be appended to the articles that are posted anonymously. In fact, the new server should act like our lovely remailers in this regard (cloaking/rerouting mechanisms, etc.) OK, I have to mention hypertext too. What if articles could incorporate GIF pictures or postscript files? Audio sound? have push-button pointers to other articles and files and FTP sites? yowza! Please don't misconstrue any of this. I don't advocate getting rid of completely free posting areas, forcing everyone to be validated, etc. In fact, I think these systems should always be there, and that they *will* always be frequented even after much better systems with better s/n will come along (there may also be a "creep" of outstanding freely-posted articles into the selective groups by people who vouch for them by posting them, and take the consequences for failures of judgement, as determined by voting response). Whaddya say, cypherpunks? want to be in on the next communication revolution? Want to mold the onslaught of cyberspace the way you like it, according to your distinct and prophetic vision? All we have to do is put a little prototype code together... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Theodore Ts'o Date: Fri, 5 Mar 93 15:37:17 PST To: kelly@netcom.com Subject: Re: ANON POLICY: was I`m not In-Reply-To: <9303052249.AA26423@netcom.netcom.com> Message-ID: <9303052335.AA02332@SOS> MIME-Version: 1.0 Content-Type: text/plain From: kelly@netcom.com (Kelly Goen) Date: Fri, 5 Mar 93 14:49:20 PST Fortunately... Libel is a totally ineffectual law for attempting to impose the kinds of censorship that Ted seems to be espousing. Libel and slander laws are OFTEN used by the powers that be (governmental, corporate etc) to silence the oppostion in matters of human rights, ecology etc... There's a good reason for that. The reason why Libel exists is not to impose censorship! The powers that be may *abuse* libel and slander laws in attempt to silence The Opposition, but the mere potential for abuse isn't grounds to say that those laws shouldn't exist. If you do make that argument, then by the same token, *remailers* shouldn't exist because of their potential for abuse. :-) - Ted From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@rosebud.ee.uh.edu Date: Fri, 5 Mar 93 18:21:34 PST To: cypherpunks@toad.com Subject: CASH/REMAIL: combination Message-ID: <9303060221.AA29007@toad.com> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Karl Barrus posted some ideas for running a remailer which requires payments in the form of digital cash. I have some comments. > The remailer will work like the others, except valid cash must be > included or the remailer will not forward the message. For ease, a > number of bills will be generated upon request, which will then be > deposited as used. As a side effect, bank accounts will be > incremented as well (too bad real banks don't work like this) so > customers may "withdraw" more bills to use for remailing messages. If I follow this, Karl will allow users to request digital-cash bills from the bank, then require them to send one of those along with each remailed message. The bank then puts the bills back into the user's account(!) leaving him with as much "money" as he started with. This may be OK for an exercise to get the code working, but to really have any effect the remailer should not give the money back to the user as soon as he "spends" it. This makes the whole thing rather pointless. I had an idea which would be a variant of this: make the users send you a postal-mail letter to authorize issuing another batch of digital "stamps". The letter could include an email address to send the stamps to. Maybe you could send 5 stamps per letter. This would force the user to pay 29 cents each time he wanted a set of stamps. Unfortunately, he's not paying the remailer operator, but rather the U.S. government. But it would still limit the ability of people to swamp the net with large numbers of messages. (With this system, I would not anticipate that people would have "accounts", but rather that Karl would just send out the digital stamps and let people hold it, and use them as they mailed letters.) > Nathan Estey suggested to me that traffic analysis could be made more > difficult if messages under a certain length were padded, and message > over the length were split and remailed a piece at a time. This will > help, although I think it would be easier for the sender to include > padding in the message itself (thus identical messages plus random > padding will encrypt differently). Plus, the message may be multiply > encrypted and thus padding cannot be added "inside." Maybe future > mail software will automatically pad in addition to encrypt :-) Remailers might require standard-sized messages for their operation, or refuse to pass messages larger than some limit. This, in conjunction with requiring per-message postage, should eliminate the possibilities of "volume abuse" which so worried Ted Ts'o. ("Content abuse" is much less of an issue given the free-speech traditions on the net.) As it turns out, PGP compresses, then encrypts messages (usually): C = Encrypt (KEY, Compress(M)). The decryption phase is then: M = Decompress (Decrypt (KEY, C)); Now, as it turns out, the decompression is self-terminating. That means that you can add some junk to the message after the compression phase but before the encryption phase, and it will be automatically ignored by the decompresser: C = Encrypt (KEY, Pad (Compress(M), N)) M = Decompress (Decrypt (KEY, C)); (This represents padding the message with N bytes after compression, then encrypting it.) I had a patch for an earlier version of PGP which would always pad to 1K byte boundaries using random bytes. It was kind of annoying to use because it made small messages quite a bit bigger. But I think what would be very nice would be a utility to encrypt a message which produced one or more constant-sized files as output. Then you would want a corresponding program to decrypt which would put the files together and strip the padding. This way, all files sent to the remailer would be exactly the same size, and it could then act as a "Mix", as Eric described, holding a bunch of files in a batch, shuffling them, then sending them out. Hal 74076.1041@compuserve.com -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK5gIPagTA69YIUw3AQFJrAQAqmgsGvipCPl3i1A78/FGensfPRK5qgfR HszULK+eggNKMJkRLc3Ed4IuSBHXOZHKJeYV7TT1li2pmwYU8a4WMMY6Eyj5tKlL Q/s7NRtI5ZqSvHI3K/5tiTA6N0CR8syOjaHLeoHHqtwVbUbEC3jZV+yTzEgZ35Dm yyrxwPghpPE= =5BwY -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Fri, 5 Mar 93 21:57:29 PST To: Eric Fogleman Subject: Re: ANNOUNCE: Boston-area cypherpunks meeting? In-Reply-To: <9303051658.AA25665@ack.adstest.analog.com> Message-ID: <9303052007.aa26857@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > Is there any interest in a meeting of Boston-area cypherpunks? (I've > seen at least two mit.edus out there...) I'd be interested in meeting > some of you in person, exchanging keys, etc. Uh... It just so happens that I will be in Boston from April 7th to 18th... Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Anonymous Date: Fri, 5 Mar 93 20:13:20 PST To: cypherpunks@toad.com Subject: No Subject Message-ID: <9303060409.AA14753@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain Dewdz, Stuff for the whistleblowers group. This looks like some good shit. Way cool--Pentagon gettin' zapped! F-117A Nighthawk ("Stealth") Program--Summary Construction The primary RAM and infrared-reflecting material used on the F-117A Nighthawk, also known as the Stealth Fighter, is Dow Chemical's Fibaloy (Lockheed Memorandum TK-523). Fibaloy is used for structural airframe parts in the F-117A and for skin panels, spars, ribs, and 1ongerons. Only 10 percent of the airframe's structural weight is from metal. Reinforced carbon fiber, developed by the Air Force Materials Laboratory at Wright Patterson AFB in Dayton, Ohio, is another important RAM used on the F-117A. This material not only absorbs radar energy, but dissipates it as well and helps reduce the F-117A's infrared signature. It is used primarily for high-temperature areas like outer skin panels near the engines, and wing and vertical-fin leading edges. The F-117A's unique shape is one factor that contributes to RCS reduction. Edges are rounded, and skins are made of Fibaloy in a secret and difficult manufacturing process. These skins are built in multiple layers that are filled with bubbles and tiny fibers oriented in a specific alignment, spacing, and density for maximum RCS reduction. This process is the most secret element of stealth technology. Parts are formed using super-plastics and are joined with strong adhesives. Kevlar 49 and Silag are used in key crossbar struts. Internal structural architecture of the F-117A has an even greater effect on RCS reduction. A design called cut-diamond, which employs several thousand flat surfaces, is used on the F-117A. Each of the small, flat surfaces is angled so it does not share a common radar reflective angle with any other small, flat surface. When a radar beam strikes the F-117A, only one or two of the flat surfaces reflects the incoming radar energy, while the adjacent surfaces present too high an incident angle to reflect the radar energy back to the radar receiver. The cut-diamond structure is covered by a layer of Fibaloy and Retinyl Schiff base salt materials that is able to absorb 98.7 percent of all radiated energy. Like the SR-71, internal plastic radar -absorbing triangular inserts are fitted to the F-117A's vertical-fin and wing leading edges. Iron ball RAM (supplied by TDK Magnetics, cf. Import Waivers) is applied to external surfaces and to some internal metal parts. All gear doors and access panels are specially shaped and tightly fitted to maintain the airframe's low RCS. To enhance its low visual signature, the F-117A employs both active and passive background-masking camouflage techniques that enable it to change color to match the background. Two camouflage colors are used: flat-black for night missions, and dull gray for day missions. The active camouflage technique is "background-clutter signal to aircraft RCS matching." This technique makes use of the F-117's extensive ECM/ESM suite and does not require any changes to the aircraft's structure. With this technique, an F-117A flying at low level protects itself from look-down interceptor radars by matching its overall RCS (as detected from above) with that of the terrain below. This ability makes the F-117A show up as ground clutter on the interceptor's radar, provided the F-117A's RCS precisely matches that of the terrain below it, and the hostile radars would simply reject the clutter and the F-117A masked in the clutter, and never detect the F-117A. ECM/ESM equipment is housed in smart skins, or portions of the F-117A's airframe that incorporate microcircuitry, thus avoiding the need to install antennae or sensors that might have a high RCS on the outside of the airframe. This feature has the combined benefit of saving space on the inside of the airframe and permitting the airframe to be lighter and smaller. Reconnaissance/weapons systems include a forward-looking laser radar used for both terrain-following navigation (TERCOM) and for attacking targets. A forward-looking infrared (FLIR) system is installed, as well as a low light level TV and a head-up display. Its weapons suite includes the optically guided AGM-65 missile and the AGM-45 Shrike antiradiation missile. The AGM-88A high-speed antiradiation missile (HARM) is also included. An advanced gun system developed by Hughes called the in-weather survivable gun system/covert is installed, and all weapons are carried internally. Another weapon that is planned for deployment in FY 93 is the AGM-I36A Tacit Rainbow antiradiation drone missile. This weapon can loiter after release and protect the F-117A from hostile radar tracking by detecting and destroying hostile radars. The Tacit Rainbow is small enough that four can be carried internally by the F-117A. In one recent test of the F-117A's weapon aiming and guidance system, a 500-lb bomb was dropped from altitude of 10,000 feet, and the bomb scored, going right into the top of its target, a 55-gallon drum. Results are similar to the Gulf War experience. Lear Siegler has developed a quadruple redundant electronic fly-by-wire system for the F-117A that eliminates the need for control cables, thus saving weight and simplifying construction. The pilot controls the F-117A with a side-stick controller mounted on the right side of the cockpit. The F-117A pilot sits on an ACES ejection seat. The pilot's canopy has flat surfaces, and should be coated with an optically transparent RAM to prevent radar reflection from the pilot or cockpit equipment. Landing gear is designed for rough-field operations, and each gear leg has a single wheel. Infrared signature is reduced by mixing fan-bypass air and air from cooling baffles with exhaust gases. Mixing of air with exhaust also has the benefit of reducing the acoustic signature. Because infrared homing missiles track aircraft by the heat of their exhaust nozzles, not the heat of the exhaust gas, the nozzles are made of materials that keep the infrared signature low. Cooling baffles and special coatings also help reduce the infrared signature from hot engine-exhaust nozzles. Newer infrared homing missiles with all-aspect launch angles can track only the exhaust plume, but the work done to cool exhaust nozzles and cool exhaust gases on the F-117A (and other stealth aircraft) makes infrared lock-on by these kinds of missiles highly unlikely. Two modified nonafterburning 12,500-1b General Electric F404-HB turbofan engines power the F-117A. Two-dimensional thrust-vectoring exhaust nozzles, which can vector thrust in various vertical and horizontal positions, are installed; however, the nozzles are only two-dimensional in shape, with no vectoring capability. Material around the engine bays is a matrix sandwich of polymers and pyramidic noise-absorbing structures. The sound-proofing is so effective that the F-117A makes only a medium-level (53 dB) humming noise at a distance of 100 feet, and on takeoff a slight whine (61 dB) is heard. The F-117A uses a Benson-designed Rotorduct system that provides additional cold thrust from the engines. The Rotorduct system is connected to the forward and aft sections of the engines. During night operations, the F-117A flies lights out, with no navigation, strobe, or position lights of any kind. F-117As are equipped for all-weather operations without any outside assistance. All guidance systems are passive, except for the laser radar, but that gives no signals that could be detected. Guidance systems include a ring-laser gyro based inertial navigation system and global positioning system receiver, both of which are passive navigation systems. Performance Although the F-117A can fly at supersonic speeds (Mach 1.73), most of its flying is done below the speed of sound close to the ground to take advantage of terrain-masking of hostile radar installations. High-speed flight at low levels also protects the F-117A from infrared-guided weapons or infrared detection systems. At higher altitudes, the F-117A would be exposed to such systems for longer periods of time, while at low levels, the F-117A is not over one area long enough for weapons systems to lock on. Even if the weapons could lock on briefly, the F-117A flies so quickly that it would be long gone before the weapon could shoot it down. Operating at high speeds and low levels makes the F-117A somewhat unstable due to its large wing/fuselage planform. USAF cites this as one reason, among others, for one or two of the four operational crashes. The F-117A uses small ride-control vanes similar to those on the nose of the B-I bomber. These are known as impedance-loaded flow-control vanes, and they alleviate the often bumpy ride encountered during low-level and high-speed flight. Supersonic flight in the F-117A is inefficient because of the materials from which it is built. Some of the materials, while excellent at reducing detectability signatures, have a rough finish that add to the F-117A's parasite drag. F-117A Operational Basing An F-117A unit is permanently based at Tonopah Base (Area 30, also known as Sandia Strip and Mellon Strip) in the northwest corner of the highly secret Nellis Test Range about 170 miles from Las Vegas, in Nevada. Tonopah Base has 72 hangars and was refurbished in 1979 by the U.S. Air Force. (It hadn't been used since World War II.) The unit is known as Team One--Furtim Vigilans (covert vigilantes), and there are 95 F-117As based there. (The term literally means "vigilant by stealth" or "stealthily vigilant" in Latin.) The full-service F-117A wing gained initial operational capability in 1983 at Tonopah Base. There are F-117A temporary-duty (TDY) detachments at Elmendorf AFB and Shemya AFB in Alaska, Kadena Air Base in Japan, and in the United Kingdom. The F-117A also has been active in the Middle East and in Latin America, used in the Gulf War and in covert drug trafficking survellance operations. The U.S. Air Force uses the F-117A in various roles and has integrated F-117A operations with those of the rapid-deployment forces and with the new special operations command. Two of the F-117A's known missions are covert reconnaissance and covert surgical strikes on preselected targets. In operational tests, this effective stealth aircraft has flown within 17 miles of actual Soviet-manned radar stations without being detected, and Soviet-manned Iraqi radar stations detected fewer than 3 of the F-117As in 753 different sorties over Iraq. F-117A Nighthawk Specifications Length 56.43 ft Height 15.72 ft Wingspan 40.20 ft Empty weight 19,674 lb Maximum takeoff weight 34,120 lb Cruise speed Mach 0.93 Maximum speed Mach 1.12 at 36,000 ft Powerplant two 12,700 lb GE F404-HB nonafterburning turbofans highly modified. Composites used in engine construction Combat radius 498 miles From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: crunch@netcom.com (John Draper) Date: Sat, 6 Mar 93 01:44:36 PST To: cypherpunks@toad.com Subject: Internet radio Message-ID: <9303060943.AA04654@netcom2.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Re: Internet radio.... I can see (or actually hear it now) - Stay tuned for the super duper Cypherspace hot hit 100, coming up after these messages... And about 15 minutes of BS about the right hair spray to buy... JD From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: edgar@spectrx.Saigon.COM (Edgar W. Swank) Date: Sat, 6 Mar 93 04:24:28 PST To: Cypherpunks Subject: Kill lines Message-ID: MIME-Version: 1.0 Content-Type: text/plain I agree with Eli Brandt that Chael Hall's simple implementation of a standard "kill" line is preferable to the complicated "Regexp" specification. I could manage it, but I agree with Eli that many could not. Eli offers an alternative of Signature-Lines: Assuming that this can be inserted in the body of the message with the :: convention as well as among the headers, this is acceptable, but is still more complicated than the "kill line". The proper number for "signature-lines" will have to be found by trial and error, by sending messages to oneself. One caveat here. Any remailer which implements "signature-lines" will have to -remove- that line from the header (or change to zero) when it removes the of signature lines from the end of the body. Otherwise, a chain of "signature-lines" remailers would -each- see the "signature-lines" header and would -each- remove lines from the end of the message body. -- edgar@spectrx.saigon.com (Edgar W. Swank) SPECTROX SYSTEMS +1.408.252.1005 Silicon Valley, Ca From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: judic@sunnyside.com (Judi Clark) Date: Sat, 6 Mar 93 09:16:38 PST To: tcmay@netcom.com Subject: One last time Re: CFP Costs Too Much! (long) Message-ID: <199303061715.AA25795@snyside.sunnyside.com> MIME-Version: 1.0 Content-Type: text/plain Hi Tim I wanted to take a minute to respond to your note about the cost of CFP'93. There are several things that you a) don't know, and/or b) aren't taking into account. Altho' my writing style is somewhat cut-throat (why I am not a writer), this is not a re-flame, but rather an informational piece. As such, if you are still interested, I can discuss the conference costs in more detail at a future date (like sometime after the conference?). >Dave Deltorto is one of several people I know, including myself, who don't >like the prices of the upcoming Computers, Freedom, and Privacy Conference: > >>.... I would also dearly like to attend CFP, but >>I haven't yet found a way to do it without money (anyone who knows a way I >>can volunteer my way in and help out please say so - I'll sweep up after, >>anything...). Dave found a way to attend. He is a volunteer for the conference, and as such, gets in free. There are over 20 such volunteers this year. FYI, volunteers impact the costs of the conference in two ways: 1) They help to keep staffing costs out of the budget 2) They aren't guaranteed lunches/banquets so as not to increase food costs. Given that many paid registrants don't show up for one meal or another, volunteers help "take up the slack" with the extra meals. :-) optional info: In addition, volunteers help to round out the attendance. As volunteer coordinator, I have sought to fill as many volunteer positions with women and minorities as possible. Dave, as a hacker, is one such minority. (I'm sure this method of choosing volunteers will vary with future confs.) >In my opinion, $405 is way too much to pay for this conference. Science >Fiction conventions routinely get the use of major hotels at a far lower >per head price (from $40-$125 is typical). The BayCon convention takes over >most of the public facilities in San Jose's Red Lion Inn (several >ballrooms, many smaller rooms, and most of the public lobby areas), has >about 500 attendees (same as CFP), and charges less than $100 for 4 days >(and one-day memberships are typically around $30). And the "Hackers >Conference" has kept its cost down to around $300, which includes two >nights lodging and all meals (very sumptuous meals, too). Conventions typically don't have 80 speakers, nor formal banquet functions. Meals are certainly a BIG part of our costs. Speaker meals are part of costs. Admittedly, if we were offering "a place to show things", we would be partly subsidized by booth space costs and other commercial ventures; our costs would be less. CFP has traditionally ruled that commercial booths are NOT a part of the program, and have declined offers to "buy" space on our floor. You mention that Hacker's keeps costs down to $300 for two nights. While we don't include the cost of the night's lodging for a number of reasons, we do include meals. Further, Hacker's attendees all pay equally. CFP has 80 speakers which, while they do not receive pay for their part, do receive all meals. Part of the cost in attending reflects what you're coming to hear, in the settings that we have arranged (single-track sessions, banquet speakers, etc.) >Granted, CFP puts out a nice transcript of the talks--credit them $20 for >that. Thanks for credit for the transcripts, but the $20 isn't ours. The proceedings need to be transcribed word for word from the conference, edited, and made camera-ready before IEEE or ACM (or whoever publishes it) get the $20 each. optional info: IEEE published the first conference, and has not yet made back the cost of printing their small run. Those transcripts are now online. What do you think their chances are now of making their costs back? The transcripts also need to be re-edited/indexed for free online public distribution. Noone has offered to do any of this for free yet... >Granted, a couple of meals are thrown in--credit them another $30 or so. You haven't talked with hotels lately. Continental breakfasts typically cost $5 per person, lunches are another $15 per person, and dinners $20. Add an 18% service charge and 8.25% tax to that, and multiply by 3 days... >What's left is still too much. Yes, a "register early" discount >exists/existed, but inasmuch as there's a nonzero risk someone can't attend >(and hence loses what they paid, or some fraction of it), counting such >discounts is not really kosher. You're missing the point of the early registration. You apparently didn't take into account that we printed brochures and paid for mailings to some 40,000 people plus thousands more in press. While two of us worked for several months with no pay, we did incur many expenses. We bear the costs of bringing this conference to you until we are reimbursed. As Jim Warren will tell you, this is no small change. The first conference, with 400+ attendees, made $1000 in "profit", and was donated to CPSR, conf sponsors. >There are several possible reasons for the high fees: > >1. Price insensitivity. Wrong. We have a history of what this conference costs, and do all that we can to keep costs down. For example, the conference chairman doesn't get paid. As Organizing Coordinator, I might or might not, depending on the conference outcome. While the cost of this conference is minimal to a few of the attendees, it is obviously a big factor to many. That's why we received over 100 requests for scholarships this year, and why we were able to find separate funding for 40 full registrations (twice as many as last year!). We would like to have gotten more... >2. "Everyone else is doing it." This is irrelevant. We are not doing anything because "Everyone else is doing it." Rather, we are trying to do things that everyone else is NOT doing. >3. Subsidies of journalists. Journalists are admitted free, but must pay for meals themselves. Tim, I'm sorry to hear you won't be there for whatever reason. Phiber's right, lots of the good stuff happens throughout the whole place. And thanks, Fen, we try. (Hacker's is a different world. Would it be that we could do some things more informally...) I look forward to a fun, informative and project-generating conference. judi From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Stephen Dunne (+44) 71-538-5656" Date: Sat, 6 Mar 93 05:55:34 PST To: cypherpunks@toad.com Subject: Re: ANON: Sysadmin Policies at Universities (and HS) Message-ID: <9303062148.AA0035@isma.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain >If you want to have such a thing to call "your account" you're welcome >to plunk down some $$$, buy a machine, get yerself a network link, and >remail to your heart's content. If I were another CS student at UB, I >would be bummed if the scarce (by your account, and by most others at >universities) cycles I needed to get my homework done were being given >away to folks all over the world via a remailer. Hmmm.. Unless you guys in the states get third level education for free you've *already* plunked down some $$$ as course fees. I would assume that a portion of the fees for an IT related course would be applied to purchase/upkeep of the relevant kit. IMHO the attitude of educational establishments which can border on the paranoid whenever they come across usage of "their" systems which isn't typical is very similar to the classic model of the commercial DP gruppenfuhrer... Both can be regarded as empire-builders.. Stephen From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: composer@Beyond.Dreams.ORG (Jeff Kellem) Date: Sat, 6 Mar 93 11:59:34 PST To: Eric Fogleman Subject: Re: ANNOUNCE: Boston-area cypherpunks meeting? In-Reply-To: <9303051658.AA25665@ack.adstest.analog.com> Message-ID: <9303061958.AA05570@Beyond.Dreams.ORG> MIME-Version: 1.0 Content-Type: text/plain On the cypherpunks mailing list, Eric Fogelman wrote... > Is there any interest in a meeting of Boston-area cypherpunks? (I've > seen at least two mit.edus out there...) I'd be interested in meeting > some of you in person, exchanging keys, etc. Sure thing. Perhaps those of us from the Boston area that'll be at CFP-3 should get together while we're there next week to plan something in Boston. A sort of pre-meeting.. ;-) See you in SF at CFP-3... -jeff Jeff Kellem Internet: composer@Beyond.Dreams.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jim C Date: Sat, 6 Mar 93 14:47:05 PST Subject: No Subject Message-ID: <9303062247.AA21226@toad.com> MIME-Version: 1.0 Content-Type: text/plain subscribe me! From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Matthew J Miszewski Date: Sat, 6 Mar 93 20:05:15 PST To: cypherpunks@toad.com Subject: ACT NOW! Message-ID: <23030622022987@vms2.macc.wisc.edu> MIME-Version: 1.0 Content-Type: text/plain Dear Cypherpunks- The talk on this list is incredible. Having grown up during the dawn of personal telecommunications, (I remember a 110 baud modem and running to get the phone in he cups in time), it amazes me how far we have come. Compared to the first BBSs, the level of discourse ha also advanced. Well, now that we have all matured (no offense to my first mentors) the time has come to combine our social concerns and our knowledge of technology. Now is the time for empowerment and action. I know many of you have been discussing (flaming) about anarchy. I understand that movement but I believe we are ready to act on a different level. Most of us hold strong personal and political beliefs. I think it is time for us to come together (as much as is possible) and distribute and activate our ideas. Cryptography (finally got to the point) will play an intimate part in any real technical revolution. I am _far_ from an expert (finally unzipped PGP2.1). And so, I need to enlist the great minds present on or reading this list. I speak in general terms so as not to offend some. I know some feel that power need not be redistributed and I respectfully have kept things vague (did you see that graceful sidestep of the inevitable *flame*). I also kept this brief so as not to disturb the S/N ratio any more. So, very briefly, I assert: Information, technology and control of both _is_ power. *Anonymous* telecommunications has the potential to be the greatest equalizer in history. Bringing this power to as many as possible will forever change the discourse of power in this country (and the world). This is intimately involved with political and economic theory, but can be accomplished without fatally altering the existing models of these theories. We, with the knowledge, have the power to change everything we see. But, we must act. We must organize. And we must start _now_. Please send me private email so as not to burden the Cypherpunks list or increase the noise. I will listen to all (and fully expect certain folks). BTW, I am not a socialist, communist, liberal, conservative, fascist, et al. I do not believe in simple change, but actual progress. I believe in progression not politics. I believe the private sector is an untapped resource for furthering social justice. I am a Law Student with a deep sense of social urgency. (Not your typical lawyer-to-be). I await _ALL_ responses. Thanx, mjmiski@macc.wisc.edu Matthew J. Miszewski From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Michael Date: Sun, 7 Mar 93 00:39:51 PST To: Alfred Martinez <75300.717@compuserve.com> Subject: Re: F-117A Nighthawk pseudo"revelation". Message-ID: <9303070838.AA00566@worldlink.worldlink.com> MIME-Version: 1.0 Content-Type: text/plain Re: The F117A message left to cypherpunks by an anonymous fellow on Fri 4/5. What a bunch of bull! Consider the following reasons which are obvious to any intelligent and technologically savvy reader: "employs active and passive techniques to change color" Logical baloney. What is a "passive way to change color"? "Passive" means to do nothing, yet changing color is an obviously "active act". Sounds like $100 words that mean absolutely nothing if one things about what he is reading, rather than swallowing it whole. "When flying low, it adjusts its radar cross section to a high flying interceptor aiming radar downwards at it, so as to match its own radar reflectance to that of the ground". Logical baloney again. How can that plane know the radar cross section (the reflectance) of the terrain below it unless it is itself aiming a radar at the ground? But if it did aim a radar itself, it would stand out like a sore thumb to ground based receivers, so it couldn't logially do so. "ECM/ESM circuitsd are mounted on the skin to avoid the need for antennas". Technical baloney! A radio fequency receiver or transmitter needs a means to couple to the outside world; this means is called antenna. You just cannot wish the function of an antenna away; basic physics (of which the writer of the nonsense I am responding to is ignorant) requires a physical capture area for an antenna. And on and on and on... And besides, lets consider the motivation of the writer of the message which ostensibly "unvovered" the information he broadcast to the world. (Never mind that it was nonsense, as per above. Since internet is worldwide, is that fellow telling us that he, in his infinite wisdom, decided that what is presented as classified info should be released? Why? And, assuming that his information was correct which it isn't as per above, does he say that ALL classified information should be released by anybody that has it, or is he saying that he himself is blessd ed by the almighty to have this super judgement to unilaterally declassify things? Or is he telling us (assuming that his info is correct, which it isn't as per above) that he is knowingly guilty of treason for disclosing classified info and, as a logical corollary, that he wants to harm this country? Oh, well, the world never had a shortage of snake oil salesmen nor of irresponsible and treasonous fools. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "DrZaphod" Date: Sun, 7 Mar 93 15:05:31 PST To: CypherPunks@toad.com Subject: Fw: Law and Disorder on the Electronic Frontier Message-ID: <18782.drzaphod@ncselxsi> MIME-Version: 1.0 Content-Type: text/plain -- Thought Cypherpunks would benefit from this.. Odd that we didn't get it first. -- ------------------------------ From: netcom!mcg@netcomsv.netcom.com (Tiamat the Chaos-Ocean) Sat, 6 Mar 93 23:05:03 -0800 To: sfraves@soda.berkeley.edu (SFRaves) Subject: Law and Disorder on the Electronic Frontier I thought this might be of interest to a few of us SFRavers, given the recent threads on privacy, virtual culture and the law, etc. This is taking place TOMORROW (Sunday), and I'd say there's an 80% chance I'll be there -- I'd encourage as much SFR participation as possible. ------------ QUOTED FLYER FOLLOWS ------------ Jacking In: A Monthly Series on Cyberspace Literacy presents: Law and Disorder on the Electronic Frontier Computer and telecommunications technologies hold great promise for individuals and society. Increased access to information can enhance commerce, political participation, community development, and public health and education. But, between activities of questionable legality and the countermeasures taken by private parties and law enforcement officials, these technologies are raising fundamental questions about privacy, property, and our freedoms of speech and assembly. Join us for an evening of provocative presentations by: BRUCE STERLING, author, journalist, editor MIKE GODWIN, Electronic Frontier Foundation JOHN DRAPER, a.k.a. Cap'n Crunch, reformed cracker MITCH RATCLIFFE, cofounder This!Group BRUCE KOBALL, Chair, Third Conference on Computers, Freedom, and Privacy Sunday, March 7, 7 pm $3 - $5 sliding scale Modern Times Bookstore 888 Valencia (19th/20th) ==> a few doors down from Zanzibar San Francisco, CA 94110 (415) 282-9246 ----____----____--__--__--__--__-_-_-_-_-_-__--__--__--__--____----____---- MykL G Look to the future! mcg@netcom.com ____----____----__--__--__--__--_-_-_-_-_-_--__--__--__--__----____----____ DrZaphod [AC/DC] / [DnA][HP] [drzaphod@ncselxsi.uucp] Technicolorized From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: internaut@aol.com Date: Sun, 7 Mar 93 06:48:34 PST To: cypherpunks@toad.com Subject: FWEE!: Premature Ejaculation Message-ID: <9303070949.tn25905@aol.com> MIME-Version: 1.0 Content-Type: text/plain >>nowhere@bsu-cs.bsu.edu >> >>Way cool--Pentagon gettin' zapped! >> >>F-117A Nighthawk ("Stealth") Program--Summary Uh-huh... OK. Easy now, Lads... Let's not "jump the gun." It is with a strange mixture of giddy delight and dire trepidation that I 'pen' this note to you all. I read "nowhere's" posting with no small amount of interest and yet I have a BIG PROBLEM with it, so I thought I would post this tiny reminder to everyone about "what the hell are we fighting for" (anyone else around here remember singing along with Country Joe and MEANING it? ...1-2-3) before any more such postings occur. If you answer "don't ask me, I don't give a damn," I worry about you (...5-6-7). Some thoughts: 1. The Whistleblower system currently under construction (in more ways than one) is of extremely high value both to us as digital pioneers and ultimately to the People of this country and by extension of the world. It promises to open up 'doors' that would otherwise stay very tightly shut. This is no small thing. 2. The WB system should be directed toward uncovering structural ABUSES by persons or companies entrusted with the interests and/or funds of the People. Remember, this whole gig is supposed to be "of, by and for the People." We're just here to remind the trustees not to cook the books like George Herbert Fucking Walker Bush did. Infact he can be considered as one of our most interesting subjects, whatever flat little Texas rock he might be hiding under right now. We haven't forgotten you George, we're just getting our digital posse rounded up. Except there's someone among us who's wearing his/her gun belt a little too tight already, to wit: 3. The purpose of such a system is NOT to cater to the puerile (look it up, it comes from the Latin for 'childish' and yes, I indulge in it often enough to understand) impulses of people who'd like to anger the Dark Side just for the sake of thumbing their noses at Authority, but to truly cut the Dark Side to the bone - to expose their Darkest Secrets and leave them bleeding ink all over the front pages. I recently paraphrased the Bible (and probably every other religious tome since recorded Herstory began) in conversation with two of my favorite Cypherpunks and I now see the value of sharing this tidbit with all of you: "That which is whispered of in closets, shall be shouted from the rooftops for all to hear." ...I propose this as a suitable motto for the Whistleblowers and possibly even the Cypherpunks - at least those with an ironic bent. (Btw, would the more Bible-literate among us please feel free to cite chapter & verse, so I can find where I read this and quote it more accurately in the future.) 4. Posting information of the kind in "nowhere's" transmission (though admittedly fascinating) will only serve to ALERT and STRENGTHEN the position and attack capabilities of those who would defeat the WB system BEFORE it truly gets off the ground. Post data like this NOW and you provide ammunition to sharpshooters who need an excuse to terminate us with extreme prejudice. Compare the value of information of the sort in "nowhere's" posting (which I might add can probably be found by the more astute among us in certain lesser-known defense industry publications) with an anonymous posting by someone taking a very BIG chance with his/her life by proclaiming the complete and utter lack of integrity of persons charged with the maintenance of Democracy or persons charged with the maintenance of the Safety and Security of the People. I ask you, fellow Patriots: what would you rather read? Would the expose' of a high-ranking member of the Military-Industrial Complex be of greater value to you than the specs on the composition of a plastic wing's leading-edge? Let us not forget who arranges for the development of such weapons - those who loose the Dogs of War, not the Dogs themselves should be our Enemy. Another hypothetical example: would you like to know what the US Government knows about _who_ shot John Fitzgerald Kennedy and _why_? Keep posting information on expensive black budget D-Fens items and see if we ever find out. I don't particularly want some haircut sliding in my front door with a warrant just because I'm on this list - and don't think I'm overreacting (because I am). FLAME. A wise man chooses his weapon carefully and does not shoot his bolt before the target is well in sight. In the teachings of ancient strategists, one can find many sage postings on when to keep one's powder dry, when to retreat for strategic/tactical advantage and when to just plain shut the fuck up so no one knows you're hiding there with your pointy stick. "Verbum sat sapienti est." In Latin (remember how far those Roman strategists got!) this means "wise up or someone with much fancier toys will come and take your cereal box and you'll be left with no whistle to blow. I get off on reading about Inspector Gadget's Flying Doomsday Jets as much as the next technoweenie, but I also have an idea of what's really important here. As a person who threw bricks at riot police in the '60's, I have an indelible impression of what it is that Freedom of Speech is all about and I don't want to risk a potentially incredible source of Freedom of Speech all for a few nuts and bolts descriptions of some weapons systems that some very dangerous mofos will do just about anything to keep under wraps. Remember, no system of anonymity or encryption is _completely_ secure: give the wrong entity a good reason to focus its highbeams on us now, and you jeapordize our whole mission. One might even say that a valid attack strategy for someone who wants to take us down is to float such postings NOW so that serious, formal complaints could be substantiated in the not-too-distant future. dave "are you experienced?" del torto, aka d2t From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: internaut@aol.com Date: Sun, 7 Mar 93 06:48:34 PST To: cypherpunks@toad.com Subject: MEETING: CFP>$! Message-ID: <9303070949.tn25907@aol.com> MIME-Version: 1.0 Content-Type: text/plain Gang, Since Tim May took the pardonable liberty of putting virtual words in my mouth about my opinion of the costs of CFP, I just thought that I would "reply" by publicly posting my thanks to Judi Clark for her explanation of what goes into a CFP conference. I have been both educated and humbled by her communication. Thank you, Judi. Firstly, I have to say that my initial reservation (all puns intended) about CFP's cost was motivated PURELY my current lack of cash. Naturally, I would have preferred to have returned a conference fee reimbursement slip to some FatCat with a stouter wallet than my own, but alas, I currently have no such overly-resourced feline to fall back on. Secondly, although I surely did mutter about how much it costs and Tim was perfectly within the bounds of reason to infer some reticence on my part, I did manage to do something constructive about it by volunteering to help out with a good cause. Judi was generous to mention my fairly insignificant contribution, especially compared to the vast amount of work that she and her cohorts have put in, but given any opportunity, I would have been, and still am, willing to do what I can to ensure that the whole thing goes smoothly. With every bite of every free meal I can weasel out of this deal, I will be thanking her for the favor she is doing to my pathetic cash-flow situation. BTW, Judi, should I be caught stuffing dinner rolls up my sleeves, I trust you'll keep the Sheriff from cuffing me too tightly. Thirdly, for philosophical and intellectual reasons, I am _really_ excited to be able to attend, even as a janitor/hacker, and will do my best to feed back information and impressions to everyone on the list who doesn't have the opportunity to attend. In case someone has not been paying attention, my philosophy involves dirtying my hands when something shows value to me and to others. Anonymous remailers in support of Whistleblowers; conferences that support the Mission; visiting dignitaries who need a ride to the airport ("May I carry your briefcase Ms. Denning?"), whatever... Finally, to be fair, I do NOT want to imply that Tim is whining. CFP _IS_ very expensive for us mortals and there are a lot of people who _should_ be attending instead of me but simply can't afford it. Tim probably has a full-time job (unlike yours truly) and no time for volunteerism so I won't for a nsec lean out of my glass house and suggest that he's alone in his opinions because I basically agree that everything should be free. In fact, Tim's contributions to this list dwarf mine to the point where I should be thanking him just for enlightening me with his opinions. Thanks, Tim. David "Steal This Email" Del Torto ^ ^ ^ = DDT ... d2t From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sun, 7 Mar 93 15:09:42 PST To: cypherpunks-announce@toad.com Subject: pgp 2.2 Message-ID: <9303072302.AA21043@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain PGP version 2.2 has just been released. Copies may be obtained from the cypherpunks archive site via anonymous ftp. soda.berkeley.edu:pub/cypherpunks/pgp There is a .tar.Z file and two .zip files. Enjoy. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mccoy@ccwf.cc.utexas.edu (Jim McCoy) Date: Sun, 7 Mar 93 15:04:03 PST To: cypherpunks@toad.com Subject: Pgp 2.2 is out Message-ID: <9303072247.AA05804@tramp.cc.utexas.edu> MIME-Version: 1.0 Content-Type: text Well, since no one else seems to have mentioned it and it seems somewhat important to the general purpose of this list, I thought I would make sure poeple knew that PGP 2.2 is not out and available at ftp sites. Here are the sites listed in the announcement in alt.security.pgp: nic.funet.fi:pub/msdos/incoming garbo.uwasa.fi:pc/incoming src.doc.ic.ac.uk:tmp/pgp I snagged mine from src.doc.ic.ac.uk, so I know it is at least at that site... jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: sneal@muskwa.ucs.ualberta.ca (Steve Neal) Date: Sun, 7 Mar 93 16:32:55 PST To: cypherpunks@toad.com Subject: Mailer weirdness Message-ID: <9303080031.AA19392@muskwa.ucs.ualberta.ca> MIME-Version: 1.0 Content-Type: text/plain [Disclaimer: this may very well be a dumb newbie-type thing] The last two messages posted to the list by David Del Torto popped up in my mailer with a long list of "Apparently To" fields, thus identifying a bunch of list members. This is something of a breach of privacy for anyone who didn't want to be known as a cypherpunk. Beggin' your pardon if this strikes you as an amazingly lame thing to bring up; I'm relatively new to mailing lists and Internet, and my eyes film over after relatively short exposure to the RFCs, so I ain't read all the relevant ones yet. -- Steve From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Crys Rides Date: Sun, 7 Mar 93 15:52:26 PST To: mccoy@ccwf.cc.utexas.EDU (Jim McCoy) Subject: Pgp 2.2 is out In-Reply-To: <9303072247.AA05804@tramp.cc.utexas.edu> Message-ID: <9303072350.AA03348@ucunix.san.uc.edu> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- >>>>> On Sun, 7 Mar 1993 16:47:48 -0600 (CST), mccoy@ccwf.cc.utexas.edu (Jim McCoy) said: Jim> Content-Type: text Jim> Content-Length: 450 *grumblegrumble* Are these MIME headers, or what? I'll have to hack this citer to handle them. Jim> Well, since no one else seems to have mentioned it and it seems somewhat Jim> important to the general purpose of this list, I thought I would make sure Jim> poeple knew that PGP 2.2 is not out and available at ftp sites. Here are Jim> the sites listed in the announcement in alt.security.pgp: Jim> nic.funet.fi:pub/msdos/incoming The files on this one were zero-length nulls at the time of my checking. Jim> garbo.uwasa.fi:pc/incoming The directory was empty, and the files weren't elsewhere on the system to an admitedly cursory scan. Jim> src.doc.ic.ac.uk:tmp/pgp Jim> I snagged mine from src.doc.ic.ac.uk, so I know it is at least at that Jim> site... And that was where I got mine, the only site I was able to actually find them. Jim> jim CrysRides -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK5qJ6JSqD+bQ7So3AQEQNwQAobkQfUtpAvg9YF0nnpgRsSkYqFpK9y7v WrXg7IWhjZHrjHtA6qXq72KDfHknR0b74PJMXH1bA/1n9eytgm9SqFxC/kAM98FR 4VBBH7EOOLDQ6Q8Hxd+o8/+vVyYS/wLmNCVhmrqwA4ImqaTSjaBj7CmQw2PzWQ6d tkLB7eyrSl8= =kRLu -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: strat@intercon.com (Bob Stratton) Date: Sun, 7 Mar 93 16:48:05 PST To: cypherpunks@toad.com Subject: Mailer weirdness In-Reply-To: <9303080031.AA19392@muskwa.ucs.ualberta.ca> Message-ID: <9303080046.AA08567@intercon.com> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- I don't think it's lame to bring up stuff like inadvertent disclosures of information via mail headers. My first suspicion was (and still is) that someone BCCed the people in the Apparently-To: headers, or CCed them, and the list exploder tried to do the right thing. Then again, I was in that list in the copy I received, but I haven't gotten two copies yet, so I may be all wet. - --Strat -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK5qXZtpAw4w47a4DAQEmNwQAq2vJKmD6vWbVbPIkYO2HwyeWJMO7BNGK hnwiRotk/d5rLesxF5aPo7FJ/QXA5cC5kA4hzsIO8WnFNLCvkuj048v3Ey1Mqsbm DbmBhMdq/5Vo2R1UCRG2qRYqQ0qauvCwYddaFtkUEw79AEliRPS4C3k6ier/n4ml wgMwcmSfydI= =tQ0N -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Doug.Brightwell@Corp.Sun.COM (Doug Brightwell) Date: Mon, 8 Mar 93 10:20:24 PST To: cypherpunks@toad.com Subject: Re: Pgp 2.2 is out Message-ID: <9303081818.AA07274@media.Corp.Sun.COM> MIME-Version: 1.0 Content-Type: text/plain FYI, I tried src.doc.ic.ac.uk:tmp/pgp and the directory was empty. Doug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter & Date: Mon, 8 Mar 93 11:59:47 PST To: eichin@cygnus.com (Mark Eichin) Subject: Re: You Aren't [I'm Not] In-Reply-To: <9303041910.AA28103@cygnus.com> Message-ID: <9303081847.AA13966@merde.dis.org> MIME-Version: 1.0 Content-Type: text/x-pgp -----BEGIN PGP SIGNED MESSAGE----- >> i know of several slip/ppp endpoints that aren't password protected. more >> every day, in fact. > > Are there any slip/ppp/uucp+rmail points that are "open" that >aren't likely to dry up if they get widely announced? If so, please >announce them! I was doing some password ginding a few days ago (I do this as a favor for a few people, and I sometimes throw passwd files from friends systems into the "soup"). Recently I cracked a friends dialup slip password, it was a hard choice on if I should "slip in" or not (the possiblities of the practcal jokes was endless). If I was attampting a malicious attack or to compromise system integrity for future attacks -Pete btw: if I "sliped in" I would have just run changed their Xwindow backgrounds to say they should correct the situation (nothing malicious). -----BEGIN PGP SIGNATURE----- Version: 2.2 iQBFAgUBK5uUt8hmn7GUWLLFAQHNhAF+LCMvPSR04uf5ORT0oQbDfqbSF+Q4iwD8 K6796+LEdeQu1oIjWcCWITIs9jnKsJUP =r7Ca -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Doug Mason - MIS Czar Date: Mon, 8 Mar 93 14:16:03 PST To: Subject: PGP 2.2 is hard to find...! Message-ID: MIME-Version: 1.0 Content-Type: text/plain The _ONLY_ place that I have been able to find PGP 2.2 is on soda.berkeley.edu, thanks to Eric. Ever other place that has been advertised seems to be empty for whatever reasons. Apparently it was at some of these locations previously, as others say that this is where their copy came from, but it is only on Soda as of this morning (Monday). --Doug --- Douglas Mason douglas@approach.com Network Administration CompuServe: 76646,3367 Approach Software Corporation +01 415.306.7890 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: The Phantom Date: Mon, 8 Mar 93 15:16:27 PST To: cypherpunks@toad.com Subject: PGP 2.2 is also available at Message-ID: MIME-Version: 1.0 Content-Type: text/plain ftp.u.washington.edu: /pub/user-supported/cypherpunks This should be a stable site. Matt Thomlinson University of Washington, Seattle, Washington. Internet: phantom@u.washington.edu phone: (206) 528-5732 PGP 2.2 key available via email or finger phantom@hardy.u.washington.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jim@tadpole.com (Jim Thompson) Date: Mon, 8 Mar 93 14:15:59 PST To: crys@cave.tcp.COM Subject: Re: Pgp 2.2 is out Message-ID: <9303082117.AA01927@tadpole.tadpole.com> MIME-Version: 1.0 Content-Type: text/plain > From cypherpunks-request@toad.com Sun Mar 7 18:01:28 1993 > Date: 07 Mar 1993 18:50:27 -0500 > From: Crys Rides > Subject: Pgp 2.2 is out > Sender: Crys Rides > Jim> garbo.uwasa.fi:pc/incoming > The directory was empty, and the files weren't elsewhere on the system > to an admitedly cursory scan. Hmm, look in fileutil/pgp22.zip Heck, its even in ftp.uu.net:/tmp/pgp22.tar.Z,/tmp/pgp22.zip,/tmp/pgp22src.zip now. Jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Mon, 8 Mar 93 14:15:05 PST To: cypherpunks@toad.com Subject: PGP v2.2 Message-ID: MIME-Version: 1.0 Content-Type: text/plain Would someone be so kind as to post the filename(s), directories and FTP locations for PGP v2.2? All references that I have read so far have been vague or incomplete. Muchas gracias. Paul Ferguson | Network Integration Consultant | "All of life's answers are Alexandria, Virginia USA | on TV." fergp@sytex.com (Internet) | -- Homer Simpson sytex.com!fergp (UUNet) | 1:109/229 (FidoNet) | PGP public encryption key available upon request. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: markh@wimsey.bc.ca (Mark C. Henderson) Date: Mon, 8 Mar 93 16:36:08 PST To: cypherpunks@toad.com Subject: Re: PGP 2.2 is hard to find...! Message-ID: <9303081627.ZM29189@wimsey.com> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Subject: Re: PGP 2.2 is hard to find...! Also wimsey.bc.ca ~ftp/pub/crypto/PGP/2.2 Mark -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK5vkLPfE/ap/JEqpAQEpgAP9FRomKPPC57dyxQhkSh3BXLWxvw+hKtJL KpkeulGmxK7XTEBvn7P0D+6CwQ3DGTi2zUUr4rN2+0LRo5uEf+fl9OR+JrNSeoy3 ydh59dlhmJAwZepCJVSQP4PsYuoKo6TyGeK5GWWzVIqQDM22QrZI9vdHe76zNi8X t2uqk0MWsqs= =sv9a -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Bob Stratton Date: Mon, 8 Mar 93 14:15:17 PST To: cypherpunks@toad.com Subject: Re: Encrypted voice protocol? Message-ID: <9303081648.AA50608@horton.intercon.com> MIME-Version: 1.0 Content-Type: text/plain > Date: Fri, 5 Mar 93 14:35:15 EST > From: dmandl@shearson.com (David Mandl) > Subject: Re: Encrypted voice protocol? > > Yup, big article in the New York Times yesterday (front page!), and a > smaller article in today's New York Newsday. Anyone out there have the > time to post either of them to the group??? Also, if any of you who'll be at either CFP or the Saturday meeting have it, I'd love a xerox. --Strat From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Wayner Date: Mon, 8 Mar 93 14:43:15 PST To: cypherpunks@toad.com Subject: Clinton/Gore and Commerace vs. State... Message-ID: <199303082241.AA15461@access.digex.com> MIME-Version: 1.0 Content-Type: text/plain I seem to remember that Clinton and Gore indicated that they would move regulation of the encryption technology from the State Dept to the Commerace Dept when they were elected. Now, things are more on hold. Can anyone bring me up-to-date on the whole story? -Peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: internaut@aol.com Date: Mon, 8 Mar 93 15:04:06 PST To: cypherpunks@toad.com Subject: LISTBIZ: Mailer weirdness Message-ID: <9303081804.tn03793@aol.com> MIME-Version: 1.0 Content-Type: text/plain >>From: sneal@muskwa.ucs.ualberta.ca >>Subj: Mailer weirdness >> >>The last two messages posted to the list by David Del Torto >>popped up in my mailer with a long list of "Apparently To" >>fields, thus identifying a bunch of list members. This is >>something of a breach of privacy for anyone who didn't want to >>be known as a cypherpunk. >> >>Beggin' your pardon if this strikes you as an amazingly lame >>thing to bring up; I'm relatively new to mailing lists and >>Internet, and my eyes film over after relatively short exposure >>to the RFCs, so I ain't read all the relevant ones yet. >> >> -- Stev ! ******* ! No, Steve, you're NOT crazy and YES this was a completely unintentional thing. I did nothing out of the ordinary - I only addressed my mail to the list (as usual). Furthermore, my subject field was replaced with "Unknown subject" - which was expressly NOT the subject of my original posting. Who's tinkering? ...Please STOP. I don't want my mail or anyone else's to trigger any more of these listings. I'm wondering out loud if this anomaly could indicate some subrosa official investigation of our list - perhaps someone Not Silly at All has been in to take a look and needs these lists of members? Hmmmm. dave del torto aka d2t From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: internaut@aol.com Date: Mon, 8 Mar 93 15:04:36 PST To: cypherpunks@toad.com Subject: LISTBIZ: metaprefixes update Message-ID: <9303081805.tn03802@aol.com> MIME-Version: 1.0 Content-Type: text/plain Hi everybody! A REMINDER: In the interest of making the LARGE volume of Cypherpunks list mail a bit easier to parse visually, we have taken to adding metaprefixes to our subject fields. Although this is optional, you may find that many of us ignore your postings if you don't use some sort of mechanism to help us know what you're posting about. Several people are automating their mail readers to put your postings in "boxes" that they want to follow, so please pick up on this habit - thanks! :) Some sample metaprefixes: ANON: Anoymity/Pseudonymity CENSOR: Cryptography & Censorship DCASH: Digital Money, Digital Banking DCNET: Dining Cryptographer Nets FWEE!: Whistleblower Project LISTBIZ: General Cypherpunk list business MTGS: Physical Meetings/Conferences (e.g. CFP, etc.) OPIN: Personal Opinions PGP: PGP App/Current Availability on FTP, etc. RANDOM: Random Generators REMAIL: Remailer technology, Problem reports (this is probably not a complete listing, but it's MOST of 'em) Collect 'em all! Trade 'em with your friends! Feel free to create your own if the topic of your mail does not fall into one of these logical cubbyholes. d2t From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ronin@pinetree.org (Douglas Sinclair) Date: Mon, 8 Mar 93 16:01:59 PST To: cypherpunks@toad.com Subject: Need telnet access Message-ID: <5ca5ZB1w165w@pinetree.org> MIME-Version: 1.0 Content-Type: text/plain Hi there. This is Doug - I'm subscribed to the list as dsinclai@acs.ucalgary.ca. Unfortuantely, though my account is in Calgary, I'm flesh in Ottawa. I also just lost my telnet access as a local switch upped its security. Is anyone out there in a position to lend a fellow cypherpunk a hand and get me a telnet account in Ottawa? It would be much appreciated. Please reply to this account. Thanks. --- "In the instant of putting Gunhead through the Schonbrunn's locked-and-armed Benedict Canyon gate, Rydell had experienced a fleeting awareness of something very high, very pure, and quite clinically _empty_;" -- William Gibson, _Virtual Light_, yet to be released. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fen@genmagic.genmagic.com (Fen Labalme) Date: Mon, 8 Mar 93 18:52:19 PST To: think@oracle.com Subject: Fwd: cyberspace, congressional hearings Message-ID: <9303090251.AA15257@> MIME-Version: 1.0 Content-Type: text/plain > Date: Mon, 8 Mar 1993 17:51:38 -0800 > From: Bruce Smith > Subject: cyberspace, congressional hearings The following is quoted/paraphrased from a column by Brian Robinson on page 26 of the 1 March 93 Electronic Engineering Times. By passing it on I imply no specific attitude of my own. I don't know the date of the hearings, but if someone finds out if/when it will be viewable on C-Span, I'd like to know. Feel free to pass the following info to individuals, mailing lists, or newsgroups. --- The House Telecommunications Subcommittee, chaired by Edward Markey (D-Mass), will soon be holding hearings on the relationship of future communications technologies to modern culture. In particular, it will be looking at the not-so-far-off universe of cyberspace. Some of the issues the panel will be considering are (in Markey's own words): + Are the fundamental values of our society so universal and enduring that they will not be threatened by the advent of new technologies or any new subcultures such technologies produce? + Will cyberspace instead become some lawless place, where the Constitution is cracked open by fiber fissures created when trying to convert a 200-year-old parchment document into a binary world of 0s and 1s? Can it continue to be a "living, breathing document"? + Will cyberspace develop its own distinct laws? Will it develop "digital vigilantes" to patrol and police the electronic bulletin boards and electronic highways? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Mon, 8 Mar 93 19:20:10 PST To: cypherpunks@toad.com Subject: You Aren't [I'm Not] In-Reply-To: <9303052126.AA02211@SOS> Message-ID: <9303090316.AA17160@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Last night I spoke with Mike Godwin of the EFF about the issue of anonymous libel. Mike is not on the list, and I've copied him on this message. Mike knows more about electronic speech issues than pretty much anyone else. Here is my remembrance about what he said: 1. Anonymous libel exists. Just because the speech is anonymous does not mean it can't be libellous. If libellous speech is made, and you can infer the identity of the speaker, you can sue. 2. An anonymous remailer is not liable. In order to be liable for the libellous speech, the operator of the remailer would have to have prior knowledge that the speech was libellous. Since the operation of the remailer is fully automated, prior knowledge is impossible. Those two points are my summary of Mike's opinion. For further clarifications, please post to the list and to Mike. Left out of this message is any consideration on the _realpolitik_ of anonymous remailers: whether others will carry such traffic. I'd like to not fill Mike's inbox with clutter. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: deltorto@aol.com Date: Mon, 8 Mar 93 18:27:20 PST To: cypherpunks@toad.com Subject: PGP: MacPGP v2.2 is GO! Message-ID: <9303082128.tn05369@aol.com> MIME-Version: 1.0 Content-Type: text/plain Gang, Thanks to the efforts of Phil Zimmerman, Zbigniew "Zig" Fiedorowicz and the pgp.dev group, there is a new Macintosh PGP v2.2 (MacPGP) available to the public FOR EDUCATIONAL PURPOSES ONLY. The version number is v2.2 b91. This is the nicest version I have seen yet, replete with sexy interface features (well, sorta, anyway), well-organized menus and stable operation FOR EDUCATIONAL PURPOSES ONLY. I will demo it to anyone who wants to see it at the CFP 93 conference. Contact me about getting it for your Mac FOR EDUCATIONAL PURPOSES ONLY. The best way to do this is mail me at and give me your CompuServe, AppleLink or America Online address so I can send it to you intact (& compressed) FOR EDUCATIONAL PURPOSES ONLY. Please indicate: -1- Your favorite compression scheme. Compactor Pro StuffIt DiskDoubler (my fave) I can also send it as a self-expanding archive. -2- If this is a _new_ installation, in which case I'll include some docs and the randseed.bin and config.txt files along with the app. -3- Clearly that you intend to use it FOR EDUCATIONAL PURPOSES ONLY. d2t From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: internaut@aol.com Date: Mon, 8 Mar 93 23:31:56 PST To: cypherpunks@toad.com Subject: VOICE: Encrypted V. protocol Message-ID: <9303090232.tn07525@aol.com> MIME-Version: 1.0 Content-Type: text/plain Druids, >>From: strat@intercon.com >>Subj: Re: Encrypted voice protocol? >>To: Internaut >> >>> Date: Fri, 5 Mar 93 14:35:15 EST >>> From: dmandl@shearson.com (David Mandl) >>> Subject: Re: Encrypted voice protocol? >>> >>> Yup, big article in the New York Times yesterday (front page!), and a >>> smaller article in today's New York Newsday. Anyone out there have the >>> time to post either of them to the group??? Speaking of which, if ANYONE knows the name, telephone and email address of the guy who wrote the Article for the NYT - PLEASE send it to me, (along with the text if any) - I want to have him/her on file for the Whistleblower Project (aka "WB!"). >>Also, if any of you who'll be at either CFP or the Saturday meeting have it, >>I'd love a xerox Me too! Bring several copies and we'll pay you for the Xeroxing. d2t From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pfarrell@gmuvax2.gmu.edu (Pat Farrell) Date: Tue, 9 Mar 93 05:35:25 PST To: cypherpunks@toad.com Subject: zip version for pgp2.2? Message-ID: <9303091335.AA21039@gmuvax2.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain I just downloaded pgp22.zip from soda, and pkunzip complains about every file having a bad checksum. I'm still using pkunzip 1.1, and I know that pgp20 had problems with some versions of pkunzip. Do I need to get pkunzip 2.04g? Thanks Pat From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: robichau@lambda.msfc.nasa.gov (Paul Robichaux) Date: Wed, 10 Mar 93 11:41:33 PST To: cypherpunks@toad.com Subject: FWEE!: F-117A post considered harmful Message-ID: <9303091453.AA11794@lambda.msfc.nasa.gov.msfc.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain [ disclaimer: I don't work on classified projects anymore. My experience as an aircraft mechanic is with helicopters. I read a lot. ] I believe that the recent anonymous "whistle" purporting to reveal information about the F-117A aircraft: a) didn't reveal any "real" information, and in fact contained several factual errors. For example, the Tacit Rainbow program has been cancelled for some time. Flight characteristics of the F-117A are very similar to the A-7, which is markedly subsonic. b) created the appearance of distributing classified information. Whistleblowing on fraud/waste/abuse is one thing. Disclosing classified information, however- especially when it's not relevant to revealing fraud, waste, or abuse- is probably not a good way to keep the whisteblower group safe from the Three-Letter Gang. c) created the appearance that the whistleblowers group is for posting anything too "sensitive" for normal, attributed posting. I didn't think it was; from reading this list, I thought it was for blowing the whistle- not blowing smoke. Perhaps a charter for alt.whistleblowers was posted, and I missed it. If not, I submit that we should try to develop one. Regards, -Paul -- Paul Robichaux, KD4JZG | May explode if disposed of improperly. Mission Software Development Div. | I'm not white- I'm Euro-American. New Technology, Inc. | RIPEM key on request. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: David L Racette Date: Tue, 9 Mar 93 06:05:56 PST To: Pat Farrell Subject: Re: zip version for pgp2.2? In-Reply-To: <9303091335.AA21039@gmuvax2.gmu.edu> Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Tue, 9 Mar 1993, Pat Farrell wrote: > I just downloaded pgp22.zip from soda, and pkunzip complains about every > file having a bad checksum. I'm still using pkunzip 1.1, and I know > that pgp20 had problems with some versions of pkunzip. Do I need > to get pkunzip 2.04g? > Thanks > Pat I dnloaded pgp22.zip from soda and used pkunzip 2.04g to decompress it without a hitch. Looks like it might be your version of pkzip. Of course if you didn't use binary for the ftp that would mess it up also. Dave From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pfarrell@gmuvax2.gmu.edu (Pat Farrell) Date: Tue, 9 Mar 93 07:19:21 PST To: dlr@world.std.com Subject: Re: zip version for pgp2.2? Message-ID: <9303091518.AA24407@gmuvax2.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain I'll try it again, but I was sure I used binary :-) Pat From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Duncan Frissell <76630.3577@CompuServe.COM> Date: Tue, 9 Mar 93 10:28:43 PST To: Subject: PGP: zip version for pgp2.2? Message-ID: <930309181806_76630.3577_EHL2-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain Even PGP2.1 wouldn't unzip with PKUNZIP 1.x. I had to use PKUNZIP 2.4. I assume PGP22.ZIP is the same. Duncan Frissell From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jla@gnu.ai.mit.edu (Joseph Arceneaux) Date: Tue, 9 Mar 93 10:41:01 PST To: fen@genmagic.genmagic.com Subject: Fwd: cyberspace, congressional hearings In-Reply-To: <9303090251.AA15257@> Message-ID: <9303091839.AA04773@geech.gnu.ai.mit.edu> MIME-Version: 1.0 Content-Type: text/plain These hearings look interesting, but it looks to me that the tide is against solutions which are helpful to society. I recently saw that the American Library Association is opposed to putting the Library of Congress online. They feel that publishers will retaliate by refusing to allow new books to enter the library system. I think it is time to come up with a different paradigm for our society than "intellectual property". On Monday March 15 at 10AM KQED's Forumn will have a panel discussion of "the NREN proposal" and related issues. Panelists will include EFF representatives, members of Al Gore's staff, and folks from Silicon Valley. Joe From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: shawn mic ael larsonneiolaings Date: Tue, 9 Mar 93 13:27:27 PST To: cypherpunks@toad.com Subject: SUBSCRIBE Message-ID: <9303092126.AA13932@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain SUBSCRIBE From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Al Billings Date: Tue, 9 Mar 93 17:28:12 PST To: cypherpunks@toad.com Subject: Re: PGP: zip version for pgp2.2? In-Reply-To: <930309181806_76630.3577_EHL2-1@CompuServe.COM> Message-ID: MIME-Version: 1.0 Content-Type: text/plain On 9 Mar 1993, Duncan Frissell wrote: > Even PGP2.1 wouldn't unzip with PKUNZIP 1.x. I had to use PKUNZIP 2.4. > I assume PGP22.ZIP is the same. That's strange. I only have version 1.1 of Pkunzip and I have never had a problem with unzipping PGP and I just unzipped the 2.2 package. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Derek Atkins Date: Tue, 9 Mar 93 14:54:07 PST To: Nickey MacDonald Subject: Re: Questions about PGP 2.2 compilation messages In-Reply-To: Message-ID: <9303092252.AA05397@milquetoast.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- I looked at the lines where those errors were: It appears to be a #define for SKIP_RETURN. I'm not sure what its about, but I would suggest doing one of two things: 1) Test the heck out of your binary. Make sure it works for all cases that you find important. In particular, see where those particular places in the code are, and see if it is doing the right thing, or 2) Get gcc 2.3.2 (or greater) and compile with that... I use that, and I don't get the errors.. Its possible that unproto is doing something funky, or perhaps its something the compiler is doing with code that says: do { [do somethine here } while(0); I'm not sure, exactly. Sun compiler bugs are not unheard of. ;-) - -derek PGP 2 key available upon request on the key-server: pgp-public-keys@toxicwaste.mit.edu - -- Derek Atkins, MIT '93, Electrical Engineering and Computer Science Secretary, MIT Student Information Processing Board (SIPB) MIT Media Laboratory, Speech Research Group warlord@MIT.EDU PP-ASEL N1NWH -----BEGIN PGP SIGNATURE----- Version: 2.2 iQBuAgUBK50fkjh0K1zBsGrxAQFTlALDBWJ/yZBRTQoRkI7uc0jo7DF1e/J8DfIB N7Q9SmdpLTcyFClOoluNZeqJQQpGGyp0I+VgegcX9Ls3PDkXh8/0wfpexa46p6Ex AAZARjYdyDgZSR8nPv+0YYk= =zCC0 -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Nickey MacDonald Date: Tue, 9 Mar 93 14:04:46 PST To: cypherpunks list Subject: Questions about PGP 2.2 compilation messages Message-ID: MIME-Version: 1.0 Content-Type: text/plain Sorry for the large size of this post, but I want to make sure I'm not the only one who has seen this... This is a log of my compilation of PGP 2.2 on a Sun4... There are some warnings that don't look that serious, by should there be any warnings at all? (I'd prefer the docs mentioned them if they're supposed to be there... but I didn't see any mention in any of the docs...) --- Log Starts --- jupiter [/tmp/i6t4/pgp/pgp22/src] {i6t4.50}% make sun4cc cd unproto && make `cpp' is up to date. make all CC=cc LD=cc OBJS_EXT=sparc.o \ CFLAGS="-Qpath unproto -O -DUNIX -DHIGHFIRST -DIDEA32" cc -Qpath unproto -O -DUNIX -DHIGHFIRST -DIDEA32 -target sun4 -c pgp.c cc -Qpath unproto -O -DUNIX -DHIGHFIRST -DIDEA32 -target sun4 -c crypto.c "crypto.c", line 910: warning: & before array or function: ignored cc -Qpath unproto -O -DUNIX -DHIGHFIRST -DIDEA32 -target sun4 -c keymgmt.c "keymgmt.c", line 471: warning: statement not reached "keymgmt.c", line 478: warning: statement not reached "keymgmt.c", line 490: warning: statement not reached "keymgmt.c", line 497: warning: statement not reached "keymgmt.c", line 508: warning: statement not reached "keymgmt.c", line 516: warning: statement not reached "keymgmt.c", line 519: warning: statement not reached "keymgmt.c", line 524: warning: statement not reached "keymgmt.c", line 529: warning: statement not reached "keymgmt.c", line 534: warning: statement not reached "keymgmt.c", line 538: warning: statement not reached "keymgmt.c", line 587: warning: statement not reached cc -Qpath unproto -O -DUNIX -DHIGHFIRST -DIDEA32 -target sun4 -c fileio.c cc -Qpath unproto -O -DUNIX -DHIGHFIRST -DIDEA32 -target sun4 -c mdfile.c cc -Qpath unproto -O -DUNIX -DHIGHFIRST -DIDEA32 -target sun4 -c more.c cc -Qpath unproto -O -DUNIX -DHIGHFIRST -DIDEA32 -target sun4 -c armor.c cc -Qpath unproto -O -DUNIX -DHIGHFIRST -DIDEA32 -target sun4 -c mpilib.c cc -Qpath unproto -O -DUNIX -DHIGHFIRST -DIDEA32 -target sun4 -c mpiio.c cc -Qpath unproto -O -DUNIX -DHIGHFIRST -DIDEA32 -target sun4 -c genprime.c cc -Qpath unproto -O -DUNIX -DHIGHFIRST -DIDEA32 -target sun4 -c rsagen.c cc -Qpath unproto -O -DUNIX -DHIGHFIRST -DIDEA32 -target sun4 -c random.c cc -Qpath unproto -O -DUNIX -DHIGHFIRST -DIDEA32 -target sun4 -c idea.c cc -Qpath unproto -O -DUNIX -DHIGHFIRST -DIDEA32 -target sun4 -c passwd.c cc -Qpath unproto -O -DUNIX -DHIGHFIRST -DIDEA32 -target sun4 -c md5.c cc -Qpath unproto -O -DUNIX -DHIGHFIRST -DIDEA32 -target sun4 -c system.c cc -Qpath unproto -O -DUNIX -DHIGHFIRST -DIDEA32 -target sun4 -c language.c cc -Qpath unproto -O -DUNIX -DHIGHFIRST -DIDEA32 -target sun4 -c getopt.c cc -Qpath unproto -O -DUNIX -DHIGHFIRST -DIDEA32 -target sun4 -c keyadd.c "keyadd.c", line 760: warning: statement not reached cc -Qpath unproto -O -DUNIX -DHIGHFIRST -DIDEA32 -target sun4 -c config.c cc -Qpath unproto -O -DUNIX -DHIGHFIRST -DIDEA32 -target sun4 -c keymaint.c cc -Qpath unproto -O -DUNIX -DHIGHFIRST -DIDEA32 -target sun4 -c charset.c cc -Qpath unproto -O -DUNIX -DHIGHFIRST -DIDEA32 -target sun4 -c zbits.c cc -Qpath unproto -O -DUNIX -DHIGHFIRST -DIDEA32 -target sun4 -c zdeflate.c cc -Qpath unproto -O -DUNIX -DHIGHFIRST -DIDEA32 -target sun4 -c zfile_io.c cc -Qpath unproto -O -DUNIX -DHIGHFIRST -DIDEA32 -target sun4 -c zglobals.c cc -Qpath unproto -O -DUNIX -DHIGHFIRST -DIDEA32 -target sun4 -c zinflate.c cc -Qpath unproto -O -DUNIX -DHIGHFIRST -DIDEA32 -target sun4 -c zip.c cc -Qpath unproto -O -DUNIX -DHIGHFIRST -DIDEA32 -target sun4 -c zipup.c cc -Qpath unproto -O -DUNIX -DHIGHFIRST -DIDEA32 -target sun4 -c ztrees.c cc -Qpath unproto -O -DUNIX -DHIGHFIRST -DIDEA32 -target sun4 -c zunzip.c as -sparc -o sparc.o sparc.s cc -o pgp pgp.o crypto.o keymgmt.o fileio.o mdfile.o more.o armor.o mpilib.o mp iio.o genprime.o rsagen.o random.o idea.o passwd.o md5.o system.o language.o g etopt.o keyadd.o config.o keymaint.o charset.o zbits.o zdeflate.o zfile_io.o zg lobals.o zinflate.o zip.o zipup.o ztrees.o zunzip.o sparc.o --- Log Ends --- Anyone care to comment? --- Nick MacDonald | NMD on IRC i6t4@jupiter.sun.csd.unb.ca | PGP 2.1 Public key available via finger From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Fogleman Date: Tue, 9 Mar 93 17:32:26 PST To: i6t4@jupiter.sun.csd.unb.ca Subject: Re: Questions about PGP 2.2 compilation messages Message-ID: <9303100125.AA10660@ack.adstest.analog.com> MIME-Version: 1.0 Content-Type: text/plain Nickey, I recently compiled _pgp2.1_ on my sun4 and had a similar problem... I got a binary that seemed to work, but I got a list of warnings. In my case, the program actually had a bug in it; it was trying to compare an unsigned character variable (8 bits) for maximum path length to 256 (nine bits) as defined in the source code. I asked around on the list and I got the same sort of responses you did... I ended up redefining and changing the compare statement to make the compiler happy and still get the intended code... So, pgp may not be entirely bug free... The sun4 compiler may be more conscientious about flagging things. I'd suggest looking through the source to see if there's something simple. In my case, it was. Let me know how you fare; I'll be going through the same thing shortly... Eric Fogleman From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: kelly@netcom.com (Kelly Goen) Date: Wed, 10 Mar 93 00:57:52 PST To: simsong@netxworld.com Subject: NSA TApping Message-ID: <9303100856.AA10642@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Xref: netcom.com sci.crypt:12315 alt.privacy:6117 Path: netcom.com!netcomsv!decwrl!waikato.ac.nz!aukuni.ac.nz!cs18.cs.aukuni.ac.nz!pgut1 Newsgroups: sci.crypt,alt.privacy Subject: NSA tapping of UK communications Message-ID: <1993Mar8.104302.10737@cs.aukuni.ac.nz> From: pgut1@cs.aukuni.ac.nz (PeterClaus Gutmann ) Date: Mon, 8 Mar 1993 10:43:02 GMT Organization: Computer Science Dept. University of Auckland Lines: 26 The following appeared in the NZ Herald on March 4th - I thought it might be of interest to sci.crypt and alt.privacy readers. It backs up claims made in places like "The Puzzle Palace": " A former MI6 officer told the Daily Express that US agents tapped royal calls on behalf of the GCHQ spy centre. Mr James Rusbridger told the paper two top-secret listening stations - operated by the NSA - illegally tap large numbers of private conversations from their bases in Cornwall and Yorkshire. 'By getting the Americans to do it, the British Government is able to say truthfully, though misleadingly, that GCHQ does not tap domestic telephone calls', Mr Rusbridger said. 'The reason the Government is resisting an official investigation into the tapping of royal conversations is that it would be forced to admit publicly that these American owned and controlled listening stations exist on UK soil'. Incidentally, NZ has it's own NSA-controlled listening stations, the largest being at Tangimoana on the South Island. Peter. -- pgut1@cs.aukuni.ac.nz||p_gutmann@cs.aukuni.ac.nz||gutmann_p@kosmos.wcc.govt.nz peterg@kcbbs.gen.nz||peter@nacjack.gen.nz||peter@phlarnschlorpht.nacjack.gen.nz (In order of preference - one of 'em's bound to work) -- C++ will do for C what Algol 68 did for Algol -- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dclunie@pax.tpa.com.au (David Clunie) Date: Tue, 9 Mar 93 14:27:31 PST To: cypherpunks@toad.com Subject: Re: PGP: zip version for pgp2.2? Message-ID: <9303092222.AA02495@britt> MIME-Version: 1.0 Content-Type: text/plain > Even PGP2.1 wouldn't unzip with PKUNZIP 1.x. I had to use PKUNZIP 2.4. > I assume PGP22.ZIP is the same. I would not make this assumption ... I will try it when the zip files have finished ftp'ing across and let you know. david From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: richard_mezirka@askinc.ask.com (Richard Mezirka) Date: Wed, 10 Mar 93 09:41:50 PST To: cypherpunks@toad.com Subject: March 1993 Communications of ACM Denning on Encryption Message-ID: <9303101739.AA22396@askinc.ask.COM> MIME-Version: 1.0 Content-Type: text/plain I've just read with considerable distress the Dorothy Denning article in my March 1993, Communications of the ACM and all the follow up discussions supporting or refuting her positions. I can not in any way support the further erosion of the rights I believe I have to personal privacy and protection from the abuses of government. I'm contacting the EFF as a concerned member and the ACM Risk forum... are there more actions we can and should take? Professor Denning does not convince me of the benevolence of the government nor the necessity for private enterprise to foster government programs (such as building in wire tap support or reducing the effort of government agencies to invade private messages or interactions amongst citizens). A precidential extension might have the auto makers building in governors into all vehicles such that they can't exceed the national speed limit to support traffic law enforcement (the crooks couldn't have faster cars than the cops). I'd suggest cypherpunks get and read the article if they haven't already done so (it covers both wire tap and , as a not too subtle tag on, encryption availability). I'd also suggest we direct our responses to those who can derail this or similar legislation with the EFF and ACM as two likely candidates and congress folks as additional ones. My personal professional dilemma is how can I raise consciousness of the quiet majority who will not immediately be impacted... like my retired parents who fear computers like the flu and still have a strong belief that the government protects their rights rather than restricts them. Their response to Steve Jackson's tiff with the treasury department and law enforcement was along the lines that if he had nothing to hide the government wouldn't have bothered him. Still watching quietly, worried, and now letting others know... Rich From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: John.Nieder@f33.n125.z1.FIDONET.ORG (John Nieder) Date: Wed, 10 Mar 93 13:01:23 PST To: cypherpunks@toad.com Subject: zip version for pgp2.2? Message-ID: <5296.2B9E5101@fidogate.FIDONET.ORG> MIME-Version: 1.0 Content-Type: text/plain * Reply to msg originally in Cypherpunks BK> I just downloaded pgp22.zip from soda, and pkunzip complains about BK> every file having a bad checksum. I'm still using pkunzip 1.1, and I BK> know that pgp20 had problems with some versions of pkunzip. Do I need BK> to get pkunzip 2.04g? The problem I found was that the file was not only compressed with the 2.04? PKZip, but that the -d option had been invoked to preserve a very silly \DOC subdirectory for the documentation. The result was that PGP22.ZIP could not be unZIPped with _either_ version's simple PKUNZIP command, but required the 2.04 version with the -d switch in the command line. I finally got the file unZIPped, but rezipped it as a simple .ZIPfile - without the ridiculous subdirectory - with v 1.10, which will unpack with either version. It's this package that I'm passing along. Hope this helps. JN ... When the going gets tough, the smart get lost. --- Blue Wave/Opus v2.12 [NR]-- John Nieder - via FidoNet node 1:125/555 UUCP - ...!uunet!hoptoad!kumr!fidogate!33!John.Nieder INTERNET - John.Nieder@f33.n125.z1.FIDONET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Wed, 10 Mar 93 12:34:18 PST To: cypherpunks@toad.com Subject: Steve Jackson Games - Legal issues resolved? Message-ID: MIME-Version: 1.0 Content-Type: text/plain This text was extracted from RISKS DIGEST 14.39 - 8<------- Cut Here ----------------------- Date: Tue, 9 Mar 93 10:25:35 -0500 From: Eric Haines Subject: Steve Jackson Games/Secret Service wrapup [Eric Haines, erich@eye.com, sent me a Houston Chronicle article by Joe Abernathy, a sometime contributor to RISKS, which Eric found in the electronic mail magazine "Desperado" ("no, it's not a magazine about hacking"). "There can be justice in the world, after all..." EH. I cannot include the long copyrighted article here, but have excerpted from the beginning, as follows. It's a good article. Alas, no date. But Joe may still be available at Joe.Abernathy@houston.chron.com if you want to dig up the whole thing. Also, see RISKS-9.95,96;10.01,ff. for the earlier history. PGN] Steve Jackson Games/Secret Service wrapup By JOE ABERNATHY Copyright 1993, Houston Chronicle [no date given] AUSTIN -- An electronic civil rights case against the Secret Service closed Thursday with a clear statement by federal District Judge Sam Sparks that the Service failed to conduct a proper investigation in a notorious computer crime crackdown, and went too far in retaining custody of seized equipment. The judge's formal findings in the complex case, which will likely set new legal precedents, won't be returned until later. [...] The judge's rebuke apparently convinced the Department of Justice to close its defense after calling only ... one of the several government witnesses on hand. "The Secret Service didn't do a good job in this case. We know no investigation took place. Nobody ever gave any concern as to whether (legal) statutes were involved. We know there was damage," Sparks said in weighing damages. The lawsuit, brought by Steve Jackson Games of Austin, said that the seizure of three computers violated the Privacy Protection Act, which provides First Amendment protections against seizing a publisher's works in progress. The lawsuit further said that since one of the computers was being used to run a bulletin board system containing private electronic mail, the seizure violated the Electronic Communications Privacy Act in regards to the 388 callers of the Illuminati BBS. The testimony described by Joe was rather strange. Agents testified that there was no criminal connection, they were not even trained in the Privacy Protection Act, and it took them only an hour to discover the true nature of the situation. The Electronic Frontier Foundation spent over $200,000 bringing this case to trial. The legal ramifications are considerable. Perhaps someone from EFF will contribute an analysis to RISKS, although many EFFers (and I) are at Computers, Freedom, and Privacy 93 this week. Don't hold your breath, but perhaps we need to wait for the judge? PGN 8<------- Cut Here ----------------------- Cheers. Paul Ferguson | Network Integration Consultant | "All of life's answers are Alexandria, Virginia USA | on TV." fergp@sytex.com (Internet) | -- Homer Simpson sytex.com!fergp (UUNet) | 1:109/229 (FidoNet) | PGP public encryption key available upon request. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: derek@cs.wisc.edu (Derek Zahn) Date: Wed, 10 Mar 93 12:04:10 PST To: cypherpunks@toad.com Subject: Hidden encrypted messages Message-ID: <9303102002.AA24037@lynx.cs.wisc.edu> MIME-Version: 1.0 Content-Type: text/plain If true encryption is ever outlawed in the U.S., I wonder if it's possible to have an encryption technique that preserves plausible deniability. That is, if seemingly innocuous messages could contain encrypted messages (for example, first-letter-of-words strung together). In such a case, I'd think that it would be difficult to prove that said message contained a hidden message unless the decryption key was available (the embedded encrypted message wouldn't look suspicious, even if an onlooker knew where to look). Is this a common idea in cryptographic circles? derek From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Wed, 10 Mar 93 13:13:58 PST To: richard_mezirka@askinc.ask.com (Richard Mezirka) Subject: Re: March 1993 Communications of ACM Denning on Encryption In-Reply-To: <9303101739.AA22396@askinc.ask.COM> Message-ID: <9303102112.AA29509@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain > I've just read with considerable distress the Dorothy Denning article in > my March 1993, Communications of the ACM and all the follow up > discussions supporting or refuting her positions. I can not in any way > support the further erosion of the rights I believe I have to personal > privacy and protection from the abuses of government. I'm contacting > the EFF as a concerned member and the ACM Risk forum... are there > more actions we can and should take? > > I'd suggest cypherpunks get and read the article if they haven't already > done so (it covers both wire tap and , as a not too subtle tag on, But don't buy the articles. Get them at the library. No point in giving them your money and your opinions! ;^) > encryption availability). I'd also suggest we direct our responses to > those who can derail this or similar legislation with the EFF and ACM > as two likely candidates and congress folks as additional ones. Next time someone tells me to get in touch with someone to complain to and doesn't give me their address, I'LL SCREEM! Not a flame, just a (subtle) suggestion. ;^) We need to publish the addresses of various people, so that those people can get a "proper" understanding of our fears/outrage. Just my $.02. +----------------------+----------------------------------------------------+ | J. Michael Diehl ;-) | I thought I was wrong once. But, I was mistaken. | | +----------------------------------------------------+ | mdiehl@triton.unm.edu| "I'm just looking for the opportunity to be | | Thunder@forum | Politically Incorrect! | | (505) 299-2282 | | +----------------------+----------------------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Wed, 10 Mar 93 13:18:46 PST To: robichau@lambda.msfc.nasa.gov (Paul Robichaux) Subject: Re: FWEE!: F-117A post considered harmful In-Reply-To: <9303091453.AA11794@lambda.msfc.nasa.gov.msfc.nasa.gov> Message-ID: <9303102117.AA00331@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain Lets assume that the poster was a "good-guy," as opposed to just a prankster. Then he has pointed out a serious flaw in the WB system. He has demonstrated the ability for a person to obtain (bonefied) classified information and broadcast it worldwide, with out any fear of being caught or censored. I support anonymity, but I wonder about how it will be "regulated" to keep this from happening for real. Comments? +----------------------+----------------------------------------------------+ | J. Michael Diehl ;-) | I thought I was wrong once. But, I was mistaken. | | +----------------------------------------------------+ | mdiehl@triton.unm.edu| "I'm just looking for the opportunity to be | | Thunder@forum | Politically Incorrect! | | (505) 299-2282 | | +----------------------+----------------------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jthomas@mango.mitre.org (Joe Thomas) Date: Wed, 10 Mar 93 12:14:43 PST To: cypherpunks@toad.com Subject: FWEE!: Re: F-117A post considered harmful Message-ID: <9303102010.AA00726@mango> MIME-Version: 1.0 Content-Type: text/plain Hmm... I thought that was the point. When I read the F-117A message, I thought the poster was trying to point out that a "whistleblower"-type newsgroup could be abused by people trying to leak classified information (not that that should be news to anyone). I didn't take the information in it any more seriously than I took DeadBeat's request that I send him my e-mail address through anon.penet.fi, so he could describe a security hole there. Am I the only one who got that impression? Joe From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Wed, 10 Mar 93 15:30:31 PST To: corwin@cayman.com (Lord Among Panthers) Subject: Re: Hidden encrypted messages In-Reply-To: <9303102302.AA23528@cuba.Cayman.COM> Message-ID: <9303102329.AA14202@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain > There is an even simpler solution. Encrypt your message as you > normally would, and what do you end up with? A bunch of seemingly > random bits. Wrap a little header around it claiming it is data from > a Johnson-Noise measurement experiment, or some such thing. To > increase plausibility, you can build yourself a Johnson Noise > measurement aparatus (all you need is a high-sensativity voltmeter and > a resistor). Or, how about making it look like a uuencoded binary. The filename could stand for the subject of the letter. If you don't specify the platform or purpose of the file, it would be hard to find out that it wasn't really uuencoded data. Thoughts? +----------------------+----------------------------------------------------+ | J. Michael Diehl ;-) | I thought I was wrong once. But, I was mistaken. | | +----------------------------------------------------+ | mdiehl@triton.unm.edu| "I'm just looking for the opportunity to be | | Thunder@forum | Politically Incorrect! | | (505) 299-2282 | | +----------------------+----------------------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ld231782@longs.lance.colostate.edu Date: Wed, 10 Mar 93 16:06:35 PST To: cypherpunks@toad.com Subject: CRYPT: Dingaling Denning & random # generators In-Reply-To: <9303102302.AA23528@cuba.Cayman.COM> Message-ID: <9303110005.AA03709@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain I don't think we need to be too concerned about D. Denning's proposals (the D. stands for Dingaling, in case you're wondering). Has she addressed `adequately' the issue of giving false keys to the archiving authority in her article? (If such a thing is even possible.) The whole idea sounds so unbelievably unrealistic and bizarre I can't believe anyone with a significant intelligence or reputation on the line would propose it (but then again, academics can make a living on outdoing each other in their unrealistic and bizarre proposals). I don't really see how this idea of wiretappable encrypted communications could be carried out, unless there are some kind of centralized encryption servers run by the government (I'm ashamed to even say such a thing), and make "private" encryption illegal. This smacks of such blatant totalitarianism I can't imagine anyone in the U.S. seriously considering it (except, of course, perhaps law enforcement types or NSA operatives). Considering how much copiers were regulated in the Soviet Union, I can't say that it'd be impossible to regulate every single of the 100's of millions of PC's in the world or in a country to pull this off, but there's no end to the strange effects brewed from isolated, idealistic bureacrats (and no limit to the severity of threats to freedom...) As I posted once to sci.crypt: encrypted communication is virtually interchangeable with and indistinguishable from communication itself. How does someone `know' that you are encrypting a message? Even straight ASCII messages can contain encrypted messages. (In fact, it would be interesting to write an application that will take any message and encode it like this.) Can you imagine the Meaning Police showing up on your doorstep demanding to know what your last message REALLY MEANS, and smirking malevolently when you insist that it's just a love note to your girlfriend? Unless a really severe cold front hits Hell, I think we're safe on this one. The thing we DO need to be VERY AFRAID OF, and LOBBY VEHEMENTLY AGAINST, is bizarre laws that are vague and can be twisted to whatever means police desire, and put the burden of proof and recovery on possibly innocent victims, such as the without-due-process property-confiscating drug laws we have now. (I suppose one possibility is requiring `carriers' -- phone companies, telegraph services, etc.--to provide keys for messages they encrypt. But what is the strength of nonlocal encryption? Would anybody use this? I guess there are a lot of unsophisticated people who want somebody else to do their encryption for 'em, but boy, not I...) To do something like have completely tappable communications, we'd need half the country to monitor the other half, to make sure nothing out of context is going on. Only problem with this is, who monitors the monitors? (The cypherpunks?) (I suppose I shouldn't be so flippant, because Nazi Germany was one example of a state with a comprehensive populace-monitoring apparatus...) No, I don't buy that paranoid plop about how it would be "trivial" to set up filters that "detect" encryption, or that this is happening on a widespread scale by the NSA in the U.S. This is an absolutely absurd claim. These mechanisms could be just as trivially defeated (although a-priori knowledge of their function may be required). People who think encryption is different from communication think that symbols are different than letters. Speaking as a programmer, good luck explaining it to a computer. I just think Mrs. Denning is well-intentioned but completely out of touch with reality on this one (hm, what's a nice academic PC term for this? cluefully challenged?) Is *anybody* taking her seriously? Maybe we should start an email campaign to SEND HER CLUES. Maybe a Cease and Desist court order? Maybe we could get the police to do a search on her house for all her cryptography keys (hehe, anonymous tip that she keeps an encrypted database of illegal activities? sorry, don't take me seriously). - - - From: corwin@Cayman.COM (Lord Among Panthers) >Encrypt your message as you >normally would, and what do you end up with? A bunch of seemingly >random bits. Wrap a little header around it claiming it is data from >a Johnson-Noise measurement experiment, or some such thing. To >increase plausibility, you can build yourself a Johnson Noise >measurement aparatus (all you need is a high-sensativity voltmeter and >a resistor). *= <- light bulb going off -- hm, could something like that be used as a hardware random number generator? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Wed, 10 Mar 93 17:08:44 PST To: cypherpunks@toad.com Subject: F-117A Nighthawk post--Conclusions of Experiment Message-ID: <9303110107.AA05111@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain J. Michael Diehl guesses the truth: >Lets assume that the poster was a "good-guy," as opposed to just a prankster. > >Then he has pointed out a serious flaw in the WB system. He has demonstrated >the ability for a person to obtain (bonefied) classified information and >broadcast it worldwide, with out any fear of being caught or censored. I >support anonymity, but I wonder about how it will be "regulated" to keep this >from happening for real. > >Comments? Well, I _hope_ I am a good guy, at least by the standards of this list. I posted the F-117A "revelations" about the Stealth fighter, through a series of 6 or 7 remailers (which I first tested, as I like to do, by pinging them all) in order to examine the reactions of the list to what "whistleblowing" acts are very likely to look like. The reactions have been interesting. Some of you got angry, some even practically foamed at the mouth, calling me a "treasonous fool." Fair enough, as I hoped to see this kind of range of opinions. Some points: 1. Nothing in the posting, as some of you observed, was controversial or classified. I took an article from the book, "Stealth Technology: The Art of Black Magic," J. Jones, Aero Books, 1989, and scanned it and OCRed it. A few "probably"s and "could be"s were deleted, and minor other changes were made (e.g., I converted approximate numbers to precise--though of course wrong--numbers). The speculations about supersonic capability were in the original--I can't say how plausible they are. Likewise, the stuff about "changing color" was also in the original (I was trained as physicist--would I make something like that up?). 2. Ironically, the "Discovery Channel" ran an hour-long program, "Nighthawk: Secrets of the Stealth," which was many times more revealing than my post. "Aviation Week and Space Technology," also known as "Aviation Leak and Spy Technology," has also carried far more detailed information over the years. 3. As both Joe Thomas and J. Michael Diehl pointed out, I was "testing" the nascent "whistleblower" system. I decided it would be interesting to guage the reaction of the list to what might at first glance look like classified information being posted--something we can surely expect to see if the "whistleblower" group really gets going. (That, and deliberate misinformation to discredit the group, flames to drown out the actual whistleblowing, illegal or grossly offensive material to try to get the group taken off the Net, etc.) If you folks really want to set such a thing up, better be prepared for all kinds of weird stuff. Of course, the posting of "classified" documents--ersatz though this one may have been (in the sense of not being classified!)--can happen even without the "whistleblower" connotations...any anonymous remailer will work, naturally. But a whistleblower list (which I support, by the way) is going to attract all kinds of strange postings, once publicity is gotten (as it must, else what's the point?). 4. On the appropriateness of defense information as "whistleblower" material, consider these facts: The most serious cases of whistleblowing in the last few years have been on *defense* issues--coast over-runs, weapons systems that failed to work or were unsafe, bribes to DoD or company officials, and so on. This is the fodder for "60 Minutes" and "20/20," who've all run pieces on defective weapons systems, the Bradley Fighting Vehicle, the Apache Helicopter, the "DIVAD" gun, and so on. (Would my article have been any less offensive to some of the censorious among you if I'd fabricated stuff about the Nighthawk not meeting design goals, not being safe to fly, costing too much, etc.? I suspect not.) 5. In most cases, the DoD has tried to limit the scrutiny on such systems by invoking "national security" as a cloak. This, even though the Soviets already had the info--generally far in advance and in much greater detail. The invocation of national security has generally resulted in Americans being ignorant of malfeasance and chicanery. The whole idea of the whistleblowing list is to allow anonymous, untraceable postings of controversial material like this! Much of what is posted will by necessity contain material that someone thinks should not be released to the public. Q.E.D. (or haven't folks thought this one out?). (So if you whistleblower advocates out there are going to get cold feet when seemingly sensitive materials is sent out, you'd better just quit right now!) 6. Paul Robichaux and Dave Deltorto have opined that posts like this should *not* be posted (and tell me how they'll ever be stopped in the real world?), as they invite the attention of the NSA and other TLAs (Three Letter Acronyms). This seems overly paranoid for even this list, given the megabytes of solid info published by Av Leak and other technical mags. If some defense stuff is going to get us shut down, we'd better stop now. (Actually, the problems with the whistleblower's list or group are sufficiently clear that I'd recommend that nobody be _formally_ affiliated with it. If it just "appears," somehow, probably in the alt heierchy, then people can post to it through anonymous remailers.) 7. Speaking of which, a whistleblowers group will likely face attack on several fronts, depending on whose ox is gored. There may in fact be deliberate postings of truly classified material just to cause the group to be shut down (or to cause Internet sites not to carry it, etc.). Some child porn posted anonymously may get nearly any group pulled. Ditto for Holocause revisionism, racist jokes, extortion demands, etc. Consider my little experiment a very benign little "innoculation," a hint of what to expect. 8. Again, I feel we should all be _using_ anonymous remailers to test, or probe, these various ideas we have. Better that we try out a few ideas related to "whistleblowing" in the safety of our own group before launching it out into the world. Of course, now that I've exposed myself as the originator, this may make you all skeptical of posts from "Anonymous" or "Nobody." And you _should_ be skeptical! That's an important part of the whole process. And don't assume everything from "Anonymous" is from me! Cheers, -"Anonymous" aka, Tim May, Cypherpunk, Crypto Anarchist, and Gadfly -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: corwin@Cayman.COM (Lord Among Panthers) Date: Wed, 10 Mar 93 15:03:31 PST To: derek@cs.wisc.edu Subject: Hidden encrypted messages In-Reply-To: <9303102002.AA24037@lynx.cs.wisc.edu> Message-ID: <9303102302.AA23528@cuba.Cayman.COM> MIME-Version: 1.0 Content-Type: text/plain There is an even simpler solution. Encrypt your message as you normally would, and what do you end up with? A bunch of seemingly random bits. Wrap a little header around it claiming it is data from a Johnson-Noise measurement experiment, or some such thing. To increase plausibility, you can build yourself a Johnson Noise measurement aparatus (all you need is a high-sensativity voltmeter and a resistor). corwin From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Derek Atkins Date: Wed, 10 Mar 93 15:47:22 PST To: cypherpunks@toad.com Subject: MEET: San Diego Trip in my future Message-ID: <9303102346.AA15180@deathtongue.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Hi. I am going to be in the San Diego area for the weekend of March 20th. I don't know where I'm going to be staying, and I don't know the San Diego area at all. (I do know that I will be near the beach ;-) However I'd like to meet people, if they have time to get together. If you have time and want to meet some time that weekend, please send me a piece of mail and let me know. OBTW -- what are the good 2m and 70cm repeaters out there? ;-) - -derek PGP 2 key available upon request on the key-server: pgp-public-keys@toxicwaste.mit.edu - -- Derek Atkins, MIT '93, Electrical Engineering and Computer Science Secretary, MIT Student Information Processing Board (SIPB) MIT Media Laboratory, Speech Research Group warlord@MIT.EDU PP-ASEL N1NWH -----BEGIN PGP SIGNATURE----- Version: 2.2 iQBuAgUBK559fDh0K1zBsGrxAQFCeQLFGYxSChJPELdBQoutkMYa55OuxJP3e9wW PTEsrn6U1sC5p6SnyC7Al9mb38vBtmoSLnT88udMwgsbE0dJ0P//lRm4MZUVJINn 83yy3ouSyKLSk/pq2YN6Bcg= =6M90 -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Wed, 10 Mar 93 19:06:19 PST To: tcmay@netcom.com (Timothy C. May) Subject: Re: F-117A Nighthawk post--Conclusions of Experiment In-Reply-To: <9303110107.AA05111@netcom.netcom.com> Message-ID: <9303110304.AA11055@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain > J. Michael Diehl guesses the truth: > > >Lets assume that the poster was a "good-guy," as opposed to just a prankster. > > > >Then he has pointed out a serious flaw in the WB system. He has demonstrated Oh how I like to be told I'm right! Wish it happened more often. ;^) > >the ability for a person to obtain (bonefied) classified information and > >broadcast it worldwide, with out any fear of being caught or censored. I > >support anonymity, but I wonder about how it will be "regulated" to keep this > >from happening for real. > > > >Comments? > > Well, I _hope_ I am a good guy, at least by the standards of this list. > > The reactions have been interesting. Some of you got angry, some even > practically foamed at the mouth, calling me a "treasonous fool." Fair > enough, as I hoped to see this kind of range of opinions. Reminder: "Treasonous fools" started the Revolutionary War. > 1. Nothing in the posting, as some of you observed, was controversial or > classified. I took an article from the book, "Stealth Technology: The Art Well, I didn't read it completely, but printed it instead, thinking it might be juicy. Can you say Gotcha? ;^) > 6. Paul Robichaux and Dave Deltorto have opined that posts like this should > *not* be posted (and tell me how they'll ever be stopped in the real > world?), as they invite the attention of the NSA and other TLAs (Three > Letter Acronyms). This seems overly paranoid for even this list, given the No it is not. I assume that the TLA's read EVERYTHING I post. How's that for paranoia? > > (Actually, the problems with the whistleblower's list or group are > sufficiently clear that I'd recommend that nobody be _formally_ affiliated > with it. If it just "appears," somehow, probably in the alt heierchy, then > people can post to it through anonymous remailers.) Good point, but please read my closing comments. > > 7. Speaking of which, a whistleblowers group will likely face attack on > several fronts, depending on whose ox is gored. There may in fact be > deliberate postings of truly classified material just to cause the group to > be shut down (or to cause Internet sites not to carry it, etc.). Some child > porn posted anonymously may get nearly any group pulled. Ditto for > Holocause revisionism, racist jokes, extortion demands, etc. Consider my > little experiment a very benign little "innoculation," a hint of what to > expect. Perhapse by a TLA? > Once anonymous remailers become widely used, they will become "powerfull." When they become "too" powerfull, they will be under attack. The eventual goal being to shut them down on an individual basis. I don't see them being attacked as a whole. The attack will be to simply shut them down. Well, perhapse an attack might be to discredit them...as a whole, but I digress. What we need is a protocol that would notify the rest of the net/world when a remailer is shut down. What if the bbs in opperation Sundevil was expected to send a message every day to other sites around the world. When the bbs was shut down, that message wouldn't be sent and every one would know what happened? I don't have time to go on, but does anyone have any comments? +----------------------+----------------------------------------------------+ | J. Michael Diehl ;-) | I thought I was wrong once. But, I was mistaken. | | +----------------------------------------------------+ | mdiehl@triton.unm.edu| "I'm just looking for the opportunity to be | | Thunder@forum | Politically Incorrect! | | (505) 299-2282 | | +----------------------+----------------------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Tony Kidson Date: Wed, 10 Mar 93 18:46:05 PST To: cypherpunks@toad.com Subject: Re: FWEE!: F-117A post considered harmful Message-ID: <3369@morgan.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain In message <9303091453.AA11794@lambda.msfc.nasa.gov.msfc.nasa.gov> you write: > [ disclaimer: I don't work on classified projects anymore. My experience > as an aircraft mechanic is with helicopters. I read a lot. ] > > I believe that the recent anonymous "whistle" purporting to reveal > information about the F-117A aircraft: > thing. Disclosing classified information, however- > especially when it's not relevant to revealing fraud, > waste, or abuse- is probably not a good way to keep > the whisteblower group safe from the Three-Letter Gang. > Perhaps that was the idea??? Tony +-----------------+-------------------------------+--------------------------+ | Tony Kidson | ** PGP 2.1 Key by request ** | Voice +44 81 466 5127 | | Morgan Towers, | The Cat has had to move now | E-Mail(in order) | | Morgan Road, | as I've had to take the top | tony@morgan.demon.co.uk | | Bromley, | off of the machine. | tny@cix.compulink.co.uk | | England BR1 3QE |Honda ST1100 -=<*>=- DoD# 0801 | 100024.301@compuserve.com| +-----------------+-------------------------------+--------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: internaut@aol.com Date: Wed, 10 Mar 93 21:31:31 PST To: cypherpunks@toad.com Subject: FWEE!: Markoff/NYT/VoiceCrypt Message-ID: <9303110032.tn17218@aol.com> MIME-Version: 1.0 Content-Type: text/plain Thanks to everyone who sent John Markoff's name, email address and/or past life animal. I'll let all of you know what transpires when I buzz him about the VoiceCrypt article and get some info for the Whistleblower Project. BTW, Pretty amazing day at CFP today (especially the session on Censorship on the 'net): watch this cyberspace for details next week... Not-Entirely-Unrelated note: to all of you who have asked for a FTP-able version of MacPGP, I will provide that this Sunday (the life of a CFP volunteer!). Hope you can all keep your pants on until then. :) It's worth the wait. dave "It's not the voting that makes Democracy, it's the counting." - T. Stoppard From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@pmantis.berkeley.edu Date: Thu, 11 Mar 93 01:16:28 PST To: cypherpunks@toad.com Subject: PGP Tutorial Gone. Message-ID: <9303110917.AA12013@pmantis.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain soda.berkeley.edu is supposed to have several files reguarding pgp. The problem is that this site is refusing connections. Could we get an alternative site? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Alexander Chislenko Date: Wed, 10 Mar 93 22:38:11 PST To: corwin@Cayman.COM Subject: Re: Hidden encrypted messages Message-ID: <199303110636.AA09866@ra.cs.umb.edu> MIME-Version: 1.0 Content-Type: text/plain What about encoding a message by chnging spacing between the words? It is surely not the most compact method, but one might be able to transmit a pretty long message hidden in the text of "Alice in Wonderland" that would still be neatly formatted and *word-to-word* indistinguishable from the original. Alex. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ghoast@gnu.ai.mit.edu Date: Wed, 10 Mar 93 23:14:55 PST To: cypherpunks@toad.com Subject: Re: Hidden encrypted messages Message-ID: <9303110713.AA14022@hal.gnu.ai.mit.edu> MIME-Version: 1.0 Content-Type: text/plain > > What about encoding a message by chnging spacing between the words? > It is surely not the most compact method, but one might be able to transmit > a pretty long message hidden in the text of "Alice in Wonderland" that > would still be neatly formatted and *word-to-word* indistinguishable from > the original. > > Alex. > Of course, if someone knew what they were looking for, it "would be trivial" to set up some sort of filter to find this type of message (in this case, one with a great number of spaces). This assumes unnoticability due to lack of knowledge, which is the current thought process being applied to computer security. It's a very falible one, as many companies have found. If you assume whatever kind of filter you may be dealing with will be a program (and not a person) looking for a certain frequency of special characters, or just a range in which >90% of your characters fall (like do you use many more alphanumerics than *&&*^%$#'s?) then you could just have every fifth letter in your _Alice_ transmission be a character of your encrypted message.. On the other hand, in dealing with that kind of program, I'm sure you could write some program that would represent non-alphanumerics with a recognizable code of alphanumerics which wouldn't be normally generated by the encryptor (and failing that, just convert the entire piece to hex or something..). Hmm, in writing this it seems to me that hiding a encrypted file in a way that would evade anything drempt up to distiguish it from text is a lot more difficult than just calling it something else: "Umm, yeah Mr. NSA, that was a sound file of the pgp sound format! ..right." (or that noise suggestion too) ghoast@gnu.ai.mit.edu (Devin Jones) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Shipley Date: Thu, 11 Mar 93 08:48:40 PST To: cypherpunks@toad.com Subject: Re: PGP Tutorial Gone. In-Reply-To: <9303110917.AA12013@pmantis.berkeley.edu> Message-ID: <9303111647.AA23903@edev0.TFS> MIME-Version: 1.0 Content-Type: text/x-pgp -----BEGIN PGP SIGNED MESSAGE----- >From: nobody@pmantis.berkeley.edu >soda.berkeley.edu is supposed to have several files reguarding pgp. The >problem is that this site is refusing connections. Could we get an >alternative site? soda suffered a disk crash. it is being restored as we speak. -Pete -----BEGIN PGP SIGNATURE----- Version: 2.2 iQBFAgUBK59ssMhmn7GUWLLFAQEEeQF9Gv//0Ze8IqdSGKLbdpvGaQy273Gq+7Qj 1kUUre2vl00j35hzduGofJVR9lkyoYnr =/ng3 -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: derek@cs.wisc.edu (Derek Zahn) Date: Thu, 11 Mar 93 07:02:43 PST To: ghoast@gnu.ai.mit.edu Subject: Re: Hidden encrypted messages In-Reply-To: <9303110713.AA14022@hal.gnu.ai.mit.edu> Message-ID: <9303111501.AA26622@lynx.cs.wisc.edu> MIME-Version: 1.0 Content-Type: text/plain Devin Jones responds to Alex: > Hmm, in writing this it seems to me that hiding a encrypted file in a way that > would evade anything drempt up to distiguish it from text is a lot more > difficult than just calling it something else: "Umm, yeah Mr. NSA, that was > a sound file of the pgp sound format! ..right." Alex's (good) idea about using creative spacing to hide an encrypted message is similar to that what I'd originally proposed (and of course it has to be hiding an *encrypted* message!). I've gotten a number of responses of the form "Why not just claim that an encrypted message is data?", but my original point was Plausible Deniability. That is, I was postulating an environment in which Big Brother has outlawed cryptography. Now, confronted with a confiscated message, the sender has to defend himself from the Inquisition. Can't just claim it's a sound file; the Inquisitor will want it played. The question I'm trying to answer is how to produce on demand a causal explanation of data (which actually contains an encrypted message) that satisfies an investigator and doesn't reveal the encrypted message. Some simple scheme like, "Uh, it's the result of my new random number generation algorithm" isn't likely to be *satisfying* and is certain to produce the response, "OK, let's see the algorithm." derek don't bother running sophisticated analyses of the above message (oops, I suppose that's a suspicious thing to say) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: thug@phantom.com (Murdering Thug) Date: Thu, 11 Mar 93 07:36:39 PST To: cypherpunks@toad.com Subject: Hiding Encrypted Messages Message-ID: MIME-Version: 1.0 Content-Type: text/plain I think it would be quite easy to hide encrypted text in music/sound or graphics files. In order to do it with sampled music/sound: 1. Use a SoundBlaster-type card to sample a given amount of music from a radio/tape/cd/whatever using 8-bit samples at some low sampling rate like 11,000 samples/second. This would give you a lot of music for the space used. 2. Then take an encrypted PGP file and dispurse it bit-by-bit into the LSB (least-significant-bit) of each sample. This wouldn't distort the sound sample to any extent noticable by the human ear. Thus each byte of PGP file would be dispursed into 8 bytes of sound file. Thus if you wanted to send a 20k PGP file, you would have to put it into a 160k music file. If you're ever forced to explain what that file contains (unlikely, since you can always take the Fifth Ammendment) you can just play it on your computer and have the NSA/SS/FBI/Whatever listen to James Brown go "Hyeeeah... I feel good!" +---------------+ +-------------------------------------------------+ | ***** ___\!/_ * * * * | Murdering Thug | * __/_ /|\ * * * * * | | * / \ * * * * * | thug@phantom.com | * | | * * * * | | * \____/ * * * * | | ***** * * * | +---------------+ +-------------------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Thu, 11 Mar 93 11:04:58 PST To: cypherpunks@toad.com Subject: Re: Hiding Encrypted Messages Message-ID: <9303111903.AA13537@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Uri writes about Thug's LSB method: > >a) This method has essentially the same complexity, as one-time pad, > but without it's strength. > >b) If it's played and recognized - one can trace your source (a CD, a > tape of radio broadcast, whatever) and do a comparison. Then the > file containing of all the LSBs is cryptanalyzed... > >I might be wrong IF those nice LSBs are too hard to track... But then >again, you're facing the need to communicate that one-time pad... I've written several pieces for sci.crypt and for the Cypherpunks list about encrypting messages in the LSBs of music--I doubt I was the first, though my first posting on this was in 1988. (A posting on this is included at the end of this message.) Uri's points: a) The idea is to _hide_ the existence of the message, a la steganography. A Digital Audio Tape carried across a border is a whole less obvious than a one time pad of numbers. b) A nearly essential aspect, one I've emphasized repeatedly, is to _not_ use a digital copy of a CD, but rather to use an _analog_ dub. The noise floor (cables, imperfections in the DACs and ADCs, analog circuits) will be well above the LSB, making the message bits virtually indistinguishable from noise. Sophisticate spectral analysis, and entropy analysis, may reveal the message bits to be other than noise, but this will be quite difficult (and some masssaging of the bits will help make their statistics match that of noise). c) Yes, the method is that of the one-time pad. In fact, it's a way to _transport_ one-time pads. Here's one of my postings on this subject: From: tcmay@netcom.com (Timothy C. May) Subject: Messages in the Least Significant Bits To: cypherpunks@toad.com Date: Tue, 27 Oct 92 19:03:19 PST Cc: tcmay@netcom.com (Timothy C. May) Cypherpunks, Here's a message I just posted to another mailing list. It has rather strict policies against cross-posting, so I've edited out the headers and the initial chunk of text I quoted. That should make me kosher. (This topic also came up in some e-mail with George Gleason.) Forwarded message: >From tcmay Tue Oct 27 18:43:34 1992 xxxx is exactly right on this. Several years ago I posted to sci.crypt my "novel" idea for packing bits into the essentially inaudible "least significant bits" (LSBs) of digital recordings, such as DATs and CDs. Ditto for the LSBs in an 8-bit image or 24-bit color image. I've since seen this idea reinvented _several_ times on sci.crypt and elsewhere...and I'm willing to bet I wasn't the first, either (so I don't claim any credit). A 2-hour DAT contains about 10 Gbits (2 hours x 3600 sec/hr x 2 channels x 16 bits/sample x 44K samples/sec), or about 1.2 Gbytes. A CD contains about half this, i.e., about 700 Mbytes. The LSB of a DAT is 1/16th of the 1.2 Gbytes, or 80 Mbytes. This is a _lot_ of storage! A home-recorded DAT--and I use a Sony D-3 DAT Walkman to make tapes--has so much noise down at the LSB level--noise from the A/D and D/A converters, noise from the microphones (if any), etc.--that the bits are essentially random at this level. (This is a subtle, but important, point: a factory recorded DAT or CD will have predetermined bits at all levels, i.e., the authorities could in principle spot any modifications. But home-recorded, or dubbed, DATs will of course not be subject to this kind of analysis.) Some care might be taken to ensure that the statistical properties of the signal bits resemble what would be expected with "noise" bits, but this will be a minor hurdle. Adobe Photoshop can be used to easily place message bits in the "noise" that dominates things down at the LSB level. The resulting GIF can then be posted to UseNet or e-mailed. Ditto for sound samples, using the ideas I just described (but typically requiring sound sampling boards, etc.). I've done some experiments along these lines. This doesn't mean our problems are solved, of course. Exchanging tapes is cumbersome and vulnerable to stings. But it does help to point out the utter futility of trying to stop the flow of bits. --Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | PGP 2.0 and MailSafe keys by arrangement. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: The Phantom Date: Thu, 11 Mar 93 11:57:02 PST To: cypherpunks@toad.com Subject: HIDE: embedding msgs into snd & graphics Message-ID: MIME-Version: 1.0 Content-Type: text/plain writes uri@watson.ibm.com: ---- Yes, a very valid point. But it seems to me, that Random Data claim is the best, with the highest chances to keep one out of trouble (if anything can :-). The algorithm? Oh, sorry, but it's a HARDWARE random data generator! And if it's truly good random gen, there are no patterns to track... One can use it to create huge one-time pads, BTW... "Salt" some of the encrypted (or plaintext :-) messages with those... ---- Yes? Hardware? Well, then, where is the piece of hardware you used, then? It seems this falls to the Big Brother 'where is the algorithm' test even harder, as it is a physical piece of equipment. It seems to me that if I were an agent and I were looking for transmissions from an individual and I saw him sending out 10 copies of the `Rocky & Bullwinkle Show' intro per week, I'd look into those, even though they seem normal enough. When I checksummed them and they didn't match, I'd be more than suspicious: I'd start stripping the lower bits off. If I knew that the suspect used PGP and RIPEM, I'd most certainly try and push the output through them, if they weren't plainly recognizable. Seems to me that the best thing to hide pgp in would be a low-quality host-medium (lots of noise!) that changes frequently, so the checksumming cannot occur against the same message. The low quality could also be attained by pushing more of your message into the host; maybe alternating between the 8th bit and another bit. In any case, I don't think that the host should be a stable one (frequently used) or one that can be easily compared to the original. Matt Matt Thomlinson University of Washington, Seattle, Washington. Internet: phantom@u.washington.edu phone: (206) 528-5732 PGP 2.2 key available via email or finger phantom@hardy.u.washington.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Matthew J Miszewski Date: Thu, 11 Mar 93 10:20:38 PST To: cypherpunks@toad.com Subject: CYPHER: Plain encypher Message-ID: <23031112170179@vms2.macc.wisc.edu> MIME-Version: 1.0 Content-Type: text/plain In response to all those interested in disguising messages in complicated graphics/sound/random # generators/etc I believe this would unnecessarily defeat the purpose. TLA types become suspicious when they see random pgp type data transmissions flying across their screens. When they get one of these monsters, they of course attempt to decrypt it (assuming its from someone they wish to monitor (All of us?). They also become suspicious when incredibly long plain text transmissions are broadcast. It seems desireable to have a mode of encryption that will encrypt my message and then package it in a short (relatively) plain text message. The NSA/CIA/FBI wont bother trying to decrypt messages that are the equivalent of 'My slide show of my trip to Florida". And even if they were to suspect, or by some miracle decrypt it, you have your Plausible Deniability. Make the message generator sufficiently general that all final messages are plausible real messages. Only those expecting a message that is encrypted in plain text will know they have one. They would have the key to decrypt it. And no one would be the wiser. Matt mjmiski@macc.wisc.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uri@watson.ibm.com Date: Thu, 11 Mar 93 09:27:06 PST To: derek@cs.wisc.edu (Derek Zahn) Subject: Re: Hidden encrypted messages In-Reply-To: <9303111501.AA26622@lynx.cs.wisc.edu> Message-ID: <9303111725.AA20493@buoy.watson.ibm.com> MIME-Version: 1.0 Content-Type: text/plain Derek Zahn says: > ....................I've gotten a number of responses > of the form "Why not just claim that an encrypted message is data?", > but my original point was Plausible Deniability. That is, I was > postulating an environment in which Big Brother has outlawed cryptography. > Now, confronted with a confiscated message, the sender has to defend > himself from the Inquisition. Can't just claim it's a sound file; > the Inquisitor will want it played. The question I'm trying to answer > is how to produce on demand a causal explanation of data (which actually > contains an encrypted message) that satisfies an investigator and > doesn't reveal the encrypted message. Some simple scheme like, "Uh, > it's the result of my new random number generation algorithm" isn't > likely to be *satisfying* and is certain to produce the response, > "OK, let's see the algorithm." Yes, a very valid point. But it seems to me, that Random Data claim is the best, with the highest chances to keep one out of trouble (if anything can :-). The algorithm? Oh, sorry, but it's a HARDWARE random data generator! And if it's truly good random gen, there are no patterns to track... One can use it to create huge one-time pads, BTW... "Salt" some of the encrypted (or plaintext :-) messages with those... The only thing to be concerned of - the cipher [to be claimed a random data] shouldn't be crackable, and SHOULDN'T have any patterns! Or they could present an evidence, that the data isn't a product of your random gen... -- Regards, Uri uri@watson.ibm.com scifi!angmar!uri N2RIU ----------- From cypherpunks-request Thu Mar 11 12:44:24 1993 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: The Phantom Date: Thu, 11 Mar 93 12:42:28 PST To: cypherpunks@toad.com Subject: HIDE: embedding msgs into snd & graphics Message-ID: MIME-Version: 1.0 Content-Type: text/plain tcmay's comments on the use of DAT tapes to 'dub off' other recordings as the host-medium and to apply the signal to the low-end significant bits works out something I brought up earlier: checking the copy against the original. The idea of using a DAT tape as a mode of transport, however, doesn't appeal that greatly to me. To send a message, I have to pull out one of my prevoiusly recorded DAT host-tapes, then record over the 5th song with my mix of host/message pair, then fed-ex it (or hand-deliver it) to my target. If I take this signal and push it across internet, I no longer have the passive-looking DAT tape in my DAT music collection. Instead, I have a 900k sound file that I push across the net. Since the net is usually not used to push the latest Michael Jackson tune, it might raise a flag. Tim's comments are valid and definitely help solve problems on the physical level: now how about cyberspace? mt Matt Thomlinson University of Washington, Seattle, Washington. Internet: phantom@u.washington.edu phone: (206) 528-5732 PGP 2.2 key available via email or finger phantom@hardy.u.washington.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uri@watson.ibm.com Date: Thu, 11 Mar 93 09:33:35 PST To: thug@phantom.com (Murdering Thug) Subject: Re: Hiding Encrypted Messages In-Reply-To: Message-ID: <9303111731.AA20272@buoy.watson.ibm.com> MIME-Version: 1.0 Content-Type: text/plain Murdering Thug says: > I think it would be quite easy to hide encrypted text in music/sound or > graphics files. > 1. Use a SoundBlaster-type card to sample a given amount of music from a > radio/tape/cd/whatever using 8-bit samples at some low sampling rate > like 11,000 samples/second. This would give you a lot of music for the > space used. > 2. Then take an encrypted PGP file and dispurse it bit-by-bit into the > LSB (least-significant-bit) of each sample. This wouldn't distort the > sound sample to any extent noticable by the human ear. Thus each byte > of PGP file would be dispursed into 8 bytes of sound file. Thus if > you wanted to send a 20k PGP file, you would have to put it into a > 160k music file. > If you're ever forced to explain what that file contains (unlikely, since > you can always take the Fifth Ammendment) you can just play it on your > computer and have the NSA/SS/FBI/Whatever listen to James Brown go > "Hyeeeah... I feel good!" a) This method has essentially the same complexity, as one-time pad, but without it's strength. b) If it's played and recognized - one can trace your source (a CD, a tape of radio broadcast, whatever) and do a comparison. Then the file containing of all the LSBs is cryptanalyzed... I might be wrong IF those nice LSBs are too hard to track... But then again, you're facing the need to communicate that one-time pad... > +---------------+ +-------------------------------------------------+ > | ***** ___\!/_ * * * * | > Murdering Thug | * __/_ /|\ * * * * * | > | * / \ * * * * * | > thug@phantom.com | * | | * * * * | > | * \____/ * * * * | > | ***** * * * | > +---------------+ +-------------------------------------------------+ Oh yes, and I'm sure LOTS of people would join! (:-) -- Regards, Uri uri@watson.ibm.com scifi!angmar!uri N2RIU ----------- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Fogleman Date: Thu, 11 Mar 93 10:10:59 PST To: uri@watson.ibm.com Subject: Re: Hiding Encrypted Messages Message-ID: <9303111807.AA16545@ack.adstest.analog.com> MIME-Version: 1.0 Content-Type: text/plain > > 2. Then take an encrypted PGP file and dispurse it bit-by-bit into the > > LSB (least-significant-bit) of each sample. This wouldn't distort the > > sound sample to any extent noticable by the human ear. Thus each byte > > of PGP file would be dispursed into 8 bytes of sound file. Thus if > > you wanted to send a 20k PGP file, you would have to put it into a > > 160k music file. > > If you're ever forced to explain what that file contains (unlikely, since > > you can always take the Fifth Ammendment) you can just play it on your > > computer and have the NSA/SS/FBI/Whatever listen to James Brown go > > "Hyeeeah... I feel good!" > > a) This method has essentially the same complexity, as one-time pad, > but without it's strength. > Insert pgp-encrypted (not plaintext) into the sound file... It's then no weaker that pgp. > b) If it's played and recognized - one can trace your source (a CD, a > tape of radio broadcast, whatever) and do a comparison. Then the > file containing of all the LSBs is cryptanalyzed... Use a "windows sound system" board and record yourself talking -- No "reference source"... The codec on that board has better than two bits of noise per 16 bit word through the ADC channel... Nice idea, thug! =================================================================== Eric Fogleman eric.fogleman@analog.com Analog Devices Semiconductor Voice: (617) 937-2275 804 Woburn Street Fax: (617) 937-2024 Wilmington, MA 01887-3462 =================================================================== From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uri@watson.ibm.com Date: Thu, 11 Mar 93 10:17:48 PST To: Eric Fogleman Subject: Re: Hiding Encrypted Messages In-Reply-To: <9303111807.AA16545@ack.adstest.analog.com> Message-ID: <9303111815.AA20695@buoy.watson.ibm.com> MIME-Version: 1.0 Content-Type: text/plain Eric Fogleman writes: > > a) This method has essentially the same complexity, as one-time pad, > > but without it's strength. > Insert pgp-encrypted (not plaintext) into the sound file... It's then > no weaker that pgp. Please... I said: "It's as cumbersome, as one-time pad, but without one-time pad security." Yes, it can be made as secure as PGP, but it's still less safe, than one-time pad. > Use a "windows sound system" board and record yourself talking -- > No "reference source"... The codec on that board has better than > two bits of noise per 16 bit word through the ADC channel... Then you're creating a sort-of one-time pad, which you now must convey securely to your correspondent. And this system is still much less safe, than one-time pad, because of some possible regularities in the lower bits (now I admit I know very little of what such a recording would look like, so in fact it MIGHT be as safe as "real" one-time pad). Regards, Uri. ------------ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: covin@cs.uchicago.edu Date: Thu, 11 Mar 93 11:22:47 PST To: cypherpunks@toad.com Subject: Re: Hiding Encrypted Messages Message-ID: <9303111921.AA11361@tartarus.uchicago.edu> MIME-Version: 1.0 Content-Type: text/plain >Please... I said: "It's as cumbersome, as one-time pad, but >without one-time pad security." Yes, it can be made as >secure as PGP, but it's still less safe, than >one-time pad. I thought the point of hiding the message in a sound or picture file was to *hide* it, not to gain additional encryption. Any encryption you want to do on the message is a separate issue. Hiding the bits is just supposed to keep anyone from *trying* to decrypt it in the first place, and/or to allow you to claim if the message is intercepted that you weren't *really* sending encrypted messages. I suspect that if someone manages to decrypt the message, you just flat-out lose on the "plausible deniability" question. At least, if the message is fairly long, coherent, grammatical, etc. It's just too unlikely that a long coherent message will be hidden in any regular way in an otherwise random sequence of bits. A little statistical analysis might allow some happy government cryptographers to tell you exactly *how* unlikely it is that they'd find a message in your data by chance... As another way to muddy the waters, you might try making the original plaintext a bit muddled, ungrammatical, semi-incoherent, rife with misspellings, etc... :) -David ure that are ahead of the mainstream, oriented towards the near-future. This includes all realms of what is commonly called "new edge", "technoculture", or "cyberculture" -- a mishmash of postmodernism, psychedelics, hacking, raves, cyberspace, industrial music, cyberpunk fiction and realities, etc., that are proving to be important constructs in the evolution of world culture. The file continues to grow and morph, and the initial response to it prompted me to begin the FutureCulture E-List. Those who share an interest in the topics discussed in the file can participate in in-depth or light-hearted discussions via the FutureCulture E-list, which has proven to be an interesting and unique addition to the vastness of cyberspace. Readers and participants in FutureCulture have included at one time or another a wide variety of sociologists and anthropoligists, authors and writers, hackers, scientists, students, and prominent "cyber-" oriented figures. For a long time, I have dismissed print media in wake of the interaction I saw occuring via e-media, such as the FutureCulture list, and I would be one of those to shun society's love affair with paper in wake of advancing computer and networking technologies. Yet through a seemingly unending discussion regarding the scope of the popular phrase "information wants to be free", I have found my love affair with e-media to in fact be quite out of date. That may seem contradictory to some, yet if we are truly to arrive at an infoculture of global real-time interaction via cyberspace, we must first look at the world in which we currently inhabit. We live in a world where paper and television are the informational messangers of choice to the masses. Thus, in an attempt to further propagate information to as wide an audience as possible, I have begun [the] Infinite Edge zine. The zine will be printed in black & white and 8 1/2 x 11", using Macintoshes and laserprinters. Below follows a basic text outline of what [the] Infinite Edge will look like sans graphics and design, of course. I am looking for submissions and assistance with this project from all angles: fiction writers, essayists, ranters, graphic designers, artists, poets, etc. Submissions are welcome in any form, in any style, in any tone, though that is not a guarantee that everything I receive will be printed. I am looking for submisison as soon as possible, but feel free to send them in whenever you like. For first issue, send them in by the end of March. Due to lack of available resources, I am unable as of yet to reward monetarily those who contribute to [the] Infinite Edge. I have little money, and my primary interest is producing the highest-quality zine possible, containg an immense spectrum of information. If you would like to contribute to [the] Infinite Edge in any way, shape, or form, please send all queries, submissions, tips, words of wisdom, etc., to me on the Internet at: ahawks@nyx.cs.du.edu If you do not have Internet access, please send mail to: Andy Hawks 4290 South Mobile Cir. #D Aurora, CO 80013 USA By the way, I am looking at offering [the] Infinite Edge at a cost of $3 per issue. The first issue is not completed yet, but if you are anxious, please contact me via email or snail mail. Groovy. [the] Infinite Edge ___________________ Focusing on the Edges of Culture, examining the Fringes of Reason and the Reasons of Fringe, the Here and Now and Soon-to-Be, via unstrcutured Tones that Ebb and Flow from In-Form Information to Formless Rants of Altered States. [the] Infinite Edge is Divided into the following sections: GENESYS Notes from the Editor, Leters from those that Grep and/or Grok the Infinite Edge. 32-BIT Soundbytes of the World, Unite and Take Over. Blurbs pertaining to interesting news and products, quotes, technology, factoids, etc. MODERN Cultural Commentary - Realizing, Focusing, and Morphing the PostModern World. Rants, Essays, Theses, Observations, Predictions, Analyses, Streams and Rivers of Consciousness. -SUB The Depths of the Underground Subcultures. Rants, Essays, Theses, Observations, Predicions, Analyses, and Information. E+ The Virtual World. News, Notes, Notables and Quotables, Rants, Essays, Theses, Observations, Predictions, Analyses, Communication, Teknologies. VILLAGE VIEWS Interviews (I-Views) and E-Views with those who Surf, Ride, Make and Break the Edges of Culture. STREAMZ Fiction on The Edge: Transreal, Hyperreal, SlipStream, Cyberpunk, Post-Cyberpunk, [insert_any_word_here], etc. MEDI8 Reviewing, Analyzing, and Commentary regarding Popular and Underground Media: Books, Magazines, Zines, E-Zines, E-Books, Hypertext, Music, Film, Video, Television, Software, etc. MOBIUS One Last Informational Fix, Closing Words, Late-Crashing News, etc. If you would like to contribute to [the] Infinite Edge in any way, shape, or form, please send all queries, submissions, tips, words of wisdom, etc., to me on the Internet at: ahawks@nyx.cs.du.edu If you do not have Internet access, please send mail to: Andy Hawks 4290 South Mobile Cir. #D Aurora, CO 80013 USA From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Thu, 11 Mar 93 13:23:51 PST To: cypherpunks@toad.com Subject: Re: HIDE: embedding msgs into snd & graphics Message-ID: <9303112122.AA00150@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Matt Thomlinson writes: >The idea of using a DAT tape as a mode of transport, however, doesn't >appeal that greatly to me. To send a message, I have to pull out one of my >prevoiusly recorded DAT host-tapes, then record over the 5th song with my >mix of host/message pair, then fed-ex it (or hand-deliver it) to my >target. If I take this signal and push it across internet, I no longer >have the passive-looking DAT tape in my DAT music collection. Instead, I >have a 900k sound file that I push across the net. Since the net is >usually not used to push the latest Michael Jackson tune, it might raise a >flag. > >Tim's comments are valid and definitely help solve problems on the >physical level: now how about cyberspace? Granted, a DAT can carry more data in the LSBs--about 80 MB, about the length of 10 Bibles--than one really needs. The GIF option I mentioned allows a widely disseminated image file to contain about 32 KB in just the LSBs of a 512 x 512 x 8-bit gray scale image. A color image could easily hold three times more (LSBs in each color channel). And some GIFs are much larger than 512 on a side. So, a fairly long message could be inserted into the "noise floor" bits of a scanned or frame-grabbed image, or of a piece of "original art" and then posted worldwide in one of the GIF groups. Who knows what evil messages are even now being sent in GIFs of Cindy Crawford and Claudia Schiffer? Use your imagination and you'll see there are several other easy ways to hide messages. (Again, we're talking steganography--check the "Glossary" in the soda.berkeley.edu archives if this is new to you.) -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mbrennan@netcom.com (Michael Brennan) Date: Thu, 11 Mar 93 13:54:41 PST To: cypherpunks@toad.com Subject: cypherpunks-request mail is ignored Message-ID: <9303112153.AA03254@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain I hate to mail administrative requests to the whole group, but I had previously sent my request to cypherpunks-request to no avail. Is that not the correct address? Maybe the reason you all keep seeing unsubscribe requests mailed to the entire group is because such requests sent to cypherpunks-request are being ignored. Anyway, someone PLEASE unsubscribe me from this list. I would like to subscribe to cypherpunks-announce only. I can't handle this volume of mail. Thanks. ------------------------------------------------------------------------------ Michael Brennan Internet: mbrennan@netcom.com Applelink: M.BRENNAN Compuserve: 76206,2462 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jb@paris7.jussieu.fr Date: Thu, 11 Mar 93 05:17:35 PST To: cypherpunks@toad.com Subject: University Policies Message-ID: <0096959f.9201c152.25188@paris7.jussieu.fr> MIME-Version: 1.0 Content-Type: text/plain Hi, Following the thread about some Universities policy about using computing services I'd like to ask if you can send me YOUR Uni policy about the above matter. I'd like to make somekindda compilation of them and put it on our ftp server (smup7.jussieu.fr). Cheers, jb From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Thu, 11 Mar 93 13:24:44 PST To: derek@cs.wisc.edu (Derek Zahn) Subject: Re: Hidden encrypted messages In-Reply-To: <9303111501.AA26622@lynx.cs.wisc.edu> Message-ID: <9303112121.AA28347@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain > Alex's (good) idea about using creative spacing to hide an encrypted message > is similar to that what I'd originally proposed (and of course it has to > be hiding an *encrypted* message!). I've gotten a number of responses > of the form "Why not just claim that an encrypted message is data?", > but my original point was Plausible Deniability. That is, I was > postulating an environment in which Big Brother has outlawed cryptography. > Now, confronted with a confiscated message, the sender has to defend > himself from the Inquisition. Can't just claim it's a sound file; > the Inquisitor will want it played. The question I'm trying to answer So I say, "Damn! CRC Error! Must be a bad disk. Well, no point in keeping THIS sitting around." > is how to produce on demand a causal explanation of data (which actually > contains an encrypted message) that satisfies an investigator and > doesn't reveal the encrypted message. Some simple scheme like, "Uh, I understand what you want. Wish I understood how to do it. ;^) > it's the result of my new random number generation algorithm" isn't > likely to be *satisfying* and is certain to produce the response, > "OK, let's see the algorithm." +----------------------+----------------------------------------------------+ | J. Michael Diehl ;-) | I thought I was wrong once. But, I was mistaken. | | +----------------------------------------------------+ | mdiehl@triton.unm.edu| "I'm just looking for the opportunity to be | | Thunder@forum | Politically Incorrect! | | (505) 299-2282 | | +----------------------+----------------------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ghabrech@ultrix.ramapo.edu (George A. Habrecht) Date: Thu, 11 Mar 93 15:42:48 PST To: cypherpunks@toad.com Subject: No Subject Message-ID: <9303111959.AA03378@ultrix.ramapo.edu> MIME-Version: 1.0 Content-Type: text/plain Hello? I have asked several times and am starting to get pissed off!!!! So do as follows!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Get the message?!? Thanx ghabrech@ultrix.ramapo.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stu Klingman Date: Thu, 11 Mar 93 15:18:49 PST To: cypherpunks@toad.com Subject: FW: Hiding Encrypted Messages Message-ID: <9303112315.AA12701@netmail.microsoft.com> MIME-Version: 1.0 Content-Type: text/plain FWD'd from a secure redirector, Raf sez: Someone wrote: > b) If it's played and recognized - one can trace your source (a CD, a > tape of radio broadcast, whatever) and do a comparison. Then the > file containing of all the LSBs is cryptanalyzed... Actually, this is not really a problem. The odds of being able to resample, even using the same source and come up with the same byte string is infinitesmal. You've got chaos theory on your side here with massive "Sensitive Dependence on Initial Conditions." The exact byte string you got depends on: 1) volume 2) sampling device used 3) playback fidelity of your reproduction 4) the exact microsecond you clicked "record" (cause you'll be hitting different points in the same wave form) Just make sure to an application like Shredder or Flamefile to permanently erase your initial sample, and nobody should be able to tell. (unless they are aware of the trick beforehand) Rafial From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Thu, 11 Mar 93 15:20:45 PST To: cypherpunks@toad.com Subject: Re: Hidden encrypted messages Message-ID: <9303112319.AA12884@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Uri writes: >Probably creating a GIF/TIFF/whatever file yourself, >with normal consumer-grade equipment (noise-prone :-) >and substituting it's LSB (or whatever certainly lies >BELOW the noise floor) with bits of the message, does >sound like the best choice today. ..stuff elided... >Disadvantages: > 1) Somebody has to do it, to write code, to > buy a Camcoder (:-). I have a couple of camcorders, a video digitizer for my Mac, a scanner (1-bit only--bought as a bundle with TypeReader, a wonderful OCR program), etc. Equipment isn't the problem, per se, it's the lack of standards (e.g., so what if *I* put a message into a GIF with Adobe Photoshop--others have to be able to extract it). We won't be seeing digitized images as carriers of secret messages in wide use anytime soon. In this sense, I agree with Uri's point. > 2) May lead to outlawing of ALL the image and > sound transmission via electronic media, > if Big Brother gets really annoyed (:-). Doubtful--too widespread. JPEG, MPEG, and a zillion other image standards are spreading. Big Brother can't ban images, GIFs, JPEG stuff, QuickTime movies, etc., without shutting down the economy. And digitized voice works just as well for the LSB method, albeit with a different software approach. Modem-based voice handling systems are already widespread, and the "Internet Talk Radio" concept discussed here last week indicates the feasibility of sending packetized audio. Such a mail system is already available for the NeXT, I gather. -Tim -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uri@watson.ibm.com Date: Thu, 11 Mar 93 14:18:16 PST To: J.Michael Diehl Subject: Re: Hidden encrypted messages In-Reply-To: <9303111501.AA26622@lynx.cs.wisc.edu> Message-ID: <9303112216.AA15346@buoy.watson.ibm.com> MIME-Version: 1.0 Content-Type: text/plain > So I say, "Damn! CRC Error! Must be a bad disk. Well, no point in keeping > THIS sitting around." Yeah, but remember, in the world we're heading to, presumption of innocence is worth even less, than President's word! Then it will be *your* responsibility to satisfy the Inquisitor, or he might not let you out from his building, where you were invited to explain yourself and your messages. (:-) (:-( > > is how to produce on demand a causal explanation of data (which actually > > contains an encrypted message) that satisfies an investigator and > > doesn't reveal the encrypted message. Some simple scheme like, "Uh, > > it's the result of my new random number generation algorithm" isn't > > likely to be *satisfying* and is certain to produce the response, > > "OK, let's see the algorithm." And the response to this will be: "Sure, here it is, this nice hardware implementation. You may have it, if you wish!" (:-) It's fool-proof, but still the Big Brother might dislike your desire to play with those bad random generators, and decide, that you better be kept in KZ-camp... Probably creating a GIF/TIFF/whatever file yourself, with normal consumer-grade equipment (noise-prone :-) and substituting it's LSB (or whatever certainly lies BELOW the noise floor) with bits of the message, does sound like the best choice today. Advantages: 1) Doesn't look suspicious, no more, than "traditional" sending photos of your house, family, yourself... 2) Has enough of bandwidth to communicate reasonably large personal messages (though a binary og PGP might not fit into a "normal" GIF file :-). 3) Requires only widely available consumer appliances (Camcoder, digitizer, .....). 4) The image doesn't have to be known to your correspondent in advance (a big one!). Disadvantages: 1) Somebody has to do it, to write code, to buy a Camcoder (:-). 2) May lead to outlawing of ALL the image and sound transmission via electronic media, if Big Brother gets really annoyed (:-). [Don't laugh, you! Look at the latest Scanner Bill! :-] Regards, Uri. ------------ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: blojo@sting.Berkeley.EDU (Jon Blow) Date: Thu, 11 Mar 93 18:59:47 PST To: cypherpunks@toad.com Subject: Re: HIDE: embedding msgs into snd & graphics Message-ID: <9303120259.AA03718@sting.Berkeley.EDU> MIME-Version: 1.0 Content-Type: text/plain > I would have it take a GIF file and a > binary file to be embedded, and produce an output GIF with the low order > bit of each byte changed to be the next bit of the embedded binary file. I've been thinking about writing this too, but, alas, I have been too busy. If you write this program, I would encourage you to support encoding/decoding in more than just GIF files. My main reasoning behind this is something like: if there is one piece of software that is commonly used to hide data in noise bits, and it only supports one format, then things in that one format are automatically suspect-- it's almost as bad as not hiding the data. I'd encourage you to support JPEG and sunaudio formats (though the info density one could store in each of these is probably a lot lower than what you could pack into a GIF), as well as some less-used formats like tiff and rast. Hmm... and if you can figure out how to pack a useful amount of data into an XPM, I'll be really impressed. I don't know if you actually know GIF format (I don't) but I know that you'd have to do some reasonably intelligent churning of the data. For one, it's just not going to be as easy as dropping a noise bit from each n-byte set; GIF format is fairly compressed as I understand. Also, if you're not careful, you'll end up with a picture that chokes displays after encoding that worked fine before encoding. (Many machines have 8-plane displays, which means a 256-color colormap. If you mess with the noise bits on a GIF that has 200 colors, you're going to come up with one that has 400 colors. Many display programs (like xv) will compress the colormap when they see this; the X server will also slide colors together when you allocate things and the map is full. BUT, such high-colormap-size gifs would basically have "I AM A CONTAINER FOR ENCRYPTED DATA" tattooed on the backs of their necks. -J From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mbrennan@netcom.com (Michael Brennan) Date: Thu, 11 Mar 93 19:56:21 PST To: cypherpunks@toad.com Subject: CYPHERPUNKS=EMAIL HARASSEMENT? Message-ID: <9303120354.AA14008@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Hopefully my subject line got someone's attention. I just received a 3K file in my mailbox from George A. Habrecht with lines repeating over and over "Please unsusbcribe me!!!" Perhaps many of you simply deleted it without even noticing what the mail said. But you should all take note that the cypherpunks list is starting to piss off a lot of people who would be supportive of what you are doing if not for the huge volumes of unwanted mail. Loading up peoples mailboxes with unwanted mail is IRRESPONSIBLE! Is this what cypherpunks wants to become known for on the net? It's really very simple: if someone send an unsubscribe request, it should be honored. There's no excuse for ignoring such requests. Clearly someone is asleep at the wheel here and the situation needs to be rectified. The cypherpunks list is increasingly running the risk of some vengeful retaliation from a pissed off individual frustrated at having their "unsubscribe" requests repeatedly ignored. Is this what the cypherpunks want? I'm not saying that Mr. Habrecht would do such a thing. I'm simply saying that it is a real possibility that someone may be tempted to do such a thing, and it could be easily avoided if whoever is supposed to be overseeing this list would get their act together! I was annoyed at getting that 3K file in my mailbox, but I am completely sympathetic to his frustration. I am saddened by seeing cypherpunks so insensitive to this frustration and oblivious to the anger that some people are starting to feel toward this list. Do you not care that cypherpunks is developing a tarnished reputation because of this? Don't any of you cypherpunks think that maybe sending huge volumes of unwanted mail to people is innappropriate? Don't you think that maybe someone should get their act together and rectify this situation?!!! My esteem for this group is dropping lower and lower with each passing day that I see my and others' "unsusbscribe" requests being ignored. It truly saddens me because i think that the mission of this group is a worthy one, but it is becoming tarnished by this maling list fiasco. I think it's very sad. P.S. If someone DOES finally get their act together on this, I'll like to subscribe to cypherpunk-announce only. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: New World Fnorder Date: Thu, 11 Mar 93 20:28:13 PST To: cypherpunks@toad.com Subject: UNSUBSCRIBE Message-ID: <9303120425.AA24535@enet-gw.pa.dec.com> MIME-Version: 1.0 Content-Type: text/plain I, too, am finding it impossible to get off this list. I hope the list admistrator can get his server fixed and take me off the list soon. I don't want to be reduced to bombing the list with massive unsubscribes! From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Thu, 11 Mar 93 17:43:30 PST To: Subject: HIDE: embedding msgs into snd & graphics Message-ID: <930312013441_74076.1041_DHJ25-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain Tim mentions that Adobe Photoshop can be used to overlay messages into the low-order bits of a graphics image. Photoshop is expensive, so I'm wondering whether it would be worthwhile for me to write a simple, free utility just for this purpose. I would have it take a GIF file and a binary file to be embedded, and produce an output GIF with the low order bit of each byte changed to be the next bit of the embedded binary file. For output, it would do the opposite - produce a binary file determined solely by the low-order bits of the GIF file. I played with GIF a few years ago and wrote a viewer, so I have some familiarity with that format. It doesn't sound too hard to write a program like this. One concern is whether such a program would be redundant, whether widely available tools already exist to perform the same function. Perhaps there are PD image-processing tools that could be adapted. If anybody knows of any please let me know. For this kind of program to be useful, you'd want to use PGP in its long-discussed "stealth mode". This would be a mode in which PGP would produce output that was basically indistinguishable from random data. Presently PGP puts out some header fields which can be used to recognize that a file is a PGP file. Stealth mode would suppress this information. PGP would not be able to automatically choose which key to use to decrypt such a file, but since most people have only one secret key this would not be a big problem. The PGP developer's group has been talking about this for a long time (over a year) but nobody has cared enough to do anything about it. Maybe it should be done. Hal Finney 74076.1041@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mbrennan@netcom.com (Michael Brennan) Date: Thu, 11 Mar 93 21:12:21 PST To: cypherpunks@toad.com Subject: Re: CYPHERPUNKS=EMAIL HARASSEMENT? Message-ID: <9303120510.AA20163@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain >I sent a letter to the person you talked about, from what I have read >you should send your request to the same address that was used to join >the list. > with the subject being what ever it is >you want done to your name in ref. with the list. > > Dan :) > > I myself was not impressed with his stupid little note. You are very wrong! As a matter of fact, I have sent unsubscribe requests to cypherpunks-request and those requests have been ignored! That's why I sent this last message of mine to the whole list. I'd be willing to bet that the individual who sent the 3K file had also attempted initially to send his request to cypherpunks-request and had his request ignored. In fact, it's quite possible that MANY of the people who have sent their "unsubscribe" requests to the whole list have done so because initial requests sent to cypherpunks-request were ignored! Brushing this matter aside as a non-issue and pretending there is no problem will not make the problem go away! UNSUBSCRIBE REQUESTS SENT TO CYPHERPUNKS-REQUEST ARE BEING IGNORED!!! Certainly you cypherpunks can understand the disaster you are inviting upon yourselves if you continue to piss people off with huge volumes of unwanted mail. I repeat: UNSUBSCRIBE REQUESTS SENT TO CYPHERPUNKS-REQUEST ARE BEING IGNORED!!! Have some consideration, folks, and fix the damn problem!!!! ----- Michael Brennan - mbrennan@netcom.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Doug Humphrey Date: Thu, 11 Mar 93 18:25:01 PST To: cypherpunks@toad.com Subject: [CRYPT: Dingaling Denning & random # generators] Message-ID: <199303120223.AA11719@access.digex.com> MIME-Version: 1.0 Content-Type: text/plain >As I posted once to sci.crypt: encrypted communication is virtually >interchangeable with and indistinguishable from communication itself. >How does someone `know' that you are encrypting a message? This is not strictly true. While someone might not be able to tell that you are engaged in the act of encrypting a message, the transmission of encrypted communications is often detectable. Spread spectrum transmissions often look like an increase in the noise floor of certain communications channels, prompting systems to think that there are malfunctions, and to dispatch someone to take a look at the facility. If they throw a spectrum analyser on it, it doesn't look like valid data in most cases, just noise. With voice communications it is easy to recognize the patterns that speech generates, and they look very different from the randomness that simple crypto produces. Unless one uses a post-crypto wave shaper to simulate the amplitude changes that speech produces, it is simple to build a circut that can make a pretty accurate evaluation of voice/data/crypto going by it. Nothing more difficult in 1993 than was the first 2600 hz detector circut when it was put into widespread production use in the phone network. In fact, given that modern switches are already digitizing the signals, a little DSP hardware should make quick work of the first cut, narrowing down which lines should receive harder evaluation to see if people are trying to protect their privacy. >To do something like have completely tappable communications, we'd need >half the country to monitor the other half, to make sure nothing out of >context is going on. You under estimate some technologies ;-) >Only problem with this is, who monitors the monitors? Who watches the watchmen? >No, I don't buy that paranoid plop about how it would be "trivial" to >set up filters that "detect" encryption, or that this is happening on a >widespread scale by the NSA in the U.S. This is an absolutely absurd >claim. It would not be trivial. On the other hand, an order allowing the modification of the entire telephone network to allow the FBI to have "most-favored-wiretapper" status is also non-trivial, and some are trying to make it happen. >These mechanisms could be just as trivially defeated (although >a-priori knowledge of their function may be required). People who >think encryption is different from communication think that symbols are >different than letters. Speaking as a programmer, good luck explaining >it to a computer. Maybe you over-estimate technology here. We are not talking about breaking crypto here, just detecting it. By its nature it changes the overall composition of the data. Randem data still looks random, it is true, but a phone call represents a certain context, and within that context there is an expected behaviour pattern (or ten or twenty behaviours, but it makes no difference). Within the context, it can be easy to see the change that crypto brings, unless there are active means taken against it. Doug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Thu, 11 Mar 93 21:42:33 PST To: cypherpunks@toad.com Subject: HABRECHT=EMAIL HARASSEMENT Message-ID: <9303120541.AA23327@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain <> Michael Brennan writes: >Hopefully my subject line got someone's attention. >I just received a 3K file in my mailbox from George A. Habrecht with >lines repeating over and over "Please unsusbcribe me!!!" Perhaps many >of you simply deleted it without even noticing what the mail said. But you >should all take note that the cypherpunks list is starting to piss off > a lot of people who would be supportive of what you are doing if not >for the huge volumes of unwanted mail. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ (My mail reader said nearly 80 kilobyes...perhaps your figure was in _lines_?) I don't know what the delay has been in unsubscribing people. As always, send requests to the list maintenance address, "cypherpunks-request@toad.com". The list manager, Eric Hughes (hughes@soda.berkelely.edu), has been away at the CFP conference this week...perhaps this is part of the delay. In any case, the 80 KB (according to my mail reader, Eudora) file was sent by George Habrecht, and was not "caused" by Eric Hughes, nor was it caused by "the cypherpunks list." So lighten up on this point, will ya? >Loading up peoples mailboxes with unwanted mail is IRRESPONSIBLE! >Is this what cypherpunks wants to become known for on the net? It's really >Don't any of you cypherpunks think that maybe sending huge volumes of >unwanted mail to people is innappropriate? Don't you think that maybe >someone should get their act together and rectify this situation?!!! Huh? Like I said, it was Mr. Habrecht who sent the "huge volumes of unwanted mail" and not the Cypherpunks list (unless you're advocating that someone screen postings for content and length?). So if you're angry at getting an 80 K file, be angry at Habrecht. His frustration at having to wait some extra time to get off the list is no excuse for mail-bombing a couple of hundred people! The average Cypherpunks message is about 3 KB, or about 4% of Habrecht's message. With about 25 Cypherpunks messages a day (I'm guessing), Habrecht equalled the average list volume in his angry action. If there are 200 subscribers, then he caused roughly "200 list-days" of mail to go out to readers...all because he couldn't get off the list exactly when he gave the order! As for the average mail volume...well, it is fairly light compared to some other mailing lists. And it is not the list manager who determines the volume, it is of course the list members. The list software simply "reflects" incoming messages to the distribution list...if people write a lot, a lot goes out. Q.E.D. As Sinbad O'Connor would put it: "Know the real enemy." -Tim May P.S. What I did was to _reply_ to Mr. Habrecht, explaining the situation. I attached my reply to a *quoted copy* of his message AND MAILED IT BACK TO HIM! (Actually, my mailer splits incoming messages into 24 KB pieces, so I only mailed one of these back to him....he got off lucky. If several more people do this, he'll think twice about mail-bambing a list again.) -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc.Ringuette@GS80.SP.CS.CMU.EDU Date: Thu, 11 Mar 93 18:48:39 PST To: cypherpunks@toad.com Subject: spread spectrum; secret sharing Message-ID: <9303120248.AA09181@toad.com> MIME-Version: 1.0 Content-Type: text/plain I'd like to find a brief tutorial on spread spectrum communications. I'd also like to become familiar with a decent secret sharing protocol (say, to share a secret among N people so that any K of them can obtain the secret but no K-1 of them can). Anyone have anything to offer me? -- Marc Ringuette (mnr@cs.cmu.edu) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc.Ringuette@GS80.SP.CS.CMU.EDU Date: Thu, 11 Mar 93 19:05:22 PST To: cypherpunks@toad.com Subject: Tagging data to detect thieves Message-ID: <9303120305.AA09556@toad.com> MIME-Version: 1.0 Content-Type: text/plain I've done some further thinking on the text tagging problem, spurred by a question on sci.crypt about tagging pictures (under the subject line "Permanent signatures for pictures"). Here's a summary. ---- Let's say Dow Jones wants to sell newswire subscriptions to individuals, but someone is anonymously forwarding their articles to a newsgroup. Can they succeed in tagging the text to detect the thief? The idea is to make some small twiddle to each subscriber's copy of the text, so that the stolen copy can be matched with some subscriber and their subscription cancelled. Short answer: the thieves win. At first, I thought the answer was the opposite. ---- There are two issues which must be addressed in order to show that the tagger wins: 1. The taggee must not be able to "smooth away" all of the tag bits. 2. The taggee must not be able to cross-correlate multiple copies of the data in question in order to produce a "clean" version. Regarding issue #1, the basic techique is to alter a few features of your data which are important enough that your opponent can't afford to randomize ALL such bits. In the case of text, small changes in word choice are a good candidate. Two criteria are: A. The changes must be "important" enough that the thief can't smooth them all away. B. The changes shouldn't be "important" enough that the newswire becomes worthless! The tagger has an advantage in this case, though. He can change, say, 1 in 1000 of these "important, non-smoothable-away" candidate bits. If the thief wants to cancel them out and only has a single copy of the picture, he must somehow canonicalize _all_ of the candidate tag bits, or some very large proportion of them. So if your tagging process does a little bit of "damage" to your data, like in the map-maker case of adding an extra small street here and there, then the opponent must either try to detect exactly where your damage is, or must make wholesale changes to the data (such as removing all small roads altogether). The thief, in trying to cover up your damage, must make a thousand times as much damage. Choose your damage level appropriately so that your level of damage isn't too much but the thief's is. ---- Issue #2, thieves cross-correlating between multiple copies of the data, is a bit more subtle. Here's the scenario: Dow Jones has 10,000 customers, 64 of whom are in a conspiracy to steal and re-sell the newswire. Dow Jones tries various tagging strategies, altering whitespace and word choice individually for each subscriber. The thieves try to cross-correlate between their copies of the text in order to "cancel out" the tags from the copy which they wish to re-sell. Can Dow Jones detect the thieves and cancel their subscriptions? In the discussion below, when Dow Jones "twiddles a bit" of their newswire, they do so by substituting a word's synonym at a chosen location, using a separate (possibly biased) coin flip for each subscriber. Here are the strategies I've considered. Dow Jones strategy: twiddle some bits with probability 0.5. If the thieves use majority vote, each thief will have a reasonably high correlation with the output bits. (In fact, the probability of a match will exceed 50% by approximately the chance of a tie vote among the thieves, which is about 0.8/sqrt(n) where n is the number of thieves. This computation is a bit hairy.) Thief countermeasure: reliably detect which bits are being twiddled (by cross-checking between, say, 64 different subscriptions) and flip a fair coin to determine the output. There's a chance of only 2 in 2^64 that the thieves fail to detect the twiddle. Dow Jones strategy: twiddle some bits with low probability (e.g. p=0.01). Reasonably often, the bit values will be the same for all thieves. If the thieves use the flip-a-coin strategy, we can determine which tag bits they've failed to detect, and identify them that way. Thief countermeasure: use a majority vote. Dow Jones strategy: hybrid of the two. Thief countermeasure: hybrid of the two. Flip a coin if the vote is fairly even, go with the majority if the vote is uneven. For example, get 64 subscriptions, go with the majority vote if fewer than 16 dissenters, flip a fair coin otherwise. This last strategy for the thieves is the one I can't beat. Theoretical help, anyone? -- Marc Ringuette (mnr@cs.cmu.edu) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: thug@phantom.com (Murdering Thug) Date: Thu, 11 Mar 93 18:59:00 PST To: cypherpunks@toad.com Subject: Re: [CRYPT: Dingaling Denning & random # generators] In-Reply-To: <199303120223.AA11719@access.digex.com> Message-ID: MIME-Version: 1.0 Content-Type: text/plain Doug Humphrey writes: > > >As I posted once to sci.crypt: encrypted communication is virtually > >interchangeable with and indistinguishable from communication itself. > >How does someone `know' that you are encrypting a message? > > This is not strictly true. While someone might not be able to tell > that you are engaged in the act of encrypting a message, the > transmission of encrypted communications is often detectable. > Spread spectrum transmissions often look like an increase in the > noise floor of certain communications channels, prompting systems > to think that there are malfunctions, and to dispatch someone to > take a look at the facility. If they throw a spectrum analyser > on it, it doesn't look like valid data in most cases, just noise. > > With voice communications it is easy to recognize the patterns > that speech generates, and they look very different from the > randomness that simple crypto produces. Unless one uses a > post-crypto wave shaper to simulate the amplitude changes that > speech produces, it is simple to build a circut that can make a > pretty accurate evaluation of voice/data/crypto going by it. > Nothing more difficult in 1993 than was the first 2600 hz > detector circut when it was put into widespread production use > in the phone network. In fact, given that modern switches are > already digitizing the signals, a little DSP hardware should > make quick work of the first cut, narrowing down which lines > should receive harder evaluation to see if people are trying to > protect their privacy. Why not send your PGP encoded files using V.27 or whatever the 9600 baud fax transmittion modulation is? By the year 2000, there will be around 40 million fax machines in the U.S. Assuming the FBI/NSA/ASPCA can tell apart voice from fax by scanning all the phone trunks in the U.S. with high speed parallel computers, it wouldn't help them if there are around 100 million fax transmissions taking place each day. No way in hell are they going to pick up your signal from the other 99,999,999 fax transmissions taking place that day, and then spend the rest of their lives trying to crack your PGP message. The same can be said about modems. If Prodigy, America Online, and Compuserve keep up their newbie recruitment pace, about 50% of the homes in the U.S. will have modems by the year 2000. And don't tell me they can build computers that can distinguish between a PGP file transmission and some hormone crazed 15 year old dork downloading the latest GIF of Cindy Crawford or a ZIPed ware. I've looked at hexdumps of GIFs and ZIPs and for all practical purposes they look about as random as PGP data. If the NSA can build a parellel computer that scans all the trunks in the U.S. simultaneously AND can tell the difference between PGP streams and ZIP/GIF file data streams, then I just might as well go and shoot myself right now. Thug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter & Date: Thu, 11 Mar 93 22:17:57 PST To: cypherpunks@toad.com Subject: Re: HIDE: embedding msgs into snd & graphics In-Reply-To: <9303112122.AA00150@netcom.netcom.com> Message-ID: <9303120608.AA28356@merde.dis.org> MIME-Version: 1.0 Content-Type: text/x-pgp -----BEGIN PGP SIGNED MESSAGE----- > >The GIF option I mentioned allows a widely disseminated image file to >contain about 32 KB in just the LSBs of a 512 x 512 x 8-bit gray scale >image. A color image could easily hold three times more (LSBs in each color >channel). And some GIFs are much larger than 512 on a side. IT should be trival to include date into GIFs (or most any other non-lossy formats) using the ppmplus library. giftoppm Image.gif | ppmInsertData data.pgp | ppmtogif > Image2.gif where ppmInsertData is a program that modifies the data stream using the file data.pgp as the crypt data source to extract just a command simular to: ppmExtractData < Image2.gif > data.pgp for sound file it would just as easy (in fact I am almost tempted to write some demo code but I have more email to attend to :-) -Pete -----BEGIN PGP SIGNATURE----- Version: 2.2 iQBFAgUBK6Aoxchmn7GUWLLFAQFSRQF+LvzpcW2fx/+FFklWI4RtW27E2GuWbfJn nun4KJ1YAzsf/lwxF/KcaGeGq6NwS6AP =vcGK -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mark C. Henderson Date: Thu, 11 Mar 93 23:18:36 PST To: cypherpunks@toad.com Subject: Re: CYPHERPUNKS=EMAIL HARASSEMENT? Message-ID: MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Subject: Re: CYPHERPUNKS=EMAIL HARASSEMENT? On Mar 11, 21:16, Michael Brennan wrote: } Subject: Re: CYPHERPUNKS=EMAIL HARASSEMENT? } } Brushing this matter aside as a non-issue and pretending there is no } problem will not make the problem go away! UNSUBSCRIBE REQUESTS SENT TO } CYPHERPUNKS-REQUEST ARE BEING IGNORED!!! Well, sending a 3000 line file to hundreds of people, wasn't the correct response to the situation. But, to add something constructive, why don't we use majordomo to handle list additions and delections automatically? Mark - -- Mark Henderson mch@squirrel.wimsey.bc.ca markh@wimsey.bc.ca -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK6A2sPfE/ap/JEqpAQEK6AQAqejFaX3122HwrkLibTYr/rEGEoL6qpSv sSn2oVxoOJXc+R52P8RCZzfp/X0O5tp92tUf4sAL2YKIlb72W2y9rXZ9TXMxpmxi AgRqqpts1uoKAfUMBaM9Lr0QJ2V7fnMRjOJiu2mU/bSbC4Tzr15reKjmhkQDDZXo FoybTVchSEw= =3DYZ -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eli Brandt Date: Thu, 11 Mar 93 23:38:53 PST To: cypherpunks@toad.com Subject: Re: HIDE: embedding msgs into snd & graphics In-Reply-To: <9303120259.AA03718@sting.Berkeley.EDU> Message-ID: <9303120738.AA15498@toad.com> MIME-Version: 1.0 Content-Type: text/plain > I don't know if you actually know GIF format (I don't) but I know that you'd > have to do some reasonably intelligent churning of the data. For one, it's > just not going to be as easy as dropping a noise bit from each n-byte set; > GIF format is fairly compressed as I understand. What you'd want to do is uncompress the byte stream, twiddle the low bits, and LZW it back up. Well, that's easy enough. The problem is that GIFs are colormapped, and the map need have no coherence between entries 8 and 9. Even optimally arranged (a non-trivial task; looks like the salesman travels colorspace...), that low bit is probably going to be significant enough to munge things visibly. What you'd have to do is remap the file to 128 colors, duplicate them in the colormap, and encode your message in the choice of identical entries. Unfortunately, most images look bad enough mapped to 256 colors, and will degrade further in 128. Though I suppose nobody really wants to look at the image anyway... Your compression is also going to die. This may provide a quick way to scan for this technique, and finding a redundant colormap is a dead giveaway of either secrecy or stupidity. You could fix that by tweaking twin colors slightly, adding a bit of visible noise. I think color images, as opposed to mapped, would be the way to go for steganography. More room, and nobody expects them to compress. > -J PGP 2 key by finger or e-mail Eli ebrandt@jarthur.claremont.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mbrennan@netcom.com (Michael Brennan) Date: Fri, 12 Mar 93 00:02:41 PST To: cypherpunks@toad.com Subject: Cypherpricks think they're cool Message-ID: <9303120801.AA05719@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain >Date: Fri, 12 Mar 1993 01:01-EST >From: Marc.Ringuette@GS80.SP.CS.CMU.EDU >To: cypherpunks@toad.com >Subject: Cypherpunks know they're cool > >Hey, man, we're the cypherpunks. We're too hip to worry about a >trivial little mail bomb. But if we did get upset...well, who >do you think has the bigger arsenal of dirty tricks, him or us? >Date: Thu, 11 Mar 93 21:41:04 -0800 >To: cypherpunks@toad.com >From: tcmay@netcom.com (Timothy C. May) >Subject: HABRECHT=EMAIL HARASSEMENT > >P.S. What I did was to _reply_ to Mr. Habrecht, explaining the situation. I >attached my reply to a *quoted copy* of his message AND MAILED IT BACK TO >HIM! (Actually, my mailer splits incoming messages into 24 KB pieces, so I >only mailed one of these back to him....he got off lucky. If several more >people do this, he'll think twice about mail-bambing a list again.) What arrogant little pricks you are, Mr. Ringuette and Mr. May! So is this what cypherpunks is really all about: "dirty tricks", "mail bombs", endless harassment of people on the net who simply wish to be left alone? I had originally thought that cypherpunks had higher objectives in mind than that, but evidently at least some of you simply fancy yourselves as some sort of cyber-terrorists (although you're really no better than petty vandals). I've seen many of you raise issues about responsibility on the net. Is proving that you have a "bigger arsenal of dirty tricks" you're idea of responsibility? And do you really think that cypherpunks could survive such a war? You yourselves have admitted that you have many enemies in your quest for net privacy and anonymity. Do you foolishly believe that they won't seize upon this irresponsible behavior on your part and use it to prove their point? You will only succeed in bringing about precisely what you claim to oppose: oppressive controls on the internet to stop petty vandals like yourself. I would hope that there are some among you that have some scrap of sanity left, and realize that there is nothing to be gained from bringing a needless war down upon yourselves. Wise up! From tcmay: >I don't know what the delay has been in unsubscribing people. As always, >send requests to the list maintenance address, >"cypherpunks-request@toad.com". The list manager, Eric Hughes >(hughes@soda.berkelely.edu), has been away at the CFP conference this >week...perhaps this is part of the delay. I sent one request to cypherpunks-request about three weeks ago, and a second about a week ago. Was Eric Hughes at the CFP conference then? And you may have noticed that a third person has now stepped forward and expressed frustration over being in the same predicament. Do you still want to pretend there is no problem? What will it take for you to realize there is: the third person, the fourth, fixth, sixth? I'll say it again: Wise up! I've been very patient over this, but I'm disgusted at your arrogant promises of "dirty tricks" and "mail bombs" against those who simply want to unsubscribe from the list! What phenomenal assholes you are!!! ----- Michael Brennan - mbrennan@netcom.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl Barrus Date: Thu, 11 Mar 93 22:17:22 PST To: cypherpunks@toad.com Subject: CASH/BANK: combo Message-ID: <199303120616.AA20557@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Hal saw through my laziness attempt: I thought it would be "easiest" for a cash accepting remailer to increment an account (marking bills as spent) and have users request more bills from the bank rather that filter requests through me. However, this does lead to a perpetually full bank account... But actually, a full service bank isn't required (although maybe that would be nice) - all that's really needed is for the remailer software to compare the included digicash versus a spent cash list and a valid cash list. The banking portion need only be one command for me to use: one that deposits newly created cash into the valid cash list. When a letter arrives, the digicash is checked, added to the spent cash list, and re-routed. For privacy, requests for digicash could come to me via anonymous remailers, along with the appropriate header to allow me to respond. This would render logs relating digicash and user useless, since I wouldn't know who is requesting digicash bills. On the other hand, somebody could store up several digicash bills by routing their request through the various remailers. But I'll accept that risk, hoping that nobody on this list would prepare a email attack (except for the unfortunate folks who can't seem to unsubscribe :-) JUST KIDDING!!) /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK6Ap24OA7OpLWtYzAQHZQAQAo2ofd6lPBx/7XMR3Jr+7G2atMzevNcj3 Wtdrjr1GQJ+15z9duu3vh3yyV4j0rswyJlqp3eJZPCcb1NgEeKVZ1pP54YjDRwL2 UOKcHD55g+SIckIYVE+VFo4s2Ha8CKgtRgHmRV6+MJgiheBBOaOQxjFqRMpru3pO fE9mYRkNUII= =NyB0 -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ghabrech@ultrix.ramapo.edu (George A. Habrecht) Date: Thu, 11 Mar 93 21:30:20 PST To: cypherpunks@toad.com Subject: UNSUBSCRIBE ME!!!!! Message-ID: <9303120533.AA14817@ultrix.ramapo.edu> MIME-Version: 1.0 Content-Type: text/plain DAMN!!!!! UNSUBSCRIBE ME ALREADY!!!!! GHABRECH@ULTRIX.RAMAPO.EDU ghabrech@ultrix.ramapo.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: blojo@sting.Berkeley.EDU (Jon Blow) Date: Fri, 12 Mar 93 00:53:27 PST To: ebrandt@jarthur.Claremont.EDU Subject: Re: HIDE: embedding msgs into snd & graphics Message-ID: <9303120852.AA03893@sting.Berkeley.EDU> MIME-Version: 1.0 Content-Type: text/plain > I think color images, as opposed to mapped, would be the way to go > for steganography. More room, and nobody expects them to compress. Yeah; but even if we're talking full 24-bit images, we're going to have problems. Once 24-bit displays become standard, I really doubt that there will be many images stored in a non-lossy format. And once you try to hide data in a lossy encoding scheme, you run into a lot (though not all) of the problems you have with colormaps. It would be a lot easier to hide data in an image if one had a control-image (the original) as well as the altered-image (the one holding the message), but this defeats half the niftiness of trying to do things this way. > Eli ebrandt@jarthur.claremont.edu -J. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Theodore Ts'o Date: Thu, 11 Mar 93 21:55:35 PST To: thug@phantom.com Subject: Re: [CRYPT: Dingaling Denning & random # generators] In-Reply-To: Message-ID: <9303120554.AA28908@SOS> MIME-Version: 1.0 Content-Type: text/plain From: thug@phantom.com (Murdering Thug) Date: Thu, 11 Mar 93 21:49:43 EST And don't tell me they can build computers that can distinguish between a PGP file transmission and some hormone crazed 15 year old dork downloading the latest GIF of Cindy Crawford or a ZIPed ware. I've looked at hexdumps of GIFs and ZIPs and for all practical purposes they look about as random as PGP data. If the NSA can build a parellel computer that scans all the trunks in the U.S. simultaneously AND can tell the difference between PGP streams and ZIP/GIF file data streams, then I just might as well go and shoot myself right now. Er.... you might want to get your gun out..... the middle of hexdumps of GIF's and ZIP's and PGP files may look the same, but the file headers are quite distinguishing. If you want to hide encrypted data, each person needs to find their own way of doing it ---- if everyone hides it in the low bits of a GIF file, it would be very simple for the NSA to scan GIF files to see if the low bits looked like the header of a PGP file..... - Ted From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc.Ringuette@GS80.SP.CS.CMU.EDU Date: Thu, 11 Mar 93 22:05:33 PST To: cypherpunks@toad.com Subject: Cypherpunks know they're cool Message-ID: <9303120605.AA13446@toad.com> MIME-Version: 1.0 Content-Type: text/plain Hey, man, we're the cypherpunks. We're too hip to worry about a trivial little mail bomb. But if we did get upset...well, who do you think has the bigger arsenal of dirty tricks, him or us? Heh. Marc p.s. I'm being interviewed by a campus radio show, regarding cypherpunk-related stuff. I'd welcome any suggestions on topics to bring up, or ammunition to add to my pro-privacy and pro-anonymity arguments. Send them directly to me and I'll summarize to the list. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ghabrech@ultrix.ramapo.edu (George A. Habrecht) Date: Thu, 11 Mar 93 22:05:13 PST To: tcmay@netcom.com Subject: Re: HABRECHT=EMAIL HARASSEMENT Message-ID: <9303120608.AA15248@ultrix.ramapo.edu> MIME-Version: 1.0 Content-Type: text/plain A pesk, me? Ha! The only reason I did it was because I asked a month ago, politely, to be taken off and every day I still have a ton of junk messages in my mailbox. The other person (Name cut off in reply) was right. I'm sick and tired of reading some news about bullshit. I mean it seems that some people have been writing in whenever they have to take a crap. Some of the articles are excellent, some ok, but when you have to weed through 20-30-even 40 messages to get one or two good ones it's just not worth it. Therefore I wish to be taken off. If, in a while, things get straightened up I may resubscribe but for now, I don't have the time. George (The E-mail harrasser) Habrecht ghabrech@ultrix.ramapo.edu (for those who wish to mail my mailbox.... I'll nuke it anyway :) ). From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mbrennan@netcom.com (Michael Brennan) Date: Fri, 12 Mar 93 01:20:44 PST To: cypherpunks@toad.com Subject: Unacceptable slander by dclunie Message-ID: <9303120919.AA11896@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain >Date: Fri, 12 Mar 93 17:41:03 CST >From: dclunie@pax.tpa.com.au (David Clunie) >To: Postmaster@ultrix.ramapo.edu >Subject: Unacceptable behaviour by ghabrech >Cc: root@ultrix.ramapo.edu, ghabrech@ultrix.ramapo.edu, cypherpunks@toad.com > >>From one of the very popular mailing lists I received the following posting >by one of your users. While I can understand his frustration at having >difficulties unsubscribing from a relatively high volume list, or his >ignorance at not being aware that such requests should be directed to the >"x-request" alias not the "x" list, this is no excuse for such a long and >unpleasant post that has consumed considerable expensive bandwidth for no >good reason ... I am surprised you tolerate students with such a childish >attitude on your system and they do no credit to your institution's >reputation. [ abridged quote from metioned user's posting deleted...] Think about this scenario for a moment: dclunie sends mail to the system adiministrator of an institution complaining of the mail sent by a particular user. The system administrator confronts the user, who then explains the situation. He explains that he has sent numerous requests to be unsubscribed from the list, but they continue to send large volumes of mail. Out of frustration, he sends an 80K file to the list hoping it will get someone's attention. The mail continues, and several members of the list makes threats of "dirty tricks" and "mail bombs" against him. Now one of the "cypherpunks" is sending libelous mail to the system administrator. The system administrator now understands the situation; an educational institution on the net is made aware of a rapidly developing campaign of harrassment and vandalism by the cypherpunks. So what happens now? Are the cypherpunks winning? Are you people blind to what you are doing? What fools!!! What upsets me the most about all of this is that I am truly an advocate of net freedom, privacy, and anonymity. But the cypherpunks is setting itself up for a big fall and they threaten to tarnish the whole movement toward net freedom and privacy with their petty, puerile, and vandalous behavior! ----- Michael Brennan - mbrennan@netcom.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Thu, 11 Mar 93 23:56:36 PST To: Subject: Tagging data to detect thieves Message-ID: <930312075211_74076.1041_DHJ35-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain Mark Ringuette asks about schemes to detect which copies of some proprietary information were used to resell the data. I recall reading a paper on this in the proceedings of one of the crypto conferences within the past several years. Unfortunately, I don't have a more accurate reference handy. The authors referred to this problem as "digital fingerprinting" (i.e. adding a "fingerprint" to each copy of a document). As I recall, the idea was to twiddle bits in such a way that any subset of copies up to a specified size would have a certain number of identically twiddled bits. The thiefs who cross-correlate 64 (or however many) copies will not know about the bit twiddles which were common to all 64 copies. Their output will still contain those common bit-twiddles, and this information allows the thiefs to be caught. The paper shows a formula for the number of possible bit-twiddle-places and the number of bit-twiddles per copy needed, as a function of how many copies you are defending against the bad guys getting. It was basically just a combinatorial/counting argument. I do seem to recall that if the bad guys could get a lot of copies the number of bits needed grew exponentially. I don't know whether defeating an attack with 64 copies was practical using this scheme. Mark also asked about secret sharing. The classic secret sharing paper is "How to Share a Secret"; I think it was by Shamir, in an old CACM from the 70's. As I recall, he proposed encoding the data as a K-1 degree polynomial in some modulus field. Give each person a point on the polynomial. K points are required to recover the polynomial. I don't recall how the encoding of the data as a polynomial was to be done, but the author showed that K-1 points gives you no information about it. Hal 74076.1041@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Thu, 11 Mar 93 23:56:58 PST To: Subject: CYPHERPUNKS=EMAIL HARASSEMENT? Message-ID: <930312075344_74076.1041_DHJ35-2@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain So how many days, exactly, have people waited for response from cypherpunks-request before giving up and posting to the list? Just one or two, or are we talking weeks here? Hal From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Wayner Date: Fri, 12 Mar 93 04:46:24 PST To: cypherpunks@toad.com Subject: Secret messages in images... Message-ID: <199303121244.AA17859@access.digex.com> MIME-Version: 1.0 Content-Type: text/plain I wrote a quick little version to stick bits in the LSB of a file. It runs in the Macintosh as an added feature to a popular program, NIH Image. (The source code and frequent revision are published at the major ftp sites.) It is very easy to add a function to handle this process because all of the file i/o and format decoding are already present. If anyone would like a copy, they're welcome to write to me. I'll send them instructions and a short file. Alas, it only handles 8 bit images. Also, you can also request Mimic function code for hiding messages in text with a grammar. -Peter Wayner (pcw@access.digex.com) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl Barrus Date: Fri, 12 Mar 93 06:40:44 PST To: cypherpunks@toad.com Subject: REMAIL: help with utter.dis.org Message-ID: <199303121439.AA16993@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain Cypherpunks, I'm having trouble using the new remailer at utter.dis.org. I've sent several test messages, but have received none back. Recently, I tried to email to the person running the remailer (shipley@merde.dis.org?), but my mail bounced: [stuff deleted here and there] >Return-Path: MAILER-DAEMON@soda.berkeley.edu >From: Mail Delivery Subsystem >Subject: Returned mail: Host unknown > ----- Transcript of session follows ----- >550 merde.dis.org.tcplocal... 550 Host unknown >550 ... Host unknown: Inappropriate ioctl for device >From: Karl Barrus >To: shipley@merde.dis.org I'd like to include this new remailer in the scripts, but would first like to verify that it works... So Peter: I'd like to help work out any problems, but I can't reach you at shipley@merde.dis.org (unless this is related to soda's disk crash?) /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mbrennan@netcom.com (Michael Brennan) Date: Fri, 12 Mar 93 08:42:09 PST To: cypherpunks@toad.com Subject: Re: Unacceptable slander by dclunie Message-ID: <9303121640.AA12159@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain >Date: Fri, 12 Mar 1993 09:34:53 -0600 >To: cypherpunks@toad.com, mbrennan@netcom.com (Michael Brennan) >From: matt@oc.com (Matthew Lyle) >X-Sender: matt@ra.oc.com >Subject: Re: Unacceptable slander by dclunie > >It is not appropriate for someone to post a 3600 line "junk" file to a >mailing list. UNDER ANY CIRCUMSTANCES! (Think about those sites that are >paying hard cash for e-mail transfers!) It is reasonable for such actions >to be reported to the administrator of a system. I don't agree it was appropriate to notify the administrator. This could all have been handled far more elegantly considering the circumstances. >So far as getting off the cypherpunks list, there are a number of other things >to try if cypherpunks-request isn't working. Send mail to root@toad.com. >Send mail to the administrative contact listed in the WHOIS database for >toad.com (John Gilmore, in this case). Talk to your local systems >administrator and ask his assistance. What ghabrech did is something I >would expect from an immature freshman. (who knows... maybe he is one) Thank you for this information. I will attempt these courses of action. Perhaps if someone had attempted to offer helpful information from the outset, this problem never would have reached this level. Instead certain individuals chose to post arrogant promises of "retribution" against others, rather than trying to be constructive in this. >Retaliatory strikes aren't right either, of course. I agree wholeheartedly, and I am glad this discourse now finally seems to be moving onto a level-headed and constructive level. I appeal to all of the cypherpunks to keep it this way! Let's figure what's going wrong here and resolve the situation instead of playing one-upmanship with mail bombs and threats of "dirty tricks". ----- Michael Brennan - mbrennan@netcom.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: matt@oc.com (Matthew Lyle) Date: Fri, 12 Mar 93 07:39:47 PST To: mbrennan@netcom.com (Michael Brennan) Subject: Re: Unacceptable slander by dclunie Message-ID: <199303121534.AA08509@ra.oc.com> MIME-Version: 1.0 Content-Type: text/plain At 1:24 AM 3/12/93 -0800, Michael Brennan wrote: >> [ Mail from David Clunie to ramapo.edu systems admin deleted ] > > [ abridged quote from metioned user's posting deleted...] > >Think about this scenario for a moment: dclunie sends mail to the system >adiministrator of an institution complaining of the mail sent by a >particular user. The system administrator confronts the user, who then >explains the situation. He explains that he has sent numerous requests to >be unsubscribed from the list, but they continue to send large volumes of >mail. Out of frustration, he sends an 80K file to the list hoping it will >get someone's attention. The mail continues, and several members of the >list makes threats of "dirty tricks" and "mail bombs" against him. Now one >of the "cypherpunks" is sending libelous mail to the system administrator. >The system administrator now understands the situation; an educational >institution on the net is made aware of a rapidly developing campaign of >harrassment and vandalism by the cypherpunks. So what happens now? Are the >cypherpunks winning? Libelous mail?? Hardly. It is not appropriate for someone to post a 3600 line "junk" file to a mailing list. UNDER ANY CIRCUMSTANCES! (Think about those sites that are paying hard cash for e-mail transfers!) It is reasonable for such actions to be reported to the administrator of a system. So far as getting off the cypherpunks list, there are a number of other things to try if cypherpunks-request isn't working. Send mail to root@toad.com. Send mail to the administrative contact listed in the WHOIS database for toad.com (John Gilmore, in this case). Talk to your local systems administrator and ask his assistance. What ghabrech did is something I would expect from an immature freshman. (who knows... maybe he is one) >Are you people blind to what you are doing? What fools!!! Retaliatory strikes aren't right either, of course. -- Matthew Lyle (214) 888-0474 OpenConnect Systems matt@oc.com Dallas, TX "...and once you have tasted flight, you will walk the earth with your eyes turned skyward, for there you have been, and there you long to return..." From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter & Date: Fri, 12 Mar 93 10:03:48 PST To: Karl Barrus Subject: Re: REMAIL: help with utter.dis.org In-Reply-To: <199303121439.AA16993@Menudo.UH.EDU> Message-ID: <9303121800.AA00711@merde.dis.org> MIME-Version: 1.0 Content-Type: text/x-pgp -----BEGIN PGP SIGNED MESSAGE----- > >Cypherpunks, > >I'm having trouble using the new remailer at utter.dis.org. I've sent >several test messages, but have received none back. Recently, I tried >to email to the person running the remailer (shipley@merde.dis.org?), >but my mail bounced: the system soda.berkeley.edu had suffered a disk crash thus loosing alot of configuration infomation (like how to me a MX for *.dis.org) I hope to get around to having the sendmail.cf fixed this weekend. the system merde.dis.org/utter.dis.org can also be reached as merde.tfs.com (but it should be noted that the tfs.com mailer gateway munges email headers). >So Peter: I'd like to help work out any problems, but I can't reach >you at shipley@merde.dis.org (unless this is related to soda's disk >crash?) I can be reach at: shipley@tfs.com (work address) shipley@merde.tfs.com (secure home system; cSlip'ed into work) shipley@berkeley.edu (generalised email alias) shipley@soda.berkeley.edu (a sometimes useful account) shipley@dis.org (secure home system, MX=soda) sorry for the inconvenience... -Pete -----BEGIN PGP SIGNATURE----- Version: 2.2 iQBFAgUBK6DPushmn7GUWLLFAQFeWwF+L792NQXoKS/cZ28lDRVEAuqZU4rzbr7S O+/og98BK8Bjjy++UWozVCfI/hrHhR6M =l3N9 -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: lefty@apple.com (Lefty) Date: Fri, 12 Mar 93 10:15:42 PST To: cypherpunks@toad.com Subject: Re: UNSUBSCRIBE ME!!!!! Message-ID: <9303121814.AA28760@apple.com> MIME-Version: 1.0 Content-Type: text/plain >DAMN!!!!! UNSUBSCRIBE ME ALREADY!!!!! >GHABRECH@ULTRIX.RAMAPO.EDU >ghabrech@ultrix.ramapo.edu You know, if you went down to the local expressway and lay down along one of the broken white lines and worked on perfecting your impression of a median strip, your problems would soon stop bothering you. -- Lefty (lefty@apple.com) C:.M:.C:., D:.O:.D:. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: lefty@apple.com (Lefty) Date: Fri, 12 Mar 93 10:29:49 PST To: cypherpunks@toad.com Subject: Re: HABRECHT=EMAIL HARASSEMENT Message-ID: <9303121828.AA01892@apple.com> MIME-Version: 1.0 Content-Type: text/plain George "I don't give a shit who I inconvenience" Habrecht writes: >If, in a while, things get straightened up I may resubscribe but for now, I >don't have the time. I would hope that, if you _do_ ask to be added to the list in the future, the list admin would put you on the "Periodic BSD UNIX Kernal Binaries" list instead. -- Lefty (lefty@apple.com) C:.M:.C:., D:.O:.D:. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Fri, 12 Mar 93 10:48:15 PST To: cypherpunks@toad.com Subject: An Appeal to Calm Message-ID: <9303121846.AA00432@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Folks, Tempers have flared. Angry words have been sent out to the list. We've all been mail-bombed by an angry member of the list (who wants off--NOW!). I guess this is our first real flame war--now we're a real mailing list! But let's not let the current controversy confuse our very real mission, nor hide the progress we've seen so far (remailers, spread of PGP, experiments with digital cash, etc.). If we let the list self-destruct through a few unfortunate incidents, all hope is lost. * The "unsubscribe" problem will hopefully soon be fixed. Maybe an automatic handler (like "majordomo," someone suggested) can be installed. * Mailing lists like this one characteristically have wildy fluctuating traffic levels. No messages for a couple of days (leading to "Is the list broken?" queries) and then 50 messages in a single day (leading to "Enough already! I can't take the volume." messages). Remember, it is the list membership that is generating the volume, not the list management (such as it is). * Some have said the "cypherpricks" list is generating all noise and no signal. Many of us would disagree. Actual code is being written, deployed, and experimented with. One bunch is helping with PGP, another is writing and deploying remailer programs, another is pursuing steganography (hiding messages). Pretty impressive. Especially for a new mailing list. * And relatively little flaming is going on. The closest we've come to a real act of malice was the mail bombing of the list by a disgruntled member--I won't go into that further. * There are serious issues involving the uses and abuses of these various tools and capabilities. Anonymous postings carry obvious concerns. So does untraceable electronic mail, with the potential for extortion threats and even fully-secure markets for assassinations and other crimes. Some of these issues have been discussed on the list. No doubt some see these debates as "noise." Well, a mailing list cannot of course only cater to one particular set of needs. * If we don't discuss these kinds of issues on this list, who will? The FBI and NSA undoubtedly. So why not we the people? I hope things can calm down a bit. -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mbrennan@netcom.com (Michael Brennan) Date: Fri, 12 Mar 93 11:02:56 PST To: cypherpunks@toad.com Subject: Re: Unacceptable slander by dclunie [FLAME] In-Reply-To: <9303121801.AA18929@buoy.watson.ibm.com> Message-ID: <9303121901.AA02158@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain > Michael Brennan writes: > > Are you people blind to what you are doing? What fools!!! > > OK, so you ass*** tell me what I'm doing. You are flaming. Get a clue. >And don't > forget to explain, why am I subjected to all this > crap about some ass***ish subscription, and why > my mailbox should receive junk mail from some > irresponsible participants? You shouldn't have to receive junk mail from anyone. And neither should anyone else! Why are you so special that you shouldn't have to get junk mail but others should? If the cypherpunks list simply honored unsubscribe requests, then no one here would be getting unwanted junk mail. It's really that simple. My postings were intended as an appeal for sanity and responsibility on the part of the cypherpunks, but you seem intent on dragging this whole affair down to new depths. I have simply tried to call attention to the fact that there is a problem with cypherpunks-request and that unsubscribe requests are being ignored. For my own part, I've made several such requests over the course of about a month. Your arrogant, puerile rantings contribute nothing constructive to the situation. I am glad that other cypherpunks are not sinking to the petty-minded depths that Uri has chosen to sink to. (And to those that I may have insulted in a previous posting, I apologize, but I would hope that you now realize that promises of "retaliation" against those who just want to unsubscribe was innappropriate.) Let's please all try for some civility and sanity and just try to get the problem resolved! From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mbrennan@netcom.com (Michael Brennan) Date: Fri, 12 Mar 93 11:10:03 PST To: cypherpunks@toad.com Subject: Re: UNSUBSCRIBE ME!!!!! In-Reply-To: <9303121814.AA28760@apple.com> Message-ID: <9303121908.AA03134@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain > > >DAMN!!!!! UNSUBSCRIBE ME ALREADY!!!!! > >GHABRECH@ULTRIX.RAMAPO.EDU > >ghabrech@ultrix.ramapo.edu > > You know, if you went down to the local expressway and lay down along one > of the broken white lines and worked on perfecting your impression of a > median strip, your problems would soon stop bothering you. > > -- > Lefty (lefty@apple.com) > C:.M:.C:., D:.O:.D:. Please explain to me, lefty, why you insist on flaming someone who simply wants to unsubscribe from the list. This is truly beyond comprehension. I had thought for a moment that the cypherpunks were rising above petty, arrogant slanders, but evidently I was wrong. Clearly uri and lefty wish to drag this whole affair down to new depths. And why? Just to prove to everyone that you can insert your head up your ass further than anyone can imagine? You are truly pathetic. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mbrennan@netcom.com (Michael Brennan) Date: Fri, 12 Mar 93 11:19:52 PST To: cypherpunks@toad.com Subject: Re: An Appeal to Calm In-Reply-To: <9303121846.AA00432@netcom.netcom.com> Message-ID: <9303121918.AA04403@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain > Folks, > > Tempers have flared. Angry words have been sent out to the list. We've all > been mail-bombed by an angry member of the list (who wants off--NOW!). [...] > I hope things can calm down a bit. > > -Tim May I would hope things would calm down a bit, as well. Sending a massive mail bomb to the list may have been innappropriate, but so is continuing to send unwanted mail to a user who has made repeated unsubscribe requests. Why are some of you insisting on waging a flame war?!! What do you intend to gain from such puerility? I am encouraged that at least some voices of reason are now emerging amidst all of this, and I would hope that the cypherpunks would try to understand the frustation of those who have their unsubscribe requests ignored and continue to receive unwanted mail. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: lefty@apple.com (Lefty) Date: Fri, 12 Mar 93 11:40:25 PST To: mbrennan@netcom.com (Michael Brennan) Subject: [FLAME] (Was Re: UNSUBSCRIBE ME!!!!!) Message-ID: <9303121939.AA11758@apple.com> MIME-Version: 1.0 Content-Type: text/plain >Please explain to me, lefty, why you insist on flaming someone who simply >wants to unsubscribe from the list. Mr. Brennan, I wouldn't ever flame anyone who simply wanted to unsubscribe from this list. I _would_, however, certainly flame a fool with a room-temperature IQ who feels that the best way of dealing with his _own_ _personal_ problem unsubscribing from the list is to send 80,000 bytes of garbage to over two hundred people who couldn't do anything about his problem even if they wanted to. People who may, in fact, be paying good money to receive electronic mail and who didn't have any particular need for 3,600 copies of the words "Unsubscribe me!!!!" >This is truly beyond comprehension. Given the apparent level of your comprehension, I'm not in the least surprised. I imagine this sort of thing must happen to you frequently, say, whenever you're faced with a situation more complicated that deciding whether you want fries with your Big Mac. >I had thought for a moment that the cypherpunks were rising above petty, >>arrogant slanders, but evidently I was wrong. I suggest you look up the word "slander" in the dictionary. Get one of the big kids to help you with it, if necessary, and if you can find one who won't beat you up on sight. It doesn't mean what you apparently believe it does. >Clearly uri and lefty wish to drag this whole affair down to new depths. And >why? Just to prove to everyone that you can insert your head up your ass >>further than anyone can imagine? > >You are truly pathetic. Gosh, Mr. Brennan, those are pretty strong words for a fellow who cries "slander" at the apparent drop of a hat. If you keep this sort of thing up, you're liable to convince me that you're not only an idiot but a hypocrite as well. Somebody's got his head up his ass here, but I suspect it's not me, Chucko. -- Lefty (lefty@apple.com) C:.M:.C:., D:.O:.D:. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uri@watson.ibm.com Date: Fri, 12 Mar 93 09:19:52 PST To: cypherpunks@toad.com Subject: FW: Hiding Encrypted Messages In-Reply-To: <9303112315.AA12701@netmail.microsoft.com> Message-ID: <9303121718.AA15444@buoy.watson.ibm.com> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PRIVACY-ENHANCED MESSAGE----- Proc-Type: 2001,MIC-CLEAR Originator-Name: uri@watson.ibm.com Originator-Key-Asymmetric: MIGcMAoGBFUIAQECAgQAA4GNADCBiQKBgQC8G6+5wJDTbII6rK3nx6/XSWIE79FW 1UnBUJx1lAEbay5o7larnOTWbVicXRfkd8cJxl4FAQ3z/O4vhNvqMqkfGPt48F1t O82PD1NstJ3zuMqCCSfTk/Lo3KNh2zz8oGQG8XOfK+UnGcqWhgZ2froBc4yNFlyK To0gYp7xKqpcLQIDAQAB MIC-Info: RSA-MD5,RSA, rwr1sC6NxFTeD2RQkn1d3a9DD72bfS6RX6KvRfCERRGxlNsIbqkSciSNmHxTJPRH /SuFRODhd9eqhyO5a4KORoAIse/QJjgpWDY/gcUx8WmaPBLTUyImVmBUHeaWlBG6 8zwHpOLrZHlX3j//9bpITl+0N90K9Nn4j2DFRxHQAV8= Stu Klingman writes: > Someone wrote: > > b) If it's played and recognized - one can trace your source (a CD, a > > tape of radio broadcast, whatever) and do a comparison. Then the > > file containing of all the LSBs is cryptanalyzed... > > Actually, this is not really a problem. The odds of being able to > resample, even using the same source and come up with the same byte > string is infinitesmal. Remember - the goal is to HIDE the fact, that there's a message! If, having CDs and DAT tapes widely available, somebody sends a home-brew digitized copy of it, won't it look somewhat suspicious for KGB? And if/when they throw you in a nice small cell, you can explain your innocence to the walls at infinitum (:-). > You've got chaos theory on your side here > with massive "Sensitive Dependence on Initial Conditions." You're certainly right. But still see above. > Just make sure to an application like Shredder or Flamefile to > permanently erase your initial sample, and nobody should be able > to tell. (unless they are aware of the trick beforehand) Do you mean, THEY don't monitor this forum? (:-) Regards, Uri. - ------------ -----END PRIVACY-ENHANCED MESSAGE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Stephen Dunne (+44) 71-538-5656" Date: Fri, 12 Mar 93 05:02:00 PST To: CypherPunks Mailing List Subject: Unacceptable slander by dclunie Message-ID: <9303122054.AA0036@isma.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain Forgive me if I appear slow over this but I don't see any problem with Davids response.. Mailbombing a mailing list like cypherpunks with 80K of dross is not acceptable behaviour (whether it was through ignorance or malice) and in those circumstances contacting the site postmaster seems a reasonable thing to do. I do agree with another post who suggested that the admin side of the list does need to be tightened up so that future incidents like this do not occur. However we are in danger of blowing this up out of all proportion. Stephen -- +--------------------------------------------------------------------------+ |Stephen Dunne DoD#767 sdun@isma.demon.co.uk | |International Securities Market Association I speak for me,thats all| |Voice (+44) 71-538-5656 Fax (+44) 71-538-4902 PGP key available| |We are not affiliated to any other Demon.Co.Uk site. | +--------------------------------------------------------------------------+ ----------------------------- Note follows ----------------------------- Message-Id: <9303120919.AA11896@netcom.netcom.com> Date: Fri, 12 Mar 1993 01:24:48 -0800 To: cypherpunks@toad.com From: Michael Brennan Subject: Unacceptable slander by dclunie >Date: Fri, 12 Mar 93 17:41:03 CST >From: dclunie@pax.tpa.com.au (David Clunie) >To: Postmaster@ultrix.ramapo.edu >Subject: Unacceptable behaviour by ghabrech >Cc: root@ultrix.ramapo.edu, ghabrech@ultrix.ramapo.edu, cypherpunks@toad.com > >>From one of the very popular mailing lists I received the following posting [shortened even more] Think about this scenario for a moment: dclunie sends mail to the system adiministrator of an institution complaining of the mail sent by a particular user. The system administrator confronts the user, who then explains the situation. He explains that he has sent numerous requests to be unsubscribed from the list, but they continue to send large volumes of mail. Out of frustration, he sends an 80K file to the list hoping it will get someone's attention. The mail continues, and several members of the list makes threats of "dirty tricks" and "mail bombs" against him. Now one of the "cypherpunks" is sending libelous mail to the system administrator. The system administrator now understands the situation; an educational institution on the net is made aware of a rapidly developing campaign of harrassment and vandalism by the cypherpunks. So what happens now? Are the cypherpunks winning? Are you people blind to what you are doing? What fools!!! ----- Michael Brennan - mbrennan@netcom.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uri@watson.ibm.com Date: Fri, 12 Mar 93 09:57:43 PST To: mbrennan@netcom.com (Michael Brennan) Subject: Re: Cypherpricks think they're cool [FLAME] In-Reply-To: <9303120801.AA05719@netcom.netcom.com> Message-ID: <9303121756.AA17375@buoy.watson.ibm.com> MIME-Version: 1.0 Content-Type: text/plain #FLAME ON Michael Brennan writes: > >Hey, man, we're the cypherpunks. We're too hip to worry about a > >trivial little mail bomb. But if we did get upset...well, who > >do you think has the bigger arsenal of dirty tricks, him or us? > > What arrogant little pricks you are, Mr. Ringuette and Mr. May! So is this > what cypherpunks is really all about: "dirty tricks", "mail bombs", endless > harassment of people on the net who simply wish to be left alone?......... > > I've seen many of you raise issues about responsibility on the net. Is > proving that you have a "bigger arsenal of dirty tricks" you're idea of > responsibility? And do you really think that cypherpunks could survive such > a war? You yourselves have admitted that you have many enemies in your > quest for net privacy and anonymity. Do you foolishly believe that they > won't seize upon this irresponsible behavior on your part and use it to > prove their point? You will only succeed in bringing about precisely what > you claim to oppose: oppressive controls on the internet to stop petty > vandals like yourself. I symphatize for poor Mr. Habrecht being unable to get off this list. Does it mean, that he, in his frustration bombing my mailbox, is "justified"? Hey, it's not me, who signed himon to this list, it's not me, who can throw him out! So why did he choose to shoot from the hip at innocent bystanders? By the same logic, if one feels he was treated unjustly anywhere - just make a bomb and blow up the highest building in your area with the largest amount of people in it. What a real responsible bastard can do such things... And who's talking about responsibility?! An "e-mail terrorist"? Ha! Can cypherpunks survive the "war"? With who? Lighten up! Spitting saliva and terms like "petty vandals"? Well, well... Who was that idiot, who vandalized my mailbox with his stupid 3K lines of excrements? That's what true "vandalism" is, in my eyes... Oh, and if you aren't satisfied with how car service in your city works - get a gun and hunt their passengers... What a man... And the last - who the hell needs that privacy? Is it something valuable for cypherpunks only, something you don't really need for yourself? Just joined this list out of kindness to help those poor kids? > I would hope that there are some among you that have some scrap of sanity > left, and realize that there is nothing to be gained from bringing a > needless war down upon yourselves. Wise up! Yeah. Always nice to have a peace defender... > I sent one request to cypherpunks-request about three weeks ago, and a > second about a week ago. Was Eric Hughes at the CFP conference then? And > you may have noticed that a third person has now stepped forward and > expressed frustration over being in the same predicament. Do you still want > to pretend there is no problem? What will it take for you to realize there > is: the third person, the fourth, fixth, sixth? I'll say it again: Wise up! Well, list manager, are you there? Ain't this pure truth? And as Mark pointed out, can it be managed AUTOMATICALLY? Somebody out there, please? > I've been very patient over this, but I'm disgusted at your arrogant > promises of "dirty tricks" and "mail bombs" against those who simply > want to unsubscribe from the list! Oh no! Seeing a terrorist attack, we should seek a reason for that poor person to act this way, to justify his doings, and to change our behaviour, because obviously, a person with grievance isn't responsible, or liable for his actions - we are! Thus we shouldn't threaten a "mail-bomber" with response in kind, oh no! Give me my wish, or ye all will suffer the consequenses! > What phenomenal assholes you are!!! Sounds like you were looking at the mirror too much recently (:-). Uri. ------------ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: lefty@apple.com (Lefty) Date: Fri, 12 Mar 93 13:01:33 PST To: cypherpunks@toad.com Subject: Re: Returned mail: User unknown Message-ID: <9303122100.AA23230@apple.com> MIME-Version: 1.0 Content-Type: text/plain Apparently, Mr. Habrecht's problems have been solved. > ----- Transcript of session follows ----- >>>> RCPT To: ><<< 550 ... Addressee unknown >550 ... User unknown -- Lefty (lefty@apple.com) C:.M:.C:., D:.O:.D:. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uri@watson.ibm.com Date: Fri, 12 Mar 93 10:03:07 PST To: mbrennan@netcom.com (Michael Brennan) Subject: Re: Unacceptable slander by dclunie [FLAME] In-Reply-To: <9303120919.AA11896@netcom.netcom.com> Message-ID: <9303121801.AA18929@buoy.watson.ibm.com> MIME-Version: 1.0 Content-Type: text/plain #FLAME ON Michael Brennan writes: > Are you people blind to what you are doing? What fools!!! OK, so you ass*** tell me what I'm doing. And don't forget to explain, why am I subjected to all this crap about some ass***ish subscription, and why my mailbox should receive junk mail from some irresponsible participants? [Don't tell me, that I've joined the club - since I have a grievance with your silly rambling here, by your logic I'm not liable for this, you are...] Uri. ------------ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Theodore Ts'o Date: Fri, 12 Mar 93 10:39:17 PST To: uri@watson.ibm.com Subject: Re: Cypherpricks think they're cool [FLAME] In-Reply-To: <9303121756.AA17375@buoy.watson.ibm.com> Message-ID: <9303121837.AA00315@SOS> MIME-Version: 1.0 Content-Type: text/plain Date: Fri, 12 Mar 1993 12:56:02 -0500 From: uri@watson.ibm.com #FLAME ON [ Rest of flame deleted.] What I don't understand is, why are people complaining? We're just seeing people exercise their sacred right to free speech..... all over this mailing list. After all, isn't this what you were working towards? So now that this group is getting a taste of free speech, why do we see people sending mail to system administrators, asking that certain people be censured for sending messages to this mailing list? Not too long ago, people were saying that censuring people for their speech, even after the fact, was tantamount to censorship! It seems just a little hypocritical to me, given the strong and sprited defense of anonymous remailers just a week or two ago..... - Ted From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pmetzger@snark.shearson.com (Perry E. Metzger) Date: Fri, 12 Mar 93 15:30:45 PST To: mbrennan@netcom.com Subject: Re: CYPHERPUNKS=EMAIL HARASSEMENT? Message-ID: <9303121900.AA17618@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain > From: mbrennan@netcom.com (Michael Brennan) > > You are very wrong! As a matter of fact, I have sent unsubscribe requests > to cypherpunks-request and those requests have been ignored! That's why I > sent this last message of mine to the whole list. I'd be willing to bet > that the individual who sent the 3K file had also attempted initially to > send his request to cypherpunks-request and had his request ignored. In > fact, it's quite possible that MANY of the people who have sent their > "unsubscribe" requests to the whole list have done so because initial > requests sent to cypherpunks-request were ignored! > > Brushing this matter aside as a non-issue and pretending there is no > problem will not make the problem go away! UNSUBSCRIBE REQUESTS SENT TO > CYPHERPUNKS-REQUEST ARE BEING IGNORED!!! You are a whining child, Mr. Brennan. How long have these messages been ignored? Months? Years? I suspect a matter of days. Well, I'm sorry to tell you this, but you aren't paying anyone to maintain this list, and people don't do it full time. Its not a job. Prehaps the moderator went on vacation. Prehaps he has no time for a week. Have you actually waited a reasonable amount of time, which I would define as no less than a week and likely no less than two? I've run mailing lists. Its lots of long and hard work, and sometimes you go on vacation, and when you do lots of whining fools start getting pissed off that you aren't a robot that provides them with instant gratification. Sorry, but no one owes you instant service. You didn't pay for a subscription you know. This is a volunteer effort, and that means that you accept whenever you sign on to any mailing list the possibility that, horror of horrors, people might not process your requests every fifteen minutes. It would not be anything like a big deal to delete the mail for a few more days. Instead, you involve all of us in something that we cannot change. What makes you think that if the moderator is not reading the -request alias that he will read the list itself? In conclusion, get a grip. When the guy behind the counter at the 7-11 is a little slow, do you just take the food you bought without paying? No? Then what in hell are you doing posting obnoxious mail to hundreds of people when you know very well it violates all network custom? Perry Metzger From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl Barrus Date: Fri, 12 Mar 93 12:20:04 PST To: cypherpunks@toad.com Subject: MISC: steganography & pics Message-ID: <199303122018.AA14921@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Cypherpunks, I too have played around with graphics formats, specifically the TIFF format. It's a large and complicated format, but it does leave room for customization. I just mention this because I'm more familiar with TIFF than the GIF format. Skipping over 99% of the details: the TIFF format has a header (magic numbers and stuff), tags and corresponding information fields, and picture data - real terminology exists, like image file directories and so forth, but I'll skip that. The TIFF format allows you to specify quite a bit of info: information fields such as time of creation, author name, comments, host system; picture information such as rows, columns, whether the minimum value corresponds to black or white; color models: RGB, CMY, CMYK, greyscale; compression model: none, LZW, JPEG; alpha values, and many other fields. Finally, the picture data is stored, non-sequentially if desired (that is, row 1, then row 137, the row 54, etc.) TIFF is extendible by simply defining new tags. Because the TIFF format is so all encompassing, few software packages can read and write the entire thing - that is, valid TIFFs may be created that may not be recognized by other software. Sam Lieffler (sp?) at sgi has written a comprehensive TIFF manipulation package available via anonymous ftp which helps to overcome this problem. Anyway, for steganography purposes, we wouldn't want to define a "crypto" tag obviously! Maybe we could adapt one of the other fields, like host computer or whatever, so that the signal that a TIFFs contains hidden information is that one of the fields has a certain value, to be arranged in advance or whatever. A 256x256 image contains 65536 pixels, each of which could contribute 1 bit to a message, which comes to 8192 bytes (say each pixel is 8 bit and not 24 or something fancy like that), more than enough for a message. This sounds like fun - I imagine in a few weeks there will be a message to the list to retrieve the recently posted image from alt.binaries.pictures.misc and read the hidden message! /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK6DvpoOA7OpLWtYzAQG1PgP/bI+s4p6kcMkHcv2iR+iJJV9TK32zicos fNOqufuPZvWepfxbEqhsY70RBQAZjuqEhKcjP54yFr7wuDbroFhbfIBMQQLn1znj v5dcaM7GrykNMhR9andfskRG6k72dxlmyBhQRcR3pbhwpPZLdw141yS4VPzHnez7 VgQ9Z+Gsb9s= =qGIH -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: bmullane@ultrix.ramapo.edu (James Bond-007) Date: Fri, 12 Mar 93 11:19:27 PST To: cypherpunks@toad.com Subject: No Subject Message-ID: <9303121922.AA23237@ultrix.ramapo.edu> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Date: Fri, 12 Mar 1993 12:56:02 -0500 From: uri@watson.ibm.com #FLAME ON [ Rest of flame deleted.] What I don't understand is, why are people complaining? We're just seeing people exercise their sacred right to free speech..... all over this mailing list. After all, isn't this what you were working towards? So now that this group is getting a taste of free speech, why do we see people sending mail to system administrators, asking that certain people be censured for sending messages to this mailing list? Not too long ago, people were saying that censuring people for their speech, even after the fact, was tantamount to censorship! It seems just a little hypocritical to me, given the strong and sprited defense of anonymous remailers just a week or two ago..... - Ted Ted, don't you realize that people only believe in things as long as it is convinient(sp) or nonoffensive to them? Maybe the admins will yell at me for being on this list now that they got mail from the net.nazis concerning ghabrech's action. maybe they will find out what the file pgp is in my acct and force me to delete it... later, Brian -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK6DittvH71LYWYb3AQHzYAQAgzC5znnv0gsOO+NiUDN+hwHOVYOdvwhc 0yTkigSx/FaS1YuHy2Wntlh0NbLJ59n6ZyyVOHhiE0cWwksXsQ4jwfU0KulUa5cF nR06UDLqrhFtkRS2HcA99vPbXlbGFeVCV+02pVbc1NDSmvMTMpAvFrwlRQuQEfBW WFZrOl1NCfU= =2yTO -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc.Ringuette@GS80.SP.CS.CMU.EDU Date: Fri, 12 Mar 93 13:05:54 PST To: cypherpunks@toad.com Subject: Re: Cypherpunks know they're cool Message-ID: <9303122105.AA06413@toad.com> MIME-Version: 1.0 Content-Type: text/plain Ted Ts'o writes, > What I don't understand is, why are people complaining? We're just > seeing people exercise their sacred right to free speech..... all over > this mailing list. After all, isn't this what you were working towards? Heh. I agree with Ted. Try taking the same advice we'd give someone who received a offensive anonymous note: quit your bitching & moaning, you losers! Yeah, yeah, I know, volume attacks are of a different kind than offensive content. But my own belief is, if our software is broken, we shouldn't blame the doofus who comes along and tickles it. If we end up having a problem of volume harrassment, we should expect to have to PROTECT OURSELVES with some half decent mailing list software. For instance, something that accepts mail only from subscribers or that shunts large messages (or excessive number of messages from a single person) to the moderator for review. The fact that we have stupid software is our own fault. To me, this has the same feel to it as the current flap about anonymous newsgroup postings. The right answer, in my opinion, is to use news distribution software which can filter out anonymous postings (and, in order to enable that, and prior to the availability of "real person" cryptographic certificates, to ask that all remailers provide a special header line). What these solutions have in common is that we ask people to protect themselves, rather than requiring everyone else to adhere to their notions of good behavior. Which brings to mind the potential problem that 99% of everybody may choose to participate exclusively in "real person only" groups. Any hints at a solution to that one? How about if we try to convince people to participate in "pay as you go" groups using digital postage? That would solve many of the problems, in a way that is less offensive to the freedom-loving among us. -- Marc Ringuette (mnr@cs.cmu.edu) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Nickey MacDonald Date: Fri, 12 Mar 93 12:08:42 PST To: jb@paris7.jussieu.fr Subject: Re: University Policies In-Reply-To: <0096959f.9201c152.25188@paris7.jussieu.fr> Message-ID: MIME-Version: 1.0 Content-Type: text/plain Well... This is available from our site via anonymous FTP... so I suppose there are no copyright problems by sending it to you... enjoy... OBTW, the title lines are my addition... and the file is normally printed (on the sheet they give you with your initial password) in small print, and so the file is formatted to about 132 columns... Univeristy of New Brunswick Computing Policies (UNB, Fredericton, New Brunswick, Canada) ---------------------------------------------- POLICIES 5. Improper use of Computing Services may result in withdrawal of access privileges or other The computing and communication systems at the penalties. The following (but not limited to University of New Brunswick are intended to be the following) may be considered improper: used in a manner that is supportive of the Univer- sity's objectives. All constituents of the ù Frivolous use of any workstation, computer University are able to apply to use the univer- or network. sity's computing facilities. When that privilege ù Inspection of data or functions which are is granted (e.g., when an account is issued), it neither allotted to the inspector, nor is granted with the understanding that the use of specified as public. the computing system will correspond to the ù Inspection of data which have to do with purpose(s) stated in the request. utilization, authorization or security. ù Modification of data which are not specif- At the University of New Brunswick Computing Ser- ically assigned to or created by the modi- vices Department, internal customers (students, fier. faculty and staff) are not personally billed for ù Use of another's account. use but are held personally responsible for use ù Interference with other persons accessing made of their accounts. Certain practices are the systems, networks or equipment. considered a misuse of university property. Exam- ù Destruction of data or property which is ples of such misuse are the use of any part of the not owned by the destroyer. computing system for personal or corporate profit, ù Attempting to gain access to another's re- or to provide free resources to unauthorized per- sources, programs, or data. sons. ù Use of another's programs or data without their permission. The following policies govern the use of the ù Sending obscene or vulgar messages. University of New Brunswick Computing Services ù Abusive or destructive use of hardware or Department facilities: public software. ù Use of the facilities for personal or 1. No person or persons shall use the facilities corporate gain without an external ac- of the University Computing Services Depart- count. Examples of such use include pro- ment without due authorization by Computing ducing invitations, posters, personal Services. correspondence, etc., and the sale of com- puter programs or results developed under 2. Every allocation of computing resources is an internal account. made on the understanding that it is to be used only for the purpose for which it was re- 6. Customers are expected to: quested and only by the person or persons by whom or on whose behalf the request was made. a. Be responsible for the use of their com- Use shall not be made of computing resources puter accounts. They should make appro- allocated to another person or group unless priate use of system provided security such use has been specifically authorized by features and take precautions against oth- Computing Services. ers obtaining access to their computing resources. 3. No person or persons shall by any wilful or deliberate act jeopardize the integrity of b. Refrain from engaging in deliberately computing equipment, networks, programs, or wasteful practices such as: other stored information. ù unnecessary holding of workstations or 4. Persons authorized to use computing and commu- telecommunications lines; nication resources shall be expected to treat ù producing unnecessarily large printer as privileged, any information not provided or listings; generated personally which may become avail- ù performing unnecessary computations; able to them through their use of these re- ù creating and retaining unnecessarily sources; they shall not copy, modify, large files; disseminate, or use any part of such infor- ù unnecessary holding of peripheral mation without permission of the appropriate equipment. person or body. c. Utilize efficient and effective techniques for program execution. --- Nick MacDonald | NMD on IRC i6t4@jupiter.sun.csd.unb.ca | PGP 2.1 Public key available via finger On Thu, 11 Mar 1993 jb@paris7.jussieu.fr wrote: > Hi, > > Following the thread about some Universities policy about using > computing services I'd like to ask if you can send me YOUR > Uni policy about the above matter. I'd like to make somekindda > compilation of them and put it on our ftp server (smup7.jussieu.fr). > > Cheers, > jb From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: deltorto@aol.com Date: Fri, 12 Mar 93 16:10:51 PST To: cypherpunks@toad.com Subject: FWEE! premature testing Message-ID: <9303121624.tn02614@aol.com> MIME-Version: 1.0 Content-Type: text/plain Dewds, Just a thought on Tim May's anonymous baptism by Stealth-fire of the WB! project: Tim: though I appreciate your enthusiasm, could you *please* wait until there is something in place to actually _test_ before you test it? I know you really wanted to post that nifty F-117A thing you OCR'd _somewhere_ but that was not particularly helpful. It's not like I'm unaware of this issue. Remember, we're still in Phase One (design & data collection) now. Help with the design and data collection before you go off on your own and try to show where the holes are or have some fun with it. Later on, you can be very helpful if you want to play the Devil's Online Advocate. [Also, could you please spell my name correctly for the NSA's records? It's David Del Torto (not Deltorto). I promise not to spell your name "TiM aye" so they can come and get you too.] Someone suggested a set of WB guidelines should be posted. I began this process, and will continue next week after CFP. I ask your patience while I educate myself. CFP News: I had a *very* interesting/enlightening discussion with Nicholas Johnson, the former head of the FCC (under Johnson) last night about the WB! project - he loves the idea and is willing to help out "somehow." Also, Ralph Nader's organization is interested in what we're up to. Jim Settle (FBI Computer Crime Squad) is also surprisingly supportive of the idea. Also, believe it or not, a fellow from the CIA likes the idea and posits that, if done "correctly," the system can 'perhaps be somewhat protected' from posting by pranksters/attackers with bogus revelations - it might require someone to preview postings (I would like to DE-nominate myself and suggest that MAYBE a small review group be set up - let's discuss this, tell me what you think is a good idea). I believe that the implementation of a simple WB Key system can assist in this as well (refer to an earlier posting of mine). Of course, this would require widespread dissemination of encryption software for anyone needing that option. Dorothy Denning is there: does anyone have a question for her? A statement? I can post her email address after tonight if y'all like. More Later, Gotta Run... dave (Del Torto) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pmetzger@snark.shearson.com (Perry E. Metzger) Date: Fri, 12 Mar 93 15:42:54 PST To: mbrennan@netcom.com Subject: Re: UNSUBSCRIBE ME!!!!! Message-ID: <9303122126.AA17863@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain > From: mbrennan@netcom.com (Michael Brennan) > > > > > >DAMN!!!!! UNSUBSCRIBE ME ALREADY!!!!! > > >GHABRECH@ULTRIX.RAMAPO.EDU > > >ghabrech@ultrix.ramapo.edu > > > > You know, if you went down to the local expressway and lay down along one > > of the broken white lines and worked on perfecting your impression of a > > median strip, your problems would soon stop bothering you. > > > > -- > > Lefty (lefty@apple.com) > > Please explain to me, lefty, why you insist on flaming someone who simply > wants to unsubscribe from the list. Because, you pathetic asshole, he didn't just want to subscribe to the list; he sent out a goddamn 80k garbage message to everyone. That you cannot see the difference between these two demonstrates a substantial deficit in your capacity for mentation. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: bill@anubis.network.com (Bill O'Hanlon) Date: Fri, 12 Mar 93 15:19:35 PST To: cypherpunks@toad.com Subject: Re: Unacceptable slander by dclunie [FLAME] Message-ID: <9303122317.AA11464@anubis.network.com> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- [ a bunch of bickering deleted concerning who was wrong to have lost their temper first. ] Folks, this is the cypherpunks list. I have three observations to make. 1. Joining it is voluntary. 2. It generates a tremendous amount of traffic. 3. Many people on it can write filters and such. It's a technical list. Why do I mention three obvious points? Here's my personal situation. I suspect it is similar to many here. I read many mail lists. The traffic on them is large, and the unsubscribe messages are numerous. Being a pro-code kind of person, rather than complain frequently about people being stupid with unsubscribe requests, I filtered 'em. So, I've never seen the unsubscribe requests. Anything with unsubscribe in the subject gets filtered. I've never seen any of you complain about a problem with the list. Suddenly, some genius craps in my mail file. My problem was with said genius, so I replied to him. End of problem, right? Wrong. Someone with a chip on his shoulder makes a federal case about it and starts name calling. It's really ironic that Tim May gets blasted as a petty vandal for mailing George back a third of George's post. I'm not in any position to be able to help with a problem with the subscription list. When it comes down to a choice between writing a quick filter to make sure I don't see mail that irritates me or complaining, I write a filter. When it comes down to passively accepting "punishment" from someone who voluntarily joined the list, wants to quit the list due to traffic, and then hypocritically worsens the situation by doubling the traffic for a day singlehandedly, I refuse. If this list was for beginning computer users and children, I'd be much more patient. I didn't want George's mail, so I gave it back to him. - -- Bill O'Hanlon Network Systems Corporation bill@network.com -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK6EZ+uUL0gzXlqP9AQGZYAP9G9f/WukRsNPZG4F5MrlVB+gUINW0L2pJ qbYgvbIOReNXckNrDtm/soToE+tMVcRbj3r0fv3VW14fveQssIJE02fpiTxJ/LAZ +pIuOEzYV/tUubm5F5ZeunAt5tnsfCofvqisWVan4tJr8mpL4sx+0z9dTM6xsZcb mLSkZPrDImk= =hpCC -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dclunie@pax.tpa.com.au (David Clunie) Date: Fri, 12 Mar 93 00:14:09 PST To: Postmaster@ultrix.ramapo.edu Subject: Unacceptable behaviour by ghabrech Message-ID: <9303120811.AA05897@britt> MIME-Version: 1.0 Content-Type: text/plain From one of the very popular mailing lists I received the following posting by one of your users. While I can understand his frustration at having difficulties unsubscribing from a relatively high volume list, or his ignorance at not being aware that such requests should be directed to the "x-request" alias not the "x" list, this is no excuse for such a long and unpleasant post that has consumed considerable expensive bandwidth for no good reason ... I am surprised you tolerate students with such a childish attitude on your system and they do no credit to your institution's reputation. This is an abridged version of George A. Habrecht's 3264 line post ! > From cypherpunks-request@toad.com Fri Mar 12 16:48:53 1993 Date: Thu, 11 Mar 1993 14:59:21 -0500 From: ghabrech@ultrix.ramapo.edu (George A. Habrecht) To: cypherpunks@toad.com Content-Length: 74877 Hello? I have asked several times and am starting to get pissed off!!!! So do as follows!!!!! Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! ... ... Unsubscribe me!!!!!!!! Unsubscribe me!!!!!!!! Get the message?!? Thanx ghabrech@ultrix.ramapo.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Al Billings Date: Fri, 12 Mar 93 18:50:24 PST To: Michael Brennan Subject: Re: An Appeal to Calm In-Reply-To: <9303121918.AA04403@netcom.netcom.com> Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Fri, 12 Mar 1993, Michael Brennan wrote: > > Folks, > > > > Tempers have flared. Angry words have been sent out to the list. We've all > > been mail-bombed by an angry member of the list (who wants off--NOW!). > > [...] > > > I hope things can calm down a bit. > > > > -Tim May > > I would hope things would calm down a bit, as well. Sending a massive mail bomb > to the list may have been innappropriate, but so is continuing to send unwanted > mail to a user who has made repeated unsubscribe requests. Why are some of you > insisting on waging a flame war?!! What do you intend to gain from such > puerility? > > I am encouraged that at least some voices of reason are now emerging amidst all > of this, and I would hope that the cypherpunks would try to understand the > frustation of those who have their unsubscribe requests ignored and continue > to receive unwanted mail. You are a fucking prick. There is nothing ANY of us can do to get you off the list. IF you want off, you'll have to wait. Meanwhile, why don't you quit posting to the list since you want off so fucking bad? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Theodore Ts'o Date: Fri, 12 Mar 93 18:01:22 PST To: Marc.Ringuette@GS80.SP.CS.CMU.EDU Subject: Re: Cypherpunks know they're cool In-Reply-To: <9303122105.AA06413@toad.com> Message-ID: <9303130159.AA01968@SOS> MIME-Version: 1.0 Content-Type: text/plain Date: Fri, 12 Mar 1993 15:07-EST From: Marc.Ringuette@GS80.SP.CS.CMU.EDU What these solutions have in common is that we ask people to protect themselves, rather than requiring everyone else to adhere to their notions of good behavior. Hmm..... how is this alike, and how is this different, from a hardliner NRA saying, "We should ask people to protect themselves by wearing bulletproof vests, instead of trying to ban guns"? Which brings to mind the potential problem that 99% of everybody may choose to participate exclusively in "real person only" groups. Any hints at a solution to that one? How about if we try to convince people to participate in "pay as you go" groups using digital postage? That would solve many of the problems, in a way that is less offensive to the freedom-loving among us. Carrying the above metaphor further, is it really a problem if 99% of everybody chooses to live in firefight-free zones, so that they don't have to wear bullet-proof vests? And is saying that, "O.K, we'll make people pay for bullets" really going to help? It just restricts the people who can fire bullets (or write large amounts of anonymous postings) to those who have lots o' cash. As long as we are really being freedom-loving, there's nothing we can do (or should _want_ to do) to get people to attend groups that allow anonymous posters, if they only want to travel in "real person only" circles. If they've made a choice not to want to read anonymous postings (perhaps by installing a filter which deletes all anonymous postings unread), how is this a "problem"? - Ted From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eli Brandt Date: Fri, 12 Mar 93 21:06:58 PST To: cypherpunks@toad.com Subject: Re: HIDE: embedding msgs into snd & graphics In-Reply-To: <9303120852.AA03893@sting.Berkeley.EDU> Message-ID: <9303130506.AA18442@toad.com> MIME-Version: 1.0 Content-Type: text/plain > And once you try to hide data in a lossy encoding scheme, you run > into a lot (though not all) of the problems you have with colormaps. I think it's even worse... with unlossy compression, you can frob the uncompressed bits and just lose compression. With lossy, you can't do that, because your message will be smeared away. And frobbing the compressed stream will produce ghastly artifacts. But not all images will be lossily compressed. I find that JPEG, for example, usually introduces too much gunk to be useful. Certainly, sending an LZW TIFF should be above suspicion for quite some time. > It would be a lot easier to hide data in an image if one had a control-image > (the original) as well as the altered-image (the one holding the message), > but this defeats half the niftiness of trying to do things this way. Yeah, this is just a cheesy OTP. Not much point, really. I've been thinking about the GIF case; the "optimize for colormap cyclic continuity" technique looks like it will produce better images than the "crunch to 128 colors". Since I have to write some annealing code for a neural-net trainer, maybe I'll repackage it for colormap optimization and see what the results look like. If you wanted minimum visible crud, you could start with a true-color pic, find the colormap, order it, and dither down -- rather than adding white noise to pre-existing dithering. You know, I think I've been taking the graphics-weenie approach to this. Who cares how the image looks? Who cares if it's even an image? Just take your damned PGP file, ^=0xff it, and rename it "hotbabe.gif". uuencode and mail. The NSA is not going to be viewing every picture you send, I hope. This fails on "plausible deniability", I guess. > -J. Eli ebrandt@jarthur.claremont.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc.Ringuette@GS80.SP.CS.CMU.EDU Date: Fri, 12 Mar 93 18:24:54 PST To: cypherpunks@toad.com Subject: Re: Cypherpunks know they're cool Message-ID: <9303130224.AA15122@toad.com> MIME-Version: 1.0 Content-Type: text/plain > Hmm..... how is this alike, and how is this different, from a hardliner > NRA saying, "We should ask people to protect themselves by wearing > bulletproof vests, instead of trying to ban guns"? Ted, please don't be a bonehead on purpose. I bet you can see the difference between some bits coming down a wire and a bullet coming at you at 1000 feet per second. It has to do with the level of threat and the feasibility of protecting yourself. > As long as we are really being freedom-loving, there's nothing we can do > (or should _want_ to do) to get people to attend groups that allow > anonymous posters, if they only want to travel in "real person only" > circles. Not true at all! Just because I like freedom doesn't mean I shouldn't try to convince people to act in a way that is more freedom-loving. -- Marc Ringuette (mnr@cs.cmu.edu) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Bill Sommerfeld Date: Fri, 12 Mar 93 21:33:18 PST To: MJMISKI@macc.wisc.edu Subject: CYPHER: Plain encypher In-Reply-To: <23031112170179@vms2.macc.wisc.edu> Message-ID: <9303130448.AA00298@orchard.medford.ma.us> MIME-Version: 1.0 Content-Type: text/plain For a good time, read the sections from "The Codebreakers" regarding what kind of lengths war-time censors went through to foil steganography. In this day & age, rearranging the spacing of messages "just for the heck of it" would be a rather obvious equivalent to what they did back then (BITNET does things like this today just out of sheer perversity). So would scrambling the low-order bits of a sound file. - Bill From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Theodore Ts'o Date: Fri, 12 Mar 93 22:13:25 PST To: Marc.Ringuette@GS80.SP.CS.CMU.EDU Subject: Re: Cypherpunks know they're cool In-Reply-To: <9303130224.AA15122@toad.com> Message-ID: <9303130612.AA07820@SOS> MIME-Version: 1.0 Content-Type: text/plain Date: Fri, 12 Mar 1993 21:18-EST From: Marc.Ringuette@GS80.SP.CS.CMU.EDU > Hmm..... how is this alike, and how is this different, from a hardliner > NRA saying, "We should ask people to protect themselves by wearing > bulletproof vests, instead of trying to ban guns"? Ted, please don't be a bonehead on purpose. I bet you can see the difference between some bits coming down a wire and a bullet coming at you at 1000 feet per second. It has to do with the level of threat and the feasibility of protecting yourself. I'm not being a bonehead; this is a serious question! I was drawing an analogy; of course bits and bullets are different! What is the same is the philosophy of "the initiator can do know wrong"; i"it's always the receivers' problems." I am merely pointing out that your philosophy of: >What these solutions have in common is that we ask people to protect >themselves, rather than requiring everyone else to adhere to their >notions of good behavior. is dangerously close, if not identical to "if the victim gets hurts it his/her fault (for not protecting him/her-self)". This logic obviously does not work for rape; whether or not someone protects herself, there are standards of conduct which say that rape is still a bad thing. The question is whether or not there are similar standards of conduct for cyberspace --- "community standards" or not. - Ted From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Fri, 12 Mar 93 22:56:34 PST To: Subject: HIDE: embeddin msgs into snd & graphics Message-ID: <930313065252_74076.1041_DHJ21-2@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain The considerations that Eli mentioned make it clear that embedding data in the low bits of an image is not as trivial as it sounds, with commonly-used image formats. In the case of GIF, Eli points out that you may have a 256 entry color table, with each pixel indexing into that table. Flipping the low bit of a pixel may lead to a completely different color. What you could do is to renumber the color table so that, to the extent possible, every even-numbered color has some odd-numbered color that is similar (close in color space), and vice versa. Then rather than just altering the low-order bit of each pixel, you'd change the color of that pixel to be the nearest color of opposite even-odd-ness. For the decode step, though, you could still just check the low-order bit of the (uncompressed) image. That renumbering step sounds like the tricky part. I think Eli is right, too, that lossy compression is pretty much out of the question for this application. It would be too easy to lose the message that is encoded in the low-order bits. Images that would be good candidates for this would be natural, scanned-in pictures. Hand-drawn artworks and most computer-generated images would not have enough natural randomness to allow the message to be slipped in unnoticeably. Fortunately, nudes would fall into the useful category, and they make up a large fraction of the images people exchange. Hal 74076.1041@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Pat Farrell" Date: Mon, 15 Mar 93 18:27:10 PST To: cypherpunks@toad.com Subject: alternate US site for pgp22 Message-ID: <51920.pfarrell@cs.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain Hi, Can someone point me to another US FTP site with PGP22. I've downloaded it a couple of times from soda.berkeley.edu, and can't get it unzipped. I've tried all known combinarions of binary, non-binary, etc. The file, once it reaches my PC is 209409 but pkunzip 204g says it is broken. If I use pkzipfix, I can get some of the files, docs, keyserver, etc. but it always fails with a CRC error on or after exploding LANGUAGE.TXT One piece of tech info: I have to FTP to a SUN server, and then use Kermit to bring the file to my PC. This has worked many times for many other files, but there could be some user error in here. Thanks Pat Pat Farrell Grad Student pfarrell@cs.gmu.edu Department of Computer Science George Mason University, Fairfax, VA PGP Public key availble via finger #include From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ORNTS188@ksuvxb.kent.edu Date: Tue, 16 Mar 93 06:44:46 PST To: cypherpunks@toad.com Subject: PGP 2.2 Message-ID: <01GVRJAXTNGI0002O4@ksuvxb.kent.edu> MIME-Version: 1.0 Content-Type: text/plain Hello, from reading some of the postings, I gather that there is another list that deals more with just PGP. If so could someone send the address to me. Thanks..... Dan :) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Seth Morris Date: Mon, 15 Mar 93 18:27:18 PST To: cypherpunks@toad.com Subject: HIDE (Fnord): Targa-24/YUV/D-xxx and headers Message-ID: <9303132047.AA05640@lambada.oit.unc.edu> MIME-Version: 1.0 Content-Type: text W.r.t. the steganography issue and image files (although I think sound files are probably more useful), Targa-24 images are RGB bytes (triples for each pixel, bottom-left to top-right), and seem appropriate for hiding a msg. They are also widely supported for conversion and function as a nice "device independant" image format (The Stone Soup Group's PicLab does a good job on them, IMHO). Does anyone know anything about YUV format? Also, DYUV or some other delta compressed format seems good. If a pixel changes by one more or one less than it "should" the image simply looks like a mediocre scan. Hmmm..... FLI is a delta format... is it appropriate? So... can someone whip up a utility to strip the PGP header and then perfoem some simple filtering (^= with some magic numbers, perhaps, or with some function of the preceeding bytes? Can this eventually help recover a better image, if that could ever be important? I don't think so) and tack on a valid Targa or other header (or correct any headers on images we've slid into). I just started a new job and am swamped, or I'd have written first and posted later ;-) . Seth morris From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Derek Upham Date: Mon, 15 Mar 93 18:27:23 PST To: cypherpunks@toad.com Subject: Re: HIDE: embeddin msgs into snd & graphics Message-ID: <199303140130.AA08704@grolsch.cs.ubc.ca> MIME-Version: 1.0 Content-Type: text/plain > I think Eli is right, too, that lossy compression is pretty much out of the > question for this application. It would be too easy to lose the message > that is encoded in the low-order bits. Uh, unless the JPEG FAQ sheet has seriously mislead me, lossy compression would be excellent for this sort of steganography. In the standard JPEG encoding procedure, an image is broken into square blocks of pixels, eight per side. These blocks are run through a 2-D discrete cosine transform, producing a set of cosine waves that are equivalent to the original blocks (within small errors). If the original image was smooth (a natural image, for example), the low- frequency waves will contain all the information necessary for reproducing the block; the high-frequency waves will contain nothing but faint noise. So the JPEG encoder _dumps_ the high-frequency cosine waves. That's how the format gets a lot of its compression. This is where steganography comes in. Take these empty wave slots and stick your data in them. For example, if the wave magnitudes are stored as four-byte integers, store one byte of data in the lowest- order byte in the slot (or go down to four, two, or even one bit per integer, if necessary; floating-point would be wonderful, here). As long as the hidden data representation looks like very tiny values to the JPEG decoder, the data should be completely unnoticeable on display---but the steganographic decoder will know where to look for it and what to do with it. Anyone have honest-to-god practical experience with JPEG/JFIF to assess the feasibility of this technique? Derek Derek Lynn Upham University of British Columbia upham@cs.ubc.ca Computer Science Department ============================================================================= "Ha! Your Leaping Tiger Kung Fu is no match for my Frightened Piglet Style!" From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Al Billings Date: Mon, 15 Mar 93 18:27:38 PST To: cypherpunks@toad.com Subject: Re: Threat of restoring the status quo In-Reply-To: Message-ID: <9303140515.AA07333@stein.u.washington.edu> MIME-Version: 1.0 Content-Type: text/plain Forwarded from news.admin.policy where this individual is threatning to set up a cancel message generating script to kill all posts from Julf's Anon Service. In article Richard Depew Hi David, > > I hope you don't mind my changing the title of this thread... I >didn't care for the one you were using: >Re: Threat of mass cancellings was Re: Anonymity is NOT the issue > > Tisk, tisk... you make it sound as if masses of postings are >threatened. Have you *looked* for anonymous postings in the "sci" >hierarchy? There are really very few. Only two, for Friday: ><1993Mar12.010241.2849@fuug.fi> ><1993Mar12.061727.9451@fuug.fi> > > The best time to put out a fire is while it is still small. :-) > >In article <1nq1f2INNfed@flash.pax.tpa.com.au> dclunie@pax.tpa.com.au writes: >[...] > >>I presume that cancel messages can be cancelled ... though I haven't >>experimented with this yet, but it looks like I might have to. In fact I >>think I will probably just turn off response to cancel messages totally if >>you go ahead with this scheme, and I encourage other news administrators >>to do the same ... they were a bad kludge in the first place and still are. >>It seems to me they are rarely used for other than controversial purposes >>like you are proposing (I don't like other people's postings so I won't let >>anyone else read them). > > That (disabling cancel messages) would be unfortunate. They have >many legitimate uses. Cancelling inappropriate postings is one of >these legitimate uses. Controversial, sure, but my reason for >activating the Automated Retroactive Minimal Moderation script, if >Julf remains unwilling to accept any compromise, is simply to >demonstrate that the status quo with regards to anonymous postings from >a particular site *can* be effectively enforced. As I have said many >times before, I do *not* object to anonymous postings in newsgroups >that invite them. However, I think it *is* important to demonstrate >that USENET *does* have a defense against a self-styled cyberpunk >who refuses to cooperate with the rest of the net. Whether USENET can >find the *will* to oppose him remains an open question. I simply >intend a brief demonstration of one defense mechanism. > >>I really think you are getting carried away with a non-issue here, and >>inflamming the situation is going to make you extremely unpopular, and >>undoubtedly start a "cancelling war" at the very least. > > The issue of an irresponsible system administrator trying to >impose his anonymous server on readers of thousands of newsgroups is >not a trivial one. My proposal to restore the status quo in a >hierarchy that has protested anonymous postings may not make me >popular with anonymous posters, but I haven't seen a single message >claiming that any sci newsgroup has invited anonymous postings. If >there is to be a "cancelling war", it will be very brief. If I >activate the ARMM script, it will only be for the weekend. > >>No-one has appointed you as the moderator of all the non-alt groups >>retrospectively or otherwise, and no-one is likely to appoint anyone else >>in such a position either. > > You are right, no one has appointed me to the post of >minimal-moderator. It is a volunteer position with, I assure you, >miserable fringe benefits. I will gladly relinquish the position when >the opportunity arises. :-) > >[...] >>> There shouldn't be much controversy over this, but there will be >>> anyhow. :-) >> >>There should be and there will be ... you are way out of line here Richard, >>regardless of how many smileys you tack on the end of your message. > > No. It is Julf who is way out of line here... and has been for >four months, now. He has finally met someone who has gotten fed up >with his silly game, and is willing to call his bluff. > >>I hope you are prepared to take responsibility for what is going to happen >>to your institution's news and mail servers if you go ahead with this plan. > > I hope you didn't mean that the way it reads... as a threat. I >thought you were more responsible than that. Perhaps I am wrong. You >*have* been one of Julf's strongest supporters in this newsgroup, >urging him to ignore the advice of the experienced news administrators >in this group. To date, this has been an argument between, if not >friends, then at least respected opponents. Most of us have the best >interests of the net in mind, agree that anonymous postings have their >place, and agree that cooperative anarchy is a wonderful experiment. >You may not like my "Automated Retroactive Minimal Moderation" script, >but you must at least admit that it is simply an automated version of >moderation - a well-accepted practice in newsgroups that want to keep >an acceptable signal/noise ratio. You may protest that I have >bypassed the usual mechanisms for establishing moderation, and you >would be right. I have brused some USENET traditions while trying to >protect others. However, threats against the integrity of internet >sites are a far more serious matter. I sent a long note to the >system administrators of my feed site, explaining my proposal and >pointing out some of the threats that might affect them. We then >had a long talk. They were, as you might expect, less than thrilled >at my rash proposal, which received a decidedly mixed reception. They >were even less thrilled at the prospect of being the recipient of >denial-of service attacks. They will take any such attacks seriously, >indeed. > >[...] >>I am sure you don't want to become Usenet's next "J Palmer" in terms of >>reputation. (This is reference is becoming a bit like the "who is John Galt ?") > > Glad to see you haven't lost your sense of humor. :-) > >Regards, >Dick >-- >Richard E. Depew, Munroe Falls, OH red@redpoll.neoucom.edu >"Leap years are a pain; the earth should be stabilised." - Geoff Collyer > and Mark Moraes in getabsdate.3 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Al Billings Date: Mon, 15 Mar 93 18:27:34 PST To: cypherpunks@toad.com Subject: Re: warning to "sci" anonymous posters Message-ID: <9303140519.AA07710@stein.u.washington.edu> MIME-Version: 1.0 Content-Type: text/plain This is another message on the Cancel Message Generator issue in news.admin.policy. In article Richard Depew As I promised yesterday, I emailed each recent anonomous poster >in the "sci" hierarchy a note explaining what may happen this >weekend. > >Dick >=-=-=-=-=-=-=-=-= >Dear anonymous poster, > > You may not be aware of the discussion in news.admin.policy >concerning the propriety of posting anonymously to newsgroups which >have not invited such postings. As someone who has posted anonymously >to the "sci" hierarchy recently, you should read it. > > I am writing to inform you that if Julf, admin@anon.penet.fi, >does not soon block anonymous postings to the "sci" hierarchy, then >I will activate an "Automated Retroactive Minimal Moderation" script >that will cancel postings to this hierarchy from his server. This is >intended to restore the pre-Julf status quo, at least temporarily, >over the weekend. > > Rest assured that there is nothing personal in this. I have not >read your postings, and I have no reason to believe that they were out >of line in any way other than being anonymous. I have nothing against >anonymous postings to groups that have decided to accept such >postings, nor do I object to any newsgroup deciding to do this. I >*do* object to Julf's permitting his server to post to newsgroups >without any effort to determine whether the readers of those newsgroups >want to permit anonymous postings. > > You have several possible courses of action if you wish to post >to the "sci" hierarchy while the "Automated Retroactive Minimal >Moderation" is in effect: > >*1 convince Julf to accept the "Petersen Proposal" for default > settings for different hierarchies. I promise to turn off the > ARMM script as soon as I hear that he will do this (or anything > reasonably responsive). > >*2 convince the readers of the newsgroup to which you want to post > that anonymous postings should be accepted in that newsgroup. > I can think of several valid reasons that may prompt such a desire, > but the decision should be made by the readers of the newsgroup, not > imposed by a single person such as Julf, or me. I promise to > abide by whatever decision the newsgroup makes. This does not > need to be a formal vote. A straw vote with a clear majority will > suffice. > >*3 have a friend post for you, use a different anonymous server, > or, if all else fails, post under your own name. People used to > do this, you know. :-) > > If none of these suit you, then simply be patient, and wait until >Monday. I intend to run ARMM, if I run it at all, for less than 48 >hours... this time. This is merely intended to be a demonstration >that an effective enforcement mechanism for blocking postings from a >particular site can work. > > I apologize in advance for any inconvenience this may cause you. >My argument is with Julf and is about the default setting for entire >hierarchies; it is not with you or your particular postings. > >Sincerely, >Dick Depew >=-=-=-=-=-=-=-=-= >-- >Richard E. Depew, Munroe Falls, OH red@redpoll.neoucom.edu >"Leap years are a pain; the earth should be stabilised." - Geoff Collyer > and Mark Moraes in getabsdate.3 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Doug Humphrey Date: Mon, 15 Mar 93 18:27:29 PST To: cypherpunks@toad.com Subject: [detecting interesting lines to look at] Message-ID: <199303140418.AA28175@access> MIME-Version: 1.0 Content-Type: text/plain > And don't tell me they can > build computers that can distinguish between a PGP file transmission > and some > hormone crazed 15 year old dork downloading the latest GIF of Cindy Crawford > or a ZIPed ware. I've looked at hexdumps of GIFs and ZIPs and for all > practical purposes they look about as random as PGP data. If the NSA > can build a parellel computer that scans all the trunks in the U.S. > simultaneously AND can tell the difference between PGP streams and ZIP/GIF > file data streams, then I just might as well go and shoot myself right > now. > >Er.... you might want to get your gun out..... the middle of hexdumps of >GIF's and ZIP's and PGP files may look the same, but the file headers >are quite distinguishing. If you want to hide encrypted data, each >person needs to find their own way of doing it ---- if everyone hides it >in the low bits of a GIF file, it would be very simple for the NSA to >scan GIF files to see if the low bits looked like the header of a PGP >file..... To some extent, this discussion is ignoring the importance of "context". Yes, if you have to do detailed searches of the data traveling down a million lines, you are likely to fail. That is why you don't do it. What you DO is look for things that look out of the ordinary, things that alone would look fine, but within a given context would look wrong, and then search those exception cases in more detail. Example, someone comes up with a way that voice looks just like fax from the data spectrum standpoint. Great, no way that anyone can scan the line and figure out, in the few seconds that they are scanning, that what they are seeing is really voice. So, you attack it by looking at connection records, and looking for what looks like fax machines from the data standpoint, but seems to have a usage record (times of day, duration of calls, time between retrys, etc) of telephones. Remember, even though the technology has changed, the end users of it have not, and the end users are the ones that you are looking for, the ones who are setting up the usage records. So, they now have a catagory of "fax machines that behave like fax machines" and "fax machines that behave like phones". Wonder which ones they will use the Special Equipment on, eh? Same goes for PGP vs. GIFS. The guy moving 4k long GIFS is the guy moving the PGP stuff that looks like GIFS. It doesn't nail all of the possible uses, but this is all a game of the odds anyway, and in the long run the usage patterns, the more meta data, can give people good clues to work with. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc.Ringuette@GS80.SP.CS.CMU.EDU Date: Mon, 15 Mar 93 18:27:43 PST To: cypherpunks@toad.com Subject: Community standards for email anonymity Message-ID: <9303141011.AA05636@cygnus.com> MIME-Version: 1.0 Content-Type: text/plain Good point, Ted, what we're after is some "community standards" for cyberspace, and what I'm suggesting is the fairly libertarian standard that goes like this: Prefer technological solutions and self-protection solutions over rule-making, where they are feasible. This is based on the notion that the more rules there are, the more people will call for the "net police" to enforce them. If we can encourage community standards which emphasize a prudent level of self-protection, then we'll be able to make do with fewer rules and a less intrusive level of policing. Some more specific versions of this: Self-protection Protection via rules --------------- -------------------- "Don't read the newsgroup Forbid all newsgroups which a if it offends you" reasonable person would find offensive. Allow anonymous posting Use software to Forbid all in all newsgroups; use allow anonymity in anonymous posting. information filters. some groups only. Handle volume bombs by Track down volume bombs using digital postage and and disconnect the offender. information filters. Trace harrassing notes to Tell people to just ignore or filter the source. out harrassing material. I guess it's a matter of preference. I wonder if it's asking too much to achieve general agreement among us cypherpunks? -- Marc Ringuette (mnr@cs.cmu.edu) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: edgar@spectrx.Saigon.COM (Edgar W. Swank) Date: Mon, 15 Mar 93 18:27:48 PST To: Cypherpunks Subject: PGP: PGP & WAFFLE?? Message-ID: MIME-Version: 1.0 Content-Type: text/plain The SYSOP of this system posted the following enquiry to me: I've heard that there is a program to allow pgp stuff online with waffle; if you know of such a thing, please point me towards it. I'd like to be able to secure this site for people who want it. I haven't heard of any such program, but if you have, please reply by E-mail to edgar@spectrx.saigon.com (Edgar W. Swank) -- edgar@spectrx.saigon.com (Edgar W. Swank) SPECTROX SYSTEMS +1.408.252.1005 Silicon Valley, Ca From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter shipley Date: Mon, 15 Mar 93 18:27:54 PST To: cypherpunks@toad.com Subject: soda.berkeley.edu Message-ID: <9303150746.AA10775@merde.dis.org> MIME-Version: 1.0 Content-Type: text/x-pgp -----BEGIN PGP SIGNED MESSAGE----- fyi: soda just had yet another disk crash, thus anonymous ftp and some remailers will not be avalible for a "while". -Pete -----BEGIN PGP SIGNATURE----- Version: 2.2 iQBFAgUBK6Q0Tshmn7GUWLLFAQFk6wF9H7sLT/bPi+dMy1gRu5FMBAM1H6AJFZ9F oCe/ba1i9VM2QSwF/TAtA4EvjddvpOl4 =zeUe -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wixer!pacoid@cactus.org (Paco Xander Nathan) Date: Mon, 15 Mar 93 18:28:45 PST To: fringeware@wixer.cactus.org Subject: We have a verdict. (fwd) Message-ID: <9303150755.AA27651@wixer> MIME-Version: 1.0 Content-Type: text/plain For Lists That Care About Computer Privacy: In case you didn't catch this elsewheres.. I've been covering the SJG vs. SS trial for certain magazines. Hopefully you'll be able to read soon an in-depth, first hand account of the fiasco our paid officials attempted to conduct during the SS trial. The bueno news is that individuals and small companies can actually sue the US Fed govt for privacy violations, and win. Judge Sparks didn't give a whole lot of airplay to the *damages* sustained, but this is an important step forward. The flood gates are opened.. pxn. ---- Forwarded message: > From cs.utexas.edu!tic.com!sjackson@cactus.org Sun Mar 14 16:25:06 1993 > Date: Sun, 14 Mar 93 15:05:19 -0600 > From: tic.com!sjackson@cactus.org (Steve Jackson) > Message-Id: <9303142105.AA17568@aahsa.tic.com> > To: ... > Subject: We have a verdict. > > We won. > > Pete Kennedy, our attorney at George, Donaldson & Ford, called me > with the news about 3:30 today. Apparently the decision came in late > Friday while Pete was at the CFP. > > The judge ruled for us on both the PPA and ECPA, though he says that > taking the computer out the door was not an "interception." (I have not > read the decision yet, so no quotes here.) > > He awarded damages of $1,000 per plaintiff under the ECPA. > > Under the PPA, he awarded SJ Games $42,259 for lost profits in 1990, and > out of pocket costs of $8,781. > > Our attorneys are also entitled to submit a request for their costs. > > No word on appeal yet. > > Look for a more complete and coherent account after we all read > the decision. > > Please copy this announcement to all electronic and other media. > > Thanks for your support through all this! From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu@cygnus.com Date: Mon, 15 Mar 93 18:29:01 PST To: cypherpunks@toad.com Subject: crypto poem Message-ID: <9303151811.AA15886@cygnus.com> MIME-Version: 1.0 Content-Type: text/plain To: rms@ai.mit.edu Subject: crypto poem From: pgut1@cs.aukuni.ac.nz Date: Sun, 14 Mar 93 15:17:29 -0800 Subject: And now for something completely different... PGP or not PGP (from Hamlet Act III Scene I) -------------- PGP or not PGP - that is the question Whether 'tis nobler in the mind to suffer The slings and arrows of outrageous patents, Or to take arms against a sea of lawyers, And by encrypting end them? To crypt, to sign No more; and by a program to say we end The patents and the export restrictions That RSA is heir to - 'tis a consummation. Devoutly to be wish'd. To crypt, to sign. To crypt - perchance to pem-code: aye, there's the rub! For in that test of wills what lawyers may come When we have shuffled off this PGP business, Must give us pause. There's the respect that makes calamity of such legal restrictions. For who would bear the whips and scorns of Leavenworth Th'patent systems wrong, the export laws worse, The pangs of despis'd lawyers, the NSA's delay, The insolence of Sternlight, and the spurns That patient usage of PGP takes When he himself might his quietus make with PEM? Who would this program bear, To grunt and sweat under a weary system, But that the dread of something after PEM The undiscover'd country, from whose bourne No cryptographer returns -- puzzles the will, And makes us rather bear those ills we have Than fly to others that we know not of? Thus conscience does make cowards of us all, And thus the native hue of resolution Is sicklied o'er with the pale cast of thought, And enterprises of great pith and moment With this regard their currents turn awry And lose the name of action. - Apologies to Bill Shakespeare From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Anonymous Date: Tue Sep 07 12:37:43 1999 Subject: No Subject Message-ID: MIME-Version: 1.0 Content-Type: text/plain Bill Sommerfeld writes: >For a good time, read the sections from "The Codebreakers" regarding >what kind of lengths war-time censors went through to foil >steganography. > >In this day & age, rearranging the spacing of messages "just for the >heck of it" would be a rather obvious equivalent to what they did back >then (BITNET does things like this today just out of sheer >perversity). So would scrambling the low-order bits of a sound file. Good reminder that the opponents may try to foil (or detect) such schemes. Fortunately, signing such messages will presumably not be illegal (we hope!) and so alterations will show up immediately and cause howls of protest. -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Al Whaley Date: Mon, 15 Mar 93 21:33:28 PST To: cypherpunks@toad.com Subject: volunteers and standards Message-ID: <199303160532.AA19680@snyside.sunnyside.com> MIME-Version: 1.0 Content-Type: text/plain I apologize for sending this broadly for it will not apply to most of you who work with and understand the meaning of standards... If a person sticks his/her neck out to let you volunteer for a desirable event, and you don't hold up your end of the bargain, you can expect your own treatment back in the future. Anyone wanting to receive a scholarship or volunteer for the Computers, Freedom and Privacy '94 conference should please contact George Trubow at g.trubow@compmail.com He'll also have a WELL account soon. I suggest that he's not facile with email yet, so you're welcome to copy me with your notes and I'll also make sure he gets them for now. Despite controversy about its cost, it will continue to cost about the same amount next year as this year, with the probable exception of adding student rates (yes, you'll have to be full time at some school/university/college). Thanks. judi -- Al Whaley al@sunnyside.com +1-415 322-5411(Tel), -6481 (Fax) Sunnyside Computing, Inc., PO Box 299, Palo Alto, CA 94302 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Theodore Ts'o Date: Mon, 15 Mar 93 20:32:03 PST To: Marc.Ringuette@GS80.SP.CS.CMU.EDU Subject: Re: Community standards for email anonymity In-Reply-To: <9303141011.AA05636@cygnus.com> Message-ID: <9303160430.AA10106@SOS> MIME-Version: 1.0 Content-Type: text/plain Date: Sun, 14 Mar 1993 03:27-EST From: Marc.Ringuette@GS80.SP.CS.CMU.EDU Self-protection Protection via rules --------------- -------------------- Allow anonymous posting Use software to Forbid all in all newsgroups; use allow anonymity in anonymous posting. information filters. some groups only. Handle volume bombs by Track down volume bombs using digital postage and and disconnect the offender. information filters. There's only one problem.... information filters and digital postage are not widely available right now, and will probably not be widely used for a long time. And while digital postage sounds nice, as long as once remailer site doesn't require digital postage, twits will still be able to perform volume bombs. So until the majority of the people reading USENET have the means of self-protection, is it unreasonable to that people get protected via some set of rules? You say that what you suggesting is a "Libertarian standard"; yet even the most rabid Libertarians believe in having rules against murder, and violence, instead of claiming that everyone must train themselves in martial arts so they can defend themselves..... - Ted From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: David L Racette Date: Tue, 16 Mar 93 04:28:28 PST To: Pat Farrell Subject: Re: alternate US site for pgp22 In-Reply-To: <51920.pfarrell@cs.gmu.edu> Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Sat, 13 Mar 1993, Pat Farrell wrote: > Can someone point me to another US FTP site with PGP22. I've downloaded > it a couple of times from soda.berkeley.edu, and can't get it unzipped. > I've tried all known combinarions of binary, non-binary, etc. > The file, once it reaches my PC is 209409 but pkunzip 204g says it is > broken. If I use pkzipfix, I can get some of the files, docs, keyserver, > etc. but it always fails with a CRC error on or after > exploding LANGUAGE.TXT > > One piece of tech info: I have to FTP to a SUN server, and then > use Kermit to bring the file to my PC. This has worked many times for > many other files, but there could be some user error in here. > I had no problems with the version at soda using pkunzip v204g. Worked the first time. Dave From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: hughes (Eric Hughes) Date: Tue, 16 Mar 93 09:32:07 PST To: cypherpunks@toad.com Subject: the recent mailing list flames Message-ID: <9303161732.AA07066@toad.com> MIME-Version: 1.0 Content-Type: text/plain A word from your list maintainer. Some people have no patience. I was at CFP for three days last week, soda has crashed twice (and is still down as of this writing), I've had house guests. I just this morning finished all the pending list requests. (All the deletions I did yesterday.) One of the two loud complainers, mbrennan@netcom.com, had actually doubled subscribed himself to the list. I had already removed him once, so I thought; I had moved him over to the -announce list. Since we don't believe in security by obscurity here, the following will generate a mail bomb for the next time _you_ want to be an asshole: yes "UNSUBSCRIBE ME\!\!\!" | head -30000 The program 'yes' (be repetitively affirmative) goes into an infinite loop printing its argument. When the pipe buffer fills up, the kernal blocks the 'yes' process and invokes 'head', which partially empties the buffer; 'yes' refills it. This goes on until 'head' has seen enough lines and terminates and closes the pipe. Closing the pipe then causes 'yes' to terminate. So even though 'yes' is nominally an infinite loop, when bound to a pipe and to a program which accepts a bounded number of lines, it stops being an infinite loop. I consider this clever. Enjoy, but do not deploy this one. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: hughes (Eric Hughes) Date: Tue, 16 Mar 93 09:34:20 PST To: cypherpunks@toad.com Subject: news.admin.policy: A Report From the Front In-Reply-To: <9303161607.AA25953@anon.penet.fi> Message-ID: <9303161734.AA07151@toad.com> MIME-Version: 1.0 Content-Type: text/plain As far as this automatic cancelling business goes, what can be automatically cancelled can also be automatically regenerated. Who here has been in such a news war and has software already written? Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: an5877@anon.penet.fi (deadbeat) Date: Tue, 16 Mar 93 09:11:23 PST To: cypherpunks@toad.com Subject: news.admin.policy: A Report From the Front Message-ID: <9303161607.AA25953@anon.penet.fi> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- The good guys are beginning to prevail in the news.admin.policy battle over pseudonymous postings, aided in no small part by the opposition, one of whom began unilaterally cancelling articles by nyms. This tactical blunder produced a firestorm of protest and brought in fresh voices eager to speak out on the side of privacy and freedom of expression. We need to continue to weigh in on the side of pseudonymous postings. Perhaps the most constructive approach is to do so pseudonymously! DEADBEAT -----BEGIN PGP SIGNATURE----- Version: 2.2 iQBFAgUBK6X6HPFZTpBW/B35AQFOJgF9Fk/bNUE1cgl2vKJgFJCWg+1KDIqyeVtS ferduPOhXxNrdwyHWvx4vm+vIWKvdVEO =QHmk -----END PGP SIGNATURE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help@anon.penet.fi. Due to the double-blind system, any replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin@anon.penet.fi. *IMPORTANT server security update*, mail to update@anon.penet.fi for details. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Derek Atkins Date: Tue, 16 Mar 93 09:56:33 PST To: hughes@toad.com (Eric Hughes) Subject: Re: news.admin.policy: A Report From the Front In-Reply-To: <9303161734.AA07151@toad.com> Message-ID: <9303161755.AA14876@deathtongue.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- > As far as this automatic cancelling business goes, what can be > automatically cancelled can also be automatically regenerated. > > Who here has been in such a news war and has software already written? > > Eric While I agree with you in spirit, I think this would be a bad move. We don't want to get into a news war. We want people to listen to us. The best was to sway people to our side, especially when there are others who are pissing people off, is to keep a calm head and stature. The more that that other person pisses off the news admins, the more they will be willing to listen to our side. If we rush head-long and get into an all-out news war, then those same admins might not listen to us as intently as they would if we stay cool and calm. Please, no news wars. It can only hurt our cause! - -derek PGP 2 key available upon request on the key-server: pgp-public-keys@toxicwaste.mit.edu - -- Derek Atkins, MIT '93, Electrical Engineering and Computer Science Secretary, MIT Student Information Processing Board (SIPB) MIT Media Laboratory, Speech Research Group warlord@MIT.EDU PP-ASEL N1NWH -----BEGIN PGP SIGNATURE----- Version: 2.2 iQBuAgUBK6YUZTh0K1zBsGrxAQEvIgLFEQM+XkIlgkZWFPz25Ic3wRYKOMPYTDF5 6rVn1zOYppNZ/37BHBFzEvIGWI8X4wX+mBgzIxzi/NmNKlUrm1/EMPzI0OyZPqOS yoQClw/n1D1XDw7Ofxnr17M= =DBN5 -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Chris Hibbert Date: Wed, 17 Mar 93 01:03:39 PST To: Nickey MacDonald Subject: Re: [cleaned-up] University Policies In-Reply-To: Message-ID: <9303162224.AA18391@entropy.memex.com> MIME-Version: 1.0 Content-Type: text/plain POLICIES The computing and communication systems at the University of New Brunswick are intended to be used in a manner that is supportive of the University's objectives. All constituents of the University are able to apply to use the university's computing facilities. When that privilege is granted (e.g., when an account is issued), it is granted with the understanding that the use of the computing system will correspond to the purpose(s) stated in the request. At the University of New Brunswick Computing Services Department, internal customers (students, faculty and staff) are not personally billed for use but are held personally responsible for use made of their accounts. Certain practices are considered a misuse of university property. Examples of such misuse are the use of any part of the computing system for personal or corporate profit, or to provide free resources to unauthorized persons. The following policies govern the use of the University of New Brunswick Computing Services Department facilities: 1. No person or persons shall use the facilities of the University Computing Services Department without due authorization by Computing Services. 2. Every allocation of computing resources is made on the understanding that it is to be used only for the purpose for which it was requested and only by the person or persons by whom or on whose behalf the request was made. Use shall not be made of computing resources allocated to another person or group unless such use has been specifically authorized by Computing Services. 3. No person or persons shall by any wilful or deliberate act jeopardize the integrity of computing equipment, networks, programs, or other stored information. 4. Persons authorized to use computing and communication resources shall be expected to treat as privileged, any information not provided or generated personally which may become available to them through their use of these resources; they shall not copy, modify, disseminate, or use any part of such information without permission of the appropriate person or body. 5. Improper use of Computing Services may result in withdrawal of access privileges or other penalties. The following (but not limited to the following) may be considered improper: * Frivolous use of any workstation, computer or network. * Inspection of data or functions which are neither allotted to the inspector, nor specified as public. * Inspection of data which have to do with utilization, authorization or security. * Modification of data which are not specifically assigned to or created by the modifier. * Use of another's account. * Interference with other persons accessing the systems, networks or equipment. * Destruction of data or property which is not owned by the destroyer. * Attempting to gain access to another's resources, programs, or data. * Use of another's programs or data without their permission. * Sending obscene or vulgar messages. * Abusive or destructive use of hardware or public software. * Use of the facilities for personal or corporate gain without an external account. Examples of such use include producing invitations, posters, personal correspondence, etc., and the sale of computer programs or results developed under an internal account. 6. Customers are expected to: a. Be responsible for the use of their computer accounts. They should make appropriate use of system provided security features and take precautions against others obtaining access to their computing resources. b. Refrain from engaging in deliberately wasteful practices such as: * unnecessary holding of workstations or telecommunications lines; * producing unnecessarily large printer listings; * performing unnecessary computations; * creating and retaining unnecessarily large files; * unnecessary holding of peripheral equipment. c. Utilize efficient and effective techniques for program execution. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jordan@imsi.com (Jordan Hayes) Date: Tue, 16 Mar 93 16:23:36 PST To: cypherpunks@toad.com Subject: Re: news.admin.policy: A Report From the Front Message-ID: <9303162033.AA23984@IMSI.COM> MIME-Version: 1.0 Content-Type: text/plain >>> Who here has been in such a news war ... I was involved in a slightly different news war a few years ago. I was being harrassed by a particularly prolific news poster (at one point he represented nearly 9% of the total USENET weekly volume), and it turned out that I was running a site that had an NNTP feed to his site. I talked with the admin there, found out their fan-out plan, and made sure that anything I got from them got fanned out as soon as possible. Except I would modify the message in subtle ways, like change the attribution line from something like From: john@somesite.net (John Q. Public) to From: john@somesite.net (Wimpy Math Grad Student) Anyway, I was able to make my version of his postings "the" version by hitting all the other sites his site fanned out to first. It was fun for a while until he found out and tried to mail bomb me. Fortunately, I was around when it started, and put a reflector in to send his bombs back automatically piece by piece. His machine was a lowly VAX 750 running some backwater rev of 4.3 alpha-alpha, and sendmail promptly sent the load to 40 and crashed the machine. His PhD advisor was not amused. /jordan From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Wed, 17 Mar 93 09:13:15 PST To: cypherpunks@toad.com Subject: CYPHERPUNKS=EMAIL HARASSEMENT? In-Reply-To: <930312075344_74076.1041_DHJ35-2@CompuServe.COM> Message-ID: <9303171709.AA06397@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >So how many days, exactly, have people waited for response from >cypherpunks-request before giving up and posting to the list? Just >one or two, or are we talking weeks here? Most of the unsubscribe message that have gone out over the list in the last month are the _first_ messages sent out by people. Therefore, let me repeat this. To unsubscribe from the list, send mail to cypherpunks-request@toad.com A human, namely me, Eric Hughes, will read your mail and take appropriate response. Do not expect immediate answers; I am not a program. If you send to the whole list asking to be removed, I will send you a piece of junk mail (with the above info in it) and ignore your request. I don't do maintenance for the list on the same account as I read mail. Thanks you all. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Wed, 17 Mar 93 09:39:05 PST To: cypherpunks@toad.com Subject: The new welcome message, for your general information Message-ID: <9303171735.AA08132@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain I've changed the welcome message for the list to update it with the ftp site, and other changes. I would like everyone to take a glance at this. I've written down some of the mailing list policies that have been _de facto_. Please reply to me if you have any questions. Eric ----------------------------------------------------------------------------- You have been added to the cypherpunks mailing list. The cypherpunks list is a forum for discussing personal defenses for privacy in the digital domain. It is a high volume mailing list. If you want to be added or removed from the list, send mail to cypherpunks-request@toad.com There is no automated list processing software; a human (me, Eric Hughes) will read your message and take the appropriate action. If you get two of these welcome messages, it likely means you've double subscribed and will have trouble getting off the list. Send mail to the above address and tell me if this happens. Do not expect instant turnaround. Remember, a human is looking at your requests, not a program. I try to do list maintenance every other day or so, but sometimes the delays are longer. Do not mail to the whole list asking to be removed. You'll just get the members of the list thinking you're a newbie and you'll get a note from me telling you to send mail the the -request address. If your mail bounces repeatedly, you will be removed from the list. Nothing personal, but I have to look at all the bounce messages. There is no digest version available. There is an announcements list which is moderated and has low volume. Announcements for physical cypherpunks meetings, new software and important developments will be posted there. Mail to cypherpunks-announce-request@toad.com if you want to be added or removed to the announce list. All announcements also go out to the full cypherpunks list, so there is no need to subscribe to both. There is an ftp site for cypherpunks. It is soda.berkeley.edu:pub/cypherpunks This site contains code, information, rants, and other miscellany. There is a glossary there that all new members should download and read. Also recommended for all users are Hal Finney's instructions on how to use the anonymous remailer system; the remailer sources are there for the perl-literate. Enjoy and deploy. Eric ----------------------------------------------------------------------------- Cypherpunks assume privacy is a good thing and wish there were more of it. Cypherpunks acknowledge that those who want privacy must create it for themselves and not expect governments, corporations, or other large, faceless organizations to grant them privacy out of beneficence. Cypherpunks know that people have been creating their own privacy for centuries with whispers, envelopes, closed doors, and couriers. Cypherpunks do not seek to prevent other people from speaking about their experiences or their opinions. The most important means to the defense of privacy is encryption. To encrypt is to indicate the desire for privacy. But to encrypt with weak cryptography is to indicate not too much desire for privacy. Cypherpunks hope that all people desiring privacy will learn how best to defend it. Cypherpunks are therefore devoted to cryptography. Cypherpunks wish to learn about it, to teach it, to implement it, and to make more of it. Cypherpunks know that cryptographic protocols make social structures. Cypherpunks know how to attack a system and how to defend it. Cypherpunks know just how hard it is to make good cryptosystems. Cypherpunks love to practice. They love to play with public key cryptography. They love to play with anonymous and pseudonymous mail forwarding and delivery. They love to play with DC-nets. They love to play with secure communications of all kinds. Cypherpunks write code. They know that someone has to write code to defend privacy, and since it's their privacy, they're going to write it. Cypherpunks publish their code so that their fellow cypherpunks may practice and play with it. Cypherpunks realize that security is not built in a day and are patient with incremental progress. Cypherpunks don't care if you don't like the software they write. Cypherpunks know that software can't be destroyed. Cypherpunks know that a widely dispersed system can't be shut down. Cypherpunks will make the networks safe for privacy. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: robichau@lambda.msfc.nasa.gov (Paul Robichaux) Date: Wed, 17 Mar 93 07:39:23 PST To: cypherpunks@toad.com Subject: PGP: Mac PGP 2.2 available at UMich ftp Message-ID: <9303171537.AA28125@lambda.msfc.nasa.gov.msfc.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain v2.2 of PGP for the Macintosh is available for anonymous FTP at the University of Michigan archives (mac.archive.umich.edu or 141.211.32.2) in /mac/util/encryption. Enjoy and deploy, -Paul -- Paul Robichaux, KD4JZG | May explode if disposed of improperly. Mission Software Development Div. | I'm not white- I'm Euro-American. New Technology, Inc. | RIPEM key on request. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Wed, 17 Mar 93 11:49:09 PST To: cypherpunks@toad.com Subject: HUMOR: Manifesto anyone? Message-ID: <9303171945.AA17870@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain I got the following message in my inbox today: >I saw news of your "A Cypherpunk's Manifesto" on AppleLink today. Is there a >chance you can e-mail me a copy (un-encrypted please)??? Hmm. The thought of sending out encrypted manifestos... I suppose we could proselyte the NSA. This one sounds like prime list member material, no? Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Wed, 17 Mar 93 11:54:59 PST To: cypherpunks@toad.com Subject: RANTS: A Cypherpunk's Manifesto Message-ID: <9303171951.AA18216@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain I've been meaning to write up a longer version of the welcome message text for some time now. I took the opportunity to do so before the Computers, Freedom, and Privacy Conference. I made up 300 paper copies of this for distribution on the literature table. All but a couple dozen remained at the end of three days. So then, this is my _real_ manifesto. I took all the good lines out of the previous version and added more. I hope you enjoy it. It's available on the ftp site in the rants/ directory. Eric ----------------------------------------------------------------------------- A Cypherpunk's Manifesto by Eric Hughes Privacy is necessary for an open society in the electronic age. Privacy is not secrecy. A private matter is something one doesn't want the whole world to know, but a secret matter is something one doesn't want anybody to know. Privacy is the power to selectively reveal oneself to the world. If two parties have some sort of dealings, then each has a memory of their interaction. Each party can speak about their own memory of this; how could anyone prevent it? One could pass laws against it, but the freedom of speech, even more than privacy, is fundamental to an open society; we seek not to restrict any speech at all. If many parties speak together in the same forum, each can speak to all the others and aggregate together knowledge about individuals and other parties. The power of electronic communications has enabled such group speech, and it will not go away merely because we might want it to. Since we desire privacy, we must ensure that each party to a transaction have knowledge only of that which is directly necessary for that transaction. Since any information can be spoken of, we must ensure that we reveal as little as possible. In most cases personal identity is not salient. When I purchase a magazine at a store and hand cash to the clerk, there is no need to know who I am. When I ask my electronic mail provider to send and receive messages, my provider need not know to whom I am speaking or what I am saying or what others are saying to me; my provider only need know how to get the message there and how much I owe them in fees. When my identity is revealed by the underlying mechanism of the transaction, I have no privacy. I cannot here selectively reveal myself; I must _always_ reveal myself. Therefore, privacy in an open society requires anonymous transaction systems. Until now, cash has been the primary such system. An anonymous transaction system is not a secret transaction system. An anonymous system empowers individuals to reveal their identity when desired and only when desired; this is the essence of privacy. Privacy in an open society also requires cryptography. If I say something, I want it heard only by those for whom I intend it. If the content of my speech is available to the world, I have no privacy. To encrypt is to indicate the desire for privacy, and to encrypt with weak cryptography is to indicate not too much desire for privacy. Furthermore, to reveal one's identity with assurance when the default is anonymity requires the cryptographic signature. We cannot expect governments, corporations, or other large, faceless organizations to grant us privacy out of their beneficence. It is to their advantage to speak of us, and we should expect that they will speak. To try to prevent their speech is to fight against the realities of information. Information does not just want to be free, it longs to be free. Information expands to fill the available storage space. Information is Rumor's younger, stronger cousin; Information is fleeter of foot, has more eyes, knows more, and understands less than Rumor. We must defend our own privacy if we expect to have any. We must come together and create systems which allow anonymous transactions to take place. People have been defending their own privacy for centuries with whispers, darkness, envelopes, closed doors, secret handshakes, and couriers. The technologies of the past did not allow for strong privacy, but electronic technologies do. We the Cypherpunks are dedicated to building anonymous systems. We are defending our privacy with cryptography, with anonymous mail forwarding systems, with digital signatures, and with electronic money. Cypherpunks write code. We know that someone has to write software to defend privacy, and since we can't get privacy unless we all do, we're going to write it. We publish our code so that our fellow Cypherpunks may practice and play with it. Our code is free for all to use, worldwide. We don't much care if you don't approve of the software we write. We know that software can't be destroyed and that a widely dispersed system can't be shut down. Cypherpunks deplore regulations on cryptography, for encryption is fundamentally a private act. The act of encryption, in fact, removes information from the public realm. Even laws against cryptography reach only so far as a nation's border and the arm of its violence. Cryptography will ineluctably spread over the whole globe, and with it the anonymous transactions systems that it makes possible. For privacy to be widespread it must be part of a social contract. People must come and together deploy these systems for the common good. Privacy only extends so far as the cooperation of one's fellows in society. We the Cypherpunks seek your questions and your concerns and hope we may engage you so that we do not deceive ourselves. We will not, however, be moved out of our course because some may disagree with our goals. The Cypherpunks are actively engaged in making the networks safer for privacy. Let us proceed together apace. Onward. Eric Hughes 9 March 1993 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Wed, 17 Mar 93 12:03:13 PST To: cypherpunks@toad.com Subject: ADMIN: ftp site Message-ID: <9303171959.AA18710@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain I've cleaned up the ftp site a bit, set read permissions on one file (oops), added a README, and generally made things more easy to use. The site, for those of you who do not yet know, is soda.berkeley.edu:pub/cypherpunks Here's a short intro: README an orientation primer crypto.ftp.sites/ a place for external pointers misc/ read, "I don't know where else this goes" pgp/ PGP 2.2 distribution, DOS, Unix, Mac rants/ for all those pesky manifestos that pop up remailer/ remailer code and instructions and tools welcome.message the welcome message to the list The site is yours to use. If there is something you'd like to see on the ftp site, let me know. If you have contributions, let me know. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Wed, 17 Mar 93 13:04:40 PST To: cypherpunks@toad.com Subject: pgp2.2 in cypherpunks Message-ID: <9303172100.AA23522@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain I obtained another copy of pgp22.zip for the cypherpunks archive site. The previous one was the same length, but had some difference buried in the middle. The new one seems fine. All those who had trouble might want to download it again. I also put up another copy of pgp22src.zip, since it left and I don't know where it went. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: root@rmsdell.ftl.fl.us (Yanek Martinson) Date: Wed, 17 Mar 93 17:03:02 PST To: cypherpunks@toad.com Subject: GOV: DMS PreMSP Message-ID: MIME-Version: 1.0 Content-Type: text/plain Forwarded message: > Date: Wed, 17 Mar 1993 15:10:53 -0500 > To: Markowitz@DOCKMASTER.NCSC.MIL > From: shirley@mitre.org (Robert W. Shirey) > Cc: pem-dev@TIS.COM > > In a previous message, I said: "Just as soon as I know for sure that > information on this subject [DMS PreMSP] is publicly releasable, I will > forward it or references to this list." Here are pointers to the > currently available public info. > > A Request For Information (RFI) was issued by the Air Force Standard > Systems Center, Gunter AFB,Al, on December 1992. (See "Commerce Business > Daily" for 17 December 1992.) This RFP concerns X.400 products for use > in the Defense Message System. In brief, DOD needs hundreds of thousands > (of units) of secure UAs over the next several years. > > In the RFI, there is publicly released information concerning Preliminary > Message Security Protocol (PMSP, or sometimes, PreMSP), which is to be > used for unclassified by sensitive information. PMSP is something that > exists. Do not expect it to interoperate with PEM. > > Saying "Pre" MSP implies there is a "real" MSP to come later. There is. > It comes from NSA's Secure Data Network System Program. SDNS and MSP > information is available from NIST, and decriptions are found in the > proceedings of the National Computer Security Conference and other major > security conferences in the last few years. (Perhaps someone will chime > in again with the NIST references, etc.) > > DMS security developments, including PMSP, will be addressed further by > an NSA representative at the AFCEA [Armed Forces Communications and > Electronics Association] DMS Symposium on 8 April. > > Regards, -Rob- > > Robert W. Shirey, The MITRE Corporation, Mail Stop Z202 > 7525 Colshire Dr., McLean, Virginia 22102-3481 USA > shirey@mitre.org * tel 703-883-7210 * fax 703-883-1397 > > --------------------------------------------------------------------------- > The following statement on MSP was released previously: > > Defense Information Systems Agency > Defense Network Systems Organization > > In reply Refer To: DISM 12 November 1991 > > MEMORANDUM FOR DEFENSE MESSAGE SYSTEM (DMS) MILITARY COMMUNICATIONS > ELECTRONICS BOARD (MCEB) COORDINATOR > > SUBJECT: Rationale for the Secure Data Network System (SDNS) Message > Security Protocol (MSP) for the DMS > > > 1. As a result of the Allied Message Handling (AMH) International Subject > Matter Experts (ISME) working group meeting held in March 1991, certain > actions regarding message security were tasked to the U.S. representatives. > These tasks include two information papers which address the U.S. intentions > to use MSP to provide required message security services. > > 2. The first of these papers, which addresses the rationale and near-term > interoperability issues for the use of MSP, is enclosed. We are forwarding > this paper to you, as the DMS MCEB Coordinator, for dissemination to the AMH > ISME membership. > > 3. This paper has also been forwarded to the Chairman, Data Communications > Protocol Standards (DCPS) Technical Management Panel (DTMP) for use in > resolving an Interoperability Resolution Process (IRP) issue regarding the DoD > position on the use of MSP. Both the AMH ISME and DTMP processes will be > worked as parallel efforts. > > 4. My point of contact for this effort is CPT(P) Wayne C. Deloria, DISA/DISMB, > (703)285-5232, DSN 346-5232. He can be reached through electronic mail at > DELORIAW@IMO-UVAX.DCA.MIL. Please do not hesitate to contact him with any > question regarding this matter. > > > Enclosure a/s THOMAS W. CLARKE, Chief > DMS Coordination Division > > cc: DMS Coordinators > > > 22 October 1991 > > THE DEFENSE MESSAGE SYSTEM (DMS) > MESSAGE SECURITY PROTOCOL AND ALLIED INTEROPERABILITY > > > 1. Introduction > > The Defense Message System (DMS) Program has adopted Message Security > Protocol (MSP) as the target security protection mechanism for all DMS > organizational and individual message traffic. MSP was developed under the > auspices of the Secure Data Network System (SDNS) Program concurrent with > international development of the CCITT X.400 1988 Recommendation. SDNS MSP > and 1988 X.400 offer a similar set of security services. However, the two > approaches diverge in certain areas, due to differing priorities and > requirements, and the operational environment of the U.S. Department of > Defense (DoD). The purpose of this paper is to define the principal points of > departure, provide rationale for U.S. use of MSP, and to provide a framework > for agreement on near term messaging interoperability. > > 2. Rationale for Use of MSP > > While the security services provided by MSP are similar to the 1988 X.400 > Recommendation, the divergence in their implementation introduces > incompatibilities between the two strategies. Following is U.S. rationale for > use of MSP. > > 2.1 High Level of Assurance: DMS provides secure automated store-and- > forward message service to meet the operational requirements of the U.S. DoD. > The DMS conveys information ranging from unclassified to the most sensitive > classifications and compartments, requiring very high levels of assurance > throughout the system. While few, if any, individual User Agents (UAs) will > handle this entire range, many will handle more than one, and therefore > require a high degree of trust. MSP provides high assurance in the areas of > implementation strategy, access control, content security, and use of > commercially available products and services. > > 2.1.1 Implementation Strategy. To achieve a high level of assurance, > MSP was designed to provide separation of message security from message > processing, and to facilitate a certifiable and accreditable implementation. > By implementing the MSP security services in a separate protocol sub-layer, a > multi-level secure (MLS) architecture can follow conventional approaches in > the design of certifiable systems. The MSP approach depends upon creating a > small nucleus of "trusted" software, implemented as an adjunct to the UA, that > interacts with multiple, single-level instantiations of more complex software, > e.g., text editors and communications protocols. Further, placing the > security services at the end system (originator/recipient) is consistent with > the principle of "least privilege", which requires security processes in a > system to grant only the most restrictive set of privileges necessary to > perform authorized tasks. > > 1 > > > 22 October 1991 > > 2.1.2 Access Control. The approach to access control adopted by MSP > places access control decisions in a separate process within the originator > and recipient UAs, providing a higher level of assurance for this service. > This high level of assurance is supported by detailed security design analyses > performed on various MSP prototype implementations. > > 2.1.2.1 MSP access control decisions are made as part of message > preparation and release, and as part of the processing of a received message. > End system (UA) responsibility for access control is a cornerstone of the MSP > security architecture. The access control decision relies on authorization > information contained in multiple certificates. These certificates provide > extended resolution for access control decisions and are further protected by > cryptography at the UA. Consequently, no access control message security > requirements are levied on the Message Transfer Agents (MTAs). > > 2.1.2.2 In contrast, 1988 X.400 access control decisions and > enforcement are vested in the Message Transfer System (MTS) and are exercised > independently by the MTAs at each end of the message transfer. This requires > that every subscriber uniformly trust all of the MTAs to enforce access > control for the subscriber community. A message originator has no independent > means of determining the access rights of a possible recipient, nor the means > to determine the level of trust of the MTAs that make access control > decisions. He must rely on the correct operation of the MTAs. > > 2.1.3 Content Security. MSP provides content security and integrity > services with the implementation of independent cryptographic algorithms and > key management system at the UA. Encapsulation of message content with > appropriate security parameters (e.g., algorithm identification and signature > information) into a MSP content prior to submitting it to the MTS, ensures > writer-to-reader control for all security services. This is true regardless > of the message transfer system employed. Since only the originator and > recipient may access the information, content security is preserved, and the > means for message confidentiality, integrity, authentication, and non- > repudiation with proof of origin is maintained. > > 2.1.4 Commercial Products/Services. A primary objective of the DMS > Program is to employ commercially available products and services wherever > possible, to minimize or eliminate the need for specialized systems. It is > also assumed that such products and services will undoubtedly be "untrusted" > from the security perspective. The use of MSP allows the DMS to deploy over > any reliable and heterogeneous MTS and still provide the same level of message > security and system assurance. The MSP design and implementation strategy, > coupled with the incorporated access control and content security mechanisms, > is consistent with this objective. While the 1988 X.400 Recommendation offers > similar services, its employment by DMS would require use of "trusted" MTAs, a > prospect that is not only cost prohibitive by lacking in deployment > flexibility. > > 2 > > > 22 October 1991 > > 2.2 Key Management Support. MSP was designed to be independent of > cryptographic algorithms and key management schemes. Although 1988 X.400 > maintains independence of the cryptographic algorithms used, it does employ a > specific key management scheme as defined in CCITT Recommendation X.509. The > protocol mechanisms that realized this key management scheme are incompatible > with MSP key management. > > 2.2.1 A solution consistent with the MSP concept might be implemented > within the X.400 syntax, but would represent a semantic inconsistency. Within > X.400, no syntax exists to exchange multiple certificates and other per- > message security data. > > 2.2.2 Even if a certifiable architecture using MSP-like key management > schemes could be developed to be consistent with 1988 X.400, it would likely > represent a substantial departure from COTS products. > > 2.3 Performance. Like MSP, the 1988 X.400 Recommendation defines both > per-message and per-recipient security data items. However, the allocation of > security relevant data, especially the signature and receipt information, is > different in X.400 and in MSP. 1988 X.400 requires one signature per > recipient while MSP requires one per message. The major performance > implications of this difference are the higher number of signature generation > operations required by 1988 X.400, and the higher volume of additional data > carried in each 1988 X.400 message. > > 3. Allied Interoperability. > > 3.1 Suggestions from the Allied Message Handling International Subject > Matter Experts Working Group (AMH ISME WG) recommend that the U.S. incorporate > MSP mechanisms with the 1988 X.400 framework. In reviewing this, technical > difficulties surface as previously discussed, and present a resultant product > which is semantically non-conformant with the 1988 X.400 Recommendation. This > suggestion is unacceptable from a security protection standpoint, and is cost > prohibitive. > > 3.2 The differences in the MSP and 1988 X.400 security protection > strategies as described in the rationale serve to illustrate an allied message > interoperability issue. It is evident that the U.S. will continue to pursue > implementation of MSP while U.S. allies, including NATO, appear poised to > pursue implementations of the 1988 X.400 Recommendation. When the U.S. begins > deployment of X.400/MSP components in the 1996 and beyond time frame, a MSP > gateway will be required to facilitate interoperability between users who have > implemented X.400 with MSP and users who have not. A Gateway will be required > to perform protocol mappings between MSP and X.400-based systems, and to > provide the required cryptographic and key management conversion services for > the systems employed. This Gateway will facilitate U.S. transition to MSP, as > well as provide interoperability with allied users during the international > transition to X.400. > > 3 > > > 22 October 1991 > > 4. Conclusions. > > 4.1 Based on the rational provided above, the U.S. concludes that use of > MSP is superior to 1988 X.400 security protection in terms of assurance, key > management, performance, deployment flexibility, and cost. > > 4.2 As indicated above, allied interoperability will require an MSP > Gateway. The AMH ISME WG is an excellent forum to collect requirements for > this Gateway to ensure its timely development and deployment, and > effectiveness in providing near term allied interoperability. Long term > interoperability is being analyzed and will be the subject of a 15 February > 1992 U.S. submission to the AMH ISME WG. > > 4 > > ----------------------------------------------------------------------- > The Privacy and Security Research Group (PSRG) (i.e., that part of the > Internet Research Task Force that invented PEM and tossed it over the > fence into the Internet Engineering Task Force for final standardization > and deployment) received inqiries about the position of the U.S. > Federal Government on the use of Privacy-Enhanced Mail (PEM) (see RFCs > 1421, 1422, 1423, and 1424). The PSRG issued a statement which is now > outdated but was along the following lines: > > The PSRG does not speak for the U.S. Federal Government or for any other > government. It can, however, arrange some referrals for those seeking > Government information. > > Like all bodies operating under the cognizance of the Internet > Activities Board (IAB), the PSRG is an independent committee of > professionals with a technical interest in the health and evolution > of the Internet system (see RFC 1160). When the PSRG was designing > and developing PEM, and when the IAB approved and encouraged PEM > implementation, there was discussion of existing U.S. and other government > policies and policy trends. No agreements were reached with any agency > or official. Some PSRG members are aware of talks that have taken place > within the U.S. Government about PEM, but the PSRG is not aware of any > publicly-announced policies that have been directed specifically at PEM. > > For further information, the PSRG suggests that questions be directed > to the following PSRG members, who will either answer the question > or provide a referral to responsible officials: > > For questions regarding the U.S. Government generally: > > Miles Smid smid@st1.ncsl.nist.gov > National Institute for Standards and Technology > Building 225, Room A216 > Gaithersburg, Maryland 20899 > > For questions regarding the U.S Department of Defense in general, and > the Defense Message System in particular: > > Rob Shirey shirey@mitre.org > The MITRE Corporation, Mail Stop Z269 > 7525 Colshire Drive, McLean, VA 22102-3481 > > For other questions, send to pem-dev@tis.com and hope for the best! > > > > > -- Yanek Martinson yanek@novavax.nova.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Chael Hall) Date: Wed, 17 Mar 93 17:15:32 PST To: cypherpunks@toad.com Subject: RE: the recent mailing list flames Message-ID: <9303180111.AA02926@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain >One of the two loud complainers, mbrennan@netcom.com, had actually >doubled subscribed himself to the list. I had already removed him >once, so I thought; I had moved him over to the -announce list. Well, I sent a personal message to mbrennan@netcom.com about the posting he made where he criticized "Mr. May and Mr. Ringuette" for their misunderstanding. :) He misinterpreted my meaning of "you are in my kill list, but the others aren't." I meant that my .maildelivery destroys mail from him, but not from anyone else. *sigh* He wrote my sysadmin about it and said that it came from my remailer and all hell broke loose on my end. My boss's boss took me into his office and we discussed it... He just said, "Someone was harrassing a guy at AT&T (of all places) through your remailer." I tracked down the message, "talk"ed to mbrennan about it and he agreed to write a message of apology to my sysadmin saying he misunderstood the "threat." *sigh* What an avoidable mess if he hadn't been so touchy! Now they are investigating my remailer. My response was, "Oh, it's just a play-thing for me and a few friends." They think I should be responsible for what goes through it. Hahahaha... Right. I only see messages that don't go through for one reason or another (bounces and errors in "::" use). Chael Hall -- Chael Hall nowhere@bsu-cs.bsu.edu, 00CCHALL@BSUVC.BSU.EDU, chall@ref.tfs.com (317) 285-3648 after 5 pm EST From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Matthew J Miszewski Date: Wed, 17 Mar 93 20:18:04 PST To: cypherpunks@toad.com Subject: White House Message-ID: <23031722144365@vms2.macc.wisc.edu> MIME-Version: 1.0 Content-Type: text/plain Cypherpunks, MCI announced a new email address for access to the White House. However, This time they make no pretense that it will be read electronicly. From what I could glean from RISKS (I was in quite a hurry), the messages will be sent through the regular USPS. This appears to be a way to increase profits for MCI and Internet messages may very well bounce. Anyway, I know that the cypherpunks are trying to access the handles of power in this country and gain some respect at the same time. I also watched the last thread about what form our communication should take. Well, here's another chance. 0005895485@mcimail.com - White House Matt mjmiski@macc.wisc.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jim C Date: Thu, 18 Mar 93 06:42:37 PST To: cypherpunks@toad.com Subject: Cypher: Subject naming proposal In-Reply-To: <9303120305.AA09556@toad.com> Message-ID: <9303181442.AA19725@toad.com> MIME-Version: 1.0 Content-Type: text/plain Can I suggest that any messages posted to cypherpunks start with "Cypher:" in the subject line? The mail from this list is getting mixed in with all my other mail, cause my newsreader (elm) can't sort on "To:" fields. Does anyone else have this problem? Does this idea seem reasonable? JIm C. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Brad Huntting Date: Thu, 18 Mar 93 09:07:29 PST To: Jim C Subject: Re: Cypher: Subject naming proposal In-Reply-To: <9303181442.AA19725@toad.com> Message-ID: <199303181705.AA03002@misc.glarp.com> MIME-Version: 1.0 Content-Type: text/plain > The mail from this list is getting mixed in with all my other mail, > cause my newsreader (elm) can't sort on "To:" fields. Perhaps you should get a better mail reader (e.g. MH). From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: markh@wimsey.bc.ca (Mark C. Henderson) Date: Thu, 18 Mar 93 10:57:49 PST To: Brad Huntting Subject: Re: Cypher: Subject naming proposal In-Reply-To: <199303181705.AA03002@misc.glarp.com> Message-ID: <9303181023.ZM11582@wimsey.bc.ca> MIME-Version: 1.0 Content-Type: text/plain On Mar 18, 12:05, Brad Huntting wrote: > Subject: Re: Cypher: Subject naming proposal > > > The mail from this list is getting mixed in with all my other mail, > > cause my newsreader (elm) can't sort on "To:" fields. > > Perhaps you should get a better mail reader (e.g. MH). >-- End of excerpt from Brad Huntting mush will also allow filtering based on more or less whatever you want (e.g. To: fields). Mark -- Mark Henderson markh@wimsey.bc.ca From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: derek@cs.wisc.edu (Derek Zahn) Date: Thu, 18 Mar 93 08:27:46 PST To: collins@socrates.umd.edu (Jim C) Subject: Re: Cypher: Subject naming proposal In-Reply-To: <9303181442.AA19725@toad.com> Message-ID: <9303181626.AA16870@lynx.cs.wisc.edu> MIME-Version: 1.0 Content-Type: text/plain > Can I suggest that any messages posted to cypherpunks start with "Cypher:" > in the subject line? The mail from this list is getting mixed in with all > my other mail, cause my newsreader (elm) can't sort on "To:" fields. > Does anyone else have this problem? Does this idea seem reasonable? > JIm C. There's a program called "filter" (which I think is part of the elm distribution) that I use to automatically route messages from different mailing lists to separate folders, which can then be read at leisure. Very handy! derek From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Chael Hall) Date: Thu, 18 Mar 93 07:43:44 PST To: collins@socrates.UMD.EDU (Jim C) Subject: Re: Cypher: Subject naming proposal In-Reply-To: <9303181442.AA19725@toad.com> Message-ID: <9303181539.AA29429@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain >Can I suggest that any messages posted to cypherpunks start with "Cypher:" >in the subject line? The mail from this list is getting mixed in with all >my other mail, cause my newsreader (elm) can't sort on "To:" fields. > Does anyone else have this problem? Does this idea seem reasonable? >JIm C. I use the following .forward file to make slocal "sort" my mail based upon the contents of the .maildelivery file below. -- $HOME/.forward -- | /usr/lib/mh/slocal -user nowhere You should use something like the following .maildelivery file to tell slocal where to put the messages. -- $HOME/.maildelivery -- # # field "pattern" action "command" # To "cypherpunks@toad.com" file ? Mail/cypherpunks This will file messages directed to cypherpunks to a file in your Elm mail directory, but leave all other messages untouched. You have to then choose the folder "=cypherpunks" to read those messages. NOTE: You need to change the path of slocal to the appropriate path for your system. You can find it with the whereis -b command or the find utility. Am I forgetting anything? Chael Hall -- Chael Hall nowhere@bsu-cs.bsu.edu, 00CCHALL@BSUVC.BSU.EDU (317) 285-3648 after 5 pm EST From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: root@rmsdell.ftl.fl.us (Yanek Martinson) Date: Thu, 18 Mar 93 10:07:01 PST To: cypherpunks@toad.com Subject: HASH: cryptanalysis of MD5? (fwd) Message-ID: MIME-Version: 1.0 Content-Type: text/plain Forwarded message: > Newsgroups: sci.crypt > From: schneier@chinet.chi.il.us (Bruce Schneier) > Subject: Successful Cryptanalysis of MD5 > Message-ID: > Organization: Chinet - Public Access UNIX > Date: Thu, 18 Mar 1993 04:06:39 GMT > > This is from Bart Preneel's Ph.D. thesis, "Analysis and Design of > Cryptographic Hash Functions," Jan 1993, p. 191. It is about the > cryptanalysis of MD5: > > B. den Boer noted that an approximate relation exists between > any four consecutive additive constants. Moreover, together > with A. Bosselaers he developed an attack that produces > pseudo-collisions, more specifically they can construct two > chaining variables (that only differ in the most significant > bit of every word) and a single message block that yield the > same hashcode. The attack takes a few minutes on a PC. This > means that one of the design principles behind MD4 (and MD5), > namely to design a collision resistant function is not satisfied. > > I have not seen the actual paper yet, which will be presented at > Eurocrypt. Both PEM and PGP rely on MD5 for a secure one-way hash > function. This is troublesome, to say the least. > > Bruce > > ************************************************************************** > * Bruce Schneier > * Counterpane Systems For a good prime, call 391581 * 2^216193 - 1 > * schneier@chinet.chi.il.us > ************************************************************************** > > -- Yanek Martinson yanek@novavax.nova.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eli Brandt Date: Thu, 18 Mar 93 14:24:39 PST To: cypherpunks@toad.com Subject: a steganographic test Message-ID: <9303182224.AA05626@toad.com> MIME-Version: 1.0 Content-Type: text/plain Taking the easy way out, I tried a steganographic encoding in a GIF by mapping down to 128 colors, duplicating them, and frobbing the low bits of the image. This worked surprisingly well. The resulting image showed little degradation, and was smaller than the original -- the information thrown out when mapping down to 128 was not fully replaced, as the "hidden" file did not fill the GIF. Rather than screw with GIF and Heckbert code for this throwaway, I did the {en,de}giffing and palette manipulation by hand with the PC program PICLAB. It supports scripts, which would automate the process, except for the palette duplication, which a sed script could do. The bit bashing code is appended, though it's pretty trivial stuff. Anyway, I ended up with the canonical Earth-seen-from-space, 320x200x8, with an embedded DOS-format text file chosen for verisimilitude. I can ship it by e-mail to anyone who wants it, though there's not really a whole lot you can *do* with the thing. ("Hey. Wow. There really is a file in the low bits.") PGP 2 key by finger or e-mail Eli ebrandt@jarthur.claremont.edu the guts of ensteg.c: /* * We smear the hidef stream MSB-first into the low bits of the picf stream. * This code is not optimal, but hey, it's short. */ int picbyte, hidebyte, mask=0; long count=0; while (EOF!=(picbyte=getc(picf))) { if (!mask) { mask = 0x80; if (EOF==(hidebyte=getc(hidef))) hidebyte=0; // pad with nulls } putc(picbyte&0xfe | ((hidebyte&mask)/mask), outf); mask/=2; } and of desteg.c: /* * Pull the picf bits out, and put them together, MSB-LSB order. */ int picbyte, hidebyte=0, bit=7; while (EOF!=(picbyte=getc(picf))) { if (bit<0) { putc(hidebyte, hidef); hidebyte=0; bit=7; } hidebyte |= (picbyte%2)< MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Hi all, Has anyone apart from me experienced problems with Vesselin's perl scripts for ELM that came bundled with pgp2.2? I'm running ELM 2.4 pl21, on a Sparc IPX, and basically, sometimes morepgp works, and sometimes it doesn't. mailpgp is proving fine. Now, I'm no perl wiz, so I can't really dive in and fix it, nor am I asking for someone to fix it (unless they want to), but it would be nice to know that it's just not my utter ineptitude... ;=) - -- Rick M. Tait Bell Northern Research (Europe) Tel: +44-81-945-3352, Fax: +44-81-945-3352 Network Management Systems New Southgate, London. UK email: ricktait@bnr.co.uk || gomez@cix.compulink.co.uk || ricktait@bnr.ca -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK6ixmdIfJtINuGaBAQGjWgP/R67RPs45OJLD65ZqtJVKOLpYrwaLQ8cT GOo9Ek9P2flywLt30U+h6/6JOmNCI9UhzeDUKpvnymk4OyReHnayDvtVqjM9c4AL dj+xez2wjFHgxvpOfaAVNGvLlYj5BiVu+D5S3w9laxczT0MvSDTfFhwJFEP+VWxE NbkeIjN4FrI= =/qoI -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Crys Rides Date: Thu, 18 Mar 93 15:40:34 PST To: nowhere@bsu-cs.bsu.EDU (Chael Hall) Subject: Re: Cypher: Subject naming proposal In-Reply-To: <9303181442.AA19725@toad.com> Message-ID: <9303182329.AA21721@ucunix.san.uc.edu> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- >>>>> On Thu, 18 Mar 93 10:39:46 EST, nowhere@bsu-cs.bsu.edu (Chael Hall) said: >Can I suggest that any messages posted to cypherpunks start with "Cypher:" >in the subject line? The mail from this list is getting mixed in with all >my other mail, cause my newsreader (elm) can't sort on "To:" fields. > Does anyone else have this problem? Does this idea seem reasonable? >JIm C. Hall> I use the following .forward file to make slocal "sort" my mail based Hall> upon the contents of the .maildelivery file below. [snip] Hall> NOTE: You need to change the path of slocal to the appropriate Hall> path for your system. You can find it with the whereis -b command or Hall> the find utility. Am I forgetting anything? Erm, only that this apparently appears to pretty much _require_ switching mailreaders to MH. A more transparent solution can be achieved with the 'procmail' package, available from any comp.sources.misc archive. This package allows rule-based filtering on message content, size, and other factors, and can be installed workably with most mailreaders to my knowledge, without requiring much effort. Hall> Chael Hall Hall> -- Hall> Chael Hall Hall> nowhere@bsu-cs.bsu.edu, 00CCHALL@BSUVC.BSU.EDU Hall> (317) 285-3648 after 5 pm EST Crys Rides -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK6kEyJSqD+bQ7So3AQH/fwQAuRsviaD3uoG8VFU6nM2IDz+Nllbc5+KO o3wCYGg7S15skdCjz+p7s97hAJlQ+IKtAdMia0Hya6W4cDOUHJGTlXeMmSXlEKlu 2W9kZN8bAR6D4TkuW0RqMFAzCW0U+87VajKO28IZLSEFGo1KPbFYlVP2eXsi/mPj UND/fuivjzU= =5b+o -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Thu, 18 Mar 93 18:35:46 PST To: nowhere@bsu-cs.bsu.edu Subject: Re: Cypher: Subject naming proposal Message-ID: <9303190233.AA19703@servo> MIME-Version: 1.0 Content-Type: text/plain Several years ago I wrote a UNIX utility that splits my incoming mail (directly from the spool) into files based on the To: and Cc: fields. I can specify the various mailing lists to which I subscribe in the shell script, with all others going to a file named "other". This way I can give higher priority to the mail that names me specifically as a recipient, and put off the mailing lists for later. And I can use any conventional mailer (like Mail) to read the split files. Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Chael Hall) Date: Thu, 18 Mar 93 18:02:02 PST To: crys@cave.tcp.com (Crys Rides) Subject: Re: Cypher: Subject naming proposal In-Reply-To: <9303182329.AA21721@ucunix.san.uc.edu> Message-ID: <9303190157.AA14620@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain >Erm, only that this apparently appears to pretty much _require_ switching >mailreaders to MH. A more transparent solution can be achieved with the >'procmail' package, available from any comp.sources.misc archive. This >package allows rule-based filtering on message content, size, and other >factors, and can be installed workably with most mailreaders to my >knowledge, without requiring much effort. I don't know what you mean... The incoming mail ends up in /var/spool/mail (on my system) whether or not you use it. I use ELM as my mailreader and everything works fine. He did say that he is using ELM. To me, this is less effort than FTPing 'procmail.' >Crys Rides Chael Hall -- Chael Hall nowhere@bsu-cs.bsu.edu, 00CCHALL@BSUVC.BSU.EDU (317) 285-3648 after 5 pm EST From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mike Godwin Date: Thu, 18 Mar 93 19:16:33 PST To: hughes@soda.berkeley.edu (Eric Hughes) Subject: Re: You Aren't [I'm Not] In-Reply-To: <9303090316.AA17160@soda.berkeley.edu> Message-ID: <199303190313.AA15580@eff.org> MIME-Version: 1.0 Content-Type: text/plain Eric Hughes writes: > Last night I spoke with Mike Godwin of the EFF about the issue of > anonymous libel. Mike is not on the list, and I've copied him on this > message. Mike knows more about electronic speech issues than pretty > much anyone else. Here is my remembrance about what he said: > > 2. An anonymous remailer is not liable. In order to be liable for the > libellous speech, the operator of the remailer would have to have > prior knowledge that the speech was libellous. Since the operation of > the remailer is fully automated, prior knowledge is impossible. I'd modify that second point slightly--specifically, I'd say that an anonymous remailer *probably* is not liable. There's never been a case of this sort, but current American libel law suggests that the remailer would not be liable. --Mike From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Alexander Chislenko Date: Thu, 18 Mar 93 23:43:35 PST To: extropians@gnu.ai.mit.edu Subject: POLI/TECH/SURVEY: Feds and computers. Message-ID: <199303190742.AA10986@ra.cs.umb.edu> MIME-Version: 1.0 Content-Type: text/plain There were two interesting articles today in the Marketplace section of the Wall Street Journal. I advise you to read them, and will give only brief references here: 1. "White House lets you turn on your PC, tune into politics" - Some stuff on White House and its email addresses, email in general, etc. Some of it informative, some stupid, some babble. One remarkable piece: "... the backward White House computer system doesn't receive the electronic messages directly, and the mail isn't answered electronically. Instead, the e-mail messages are delivered to White House on disk, where they are printed out and answered by low-level workers through regular paper mail." Ain't that amazing?! 2. To the right from the big central material on the crucially important subject of bacon sales, there starts an article "Ruling gives privacy a high-tech edge" - about the Jackson Games BBS case. While it might not offer conceptual breaktrhoughs to anybody on this list, it is (IMO) a very informative and sympathetic material; it describes the history of the case, recent rulings, their implications, etc. It is very nice that this is offered to a large audience. - Well worth reading. ------------------------------------------------------------------------------ | Alexander Chislenko | sasha@cs.umb.edu | Cambridge, MA | (617) 864-3382 | ------------------------------------------------------------------------------ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Arthur Abraham Date: Fri, 19 Mar 93 08:47:05 PST To: cypherpunks@toad.com Subject: Anonymity in the real world Message-ID: <199303191643.AA15623@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Re: Anonymity in the real world John Gilmore writes: >The person who wrote this stuff hasn't thought it through. Any of these >things can and do happen right now over the telephone (anonymously) >and through postal mail (anonymously). Somehow, society has not fallen >into anarchy because anyone can drop a letter in a mailbox. Why not? > >(pause here and actually think about it...) A lot of the stuff that appears on this list appears to come from people glassey-eyed hypnotized by the "power" of the internet, as if society had suddenly started behaving differently because we now type over our telephones. Actually, this is an abuse of a technology, since it's much quicker, and accurate, to talk over a telephone -- greater bandwidth, for those who insist on describing people in mechanical terms. If all our desks were in the same large room, each in its own little cubical, and we communicated by writing on pieces of paper and magically passing them around, the effect would be much the same as the internet -- except that the internet saves about a forest per gigabyte. For those who insist the difference is that the internet is "free", let them remember that each person has either purchased or is paying rent for their desk, but some of the rent is in the form of labor, etc. In this large room there are many people I have never meet, but who still send me pieces of paper. The pieces of paper have names on them, but since I have never meet the person who sends me a particular piece of paper, the names mean nothing; the sender is Anonymous to _me_, though I hope they have some friends. If I get enough pieces of paper from the same person, I eventually come to recognize the name, and form some expectations of what they have written on the piece of paper; then the person is a Pseudonym to _me_, since I still have not yet met that individual. This does not seem to be a lot to argue over. Suppose I now receive a piece of paper that says "Your doom is coming! You have been using my pieces of paper to blow your nose on! I cannot let this insult go unpunished: You will die at midnight!" I could think: well, it's just a piece of paper, there's no particular reason to be afraid of it. I could think: it's a large room, and this sender will have trouble finding me, so my doom will never arrive. I could think: as with most of the people in the room, this sender has never meet me, so my doom will not be able to recognize me. But what do think is: I will arrange to have a policeman at my desk at midnight, since it is still the real world. This is my experience of the internet. ************************************** bandwidth expander: :-) starts here ************************************** Now I will tell a fable about the old use of the telephone. Once upon a time, in a kingdom by the sea, the phone company (TPC) wanted to sell the peasants' phone numbers to anybody the peasants would call. It was an easy way to make gold. TPC said over and over again that peasants really enjoy doing this. However, the peasants didn't want to join in the fun, and insisted on having an option of deciding when TPC could sell the phone numbers -- a cypherpunk might say the peasants wanted to retain control of their anonymity. TPC saw that most of the peasants wouldn't release their phone numbers, and so there wouldn't be enough gold in it, and decided not to offer this wonderful service, and the peasants lived anonymously ever after... ...for about three days until the all the people in the kingdom, suddenly drunk on the newfound anonymity, completely overloaded and destroyed the phone system, by all lifting their phones at once, to place bomb threats. -a2. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jim C Date: Fri, 19 Mar 93 07:05:22 PST To: cypherpunks@toad.com Subject: Re: Cypher:Subject naming- SUMMARY Message-ID: <9303191505.AA01177@toad.com> MIME-Version: 1.0 Content-Type: text/plain Ok, here's a summary of replies regarding sorting of mail by To: fields, or more in general, grouping all list mail together by mailing list. Thanx to all who responded. As you can see, there are a variety of ways to approach this problem. All of these replys were posted to Cypherpunks already, so re-posting is kosher. I've cut out the extra header stuff and the PGP signatures, and edited the messages for brevity. >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> From: nowhere@bsu-cs.bsu.edu (Chael Hall) Subject: Re: Cypher: Subject naming proposal To: collins@socrates.umd.edu (Jim C) Cc: cypherpunks@toad.com >Can I suggest that any messages posted to cypherpunks start with "Cypher:" >in the subject line? The mail from this list is getting mixed in with all >my other mail, cause my newsreader (elm) can't sort on "To:" fields. > Does anyone else have this problem? Does this idea seem reasonable? >JIm C. I use the following .forward file to make slocal "sort" my mail based upon the contents of the .maildelivery file below. -- $HOME/.forward -- | /usr/lib/mh/slocal -user nowhere You should use something like the following .maildelivery file to tell slocal where to put the messages. -- $HOME/.maildelivery -- # # field "pattern" action "command" # To "cypherpunks@toad.com" file ? Mail/cypherpunks This will file messages directed to cypherpunks to a file in your Elm mail directory, but leave all other messages untouched. You have to then choose the folder "=cypherpunks" to read those messages. NOTE: You need to change the path of slocal to the appropriate path for your system. You can find it with the whereis -b command or the find utility. Am I forgetting anything? Chael Hall -- Chael Hall nowhere@bsu-cs.bsu.edu, 00CCHALL@BSUVC.BSU.EDU (317) 285-3648 after 5 pm EST >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> From: Crys Rides Subject: Re: Cypher: Subject naming proposal >>>>> On Thu, 18 Mar 93 10:39:46 EST, nowhere@bsu-cs.bsu.edu (Chael Hall) said: Hall> I use the following .forward file to make slocal "sort" my mail based Hall> upon the contents of the .maildelivery file below. [snip] Hall> NOTE: You need to change the path of slocal to the appropriate Hall> path for your system. You can find it with the whereis -b command or Hall> the find utility. Am I forgetting anything? Erm, only that this apparently appears to pretty much _require_ switching mailreaders to MH. A more transparent solution can be achieved with the 'procmail' package, available from any comp.sources.misc archive. This package allows rule-based filtering on message content, size, and other factors, and can be installed workably with most mailreaders to my knowledge, without requiring much effort. Crys Rides >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> From wimsey.bc.ca!markh@wimsey.com Thu Mar 18 13:: Cypher: Subject naming propos al There's a program called "filter" (which I think is part of the elm distribution) that I use to automatically route messages from different mailing lists to separate folders, which can then be read at leisure. Very handy! derek >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> To: Brad Huntting , Jim C Subject: Re: Cypher: Subject naming proposal Cc: cypherpunks@toad.com mush will also allow filtering based on more or less whatever you want (e.g. To: fields). Mark -- Mark Henderson markh@wimsey.bc.ca From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Fri, 19 Mar 93 13:38:18 PST To: R.Tait@bnr.co.uk Subject: Re: CYPHER: Problems with pgp2.2 ELM scripts? In-Reply-To: <199303181729.20139@bnsgs200.bnr.co.uk> Message-ID: <9303192136.AA11513@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain > Hi all, > Has anyone apart from me experienced problems with Vesselin's perl > scripts for ELM that came bundled with pgp2.2? I'm running ELM 2.4 pl21, > on a Sparc IPX, and basically, sometimes morepgp works, and sometimes > it doesn't. mailpgp is proving fine. I am too. When I try to read my mail w/ elm, I get a (long!) pause then the message: Bad flag -S And the program bugs out. > Now, I'm no perl wiz, so I can't really dive in and fix it, nor am I > asking for someone to fix it (unless they want to), but it would be nice > to know that it's just not my utter ineptitude... ;=) Then we're both inept. ;^) +----------------------+----------------------------------------------------+ | J. Michael Diehl ;-) | I thought I was wrong once. But, I was mistaken. | | +----------------------------------------------------+ | mdiehl@triton.unm.edu| "I'm just looking for the opportunity to be | | Thunder@forum | Politically Incorrect! | | (505) 299-2282 | | +----------------------+----------------------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: The Phantom Date: Fri, 19 Mar 93 14:44:31 PST To: cypherpunks@toad.com Subject: HIDE: embedded msgs in grphics & snd Message-ID: MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Recently George Gleason and myself have exchanged email concerning the embedding of messages into broadcast medium. We discussed options that would confound the traffic analysis performed upon the host medium. We came up with a few ideas that may be interesting to the list. George pointed out what I pointed out earlier - sending the latest Michael Jackson tune over the net might raise eyebrows as well as copyright violations. Being from the 'grunge town' of Seattle, it was discussed that perhaps it would be possible to send a copy of some 'unknown' band over the net without harm. In fact, perhaps this is a good place to start: the underground music scene. gg - "This week on Music By Wire, a new song by the Subversives, recorded at Pretty Good Productions. . ." This distribution channel has advantages over DAT -- no delay and the possibility of a large audience if there was a steady flow of musical traffic. Next, discussion turned to the integration of modem carrier tones as samples in music (rap). If this new twist caught on, the artist could encode messages (in plaintext, or later ciphertext) into the song, including the key on the record insert. What does this do for us? By using ciphertext "... as an artistic product, ..[we] thereby gain another layer of 1st Amendment protection." Free speech. Lastly and perhaps most interesting: I suggested that by using one of these garage bands, we might be able to distribute our own messages on CD. By getting ahold of a local bands' master before they take it to get a record pressed, we could digitize it ourselves, encode our messages (the kama sutra, a message of goodwill, the songs' lyrics, whatever the band wants, too!) into the LSBs and then give it back to the band to press CDs (put the key on the front cover if you like). The band could be told that not only were they certain to sell ~100 CDs (@ $12-$14 each = $1,300 -- no small sum for a garage band) just to cypherpunk members, but they would also be "the first band in history to digitally encode messages into their music... etc." I don't think the ~100 CDs is an understatement, either. How many cypherpunks do we have nowadays? I would be willing to shell over $15 for a (basically) small-capacity encrypted CD ROM disk, even though I personally don't have a player. gg and myself are both rather interested in this last idea -- tweaking with a bands' CD before it gets pressed. Does it sound promising to anyone else? matt -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK6oMPWSGfFo1zsA5AQEW0AQAqUNNUqdgNyyN2WPGSRx4RCy4umV985CL eHc6TnEsuVDO1InA8nsB4UVh96a3TG/jhSG3xVsGWYt/z5uJbTyqeHtkPWEiLz+j BgR5/mKmeAi0rvFDaIQS1JcoB9gBb3+EFnvOT4RpTtsw+pN5Fry+0PQpQi9zKXbZ pRCGtHKdiiE= =UvO3 -----END PGP SIGNATURE----- Matt Thomlinson University of Washington, Seattle, Washington. Internet: phantom@u.washington.edu phone: (206) 528-5732 PGP 2.2 key available via email or finger phantom@hardy.u.washington.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Fri, 19 Mar 93 14:11:10 PST To: cypherpunks@toad.com Subject: We need a FAQ. Message-ID: <9303192209.AA13248@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain I'd like to find out about remailers, reposters, and keyservers. All of this has been posted before, I know. We need to consolidate this into a FAQ for easier access. I'd almost do it myself if I still had the info on hand. +----------------------+----------------------------------------------------+ | J. Michael Diehl ;-) | I thought I was wrong once. But, I was mistaken. | | +----------------------------------------------------+ | mdiehl@triton.unm.edu| "I'm just looking for the opportunity to be | | Thunder@forum | Politically Incorrect! | | (505) 299-2282 | | +----------------------+----------------------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mccoy@ccwf.cc.utexas.edu (Jim McCoy) Date: Fri, 19 Mar 93 17:04:26 PST To: phantom@u.washington.edu (The Phantom) Subject: Re: HIDE: embedded msgs in grphics & snd In-Reply-To: Message-ID: <9303200102.AA14124@tramp.cc.utexas.edu> MIME-Version: 1.0 Content-Type: text The Phantom writes: > > Lastly and perhaps most interesting: I suggested that by using one of > these garage bands, we might be able to distribute our own messages > on CD. By getting ahold of a local bands' master before they take it > to get a record pressed, we could digitize it ourselves, encode our > messages (the kama sutra, a message of goodwill, the songs' lyrics, > whatever the band wants, too!) into the LSBs and then give it back to > the band to press CDs (put the key on the front cover if you like). [...] > I would be willing to shell over > $15 for a (basically) small-capacity encrypted CD ROM disk, even > though I personally don't have a player. A nice idea, but functionally impossible with today's technology. The firmware of CD-Rom players does not allow them to read the digital data of an audio CD and output it in digital, the output must be analog. The only exception to this that I know of is the SGI CD-rom. This restriction against digital output from audio CDs was put in after the music publishing industry made a big issue over pirating music, etc... I am not sure what mods have been done to the firmware of the SGI CD rom players, but the people on alt.cd-rom say it can read the digital data from audio-cds. Without this capacity you are not going to be able to stick the message in the CD as easily as you would be able to with a cd-rom player that could read digital... jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jg@uruk.genmagic.com (John Giannandrea) Date: Fri, 19 Mar 93 19:43:16 PST To: mccoy@ccwf.cc.utexas.edu (Jim McCoy) Subject: Re: HIDE: embedded msgs in grphics & snd In-Reply-To: <9303200102.AA14124@tramp.cc.utexas.edu> Message-ID: <9303200341.AA01604@uruk.genmagic.com> MIME-Version: 1.0 Content-Type: text/plain Jim McCoy writes: > The firmware of CD-Rom players does not allow them to read the digital data of > an audio CD and output it in digital, the output must be analog. The only > exception to this that I know of is the SGI CD-rom. This drive is the Toshiba TXM3301. Although the firmware was specially commissioned by SGI I believe that the drive is available from Toshiba America directly. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Fri, 19 Mar 93 20:36:50 PST To: phantom@u.washington.edu (The Phantom) Subject: Re: HIDE: embedded msgs in grphics & snd In-Reply-To: Message-ID: <9303200435.AA26847@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain > George pointed out what I pointed out earlier - sending the latest > Michael Jackson tune over the net might raise eyebrows as well as > copyright violations. Being from the 'grunge town' of Seattle, it was Besides, Michael Jackson sucks! ;^) > discussed that perhaps it would be possible to send a copy of some > 'unknown' band over the net without harm. In fact, perhaps this is a > good place to start: the underground music scene. I assume you mean with their permission. Think of it, you tell a band that you want to distribute one of their demo's around the world. I think they'd buy it. And I don't think they'd care that you embedded a message in it, either. And a lot of cypherpunks like underground music. Works for all of us. I like this idea and think it could work. > gg - "This week on Music By Wire, a new song by the Subversives, > recorded at Pretty Good Productions. . ." I love it! Pretty Good Productions... That's the best. ;^) > Next, discussion turned to the integration of modem carrier tones as > samples in music (rap). If this new twist caught on, the artist could > encode messages (in plaintext, or later ciphertext) into the song, I don't know, will a modem weed out all of the noise to get to the carrier tones that we embedded in the crap...er...I mean rap music. ;^) > including the key on the record insert. What does this do for us? By > using ciphertext "... as an artistic product, ..[we] thereby gain > another layer of 1st Amendment protection." Free speech. Nice! > > Lastly and perhaps most interesting: I suggested that by using one of > these garage bands, we might be able to distribute our own messages > on CD. By getting ahold of a local bands' master before they take it > to get a record pressed, we could digitize it ourselves, encode our > messages (the kama sutra, a message of goodwill, the songs' lyrics, > whatever the band wants, too!) into the LSBs and then give it back to > the band to press CDs (put the key on the front cover if you like). I wonder if a PC will read the data that comprises a CD data-set. My consern is about directory structure etc. > The band could be told that not only were they certain to sell ~100 > CDs (@ $12-$14 each = $1,300 -- no small sum for a garage band) just > to cypherpunk members, but they would also be "the first band in > history to digitally encode messages into their music... etc." Kind of a new twist on backward subliminal messages, eh? ;^) > I don't think the ~100 CDs is an understatement, either. How many > cypherpunks do we have nowadays? I would be willing to shell over > $15 for a (basically) small-capacity encrypted CD ROM disk, even > though I personally don't have a player. We could distribute the needed source code on an underground basis. We could distribute whole software packages piggy-backing on a garage band's demo! Bitchen! > > gg and myself are both rather interested in this last idea -- > tweaking with a bands' CD before it gets pressed. Does it > sound promising to anyone else? Most definately! +----------------------+----------------------------------------------------+ | J. Michael Diehl ;-) | I thought I was wrong once. But, I was mistaken. | | +----------------------------------------------------+ | mdiehl@triton.unm.edu| "I'm just looking for the opportunity to be | | Thunder@forum | Politically Incorrect! | | (505) 299-2282 | | +----------------------+----------------------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Arthur Abraham Date: Fri, 19 Mar 93 21:43:13 PST To: cypherpunks@toad.com Subject: Future Copy Message-ID: <199303200539.AA18329@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Somehow, I think some of the readers of this list will find this interesting, I don't know why. Popular Science: April 1993 "Color Copiers Countering Counterfeiters An unfortunate result of advances in color copiers is that it is now easier to counterfeit currency. To make it more difficult, Cannon has developed two defenses. One is a currency-recognition technology similar to that used in vending machines. But Canon has enhanced the technology to recognize a bill regardless of its orientation of it it's among a clutter of material. In a demonstration, a Canon official tried to copy a Japanese bill. The copier sounded an alarm and spit out a piece of paper with a blackened rectangle where the image should have been. "Once a bill is recognized, we could do anything -- have the machine stop, sound an alarm, or, it it's connected to a phone line, call the police,' the official says. The copier will recognize as many currencies as possible. A second feature traces counterfeiters of official documents. Each copier embeds a code into the copied image, which is impossible to see. A special scanner extracts the code and a computer program then furnishes the copier's serial number, allowing identification of the registered purchaser of the machine. With the new anti-counterfeiting technology, Canon can also include a two-sided copying feature previously omitted from its color copiers." Of course, the second to the last paragraph is most interesting, along these lines: a. how are they doing that? b. is this preserved on a second, third, etc. generation copy? c. it is likely that computer scanning and OCR defeats this. c. anybody posting to whistleblowers should be aware of these new machines, and learn how to identify them, and their products. -a2. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Fri, 19 Mar 93 20:43:21 PST To: cypherpunks@toad.com Subject: We need a FAQ. Message-ID: <9303200441.AA27024@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain I'd like to have information on anon. remailers, news posters an key servers. I know this has been posted here before, but I lost it all and think that this stuff should be kept together for convenience. I'd almost do it myself if someone would mail me the info. +----------------------+----------------------------------------------------+ | J. Michael Diehl ;-) | I thought I was wrong once. But, I was mistaken. | | +----------------------------------------------------+ | mdiehl@triton.unm.edu| "I'm just looking for the opportunity to be | | Thunder@forum | Politically Incorrect! | | (505) 299-2282 | | +----------------------+----------------------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: George A. Gleason Date: Sat, 20 Mar 93 02:28:13 PST To: phantom@u.washington.edu Subject: Re: HIDE: embedded msgs in grphics & snd Message-ID: <199303201024.AA09757@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Re. cyphertext and music: I've been professionally involved in the recording/production scene and could arrange something. There are plenty of damn good bands in the Bay Area who might volunteer for this kind of thing; I can think of a couple of candidates right away. Also a great local studio, Polymorph Productions, which would be amenable to this. All we need to get going is for someone to cover the actual cost of studio time, which is only $30/hour. Now the only hitch right now is my own schedule being really really busy, but I could get a free weekend, or hook up some local cypherpunx with the bands and the studio, and see where it goes. Basically I get the idea that if this worked, the record would get a lot of interest including from a wider audience than cypherpunx, and that translates into attention on the band as such, and that translates into paying back the original production investment with interest. So, anyone interested...? -gg@well.sf.ca.us. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Sat, 20 Mar 93 10:37:46 PST To: cypherpunks@toad.com Subject: Re: HIDE: embedded msgs in grphics & snd Message-ID: <9303201836.AA18301@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain George Gleason writes: >Re. cyphertext and music: I've been professionally involved in the >recording/production scene and could arrange something. There are plenty of >damn good bands in the Bay Area who might volunteer for this kind of thing; >I can think of a couple of candidates right away. Also a great local >studio, Polymorph Productions, which would be amenable to this. All we need >to get going is for someone to cover the actual cost of studio time, which >is only $30/hour. Now the only hitch right now is my own schedule being I'm all for exploring hiding messages in the LSBs of images and audio (having written on this since 1988, and several times on this list), but I don't understand the idea of putting messages in widely distributed, publicly-advertised commercial or semi-commercial CDs: - if lots of people know about it--presumably the goal here--then why hide the message? (Granted, it'll make some people say "Like, wow! Like, messages, man!"...or whatever the current vernacular version would be.) - how would the key be distributed as widely? - clearly this is not a practical way to steganographically send messages. So, what exactly is the point of this exercise? -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Sat, 20 Mar 93 14:45:23 PST To: cypherpunks@toad.com Subject: Problems with pgp elm scripts. Message-ID: <9303202243.AA21880@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain I finally got my mailer script to work. I deleted the -S parameter to less in the perl script. But now, it seems that it can't sign my mail unless i'm in another directory but my home. It complains that it can't find a key in secring.pgp for user 'me'. me is an alias that I use for myself, but even if I send mail to mdiehl@triton, it still tries to find a key for 'me'. What gives? +----------------------+----------------------------------------------------+ | J. Michael Diehl ;-) | I thought I was wrong once. But, I was mistaken. | | +----------------------------------------------------+ | mdiehl@triton.unm.edu| "I'm just looking for the opportunity to be | | Thunder@forum | Politically Incorrect! | | (505) 299-2282 | | +----------------------+----------------------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: alrub@pro-sol.cts.com (Al Rubottom) Date: Sat, 20 Mar 93 19:06:21 PST To: cypherpunks@toad.com Subject: yr mailing list Message-ID: MIME-Version: 1.0 Content-Type: text/plain Dear friends: Please add my name to your mailing list. U.S. snail mail address; Al E. Rubottom 5352 Via Carancho San Diego, CA 92111 internet address: alrub@pro-sol.cts.com Thanking you in advance for your attnetin, I remain Appreciateively yours, Alrub ProLine: alrub@pro-sol Internet: alrub@pro-sol.cts.com UUCP: crash!pro-sol!alrub From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uri@watson.ibm.com Date: Sat, 20 Mar 93 16:37:39 PST To: gg@well.sf.ca.us (George A. Gleason) Subject: Re: HIDE: embedded msgs in grphics & snd In-Reply-To: <199303201024.AA09757@well.sf.ca.us> Message-ID: <9303210036.AA21784@buoy.watson.ibm.com> MIME-Version: 1.0 Content-Type: text/plain George A. Gleason says: > Re. cyphertext and music: I've been professionally involved in the > recording/production scene and could arrange something. There are plenty of > damn good bands in the Bay Area who might volunteer for this kind of thing; > I can think of a couple of candidates right away. Maybe I'm missing something, but why bother with recording professional and semi-professional music, when you can just as easily record your OWN voice and send a digitized voice message (as an e-mail enhancement)? In order to prevent smart censorship (i.e. altering LSBs under you) one must design sort of crypto-CRC, or like... -- Regards, Uri uri@watson.ibm.com scifi!angmar!uri N2RIU ----------- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: zane@genesis.mcs.com (Sameer Parekh) Date: Sun, 21 Mar 93 13:59:01 PST To: George A. Gleason Subject: Re: HIDE: embedded msgs in grphics & snd In-Reply-To: <199303201024.AA09757@well.sf.ca.us> Message-ID: MIME-Version: 1.0 Content-Type: text/plain In message <199303201024.AA09757@well.sf.ca.us>, George A. Gleason writes: > I get the idea that if this worked, the record would get a lot of interest > including from a wider audience than cypherpunx, and that translates into > attention on the band as such, and that translates into paying back the > original production investment with interest. So, anyone interested...? > For exactly this reason, I don't think that this is a very good idea. The discussion here started as a search for a way to make encrypted data not look like encrypted data. (Once it becomes illegal). If encoding in LSBs becomes a famous technique, then once data encryption becomes illegal searching the LSBs will become standard procedure for that data cops. -- | Sameer Parekh-zane@genesis.MCS.COM-PFA related mail to pfa@genesis.MCS.COM | | Apprentice Philosopher, Writer, Physicist, Healer, Programmer, Lover, more | | "Be God" - Me __ "Specialization is for Insects" - Robert A. Heinlein ____/ \_____________/ \____________________________________________________/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Joe Thomas Date: Sun, 21 Mar 93 09:06:16 PST To: cypherpunks@toad.com Subject: Looking for key-signers in DC Message-ID: MIME-Version: 1.0 Content-Type: text/plain I finally got my act together, and got PGP running on my pseudo-Mac (actually an Atari with an emulator, but that's another story). Is anyone around DC and available to sign it before I send it to the servers, etc.? Thanks, Joe From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Sun, 21 Mar 93 18:39:05 PST To: zane@genesis.mcs.com (Sameer Parekh) Subject: Re: HIDE: embedded msgs in grphics & snd In-Reply-To: Message-ID: <9303220237.AA02600@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain > > In message <199303201024.AA09757@well.sf.ca.us>, George A. Gleason writes: > > I get the idea that if this worked, the record would get a lot of interest > > including from a wider audience than cypherpunx, and that translates into > > attention on the band as such, and that translates into paying back the > > original production investment with interest. So, anyone interested...? > > > For exactly this reason, I don't think that this is a very good > idea. The discussion here started as a search for a way to make > encrypted data not look like encrypted data. (Once it becomes illegal). > If encoding in LSBs becomes a famous technique, then once data > encryption becomes illegal searching the LSBs will become standard > procedure for that data cops. At which time we simply abandon this media. But think of it. Don't you think a record company would be interested in a new record-selling gimmic? And they have enough money.....er...I mean clout, ya that's it, to protect their new- found gimmic. Just my (last) $.02, Thanx for listening. ;^) +----------------------+----------------------------------------------------+ | J. Michael Diehl ;-) | I thought I was wrong once. But, I was mistaken. | | +----------------------------------------------------+ | mdiehl@triton.unm.edu| "I'm just looking for the opportunity to be | | Thunder@forum | Politically Incorrect! | | (505) 299-2282 | | +----------------------+----------------------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: crunch@netcom.com (John Draper) Date: Sun, 21 Mar 93 22:42:31 PST To: cypherpunks@toad.com Subject: Double messages Message-ID: <9303220641.AA00445@netcom2.netcom.com> MIME-Version: 1.0 Content-Type: text/plain I'm getting double messages from people. Is there something wrong with the mailing list? JD From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: djwright Date: Sun, 21 Mar 93 21:00:36 PST To: cypherpunks@toad.com Subject: Idea Message-ID: <9303220500.AA03848@toad.com> MIME-Version: 1.0 Content-Type: text/plain Although the material is interesting, my mailbox is getting flooded.. perhaps the mail should be compiled into a newsletter or 'zine format and mailed monthly. Phrack magazine is sent with an automated mailer.. If you want more information.. send requests to root@stormking.com. Please seriously consider this, the bulk of mail vs. my time to deal with the volume of little messages is limited, and it is much better if it's a monthly o r weekly newsletter which I can download and browse at my leisure. It really is not much work to have a program dump all the mail into a file, then another program send out the file monthly. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Sun, 21 Mar 93 23:12:40 PST To: julf@penet.fi (Johan Helsingius) Subject: Re: Idea In-Reply-To: <9303220715.aa23117@penet.penet.FI> Message-ID: <9303220711.AA12900@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain > > > > Although the material is interesting, my mailbox is getting flooded.. > > perhaps the mail should be compiled into a newsletter or 'zine format > > and mailed monthly. > > I have no problems keeping up with the cypherpunks messages (they form > such a small procentage of my mail anyway), and a good mail reader > definitely helps. But if the messages got digested into huge batches, I > would definitely stop reading them. Me to! I might venture into the table of contents. If nothing seemed interesting there, (and there might be good stuff) I'd simpy hit 'd'. Don't digest them! Thanx. +----------------------+----------------------------------------------------+ | J. Michael Diehl ;-) | I thought I was wrong once. But, I was mistaken. | | +----------------------------------------------------+ | mdiehl@triton.unm.edu| "I'm just looking for the opportunity to be | | Thunder@forum | Politically Incorrect! | | (505) 299-2282 | | +----------------------+----------------------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Nickey MacDonald Date: Sun, 21 Mar 93 21:44:58 PST To: Tony Kidson Subject: Re: META: Support for prefixes In-Reply-To: <3098@morgan.demon.co.uk> Message-ID: MIME-Version: 1.0 Content-Type: text/plain {I realize I'm a mere two weeks behind in my mail... please ignore me if I'm way out of date on this...} I agree that this is a great idea... and looking ahead into the mail I am behind in, it looks like it is being done... I'd also like to be able to tell which mail list t he mail was from... I'd like it if the remailed mail from the list had CYPH: prepended to the front of all the subjects... On another note.... Tony... Please don't requote a large post, just to add a one line reply... It wastes a lot of bandwidth... I hope that no mailers still exist that do not allow you to edit the text that it includes from an original message when doing a reply... 5 minutes of editing for one person saves hundreds of people from wasting their time skipping a redundant post... --- Nick MacDonald | NMD on IRC i6t4@jupiter.sun.csd.unb.ca | PGP 2.1 Public key available via finger On Wed, 3 Mar 1993, Tony Kidson wrote: > > [ a convincing but long repost deleted ] ... > > Yanek Martinson > > yanek@novavax.nova.edu > I fully support this call for prefixes by subject class. > | Tony Kidson | ** PGP 2.1 Key by request ** | Voice +44 81 466 5127 | From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: George A. Gleason Date: Mon, 22 Mar 93 04:19:59 PST To: zane@genesis.mcs.com Subject: Re: HIDE: embedded msgs in grphics & snd Message-ID: <199303221218.AA23483@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain "once data encryption becomes illegal, searching for LSBs will become standard procedure for datacops." Aha, but if we can establish artistic protection for cyphertext, that will be one more brick in the wall that keeps the censors out. The point is to prevent it becoming illegal in the first place. Now so far we have one great strategy: making crypto ubiquitous, so there is no way to get the horses back into the barn. I think we can benefit from additional strategies, such as expanding into all the various areas of constitutional protection that might be available. -gg From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Sun, 21 Mar 93 22:22:53 PST To: djwright Subject: Re: Idea In-Reply-To: <9303220500.AA03848@toad.com> Message-ID: <9303220715.aa23117@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > Although the material is interesting, my mailbox is getting flooded.. > perhaps the mail should be compiled into a newsletter or 'zine format > and mailed monthly. I have no problems keeping up with the cypherpunks messages (they form such a small procentage of my mail anyway), and a good mail reader definitely helps. But if the messages got digested into huge batches, I would definitely stop reading them. Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mccoy@ccwf.cc.utexas.edu (Jim McCoy) Date: Mon, 22 Mar 93 08:19:08 PST To: cypherpunks@toad.com Subject: Re: Idea In-Reply-To: <9303220711.AA12900@triton.unm.edu> Message-ID: <9303221617.AA13744@tramp.cc.utexas.edu> MIME-Version: 1.0 Content-Type: text > > > > > Although the material is interesting, my mailbox is getting flooded.. > > > perhaps the mail should be compiled into a newsletter or 'zine format > > > and mailed monthly. > > > > I have no problems keeping up with the cypherpunks messages (they form > > such a small procentage of my mail anyway), and a good mail reader > > definitely helps. But if the messages got digested into huge batches, I > > would definitely stop reading them. > > Me to! I might venture into the table of contents. If nothing seemed > interesting there, (and there might be good stuff) I'd simpy hit 'd'. Don't > digest them! Thanx. Perhaps it might make sense to digest them and offer the digest (perhaps weekly or even a daily digest) as an alternative mirror of the regular list. The cypherpunks messages make a small percentage of my mail too, but when I get a one or two hundred messages a day it is hard for me to keep track of ongoing discussions in this list and I have a tendency to nuke the messages outright if the subject doesn't interest me. Redirecting the messages to a seperate folder doesn't help much either because I sometimes don't have the time to check the folder more than once a day and then when I do check it I spend more time thinking about how to trim the many messages than anything else... It is kind of ironic that a list which deals with the dispersal and protection of information only offers a single, inefficient, method for accessing that information. Offering a daily or weekly digest of messages would be agood thing, IMHO. In addition to making the list accessible to people who have real jobs or better things to do with thier time during the day [ :-) ] it would also offer an easy method for archival of messages on the list (e.g. just store the daily or weekly logs somewhere for ftp...) jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Arthur Abraham Date: Mon, 22 Mar 93 14:57:05 PST To: mccoy@ccwf.cc.utexas.edu Subject: Re: Idea Message-ID: <199303222255.AA22533@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain >>> preceeding postings not copied to increase the brevity of this message \ I like that last one too, but who will bell the cat? -a2. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mccoy@ccwf.cc.utexas.edu (Jim McCoy) Date: Mon, 22 Mar 93 15:52:28 PST To: cypherpunks@toad.com Subject: Re: Idea In-Reply-To: <199303222255.AA22533@well.sf.ca.us> Message-ID: <9303222350.AA19244@tramp.cc.utexas.edu> MIME-Version: 1.0 Content-Type: text > > >>> preceeding postings not copied to increase the brevity of this message > \ > I like that last one too, but who will bell the cat? It has already been done. Find the majordomo package (i found several sites with it via archie) and run this. It will automagically digestify and will also handle the subscribe/unsubscribe stuff. It is close to being a listserv for unix, but lacks the archive retrieval via mail functions. jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fnerd@smds.com (FutureNerd Steve Witham) Date: Mon, 22 Mar 93 15:20:11 PST To: Timothy Newsham Subject: Re: Encrypted computing questions Message-ID: <9303222315.AB22500@smds.com> MIME-Version: 1.0 Content-Type: text/plain Timothy Newsham asks a lot of questions about my "crypto goal" of encrypted computing. Rather than answer his questions one at a time, I'll try to clarify what I meant. Also, below I ask about a related crypto goal of "trans-cryption." The idea is that you have a program and maybe some initial state information. The program accepts data in some encrypted form. It does the equivalent of decrypting it and processing it. EXCEPT... o It never turns any part of it into plaintext (unless the output is plaintext, in which case it only shows up after the computing is done). o It's impossible by analyzing the code or watching it run to figure out what it did, or which bits went where. o In particular, you can't figure out the decrypting key by analyzing the program or watching it run. o If there's state information left over, it has to be in some encrypted form. Working backward from these goals, I figure that the program is somehow combined with its private key when it is turned into a crypto-program. How do you convince users that this is what you've done, that your program is actually a crypto program that never reveals its private key or plaintext of its inputs--that it doesn't just decrypt and then process the plaintext--and that you've thrown away the private key used to make it? When it runs, it has to process all its data in encrypted form! What sort of encryption could this be? The data has to be shuffled all around continuously, and it would seem you'd have to have lots of "if" statements to make sure it behaved very differently with small input changes, so that no one could tell what any input bit affected. If the program were an interpreter for a general-purpose language, you could send it encrypted programs to run. A related idea is trans-cryption. Is it possible to do the equivalent of two RSA encryption steps (e.g., decrypt with one key, then encrypt with another), without storing information that would let you deduce either of the keys or the data between the two steps? -fnerd fnerd@smds.com (FutureNerd Steve Witham) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hollander Date: Tue, 23 Mar 93 00:08:52 PST To: cypherpunks@toad.com Subject: another remailer goes on line Message-ID: <9303230804.AA14414@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Three remailers was not enough for me. I set up a fourth: 00x@uclink.berkeley.edu. It uses Hal's scripts, and will soon be running pgp (I already have pgp comiled for it). I'll post keys as soon as they are available. e From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phil Karn Date: Tue, 23 Mar 93 02:46:23 PST To: denning@cs.cosc.georgetown.edu Subject: your note on sci.crypt Message-ID: <9303231045.AA01021@unix.ka9q.ampr.org> MIME-Version: 1.0 Content-Type: text/plain Dr. Denning: Although you are correct that many of the responses to your proposal contained personal attacks (in which people called you naive, etc), you seem to believe that this invalidates the fundamental underlying point they were making. This is not so. This fundamental point can be summarized as follows: The US government has repeatedly shown by its past conduct that it simply cannot be trusted to obey its own laws regarding spying on private citizens, particularly those who are organized in lawful, peaceful opposition to government policies. And history has shown that it can take many years for unlawful monitoring to become public, if indeed they ever do (consider the current story I just sent you about the Army spying on Dr. Martin Luther King). In other words, the government has frequently ignored its own laws, because it knows it can do so with impunity. No credible case can be made that the problem has been "fixed" since the now-publicized abuses of the 1960s and 1970s, i.e., that new safeguards have somehow rendered the government incapable of violating the privacy rights of its citizens. Privacy violations may or may not still be occurring; we have no way to know. But I suspect it depends far more on the people in power than on any post-Watergate "safeguards" against the abuse of that power. The private use of strong cryptography provides, for the very first time, a truly effective safeguard against this sort of government abuse. And that's why it must continue to be free and unregulated. I should credit you for doing us all a very important service by raising this issue. Nothing could have lit a bigger fire under those of us who strongly believe in a citizens' right to use cryptography than your proposals to ban or regulate it. There are many of us out here who share this belief *and* have the technical skills to turn it into practice. And I promise you that we will fight for this belief to the bitter end, if necessary. Phil Karn From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 23 Mar 93 10:40:07 PST To: cypherpunks@toad.com Subject: FWEE! premature testing In-Reply-To: <9303121624.tn02614@aol.com> Message-ID: <9303231835.AA14090@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Dave Del Torto writes regarding Tim May's whistleblower test: >I know you >really wanted to post that nifty F-117A thing you OCR'd _somewhere_ but that >was not particularly helpful. I think it was extremely helpful. Especially when we are in a design phase, it is good to know just how strong a reaction there will be to some of these posts. It benefits us to have had the experience, not just an awareness of the problem. >Someone suggested a set of WB guidelines should be posted. Any guidelines must remain completely neutral about content of postings. A whistleblowers group is for expressing outrage. The things you are outraged about will be necessarily different from what others are outraged about. It is certain that one act of outrage will itself be outrageous to another. We have seen this already with Tim's post. A whistleblowers newsgroup must remain value-neutral with respect to all values except the freedom to speak. When all agree in advance that freedom of speech is a good thing, then we avoid problems when specific speech is to one party's disadvantage. Value neutrality must be taught; it will not come automatically. This, and the ability to teach the defense of privacy, are in the long run much more valuable than any one specific whistleblowing. >Nicholas Johnson, the former head of the FCC (under Johnson) >Ralph Nader's organization >Jim Settle (FBI Computer Crime Squad) >a fellow from the CIA [his name's Ross Stapleton] Dave mentions all these people are in favor of whistleblowing. The place where they can help the most is by affixing their signature to a document that defends the whistleblowers group in advance of "problems" with it. If we can gather enough signatures from a wide enough spectrum of the political process, the publication of the document alone will be worth press coverage. It might also be worthwhile to take out a few big ads in major newspapers and print a position paper. [Re: comments from Ross Stapleton] >done "correctly," the system can 'perhaps be somewhat protected' from posting >by pranksters/attackers with bogus revelations - it might require someone to >preview postings There's no need to preview anything. Let people say whatever they want. Then, should the CIA wish to confirm something, they can issue a statement with a digital signature attached to it, referencing the post in question. Review and verification is a valid concern; pre-review is not. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jthomas@coconut.mitre.org (Joe Thomas) Date: Tue, 23 Mar 93 09:09:00 PST To: cypherpunks@toad.com Subject: REMAIL: Anon.penet.fi no more Message-ID: <9303231705.AA05316@coconut> MIME-Version: 1.0 Content-Type: text/plain You probably have seen this already, but it's certainly of relevance to cypherpunks: > Newsgroups: comp.org.eff.talk,news.admin.policy,alt.privacy,alt.sexual.abuse.reco very,alt.support,alt.transgendered,soc.motss > Path: linus.mitre.org!linus!agate!howland.reston.ans.net!usc!elroy.jpl.nasa .gov!decwrl!uunet!mcsun!fuug!penet!julf > From: julf@penet.fi (Ze Julf) > Subject: Anon.penet.fi no more > Organization: No! > Date: Tue, 23 Mar 1993 15:03:59 GMT > Message-ID: <1993Mar23.150359.16883@penet.fi> > Lines: 54 > > The anonymous service at anon.penet.fi has been closed down. Postings to > netnews and mail to arbitrary addresses has been blocked. To enable users > who know each other only by their anon ID's to arrange alternate > communication paths, mail to anonymous users will still be supported for > two weeks. After this period all database entries will be deleted. > > Due to the lawsuit-intensive climate in the US, many anonymous services have > been short-lived. By setting up anon.penet.fi in Finland, I hoped to create > a more stable service. Anon.penet.fi managed to stay in operation for almost > five months. The service was protected from most of the usual problems that > had forced other services to shut down. But there are always going to be > ways to stop something as controversial as an anon service. In this case, a > very well-known and extremely highly regarded net personality managed to > contact exactly the right people to create a situation where it is > politically impossible for me to continue running the service. > > But of course this political situation is mainly caused by the abuse of the > network that a very small minority of anon users engaged in. This small > group of immature and thoughtless individuals (mainly users from US > universities) caused much aggravation and negative feelings towards the > service. This is especially unfortunate considering these people really are > a minuscule minority of anon users. The latest statistics from the service > show 18203 registered users, 3500 messages per day on the average, and > postings to 576 newsgroups. Of these users, I have received complaints > involving postings from 57 anonymous users, and, of these, been forced to > block only 8 users who continued their abuse despite a warning from me. > > In retrospect I realize that I have been guilty to keeping a far too low > profile on the network, prefering to deal with the abuse cases privately > instead of making strong public statements. Unfortunately I realized this > only a couple of days before being forced to shut down the service, but the > results of a single posting to alt.binaries.pictures.erotica.d gave very > positive results. I take full blaim for my failure to realize the > psychological effects of a strongly stated, publicly visible display of > policy with regards to the abuse cases. For this I have to apologize to the > whole net community. > > On the other hand I am deeply concerned by the fact that the strongest > opposition to the service didn't come from users but from network > administrators. I don't think sysadmins have a god-given mandate to > dictate what's good for the users and what's not. A lot of users have > contacted me to thank me for the service, describing situations where > anonymity has been crucial, but I could never have imagined in my wildest > dreams. At the same time quite a few network administrators have made > comments like "I can't imagine any valid use for anonymity on the net" and > "The only use for anonymity is to harrass and terrorize the net". > > Nevertheless, I really want to apologize both to all the users on the > network who have suffered from the abusive misuse of the server, and to all > the users who have come to rely on the service. Again, I take full > responsibility for what has happened. > > Julf > Very sad, rather scary. Sorry to hear this, Julf. Joe From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 23 Mar 93 12:32:42 PST To: cypherpunks@toad.com Subject: Idea In-Reply-To: <9303221617.AA13744@tramp.cc.utexas.edu> Message-ID: <9303232028.AA20325@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Jim writes: >It is kind of ironic that a list which deals with the dispersal and >protection of information only offers a single, inefficient, method for >accessing that information. My main goal for cypherpunks is to get people to defend their own privacy, rather than relying on someone else to provide it for them. There were several different methods recently mentioned that allow people to take control of their own email flow. I would suggest that all those who would rather have another way of accessing the list do so on their own computers. In addition to all the methods for handling mail mentioned before, the remailer source code includes a rewrite of slocal in perl done by Hal Finney. Available from soda.berkeley.edu:pub/cypherpunks/remailer. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Tue, 23 Mar 93 12:26:44 PST To: cypherpunks@toad.com Subject: Legal Net Monthly Newsletter Message-ID: MIME-Version: 1.0 Content-Type: text/plain Opinion, editorial and news worthy submissions are currently being (sought and) accepted for a new start-up electronic news journal. This monthly compilation will be called 'The Legal Net Monthly Newsletter' and will focus on the legal and ethical aspects of computer networking. Legal Net Monthly will be a non-biased, open forum electronic newsletter keeping in step with the networking environment of the '90's and will be availble by E-Mail subscription. Legal Net Monthly is aiming to release it's first issue on May 1st, 1993. Articles on the following topics are especially welcome: o Defining "Criminal Mischief" on the Nets o Authoring/Distributing Computer Viruses: Legal Implications o Legislative news around the world Send all sumissions, subscription requests and correspondence to: fergp@sytex.com Paul Ferguson | "Sincerity is fine, but it's no Network Integration Consultant | excuse for stupidity." Centreville, Virginia USA | -- Anonymous fergp@sytex.com (Internet) | sytex.com!fergp (UUNet) | 1:109/229 (FidoNet) | PGP 2.2 public encryption key available upon request. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Duncan Frissell <76630.3577@CompuServe.COM> Date: Tue, 23 Mar 93 12:08:48 PST To: Subject: Re: HIDE: embedded msgs in grphics & snd Message-ID: <930323195931_76630.3577_EHL41-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain >>>For exactly this reason, I don't think that this is a very good >>>idea. The discussion here started as a search for a way to make >>>encrypted data not look like encrypted data. (Once it becomes illegal). I tell you three times, I tell you three times, I tell you three times... The Feds are *not* going to outlaw encryption. They believe in encryption. They even have official bodies designed to encourage encryption. They are not even going to outlaw encryption they can't break. They are internally split on the issue. By the time they got around to actually *doing* anything, we will have been online with a fully encrypted communications system for years. They can't move fast enough. They lack the overall control of the networks to implement such a proposal. There would be First Amendment challenges. In order for such regulation to be enacted, there would have to be a collective appreciation of the risk that encryption poses to the world's States (it risks their destruction but we won't tell them that). This is too much of a high order abstraction for a collective decision making process to handle. We've had powerful encryption techniques for a while in any case. One-time pads are more than 100 years old, aren't they. "Publication" in the international realm is not subject to local laws in any case. International publications routinely carry ads for goods or services that would be illegal to sell in the individual countries reached. Sometimes a country like Singapore will censor a publication like the Asian Wall Street Journal. Ridiculous since it can be read online. Outlawing encryption is a form of censorship and censorship will prove increasingly difficult as time goes on. If they can't keep crack cocaine out of Sing Sing, how can they keep PGP out of my computer (or computers under my control somewhere in the world). The enforcement problems are staggering. What about sentencing. What is the social damage involved in my sending my wife a 2.5K encrypted file. Pretty petty offense. Even if encryption was generally outlawed, anyone involved a privileged communication (spouses, attorney-client, physician-patient, priest-penitent, etc.) could continue to use the technology since assuring privacy is one of the technical requirements of exercising such a privilege. Say, what if I as an attorney operate an anonymous remailer. I know that privilege probably wouldn't attach because I wasn't a party to the communications but it would make for some entertaining litigation. No one has yet answered my legal question of several months ago. If you have an unbroken coded message, how does the prosecutor prove beyond a reasonable doubt and to a moral certainty that it is a coded message. Even if it has identifying headers and footers, that say "PGP 2.2" you can claim that you just put them on to random noise for fun in order to tweak the noses of the authorities. Duncan Frissell From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Tue, 23 Mar 93 13:14:19 PST To: CYPHERPUNKS Subject: REMAIL: Anon.penet.fi no Message-ID: <930323210434_74076.1041_DHJ74-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- > The anonymous service at anon.penet.fi has been closed down. > But of course this political situation is mainly caused by the abuse of the > network that a very small minority of anon users engaged in. This small > group of immature and thoughtless individuals (mainly users from US > universities) caused much aggravation and negative feelings towards the > service. This is especially unfortunate considering these people really are > a minuscule minority of anon users. The latest statistics from the service > show 18203 registered users, 3500 messages per day on the average, and > postings to 576 newsgroups. Of these users, I have received complaints > involving postings from 57 anonymous users, and, of these, been forced to > block only 8 users who continued their abuse despite a warning from me. This is truly tragic. Julf has endured weeks of attacks and now The Powers That Be have managed to shut down this widely used service. In the debates we've had here about anonymous posting, we have distinguished two problems: volume abuse and content abuse. Volume abuse is the use of the remailers to send "mail bombs", excessivelly large or numerous messages to an individual designed to fill his mailbox, or to similarly bombard newsgroups with large numbers of messages. Most of us have agreed that this is a legitimate problem, and various mechanisms have been discussed to address this. Content abuse is more problematical; it basically refers to someone posting a message whose contents someone else objects to. The traditions of freedom of speech and freedom of the press in the U.S. make it difficult to argue in favor of restrictions based on message content. Despite this, I have the impression that most of the objectionable messages Johan refers to actually were objected to based on their content. It's not that people were bombarding newsgroups with excessive numbers of messages, it's that they were posting things that (some) people didn't want them to post. It would be useful if Johan, after he has a chance to rest up a bit from the recent political battles, could take the time to summarize information about "abusive" posts. To what extent are the problems due to message contents, versus size or frequency, for example? Are there any patterns that can be gleaned about what material people most object to? In particular, it would be interesting to know whether there was material posted which was arguably illegal versus just in bad taste (in someone's opinion). This kind of information would be useful for the next time someone is willing to brave the net censors and start another anonymous posting service. Hal -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK69QWKgTA69YIUw3AQHl7gP9H4iOSInpXNnpC8UGlrUlIXyQAX5m5ude 5Gn8tK9qgo0QRpwCMyVnYf3W+5Zpr5GVZJ53TrArODwpqW49mfFg2NmAX3npq9jo Bx9Etmhj2M0krJZ0WAF3TBTx/cmfrStBJA1+dpjeacjuGhAD7b8518TFqFRlGbRB sIlEd6laEgA= =FH2l -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Tue, 23 Mar 93 14:55:05 PST To: cypherpunks@toad.com Subject: Re: REMAIL: Anon.penet.fi no In-Reply-To: <930323210434_74076.1041_DHJ74-1@CompuServe.COM> Message-ID: <9303232205.AA07849@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain Hal says: > > This is truly tragic. Julf has endured weeks of attacks and now The > Powers That Be have managed to shut down this widely used service. [...] > Despite this, I have the impression that most of the objectionable messages > Johan refers to actually were objected to based on their content. It's > not that people were bombarding newsgroups with excessive numbers of messages , > it's that they were posting things that (some) people didn't want them to > post. Interesting, isn't it, that Ted Tso's nightmare about horrible libelous or volume-bomb postings didn't come true, but my nightmare about censorship seems to have. They've succeeded this time, but I doubt that they will next time... Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dmandl@shearson.com (David Mandl) Date: Tue, 23 Mar 93 19:31:27 PST To: extropians@gnu.ai.mit.edu Subject: Call for Submissions: Autonomedia Message-ID: <9303240019.AA22037@tardis.shearson.com> MIME-Version: 1.0 Content-Type: text/plain Please feel free to distribute the following to anyone you think might be interested. Thanks. -------------------------------------------------------------------- CALL FOR CONTRIBUTIONS Dear Friends, Autonomedia is preparing an anthology of essays and possible visual material for a book (and electronic media) on the issues surrounding communications, intellectual property, work, and new information technologies. We anticipate a publication date at the end of this year. Among the many topics we hope to address: The anti-copyright movement State information-control mechanisms "Plunderphonics" and sound sampling Immediatism Plagiarism Cypherpunk and crypto anarchy Hacking and cracking The politics of "academic freedom" Virtual prisons and digital leashes Class struggle on the high-tech front Phone sex and computer porn Obsolescent media and "product" The politics of mail art and free radio Future tech Network TV, cable, and narrowcasting Laws and borders, globalism Aesthetics of appropriation after post-modernism Electronic banking, digital cash, the end of "money" Visual imaging and electronic pictography Virtual reality and electronic spectacularity Data piracy: computer viruses, high tech luddism, etc. Anonymity and digital identities Genetics as commercial medium Primitivism and the anti-technology movement The legacy and future of phone phreaking Body politics, angelic capital, mormons in space Robots and computerized industrial production Media ecology and media diets Surveillance and popular defense "Information economy" Cybergnosis This list is meant to be suggestive, not exhaustive. Query us with your suggestions as soon as possible. We hope to make contact with all possible contributors by the start of summer, with a final deadline of October 1, 1993, for submissions. Wherever feasible, please send submissions on computer disk (ASCII or any word processing format in any platform) as well as by paper copy. We appreciate any help you may be able to offer in this endeavor. AUTONOMEDIA COLLECTIVE P.O. Box 568 Williamsburg Station Brooklyn, NY 11211-0568 USA email: jafhc@cunyvm.cuny.edu or dmandl@shearson.com Fax: 718-387-6471 -------------------------------------------------------------------- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Tue, 23 Mar 93 17:17:21 PST To: cypherpunks@toad.com Subject: anon.penet.fi bites the dust Message-ID: <9303232122.aa19890@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain Today I posted the attached message to various newsgroups. I still plan to continue mail service, and my work on the alt.whistleblowers project. Julf ----------- The anonymous posting service at anon.penet.fi has been closed down. Postings to netnews and mail to arbitrary addresses has been blocked. Mail to anonymous users will still be supported, so anon.penet.fi can be used as an anonymous P.O.Box service. Due to the lawsuit-intensive climate in the US, many anonymous services have been short-lived. By setting up anon.penet.fi in Finland, I hoped to create a more stable service. Anon.penet.fi managed to stay in operation for almost five months. The service was protected from most of the usual problems that had forced other services to shut down. But there are always going to be ways to stop something as controversial as an anon service. In this case, a very well-known and extremely highly regarded net personality managed to contact exactly the right people to create a situation where it is politically impossible for me to continue running the service. But of course this political situation is mainly caused by the abuse of the network that a very small minority of anon users engaged in. This small group of immature and thoughtless individuals (mainly users from US universities) caused much aggravation and negative feelings towards the service. This is especially unfortunate considering these people really are a minuscule minority of anon users. The latest statistics from the service show 18203 registered users, 3500 messages per day on the average, and postings to 576 newsgroups. Of these users, I have received complaints involving postings from 57 anonymous users, and, of these, been forced to block only 8 users who continued their abuse despite a warning from me. In retrospect I realize that I have been guilty to keeping a far too low profile on the network, prefering to deal with the abuse cases privately instead of making strong public statements. Unfortunately I realized this only a couple of days before being forced to shut down the service, but the results of a single posting to alt.binaries.pictures.erotica.d gave very positive results. I take full blaim for my failure to realize the psychological effects of a strongly stated, publicly visible display of policy with regards to the abuse cases. For this I have to apologize to the whole net community. On the other hand I am deeply concerned by the fact that the strongest opposition to the service didn't come from users but from network administrators. I don't think sysadmins have a god-given mandate to dictate what's good for the users and what's not. A lot of users have contacted me to thank me for the service, describing situations where anonymity has been crucial, but I could never have imagined in my wildest dreams. At the same time quite a few network administrators have made comments like "I can't imagine any valid use for anonymity on the net" and "The only use for anonymity is to harrass and terrorize the net". Nevertheless, I really want to apologize both to all the users on the network who have suffered from the abusive misuse of the server, and to all the users who have come to rely on the service. Again, I take full responsibility for what has happened. Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: internaut@aol.com Date: Wed, 24 Mar 93 01:17:51 PST To: cypherpunks@toad.com Subject: FREE: warning to "sci" anonymous posters Message-ID: <9303240415.tn73502@aol.com> MIME-Version: 1.0 Content-Type: text/plain Sir, I find the contents of your warning message (appended below) to be an outrageous affront to the right of Freedom of Speech granted to all Americans in the Constitution. In fact, if you take a moment to think globally, your proposals are detrimental to the future freedom of all Citizens of the World. I think that you *yourself* should be warned that there are many of us watching your actions with great interest - and some of us have very long memories when such repressive actions are considered. particularly vexing is the idea that ANY anonymous mail might be censored - this might edit out EXACTLY the voices of criticism that make out Nation and our Internet great. Any newsgroup that can't accept the fundamental right anonymous posting should have the option of IGNORING them, but not removing them. People who want to censor speech in such a knee-jerk way have no place in public with other free people. If the reasoned opinion of any upstanding Citizen of the Internet or the US has any effect on your actions, I strongly urge you to stop this practice (if you have begun using it) and to never, ever begin it (if you have not yet). Someday you may want to vote in a US election. You'll probably want to cast a secret ballot, won't you? This is only one small example of the fundamental role of anonymity in our great Democracy. We don't need this brand of "enforcement" example on the Internet, and we don't need berobed Ku Klux Klan members lynching people to remind minorities to "behave." Erode these freedoms, and you may one day be unable to cast a ballot without being photographed and fingerprinted - it wouldn't be a very satisfactory way to run a Democracy, would it? You might scoff at my example, but one can build a mountain from many pebbles, and your action is a large chunk of stone in the mountain of Thought Bondage. I prefer to believe that you are a well-educated, thoughtful person who can see the Orwellian Thought Control inherent in this idea. i refer to imagine that you will not only reconsider such actions and vow to never follow those censorial urges, but also actively persuade others of such restrictive opinions to reconsider and stop their actions. A good Golden Rule to follow is: "Don't limit anyone's Freedom of Speech or you might be next one to be silenced!" Do the Right Thing! dave > As I promised yesterday, I emailed each recent anonomous poster >in the "sci" hierarchy a note explaining what may happen this >weekend. > >Dick >=-=-=-=-=-=-=-=-= >Dear anonymous poster, > > You may not be aware of the discussion in news.admin.policy >concerning the propriety of posting anonymously to newsgroups which >have not invited such postings. As someone who has posted anonymously >to the "sci" hierarchy recently, you should read it. > > I am writing to inform you that if Julf, admin@anon.penet.fi, >does not soon block anonymous postings to the "sci" hierarchy, then >I will activate an "Automated Retroactive Minimal Moderation" script >that will cancel postings to this hierarchy from his server. This is >intended to restore the pre-Julf status quo, at least temporarily, >over the weekend. > > Rest assured that there is nothing personal in this. I have not >read your postings, and I have no reason to believe that they were out >of line in any way other than being anonymous. I have nothing against >anonymous postings to groups that have decided to accept such >postings, nor do I object to any newsgroup deciding to do this. I >*do* object to Julf's permitting his server to post to newsgroups >without any effort to determine whether the readers of those newsgroups >want to permit anonymous postings. > > You have several possible courses of action if you wish to post >to the "sci" hierarchy while the "Automated Retroactive Minimal >Moderation" is in effect: > >*1 convince Julf to accept the "Petersen Proposal" for default > settings for different hierarchies. I promise to turn off the > ARMM script as soon as I hear that he will do this (or anything > reasonably responsive). > >*2 convince the readers of the newsgroup to which you want to post > that anonymous postings should be accepted in that newsgroup. > I can think of several valid reasons that may prompt such a desire, > but the decision should be made by the readers of the newsgroup, not > imposed by a single person such as Julf, or me. I promise to > abide by whatever decision the newsgroup makes. This does not > need to be a formal vote. A straw vote with a clear majority will > suffice. > >*3 have a friend post for you, use a different anonymous server, > or, if all else fails, post under your own name. People used to > do this, you know. :-) > > If none of these suit you, then simply be patient, and wait until >Monday. I intend to run ARMM, if I run it at all, for less than 48 >hours... this time. This is merely intended to be a demonstration >that an effective enforcement mechanism for blocking postings from a >particular site can work. > > I apologize in advance for any inconvenience this may cause you. >My argument is with Julf and is about the default setting for entire >hierarchies; it is not with you or your particular postings. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ssandfort@attmail.com Date: Tue, 23 Mar 93 21:08:24 PST To: cypherpunks@toad.com Subject: anon.penet.fi bites the dust Message-ID: <9303240508.AA10264@toad.com> MIME-Version: 1.0 Content-Type: text _________________________________________________________________ FROM THE VIRTUAL DESK OF SANDY SANDFORT ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Johan Helsingius (Julf) writes: ". . . a very well-known and extremely highly regarded net personality managed to contact exactly the right people to create a situation where it is politically impossible for me to continue running the service." Excuse me. Why aren't the names of the "net personality" and "exactly the right people" given in this post? Did they request anonymity? Of course, you wouldn't want to get them mad. They might punish you by . . . by, oh, I don't know . . . maybe shutting down your anonymous remailers? Couldn't have that, could we? S a n d y ssandfort@attmail.com "A slave is one who waits for someone else to free him." -- Rosellen Brown -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "John Coryell." Date: Sat, 27 Mar 93 01:43:04 PST To: cypherpunks@toad.com Subject: Re: your note on sci.crypt Message-ID: <9303270942.AA06381@toad.com> MIME-Version: 1.0 Content-Type: text/plain Very nicely stated, Phil. John Coryell. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Wed, 24 Mar 93 15:14:22 PST To: Cypherpunks@toad.com Subject: Many Important Items in the News Message-ID: <9303242312.AA07079@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain I urge all Cypherpunks to keep up with what's happening in several newsgroups: * alt.security.pgp and sci.crypt, for the latest in availability of PGP, MacPGP, etc. Also, a debate over Dorothy Denning's ideas on key registration and restrictions on crypto. (And for entertainment, David Sternlight and our own Perry Metzger are duking it out. Sternlight caused MacPGP to be pulled off the announced archive sites.) * news.admin.policy, for the latest on Julf's shutdown of his anonymous server, and for discussion of proposed successors. The whole shutdown is an important topic--perhaps someday Julf will be able to tell the whole story. Mention of the "Cypherpunks remailers" has been made in several places....this may be a good time to a) prepare for a wave of new users, b) be sure the code is solid and ready, and c) advertise the existence of the remailers and which one are up, which ones require PGP, etc. And given that our systems are "even more anonymous" that Julf's was, the abuses seen with his system will have to be faced on our systems. The alleged abuses of Julf's system: supposedly a picture of a burn victim was posted to one of the erotica groups (tacky in the extreme, but hardly illegal or a threat), instructions on how to poison cats (also tacky but not ipso facto criminal), etc. (I don't know what the culminating case was, nor will I speculate.) As we've talked about before, some folks may try to shut us down by deliberately posting extremely controversial material. There was also a major flamewar over the weekend when one Richard DePew decided to initiate his "ARMM" ("Automated Retroactive Minimal Moderation") program, which sent out "CANCEL" notices for anonymous messages posted to certain groups. Very controversial, and a sign of things to come. (The connection, if any, with Julf's shutdown remains unclear. Certainly the whole issue of anonymous postings reached a head this past weekend. Sternlight's threats about PGP may have been involved as well. Julf?) (Cypherpunks remailers may want to change the "Nobody" and "Anonymous" tags to names that are less screenable, less susceptible to censorship by ARMM-type programs. Using a rotating list of fictional or historical names may be an approach, but I'm sure we can think of many ways to bypass ARMM-type cancellers.) These are certainly interesting times. -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Wed, 24 Mar 93 18:57:35 PST To: tcmay@netcom.com Subject: Re: Many Important Items in the News Message-ID: <9303250255.AA11589@servo> MIME-Version: 1.0 Content-Type: text/plain >(Cypherpunks remailers may want to change the "Nobody" and "Anonymous" tags >to names that are less screenable, less susceptible to censorship by >ARMM-type programs. Using a rotating list of fictional or historical names >may be an approach, but I'm sure we can think of many ways to bypass >ARMM-type cancellers.) I'm not sure I like this idea. In my own discussions with people on this issue, I've found that "filterability" (for lack of a better term) overcomes *many* (if not all) of the standard objections to anonymous email. I see email anonymity as directly analogous to Caller-ID in the telephone network. Historically, telephony and email have taken competely opposite tacks on the caller privacy issue: telephone calls have always been anonymous while the Internet has effectively had "Caller ID" with no blocking. Caller ID changes the former assumption, while the anonymous remailer changes the latter. A consensus seems to be emerging on Caller ID: it's a good thing, *provided* there's a way to block it. In other words, the calling and called parties must agree on whether or not the caller will identify himself. If they don't agree, the call won't go through. Because the Caller ID messages explicitly state when the caller's number is blocked (as opposed to simply being unavailable for other reasons), it would be straightforward to build a call filter box that would disable your ringer and return an error message to any caller that invokes caller ID blocking. ("I'm sorry, the number you have reached will not accept anonymous calls. If you wish to reach this party, please unblock caller ID and try your call again.") I think this approach strikes an eminently reasonable balance between the privacy interests of the two parties. Personally, I would not use such a box unless I was actually having problems with anonymous crank calls. But a single woman living alone might well feel differently. The important thing is to let each individual make that decision for him/herself, not to impose one policy on the entire world. I think this is also exactly the right solution for email. The policy for the Internet should be that anonymous email is perfectly okay as long as it is clearly labeled as such. Then anyone who doesn't want to receive it can automatically remove it from their incoming mail without ever having to set eyes on it. This allows anonymous email to flourish wherever the recipients consent to receiving it, while it could not be used (for very long, anyway) to harass a nonconsenting recipient. More elaborate filters could be constructed that would accept anonymous email only when it had been signed by certain specific RSA keys. This would let consenting parties communicate by means of pseudonyms, without having to open themselves up to anonymous harassment from the entire net. What do you think? Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Wed, 24 Mar 93 21:24:49 PST To: cypherpunks@toad.com Subject: Re: Many Important Items in the News Message-ID: <9303250523.AA15039@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Phil Karn comments on my proposal: >>(Cypherpunks remailers may want to change the "Nobody" and "Anonymous" tags >>to names that are less screenable, less susceptible to censorship by >>ARMM-type programs. Using a rotating list of fictional or historical names >>may be an approach, but I'm sure we can think of many ways to bypass >>ARMM-type cancellers.) > >I'm not sure I like this idea. In my own discussions with people on >this issue, I've found that "filterability" (for lack of a better >term) overcomes *many* (if not all) of the standard objections to >anonymous email. A very good point. I was thinking more about the "ARMM"-style attacks and not so much about the normal filters people might write to keep from seeing anonymous posts. So, anything we do to make it hard for a determined attacker (writing ARMM-style filters), makes it even harder for casual users. I guess the solution is to discourage global, ARMM-style filters (and perhaps even look again, as a community, at digital sigs for postings, so that only the author can cancel them). -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: portwatson@firefly.rain.com (Port Watson Ltd) Date: Thu, 25 Mar 93 03:02:30 PST To: portwatson-info@firefly.rain.com Subject: Tropical Libertaria Message-ID: MIME-Version: 1.0 Content-Type: text/plain An Island in the Net... Dear Freedom Lover, Do you yearn for freedom now? Do you ever daydream...plotting your daring escape from the faceless bureaucrats and their idiotic edicts? Imagine, for a moment, your picture of "utopia"...a place where you are free to be you...with friends and neighbors who share your views on liberty, individualism, free thought and free enterprise. A place where the sun sets and rises on a locale of mutual acceptance and intellectual emancipation... A place where your personal lifestyle is your business... Your very own private tropical paradise where freedom flows gently through the palms like a tradewind breeze... Safe, secure, crime-free...yet fun and exciting... A place which has existed only in our hearts and minds... ...until now: We invite you to visit Port Watson where the quality of life is our first concern... Located on Clove Cay, Exuma, Bahamas, Port Watson is being created as an intentional community of Free-thinkers, Artists, Writers, Cybernauts, Philosophers, Computer Professionals, Free- Market Leaders, and other Interesting Individuals in the midst of a true tropical island paradise surrounded by the best sailing, fishing, and diving waters in the world! Conspicuous by their absence are Cops, Jails, Tax Collectors, and Bureaucrats. Your neighbors will be adventuresome free-thinkers who understand freedom and personal responsibility... Free-spirited intellectuals who share your vision of a libertarian intentional community... People like YOU. Picture yourself on a hammock between twin palms gently swaying in the tradewinds' breeze beside a quiet lagoon as sailboats glide gracefully by. The water is light green, deep blue and every imaginable hue in between, yet clear as glass down to the sand dollars, starfish and colorful shells below... Or, if you seek the more active lifestyle, water sports abound in the calm, clear seas surrounding Port Watson. The diving is rated among the best in The Bahamas, which is to say the best in the world, and yachtsmen the world over revere the waters for their unsurpassed clarity and beauty and uninhabited white beaches. Famous for its abundant fishing, being rich in Blue Marlin, Bonefish, Tuna, Amberjack and Grouper, Port Watson is a true Deep Sea Fisherman's dream. Make your next car a boat! Whether you plan to become a year-around resident, or decide to build a vacation home, Port Watson is exclusive, private, quiet...for the discerning few who know the value of ocean front property... Port Watson at Clove Cay is a rare real estate opportunity that you can visit, build your dream home on, vacation at, or live forever with those you love. In fact, the friendly new free-market government of The Bahamas is encouraging your emigration... If you're an interesting person, chances are you fall under the Group 4 Specialist Category, which means that you qualify for permanent residence without giving up your U.S. citizenship...all the benefits of Bahamian citizenship with all the comforts of home. The Bahamas - the perfect NO-TAX haven... No personal or corporate income tax, no sales tax, no capital gains tax, no withholding tax, no business tax, no estate tax, no gift tax, no inheritance tax, no death duties, no employment taxes, no probate fees, (and, in the case of Port Watson, a generous exemption from property tax.) Individuals, corporations (including nonresident-controlled Bahamian corporations), partnerships, trusts, and estates can all enjoy this immunity! And, there's more... ...The Bahama's model bank secrecy laws are the envy of the world...and the scourge of greedy bureaucrats. The Bahamian secrecy laws are imposed on all Bank and Trust Companies, their directors, officers, and employees, attorneys, and auditors. The Bahamas is not a party to any tax or fiscal information-sharing agreements (i.e., tax treaties) with any other country. Neither the IRS, Revenue Canada, British Inland Revenue, nor any other foreign principality or power can obtain information about a bank account you may have in The Bahamas...Once you open an account in The Bahamas, you are the only one who has the privilege to access it! Freedom isn't free, but we've made it as low cost as possible. Lots start at $20,000 at 10% down/10 years....owner financing is available! All land sales and transfers are being handled by Graham Thompson & Co., Sassoon House, Nassau, Bahamas. We have investigated the cost of materials and local labor, and can recommend several styles of homes and building materials. Using state-of-the-art building techniques and materials, your home could be on-site and up in a matter of weeks. If you wish, we can arrange the rental of your vacation home for you. Homes in the area currently rent from $150 to $300 per night. If you elect to rent out your vacation home through us, full-time caretakers are available to maintain your home and grounds during your absence for a small fee, contingent upon rental. With an eye toward our goal of reasonable self-sufficiency, co-ops are being encouraged to meet such needs as energy, food, communications, etc., to ensure that Port Watsonians enjoy the comforts of gracious high-tech living. Even co-op housing options are available as a cost-saving alternative for the budget minded, and our planned state-of-the-art satellite communications facility will make telecommuting a comfortable reality for our residents. We've caught the attention and encouragement of such notables as Peter Lamborn Wilson, author and editor of Semiotext(e), Robert Anton Wilson, author of Prometheus Rising, et. al., and Dr. Mary Ruwart, author of "Healing Our World: The Other Piece of the Puzzle," and Andre Marrou's first choice as Vice Presidential running mate. As Dr. Ruwart expressed to us: "A libertarian community, ESPECIALLY IN THE BAHAMAS, is a GREAT idea!" You see, Port Watson is an Idea Whose Time Has Come. For itinerary and more information contact Kevin Bloom, of Port Watson Ltd, 303-442-6256 (11 AM to 6 PM Mountain Time) or portwatson@firefly.rain.com or 74640.606@compuserve.com... VISIT PORT WATSON, the intentional community at Clove Cay, Exuma, Bahamas...AND LET THE ADVENTURE BEGIN! Your Visit May Be Tax Deductible! This offer of freedom void where prohibited by law or similar inanity. Sincerely Yours, Benjamin Hamilton Power, Secretary-Treasurer Port Watson, Ltd. portwatson@firefly.rain.com -more- Addendum: Having read this far, you have a pretty good idea of what we're doing at Port Watson, and whether Port Watson sounds like the place you've been looking for. We, of Port Watson, know that freedom is precious and essential to personal growth and prosperity, and this philosophy is central to our community. We also know that freedom doesn't just "happen." It must be created... Indeed, we're turning dream into reality, and we're inviting you to join us! Those of us who launched this project are totally committed to its success, and will be living at Port Watson permanently. We beckon you to join us in this exciting adventure. Our model of tolerance, personal liberty and intellectual freedom will be the paradigm of the consummate intentional community...the very idea of such an environment is attracting "just the right people," and we'd like you to be among them. In addition to having a social atmosphere conducive to creativity and free trade, we are also developing an economic environment which will help ensure the project's success. A system of voluntary cooperatives is being encouraged to take care of such needs as food, energy, communications, waste-management, consumer goods and other staples, electronics, toys, education, banking and investments, and so forth. Your participation in any or all of these co-ops is, of course, completely voluntary. Please inquire. One unique option being offered for those with an eye toward budget is that of Alternative Co-op Housing. If you're not familiar with Co-op housing, it works like this: Each family unit (or individual) owns its own dwelling. This can be either an unattached cottage or a condo style arrangement. Centrally located is a larger building which holds a large kitchen, dining hall, and living/entertaining area. Cooking duties are shared by Co-op members on a rotational basis ...depending on the size of your Co- op, your kitchen shift could occur as infrequently as once a month...this alone makes Co-op housing extremely attractive. Members of the Co-op housing group can also arrange for child-care and home schooling options with other members. Co-op housing members are able to pool their resources to create mega-workshops, computer LAN systems, or whatever they desire. Co-housing offers a genuine feeling of community at an affordable price, and is a logical arrangement for those of you who may be coming on board as a group. It is very popular in Denmark, and has enjoyed some success in communities in the United States. If you prefer conventional housing, many different styles and materials are obtainable locally, and labor is available in George Town on nearby Great Exuma. If you're looking for that special location to build a vacation or retirement home, rest assured that Port Watson is the place for you. Vacation homes rent for $150 to $300 per night in this part of the world, and with the proper listing and promotion many of those homes stay quite "busy." Your rental profits could be deposited in your Bahamian bank account, if you so desire. Our planned state-of-the-art satellite communications facility will provide for the transmission of voice/video/data, making telecommuting a viable option for many residents of Port Watson, especially writers and individuals involved in the development of software products. Most Port Watsonians are computer professionals who have decided to break free from the bumper-to-bumper chain-gang choosing, instead, the tranquility of a beach-front paradise as their office. If you're an entrepreneur, many excellent opportunities exist in the form of tourist concessions such as diving, boating, windsurfing, fishing, food service, tavern, etc., in what is basically virgin territory. Remember, your Bahamian bank account is your business. Please inquire. We are eager to hear from you, and will gladly answer any questions you may have. The prospects are exciting, paradise awaits, and the time to embark is now... Our initial group will consist of fifty people, but in order to meet our contractual obligations, we must have those fifty people confirmed within the next sixty days.....so call now. Those addresses, again, are: Kevin Bloom Voice 303-442-6256 (11 AM to 6 PM Mountain Time) CompuServe 74640,606 CompuServe via Internet: 74640.606@compuserve.com or Internet: portwatson@firefly.rain.com Some oft-asked questions: Q: Are you starting your own country? A: No, we are creating an intentional community on a beautiful privately owned island. Q: Where is Clove Cay? A: Clove Cay is an island in the Brigantine Chain of The Bahamas, which parallels the Exuma Chain. It is a 15 minute boat ride from Barreterre Island, which is connected by bridge to the northern tip of Great Exuma. George Town is 45 minutes away by car. Q: How do I get there? A: Several airlines, including American Eagle (800-433-7300) and Airway International (305-526-3852) have daily flights to George Town from Miami or Ft. Lauderdale. Bahamasair (800-327-8080) flies to George Town daily from Nassau. Hire a car from George Town north to Barreterre at the tip of Great Exuma (about 45 minutes) and onward by boat to Port Watson on Clove Cay (15-20 minutes.) A representative of Port Watson is living on the island to host visitors. Your stay will be quite enjoyable. Call Kevin Bloom at 303-442-6256 to make arrangements for your visit. Q: Must I give up my U.S. citizenship to live at Port Watson? A: No. U.S. citizens are allowed to stay for up to three months almost automatically, and renewing is usually very easy. Professional skills are in demand in The Bahamas and can get you Group Four Specialist classification which qualifies you for Permanent Residence status. Entrepreneurs investing in new businesses can also obtain permanent residence quite easily. Q: Do I need a passport or visa to visit Port Watson? A: U.S. citizens do not need a passport or visa to enter The Bahamas. You will need two pieces of identification to re-enter the United States, such as a valid driver's license and a voter registration stub. Q: Will we be under Bahamian jurisdiction? A: Yes, but don't panic. The Bahamian government does not pester privately owned islands. One of the most popular resorts, Abaco, boasts of no police and no jails. There is very little crime in the Out-islands and, because there are so few taxes, the government has little reason to meddle in private affairs. The rule of thumb is that the further away you get from the central government in Nassau, the less interference you receive. The recently elected government of The Bahamas leans very strongly toward free-market principles and is dedicating itself to removing much of the bureaucracy and restrictions put in place by the former Pindling administration. Frankly speaking, the Bahamians like our project and want us there. Taken together, all of these factors should lead to an environment markedly freer of government interference than is currently the case in the U.S. or much of the rest of the world. Q: Are there homes already on the island? A: There is one home and several out-buildings, all of which are currently in use. Q: Is Port Watson, Ltd., acting as developer? A: Port Watson, Ltd., is not a developer, per se, and is only subdividing the island and making the lots available to interested persons. Each property owner is responsible for developing his or her own property, including providing water, waste disposal, power, phone service, and so forth. We are encouraging buyers to form cooperatives to fill such needs, and are facilitating the formation of such co-ops; participation by each property owner is strictly voluntary. Q: How long will it take for me to build my home? A: With today's materials and techniques, your home could be up in a few weeks. Q: What about firearms? A: Unfortunately, The Bahamas has gone the way of other Commonwealth nations on that one...better leave them at home. However, shotgun permits may be obtained. We have Bahamian attorneys to help in such matters. Q: Are medical facilities available? A: Yes. The George Town Medical Clinic has two nurses and one resident physician less than an hour away. Also, the Bahamian government keeps aircraft on standby for Out-island emergencies. Q: What about drinking water? A: Water catchment systems are the norm in the region, and are generally found to be quite adequate. Also, you may wish to consider joining or forming a desalination co-op. Port Watson, Ltd., retains underground water rights to the island. Q: What about energy? A: Most homes in the Out-islands rely on small generators for their electrical, and bottled gas for cooking. Wind and solar sources are also becoming popular. You, and your neighbors, may wish to form an energy co-op utilizing a larger, quieter, more efficient diesel generator shared among several homes. Q: What about waste management? A: We are encouraging the use of chemically assisted composting toilets and other forms of recycling. Your participation in a waste management and recycling co-op is strongly encouraged. Q: How do I go about joining or forming a co-op? A: Just let us know. We will put you in touch with other Port Watsonians who share the same interests. Q: What about currency? A: U.S. currency is accepted everywhere, with a value of one to one. Change is often given using both U.S. and the colorful Bahamian currency. Q: Where can I do my banking? A: Both Barclay's Bank and the Bank of Nova Scotia have George Town branches. Q: The C.I.A. is directing microwaves at my brain in an attempt to drive me insane, forcing me to wear a tin-foil lined bicycle helmet at all times, even while sleeping. Will my situation improve if I move to Port Watson? A: No. Q: What about my plastic? A: The larger resort towns, such as Nassau and Freeport, accept all major U.S., British, and continental credit cards, as do most hotels in the Out-islands. Many shops, however, do not, so it's a good idea to bring along travellers checks, just to be sure. Q: How can I support myself on an island? Are any employment opportunities available? A: Port Watson offers many opportunities for entrepreneurs in the form of tourist concessions and support services, as well as a planned telecommuting infrastructure ideal for computer specialists, writers, and other information-age professionals. As Port Watson grows, so will many other opportunities. Q: Are there any restrictions on what I can do with my property? A: Property owners are free to do as they wish with their property, but may not take anything from or discharge anything onto neighboring properties without the appropriate owners' permission. On Clove Cay, property boundaries are clearly defined to prevent any "tragedies of the commons." Buildings of greater than two stories are discouraged. Let's all be aware of how our actions are affecting our neighbors' sunlight, wind, views, etc. Of course, a group of property owners is free to place voluntary contractual restrictions on the use of their own properties, if they so desire. NOTE: Take a look at our beautiful island! Digitized photographs of Clove Cay are available on the Internet via anonymous ftp from onion.rain.com (147.28.0.161) in the directory /pub/portwatson. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Honeyman Date: Wed, 24 Mar 93 22:06:35 PST To: tcmay@netcom.com Subject: Re: Many Important Items in the News Message-ID: <9303250606.AA17600@toad.com> MIME-Version: 1.0 Content-Type: text/plain digital signatures for cancellation might allow "uncancellable" messages, which has some attraction in the current climate. (armm, macpgp muscled off of archives, the loss of pax and now penet.) peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mccoy@ccwf.cc.utexas.edu (Jim McCoy) Date: Wed, 24 Mar 93 23:26:25 PST To: cypherpunks@toad.com Subject: A New Usenet... Message-ID: <9303250724.AA25473@tigger.cc.utexas.edu> MIME-Version: 1.0 Content-Type: text The automatic cancellation/censorship was the straw that broke this camel's back. I have had it with what I perceive as limitations in Usenet based upon artifacts of a design that did not understand just how fast and large it would become. The time has come to rebuild that system. No one else is going to do it if we don't, and no one will take into consideration the distinct nature of privacy and expression in this medium as much as the sort of people who are on this list. The time has come for a revolution. I will take up the sword of my C compiler and the shield of perl scripts alone if necessary, but I hope to find the cadre of network visionaries and inspired hackers that are willing to help shape the next generation of the Usenet. Usenet is suffering from growing pains. If you want to help shape it then send me mail (I will set up an actual mailing list in the next day or two, once I do so I will let people know.) Even if you are not particularly interested in working on this project, I am looking for a nice snappy name (marketing, marketing, marketing.... :) and would love to hear suggestions. Enough of the grand speeches though, here are a few things that I think that need to be a part of the next usenet: Multi-level news hierarchies: -Some are read-write, like the current usenet. In these groups, identity has no real meaning (it is so trivial to fake postings now that I could not believe the indignation peopel seemed to feel about anonymous postings) and it functions much like the current usenet with only a few modifications (no cancel messages and a few other hacks to get people up to speed with the realities of modern communication) -Read-only groups, similar to existing moderated groups, but moderation is authenticated using cryptographic techniques. -Read-mostly groups, in these groups thre exist moderators and a small group of people who are given the ability to post messages. Those who are given posting ability is determined by others in the group or some other agreed upon method. This is mostly for technical and scientific groups where the purpose is to maintain a very high signal-noise ratio. The function of the moderators is to provide minimal guidance regarding topics and to provide an editorial gateway through which people who are not members of the group could post questions or comments. MIME and crypto authetication built into messages. -only the poster or moderator (if there is one) could cancel a message -people are identified only by thier key and not by any particular email address. the news server itself can serve as a gateway to get messages to people who post an article (and can include the basics of the anonymous remailers to preserve poster anonymity if desired Any other idea out there? Let me know. The only limitation I can see at the moment on the scope of ideas is that it needs to be backward compatible with the existing system; this makes it much easier to implement and have a wide ranging audience from day one. Comments? jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "DrZaphod" Date: Thu, 25 Mar 93 07:41:33 PST To: CypherPunks@toad.com Subject: Re: Many Important Items in the News Message-ID: <5659.drzaphod@ncselxsi> MIME-Version: 1.0 Content-Type: text/plain I think we need to gear our remailers more towards pseudonymous communication. I agree with Phil Karn when he says mailer filters will eventually be capable [and widespread] as to filter by RSA public-key so as to only need one anonymous acct... But for now I believe we need to open up more pseudonymous remailers such as penet, with an anonymous option. There may be legal trouble upon action of this suggestion, and all the better to bring attention to our cause.. assuming we can get enough people to start this type of remailer. (Phil Karn) writes: >More elaborate filters could be constructed that would accept >anonymous email only when it had been signed by certain specific RSA >keys. This would let consenting parties communicate by means of >pseudonyms, without having to open themselves up to anonymous >harassment from the entire net. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- - DrZaphod #Don't Come Any Closer Or I'll Encrypt! - - [AC/DC] / [DnA][HP] #Xcitement thru Technology and Creativity - - [drzaphod@ncselxsi.uucp]# [MindPolice Censored This Bit] - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: internaut@aol.com Date: Thu, 25 Mar 93 04:50:36 PST To: cypherpunks@toad.com Subject: ANON: Anon.penet.fi no more Message-ID: <9303250649.tn83751@aol.com> MIME-Version: 1.0 Content-Type: text/plain >>> The anonymous service at anon.penet.fi has been closed down. This is a dark day indeed. The forces of Repression are upon us yet again. OK, where do we set up the next one? I guess the solution here is to have a floating set of difficult-to-detect anon remailers and switch between them regularly. Someday, when I can afford the hardware, I vow to provide this service and not be harrassed into shutting down. Toward this end, it would be great if Julf could post a list of the sys admin's who were instrumental in shutting down penet.fi. I think all of us should be made aware of their presence for future reference. And now, Upward! dave From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: edgar@spectrx.Saigon.COM (Edgar W. Swank) Date: Thu, 25 Mar 93 09:44:17 PST To: Cypherpunks Subject: REMAIL: Whence Remailers? Message-ID: MIME-Version: 1.0 Content-Type: text/plain With the unfortunate recent forced demise of the penet.fi remailer, The Cypherpunks remailers now seem to be the only holdouts. So where do we go from here? Is anyone feeling intimidated yet? Chael Hall has implemented an "--ignore--" kill line in his remailer, which I have verified works. I wish you other remailer operators (except Miron Cuperman) would adopt that hack into your own remailers. You also might help Chael integrate PGP into his remailer; he says he's having problems. Another feature I've asked for is ability to post to newsgroups through the remailers. With the demise of penet.fi, this becomes more urgent. I've been told that one can post anonymously by using Cypherpunks remailers in conjunction with a non-anonymous e-mail server newsgroup poster like ucbvax.berkeley.edu. The instructions I've received say to Send to, e.g., sci-crypt@ucbvax.berkeley.edu to post to sci.crypt. But what about newsgroups which contain dashes in the name, such as "rec.video.cable-tv"; how does one encode the ucbvax address for those. Anyone who knows, please post or send e-mail. But adding code to the current remailers to post instead of mail by using say, :: Request-Reposting-To: [newsgroup] should be pretty easy, shouldn't it?? -- edgar@spectrx.saigon.com (Edgar W. Swank) SPECTROX SYSTEMS +1.408.252.1005 Silicon Valley, Ca From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: david@staff.udc.upenn.edu (R. David Murray) Date: Thu, 25 Mar 93 07:50:58 PST To: cypherpunks@toad.com Subject: Re: Many Important Items in the News Message-ID: <9303251547.AA23456@staff.udc.upenn.edu> MIME-Version: 1.0 Content-Type: text/plain Phil Karn suggests that the ability for potential recipients to block anonymous mail is important. I agree. If you don't mind a few comments from someone who has been lurking until now . . . If, as Tim May says, the cyphperpunks anonymous remailers have been mentioned more widely, it may be time for the cypherpunks to 'go public'. I suspect, from the traffic on news.admin.policy (which I just read a bunch of) that things would have been less acrimonious if Julf had chosen to respond to admin complaints and been seen to be clearly working toward a mutually acceptible solution. I understand (I think) why he chose not to, but if news.admin.policy starts talking about cypherpunk remailers, then, based on what we learned from Julf's experience (thanks Julf, and sorry it turned out the way it did, and happy it wasn't worse) I don't think we can afford to remain silent. I suspect that even if Julf had been participating in that discussion he still would have been shut down, but it might have taken longer, and people might (/might/) understand his/our position better. I suggest we be proactive about 'anonymous call blocking', and prepare information sheets and code to make it easy for people who choose to do so to block anonymous mail/postings, and at the appropriate time publish these widely. Perhaps a member with an effective writing style (Tim?) could prepare a 'position paper' explaining our position. Of course, talk of Anarchy would be a little much, so the problem would be what to include . . . An argument that might appeal to the control freaks is that anonymous remailers are inevitable, and it would be better to codify it and provide mechanisms for 'anonymous message blocking' than to have to deal with it anew each time someone new starts up an anonymous service. The biggest problem I see is that a number of Julf's supporters pointed to the fact that penet anonymous users could be sent email, just like a regular net id, and had a sysadmin who could block them for bad behaviour, just like a regular net id. Cypherpunk remailers do away with that, and that could be a hard sell. The danger of asking news.admin.policy in on a standardization discussion is that they could decide this level of 'accountability' was required and get really nasty about anything else. I hope others have some better ideas about how to prepare for what comes next. The one clear thing is that we have a lot to learn from Julf's experience. Anyone interested in the future of anonymity on the net who has not read through some of the postings on news.admin.policy should do so. -- david david@staff.udc.upenn.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Thu, 25 Mar 93 08:20:41 PST To: Peter Honeyman Subject: Re: Many Important Items in the News In-Reply-To: <9303250606.AA17600@toad.com> Message-ID: <9303251618.AA01313@dun-dun-noodles.aktis.com> MIME-Version: 1.0 Content-Type: text/plain >> digital signatures for cancellation might allow "uncancellable" >> messages, which has some attraction in the current climate. What's uncancellable? If someone starts abusing things with "uncancellable" messages, then the USENET backbone gets together and stops passing these "uncancellable" messages from site to site. The messages will die very quickly, I assure you. If you change the names/message ids/whatever, then *all* such messages will end up getting nuked. Our protection here is that the backbone sites have proven in the past to be very strong supporters of speech. If that changes, we have worse problems. >> (armm, USENET would fall apart without the ability to cancel messages. >> macpgp muscled off of archives Huh? I don't care how many and whose signatures you put on something. When the guy who owns the disk wants it to go away, it will. >> the loss of pax and now penet.) Same as above. When the network provider decides to remove the connection for whatever reason, it's gone. I'm all in favor of technological solutions when appropriate. And I think that the use of ARMM on sci.* when there was no substantial reason was irresponsible and wrong. However, I don't think problems like volume abuse can be solved by purely technical means. When some bonehead starts putting megabytes of noise on sci.crypt, I want to be able to cancel his messages. Don't give me lines about user filtering; The best user agent in the world isn't going to make my net connection any bigger. I don't have the net bandwidth at my site to suck over megabytes of trash in order to ignore it until it expires. Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Honeyman Date: Thu, 25 Mar 93 08:56:27 PST To: cypherpunks@toad.com Subject: Re: Many Important Items in the News Message-ID: <9303251656.AA00930@toad.com> MIME-Version: 1.0 Content-Type: text/plain marc, if article cancellation is made cryptographically secure, there is the possibility that articles can be made uncancellable. of course, if there is some wild card that allows the backbone cabal to cancel articles remotely and after the fact, then i suspect usenet will remain vulnerable to forged cancellation messages. but maybe not. i see your point about backbone admins refusing to traffic in certain kinds of messages, but as a veteran of usenet from before it was even called usenet, i assure you that other admins would quickly fill in the gaps in connectivity. this has happened many times. i don't agree, btw, that we can rely on the backbone admins to be very strong supporters of speech, nor should we. as for "the guy with the disk" wanting macpgp to go away, that's not what happened here. everyone i've talked to that has a direct role in the decision agrees that there is a valid research and education function served by distributing macpgp. ah well, sometimes the dragon wins. and regarding the network providers decision to pull penet's plug, i believe this decision was based principally on the opinion of ... how did julf put it? ... oh yes, "a very well-known and extremely highly regarded net personality" (i doubt that i would regard him as a strong supporter of free speech, btw). i suspect that when we get to the bottom of this, we'll discover that many people's interests were being represented without their knowledge, assent, or agreement. regarding your comments about net abuse and megabytes of trash, i agree that we need to brainstorm and find ways to address these problems. i am optimistic that technical solutions hold a lot of promise; it's just a matter of discovering them. let's put our shoulder to the wheel! peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Joe Thomas Date: Thu, 25 Mar 93 09:19:42 PST To: cypherpunks@toad.com Subject: Distributed anonymous posting (was Re: Many Important Items...) Message-ID: MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Tim May writes: > Phil Karn comments on my proposal: > > >>(Cypherpunks remailers may want to change the "Nobody" and "Anonymous" tags > >>to names that are less screenable, less susceptible to censorship by > >>ARMM-type programs... > >I'm not sure I like this idea. In my own discussions with people on > >this issue, I've found that "filterability" (for lack of a better > >term) overcomes *many* (if not all) of the standard objections to > >anonymous email. > A very good point. I was thinking more about the "ARMM"-style attacks and > not so much about the normal filters people might write to keep from seeing > anonymous posts. We may be getting ahead of ourselves here. Because of design decisions in the cypherpunk remailers, I think they'd be a poor infrastructure for anonymous Usenet posting. Anonymous posting has been around as long as Usenet, in the form of forged messages. The most important service Julf's remailer provided was a _return_path_ for replies, something cypherpunk remailers take deliberate steps to destroy. If one of the cypherpunk remailers suddenly decided to implement anonymous Usenet posting as-is, I think ARMM II would be the least of its problems. I have been working through a few ideas for the design of a _distributed_ anonymous posting service, in which the loss of one machine would not destroy all return addresses at that machine, nor compromise the return- path database. A handful of penet-style servers who share their return- address databases (kept updated through an encrypted e-mail protocol, perhaps) act as a Usenet "front-end" for posting. But their databases contain encrypted SASE paths through several cypherpunk remailers, instead of normal return addresses. Messages posted through any of the front ends could be sent to the same user-name at any of the other front-end machines, since they keep the same databases. In order to assure that SASE return path is robust, despite an environment in which remailers may be shut down at any time, secret sharing might be used for remailer private keys. When a remailer went down, a quorum of the remaining remailer operators would nominate a site to replace it, and send the "pieces" of the lost remailer's secret key to the replacement site's administrator. The remaining remailers would adjust their "routing tables" so mail whose next hop should be to the lost remailer is sent to its replacement instead. The best part is that all of this would be transparent to the Usenet user, who would just see a penet-style return address, along with a note in the automatically appended signature that said that "if mail to an1234@foo.com bounces, just try an1234@bar.uk or baz.fi," or whatever. No doubt there are some problems with this scheme (traffic analysis attacks on the SASE paths if the front-end database is compromised, etc.) that need to be addresssed, but I offer it as a preliminary idea for a replacement service whose stability would not be subject to the whims of any one site or network connection. > I guess the solution is to discourage global, ARMM-style filters (and > perhaps even look again, as a community, at digital sigs for postings, so that only the author can cancel them). Agreed. This could even be implemented into today's news structure. Old servers would continue to blindly heed all cancel messages, while the new software would verify PEM-style signatures, possibly as a header field. And if a cabal of prudish newsadmins wanted to let each other cancel those offensive anonymous articles at their sites, they could simply tell their software to accept cancels signed by cabal-members' keys. I don't see how anyone could oppose this. -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK7Hk7Iwu6QoBw6rbAQF5owQAlfXjo8G+cKiSVEbfIBAXIAsmTJkBLcAH OhCzyXZXyCKeH5J8yB9cgTgpCsxQCdBgQLsW2aqvyWaVgMX4rXvjx6vqYbm4BW5p 9OQ6YhLI17zArrqPPsyzbYYHwUXXY2vYEWAmFXNhYBv9r4vbbT3IqPJgCTKltShA 5ho53DEkIRA= =6q8R -----END PGP SIGNATURE----- -- Joe Thomas PGP key available by request or by finger. PGP key fingerprint: 1E E1 B8 6E 49 67 C4 19 8B F1 E4 9D F0 6D 68 4B From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Thu, 25 Mar 93 10:19:34 PST To: Subject: Re: Many Important Items in the News Message-ID: <930325181131_74076.1041_FHD33-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain Responding to Phil Karn's proposal that anonymous mail should be clearly marked as such: The only thing I object to in this is that it implicitly gives up one of the strongest arguments in favor of anonymity/pseudonymity, which is that there is already no way to verify identities on the net. In Phil's analogy with Caller ID, where the net is said to already be a "Caller ID" environment, the thing to realize is that the "ID's" are not necessarily accurate. To a large extent, identity on the net is an illusion. Pseudonymous remailers like Julf's should be seen as a natural extension of net culture. This situation is only going to become more extreme as the net continues to move beyond its original, relatively controlled, community of large universities and government research labs, to include the general public. As more and more "Free Net", Public Access, and BBS systems become part of the internet, there is either going to have to be a massive and universal crackdown on identity verification, which I think is unlikely, or else there is going to have to be acceptance that net identity doesn't necessarily correspond to real names. (I myself have had email-capable accounts in three names besides my own on various systems.) Granted, this argument did not persuade the facist forces which forced the shutdown of Julf's remailer, but that doesn't invalidate it. Julf's remailer was not shut down due to reasoned disagreement and a consensus that it was wrong; rather, its shutdown was (as far as is known so far) a demonstration of raw power by some person or small group. Responding to Marc Horowitz's point about problems with the idea of uncancellable messages: Marc raises the issue of volume abuse. I think it's important to note that, as far as I know, the Penet postings which people complained about where NOT examples of volume abuse. The objections to these messages were based on their contents. (In some cases, people objected to some messages not because of their contents or their volume, but simply because they were "anonymous"!) I realize that Marc was addressing the issue of uncancellable messages in general, not specifically with regard to anonymous messages. I am not an expert on news software but reading the debate on this issue in news.admin.policy it appears that the current system is far too lax in allowing cancel messages. It appears to be very easy to cancel postings made by someone else. This led to De Pew and his cancel daemon, which itself led to counter-threats for cancel daemons to be activated against De Pew and other posters from his site. All this points to design flaws in the cancel mechanism. I do think that it would be appropriate to put more restrictions on cancel messages, and digital signatures could play a part in this. Perhaps Marc's concern about payment for volume abuse could be dealt with by some limitations on large postings. I don't really know how Marc (or anyone) distinguishes between a 100K byte junk file in sci.crypt and a 100K byte file in alt.graphics.misc which he might find equally uninteresting and for which he has to pay equally. Maybe he's only reading sci.crypt? In that case perhaps a solution would be for the news transfer software to be enhanced to allow some filtering. Hal 74076.1041@compuserve.com P.S. Edgar asks about the mail-to-news gateway at ucbvax.berkeley.edu. Recently I saw postings indicating that this gateway had shut down. If anyone has information on mail-to-news gateways please post it here. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Thu, 25 Mar 93 13:51:17 PST To: david@staff.udc.upenn.edu Subject: Re: Many Important Items in the News Message-ID: <9303252149.AA17207@servo> MIME-Version: 1.0 Content-Type: text/plain I agree. It's time to take mail anonymity into the mainstream. There are plenty of legitimate reasons for anonymity, as the Caller ID debate shows. I think an enlightened approach that eschews a single, network-wide policy on the acceptability of anonymous messages in favor of leaving it up to the individual email recipient is something that we could sell to the Internet as a whole. We shouldn't have to treat this as a confrontational either-or issue when there's a third way out that balances everybody's interests. Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tribble@memex.com (E. Dean Tribble) Date: Fri, 26 Mar 93 00:38:23 PST To: julf@penet.FI Subject: anon.penet.fi bites the dust In-Reply-To: <9303232122.aa19890@penet.penet.FI> Message-ID: <9303252216.AA03597@memexis.memex.com> MIME-Version: 1.0 Content-Type: text/plain ways to stop something as controversial as an anon service. In this case, a very well-known and extremely highly regarded net personality managed to contact exactly the right people to create a situation where it is politically impossible for me to continue running the service. I would really like to know who the person is or why I can't be told. Did they put pressure on you to keep it quiet? Did they hold a gun to your head? a minuscule minority of anon users. The latest statistics from the service show 18203 registered users, 3500 messages per day on the average, and This is impressive. In retrospect I realize that I have been guilty to keeping a far too low profile on the network, prefering to deal with the abuse cases privately ...I apologize to the whole net community. Let me rephrase: You took a long step towards providing true privacy on the net and it worked so well that people wanted to stop you. You've shut down, but come out of it with lots of experience with running such a service, lots of good publicity (and some bad stuff), lots of new uses to which people put that sort of anonymity to, and some really good ideas for how to make these systems succeed politically (the being very visible thing). Though the outcome isn't optimal, it sure sounds like an impressive success to me. Congratulations. Now I hope you will follow up this experiment with a write-up to document the things you learned (positive and negative), and your recommendations on how to do the next one. dean PS and if you can't tell us about the politics of the shutdown, I'm sure there's someone else in the know that can publish it anonymously so you won't have to :-) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: A.J. Janschewitz Date: Thu, 25 Mar 93 17:35:18 PST To: cypherpunks@toad.com Subject: New key Message-ID: <9303260129.AA17624@holonet.net> MIME-Version: 1.0 Content-Type: text/plain Mess-DOS struck again. My PGP directory got scrunged, so any servers and individuals who may have added my PGP public key that I posted last month have it wrong. My error. Sorry about that. My *new* key, which can be easily identified as the proper one by noting that my moribund psilink account is not on it, is available via fingering me ajay@holonet.net. Listfolks please note and remove my old key. Again, sorry. ==a.j.== -- Persons attempting to find a motive in this narrative will be prosecuted; persons attempting to find a moral in it will be banished; persons attempting to find a plot in it will be shot. -Mark Twain, used w/o permission by ajay@holonet.net From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: david@staff.udc.upenn.edu (R. David Murray) Date: Thu, 25 Mar 93 14:58:57 PST To: cypherpunks@toad.com Subject: Re: Many Important Items in the News In-Reply-To: <9303252149.AA17207@servo> Message-ID: <9303252255.AA08705@staff.udc.upenn.edu> MIME-Version: 1.0 Content-Type: text/plain Phil Karn writes: > I think an enlightened approach that eschews a single, network-wide > policy on the acceptability of anonymous messages in favor of leaving > it up to the individual email recipient is something that we could > sell to the Internet as a whole. You know, what we might to do is figure out a first cut position, and then set up a mock debate. Have some members 'role-play' vociforous opponents of nyms. That way we might be able to work out in advance good counter arguments for the nastiest objections any of us can think of. I'm sure the /real/ ojectors will come up with stuff we don't, but at least it would give us a leg up. I think I'd recommend setting this up as a formal 'game', with all participants adopting nyms to keep the argumentation distinct from normal discourse. Even if it was done on a separate mailing list. See, another good use for nyms . -- david david@staff.udc.upenn.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jb@paris7.jussieu.fr Date: Thu, 25 Mar 93 09:01:37 PST To: cypherpunks@toad.com Subject: ARMM? Message-ID: <0096a0bf.8fb237b2.4300@paris7.jussieu.fr> MIME-Version: 1.0 Content-Type: text/plain Hi, What's ARMM or whatever it's called? Thanx, jb From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Arthur Abraham Date: Thu, 25 Mar 93 18:41:52 PST To: internaut@aol.com Subject: Re: FREE: warning to "sci" anonymous posters Message-ID: <199303260240.AA10751@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Dear internaut@aol.com, I note that the quoted posting, threatening use of an "Automated Retroactive Minimal Moderation" to "restore the pre-Julf status quo" is anonymous. I assume you know the identity of this poster...how delicate of you to conceal it. -a2. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Arthur Abraham Date: Thu, 25 Mar 93 19:01:42 PST To: tcmay@netcom.com Subject: Re: Many Important Items in the News Message-ID: <199303260259.AA16986@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain "Consenting adults" should be able to do whatever they want -- your comments go to obtaining consent for anonymity. Since on my good days I try to act like an adult, I support the truth in labeling of anonymous postings as anonymous postings. -a2. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ggoebel@sun1.ruf.uni-freiburg.de (Garrett Goebel) Date: Thu, 25 Mar 93 10:24:46 PST To: cypherpunks@toad.com Subject: Add Me to the List Message-ID: <9303251823.AA19435@sun1.ruf.uni-freiburg.de> MIME-Version: 1.0 Content-Type: text I have tried many a time, to send mail asking to subscribe to cypherpunks-request@toad.com I have never received any list mail. I think I have been added to the announce list... but I would greatly appreciate it if someone would add me on to the main list. thanks, -- C. Garrett Goebel From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Thu, 25 Mar 93 21:02:14 PST To: tcmay@netcom.com Subject: Re: Many Important Items in the News Message-ID: <9303260500.AA17758@servo> MIME-Version: 1.0 Content-Type: text/plain Absolutely -- "Consenting adults" is the key phrase here. I think we should stress it in everything we do as cypherpunks. This profound concept once made it as far as an important Supreme Court majority decision. But that was a long time ago. Look how far downhill we've gone since then. Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc.Ringuette@GS80.SP.CS.CMU.EDU Date: Thu, 25 Mar 93 20:14:24 PST To: cypherpunks@toad.com Subject: REMAIL: cypherpunks strategy Message-ID: <9303260414.AA12167@toad.com> MIME-Version: 1.0 Content-Type: text/plain We must address a strategy question before it jumps on us. Do we want to be yet another "this remailer exists, let's stomp on it" whipping boy, or will another tactic be more effective? I have the following suggestion. Do not announce our cypherpunks remailers right away. This is not the right time. Instead, announce that we intend, at a later date, to install remailers which are "friendly" in the sense that they use a special header line, but which will be not be able to be shut down. [ My suggestion for how to do this: encourage thousands of users who support anonymity to run the software, and make it easy for them to do so. Then, thousands of users must be kicked out in order to prevent remailers being available! ] But, here's the important part, DELAY RELEASE until after a waiting period. The delayed release is intended to allow concerned network sites and individuals to install filters for these messages, and to allow users the time to discuss this (and, for instance, to voice their objections to catch-all anonymity filters at the news-relay level). It also prevents our opponents from achieving a sense of "something must be done" urgency. My goal is to push a particular policy -- remailers which add a header line and end-user filtering based on that header line -- as an interim solution until more sophisticated techniques come into use. Discussion is also welcomed on exactly what kind of setup we should be trying to encourage. This is my current cut at it. -- Marc Ringuette (mnr@cs.cmu.edu) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 25 Mar 93 23:11:23 PST To: cypherpunks@toad.com Subject: ANON: Anon.penet.fi no more In-Reply-To: <9303250649.tn83751@aol.com> Message-ID: <9303260707.AA22600@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >Someday, when I can afford the hardware, I vow to provide this service and >not be harrassed into shutting down. They won't harrass you, they'll harrass your connectivity provider. To this end, it would be beneficial to collect connectivity policies in the face of complaints from the major service providers. Alternet, for starters, and all the others I'm not really familiar with. I learned a couple of weeks ago that Sprint is now offering IP connectivity direct. I would guess that Sprint has a good track record from being in the long distance business for not telling their customers to go away because someone they are talking to doesn't like what they are saying. To wit: who can I buy IP from who will not disconnect me unless I don't pay? Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 25 Mar 93 23:15:24 PST To: cypherpunks@toad.com Subject: Many Important Items in the News In-Reply-To: <9303251618.AA01313@dun-dun-noodles.aktis.com> Message-ID: <9303260711.AA22802@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >USENET would fall apart without the ability to cancel messages. Potential imminent death of the Usenet predicted! Usenet has survived lots worse than anonymous flamers. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 25 Mar 93 23:30:20 PST To: cypherpunks@toad.com Subject: Distributed anonymous posting (was Re: Many Important Items...) In-Reply-To: Message-ID: <9303260725.AA23290@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >Anonymous posting has been around as long as >Usenet, in the form of forged messages. This is an excellent point of rhetoric. Perhaps we should teach mail and news forgery as a technique to the defense of privacy? 1/2 :-) >I have been working through a few ideas for the design of a >_distributed_ anonymous posting service, >[...] secret sharing might be used for remailer private keys. I have convinced myself that some form of secret sharing will be necessary for a distributed system that is robust against single point failure. You don't want single point manipulability, either, if you can get it. There are two basic ways to proceed: hard nodes, difficult to take down, or soft nodes, easy to reconfigure around. Both approaches should be looked at. Hard nodes are more difficult politically; soft nodes are more difficult technically. A soft node necessity: a directory lookup service, distributed, sharing data. Merely specifying the first point of contact and alternate paths doesn't cut it. You don't want to have to retry a bounced message so many times. Who here knows enough about sendmail to consider the eventual feasibility of integrating pseudonym lookup into mail transfer? Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 25 Mar 93 23:37:02 PST To: cypherpunks@toad.com Subject: Many Important Items in the News In-Reply-To: <9303252149.AA17207@servo> Message-ID: <9303260732.AA23550@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >I think an enlightened approach that eschews a single, network-wide >policy on the acceptability of anonymous messages in favor of leaving >it up to the individual email recipient is something that we could >sell to the Internet as a whole. It would help if there existed some filter software that automatically installed itself in a user's .forward and filter out anonymous posts (and nothing else). Such a tool should be written in nothing more than shell scripts and grep, for the absolute widest in portability. (Not even perl, which, believe it or not, is not yet universally available.) Were such a utility posted to alt.sources, and if all a user had to do was ftp it from an archive, unpack it, and run it once, we would be in a much better position politically, (even if the utility received very little use). It is difficult to install mail filters. Our argument for user filtering would be much stronger if installation were simple. A similar argument holds for anonymous posting filters in a global KILL file. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 25 Mar 93 23:55:59 PST To: cypherpunks@toad.com Subject: REMAIL: cypherpunks strategy In-Reply-To: <9303260414.AA12167@toad.com> Message-ID: <9303260751.AA24316@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >Instead, announce that we intend, >at a later date, to install remailers which are "friendly" in the sense that >they use a special header line, but which will be not be able to be shut down. An excellent tactic, I think. >[ My suggestion for how to do this: encourage thousands of users who >support anonymity to run the software, and make it easy for them to >do so. Then, thousands of users must be kicked out in order to prevent >remailers being available! ] Automatic installation is key. (Just as it is for anonymity filtering!) I have some comments on automatic installation. In all cases, make sure the shell can execute the filter before changing the .forward file in any way. Case 1. The .forward file doesn't exist. Easy. Just write a new forward file pointing to the software, "| remailer". The remailer must know how to deliver mail in this case. Case 2. The .forward file already points to a filter. The implementations of .forward that I have seen accept multiple pipe commands. Therefore if the .forward previously said "| ", rewrite to "| remailer | ". When the remailer handles a message, it won't pass any output along the pipe. Thus for remailed messages, the filter is never invoked. Thus the remailer looks transparent. Case 3. The .forward file points to a name. Rewrite the .forward as "| remailer | mail ". Someone who knows more about writing portable shell scripts between Sys V and BSD should tackle this one. If we can get auto-installation to work, we'd lower one of the larger hurdles there is right now. >But, here's the important part, DELAY RELEASE until after a waiting period. Not to mention, it gives us time to design and write the code. This looks like a good use of vaporware as a political tool. :-) Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Fri, 26 Mar 93 00:00:42 PST To: cypherpunks@toad.com Subject: Many Important Items in the News In-Reply-To: <9303260549.AA12789@toad.com> Message-ID: <9303260756.AA24450@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >marc, if article cancellation is made cryptographically secure, there >is the possibility that articles can be made uncancellable. of course, >if there is some wild card that allows the backbone cabal to cancel >articles remotely and after the fact, then i suspect usenet will remain >vulnerable to forged cancellation messages. but maybe not. What you are describing here is an alternate method of cancellation, not a forgery of the main way of cancelling. Of course, if they really want such an alternate method of cancelling, let's write it for them, so that it also uses signatures to check authenticity. >i see your point about backbone admins refusing to traffic in certain >kinds of messages, but as a veteran of usenet from before it was even >called usenet, i assure you that other admins would quickly fill in the >gaps in connectivity. this has happened many times. All the more reason to allow the backbone admins the power to not pass anonymous articles. It won't work, they'll feel like they're in control, and everyone wins. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: sdw@sdwsys.lig.net (Stephen D. Williams) Date: Thu, 25 Mar 93 21:50:14 PST To: mccoy@ccwf.cc.utexas.edu (Jim McCoy) Subject: Re: A New Usenet... In-Reply-To: <9303250724.AA25473@tigger.cc.utexas.edu> Message-ID: <9303260547.AA17449@sdwsys.lig.net> MIME-Version: 1.0 Content-Type: text/plain Beware: I couldn't think of any alternatives after this lex-meme flooded my mind.... It's fairly contrived, but not as bad as the coff / robotussin pair from GNU bintools... I'm interested in discussing, reviewing, and writing parts of the proposed new netnews system extensions/rewrites. I've been modifying the current system anyway, so why not? (I have already added compressed/archived news storage to INN and Tin for my Local Internet Gateway (LIG) project/company/turn-key system.) Now, about a name: the first thing that popped into my mind is: PANTO (need I point this out? [MIME] Hey, one good name deserves another...) What's it stand for? hmmm.. Protected, Anonymous News Transaction Operation or Operator Protected Ambiguity Net Transaction Option Protected, Authenticated News Trans. Option Oligarchy (hmmm. got to look that one up) (Begins with O, syn. for: system, server, standard, service, interconnect, format) A PantoMime system is therefore one that supports News, Mail, with Mime, PGP/PEM/whatever, etc. capabilities. I always view News, Mail, and IRC as three legs of a triad of speed/bandwidth/audience tradeoffs so I'd like to have a cute extension to cover realtime interactive also. sdw From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peter honeyman Date: Thu, 25 Mar 93 21:49:26 PST To: cypherpunks@toad.com Subject: Re: Many Important Items in the News Message-ID: <9303260549.AA12789@toad.com> MIME-Version: 1.0 Content-Type: text/plain this seems to have fizzled out somewhere along the line. ------- Forwarded Message Date: Thu, 25 Mar 93 11:54:30 EST From: Peter Honeyman Subject: Re: Many Important Items in the News To: cypherpunks@toad.com marc, if article cancellation is made cryptographically secure, there is the possibility that articles can be made uncancellable. of course, if there is some wild card that allows the backbone cabal to cancel articles remotely and after the fact, then i suspect usenet will remain vulnerable to forged cancellation messages. but maybe not. i see your point about backbone admins refusing to traffic in certain kinds of messages, but as a veteran of usenet from before it was even called usenet, i assure you that other admins would quickly fill in the gaps in connectivity. this has happened many times. i don't agree, btw, that we can rely on the backbone admins to be very strong supporters of speech, nor should we. as for "the guy with the disk" wanting macpgp to go away, that's not what happened here. everyone i've talked to that has a direct role in the decision agrees that there is a valid research and education function served by distributing macpgp. ah well, sometimes the dragon wins. and regarding the network providers decision to pull penet's plug, i believe this decision was based principally on the opinion of ... how did julf put it? ... oh yes, "a very well-known and extremely highly regarded net personality" (i doubt that i would regard him as a strong supporter of free speech, btw). i suspect that when we get to the bottom of this, we'll discover that many people's interests were being represented without their knowledge, assent, or agreement. regarding your comments about net abuse and megabytes of trash, i agree that we need to brainstorm and find ways to address these problems. i am optimistic that technical solutions hold a lot of promise; it's just a matter of discovering them. let's put our shoulder to the wheel! peter ------- End of Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: XXCLARK@indst.indstate.edu Date: Thu, 25 Mar 93 21:49:21 PST To: cypherpunks@toad.com Subject: No Subject Message-ID: <9303260549.AA12784@toad.com> MIME-Version: 1.0 Content-Type: text/plain Subscribe Ernest Clark From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Fri, 26 Mar 93 00:52:02 PST To: cypherpunks@toad.com, gnu Subject: there ain't no usenet "backbone" In-Reply-To: <9303260835.AA25644@soda.berkeley.edu> Message-ID: <9303260851.AA15506@toad.com> MIME-Version: 1.0 Content-Type: text/plain "Backbone" actually used to mean something, in the days when most of the news moved cross-country and to Europe over dialed telephone calls. It meant that those sites that made the calls were paying big bucks and were hard to replace. At one point when the "backbone" wouldn't carry a newsgroup on drugs, Brian Reid, Gordon Moffett and I created a nationwide "alt backbone" that carried the alt newsgroups (including alt.drugs, the first). The alt backbone was needed for more than a year, til the creation of alt.sex and its subsequent popularity caused a large proportion of the net to pass alt groups around. Nowadays when hundreds of sites on each coast have leased T1 lines that all connect to each other (it's called the Internet), it's not a big deal. Any such site can manage a full news feed to any other such site. These sites can manage ten full news feeds if they want high redundancy or fanout. Even people with 56K leased lines (like toad.com) have no trouble with multiple redundant feeds to get around censorship. There is a single site `backbone' now -- uunet -- which has a stated policy of passing all traffic. (Why not? They get paid by the minute.) It's still important for the thousands of UUCP sites, especially those that are in the boonies, far from local Internet nodes. The idea of the backbone needs to die. Let's solve the real problems and skip the strawmen. John Gilmore gnu@toad.com -- gnu@cygnus.com -- gnu@eff.org I agree it is a very good document, and I envy it - the country I live in doesn't have such a constitution. I just wish you guys would _use_ it. Your assertion about "the freest country" fails because you don't - it would perhaps be true if the system would work according to the constitution. But it does no good to have such a document just rotting away locked up somewhere, after even banning the material it's printed on. //Jyrki Kuoppala, jkp@cs.HUT.FI From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Fri, 26 Mar 93 01:11:43 PST To: Marc.Ringuette@GS80.SP.CS.CMU.EDU Subject: Re: REMAIL: cypherpunks strategy In-Reply-To: <9303260414.AA12167@toad.com> Message-ID: <9303260911.AA15667@toad.com> MIME-Version: 1.0 Content-Type: text/plain > We must address a strategy question before it jumps on us. Do we want to be > yet another "this remailer exists, let's stomp on it" whipping boy, or will > another tactic be more effective? It depends on the location and setup of the remailer(s). > [ My suggestion for how to do this: encourage thousands of users who > support anonymity to run the software, and make it easy for them to > do so. Then, thousands of users must be kicked out in order to prevent > remailers being available! ] Thousands of users are not enough. If individual users are doing it, they are too subject to pressure from their system managers. We don't have software capable of rerouting among a thousand remailers, 100 of which get their accounts canceled daily, 100 new ones added each day. We aren't likely to get it soon, either. To permanently restore at least last month's level of service, we need a couple of dedicated, firewalled, buttressed sites. You want a few geographically separated people who own their own systems (or who own or run the company that owns them), who have solid network links (possibly redundant), and who are fully committed to the idea -- as committed as funet.fi to persist past the vilification and harassment and threats. And those people need backup from the rest of us -- legal help if they need or want it, money to pay the networking bill if things get tight, loans of backup equipment during failures under load, system administration when folks try to break in and trash their machines, software creation and maintenance, advocacy, policy work, advice, and a bunch of shoulders to cry on and warm words of encouragement. Three to five people providing such setups, in collaboration, would wedge a steel-toed boot so firmly in the door that it couldn't be slammed by any dyspeptic "net god". Are we up to this job? If not, let's scale back what we're trying to do. I'd rather succeed at raising consciousness on the issue for a later try, than try now to set up such a beachhead and fail at it. John From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: greg@ideath.goldenbear.com (Greg Broiles) Date: Fri, 26 Mar 93 01:56:02 PST To: cypherpunks@toad.com Subject: Anonymity, accountability, and control Message-ID: <26H11B1w164w@ideath.goldenbear.com> MIME-Version: 1.0 Content-Type: text/plain With respect to recent discussion about anonymous posts/mail, and the wishes of some to avoid passing anonymous traffic .. I guess I've really got to wonder just how difficult people think it is to get onto the net, anyway. I've got my net access becuase I pay UUNET roughly $50/month for it - and I get my own domain name, with as many hosts (and as many users on those hosts) as I care to set up. I set up 'fake' accounts on a regular basis - not becuase I'm trying to trick anyone, per se, but becuase it's the easiest way I know of to tweak the flow & storage of mail on disparate subjects & topics. I can post a message and say "Please E-mail to me, and I'll summarize with a post", and do so easily - I just set up a special account that I'd like replies to go to, and then I post from that account. (Usually, just to be polite, I'll use the same 'real name', but multiple account names - 'gb@goldenbear.com' vs 'greg@goldenbear.com' vs 'gbroiles@goldenbear.com', and so forth.) Then, a few days/weeks later, it's no big deal to concatenate the replies in those different mailboxes into different summary messages for posting. This seems like the sort of thing everyone ought to be able to do - such that you could request (or command) that replies to a message be directed into a particular E-mail folder owned by your account. What all of this brings home to me is how easily I could just create an entirely fictitious 'person', and use it for posting & mailing - it'd be totally anonymous, provide me with easy way to receive replies & carry on conversations .. *and* nobody would even know they were talking to a real person via a fake name. I don't do this because it seems impolite to converse with people under false pretenses; if I wanted or needed to post/mail anonymously, I'd probably use a redirector (if I could find one) because it seems more polite to be clear about my desire for discretion & privacy. Apparently, however, some of the powers that be would rather see folks like me using fake but real-sounding names when we want privacy, instead of being clear about what's going on. I think that's a shame, because it seems like lying. The Internet has already had to deal with the fact that it's not possible to trust a user simply because they're root on their local machine - it may well be that 'root' (as in my case) is just some guy with a '386 who likes to play on the net. There is, I think, still some expectation that user names are what they appear - if you see a post from "cjones@leviathan.com (Chris Jones)" there's some expectation that there really is a human being out there named "Chris Jones", who's probably got a job and a desk and a boss, or at least some form of accountability. It's this slippery notion of 'accountability' that is perhaps at the root of this 'anonymity' problem - the idea that there's gonna be some hell to pay if somebody writes to 'postmaster@leviathan.com', and complains about Chris Jones. The fact is, you can mail to 'postmaster@goldenbear.com' and whine all you like, it's just another alias for the same damn person (me). I think there are going to be more & more people like me in the future - I *am* my boss, the postmaster, and the sysadmin - and if people don't like what I do or say on the net, that's just too damn bad. This illusion of accountability and control can't last much longer .. can it? As I see it, these "net gods" who don't like anonymity have two choices - anonymity they can detect, or anonymity they can't. I'd much prefer to be polite and straightforward about things, and post clearly marked anonymous posts/mail when that's what I want to do - but if that traffic is going to be suppressed, I'll resort to more clandestine anonymous transmissions. The days when it was possible to make any assumptions at all about human to "real name" to net address correspondences and mappings have passed, if they ever existed at all. I think about my E-mail address(es) as ways to direct the flow of mail such that it's convenient for me; I know other people do this too. My E-mail address isn't a license plate, it's a file folder. -- Mail to pgpserv@goldenbear.com, subject="Greg Broiles" for PGP public key. Greg Broiles greg@goldenbear.com Golden Bear Consulting +1 503 465 0325 Box 12005 Eugene OR 97440 BBS: +1 503 687 7764 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Clark Reynard Date: Thu, 25 Mar 93 23:22:36 PST To: sdw@sdwsys.lig.net Subject: Re: A New Usenet... Message-ID: <9303260717.AA27522@metal.psu.edu> MIME-Version: 1.0 Content-Type: text/plain a possible idea is simply a modification of what ringuette suggested; while i am all for anonymous posting, i believe that they should be marked as such (or at least marked with some sort of alias so that one knows which anonymous poster is which--for example, my actual name is Robert Clark, but my user name on this system is Clark Reynard-- not because I am here illegally, but because the sysadmin of this site (a personal friend) is unable to give me an account here for political reasons). irt the idea of a new usenet, i doubt that a 'new' USEnet is possible; it is so firmly entrenched, by 'tradition' et cetera, that it is very likely that what will exist is merely an improvement and expansion of the existing usenet; however, i believe that alternative means of reading usenet should exist; i have found, since rejoining usenet after a three-year absence, that the signal-to-noise ratio has increased greatly (and who hasn't noticed that?). what is necessary, given the constant increase in broadcast, is a correspondingly great increase in 'broadcatch,' that is, the ability to find the information that you actually wish to have (one man's signal is another man's--or person's-- noise). thus, rather than have kill files, having scanning programs capable of filtering out particular TYPES of data, rather than the poster him- or her-self, will be of far more use than excluding a usenet poster who may very well post a greatly useful file amidst a welter of useless files. thus, some sort of syntax/subject/type of data file scanner (which requires asi--my acronym for artificial semi-intelligence) is necessary to make the usenet actually new, and not merely IMPROVED-- usenet improves constantly. if anyone wishes to comment regarding this, rather than clutter the list with more articles like this, send them to me, either here, or to rclark@nyx.cs.du.edu, and i will summarize and post. fc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Clark Reynard Date: Thu, 25 Mar 93 23:38:26 PST To: cypherpunks@toad.com Subject: To be a bit more clear Message-ID: <9303260733.AA28484@metal.psu.edu> MIME-Version: 1.0 Content-Type: text/plain Since, after all, the difficulties of broadcasting either anonymously or under one's actual name are not really pronounced; given Ringuette's idea of multiple remailing sites, perhaps several thousand, only a few dozen sites would be necessary to serve as remailers to the larger numbers of anonymous sites; this makes it difficult to trace (unfortunately far from impossible); since each post of a person would seemingly originate from a different site, and in additionit would arrive at that different site from a different point of origin (since NNTP would not begin logging path until after it travelled from site to site via email). Now, to avoid the (inevitable) possibility that one or many of the reposters would have been killed (or simply gone down due to incompetence) each of the actual addresses would have a list of possible sites to attempt to post the message from; the essential fact here is that there is no real way to guarantee this so-called 'minimal moderation.' the possible ways of circumventing it, either by telnetting to different nntp ports manually and simply coming from different sites, or by setting up a number of anonymous remailers to actual anonymous posting sites (none of them having a full list of possible hosts, to avoid a single person from knowing all of them, makes it essentially impossible to track someone determined to post anonymously; people have tried for literally YEARS to avoid anonymous messages. they ain't done it yet, thank god. a lot of people with useful information do not wish to reveal their names, and this is their right. of course, it will be abused as well, as it always has, but this is simply something to be tolerated or ignored. the backbone doesn't have to carry these messages, and if it doesn't wish to, another 'backbone' will arise that will. fc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Fri, 26 Mar 93 02:40:10 PST To: cypherpunks@toad.com Subject: help with pgp 2.2 Message-ID: <9303261017.AA04830@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain Hi all, I'm having problems with pgp 2.2. I am trying to add someone's key to my ring. I get e-mail from them, save it to a file and xfer it to my home system. Then I type pgp -ka to add the new stuff to my keyring. I've even edited the file to just include the pgp stuff. What am I doing wrong? Thanx in advance. P +----------------------+----------------------------------------------------+ | J. Michael Diehl ;-) | I thought I was wrong once. But, I was mistaken. | | +----------------------------------------------------+ | mdiehl@triton.unm.edu| "I'm just looking for the opportunity to be | | Thunder@forum | Politically Incorrect! | | (505) 299-2282 | | +----------------------+----------------------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: grady@public.btr.com (Grady Ward grady@btr.com) Date: Fri, 26 Mar 93 06:18:43 PST To: Cypherpunks@toad.com Subject: TEMPEST in a teapot Message-ID: <9303261417.AA04493@public.btr.com.BTR.COM> MIME-Version: 1.0 Content-Type: text/plain TEMPEST in a teapot A note discussing the prevention of electromagnetic eavesdropping of personal computers. Grady Ward public key verification by PK server, finger, or by request Version 1.0 22 March 93 TEMPEST is the code name for technology related to limiting unwanted electromagnetic emissions from data processing and related equipment. Its goal is to limit an opponent's capability to collect information about the internal data flow of computer equipment. Most information concerning TEMPEST specifications is classified by the United States Government and is not available for use by its citizens. The reason why TEMPEST technology is particularly important for computers and other data processing equipment is the kinds of signals components in a computer use to talk to each other ("square waves") and their clock speeds (measured in megahertz) produce a particularly rich set of unintentional signals in a wide portion of the electromagnetic spectrum. Because the spurious emissions occupy so wide a portion of that spectrum, technologies used to block one portion of the spectrum (as pulling the shades closed on a window to stop the visible light portion) are not necessarily effective in another portion. Unintentional emissions from a computer system can be captured and processed to reveal information about the target systems from simple levels of activity to even remotely copying keystrokes or capturing monitor information. It is speculated that poorly protected systems can be effectively monitored up to the order of one kilometer from the target equipment. This note will examine some practical aspects of reducing the susceptibility of your personal computer equipment to remote monitoring using easily-installed, widely available after-market components. I One way of looking at TEMPEST from the lay person's point-of-view is that it is virtually identical to the problem of preventing electromagnetic interference ("EMI") by your computer system to others' radios, televisions, or other consumer electronics. That is, preventing the emission of wide-band radio "hash" from your computers, cabling, and peripherals both prevents interference to you and your neighbors television set and limits the useful signal available to a person surreptitiously monitoring. Viewing the problem in this light, there are quite a few useful documents available form the government and elsewhere attacking this problem and providing a wealth of practical solutions and resources. Very useful for the lay person are: Radio Frequency Interference: How to Find It and Fix It. Ed Hare, KA1CV and Robert Schetgen, KU7G, editors The American Radio Relay League, Newington , CT ISBN 0-87259-375-4 (c) 1991, second printing 1992 Federal Communications Commission Interference Handbook (1991) FCC Consumers Assistance Branch Gettysburg, PA 17326 717-337-1212 and MIL-STD-188-124B in preparation (includes information on military shielding of tactical communications systems) Superintendent of Documents US Government Printing Office Washington, DC 20402 202-783-3238 Information on shielding a particular piece of consumer electronic equipment may be available from the: Electronic Industries Association (EIA) 2001 Pennsylvania Ave NW Washington, DC 20006 Preventing unintended electromagnetic emissions is a relative term. It is not feasible to reduce to zero all unintended emissions. My personal goal, for example, might be to reduce the amount and quality of spurious emission until the monitoring van a kilometer away would have to be in my front yard before it could effectively eavesdrop on my computer. Apartment dwellers with unknown neighbors only inches away (through a wall) might want to even more carefully adopt as many of the following suggestions as possible since signal available for detection decreases as approximately the inverse square of the distance from the monitoring equipment to your computer. II Start with computer equipment that meets modern standards for emission. In the United States, the "quietest" standard for computers and peripherals is known as the "class B" level. (Class A level is a less stringent standard for computers to be use in a business environment.). You want to verify that all computers and peripherals you use meet the class B standard which permits only one-tenth the power of spurious emissions than the class A standard. If you already own computer equipment with an FCC ID, you can find out which standard applies. Contact the FCC Consumers Assistance Branch at 1-717-337-1212 for details in accessing their database. Once you own good equipment, follow the manufacturer's recommendations for preserving the shielding integrity of the system. Don't operated the system with the cover off and keep "slot covers" in the back of the computer in place. III Use only shielded cable for all system interconnections. A shielded cable surrounds the core of control wires with a metal braid or foil to keep signals confined to that core. In the late seventies it was common to use unshielded cable such as "ribbon" cable to connect the computer with, say, a diskette drive. Unshielded cable acts just like an antenna for signals generated by your computer and peripherals. Most computer manufacturer supply shielded cable for use with their computers in order to meet FCC standards. Cables bought from third-parties are an unknown and should be avoided (unless you are willing to take one apart to see for yourself!) Try to avoid a "rat's nest" of wire and cabling behind your equipment and by keeping all cables as short as possible. You want to reduced the length of unintended antennas and to more easily predict the likely paths of electric and magnetic coupling from cable to cable so that it can be more effectively filtered. IV Block radiation from the power cord(s) into the house wiring. Most computers have an EMI filter built into their body where the AC line cord enters the power supply. This filter is generally insufficient to prevent substantial re-radiation of EMI voltages back into the power wiring of your house and neighborhood. To reduce the power retransmitted down the AC power cords of your equipment, plug them in to special EMI filters that are in turn plugged into the wall socket. I use a model 475-3 overvoltage and EMI filter manufactured by Industrial Communication Engineers, Ltd. P.O. Box 18495 Indianapolis, IN 46218-0495 1-800-ICE-COMM ask for their package of free information sheets (AC and other filters mentioned in this note are available from a wide variety of sources including, for example, Radio Shack. I am enthusiastic about ICE because of the "over-designed" quality of their equipment. Standard disclaimers apply.) This particular filter from ICE is specified to reduce retransmission of EMI by a factor of at least 1000 in its high-frequency design range. Although ideally every computer component using an AC line cord ought to be filtered, it is especially important for the monitor and computer CPU to be filtered in this manner as the most useful information available to opponents is believed to come from these sources. V Block retransmitted information from entering your fax/modem or telephone line. Telephone line is generally very poorly shielded. EMI from your computer can be retransmitted directly into the phone line through your modem or can be unintentionally picked up by the magnetic portion of the EMI spectrum through magnetic induction from power supplies or the yoke of your cathode ray tube "CRT" monitor. To prevent direct retransmission, EMI filters are specifically designed for modular telephone jacks to mount at the telephone or modem, and for mounting directly at the service entrance to the house. Sources of well-designed telephone-line filter products include ICE (address above) and K-COM Box 82 Randolph, OH 44265 216-325-2110 Your phone company or telephone manufacturer may be able to supply you with free modular filters, although the design frequencies of these filters may not be high enough to be effective through much of the EMI spectrum of interest. Keep telephone lines away from power supplies of computers or peripherals and the rear of CRTs: the magnetic field often associated with those device can inductively transfer to unshielded lines just as if the telephone line were directly electrically connected to them. Since this kind of coupling decreases rapidly with distance, this kind of magnetic induction can be virtually eliminated by keeping as much distance (several feet or more) as possible between the power supply/monitor yoke and cabling. VI Use ferrite toroids and split beads to prevent EMI from escaping on the surface of your cables. Ferrites are magnetic materials that, for certain ranges of EMI frequencies, attenuate the EMI by causing it to spend itself in heat in the material rather than continuing down the cable. They can be applied without cutting the cable by snapping together a "split bead" form over a thick cable such as a power cord or by threading thinner cable such as telephone several times around the donut-shaped ferrite form. Every cable leaving your monitor, computer, mouse, keyboard, and other computer peripherals should have at least one ferrite core attentuator. Don't forget the telephone lines from your fax, modem, telephone or the unshielded DC power cord to your modem. Ferrites are applied as close to the EMI emitting device as possible so as to afford the least amount of cable that can act as an antenna for the EMI. Good sources for ferrite split beads and toroids include Amidon Associates, Inc. P.O. Box 956 Torrance, CA 90508 310-763-5770 (ask for their free information sheet) Palomar Engineers P.O. Box 462222 Escondido, CA 92046 619-747-3343 (ask for their free RFI information sheet) and Radio Shack. VII Other practical remedies. Other remedies that are somewhat more difficult to correctly apply include providing a good EMI "ground" shield for your computer equipment and other more intrusive filters such as bypass capacitor filters. You probably ought not to think about adding bypass capacitors unless you are familiar with electronic circuits and digital design. While quite effective, added improperly to the motherboard or cabling of a computer they can "smooth out" the square wave digital waveform -- perhaps to the extent that signals are interpreted erroneously causing mysterious "crashes" of your system. In other cases, bypass capacitors can cause unwanted parasitic oscillation on the transistorized output drivers of certain circuits which could damage or destroy those circuits in the computer or peripherals. Also, unlike ferrite toroids, adding capacitors requires actually physically splicing them in or soldering them into circuits. This opens up the possibility of electric shock, damage to other electronic components or voiding the warranty on the computer equipment. A good EMI ground is difficult to achieve. Unlike an electrical safety ground, such as the third wire in a three-wire AC power system, the EMI ground must operate effectively over a much wider part of the EMI spectrum. This effectiveness is related to a quality known as electrical impedance. You desire to reduce the impedance to as low a value as possible over the entire range of EMI frequencies. Unlike the AC safety ground, important factors in achieving low impedance include having as short a lead from the equipment to a good EMI earth ground as possible (must be just a few feet); the gauge of the connecting lead (the best EMI ground lead is not wire but woven grounding "strap" or wide copper flashing sheets; and the physical coupling of the EMI into the actual earth ground. An 8 ft. copper-plated ground may be fine for AC safety ground, but may present appreciable impedance resistance to an EMI voltage. Much better would be to connect a network of six to eight copper pipes arranged in a six-foot diameter circle driven in a foot or two into the ground, electrically bonded together with heavy ground strap and connected to the equipment to be grounded via a short (at most, several feet), heavy (at least 3/4-1" wide) ground strap. If you can achieve a good EMI ground, then further shielding possibilities open up for you such as surrounding your monitor and computer equipment in a wire-screen Faraday cage. You want to use mesh rather than solid sheet because you must preserve the free flow of cooling air to your equipment. Buy aluminum (not nylon) screen netting at your local hardware store. This netting typically comes in rolls 36" wide by several feet long. Completely surround your equipment you want to reduce the EMI being careful to make good electrical bonds between the different panels of netting and your good earth ground. I use stainless steel nuts, bolts, and lock washers along with special non-oxidizing electrical paste (available from Electrical contractors supply houses or from ICE) to secure my ground strapping to my net "cages". A good Faraday cage will add several orders of magnitude of EMI attenuation to your system. VIII Checking the effectiveness of your work. It is easy to get a general feeling about the effectiveness of your EMI shielding work with an ordinary portable AM radio. Bring it very close to the body of your computer and its cables in turn. Ideally, you should not hear an increased level of static. If you do hear relatively more at one cable than at another, apply more ferrite split beads or obtain better shielded cable for this component. The practice of determining what kind of operating system code is executing by listening to a nearby AM radio is definitely obsolete for an well-shielded EMI-proof system! To get an idea of the power and scope of your magnetic field emissions, an ordinary compass is quite sensitive in detecting fields. Bring a compass within a few inches of the back of your monitor and see whether it is deflected. Notice that the amount of deflection decreases rapidly with distance. You want to keep cables away from magnetic sources about as far as required not to see an appreciable deflection on the compass. VIIII Summary If you start with good, shielded equipment that has passed the FCC level B emission standard then you are off to a great start. You may even be able to do even better with stock OEM equipment by specifying "low-emission" monitors that have recently come on the market in response to consumer fears of extremely low frequency ("ELF") and other electromagnetic radiation. Consistently use shielded cables, apply filtering and ferrite toroids to all cabling entering or leaving your computer equipment. Finally, consider a good EMI ground and Faraday cages. Beyond this there are even more effective means of confining the electrical and magnetic components of your system through the use of copper foil adhesive tapes, conductive paint sprays, "mu metal" and other less common components. Copyright (c) 1993 by Grady Ward. All Rights Reserved. Permission is granted for free electronic distribution. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl Barrus Date: Fri, 26 Mar 93 07:19:43 PST To: cypherpunks@toad.com Subject: REMAIL: list of remailers 3/26/93 Message-ID: <199303261518.AA10961@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Q1: What cypherpunk remailers exist? A1: 1: hh@pmantis.berkeley.edu 2: hh@cicada.berkeley.edu 3: hh@soda.berkeley.edu 4: nowhere@bsu-cs.bsu.edu 5: ebrandt@jarthur.claremont.edu 6: hal@alumni.caltech.edu 7: remailer@rebma.mn.org 8: elee7h5@rosebud.ee.uh.edu 9: phantom@mead.u.washington.edu 10: hfinney@shell.portal.com 11: remailer@utter.dis.org 12: 00x@uclink.berkeley.edu 13: remail@extropia.wimsey.com NOTES: #1-#5 remail only, no encryption of headers #6-#12 support encrypted headers #13 special - header and message must be encrypted together #7,#13 introduce larger than average delay #11 CANNOT CONFIRM OPERATION YET! TEST BEFORE ATTEMPTING TO USE. * #12 public key not yet released ====================================================================== Q2: What help is available? A2: Check out the pub/cypherpunks directory at soda.berkeley.edu (128.32.149.19). Instructions on how to use the remailers are in the remailer directory, along with some unix scripts and dos batch files. Mail to me (elee9sf@menudo.uh.edu) for further help and/or questions. ====================================================================== * Here are a few lines of a bounced message from utter.dis.org: 554 utter.dis.org!remailer... Never heard of host utter in domain dis . org 554 hoptoad!Menudo.UH.EDU!elee9sf... Possible alias loop 554 No valid recipients -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK7MebIOA7OpLWtYzAQEgAQQAgDHr/0QFixBrtGLc6gN2uK93hTD2j/M9 3BwOPKWXt5DKr6gnioCuyDjTs/Ng7pFGo8AYV8lJmv9DcG5BkpXB5fHl9VRRD55Y 1As9fXSX6l1Qnq9mYgvQ4igcrzA737JvG2Dc5x8uJV+6GnA5v7A4QtCQAHG7TRlv +k0JwClg0B0= =KtpQ -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Honeyman Date: Fri, 26 Mar 93 06:57:29 PST To: cypherpunks@toad.com Subject: Re: Many Important Items in the News Message-ID: <9303261457.AA19460@toad.com> MIME-Version: 1.0 Content-Type: text/plain > All the more reason to allow the backbone admins the power to not pass > anonymous articles. It won't work, they'll feel like they're in > control, and everyone wins. more likely it won't work so they will use underhanded means to accomplish their vile ends. as in the instant case. peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: rubin@citi.umich.edu Date: Fri, 26 Mar 93 07:30:29 PST To: cypherpunks@toad.com Subject: Remailers Message-ID: <9303261530.AA19663@toad.com> MIME-Version: 1.0 Content-Type: text/plain I contacted Eric Hughes, and he suggested that my question was of general enough interest to share with the group. Here is my question followed by Eric's response: ---------- Hi, You pointed me in the direction of hal's remailer at soda.berkeley.edu:pub/cypherpunks and I have the code now. However, since I'm not that familiar with perl, I'm having trouble figuring out exactly how it works. Do you know if anyone has written a technical description of how the remailer works? I would like to build a remailer too, and I wanted to try and understand how Hal's remailer works first. Also, do you know if there is code available for any other remailers in shell script or C? Thanks a lot, Avi Rubin ----------- Chael Hall wrote a remailer in C. He should be willing to share his code. Ask on the list. The question you asked me about understanding the remailer operation is of general enough interest that you ought to just ask the list at large. In specific, I don't know of any such theory of operation. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: lefty@apple.com (Lefty) Date: Fri, 26 Mar 93 10:40:35 PST To: cypherpunks@toad.com Subject: ANON: Shutdown of Anon.penet.fi Message-ID: <9303261838.AA25842@apple.com> MIME-Version: 1.0 Content-Type: text/plain I have been told that Clayton Cramer, the bete noire of alt.sex.bondage, is the "net.personality" responsible for the shutdown of anon.penet.fi. I do not know this to be a fact. Funny, I never thought of him as being particularly "highly regarded". -- Lefty (lefty@apple.com) C:.M:.C:., D:.O:.D:. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jet@nas.nasa.gov (J. Eric Townsend) Date: Fri, 26 Mar 93 10:59:23 PST To: cypherpunks@toad.com Subject: re: new usenet In-Reply-To: <9303260711.AA22802@soda.berkeley.edu> Message-ID: <9303261857.AA28431@boxer.nas.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain I thought the whole point of alt.* was for sites that didn't mind carrying a truly anarchic hierarchy... (We're losing alt.* here at Ames, it appears, along with soc. and talk.) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: lefty@apple.com (Lefty) Date: Fri, 26 Mar 93 11:27:02 PST To: cypherpunks@toad.com Subject: ANON: Shutdown of Anon.penet.fi Message-ID: <9303261858.AA26930@internal.apple.com> MIME-Version: 1.0 Content-Type: text/plain I have been told that Clayton Cramer, the bete noire of alt.sex.bondage, is the "net.personality" responsible for the shutdown of anon.penet.fi. I do not know this to be a fact. Funny, I never thought of him as being particularly "highly regarded". -- Lefty (lefty@apple.com) C:.M:.C:., D:.O:.D:. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mccoy@ccwf.cc.utexas.edu (Jim McCoy) Date: Fri, 26 Mar 93 09:05:51 PST To: clark@metal.psu.edu (Clark Reynard) Subject: Re: A New Usenet... In-Reply-To: <9303260717.AA27522@metal.psu.edu> Message-ID: <9303261704.AA06403@tramp.cc.utexas.edu> MIME-Version: 1.0 Content-Type: text > From: Clark Reynard [...] > > irt the idea of a new usenet, i doubt that a 'new' USEnet is possible; > it is so firmly entrenched, by 'tradition' et cetera, that it is very > likely that what will exist is merely an improvement and expansion of > the existing usenet; This was what I was thinking about. Something that would sit on top of the existing usenet and provide different levels of service and information. I realize that it would be next to impossible to replace the usenet as a whole, what I am thinking about is extended services and newsgroups that exist in parallel with the current usenet paradigm. For example, a "new usenet" server could sit on prot 119, and when it gets a connection it can work like a normal usenet server if no special information is given to it or it can take articles for the authenticated service if additional commands or flags are given. To the regular user it would just appear as a new hierarchy (newusenet.sci.crypt, etc). If the person connecting wanted to post articles to the new groups it would require them to use commands or a client that extends the commands available in the current RFC. > [s/n ratio has increased, but we just need smarter readers...] thus, > rather than have kill files, having scanning programs > capable of filtering out particular TYPES of data, rather than the poster > him- or her-self, will be of far more use than excluding a usenet poster > who may very well post a greatly useful file amidst a welter of > useless files. thus, some sort of syntax/subject/type of data file > scanner (which requires asi--my acronym for artificial semi-intelligence) > is necessary to make the usenet actually new, and not merely IMPROVED-- > usenet improves constantly. As someone who has spent the past several years working in an AI lab, let me tell you that this is a very, very difficult task. The easiest method is to do something like user-supplied tags, which is what is happening now with the overview package and increased usage of the References line. Don't expect the "tell me what is in this group that would interest me" newsreaders to appear any time this decade and don't expect them to be free... It is still much easier for a person to do this kind of filtering and the current structure of usenet is designed for this. The newsgroup naming scheme allows readers to select groups based upon thier interests (topic/name of the group) and moderation in groups allows filtering. The problem that I see now is that there are some unmoderated groups that are too popular for thier own good. Take comp.org.eff.talk for example. I would love to stay current on this group, but there is so much noise (mostly in people repeating the same thing in 5 different subject lines...) that I will often skip it if I don't have the time. What would be nice would be for a group to exist that selects articles and threads from that group and puts them in some group like comp.org.eff.talk.best-of... Eh, either way I will start coding.... jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: rustman@netcom.com (Rusty Hodge) Date: Fri, 26 Mar 93 11:10:21 PST To: cypherpunks@toad.com Subject: To Digest or Not To Digest Message-ID: <9303261908.AA06218@netcom2.netcom.com> MIME-Version: 1.0 Content-Type: text/plain I think the optimum solution is to provide it both ways, in digest form as well as the way it is now. Digesting it would also help provide a standard way to archive the list. We really need archives of this available, "official" archives that we know contain all the messages. While many readers are keeping archives, they aren't standardized. --Rusty -- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Theodore Ts'o Date: Fri, 26 Mar 93 08:45:18 PST To: greg@ideath.goldenbear.com Subject: Re: Anonymity, accountability, and control In-Reply-To: <26H11B1w164w@ideath.goldenbear.com> Message-ID: <9303261643.AA04023@SOS> MIME-Version: 1.0 Content-Type: text/plain From: greg@ideath.goldenbear.com (Greg Broiles) Date: Fri, 26 Mar 93 01:14:00 PST I've got my net access becuase I pay UUNET roughly $50/month for it - and I get my own domain name, with as many hosts (and as many users on those hosts) as I care to set up...... It's this slippery notion of 'accountability' that is perhaps at the root of this 'anonymity' problem - the idea that there's gonna be some hell to pay if somebody writes to 'postmaster@leviathan.com', and complains about Chris Jones. The fact is, you can mail to 'postmaster@goldenbear.com' and whine all you like, it's just another alias for the same damn person (me). I think there are going to be more & more people like me in the future - I *am* my boss, the postmaster, and the sysadmin - and if people don't like what I do or say on the net, that's just too damn bad. Well, there is still *some* accountability --- if you do something really wretched, and someone complains to UUNET, won't UUNET at least tell that person who is paying for that link, and if you do something really egregious, and UUNET gets enough complaints, will UUNET shut you down? I suspect that it would take something really serious to cause UUNET to shut you down --- for example, if you started sending child porn, which might enable the Feds to seize *UUNET*'s computers --- but there is still some limited amount of accountability, and potential retribution if you do something which enough people considers is wrong. If we lived in a world where it was easy to filter out anonymous {mail, news}, and the anonymous poster had to *pay* for each octet of {mail, news} that he/she posted, then I suspect that a lot of objections to Anonymous mail and news would die down. Many people have said this repeatedly, and I agree with them. Unfortunately, we do not live in such a world now, and pretending that we are in such a world (by answering people's complaints with promises of vaporware) is just going to make enemies. But by working towards such a world, so that people can get all of the benefits of anonymity without forcing *other* people to pay the costs of anonymity --- that is certainly something which should be applauded. - Ted From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Shipley Date: Fri, 26 Mar 93 11:54:04 PST To: jet@nas.nasa.gov (J. Eric Townsend) Subject: Re: new usenet In-Reply-To: <9303261857.AA28431@boxer.nas.nasa.gov> Message-ID: <9303261951.AA00899@edev0.TFS> MIME-Version: 1.0 Content-Type: text/plain > >I thought the whole point of alt.* was for sites that didn't mind >carrying a truly anarchic hierarchy... > >(We're losing alt.* here at Ames, it appears, along with soc. and >talk.) if you are needing a site to readnews from I can enable your system to read news from my site (tfs.com) -Pete From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mccoy@ccwf.cc.utexas.edu (Jim McCoy) Date: Fri, 26 Mar 93 09:56:16 PST To: tytso@Athena.MIT.EDU (Theodore Ts'o) Subject: Re: Anonymity, accountability, and control In-Reply-To: <9303261643.AA04023@SOS> Message-ID: <9303261754.AA06965@tramp.cc.utexas.edu> MIME-Version: 1.0 Content-Type: text > From: Theodore Ts'o > > From: greg@ideath.goldenbear.com (Greg Broiles) > Date: Fri, 26 Mar 93 01:14:00 PST > > I've got my net access becuase I pay UUNET roughly $50/month for > it - and I get my own domain name, with as many hosts (and as many users > on those hosts) as I care to set up...... > [...] and if people don't like what I do or > say on the net, that's just too damn bad. > > Well, there is still *some* accountability --- if you do something > really wretched, and someone complains to UUNET, won't UUNET at least > tell that person who is paying for that link, and if you do something > really egregious, and UUNET gets enough complaints, will UUNET shut you > down? I believe that UUNET has applied for and received common carrier status, in which case they are not responsible for thier traffic and cannot make any judgement calls regarding the traffic coming from a particular site. It is kind of like the phone company; they may not approve of the 976-BABE numbers, but as long as those operations do not break the law there is nothing the phone company can do about them no matter how many complaints they may receive. jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jonathan K Saville Date: Fri, 26 Mar 93 04:11:54 PST To: cypherpunks@toad.com Subject: Re: help with PGP 2.2 Message-ID: <9519.9303261210@monge.brunel.ac.uk> MIME-Version: 1.0 Content-Type: text/plain Michael Diehl writes: >I'm having problems with pgp 2.2. I am trying to add someone's key to my ring. >I get e-mail from them, save it to a file and xfer it to my home system. Then >I type pgp -ka to add the new stuff to my keyring. I've even edited >the file to just include the pgp stuff. What am I doing wrong? I had the same problem - I believe it is to do with a new flag PGP 2.2 sets in your public keyring (see documentation). I solved the problem by executing 'pgp -kc' which checks the contents of your keyring. After that PGP worked fine, although to be honest I'm not sure why. Hope this helps. Jon -- ------------------------ ------------------------------------- | Jon Saville | Who alive can say, 'Thou art no | | ee92jks@brunel.ac.uk | Poet, may'st not tell thy dreams?' | ------------------------ ----------- Keats, 1819 ----------- PGP 2.2 public key available upon request or by finger From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@alumni.cco.caltech.edu Date: Fri, 26 Mar 93 13:31:39 PST To: cypherpunks@toad.com Subject: Re: ANON: Shutdown of Anon.penet.fi Message-ID: <9303262028.AA06217@alumni.cco.caltech.edu> MIME-Version: 1.0 Content-Type: text/plain It is fruitless to guess. You only tar innocent people. The truth will come out, more likely sooner than later. Nowhere, Man. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pete@cirrus.com (Pete Carpenter) Date: Fri, 26 Mar 93 12:51:45 PST To: grady@public.btr.com Subject: Re: TEMPEST in a teapot Message-ID: <9303262028.AA11335@ss2138.cirrus.com> MIME-Version: 1.0 Content-Type: text/plain ----- Begin Included Message ----- It is speculated that poorly protected systems can be effectively monitored up to the order of one kilometer from the target equipment. ----- End Included Message ----- The "readability" of the relatively high energy sweeps in a standard CRT monitor is well known. Any idea of similar effects on LCD screens ? The energy involved would be orders of magnitude less, just for starters. Also, since the whole screen is effectively oscillating, I'm not sure that there is any 'raster' sweep per se going on here at all. This could be a factor for the truly paranoid :-) using portables with LCD screens. Pete Carpenter pete@cirrus.com Talk about your plenty, talk about your ills, One man gathers what another man spills. - Robert Hunter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: trump@pluto.ee.cua.edu (Louis Edward Trumpbour) Date: Fri, 26 Mar 93 09:37:49 PST To: cypherpunks@toad.com Subject: hmm Message-ID: <9303261736.AA20017@pluto.ee.cua.edu> MIME-Version: 1.0 Content-Type: text/plain well one thing i really haven't seen in this whole anon. remailer bid is what are the treats to individuals and how often would these threats be eminent or really occur and does the bad really out weigh the good? i will go into it futher someother time but just food for thought... Clovis From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: grady@netcom.com (Grady Ward) Date: Fri, 26 Mar 93 12:44:21 PST To: cypherpunks@toad.com Subject: Mac app: trash helper 1/1 Message-ID: <9303262042.AA28028@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Enclosed is a small Macintosh application that writes over the unallocated space on the current volume with a long-period stream RNG seeded with the system clock. Similar in speed and function to the "erase empty space" option in the Norton Utilities, it is for Mac users who would prefer to have happy nonsense rather than boring zeros on their unallocated blocks. In cpt.hqx format. It is cypherpunkware: if you like it, secretly give it to a someone else. (This file must be converted with BinHex 4.0) :&&4bBA0S)%KPE("PFL!a,M!ZBh"d!&""3e4$8%08!3!!!(A&!!!!!&@F!3(p"J! !G*@!4@GRGhKiHAPUL)U*LSQ*Q'PkLhKjLBKhHBQ+QSU*HSKhHBQ)D(Q+H(ThLBQ +QjZBD)L)CiLCH(GUH)LDHBYmLRLDQ)L+UCUBLTUEUjbVUjTkQTUUH+bDR(QDQUU DLjZDLBZDUTUVQjZ*LTZEQCZEQBUDQCQDQjUDLjZ,QBL)GQ8J!!%N49GRH*QCUUZ UZVbmZ`[G!-!0!0!!d!!!$3!!!!T!*%9Q9&ChGiD)KiL&L(LBH)L*D)L)L)L)Q)L *QAQBHCQ*HTLCQSLCQBQBL*Q)QALCQCQDLCQDQDLDUDUCUUUDUS3L!6r$m8)F)"* 'JPlVYC2p1HrUPpKmZABi'Gq6e(1!Mc[aG6IkhDl+A-f0j2f0r,k@[XCH[[TrD5! jY,LidqLd6J3(BKZDKaBEVYFKplaT2q`%8hq2Y#"9,%2f(b'SIr6mTa),(AZ#25f ,SPRh4,TA"+GVR4,1Z#3Xqb!3#+MYJ)eBSmZq`p&C3Li2)Xmdi%DG`)lT`)mTS4r 9*F#2*D%E(kM3LIil3MDmGS4YUK`)bMJ4A1"'UF#2fY#0[Nh!MFZ"$L%EILZ"(V1 "(*D%GR61"&Zi%E*`)[(!M&D%I3F6$k$K4p$F1"(LZ"(S1"(-D%B'GF#,e`)r+d) h2R0#2Se,J4SA!Ka-)GJ"%MJmL,*1"(JY#+4*3"%RZfK&,E1"(BZ"(DZ"(kQK%)! 45F(N8rHY#+LUD%-'*,J45Z"&-"#Pi33R!!4%P3!L3R`!455QK&+N)!LQiE3M(+A "(#3LR#Mm,3L5R-))F%+A2Y#+C,JJMdR!MN0#+G5`!48G`i%Gmi%+6K"(VY#)3qM i"0"QEI9BhT62Djh+DAhXEdYc$S-'%8FGKMlIm8AiE!P)K!#ZaVV1A9A'rRC#CY2 Kl8%2$Ra@%,IKEA,A'rcG9-`)T$$$M9d*m@,fea[lj&(H2#Lrj0a[jPl3d-bpMq# CJ3`QS`KbrKB4@&8$%GK9@&9Em+(PY8$8IcKA"0$#J$%N3VeXe"qU"3X)@%+bUih M+HZ`LHd)lEF`%%cdZQiS15iH&[*G2FlfUhU$0TlP9ZdM9hhV%Dp,03RaiZleEA2 H'pVYSEMITc%L3qL,p6f4%J!PhiSVr9lr6qpP14MF5hl#hfrEE6@l1p*@EI9I$Q* RYCI2jU[KQ0,lh`i9GH`cGTr,iI6cNciFaR-'%V#K(i'F`F+9K5im4"%*FIIJ3(8 H'%%!BqdK!+1mR`cPR(hEKY`%%"Gh$#kA([Q%dZ2YR"M#F'-&JK#2!BNd)pXiLdp a*VaJK#2CAm[1@NH`BMdZ1DiURAJTUh&!e,&JK(F1'@RF4+Bi-D0a3V0a-V*ab'I F462#r@,LICY`dVR%%8KL'*EMRXX&Q8FF&NR(*5R$5UF4#SF8L5iiSNHSic9%SmT TT4j,83SmKUQ8IGcPT4pYU`8IADjLMafS"4p0UQ8I3DlbMjc9!Sm9a&2,F36bK"2 *F36KY8bMic9-Sq+iLRL1)*Ljc"P`Xj9%D5&R#94'NPT,"T*GRC`SiBZJd$#6[(# 40%"0&0&CJ`0&,X`d'LB-GY2P"X0!#dUMJU#e%CjL)*RND$2-0%cb'0N`JP84S"3 *9%D!3b94kpa8"T!!85&%D3"i84T'&!dM#JD4J`0)a#%dL4JD4LMCpLUCja"KTQ) X0-a9KTQ&c'Q$iDCJaPR&ZbM(#$8-3`DKJ49-43DCNM`dc%%Jf3DJ08KLJQU#kKb 8JP!DK*&3peUK8"V%U9!DaK-0BR-8"V%j#J0BP#S$@-+"V'$!eLG43mT+*3'Z8Te !DjJXaVJZ'ZB-$A-4BDiK6K8%eaH58"VL"X+!e`TZ&38k@&,LS$C-'%f8!`Bf3-* XX+'kS$C-3KMC!`Te-+%9!E4L-B-q)9BE34EG8%fQ&,h9!E4L6-R5"!E4J3Te%Qd d0"X'*%0J"'&36B*3P1TK#0DGNSd`""UQ)mQU52$9-)P1FP-'XBJ6*dJS'XB8*V% [M'X$"6T)S6@*+XSaI&1SP)'XB,+G41U8kLND6A*aLDiAc''Z3aM*VK&XENjbcaN eJT@-0BNLa[E5qBbDS9$''U5SBbDSAM'69))mi*%d`Pf-0-a![+DTf-TeKI-C6V# IBc'S%%'SB%$8-8iDL9*P3aKU#l&KM*U*-,2'Be%UcaQB(3%*U%8*U%%$8"aCih! &%'NP)N'N!L'-0*+NL'$5#+@H-X$K)S0-`df`D$4-0%d5,"SQ+!0%(PRM%kc%%'Q BJQVRfBE$5-5*0)N+C1S#"1S`fdB5*TN+$6-FdQQ5&*TND*TN)*TN)$6-43DCL9$ 6-3c,-H*P!%64*E"SQ)N0%`L64))64)BC1K+XqD0%N5jSd54,QQ"dR'FhN!#F*c8 dL(PJH#JFdDC)Yc8db#"TP*0c4TQ'a1JNQjSe5NLj[PL#$6+6lQM6-&"TQ'LDC'M 'Q%-'QB8$6443Nmh`%j6QTT)T-1DQN3XB(A0'J!Z(0'JB%-R)NbHD6N4)X8j%3)- R)!JD3b-C20'N$#6c4T!!5+(08j543R+$L6c918JJDKK4XTmN5j6N**KTQ)-Tc%N bR-5$$8-A"PL!'"U&VGmdDKJ36T-9BDaLE@3LJe$%b68)8'SB@*U%-+Fj+&Q'5#+ Fa*%6Q-8)X4-#%eL'"V',J0Ba)KV'"#Da*dQX!MQ$@+6$Q$@-#&BQ$MQFK1SjJeL 86Q$@*b(-'X5,Fa0BLiDa,Tc"V%j$Q*V%-+GB1HB0Cc&1NL3DaL#$@-0%eL*2&6N 1B08a!KUV-&qB6S5+J#"V,1S#E[`N8jL$"V'%JeNK"#Da&JePUPZ'XBDEi0"U*#$ "U,9%Je$#403K!DKJ`04DSS'SA5XjM-$)'"UV0%!e6&3'UB8$9'&I$Q$9-83DTK3 09DS3'UBR!e6#JDTL-,!m4!0F`S6A)S8kb3!DjL`$A--#GCLF$B-'$+1jJeM*!"V '+B0Ba4"V'1-'XB%$@-+#@$PM8+46PM8-#"U%N!"bc!k5`FY6V"TbaUNLR,'U5`F XDT1BjBe556PV!m4!08`B'U6U1@4!BK#Dj&#L!KJDjL%$A-+#GT13!1@SJ)B9LL4 )KbaX+L4#SjH*2U"EP1e)N9(,'b"D(,@"p!%"XUK"!f6"JE)4@SjDRH5$+Gj((E# #$C9#$"XJNKbdf50"XQ))0Na-Va8J1@aX"!KX')N0J%d1@0Ja"P1dLjPLB',J0"V '%JeJ53jDX8*)Q4#$40BM3DaLK$@-+"V'##RD5!$@-56--Gi08aB&BQ5($A-Fi0F `B9LK&`ec(!$A-N-8l5+'4'N3j3f55lPFV1@I+'Z5CFTQ8T)U180FM6P+)JJR+'Z 5KFT6X)B'Z8Jh+'ZB%+GK&!ebGPbPBZ4Kj5Nmj3eM"BDa+Pb['"3DKLI-DJ+Ne%Z %MP-bN!#SKbLGL5JJDSMM)j6,&!)$956,"j5X85kL4bZl%-'QNS-lLI)!lI-64C4 %X-"TQ'!dc#3DCL)-jlJ)$6!a$P+a3L"M8!303`B@MmN!'SBU!e!J%18QS5iA$%d 'U%QNFSDTJ308&dMP$9-#%e53!'9La)X08a"P1XK!DTJKA#',+13S03aFQC4`%*U %S3e$(**U%PJe$&U'SB-$8-G%03Pbq&C5!8I#XT!!%3q%DaJ`aV!3'X5kI#0BP%q (emjCr#03N!"2Kp05QI#Te"'[K'Q5TI#0-Nbq&0-K!R86T[K8kL4VKKS6S-&"U') mQS5#BTXiD52qB$4aqm!hmirj!0Kaqk!hYarp!0cdIZ!06ara!ESBrE!E%MpS"Y[ (l)$Hc(l!$G&(ki$I%MrJ!fGMpB"Yr(qm"[U4mF"[m)r9!EbBr8!EkdIr)$8Br6B 5Im!0i-IT!0pU2d3'r2(k!$IKMrh!Eqq2cl@[Mrf!V#Mmi"[rmIlJ'rdMi`$Ha(j S$9dI&!E04rkJ0NSr-!ETSrp!'U)ef"[GMrc!EL4rY!DbMrB!hP4q8!fXMr@!f8M r8!haBrdJ0YBr*!EkXIq3!!fSMiM*%[)!E"MiB$HA(qJ"ZNMmGLFIiJ0r'2aJ'h8 Iq!$IBMi3$CL2ml!ca3'm52m`$5SrbJ0UBrb!0bBr%C+Tq-"Vf2``'USr#!DTM8[ eM('!hJ4d3'i8G!"[&MaQ5$Fd"[rBqB!hF4mX"ZaMj3$Eb2i@*"m!$Gh(rk!fRMj )$F@2r`"Y$(ll#6rX"[pBq49Ghrjk'3jblK$[DlaN&6iG(C`NlQ(CcCG2l'&I`k2 G9&3ZdeqAHh[[)FLh`#G`%%Udpf,J@T`)Z$h)h-+dr&#'%$''q`afFY)CDHl)Phm 1Lh93k0Hi$8M0drXE`'X1I$SX,C3!V%F#-9"$K9k4ZEE[AddqPQ`THCEH$#SR8dq 3!!CldqNaI"KPVZ&*iXZpK+R`P5USjN-k&*L@&I$*(EilV0`RfH,[0A[lb4JfBJf m[UDI%(AL#H@GTlh`f2a2bcm@HkP!k+9A`jqf`Td)[&qG[q$YjGPmVdY(I9QAm,G 9aZHI$hiLAfDbbbqArdkrmH%90*qFdI`lDACF[j9AipCAr$2m,G(GXTQ*e`XGDeP PVqmlQhB8B%ZbU,hU[dK*YRd5G$@@9$if3P-*-%9+5Ge,,%PL9VDmpLV[!)1kRh[ KRbqPK$MllRX+I*3NJkeXjPQ#!pji)FHB#98iilmV,Xc$1pKAJ0MlIKCUaUFM$@9 253dd)J'R3N!0rc#N!E-`NJ0cN!#P!DpK6!0cd+F"[pS9!$98-F!e4#T!EQ`ai$6 i93$IEKcJ$FU&@!f3!)Fk*8*0PI+F#1'a3-3"2!GFi5`G02K@8rYEVq'*I`b(66k M-8rYGVl("r(K%MQ*i@kcPTm1)`NN[C*92C*i$#6`((4BSfeG,m(iF4"(4A[`q"# 5eJQ3!"UY#fFZ"3YP#5P%QNVR&m''5PfFU8Qmb&M2Ki8Aa0df!(MEfpipKCGeaHf jEVi+IFed(&k*92D`Ub6aq$cc#i$"F12`4"Xp+BJ`-$fQ$(JFIJMmXr+k9`BU1U% Xjl`jm(TlAKXUJHpm2!*[Z3q6I2Xr#Z`LE6J!*Bfr#T0)['-JVifbHaBm@R`m"1- Rb[0iGK8!Pd0K92JKmE32`452,HK+@i*HiiD1#(aUCq5,[(S5XA",mVKSi)C6M2b 4E"iY%MI1VpP2`SN2&&Qb9E"E1"1TXjH`bA`jZAA`bfaK)b&8Yh1PeaMcFA#XHSU +DhjS)9F,+,LaHG&k%A["G8I$A9Yl!mK9K5f'2*-+iIP+!M0L@DGACPV+%JbNf%A P2UlD-aabH,)@&8cb[-01Fpa0)p`m3mH3!#F([,3m2dU-h6UB)@UckN[DXML3!+K AXMd*BVSNaN1-pSK"A-*XjP)!c&2KVTGRdGa)`jB[@Vm%$VhiDi%1rC*0Lc,b4L! *Kfr#b04@kArIhLEl0b-@XcFJU49[N!!'H)"K8+VGedB65-8"ZrNH),*+PdpaK9m +bPPaF6'N3Q@I$B$@YRaX,`plHpUp1m`"61[I&-%8a+b9i@kk1dIC9!Bm"`BIPA- KH09bYm#4LD[Y`'m"ra3ZiDpUERCp*0X3%cEAK3PJ)3bNeDPSQj-Pfc!*,cmI8Z0 r0NK9)R`dr[CEPI$*AS!hKbTdc23"#%cfSCr-%%$cq9@Ppf%UE)bRTIQm[AF`,S4 mPr"G9"G8-,T-V+q&PJ`j6``hFZA,kATdB4q@FQbp,f8$6*%f%S1-Y,dpa[Xj-CM K2kX02p@'VBV(AFSNb9*Kc$BLl#I%V%#&V@9J`Qk#A6HaKG(id2'eY[89%qALlcA CKBH'[k&$&C6FBD+AD&q0+PjkSU#r#T[BhA4i@8U*G0FlbI0#lKL#5MfL)SXqJi% hLX'T30Hi$@9G'T9G#9N1RQmM`SZJh8hM[4*apb[Gp6RZ@iY[`[MqB81TJ-q#!5F A`Br,AY%SNrM`1bAhhh(Y!VULQhJq'99!0&KE(KcrR,(S[khSl5,Z-aQiCMfIUER ,qCfZBTrBlA"brPq*A9'BT[BlA!LhcJ9dIE9e3,CC5mh&[KfQELlMf0e@Cl+9('m 5SU,RG0&Pc4VV`)YmBh$%F!cZ(!cZ'11kiFGij8@K&f,pN!#(L$1$e2l'kihEbl5 XGPB3Kp5AD5m*6q2j5Tr502k4Tr502k4TqL08[mm,&hZZ13aNlR)Ma99qqN9IP9m aLkXT&qq8-fAC5ZX-cJjb4r2kY*MCR"kkPpARk6PCR"rbUZjqj5FR-i2LBrarNdR )c1$QVlT1lT2Gc1$r9XZIN8RYjR"mR@fhLdRVjR"r(1h&I5FI-i2ar4Zrd8RTjR" e2UGEdG*k'C`Ip2pkEkp*jfC`H&aHRTD6LjR"c(LIGqr5HAQF'kr(pHaT2+c1$qh KF6kP*j1C`ImImIIbe*`mcJf2j)ridRMCR"d[Krkr4T2&c1$kRq(HrTT2%c1$`I' m'kT-A-i2bI3kMN8RJCR"Xr9amkNa-cJqMjrAHR5GrQF(`I0l'fT-2-i1K[ISIm8 RfXcJkECkAjP*hQC`H,0bI`dRGjR"r"GeZYT1"QF(j9*q2L8RFCR"Yj2dY65El-i 2qr1FEhU6YXcJiG6kf"5B@C`FRHIkp95B1C`GEf8IlU6!c1$bYGi1cT0YQF(Il([ Bk5IQF(iN@2kqN[-cJcUEU2fdQbc1$(c[Bck6BCR"he4ehXdNh-i18r0TIS8RAjR "[XAk(lk69jR"q$mpEr65DR-i1kmI*rk8PaQF(,qPp+pT02QF(CImrMj9*-c1$rh jhV@Y*SmcJlcph'mkNXmcJirrMeHLT,,-i1$kImrc8QIc1$l(qhMmj5Cl-i2GFEZ IlU5ac1$9IPjr2dQEc1$rAiA5H$59fC`I@mAFC+Nc'C`Il2d@hDdN[-i0,$VFM5C E-i0r6hHlT-TQF(rUVkI48Q5c1$pV(8h"T*@C`C'dq[8dP9QF(EpMphl9)0KlZ[p qYT*1C`IlYKa-@NKQF(qRe2"k#33!cISplfmJJ"q6Lrkp,))!F6rH2m%JJ"eriqa Nb#!(5H*ehG5#!(KriiqZN!"!$p2#kMaj"!$V+@YX*"!#XNC2mmJJ"rKMp,55#!( PeAd2l*!!3!ZGPkh6b#!(p&paX133!mDGp,+b#!(qHYr(h%JJ"T0RirD5#!(5h[F rcN%!-5lpAV*"!$eC[mrmT"!#dNlLE))!G25@h`5#!(rqTjr6b#!(SFjdRT5#!%c `qRkZ33!dAj+ErQ33!qrih@hFJJ"j[q&hrh))!DMeIIZC"!$2qKa2*N%!2ZHEpIF b#!(RqIphfj!!3!Qi[Frl5#!(2IQmIUC"!$ZI(rRbj"!$PrRp@qN%!,[rQfmZ33! PHPZ1ZN%!2TrZk6Mb#!&(cZIl133![HbT[DN%!2MAR6r2N!"!$#f0hrR))!I$VZY rUN%!0R6F5M))!G$&lqbN%!0l8IGidJJ"b1Gq[Sj"!$rj6pli8JJ"8`m(-b#!(em G(rI))!H[9rkiq33!h(BpGL5#!(1E6XG$))!GhX1SlD33!rKVmIN*"!$DqRNrT5# !%RrLYq,))!IhmEk(rq33!pcrE5r+N!"!$EH&a[Xb#!&*qAeUU33!qcqMmIjC"!$ qALr5Pb#!($i9jq+)J"qEr(VqSL)!9rLFjZSL!(c[ar,jk)J"q[rI%m5)J"LmA[+ b)J"dISrXlb)J"f(UFZVL)!HCVIAqh%3!r21ml(4%!*GpZraa%!1YfAj2k)L!(l+ UA[)L!(Miq9+L)!CQ4DIKL)!A&,mqbL)!ImmjJrXL)!IKUG2V)L!(68R3Ha%3!dF R1E@)J"k8haH,%3!r&Gll54%!-pHqMM4%!1TfImHaL)!IZmrNmf)J"hrQq6Y)L!( br3rXrhL)!@hUrHY)L!(RIi@2V4%!2Zq0$E4%!0"q6j[Q4%!2QH(VGA%3!j[RDIB a%!1irGJrq4%!2LqPR00%3!ehr23HV%3!a[cll"L)!G[irLqj%3!b(j[ih%4!$Bi [SrUL)!Iqmlj2@a%!1eU16j%4!$Ri[[Iea%!,bQrXrP%3!prA3YiL!'lf0Mk%4!$ ,AQYed4!$XZbqEbBL!(XkrViSL!(eYKHIfa%!+MDI,cN4!$k2BmjrK%3!rI9pjP) L!(f-GLGc%3!jdhiSL!'"6rXlk)J"lILqGdd4!$lIk2Aqp%3!T[brNbm4!$jrKE[ kF4!$qIqdV04%!1mid[aSL!%Ar(ckD)J"fITfR!L)!IPRCcjF#!(NDhS2rd#!'Vf @Rq*!J"BAf$[B%!2#armFa!J"qUUp(`i%!0C5lkSJ3!VT(Lpl!J"i[q2hZGJ3!re iApRrf"!$9IMmRim#!(4H*bIb3)!ISiZYbF#!(PIlr0`S%!2QqT!!d%#!&Ek0Mi% #!(rlcIPr1J3!p2cqFreJ3!kVeH[fm#!'Gp#mrK!J"i(MFZcJ3!rir`rCjm#!&Vi IHAN#!(b2bBR-J3!qp8rNl+"!$MFjZk%#!(9bI1dX#!&P5H[jX#!(IAIclq"!$rD EDH[!J"TpR+l#"!$U,fAj8#!(eDMR2rB%!1Cc[bpI!J"VkDmp'"!$*4GIU)%!2UE (pRZ`)!80Gbpa!J"X1ba1(!J"NEc[09!J"p,pflrA!J"bI1r*mf"!$DImq[re!J" PI5mlrj!!)!GYipTkN!!J"rjqIjmb"!$XF@Alm#!(3IQPE#"!$JISk$kd#!(YH,R +H"!$Fq&Jri`)!BlmZRk5"!$qhMHM[S%!12rYr(SB%!1dp2aHrJ3!Urq0pRB%!1p f(pRhB%!2ikrlhb)%!*rBmRI`)!8qdmRid#!(rh(I0i8#!([9HYcDaF2S8pMpKGC +Y`Umk,dfA+bf3Tr#L0!k,f,1XTq2ZXaC(K8MmRG5qQK$mKUE5kDkhKV2HK,Tp2l f8iI0j#ad2TQRpMPMSdFa-pV,Q1M4VY0le'DD-H@Mc)$Fr(@J0mD2qKQm6Q'Gr2i i$C'1XCiFHL!ERBjB$9FHAChQHKChQHJCi"mX!e0(ci$5BmU!dL2i`$44XriQ2YV q4R,5-l1B'B+p"FH"2P!0YTmX"TkrMf0H8FlQXER`IMCqa-L%DmSjmZBeqa*YG4V eARm!aXp9mZ%E2f*Xi4XrV(#K'H8PI,f0ceCaVeCR#P'[+5HI+0H8NqV8Dq$jN`a VbNRYJMAUc1TI(A#m8M0iR(XhLFLcH*jpQm6*C[%e60iR*-hLFXcH*c$0iR0XhLF mcH*XQEa0+cH*jaQm6m9Qm6d$0iRqL2rq!fFMm%"[N4rL!EjFIJ-P#rr-PJr#!f6 Mi,1)I%!DYMr!!eI(pm"ZRMqmcAMlm"[MarGC`BpmcaSrF!EU)m0N[hff2Fld"XK (rH!f9Mqd!eC(rFcK(qbcLprqJ0S)qmBqMqd"XG(pKM9If-J4hE2*EpF"ZMMlS"Z PMqX!hbSq!F9HrBfRFXk)Ie@F-IF!0,MlGR&Ap4PP(kB$Cq2I!0PfA0FXbjVmGPc AT@A0HMCFecM,QZHCFek*PcAj,,QYDbjVBXZDp)bjVB-ZDbfA0FfbjVR@A0FbbjV d$,Q[6XZDel,QZBCFek&PcATQA0DjPc@*Pc@UMmpM2+j[P@A0kCPcIR@A0kGPcIi c,Qp)bj[MfA0mJbj[NfE'Z1CFhb6,Qp+bj[9XZEmqbj[)CFhNarT*-&FejjPc@TC FeP-ZDmj(`rPT6U)$5)mB"T-I-!DSMj3$&Td"TFI*!DcMpm"X+0F3HI*5qRRll!T r+hNZQpR#,303E#pLF4XRLfHfKRZRKb,EYI*Y,Z5H0mfE6I(Gl)rkY`GfdmIIJ`U Te62jhJEZZKr$Z*XQZTIiGa,Nh*`GdFaBep'YA"V4laH5%U`5IBXd%EQ'f2$RDHp (P*9MF3cF26hXr,(%(8I'r(00m+E6!4kl8Sm6Hh[RlR,EE2[ZACprdA3ff8+aI6c q(ECk%,[+*0$AjY"!+kXXC81T&1qPi5i3`Np"K*P@V3rBQF4E`CG,Fl[mZl[B4RF 0K+QAY([,IK3bPa[bq4j9'SIEX(ai-cfSXqIJ[8DEhSm)9#9Q1VeIEbl+'0#($lV q@qVX)$)Fl`q(h9r8r`a0ehEJepHrUI@`f"b(2VqlKEVl3'8R)$5rU[iBPGK6p&` qkADcB5)Bq[lH&ZZl"Eki9#dD[YaDZlADK0N[#1e[FTB-YK4hMlV"bV#U&D!C[EI L`E#U((9km6V1rH"dMa'#RMT$Q#"fBfpSGhT%VYDdklEp4QXPQmfGMZPp[I9P0q2 #Vl,RGefXRc-,p'mPdrmGpi@lPdUi`@M4I)4Y'NiJ(+Eepp@8U'ZQDDEXipGpi45 +ilJa#1#-JBrHKLPpCa*1XHNNrJ**AITVYjTrHPFH0PG[GMUU9qka[h2hmTHrZVl r,Nhm5$[j@1`aki-D`@8T*I'cSSI%9*b,pma)M@PA"m&Q3!qZqj9[Ri%YerFrT$2 L2D'IAVEf2'5kldA@RIKGCIa'qb#XA`NMiQ&Nr)D*2JJ5[2!jJ9`rrZ6iErqGI@b H%r+SamNb"'H'p+ZBR@LKSSq8YpA6Hh)PbmKr$IAr1jM)@YV-YI@l'rLiRDpVK'1 "bCHDK*B0!3m(+k,I%P"MKBhCbTFQrNqYiZEK,bhKEb[Viq9jQmXDHC`rB`Xedbq 9U@f[Jd5Y2qSSI8a3@*Lf&@%k-5'M$lPe)d@bfBNq&fZEN!$iMPTre*If-U9r#38 cqaG6X&XhAamR1D-G95jLQm,YDk4,VimDjm'2'r+!K@-V"d%AVH,Q1'$(*!M#A#A (jbPEha+fFep5ZBbmESeG8TB,6q-L@H+A'VTQPpZ'&0N9ccK9C6CHANe$B*kLHKe Ar8A!dhr85abT0!S+M`U#S+Xk#S+U+#S+LS+JU439"8ZJU#T9"8&5U#S+Nd#JS0P 39Cd&3988&39&39"8LJU#TG"8&5k#S+P8&39*S&"3E+JUcS+JUSS+JU+JU#T&"8& 5+#S+Pd&39+S+JU63+#Jf9"9R39"9439"89"1!LS+JU439"8ZJU#T9"8&5D"38'b S+Xk#S+U+#S+U+#S+LS+JU439"8ZJU#T9"8&5D"38'bS+Xk(!B$-S-S+Jb+JU$*& "P"P"8'5U#S-Nd#J`0LJ`"Yk`fhM$EGX0ZfBEI5BEGU`fh6$E#!DjSV1+Yk+H"T+ +H"ee&2!YU)m#2pY%H"(qUL2!MiP&2!YD)m#2dU+cLZ`SM`)r2SM`)q04(J4qC4( J4qT46`094CrUG&2!cG&2!c&&Ca@ISTi&G4(J4iP%H"(hp%H"(Kd8m#A4(J4q,46 `,+L2!Mm5LRJBY%H"(i&%H"(ie&2!ce&2!fY&2![U+H"Gd8m$qZLRJGP46`2qU)m #2fU)m#2q&&2!ep%H"(cD+H"p'L2!Mq'L2!MrmSM`)rjd8m#1LRJI3STi(cD+H"m bLRJG946`2R88m$684i%Il+)m#2p0&2!mLLXibdSM`)r4STi(p9%H"(rY4(J4qE4 (J4rk84i%Ir0&2!kbLRJG,4qLXk5MZ9TE8IrLd!U1#XlbMr@&A"SlJ"[[8Hd!ElP (!@H&4qJ"Rjk2CV68SlF$2b8GX!hK8GU!hiU0q!hq0(jkdq+-pCU&'q@Ca4[9R!8 GSXibMH,-SSpN&Ae+2BJ0[+1c!EYD1b8++0f"RfD-jCl9(BJCpLMX!'lUMV`'lQM VJ'lfMV9R5-k,Pr4eJ$AY(X!'R8IkJ'h&(Veb$dIk3UpbMe`$Hc4qF!hV8G@$'ZS pD"R-SkS$0c4k`$2JSkN"[ISh3$Hp4Z3'SdIQJpfG'i!DI4e!$AP'h!EB8IQ!0J8 G1!fbSp@&AYdEB"[ASkB"Z24Q!a0Sk8$194dJ'B0(UJ-j0(4J0b+28J0lY'e!E'S fJ2EDMCJ0F8G%[Fl4d)$D1MmX"YA4XJ'Q8HS#VbU1J!EbD2bJ'iG(2UUe4q5"RS8 HR!cVk2b!-mkMRJ'iY(TJ'mZMR3'p1MdS2DQMBUVC4X&cM+0HUZ9(1,@-SjYA6P( T!Uhe(0!0fe(SeGG8DkeVk*DUMlbLV9@@SPUU2Zk*DUMi&%Y94pa4,98IfU+Y9C+ LV9A689DUX++Y9CQLV9A889DUk5L@USrre%Y94rJSPUU2lY(+,AHSmm"Rq&(*JCS U2a3-r04b3$IMSj%"[rp()!0qLMm4DmP'8YAkMcUeFU0@YA+McLe2+08Y@bMM`Ul HM8J0[D11!Ek9'S@X94T`-rZSdbk#e'P!cqfM*!Ekp'N!EIdC!$IESa,9ZS`A2JS ,PAVk#j9kfJZ9I38&bVjUJFUmIiD"bVarIS(+[(he"FUpC319H2K8&bVk'JFUmIj D"bVaq(319H2`D"bVaq23A+[dp$N!0mqJV,@dS+beXD#XYGT39PVCd#be(r'J@@S rBS&PU2pp"@@YE3,,8I,S+bermS&PU2rfJ@@Srqk"CDMrP3,,8G#JV,@hS+bem5J V,A18&CDTD#XYI'S+beMU"CDMqR3,,8HlS&PU2G8'@@U"CDMrqd&CDk#J@@Srl+" CDMqY3,,8IeD"CDMr[S+bem@JV,9e39PV88&CDdY"@@[kD#XYGA3,,8IqG!XY4rV S&PU2r+JV,A8d#be(ra39PV@82dJCr[3,,NIlU"CFMreS&Pb2eD#XZGE3iDMmbf4 BXYNE9PXMjV,C(5XYNC!!CE)[f@b*l,C&`bf4+CE)kCPXM)XYNCePXMjl,C(a'@b ,TPXLhCE)cE,C&mbf4maPXM12GXLpCE)['@b01bf49-YN@$,C(1XYN9l,C'dCE)j aPXM8-YND4PXM--YNAE,C(9-YNId-YN8c,C%jPXMB-YND0PXL5bf4Q@@b+GPXLYC E)f,,C&+bf4TBe(lVQ@bXqbf9r@bf9mjPXVj6,C@9CE+h$,C@!bf9UieLIC504qk L0BRh2aV%qd%Da2ZdM@*pmD04qrTM8IVD04qVSe(lXSe(l64XMp'4q1XB4q2m4)r 3f8DMp-M)r(@!8IZNM)r'cX4q0V)Mp$CaNIMCf8IZVM)r4rYM)r4iNC(k2rU-Mp( qb-Mp(`Bf4qM8I[FM8I[EM)r4q9'SrEk-Mp(rqM8IZhM8I[`aU2hmBe(lkFC(k2r 1-Mp(qU-Mp(hmC(k2fSb2dIkBb2dIhSe(lH4XMp'SrH['4qMmQ04qlD-Mp(q#04q hXDMppq04qpL04qhFC(k2pFC(k2L4NISm1-Mp(r#-Mp(j%C(k2lNDMpfXDMpkdE) r4NISq('SrB8C(k2lXDMpp+04qlk04qrI'SrEU-Mp(rP'Sr@XDMp,M8IYI'Sr@ND Mpd8C(il'K(k'ZM)r3QaXMp(mNfVP(cimC(`l24(`h0L2N!$@aNI$DZ8I1TM)q4q P'4mMm@-Mj(cBb2NISaNI)rcaU2RfBe(cQ4U2R+@kY(k#hk)qm@r4(rJYqL2qjEp %I#@r4(be[d4rr9[d4rm-hk1`C[d@60qMk,0qMqTQr4mYQr4d,0qMFXhk-'04qkq -MmGbKNISb2ah1L2ahl#2d2rNC(ih*P(l@4NISr2M)r4q*'4qMq'-Mp(rY'4qMr* 'SrIBM8I[JM8IZ6'4qMmk04qlZ-Mp(qD0NISe(lmXDMprl'SrIf4NISrpib2aQD% IM,D)r'8!4q+*L2ac6&(lZU+Mplp&4qj&%MmBNLMp`+*(iVj+2hek,)r89(lrZLS rI@SNISrh852aR(%IM-d)r'@d4q-S!Mm86+2hFd9(lhU+MplY%Mm@2P(lZ+*(ijK LMp[k+Mpi0&NIU+Mpp@L4qMreSNIM2S)r'FF4q-c3MmCE4(ibJ&(l[D+Mp4SU2f0 4)r'-`SrIDSNIM%Q8I[Yd9(lak+Mp3SXMp4)r4qV48IY948IXp48I[S89(lV++Mp mLLYeM*d9ZXGR4@kaYU+MpUD+h@-P48I[Nd52aL6,GDkHLYeVEd9ZYI&SXMp4iEG K)"18!R*!6N!*lS#Hf!RVJ*alq)Y+HR2N!Ck$10VcQFEA&CaYH@cMDmTR'ej,R'e `eZfCbC3[,MI!02cQRSEE1@e$!`$G@PhY$!ZI"SB%U9-`TR$c4h6Sq(TIHS(JHSA R9Hh#S,i@pS6pY86DU9PN4,XKh1mm6HA[)(1e%[ih$hGhQ!XRbV(C3QB6bfCDHp3 iFUa1dZ'PI#E@2h*+,f5"&YK5YXe5[#hSR&j0UCA2S1iHpm,,INm[AHqiRQq3!1C `4)"Y23RQm*fhjHf,8fHAI+PpATKH-aTjXU9N@SeNqlbQpZHhZHir*rRV[G9VLKS hfYTlCcBrP,X69ah4jp-5Hq*Idj,2LXpBrJ-PYa'5fpqam1(2T3'qe2T!'laJNrX qX"26BqG)0jc%'iV%'mYMmr+Br2b@2ciE(jq-ir2a5h2`$UrmS#-0GBI5qp(J'kA [ZU!5ERmRjZjKP0lfG40VCAa%k9Ek0CdmVaH*KAFSh1V1akH(fIBXjA6`mAGC*cK &mqjqQb32b6XUFShBmBi8HfR5Cp3Z'eVHR&+Z'IYTe4FlZIc[$hHDKEEX)ZGQbE' PZMKGM`-Rb)36Fj6i,MI6kI&hPl62XB12KilLDH'bh2UAZ@qCl8fcYI`@r#cRU5p CTr9N8e[`%*!!)Ej"dq+hfkfpEE1Bh3cT0[`XcBfhiZEDcMHkq2VZNXqEDf'FjYV `F[,fR0YEAC3aCm,#$GpLUp#I"L5kcAhecXGEX'lREU$9[Z25$CCL$-0-Pi$66I" TeYrXpYX@GJ`0[aBdQlUNMN[DBdQhi'Vhl$k4`H5e2ZS-)c'Vjm9K#rKB4#HGHkR A9B'cfc*NI!1*E+DEqA0[6cHCf2`f!f,DkAjfrX,,4kI8DA4@A)e["`kh@5mIGf0 MR-DXQF2GBd+AjGR(LJG,QF1AGCfZK662)ceG#4-iRGGV`0eIb,IKCh[`Lm1`Vim @CY1ET,E*AFQA96DDdrPcHZPe&J98,#"a'H*SV+%A"pbfVir%Zi3pNUc9mIMh0R- iE"lae``C20Cc"e29D[8arP5S6paZ0D'Q&LCHZeNZUe(mi93FGreQr4GSUq2K5p6 B('4(q@hiAb*1Kbph89@PMiXk%1eH%3%8EIKCl*k(,cZakcIJP4RaD*b4cj(V!YU 8r#Zf82YG,Ham+(J5p6Bed,+C`e9ADB#"!Y,f80$B5K#TBD5fM9[`ZQj)(C!!8[5 6$Jj@ecQ0Q$dP98cpGK6fr#cHVeHrRa(RD`Sm0V'A@Yl2BkbdfV'-SmbCl9)[TKc ,A5fZN!#"fB(1GkN-X-I`IM%Sf`X-IEm+TdGYKA'rZpceQrX-HPUd9G$`",1B*jD TIQ+9c(YbP@#fKGFSpZ1aQP3HBcaah6A)A964S$Uh3jG1#YY,Ge,A"G*pJF&(0+5 &$bV+&M6,kldIF6M2V0FCSpMDlHlkhChZ`[[S-FTm"hj%j6i2REr4@9[mIJkE4Cc 'VKb'NX-H*em("J*9m'*[Cj`-iQq24PM!4p3'Z9LGZX%CUk$bZ9!r)b2P61(R8ZR NFE#!kMaE3(,1'8X+VJm88U&(hNTAFDcUGPVEflf1TkUjf1[E+e45M&kH9*1EDeS LMiTdq'AK`HUkLpK8ieFqKL*$$kALU&i2B*4Sm'%Zkk8#)@c2@GdkI0Em+-P#UmU NNQE+%VJec&8q"+T`0CGE(EDRBi'f8MHN[VdUmUVd+am5S+[AL+H48QZ$#edVCM* @H9DI43i-LfbphNf+0Q1$TV'RZE243Re!-@Xh*2Z,%SR"Y3-dY9TB5Ela6d+lk2h fTmNcZYRZ0MU0[YVcChVE[b-V22m5,0GB18kje*J@VAZ5bYI3`b5`N!#V)NBXiA$ C%+-,IKFj8[[)KbRe)JkV,PBk`Tbm8VEUcl,0e9R#6He[&Xl(U)8e[c3IUMlRC+' 8KPYcMTYAZDQE8lN[%0c9cC'jb&M6RNkCjZHieQPf,m)SUcbj+hA65lT8lX2Sl(1 FhLBZdj[$[G8"A$*QJ3QH4A`lhG9fpq9Y1Ea)5EE`)8dkSPdrh1Kk1C!!TTmR&hY h9blb&0KjGd8X+HXZUcC`d-[j[&rPcH*B9&KQaEZ&m6XeHY1*4QQ6i-r1,ZGCT0R HAJm5efmkGXEpk@#'8GZS,&I+3VI0#+`JYaX+`L(QHD!RqpEUHSl+%[Qm3"UcQm0 5R4XP1lXUlhQaffa+I&rYG0HZeIhqdH+jb4L[K9UEi$28Ii6jrG1[l0CF$MYEVqb IG1f-C9+ADI$Sl1(M!*qVRbZ9cI*YGTcI(Ra,&45!I98#1X$5kfa)QkF1VJ@,3ZR A0YR1E`Te-!hMAGBj-G`bCl-)-Y2EKqf`Pf%[45`5m-PiUd,@f*!!mDlb!1F0k(1 5$P5F`k4cI(Qh$p85-(5KaR%5H'del4,p6%5H*GhcL*4FhajHTV*KIY5mAC`V,ZQ BkVaRA5Eh@D1q6Shb4CQ!4f#V((fdmM2+A!jR8[8Q)*P*R%-8b+X-36T*YC!!PjF #0AFi6U(Er@G6VEcAfqhfQSRA'YZpLB2ERl(j63'CfNF(r5Q)e962)i'kPkNX2C5 Cj!Jf3XSA@NE'c$k0S4@h'KT[pIdcCXqTd8*Rkml6IjITc&2hHkZ45QQdX8E0H'B #Rec!`r@'P2aF,4@040G$,'aU0G-iD$UbRifkcYMP*U65k,dl%hF[8q2XSGKHC4A U8cpFcp*rP@&-r9@&5$06FAHh[F1+8UN((Mpe1FqTV0(Ikhk$N!!YB(!jKR-5JVf Ba[2eG6qkXp$1qKN1!qlT&+PF1ZSc@DBkKJSj29A`b$#kV4FXKl08fKJc%DUZ$mB a#UV%lLabl1Da)cY2h9RSBY&6Y3!I0P2)r8b3!!UX6YY#)3)CNjR$ZF*92VIK@2* jkmK&#Q!D4#R!DNK85XPjZ49Ki45Ri'Xd-(kSCMm6YRYB&)&`k$2cQlGNJ@N[VlE +lI606m$lPC@&)$imb(KUN4B9d2$%ir8f"K@Zffbf0aIQ(9-f&ib+hS62Djh+'%C k'*YNBC`UN!"$VK@2YZ8a[$@E*(ppbq1m2V0q$Q,EDbG#+jkcIm(ZmrPf#AHX%V1 AG&2+8UH4NV#$80$S)*cJ46EE,YbJ)XKAAAbl`l!RU!0SBr6XXh!11P+JKI-!4QH GKCq0e9p)XUAF46B3p,45H$hKPQBpQJJB-9Ka+lVF6DbaFMQQD2%hVJ9EBRe'+9N NT82Xk'[Mp-2ZeX'CpJEBL(V$i!Hea5!TlSHNr#hBhXP'hQ%KR(CMdFFak+TQ2!r J`SGbrC4KddY0CBD08b['dZd+)!1`EE@AF)lpJe9f0,Fp9`Vf2e,iqRNfS@G%#fb Ph4@#%1RCCKPE#fC"eh$-q,eJ@V@$PIRbHL`Z4523a0U3!%14(`fhd&aIl1pffXI ,pJ+-Xq-C3p,V0qmJeAm+fbmja3Urf3%SYQB9hDVqhEchE[+NbLrJ4AH@jLPC,&b 1[,Af@b9Y[*Z6!M)J49bXpJ3aHQ`)AFNbp+PDmZ,[0TlNq#TB0qUhEkc@AQcefef erVpSa')rG9k9PDq(1VBFqG[m6d+l@'H9RVZ[@E4Em+Np5`UQbf52fpBCT4HEAT2 j`U[b993a*[3XQ8QbZ$iM`Hi-rSF[E8phNc@UUVZ8K)eUUUhi&Y$9lqGh`09l%8q !46XfCU`L%,+bK9D51-3k82Qh0Y5cS4i%cp8ZQ@Gj+[*X)qaCHFHJfmikVXpMHlE 6hem1&6KZ8BfP3br-bAC3N56)-jfp1H1pj"eC$04Hr$h%#4GM&fF@NLpq,hd#-"Z q%NU*X)KdKM*9+cd1$Qp$Pl'R1De#,a"%+F4$`(Y%-K#ZKRSGG#mLlk'"$!%!kFU 5"j`IPQ1K1eHr%1`@1SjA"r'"Nrjfri1B2pHj@,pZlU@#fA"EVQN9[`UA3A#-VC! !Fa3YTMBR"rS",2UPK)lCL)CX9j`Jd92LG3CY%)XSh6ST*E#+TVl)9b2c2!K)XE+ +($[)9GhQUURK5AHB!D[ZqKRdQ,U5kH+C(1lcjfrQEh48r"d)[Rj8I3mXaf+T*K8 h1KJG!U-eH)3r+U[`2&ZY)KI`cX,EGDVKk0R@9)$CZ"J38Qm6J)I8F$V)4$"C+C) a1a+[%p6(+R*2@&9K-F4M0,1Nkr3jHEF5`-Q(5)ipR@-F&a-+kh9h9bGd"R,RCdQ `l'EQa3"c(@m14C`LQF2Rl2'cXpG861pDp+BTC#5lQA"5-0%l#E6dqUBU'Mf1Zfp fb'V)BFPC-b,XjV)q5N%*&25&8j0[`ZJmTP+L%2fUSG@kaY45`apKCB8-+&KCI4S r4SiRU$&FR&A9il"6P'#YpUAF'ijbVMI9RS9RS+[9LE9QZXah@*2@U-"hUSZ-*LT QF24R1X!USD&BQ!h*',Y3ehX6eecR'#f2)4Br%pP5C,,da2E'f&k9R$JrRPkb`PB Rc9-*#Ua26QeC$E&"$(Y%!ip%-[4CPr-XBI9ePTX1afqefh8lHrfYmb[K(b*m$Dj j'(Bh0Qc$Lm%k4$YHV5hPpVYEHI-[Y[Y65EFUcC3,Z9e2mXE%PqM,p%kr9R(c'!h ++I`lC))1%E9#k5[bphH9UNJl*pT)'5UGD6lF9KS0P((`plSS5kG3%8!Sb!@LLCU cG!&(CXf818e#$,mA2mj@*q&L6CSaP-bR8GI[fDA6MUY(ID@r[[S2Q!3lV-BRh8Q fLVi9+5$%d!N'6G01Z[VlD2KSZb3hAFbTRKC4R9BEVZ0-VRBl8eHAkD)cM'EJ9Md fXd9h+N"+M%ilZBeh5PNdppVpEHGC2f'YffaZEZpGjkc%%r2r)QJ9UbXC9+bQ*ka Je'%"Mqi"6ilU$I6@GFa!(P0U@3XC5H+BeFX,SM!6PII0Pc1[+DbTq,'DM9jYbF6 F)')H%e`#GS*PpVJqJ`Dl4Na5#[41HGKblMiQ$#1%S$1rH``'%pVJec4K`-%q6F+ a`Qk0NE'i"b[(ifFTE+6JB[`@jA"VLlfbM%ip%"X2JkX"Zr!CGaL5mTM'6TI@Q[f fcl0efR)GjMMah%61dTLEA1GNI)lN#2FM%qHT#NP#V4I&ic,d4$A+a2a@fA+e@GX E+4$KpNmV40[+-XESNI)bp-a@21Fee$9)+ehJY34cYrFRJhPPPl'Q*D2X5E1'kZj %hVf%(*i-h3Q9)b9i,PMRF(C@@AZledHlh@AHZCH)H"$$RC96p%S46S@K"rPq[44 -6VrQESG&6SFF$V&k-XNm4bCY)@h"f4ISC"p#PbK4Q-*afcZD1qkNkQCI'p6HE2A pNpDU5mNY3R4Bc1K8ZLPEE6'X9hXQDi"ZqB[iXE06UYler)3hfjK0VPcd&U3#k5r $qI86GTN(h%YGY$KjZGklcb$83mYmk!NkVI#bmP2QVGQS(0-4`Ea@DKB8YK5VBL- bVcfA6aD)A6NX1N-aVT&KJF%b0-6iMUjG*CifD6MTm1L0KK"3%IU4NcAdPc2)m2r p#U[DZak5&A`0P#Ae&RcH*0UfRh!)()3'`mQAUHSf5kKM)"F+I$-fC0KUDVCI2Q3 XLcAlpVe8[8k%FjGD@CqNjQ9,aGkYAMS,HbJFdE8bkELi992arLe%fqTY$6A@PQb G"6'F&TElM,Xa#iC&dQd"d,RHrY-r6`0hpbXVCKibTd[Um2B0k!5k$A&i%ZcV,V- DQac6T4KelR3Jq2,e24G@DC@Tr[1LGDk@E@(4-r85REbAU@5T6H"e6YN$TF,+69S 50k29pjmf8cadITE,%[`#QITrZ'bX-iJ3"!@9pSP`CS,-[Q[LrIYq&NF`)N5ZG-5 53m&hM#Z$!5bh(MpYZdBbi0YVjpr`ZLbPH@A&0eAG@036MA2J`UXRa66bhYYKDlh TG8ml+(EV1peQdf1demrY(Dk@AEfl05DlQKcj*YC$q"j&CS"jKYZ@2CE!b[U5pl" lb[09#A#TKSeQ[FAkki'P*&A8rHE`R8q!&Qf*2"QF1ZTZm`RJFdX#6M*CL@b9+mD (1($G#+Q(UDNHYKH-H[#G-QIUVkDkh[C`QP26LrAPfFrR-@9GQfaG(Ue[[GQIUcQ N--bQi'pVSAAE1R3pSU-056T#p@aXe0f49DbcDK54MD%f$JCVYSc6HQITi@p[I8c 92k4eI#rLQVfSf0MUj%cKjXr2"JC"a`cd(1*&T"MUCeP,#5XT"1@+qK[U8Cc(45H ,L%@V01QD)A1&pE%K9+l8@RY1ULk%2Iffk%CU6FU2dheh100U,Lq[h0rc'HX#Cbm FCS*CG+FX$5lTM9dK)e)Y@-cL''@FccX5%JCDVP8r@`ZmlG3,c6KbB3aeh@J-BE% 98K5+QB$3B3FaSe$KMh+XA#[-&+QCS*D5lUeS)6UJlC&*M@*Qp1AM6EXcJEUl3e) "VTc-BN6XfcSG&-blV@diV(SiBT+-9&QQ@,ZTe8cNdXCXQe*'M4L!Ch"qh4jMLlq i5bb$Sp@l01DHa8YYBf8S9"Z&GGcQUJi89V#LBeFR#,4X0XNq&'04B8'ij9-NqLb DddKjhT[,Tl)(2!jhH6c6-90iGj8*a6Eb!F&@2Aik-GpFi99K3KrmJ@fr(EJP(YN +ha9%LR%9#q%2!XVj"Ym3qZk4S@hd6GdDlbEc[8HjQQphBaB-Nmh82F6M$[[D[IY l`$Uq*C*c2)0G%[%eQ5CFJ8kmUmChX-Br9GedRa$6fUqqG`)Ke962U9ep-KhLpIc -2ThE`[ZVf2DD1qqJlNe-[3,,k-FFE1F0QP58VGCqCC2A3[13!%Hkp"DNVr&NFQ[ 1**jHXI6@@9GAQaf,lG@aG0)krKl2TYNXB,(m(A(58TZ"UFrKANQee-fQmI8hNM2 lf`aqLbA"el4KjeD[UkcUElDE5q[9cDVi@p[TqLU$F8U#QehEZTaAA&M6Q2KNZbX Q9U1RHke&59TXK$)'P"&(4QjDacDiCXlQc3q'U!KRGqbIJ'8"428&m@lTJ'jkG9, +B@UXKKHZ3e$UNc*Ukf!`SSbLb"NIIjHp(4d86QI8C#M1INHckAV1[e&[aHieQUY 1Te1Qe&[FA1SkPkpRcMJ-&q9qAT!!+4pHN!!H,p*&qUKIU[JAN!#TIq,G4h$LhC! !CmmPNU2j@LBqkd,5!8#+l@-dJQ8LQ(AT2R$&TYKH-cIJZCQe2YU2F(CYcYR4CL! IZHEZ6cRC0[Q'cF-j)ZLi1QVZYCdB0!Gcb3i%5A!LQ!Mj3%Bj`)A[Dq8cpI+N$U9 "ddXd-#NBBp#6%BV"'0CDdeV6V6dUr@@a0Ge+R+`BYc%CU$eq9cbRGH5-')k9LUd @5qbLf$1$3Y[YhdMFa0Zf,E#R*1%Yc8iB[&Y6AH9!bNF@4,iJKLq'R%dDIKbfJ1f dr9`MbkqlKcTrI-f0lYh2U%B`&2P-f6*&9kQa1ad#Uc8f*f49QTC0REPQq4kE2Ja #4jckq$9Y$l-M%NF*GU#GPCQ"EPq&9q5FT&PEbfD8'lkm[VT''b6L@I(+R2e%jA" dLkB`%IPXMXq51eXDIqNlEdMF#48`N9qpT&+KP*!!Ae8+i"V'hiAlr1$#jYq&ap' "&YEm,rVh!),hMh*!%(6!TTJ%ChV0qP3(DF3k0%*$2A3ch$0faNiUP0XCmF99aIY KPSHA$P4&qKl1fEJC'#4LNb'0EIE-2ElkeSQpmcRXNr'(CaI'K#6$&m'2'[UZI*9 pPcMG[UHl'Tfr8IT&6ep8rD+RVfEX9&-dYHJLPjkhmZHlSlC&A2T@*-Zc9MA$)m- A"JJP`Km!BIl--0F[&K$fCp-M+UmaTNBBRR)HbI)Ca6H(mj!!Ck$lBD"b+5eb2$S 2YY`cKce1a"YmcFSlSYf9A"rcVGBD+Rp'E%m%%lZAPq,[-e$dQ5*5qVPdZ(Q1Xhq Km@4,d'A!kQ`maEG9GP@jL$@SJfRCU"2cU-1bF#3Im2R1bCM$H60bFr(X3)Uq65R C`IphF54h$+UHZYq&6qJ1SV2(fQ0AAH@EhhZ2l`B5J5VAIrBrIljKY,qJ-qYpDMk lFRE4hbU1,"ieYlX(V$L9ipB@A@kDhdDr$6%bilM(hHUVVV3jZ%R[G5HIkQqdH`i d,#$8cpI!hYrN'rPT+lUrb(&h@Hcq2r$jeRRqe#!jjdcpA!hM"cXrP@BD8r&e)%5 E'QiSJ3&8ck``$T3l'rH9UU2XV%ZADZKqhlR3jbC4p`bX1iE9qMe6DYPKAdIFRaP d&rMADbA9&l&#,B&lP9BQeVG1leI+E*VEbAA@@f)B)([mA"N@CJJI!Eb4eUQGFcM CR@3qdGEll9(f@G#c`lE`D2XkVb*&SC+rNG$%B,ACblfMl-ZikA"M2pC%i12bQ+` "V2!CLC&SpQGP$03a,6q8-e@!K@I02DXBdMcrGLl3plJk4!`Qh[F%dGQ)S"N#HMM qSi),rBKH[8`lMIPDBHJaeP9`I(&Q`hFbcSB23jd6Jjhlk(,-idUKAdKaS9&[`0@ UBha@C(%S#T*XIBI"kd"Zri*K!0r2#S#khiAV9R3`@PN)**Pe8hSCq19)E(ELhi8 AQ%c9-,0lQ(PhD4LjV&(dQc*I-e[CE&QriQ(Hk0(HDmcL3[(R&XCARDAH3!Ejeh9 -iZ+B"ZFR9A6q0#,S&liXP0Y35[@$&Z`BN!$J`[*4AcTE[Ni@IY9(#"&"K0*F*T0 VA`b6Z6e,eLFYEmAYpCT00Tp6e9bh&$Fa&)@ZPC`HECZqX689K)KkM)c9Kf&ZZi1 lXX[9D5%4ilMk5HRBRPddN!#61-0aDjf*YE%biSF0ZA&h"9FZYEfHaY,cBZDb$b3 LedUa%UGRVJZkM4G*#mi2jTZUH[ZSFbM'c$0%!5D2BD'&YT6NJK0kHA9AFNIarSc 'UcMepaUBSBmE$blerJL%2e0%-2,ciRQEXTm1T[,lD[AJrHP@9KkYXfmd6mhPhH8 VG1*Bb"8FcS4CQ`)RHS"'5*P**@D)B%bdP6,F(N[%NqTV06XErDE1pChDe1)Gfc) j4ICkfcp4rjGddcD8-YLAT5%bXkSa+,*JXU"f8R9("b$!l+!GN`1X@"f6!l*!GjE !l*!!(C!!R-qF("rVB*C!%T3K9``1P60T&a1$rfARAJ%A-jMBLVkF$!ariHSXmDX "E`H"Y-C"N[$eqjLGq!&(NF(jqT-3UjdTQ38PplB-'3S3%kFje'#Fm62kRIhKiqP 8#LlX[aP8U+B'*013!'aMdVCkAJ4@0K85m#4q'A85pCpEKq&M3KYSA#0T$$EX#8, 1Bf@-4k5jM4F0AkNkTRdM#$3PdeMq$C'%pmGh(#X,,4h1UZH$maflmX,,5DLhe2" qCeQrG%Z$F@@A-SJIXjH2,A-dK$l*@ZH,X,DFhdN`(m2JYX+ihml*p4TFDZH&6,P (96DK[d`[2'!5TRe58b(KkYU4CJ3,eZ$dYEeS%Hh`HQ2PaY1ElVJ4b(!MNZ"(+33 c#Hq3!*02q&D5LaUdeD-jM9V8Xi2b@2LbbVM+"8l0U4+lV9!UlPU!9fS%C-QJ'bZ kY09Ge#CklN6iL@ES5D6bU,0QlYh2hZdelXfFMd)(rD(XL6J*2RUP!XkTj5Li,Pd PDl1lYGEX1U[lpHXYjFiUPXp-iX01cN-CSL(j'F%e!T+iX'9mM$fF$+Ch6@qSZL- AJfaelXm4Ie+Y4F2heqXGI[39CSFieRmUdAeJDKfrFcVY9XpMp"U*Z)NmeZPbd*& T#4D`2qSFe+Zri-h1jHAPq"D(ZL5DF21j*pb,$D4IjHl$+)QHDcMcd,06l8p8lcq ZGAfQakl)$HQPm[@4d@p062jFG0+VVLfTE[3'-Gf"aID%6Jb81,`,V#EYr6T&cT( lb$9&jSDE[E1ENPd)'$e5Kl3f8LclfcYY,H5&I2(kcE&k56+[MP(T"UfbK0U"2UP C"PYT#e"T#e"T,b4C'VKSUEJkpQ(4NMePFp1UI&dXkQmBk-"IJBrJpDcrI[CI(E6 &rZcEibSk%pILhBLU8CJLZI,dZ0Z`&M12BYhk[5J@iV,-A+5*IAF4+keprIAPjUY EHEIBQTfh`G3Ci1RQ3a3h,IK"FEjh)F,"RfJBr+V$3lE*UE,439l4`IR)8RbQG3S N+cfEK+@GTh@$$R0&&`H[@+-LK$`+Fk#L-Zr5$-PQb$,ia&d%Jh"kpRXJCNpGdqP dZMi30elQHH6++4"["FhNdbThmQmQ@@D&!TD[3SJS`CUKRZSU92Fb6!$U1'jlM1U H[F9T)5PimMrTQG$$kck8MADfrC*dhU2,jJBQiHV@RpEcj88CKPhGSZ9"j9+Z,5k kQddr8kI6GATp4U,KjbRCcC3a)9$RlBG9UG4Tp'qa)jqKP91@*K8@ej!![2kMqE( 8BlI@DEDk1dI2dm@0YPL5!Yb9)kUQCBfPV"d[XV2NRIBcppN,'bT)q(T9pi)Slk6 SE,%qfAm&2Pc&FT[*X31qjT2#p9IGjQ0ibB6ZGCUEr@cl6XpEXlc@kjE1UQ!&F@) -jpFUTB-bdRMR"GdIcCY1EM!*4"k("lFb1ZL)P'UJXaT[6JVVfLjHk-b%ZXfZaG[ K(G2#ddpcUA[6`YDkk+VdRl@T02DQlekdm0eM3TFrK1DELdr$6FNrCCTZ8cQQj6[ ddh1iFdh(D$TI@f[i"E,F",B"0*B(JdLr$IaiYTGeqVhjP5'+94[6%JXGAU$Cbc" aF@i#@`#D5hiA!V&PM+Ve5AXcF3UE'bSr&i2l,IEmrSpEYYE,fCJVE2@hQch'YAF )PcL8EBl$SRHaaEILSEBXNEa1bkR8D2UM)3PiNYMXTr@ErJpfbY&hpMPmA@6TTTM DkXfP$ZM6%UXjeCjF$SrI1`VmrK+Na-h#I#ZXjZD#l[Pj!TGa,cP$EH`[-Y*QF1[ JHElR+kcp(pG[hD',N6EaJ%[H+jPLIpKapejEUlI@DcUCpjYpUlKT*E)Q,CGpHpV 9EF(lM&UQ2ZY@I5[6Dj+CG"SqkS8b9"UR@fpZj&[hD4LpicLKB6AaI6f'f[VrDkc @D6XbS0B&56K8QmeHSYpZIU"A3b!(DR9kLabmcKSXE$E)jmfL'HD#hr&&a,E#EjN )[+PNQ8[`5r!LY[&T-RGjZrLiJ%6Xa,`+6*eA!qCFDAjNl+)--kb6GeD#M$HNfe` BY%*Q%[d!SB&f5q8G2e2+adUI6br4qEj8H0BqLK)HGfYC[VEH6U[jaKY81eX$dqF jd1Vhj)T*Ra9Z&EH$"HcJ`HTIiU(DJGNQ"f5!lH&qaM6iNM`XeBkR&MR+'$Lh&h9 @&NGEPC4PPUprDIbSB0B%&CXi54[',edJ@8-0df!k3B(c`1TU(D[BG8d0jEEblcG F,&0,hb`b6GN69paEGh1j!,Eak&Xfk,*`9Eq+KZAqA"28PQ*#AGkQIJIFk(T*P$l 4QM-cCSGU5%1%4hQ*HjKfG,@8mZ,LBac-V2KX"V@cif&Qca"82YG6rjXSG9b0P#I 5jKNX&bHqUpiTk)[3R`8NKqK(P0r3MHkbje,c*U1UFHAcKM3-65V4&ffa`%2[@4K 3lV6Hh$Z*Y6EGfFlE8fr!qGh#&2#m[Bqm6GBGfEm&$$k)[k)9GYq+M[&[i81kV,L hqY0Ue&CXr89VFEpj[rA1TkTL4bl#%QX+6eK)c%2*mLADjL+CDq6`jPRa1(jeT-Y E@emhL5kM-CHhfi553X+Bd1KPa2S3XR`3QHe6(9[l'4Sb4B"Yd%'@YYfK$r$H)3d rU`Q[KGRi*-VDeRCETi@YR-XlZ6KH4RS6,@aT%%9NK#NfXc$"a+K@aAm-$RI1lAc F,MEV&qPXC2!qPFaI0mZ2N!!M'@YpZR(AH3PfGVDC#90Nb[EK&mhpNI-YC9[Ypj2 cZ[fZf@"%`NbapI,22%[@3P5Z(+LkhpXI+V+LAMZk`VU,)ES,YIRCl5kXeN[VCR& p6'R`Yr05j6M3mPhd*1R"5hmef[NYm!H9h-kSY2j4i4-*h)m,Z6kJ'`90NqY[,RH ciZ([,[i*G2qqBSD-jXQBeCBUGVaEhDl1leQ`R(YeV0CN-[BjHfLZj2i0*0NIGdP I[K1Vk&9@Ac-N)QdPI'YNi5V!DQZj2If8f9Kf8fUD(IIXTXM[V+T1VVPl-Tj1G9k XeNV,bpC1NiF*XM[iD(#Yr0HK+)%SRd*9!*9$k%UN%UPp#@3",))5,pVc*HS*[+Z '3k8[HSC-b--U!R2fZ*!!bf(#X+5fGa)C6jGQ9Y'l0e6Em9TX'&4$+BF319+(06[ lILr0mLE)Z2)HN@U)5`Q2'B)49G&mf'B*9-f)eAfd3SdLE)`k4)dKkXa)9e[f&Be )NV'+EFQ+r+YE)9DU4SDX%Y+p2PBGHrXF(VkBRM$M$U,DcRC*Tpe+1[HK89KpjX2 R"$-QiJ&@f4!3$c"!$fH-G%e!-F&"1j@DcVpqr[*Xaf'@`mHf5ariiT+BYH*1'4- a8(f2Qbe98-SiN!"N(k+8dJ`dqDV8LK+Bb44p%9A$+-+-fa#+r$dBA5N6A!61`Dl l*6C(hmNp`XTTp4hdfE*Re(hjVj-&hf1#M()5qjVLQe*V0mUF&CK#(DKLDHAB8qF *IScYh'QpjFq'A+QNIfG#YHUUXI"MpC1fPPcMjHPKNUq[MmTjYQEfBCa@Ue'RCLm EcjD3!'qd)C94rP!DSMlbeVim0L,Eaa&VcjHXI+6fpQD2UY2e5k(&VrrK*d@"8iT jl0[DrJqGU,Am$R)-A5("S5m[Up4f9Fcb`4GNIij4amh+SQX-r8q)r"4f06SM,+Y 4$*Y4DMX1PiG6LPlKJ92LBI4r1e%q&MRkR&GpXPK+i0(8kM4D`[T%3CTZ0!)aCA@ TZIMV05i1'UH9Vm5APlZXPfFZiXFTR9bUC2`l2AC#I#kY,ZQPC6cH(0q#9+ZE08h TDI*aEE!NGcf9CBf81"ph5([LXSIEr"T2aq9GbLY*V,(,f'1`q!PN&@&J"k+XQ6D DNb12N43!k9keRG@GVUeKYCdm"4fA2"kE"MSRJ`VS4`aehDfeG#S[CB+4PRj*9Bp -Yh!$-I@GMQ!-N3N6FYDl0KP)#`X,!Y*"DQ!LN!$N2-CkUcm*%9KHe-V2a@&cCj' cK6X3bVU-r#6MkblTXLN8U+V!d8FMZGFd1adV2b1KY1C(r6RE+%R&PpEq`a2,6TV 5&6ECq4pEXXTN-r&c4`I1e84U&9)[(Tj(C30p,TX#4+1CKJ8R`E64LG9BI@9VGQ$ KM&1l!UGA$++Pe1c(5l+'HKNqqTjf9k,C3kk&Md@$e9cTZVKPTm328h6E+'6K9N1 0a,da8`e'KmEh1fYr0fdLAV0&)X+MmAmGY#hjNI*8U5`IV@li2[$c$kD@(2@'$*+ TT,Kc$Bk!kSK*lCJGh+$T8+J%31`N(C3NCB(Ak$TFQ6K-$YJJl05A$M9)1cXQ6[Q "da"dfPb65V3)1i80efXP"fE3G`aiV"cS8(H8k15N(F9d1N@'2ASZA28VCM!UKpc 5IQmUldPEV&58Y#q'RdjS'e(&+5fVKh[$V04Keq*3[iC"G%"JeGbTHSkRi*99kdb E)c[UUB"8N!$eI)0!cLY3CGBKKP8HcMV[+(AJU1bK$LEBRAKMTh3lDNmR2il56FQ c+dZ!1VSD14RiBf1dQl"MTm#TkjA5eaSqUdQLNF($PjFeRVDU`)imGFhG9SXrMVR JpjEB&60ZmRVB4F@fXlZSkAKiiqBN-9Sir*j9k,(m([1PaSl0K0p5ZXjHR`qM3S1 XURMV'ZUP(D3*4[SQ8TLRkjJGf-N--dD#'9lh'KRE6Q4GhB6)C$4B-G#'8YE#(2b bHbSh8*2'Y-le%Sr8+9)KXSAKVGlL(F(8+i825Kkm,''M2fkPS%1B"M4qCMY'f9) 9,MZk,&'GBjr(D1GQ,ma9,q,@`KljALbB+A+GK1U,DdZepR2XPie0$MY6&m`6&Z` 0Eea5ZVkrI6HceYa,Z$(5VS8i*@1K`TZ`)Y98-`!dU%X"XP$,%FXS9rT-fceYC,Z +LZK63TE[25lM$ddf[eXTk%JF`lDEPZP9dKPF1P0$)bMQ)YiT+49(J1UJ1cUPmIk JjTr9bN(N)*m#8Dc,T!a*$&fb'(mA$b4qY'6%-XlIEr1e'LXZ2$Jm+APjaIr4fFh -9PRVI,Q@QGKeQSPkE$k1`q*`IlHPpA(A)'CUaLQ@QYm05'@qhTkqi[pRHlD@X`U `Xa4Udc$TNViehd13!2LC!c$Th+q[j8[(A9QSY3M[UCRa`MP&G`93``THAVm*CXa *ilQcH8c0QmfrJATReZbU5#R1h8*`pM,fL[dXaPl@l-+MeMqPULaX[r2@Z03IA,! NHK@D`SFbYCV,AjZ4Z)4@YRSF+XY6$qiArDSLGaGUKQ,Y9[H3!%C0Z,j,U(-JV*' 3!&5X2R,IQIppr#&,bSXr$(1Cc93XjU[VaT4QV#RRf,IJT*m[dIeVQ@6FV2jhKlc id*q1aFPH5CrbCXLIBqENTG2GEhfqjYYjVj0Y[Ehe$[&1FJ@mefc[GPXF"[Bq1SJ cTfC9GU$S,f(p"B+)@4dE#U+P@6X*GK,d8YRqEILLi8V0`TC*a+LDC#lkF#ZGZkS "UQld2p-,[36DjRmI9jHPBqrb0K%m3"RX`lX0ZKQf0UGJ3Pb0S*[L`if&@lU9NPX 3&fed-[#D1(QUTCHRklI5kKRH1B[(EDcApQhRR4ieK6XaHXB"+)V9YSF[9DArceQ EEf32S44QF2pqqcTlr*RNGVK5iM(BCT2Eblf1fRl0[bq1hNEbLlI3Z93PLT!!GS5 U%rkrYkXUZ0[E!r-!b#Z&4h&VRJ81XK!r&4ZdXYjULh6deQZeZ`Z&U6ZlV@PrPb[ Jc3LfjK9EZ"0pVkB9L%2!Re',ZpI)h&4,TG9KAq0a-,045k@k`Xh$eqjQb,RHqYh -lQ"&[GT8bkIf,1fr(#%l*@&+[lNK[#X"9(UZV4#0JKkZ0d*"%Y`)c2!K$+H"#6m DmK5`2KT+b4hFZZ22Bd+kbGP'5X4&HUSeq@F$,1%GfI6#CY19S"dR[6cND2S&Tp@ fACc`HEcDDfm[,lA[AF8jeece8U5JZ'm[+fdj4c'+ALlllR3ed`hC'ZZp[+H0$V[ MB*MV4(le3Kk%ZQDjDl0`6PAlC4Q&AMT"YSCVNf4,TUk'UlDA6DV#b%RZSEQ,q(r raZf[T&G66i[iiL5D`(Y5kHXU"jABeN*CR#CU,dX+A5Z*eNTm@,[@3'f9G6DVYYc %8q[*YQL@U5JCRZ#-&0USAmAlq#N3$lI6FK,UZ,Zkl#VV-@lV#8653TEVHh[Z'i4 K9P0l&TAE@9""%Y`)c2!0BP1F2TP,UQA0'E+(dpBb5VjQafMcp3'lqe35I15eBCY AGX5d&J-h-S3lj+0@kIqhbKkQ4HRk)+Dr6T((kC9`-6p+YL&F33V3#&GKZBG#KVH UXp1b@6mD(cHH`BBk%5iR&mSTYPcee#6chC%9+93XY"J#kVJZlPqEbpKN+hZ(4ES ZhK#E9efT9Z$mhRDli+hZklYhRd#lDGIl&F'QRrR5'2P,1[BE)%TIde$iQdVmaM[ #NHY8l'YBkb6+p'kh@BLp[kPefUmhb",VYGKbC#,1GQb%2E$Q+fK[0TXGTVjrD,V ),URIc-d#SBL@4fQJX*($aSSX`GFE#lA-9(V91`NbZ(GET"&M`qXG4lKbq'J4)pQ -[)Y')p`fCIaJV05$Dl&R!dXVbSYXT1aPUaA@qPHM1aJJ0PrAke%$VPRXBHPBV*L 12VIXPe&eK0(,cBhVP4*D`'(PqXhqKm@4,Gh52UkbkY0CSpMHE(EE&blB,h*R'%B *Q0,m@49+AbZ0ED@AXKfMQAK(EEECl6BQ9P5j(a)X+&)hYkkEqA,k'E9+pCLeHVh rSBd-RqIqA,bZapjjm(pCVlcBkfpfib,BRr(U'*6r+,[R2&(8C[18I*d1FSm3eAc ehhmRL@Gh9Q!2+R`k-jQj5,r#`DP&'qMD+AkpPq3feRj0TGe(bX''`K+QjTPrIJ6 U4KCNMm1ra4HjEB5`[pT8I+-!F*+Ej4S'L%H!E81TDLRh1Kk-8+GR@Ka5rf'[+`V 3b6$Ae#X+b6QpcpJA'48RKSN'ZkJb96QFcDB#*-$A94"a3D&QUZM3i6YRFE`#a+c faf%6fV!E43KN1NdP(bHSdY(L'"Rj,DbZqeNip9ZZfjjFAVmhe*YZBfHZ11Ef,C, $80qN5ACjlNkCl!8p#(Ak[IQ$@mN1p+f`YA[l`35I)k5cSq5iD9!D94l9b%VCA#A SF4AB69qPdlcialbGVlbqfVI@ZmZrpbA9-lTp+S%G#)TdJLNK-%chNqJNdZcEImm JeqC3Dp0bYIe`iE91+)'%iPFVM%GQfV*M$r$AMP*aJSZP&farai5b`,LJ9VM+pB1 5f1mM(e()LlGTlbG12-lXQiL*qlI4,jbipC%VKYFm3bAl'+rYI$`Tdaa&+SX!r8* %T0b9mC@pAa*)-FibYc6ff%D1V1Dl&9hmIKMRQ23-*0$NcKP+leR%FbEL18`MQIk $5aaXhjEf10lJ9ker&iE)'(#DiMd1q*M*Bm3mbX2X6c`NXTfC$bE3#T'fNH*ZTeB b36,9JZ(KUQC+2)691&'M+LK)*E3ZkPN"XB[i33C)jT'#@UZZlYZlfQ3ICd3R4JE YjG6%Yie`km"f9KkG%[!I+lD2hfilFkmfV+8lj"+Y)G9iVRHp[dI9US!a#0'l5FG R-&`KAESPdUZ!+0EGhH59U4eQ5m2#[Qd`2GeHrYYlI9PJIbZpda[@aGkT-,ZTHT* Rdf@qeQ!kUEhmfA&%b$MdT(Ki9hA[98,Y5D*iKfZF,2jZPRDVrlFJ5j5Cc&BjZJ2 0Hj0mjGm-FmZEkR09f%rkFTP&6BHA(rSAqfeqb1Q-q6b%R99hSIAP3A34e6clZph H5+lH[,SMID`G"YHd[@mh9AkPKP+idI9cG4!XPEE[AfpYff[YRp3mi9%DaN2'8Ba 9-Z6@8UjV+q3EdbPkphRQ9X+CCeViqk[JcR!efjK00'G9cENp3FU8Y&&69Bfb98D ihph6A1pmEHkiZhVaZ8rpVaYl1TTFN!!VZM*45FEJ$0jR#43q1GBcrKqiFZJXP,T Z,ZlV#D69NRZM46QpF8KT*SXihHp[IFEac8PPdaPIdpI!Q3@LMMaAYap[Zr9*DRl 2`5l0IT4f'VhrfLpd&-T[9&mQrI*VZ6(afhN(d,rClCm[NQrlL)jVK+NNRGHLT4X T,TlqT&HqTIf2&LbQ%i(EJ`)0ALjLlpDjlLfb9hQ$+eeXfUZFP2h#ejlA)cF`c9a 5$IYYP**kmd`'R`5R5,A)bmHpeX0Tf@ff1d-5Ya8)1CF+p'2-pQ@Xm'UVE1`cR-p 4L#I8QE6QHX`+l8#[2D&DEqA-pBGpP*XR+Bd0DP-ZrJZFNb*f@Pip6r'YLh"3ffd RhZY-djkTJ,Xdedc9pa-fR,ceK9+@JTkGLbZ0R1AT(Q"*,@b@CcEeK06eDUHVV5R 1NA86pELlfpU#5VVH"ZTZ5RfMJGmN$UB#,(JET-mMlGlDq$jP3c3XU'(ACR`cPR( S8mkE85a$P0XT[QcGCY8e2k-AH6[A59GlfphX[9m'23XdRDjpljlkkclbqH,la"5 TDF[a$2AkGY1Dr)@6XSVf5`+U5Q8iZp-3D5bRYN#3!%Te(C5IBfUAhI2h$0#Yk[f QIah8h*Nck%#,Dem'2VJ%e9VHakPq&b1mDCCeh@GEKAGGmdqZ[@B9f9@$T'kQj#k Ea3+e3&DUEqS#Y@"@VQq-"AA!9edh`jqD(A9ZV25@[+cR0P(M4k5mUY(i-HNG1(C *TZRRf)@9!-GH$(AXP+dNhSDb[MdR'h8Z,f2TmE#ifmRf2GB@FY)p)rD9a)"Hddr j4cqrfXp'YILbVZ6Z)j[A1P3TdUGNh91c9FXfPa2ZRh%*Z9V+9pNU1Q5rdP(Q%Q9 bdF-Z,6hH9!E,AG0mirmqENrPR%$(FMN,NFJ5f03SU*FR16)q`-r2el@8"4(SG9E J*E1hY'3P60e-mM0aAF+EFb9Tlp9GRIIkcGAF*2*B)BklK5qpmhGAIAX$XH"fmZY eGp1!N!#,%305)3K*r8'N[qN#UAQ!Kd)#9R@S1l-'+J#XY0K5k5I8LHEkENjp3`) UhAr6j5%,EGl551Qkqf(#AdTp-91Qp#q`JL5m-G)3,C!!H6Tq`aGi6@E-CM1fhJa cVbV(II!RI%!Jq$$8hG5#R+3T0U`3eGfT)ZBK!`L0AiHmZkLrRJ-h"J3jM&iK6@R mZE9bdZ'%5NGa@c*q2rhiHFkZ1eQjJTU6L'Qq9EDAHaiA2@*mTRJTZ%V#8bGji,@ [!lF%1a%ikkle8qq&SV"f'3"VXER#aGhI@ZD3!&EZES%*D2#c8,VGcDm2ZaZkkA6 -U0DZlbE!M+AFRjZ&1b!V%YMM"DZEQ%&@fl[+DA5k2#,ckPi!G*U*X*2J!a)h&06 H#(P5f85dpZ2i1Tpk1pV23V23cTrUl-VE"!6!V+@jh@fb2LEUqTN&'qLcm4im"kf arC,X,VUfcAiPL[B+P8jYFa5(U@6QjTpTC1EQh+3hF!4Dcp0Lj%kQrNclGJ4ieYN 6TfmqZjL5F@Yci-GV,Y*@&EEZG6-NXUe*i`@XjAM3Vmje8G[0P2BTrGGH$(ELP@p p*YXM1pN[XX#khYj)dHpFVKGUUk!5DiI&VT6YGLrVi6[894MV0piA[4klBmB3,![ T-rT"5-im,TrA-l#r9!YXAJYT4a8f&*U95X6MTaY(mf[X"9&KC&peei)Ced30R@N GaM1C*rMK(0(k5%Pd5jI[qTKB&-VlKmA#XNhAEFCb3TiZ8q6LpYIHK@hXGUh%iiU Q5Y6%mK)mTraT'k66'NX+9raNV*pf5d,lXPC[dC+Mll@5Sqi56GKE5QDiKrmUG8- eJFE#Ra@fl[DK-XIrkUXK5ZZ5PG2KaGeIh(Ki9j6EM)6B8,p-)&Qp[UBJidUNcl% kkr2[N!#)lF2T-3b6EEZqIH%eI5QqA%#'!aQ(qd)[21Db8ADNSdRF8dfQ*[T'iLI q9-Vr)q(Zlic1(q+PPG5TD&,"1V'[kViH,[GA[lkQVUHE)ZZf,#hEAY34XkDC(Gm LI3a4G,fQi3$AP4QT*GN3a[XCU6pN%*X+2BG"T"E+Yfq1k$C4aap`R!5mIFi5JJC SR#G(Ud[V&Hf$Q*68kmdGXSC3q`mNbYL[jGEZmpiTa@Xh"I$bjlG(bIaY$4#b(54 aq(ZpSjSJ,Z(aaQ0`APb4DEDSXI@"0fb`*MjehXIE(p3k'E,C&Ti)5N&(pKfCcr$ 'QNCY6N,3H9HB$,C`-YLUCf#AiIaEFE#&kYq+U(,A[HhiZp*F[8iZqkr#VSGiA83 N4XVAH9!M96XPiTLrALJjT1"f`XPYA!8`8TN+#p53!&Y#`Xf8h-2[3aid*Fq@1J1 ej20`bhiA)lfihj*)a!VlM6HRBBC98lL8MX+a`ib(!AV2$M*VR(0(%*-3,VlMIZ9 (Z)r9-,'IBZ*JHPm,UpLB@c*#Z-9%)3lKrhPKAMc,#rRlk[5(r[,#cljPKHq[4(+ IqPDrRhE&DCImAMj)9VKefZIa)8`FGN+rRFXN+ecq*#RhPkrRQ(e,e$rfTCUa9MH P*X,kIIQJmGlM+4GiF'ai1*PmFNeK$+k+bKMq$reElFpTfqL`i462DqMbY0c)Zr* &j0dh5VcYEmcqhcL4[*(dBABKU*QfU#3dqC&IFDKDr,4#`j`%[,8QCe6I9bp'hfq &MYCSl68fQQYp0U5lS0j55H'USQHeP)GQG0I)C6-4,I1R9'YXkb&h@6C('Y*&V$N 6UE@f1B,jRfEEph%VSXKk&efdlQAAdTh[cIfkIeBC34D9YlhAhfdRhqafZeeRd,k r[$Xf%QZ8l'e2'a6AHH!DPZjB$5EZTe[XeX0EkhNG6ElH9P2hi5"'K&[YcimCGp" fLD&B9-FJ1X[l`A!NQAL)&dUYX[9KP,ZUl'YU-+&2qrI5XT0b`)CMXDY"L"'#P4Q )Df%HfmLeiZ&qlKrZqYGGV1j8hb4&+Zrf*alDhEE&eF0Y#@FVPCV,ZZcZ1*!!5NZ kM)F5k`KdQ8V)H[p1lTUcLA@kRFb4C`T*XM)F4Rq&FA#UHZkUje&VeQNdR9A)aG0 8GXEB`bH5K#Nr'[p'N31JEAj@GXlcBbfqa+A1eZc[0[Il(R*9U`@eprX44E#qRl' pHKZ$4TGpCpa6EhYjXlhXRL#GIT0EYGY,kUpeprfNrEE1q[3,ZpRHl'AfI5er6G, ,PjhTCHMf1[Pr+XHFkQqRpTIl1lf@fPef[k1Ad[b[P@-[5hqYf(D5qYeYrX+qA,Y ,bmPh+)0V,ZGMYGMIpRXGKAbYKTVhEE'r[GEH1VjVGGIAqfPjc15qT[VqrfmrE5p VXE[DE%rJhChX[5(RRdqc&1XjF1NIbF[40HhffPPT6EGT+e0TYPDHfd[EAdYHLbA VEfAIE$B5jkXrl'r5)2e)YZ)meJGK,[VqAVh&4e`+GN'FLYMMjRR`Lb-8+6iXJHY 5C'eK)T0efHV(cbUH12iF(@kh@iriQFKdKq-9MdZGkE2I)kIj1Iq9D@[8k2UY*P( JMVGGVpKXCdVN5*&MJ@1Vq-d`de[T)@pTEeeMBf24bU9JTMUAiPeVHcf-[BAf[fl *%pEYCFV)e(@AZffHf[0MX)9'hG#UA5ikTUU[)8R18Xr@hHaPp$6I-[Vh@kqqKcN 1FJk'5EVClMB`Lq9+jf4dYM#4dZG!62!*RiA@krSV[k0CGEE@lECkr@G6IATk9Y[ VpYIAjk1AS,Z'bGE@$ri9@G*&G6*H1MMSBS#H,ZT"*&3mD(ape8E$BpRS0H(YpHE '$i'2BC)Tp*GI1ZL516)b%M+b+b4QXM)c[8kLh3R)ND"AJ-8LNcZJb-Lf#M8JY5b ,Q4edMA51a12q,T[XK"cY*pRGGVcS0bSij&6)U8#1K$l"h25+R([DHj9LaAZh[,b '139YGYX0RHbZHUA!bqfqfJk'E'r[j8-,rA#pEGA-LQ`[li5*-P!J#C@%MR3)jeA @FAJl5Ip!Zd-GKaBM[qP0h3l#bd330"QGV%qc89cS9h5j8l-I1hl"$3GB"%q'L1l 2$hh"5eRaK*8YhdhVDGeZ[ejIAZl6TSa,qGQpkPB2p0lM-'QFk6Qd2bNT8q-ah9r J@0Em+4IVl4-mYHKXDq&AFfHI`QrHTFbXjF-$B-rZJ,Z8)PhPHChpVU3ZAQ[NcUE S`B-%)l1,&Bj$2HJVdYllIYXG6'mCZ3hq6,M[#TF#I'@*l1B5*((Ib%S6R(IQcQC R-2V0N!!epD[KDkQf-c'lb4AiN!#jh+rY5Pd$$jp5&EYceJ06+NU$qBT6mTY)BFD ja0Y`pTYEcj($e-jTCMN@5I2B@G2dHN2EDCDj+dkV%T+`r#U5I[X-+DA6(J[@jr` fplIGZH!C[M0T-S+a9'hfeA-Nm9b61BJ%)FCU[3p0aAQCN!$$aQfLjd9hR5`P625 QC*+BcdbYi'qlI5U(Pe%8h-[(Z5$-Fe5Bc"EC6ifG9Pb!d,bYXeZKXN1dlLLDX86 Ukc6cj-[d9AXFr1q*q8qPAH6YETm6UNlaL513!&XT`frRhZpRIDrE&J*XKMH"'ff P$l%k521c&MR+(f*R$h@0$*61(A`ZYlEIAfNQANCSU(!q[iq%q5@8QJR`C*Ck!59 m[D81mPj(f0p@3pMIFAGDEN9%,E8RJ[i6fl)dXkkcBCGqN!$NC2KK0U,E8hH82T! !j*L'8lSjj[$m,bpKklp466Y@cLq0#%A!(CCbKhK9)j5P12&bf@c+*1T"Q%LF9jP iica""0-P6E5,J82XG*-%F539A!herNPX@eZ%crf(+T(e0BC'fQe&`BI,ekpHS`8 G6-#)4a6b5-,T,1KhPYq+KKR%2T!!3l$Pl+'@2U$hNqb`f52DELQU#1LIX`#Kikl UdpZ&F1Hmik3D+YT4ldpLIQ-kJ1dSrK!cL1"Rj3-r+Z)NqeI-FqeFN8,Z9j!!f2# (,Gbll#IUkcChZc6JpYVGF4bGZS$KeH0GQiA@m25,8U(A0mc9lpHLqmpm4$!Zc5e KDkIhSF0XmhEk`X5E(6DMUX$CXi99a)lNlKF+Q5GdFlc04*2UkYU8#,!#13CpKk@ f!f)`'lPJ0i$!E[Q!hNX"[`X"[%ka!hhf"RGX"[U!0F!*Uf"hfJ'Z@"Af3'di#B) C6`)X3%X`%bcJ3Kc*!*+&+k+lRcEhFj+Ef1jUjXlFjDEVYcm5Ef'jTT[A!TUYcPj YcZC8fhh-LEEER(6G*ZC-feh0,0d1jUTZJ#6T`NcS%9qjbXh0ER*cDhFmj0V0cd% hS3XbZjjkEN`Fb!J&AZHKQe)18`%50cNMf(ZFBIdpCY0E2e&d9qAC-Y#4QApUR)+ 4BQe-cpDPkSReCAmqZR'peQh$5qF0M"'LEjpHApKQ&dh0'H[K1p9QPr1Z2ZmP,k[ $k+[Kiqm0MAUjG0KbjH2QfFZQqjd*f0mEV0rSI&N5lE@-qHZD#kV,bCP5)TBGAKj HZd[Sqp(M9ZNrh!DE)YFYqEbpGc(f[#YrV0CGhppp$5'HIUAe-`P'P#M94$ll5T( 8I++4hfLQppSU$9+VjAFSTiC4#46``2#m[AHjAf9QDN4d,Dmr0ZQX-HUMe[`'hl& i9(SrE4GiAPkre&JE#h-$YG6,L,Ppa,4p$KVhMdmhSE+R[**6-U*'pr3@i,A562e #*+9lH+q5Bi*Nl@qeMeB9FP#TekhDSjDDKpUT@jKQk8iHC4l*DUINfIqqX&,`ERH qY[*mA$hPhkjH0@BA@HPj"k4YT3lNf2Dk%LXTH*K6ULI5+p@QQrV$l2KIZ)[4(@p b+&2ci`RG*16MZjPdZN`[)f8*%fjB,8XlTd,GZ#8q4LlZG+F4D8a&2IQjY#&YFAH BBFA&K5Q$CR6DGb6$k*,j$l,R`69[92kimIYXKaYGRGQMXpBcP282iGP9XGNUjeX p1Upeee4H``Fb0'+BpZbTZhZ!@bE1Xb+a4lq`TCHRYbqXFq#r(Dm$GhqYfCMB'80 MXe&b)FipmXXT[bCZj0YNMY"TRXQcpUbR!V!Q`KGbVV#ZmS!R6Z$ff1Z@GF@'m@) `rE,%d1AGbaJLccT%"#ffhSU3!(3jM#a$&UkD-plZPCi&ejqDI#mC6C22Qhp6@6Y VT,4lQ1h%cfZG6LQIH(F3G5LaCIfGBIh1c[Ld3%jJ-CSfrrY@YI(hl2acqrIdR%2 @ceqrZkJpCG8!NVS-'%8IhTY@"%J#+B#+52ldZbK#9!HY6(#IKcDEjBL8H(2P!PN 1XhiMRe*m-ZRIF63jHE+I3Pq(3jFFKA*!U83+U*9U@%l+2SNm2FmA0+9liQThp9T BrpM&5l9'%56,Xhd9F,2jHGVRm*aThi6K)*8##6Xk5lBp5l""Z!FpbfeNlSFjJkR UYAUBp`q`j&)e*QhD'5,S+-b5EbKfRS!4jJlE$Mi`$Gp(jc%XmDrKPiJdV$05hQT hphd0MC!!ZPl(ajf5IGd%3LfG5S5%j3TTUAjT)e")IYd1AZhfNkm28lqfdYfBm9M 6jU(e'3)q9T5kiU,EGhFPD@ai`B3mHI9rFV1MQ3U*f6IBqh&8*T!!KhT@LU*GadS Zd*!!d-XI'K%P-PT60P+b-c#ZE1C`rZG#ELG4@I0-@#TD8@f*#TRC9"Q(mGqU1%3 'Q9CXi9,U$%9R8`SR1UB'G%6H3TZXhqLViqqRaD+&r!S`r&&PG6[hDIdZPCrD2)M ecDjdlDkKQSUqFmkedV81ZVLfZ,hVZXhl3l4&fB+PaL6kQC)pS,'b(-DQl'dHL*a 5,#ZK6238HQq,1Y$M*%UF2,kPKKKr(FUr5*q1HDQ4%,Dp5h8eGcdQ+TR,b&8X14i TLdBM`JbK925d1A+ChSRrZk844I%A'qXFl""(Qq!H%'5P`HNZT@*FbH45!A1aeTd P(a,*p31@c$iPNq3mP-*!+K)K2k!mNEr+VHYSFZrqUBRGGDh@AHZIJbqdF[STd1b PUG5&0Hj6Li9Me&46@r0!l+`qqAH2KJ*`SH@cT4+rBp-a"T8Z9Ge*IS)%UCY9Ja6 FKJdNfV`C%fTHLMa*p)I2ZV4F8K*-k6Dk@E@[MN0%V#%SBCH1PmGiINQI[(03p2K ,`R`d3T-f6$,)&,kbD0A0`)jBZ*eS'LPB&@Ga)$q*T98H)%ZTS(e5Ub9fqdQ@6H@ 4P*PTQkhVQQ-T-(c"UQE52b99+[iQ6pGpECFk"P@mkhKL25h3jjA+1Q0819a#dFl SkI80#Cm`8&`%08EAhcbPN6f1[`N%E-+l0PDD5469kaj8XeR)4[$Ki[bQqJXLaq( !FCq(!AFTkF!,8HqFV'-+[6IBU%k9Ec'Qh$K"lEmN%6##aF)15r*")B32%`8Q%)B ESK9(jSP6XkL&fma8Ze6U,'b+i9aI`cX+SrqFVM0P3q)YQBP1r&&llPTKSaMTYX` fPF1k1C4Cck6Kh',D12%jbEA[A2Lam[XRHI%M$SJ1,c*S98,X[0b$XT!!Ga3YVfM phjEAY(aq64EHJXlGQ1c',cB+kfCfGM(1GJBN#I,UaKFId1lG9AG-0e9TZ+l#AD` )!,VP&,jm3*VI'pY*qCFA8YRcGNfmZhk+hV,Iii(CUhPJl8'IMcBXP9fQZ1jM,ZT HQPkLAe[l'G`r1)IrVYqL!I(a59TEdP[XIS3YccQXLVU$&C4**T@ZZkd'9[P3ZLa FcI6Y0Um3U6MlKEfYeXGYYjl"DQZ,mm)Ef3bIQlFX`r05j6,HXDQh9E$ClD6ePlX ,k(A1TG5G5GpV9L@,bY3kNJ"F&`[B`*+"5GMVEp,[NKdDFkNAdPmcmVj09#eKS)Y A&h&[,dHM%1P3TejXri`i%+%12*NDMUd(e%*N1HLU0pPEVCl5HFI1Q[CqhfeKU0[ YJ(PpEXa5rS)Rcm-T$5aI0hfDHFF("Y*k-HT2BIYcJEcBGkq[12,2r+cM12G'pa# m1ePbGpNV@r[YZM8mV2DAfhPklY+q[Vd3l5(E3hKemDQXZ1ZkkdPh@Re+N!#UA&K RiH9&d@qPh0pGT'lRElADjZATpD+IHL8hqYPeX[jKb&l*&[H#ZIKKjfqb9e2f1[f CjM06XYEHpPY4,(%PP`l`TkH9[UDZZY0U1Yk-JE93VSC+(f)T0[d5NFKS$Q`-@rl "G"qbl)j8`XS@82Che6e5k8PI,l!k`V*-kJ2kl$N"V#(2XC,SBZ1#`m0jjIi3jk1 1,cBT8Al`CadT$h24Fk#QALicSP6aI+KMqKqF5*l6ERSY[pZHK1pPr)kA1pAX9jl V`mqprQ&,6Xcd",emI-f1d[VrY*DZEbpQR5Ad[DVdqG"EVddAUPQPl4T)5f*%%l6 RhpKlBAdXQGjcUGEHVe5Y$UYl$KUmdi(l(!eqa28$dfGcCk#jH[f@Y[pEVeaS5rS E2EE+@bNNrG3K#'$f5F3P[Z($G60CGrY(ZJH+Da"96ECq5-kqfpkTBUNU-b2C24b !N!#'HkEjQh[0YXp))jXEr1@Rd0EIPd#rQQ[,HS(CEDl-Tc&526G5bU45i@NZHUd M!N&UHdZ,M6S0Ajj9-Ud04+X+l#"1L!4#&UJ4`B3T%9eic9!Mip2pDNj&AjYAJjE TFlPXrcRN9HLMMSf0*j&0RqFXD[SHPUl,,q4&bMe"mH"QlEVYDerq4k12N!"-MMC F"%M5"(3K#J#2D25kSRXXiHG&YVHXC6fed+41Bd%2M3dm0I*T2RE(DUp1e3)E)%* &[I)IULT9R)[Lll,-V5$hEflf1ePklBcMFQCqRQc[E[4)Te82mSE+,R*0-2feqa9 JPpR[p4&"5S8R5epMBm%ZiqQPhDr4Uc[GMYMq&+m"1F)2R,"I5pMIkdqDE2M[,fX r@km`@Kfd2m2a'rS!NM34IbrCNXHS"CD48`UqTe'MkSV2ELIZ0`Ib4$d[Q@YTFJ4 l2c1UYqX(5HrDDHje-*%9CSp0UG1"'Nkh6@k[NZakQh"#+,XlV8h*JaaGcGDEVZU "$l,B)4H(DfqMdi%H1b"m)[fXK"#,cqcA[dK&kbH6A+GJ9h,3N!#`[U@4#PVSGVP N&dN1FVSEl+),N`b0G$qlLS,TBFq"IZS,TSI(VSIF`%&dm-eA3rr-0m+11A$a,CA M&[,MMN`m4IaSk'6@"R4-$1jB'9L$2bFi`-q1`-qFkB5iINqHkB5iIPrXH'(jrFH b6G2C*pjl*1Bk5CL(jIi2!cmb[V@'!'G!m3MmfI3BUiX)H,Yi[jIV0UST93i8f,q APC4SCi[dR(4JArJm#rq(JAl,+YM$LpCc+2QDhChY2GDR4p6Tp0DdS%DE88peD@r 9!G6rd@Rb0-H,ZQde[UHUYp95h9TSqUe3!!$qFHEP!!(V9(*KFfJJ5'9XF'9b)'p `C@jc)'&c)'*TCb"K)'CTE'8JBA-JDA3JBf&Z)'pZ)(4SC5"MGA*bC@jd)(C[E(9 YC5`JGh*TG'PZCb"K)(0dFQ9KE5"[CL"`Ff9eC'mYFQ&ZC'pY)'*jG'9c)'&c)'P d)'G[CA-Z)&GSC@iJDA3JBf&Z*h3JCAKdC@jN)(4SC5"QD@aP)'&ZH5"QGA*dD'9 b)'Pd)'0XEh0PFb"KEQ3JC'9XCA4PFb"dD'8JCQPXC5i0Ch*KC(P!EQ9dBfpY,Q0 [E5!JF'XJGQPK)(0PFRCPFL"[FL"bCA&eCA0d,K"8FQ&cD#")C@a`CA)J-5i`!3! !!!K"8&"-2cmr2k@m"0@Rf*l6!3$kq@KP!!)!!,hR!!!!!!!!G)d!!!!!8"X!!!: From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Fri, 26 Mar 93 03:39:41 PST To: John Gilmore Subject: Re: REMAIL: cypherpunks strategy In-Reply-To: <9303260911.AA15667@toad.com> Message-ID: <9303261213.aa24686@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > Thousands of users are not enough. If individual users are doing it, > they are too subject to pressure from their system managers. We don't > have software capable of rerouting among a thousand remailers, 100 of which > get their accounts canceled daily, 100 new ones added each day. We > aren't likely to get it soon, either. Agree 100%. > To permanently restore at least last month's level of service, we need > a couple of dedicated, firewalled, buttressed sites. You want a few > geographically separated people who own their own systems (or who own > or run the company that owns them), who have solid network links > (possibly redundant), and who are fully committed to the idea -- as > committed as funet.fi to persist past the vilification and harassment > and threats. Uh... I'm not so sure FUNET (the Finnish University NETwork) would agree with you ;-) But the truly overwhelming response in support of anon.penet.fi (I still get flooded by notes of sympathy and support) on the net seems actually to make a difference, as does effort of prominent personalities (especially Peter Honeyman) to contact the Finnish autorithies. After talking to them today, I might actually risk putting up the service again. But I feel that to ensure that this is the last time the net.demigods try to close down a server like this we should do our best to address their concerns. This way, everybody saves face, and we might get a lot of brownie points. So what I would like to suggest is that I announce that anon.penet.fi mark II goes on the air - let's say April 15th, with slightly changed policies and with all the technical improvements we've been discussing. And meanwhile I set up an adress for receiving sugestions on improvements (both technical and political), and encourage newsgroups to do polls on allowing or disallowing anonymity in that particular group. But before doing anything, I really would like to get comments, views and ideas from all of you! > And those people need backup from the rest of us -- legal help if they > need or want it, money to pay the networking bill if things get tight, > loans of backup equipment during failures under load, system > administration when folks try to break in and trash their machines, > software creation and maintenance, advocacy, policy work, advice, Couldn't agree more. If I go for anon.penet.fi Mk. II, I really want to replace the current mess of shell and awk scripts with something more efficient (linear search of a 0.5 meg database isn't very speedy...), and I really would like to have code to check that the incoming SMTP message actually comes from and existing site, and so on - so there is a lot of coding to be done that I really could use some help on! > a bunch of shoulders to cry on and warm words of encouragement. Yes! I don't know how to express how important the support has been! You really have to be a stubborn, crazy bastard to do anything like this, but the hate mail still wears you down if you don't get a kind word of encouragement every now and then. I really have to thank all of you for your support! > Three to five people providing such setups, in collaboration, would > wedge a steel-toed boot so firmly in the door that it couldn't be > slammed by any dyspeptic "net god". Well, looking at the way the discussion is going all over the net, I think we might be almost there already! Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Fri, 26 Mar 93 09:00:00 PST To: John Gilmore Subject: Re: there ain't no usenet "backbone" In-Reply-To: <9303260851.AA15506@toad.com> Message-ID: <9303261218.aa24726@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > There is a single site `backbone' now -- uunet -- which has a stated > policy of passing all traffic. (Why not? They get paid by the minute.) > It's still important for the thousands of UUCP sites, especially those > that are in the boonies, far from local Internet nodes. You have to remember that there are still not too many redundant connections between US and Europe, Australia and Japan. To some extent we ase still dependent on singular connection points (uunet/AlterNet/CIX etc.). Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Wayner Date: Fri, 26 Mar 93 11:11:04 PST To: cypherpunks@toad.com Subject: Anonymous Corollary... Message-ID: <199303261908.AA26423@access.digex.com> MIME-Version: 1.0 Content-Type: text/plain The debate about the advantages of anonymity reminds me of the debate over Hillary's Health Care Committee which is a nameless group of individuals who have all signed a secrecy pledge. Many are not part of the government and can't be held accountable or even fired. The Wall Street Journal was able to get the list of the people involved and published it along with a reminiscence of the good old days when studying who was in power in the Kremlin involved watching the cars to see who was coming and going and meeting in the baths at the same time. There never was any dependable list of who was in power at the Kremlin back then. Now, in response to the WSJ's coup de fax, the Clintonians say that they'll release the list as soon as it has been prepared. The point: the government has a relentless desire to document and assign accountability for everything. It's bred in their bones. Even the President can avoid it. -Peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "L. Detweiler" Date: Fri, 26 Mar 93 13:12:13 PST To: Eric Hughes Subject: Re: Many Important Items in the News In-Reply-To: <9303260756.AA24450@soda.berkeley.edu> Message-ID: <9303262110.AA06813@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain >All the more reason to allow the backbone admins the power to not pass >anonymous articles. It won't work, they'll feel like they're in >control, and everyone wins. wait, are you advocating news admins allowed to filter anonymous mail from downstream/upstream feeds? I don't get this. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Round Waffle Date: Fri, 26 Mar 93 11:36:17 PST To: cypherpunks@toad.com Subject: PGP: Elm patch question Message-ID: <9303261934.AA29696@titan.ucs.umass.edu> MIME-Version: 1.0 Content-Type: text I heard some discussion on here a while back regarding problems getting the Elm Perl scripts included in 2.2 to work correctly. I too have had this problem, and have very limited knowledge of Perl. Did anyone ever get something working smoothly? I've munged around with the script in every way I feel safe doing, and somewhere along the lines, it's still choking. +- eggo@titan.ucs.umass.edu --><-- Eat Some Paste -+ +- Yorn desh born, der ritt de gitt der gue, -+ +- Orn desh, dee born desh, de umn bork! bork! bork! -+ +----------------- The Durex Blender Corporation -----------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Fri, 26 Mar 93 14:49:02 PST To: cypherpunks@toad.com Subject: Re: How secure is an anonomous mail-server In-Reply-To: <9303262144.AA07992@walrus.chp.atmel.com> Message-ID: <9303262247.AA18162@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Peter Baumbach writes: > Suppose somone wanted to compromise an anonomous mail-server. Couldn't it > be possible without the owner of the mail-server knowing? The attack might > consist of monitoring all traffic to and from that address. Unless the > server waits a long and random time to forward the incoming mail, couldn't > a mapping be made of real-name/possible-anon-names? If a users uses the > same anonomous name for long enough (2 times?) couldn't the attacker be > very confident of the mapping? If the attacker uses the server themselves > creatively, wouldn't the task be even easier? > > This seems like a simple cipher easily broken. > > I am new to this, so I appologize if this is a dumb question. Yes, this is basically the "traffic analysis" problem. This is discussed (briefly) in the "Glossary" located in the Cypherpunks archives at soda.berkeley.edu (in the /pub/cypherpunks directory). Existing remailers are not secure against either traffic analysis or record-keeping by the operators. Nor are they secure against textual analysis (a lesser problem). Adding encryption helps against operator record-keeping. Accumulating enough messages (e.g., 10) so that following a message through 10 remailers is problematic is another approach, though nobody is now doing this. (And even with lots of accumulated messages and lots of remailers, statistical evidence can be accumulated. For example, if everytime "Deadbeat" posts to some group there was a packet leaving my machine some hours before.....) David Chaum's 1981 CACM paper/letter described "mixes," which some on this list are pursuing. His even more advanced "DC-Nets" (also covered in the Glossary and in _many_ postings on this list) are information-theoretically secure. We may see them deployed soon, in at least an experimental form. Not a dumb question, just one that's come up several times. (Someday we may even have a Cypherpunk FAQ.) -Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mccoy@ccwf.cc.utexas.edu (Jim McCoy) Date: Fri, 26 Mar 93 13:20:12 PST To: tytso@Athena.MIT.EDU (Theodore Ts'o) Subject: Re: Anonymity, accountability, and control In-Reply-To: <9303262102.AA04094@SOS> Message-ID: <9303262118.AA09185@tramp.cc.utexas.edu> MIME-Version: 1.0 Content-Type: text > I believe that UUNET has applied for and received common carrier > status [...] > > I'd love to hear more about this --- my understanding was that > "common carrier" status only had a specific meaning for telephone > companies, and also meant as a side effect that they had to regulated by > the FCC. I was not aware that "common carrier" status had any meaning > in the computer networking arena, since no regulatory agency would have > the right to receive applications and grant common carrier status, > unless a law were specifically passed by Congress or perhaps some action > resulting from a Federal court decision. I am fairly certain that the people doing Skynet (Usenet news over satelite) are common carriers (or at least that is what Len Rose told me, I could be wrong...) For an example that predates computer communication by some time but might be a worthwhile example anyway, take a look at Western Union's telegraph business. What is/was thier status regarding the messages they sent? jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Theodore Ts'o Date: Fri, 26 Mar 93 12:53:13 PST To: Peter Wayner Subject: Re: Anonymous Corollary... In-Reply-To: <199303261908.AA26423@access.digex.com> Message-ID: <9303262051.AA04090@SOS> MIME-Version: 1.0 Content-Type: text/plain Date: Fri, 26 Mar 1993 14:08:05 -0500 From: Peter Wayner The point: the government has a relentless desire to document and assign accountability for everything. It's bred in their bones. Even the President can avoid it. There is an interesting quote reportedly made by Stephen Wolfe, head of the NSF, when someone was amazed about the incredible inefficiency of some of the government purchasing procedures ---- ``The people don't want efficient goverment; they want an accountable government --- and there's a difference.'' Given the distrust voiced by many people when Dr. Demming's proposal was brought forth, anonymity is probably a bad thing when it comes to goverment officials performing official actions in the line of duty. Given how petty, vicious, and evil (tm) government bureaucrats are(*), it's probably a good thing that they have to be held strictly accountable for everything they do, and for all of that to be documented. Would you like to give all sorts of powers to the likes of Ollie North, and then give them license to work anonymously? Now, this line of reasoning only applies to government officials --- what standards should apply to private citizens are of course completely different. In the case of Hillary's Health Care Committee, it isn't clear whether or not the names listed were merely private citizens giving "testimony" or "evidence" to feed into the process as input, or whether they're people who are making policy decisions. If they're people making policy decisions, even if they are not officially governmente employees, the Wall Street Journal's decision to publish their names is emminently justifiable. The last thing a democracy needs is a secret cabal making all the decisions in a back room. - Ted (*) or at least how evil(tm) it is widely believed them to be.... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Chael Hall) Date: Fri, 26 Mar 93 12:50:46 PST To: cypherpunks@toad.com Subject: REMAIL: send-mail.c (alpha version) In-Reply-To: <9303261530.AA19663@toad.com> Message-ID: <9303262052.AA15182@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain >I would like to build a remailer too, and I wanted to try and >understand how Hal's remailer works first. Also, do you know if >there is code available for any other remailers in shell script >or C? > >Thanks a lot, >Avi Rubin > > ----------- > >Chael Hall wrote a remailer in C. He should be willing to share his >code. Ask on the list. > >Eric The code that is included here was not intended for release yet. There are several bugs and oversights. I have been going through a complete redesign of Send-Mail (SM), but haven't coded any of it yet. What is here is the old source patched to do most of what I want it to do. You can see that there is support for a file processor and indeed PGP works okay with it, but I don't *like* the way they work together, so I do not recommend using the processor feature. In the redesigned version, the remailer operator can setup as many file processors as he/she wants. A file can be processes several times before it gets sent. Most of the important stuff that would differ can be set in the .send-mailrc file (which should be in the user's home directory, it can be linked to another place) or is defined at the beginning. Let me know what you think; I am open to suggestions. Chael Hall begin 600 send-mail.tar.Z M'YV0<\JX(=.B39@T;%X 6,BPH<.'$"-*G$BQ8D48-&#<@ %C(<<8-T)ZY AC MQHV1)%-R! "CQ@R7,5RZG,$R1LP9-@" J&&QI\^?0(-"!$&4:$< ;M[<05-& M3AFA#\_4*3.'#M2K#$'$T-D1!-:O8,.*'5LQX,""!Q,V";.FC!F$3\G*!1N# MHXV5+&& %)F7HTF4*E_2;"DXIHP;+FO&>"F#Z]S'D"&:#$FY &/.FC<&!(-BD<5,&Q!LX=-*\<3,'A)DWJV_@&G'!]&/?& M@D *)" :16XX![P/3A%'_N-P489S>EPH!QM&&<&"&$46 <=H^'6F@H%[A<@ M6@2^\=^- [+APA@*@";DD$06:219/*;U@E-AD-%&&2Z0\<881V)6%PQW'?41 M98#]U5=*,.8I49P@9/%& M'2#<@=!]<,CQAAAAB)$?"&B$84=K=$PX1J-NG %I=W"$P1T(D0+(QI1AW(?" M:B"X<)L<=X0A!QDIL#B0 IT&V",(H[I1:I((R3%&"BX0Y2>@8S1GVVKH<5=& MBNJ!4,<-:L:R\*8K+;W5@J"" :U)<)XMG*71FUDI.'4 M&)'*D8<+"B0!HZ#VC<8D'9>VAFYK(O3GPL$@2"$0N9=JRNF$(5^((QL'-X=> M'G^>X!2+]O%7!AV]@I#$BC0#VNBCKJY7Z*$CME&;=7%,5=5TNQP50HT2893&^-EG$?$M?OI^?]^.>O__YXXIJ0_S_BWU6NE*61[.4D7_*2 M2EJBIHX0!B8UD($-9+ 5O8!$!C2QDP"%-)G*6&:#0*E35T!(PLXD9S4BJ@,9 M6L.#JC3L#2Y @P].Z(84KM!<$,L#'* D0QK:D(71FL,+8O.D&,XP.2O\5FO$ M4(8SK(8I32*<"'2@ RZX@61\RB((7J "$ BAB:MQ0[-8)3& M9M6&*&U\HQ)7]A;YD2$& W-*TZA"AQ8XI4?-:D&D=""";O'QE*CDHQ^A@#6# M2 P$GTR+%(]WL$JR 3U9C.0(DAA'2J;!DC(8&!Y:T)S9B%)'6-RC'Z5'FH&H M:CVQA$MN1$#+85F23[KD)70N9,:F8%($5DQF*K?815:FP97K<=D;S-"";J*1 M#FIT%C;=N$LX;G,@[@SF%*MXQ7$299EE:"89G@D"=;+3G0""YQB+DDU[MF8- M@WH.R%K0@C2<(2E.H6@X5=E%*B@21F$P \=RH[#:2'0\M;$H1MO&4'IJLS6Z M&I@+_*T%2$'6Z6ASB 'D5.<-(]UI:S1UWDFQ])1JA8[EGC"$(DR!5\>RF%(C0A"$E@ E$BO-^L^C$,$&-1;-8AQJJI"L!:8]PX^=$(UJD*;L889#J(%01V")73V.C&/1!W M-(V2PY7C--#S;B$&=^G"#HI\7")H*@Q0EC*1R1S).*7QQS!J\I"WS%#6+'+, M9"Z*'YGPG96!P,XPZC*:H\R&J;@F-TZH0MT4VX<=A"C+=":*@$E URAW*8PVSRU3"!A=?#BMTCV<2@AH#2P=*8UO1WNSB%.K#:U8,\ MM:6TVF8M1DI=98"UF(OLQR H=<.QFIZN(34A*N]G0&Y @:K., ;Q3-L.[MGC MN_@T[3$X>H^34E5:57!M1RO RG$R0HJ+$.D=ARH-59,UF8^,KRAC+5$\162/ MRFH'$ @ZU6QVKM7B.18&^" &X(N&^"Y7+8,!C[A+AJAWJI"N'44 MSO"^OO+A\FVW"CB.YSP?UZ,+;_@K/Y;F>RMJS7OL-5'>#.2%T6'.,5<<0HN3 MZ+I17)E=Y'-5!HE0B8)O0JLI*VE#'G.GF&%9K>&YHIGP\YL&W>:#!*O[R'OA M9*.F4SMV8\SE?"PX5-V??D1YQPG:Y,"]X5TZ1K#8V4CVA+'6?#60!X- M_PVPOCN,6,UK<=\U5GQ&2(_V+G:Z7.LDK%OY#7Q4RIQ/2CM#]I^T?1=W=.\> MMQXLUTSGM1IC9#YD$&),=WYSH']P 6RT=VGLQWW_EW(!*&#E58!B)##78WY9 ME"E]U0:U%WIV-('M!P)(0")G%#BJ@C(C51O;47:MPD?W%R='HV&-@QM,Y$1N MT'^653EL &/,EE"J B,WZ#YCE'\>R"='F(-.,1 ^F$I^-#5"Z&=*!@<8-B5( M:&H-*&+MUH2BAE3:)X')]T_EM%!5912($ETU5( MM3[MTSC&58-%<5=L(&QXYW^5@X9^Q1TJ$R S1GZ9MX3OTF[%Y 9YD#W+ @+% M@5VU4X9FB()I<$.3YEXG4!O ]@-9Y8>2=G,PA@;6%V#%45]4<%^,5VRH."GA M1SCAPXB"MT=G\ ;:HXEVR'SFM1J&!H9C]#&D&'.PQR?NY(M6YS/@@P8+DU"# M4CB$U87N=(P0QR=IP(PGR 2\B(4$:"CW86_P]G+C9(J5HRH!D8)1) =\QAHH MD *:N$KJ.& TBP\572]1'U:!(;Y5QO%L6 -]F"QV$524'ELZ(:78BAU< ;@ M!X:X@8UA]X49YCX,-P>V4APPP(Q^! .62(1R0 ?B@4G% 8;B$4S%(27QA8XY MEAO%46(GEF*#R%$@$ 0Q5C6P="RR) <2Z4_W5QZ=V&X'Z0:LI(5.&(_MAJG8A#>8RO.=F6'-P?[ M%VR81A3%<0)< ,G@)7*IQM4\T[QE%BL=7^?6&EKN4=M^99Q>66KB'T/J'UK M^9=P^6U%@7YFI7A]^9%NF9A7!I%RL(.KL06'"0*1&9@V&)5A>"&8V05%@9B< M6124Z9BB"9F J9A$(8=BJ%2AR2>DR9JDUB.QF46S>66KUFH066_ M9IBIJ46YV6XF!W1_M#,)%4_^EES+Y62EF(QI- 9PD 7_HID7 )6WV:0=;D 9=$)L]T)8M< +[J45^1#\#P5-S M 'D&!H."HV$KA![)(@(M( *M@HX)>DH+FD9IQ*!GX* 0*AXB$ 8H"@(A('5U MDVU9%8F3^"< B:.8Z 2TJ6TK8I[P]*+7]J"D1S WFJ,@T'-,P*/^U)(?&0(P MB6),4*0*>J1(&FKP!*,RVJ1F\*0Z.J4@8 (F0"OSR0,#JB MH!4I0*5\M*+C ME)]IP*6G1)[8.9ARD);6UJ!,NIY:16"IZ*=2A1VFDIXNJBJ!D_6B9VGB3*!&J.#BJK] MZ)G_F*B;502R2A2-JD6[FIQVJ*'%-V"J@9-I>8[)&">/VAJ1*@?I(FW#BI:% M^22M,J%L0J>IJBOE>9: .J!C2JA%T:N^^H,_\V< !HT",P<[- :-]4MD(!YS M0%5WP"CR@X4+2!3+VJS:&JUE,*T:N:DXVI+66A15.5YB&IKK*9QE]Y&WL4/1 MIBLT*@J9T6JI%80:6XF0H\'OA<8]VM$XE MVWGA&:HQ(!XZ2?FD;-:K)SNK=$<:J.FYP !8*:HJRTX6,0,QVV82@I0FB&YK1[1+DB MF)F;F:L]12M3R[)56[96)+=KVK:LFYAHJY\]"[*G)+I;H+@"@0*BVRHKH!6B MF9M:A;NZ&VV]&[QT2[ABUK,@$KDFYT=)<%$R\GS/J#*JTAK#1[0'>JQ=2BM4 M>YAM.0)ZFTJVRT??B[RE&[FXVY?"BTK@:J2T\J4O:K(T"HBDU"I0*J6MP@=\ M$+GR&Z;T.S!--5V8JK]J>ZVK:I[2EQ92TX)M8+A[E*RA12M6JJ;.ZV:2*@>" MVWH/JY/21$SLTTXJV!3W:[7Z6[N16W=86!Q?"F?>(60Z-".M8A#V,27F*7HJ M2W-Q9G-#-J>F&RJ6IY![ ."UL A",&HM* Z-\(NZ;$7 M+&GLLW,O?'-E=\1$D:R16[ZII,(HJ8?NY,5\0K,\A0)D+,1$G+]3=\!91<8? MV<9#_%%H#,0\7'8RX,8?5<=[O'!H_+Z\VK,2O* A4,&<6F0N"L L2Z.,:0<@ M3!#N5,)PO*,HK%4J_)$M7',PO$,[-L/78\.WE\.8N\.?O*]0?$I+3,1GBL9\ MRL:!# ="W,0L^,1H+,593,66:,7&-<7M",A"UL61"\9:)<:H1,?% NS,W$K%6$G$7GS">'?*2- MK,$!+ ).!W66[,NHA,Q9M,DLK,/<',.A+'\U/ 8WG+)FT,FH?',Q[,,I/,O5 M#"/%$<\! '%5RG$4V_9TX?V52[-T_NBQJZR[FM=U90!7A9+C&/*OOLMU.\ ;O39OJK=TH M( +]Z3ZX(=Z&NZ#^V(!S\+$4.=_[70)S$$Y28]MB**V+>J^[&]E@Y :MPBXP MX-CYO=W]+95?Q(/4I> ,GH7^J8,5OM,2;KP.?B$77JT]N^'[W>%A" )%,! A MON!7U."M?=NL0IO@&M\?F-WT/1ME<-_8C> BL!;2=.,CKI[X+>3[;3)D79/' MUCA,GN,Y2=9@M9XC\%LK0@357077+9P+IRXHD']I*9ZEIQL;8S@\%2L1HS6X M2"I.^W#%L;"[B^;Z2J-W,-YQLJ!V3M,@4+XP+@)%( >&DAMCL#%)B(LAQ8L^VH=P!<>:,2-E%47G/L09GWH"V_N)0;NB(;AU,4FK.4NPL M)^DCGNPG ^&&C >:SNG'O=($1[%-\F>>%G_ ?E:YJ$6\3;*1#&SNBL,#/?"7 M3MPX ^V=;N]Y-P7G%9(YV22-WI0>P[D)56I.&_"^'<"E/-##':$;OR-P!C%IJWHQ04(_R&LPG MA8X+NHO:T\O&P>D]J\4LMJ@<_]L?C]6M(O+N2@>E]O,3"P(CZRKE2CA%GXS- M&R#OTG^%WY[53[+@A.79K]O/'/O1//MH7_MKKZIM M#U'V(5'B,=Q0*O>;K_JLO^O'_1+2>-%^(XL &OX<6)Y/8I MKMW[\W0"CE81.-QW2H:2C,,-O,O!$;QJY("4W;YZ?60.#IBY2O?NRH ,,%P2 MQ]@QK&]7 EO@Q!D8?2[ ':D82*U.6 "4;^MMOQVZ1*NY!^/ N!E:=WIEZ47$\S*Y%P44U" M3\@*&].E X5%P?DILN;4K/I@RWJ%'# /8D%:V *8BBPA"$)@6[!!79@)^2!4 M(X/44%><0:$F"+^58.J$V(\11<$#H,@.J9_U*X3BT!^R0W?8RO#8 M@4@ ( (B>CH[5QUF( L<@?"L% (Z7-0#L9DB9$+C;@B:.Q54\112(K% 2Q!? ML#OW]P1-H/:S=LSM$[8;;O<=L)W%&X<1; I60108KOS(%< :' -GW >$4A4* MR>8J#0.#BAR,3J$HFD/F&WR"*0%*O;L'^D;>!8P36BP$#+@S, =H4P9L;?\H M&9(]^;?RSIY-5$BMXO[IBK;7_D1 _W. 2@\ :A%JM_T6X.>#B^#O*A:R=G/X M$E^%6WQP3R,]ODT4^915;:!\2C$]?(HQD/E45,^JBR*- 8(\O @!]>(I:7V3 MI=[MD;)'_\[B ;1][4AM43OHQ_O6$14+?@%L^)FNHU?SCA\L'"?+3[^@-8]& M*Z!?<7B-NPT<%D"9N-NDHMWS?E51/%A&1L7Y"&%;%(X)D2?&OYK5&;,?:#PC M8M'P>2FV!P=^&S>A8IPN+GJVGO6E$%]U#L1V]0.WHV&*C[VA^/:W=T$7= MN !YX_3SC9Z/*E)&JYCM-*,W'(0'T1,F1PQXI$* CP)OT?$++D.AIE[8"Z5Y M+Z4P%&[# KB7PE,V[!Z!<" 6Q_P8#F^B%6Q/\+$ WD6W]@#IH\4S7)S1+&:_ M &D;V&-D=(]9!#*>K W9>CHDGR,&=(NRD<.J?"&XV8DBV:OY=%(59;)LHI!)%GZT4*B M,179_:1D<#2 -=)TI;,).".=Y'WTAH*I3.Y'\G:D$F%1L%.0S8'!K-GP"SF? M=7A/4DNJB:"M%;M%YF M&DI+AWN$VA6Z+2 %1-,6+ W_0<%%EC6H*U' J1 #G6B%6+AVUUYPPYP$-MJ. M*-1!"76U2A,Z:S<,4:%],SJ@'%G43VM6=;#%R<530NUD(78"4!LJCKBK!880 MDB4?F83@LOB(RX$Q#;,9NFP^,H/_K0QDZL M03BV1!MH+D/7N*.5MI(+@@!=J09S)8YSBRRB6)ZL;%DO 82T4#@H %_&$7,) MKGY<>C25INE@-H&$B2L79FUHF"838C9(X=@+[0"];#I<85*WO6LB1= MP6FWS8%@X08&VEFB40H.8E+,GI7BM@.=E%9NR\61+['&"#5FP*Q-::%@7L%[ M"2\!9AF@4>U2J_A+XB,OAZ;6!(1.\VJRRWTI->UE& R; K,&0B NUUBF&YBS M;NI+9!:GCL(K'^:QK)-=;B E[.XH@8)!%L0.8) MGRP3)ZC6\M(VYH5/,(G@"0_/S> AGD7!9-$>T'-[2 _NHIZBYW@:ON3YY^"? MO9R%+.L&,B[:!+4^$@Q(76Z-]AC*9IFUPB>@!$Z"GMK03"D!^6N]Y=1'SB*LPYQ>S;&T2> I/D)E%EE5+2Y\T MR@QP0=B&I@C1K4P1JZ]?,L*5J2?-Y65+;6C4EUB2[%@/EZA6P6QY-%+8$C(P M'NNA;)N:Y:D.YC:B^=/.Z.RI7Y70U70VIHD%=Y.K6:1QPF,V+1QJAY1:J "B MR:A\F5%'ED=%@!K%E6QT,&ZBZ+52CB(<[27H*$Z@1]HX1$&:])R3@Y2/>BP_ M^D?QZ"/5H[>DD'HLQQ;KCJ;8K&CM!@_&H>^T$[5HB:20N[$^>E$0 *ZL:(9S M-,T+*-F6DE%Y/B"G%(&NBL2YCS0W/,5-R-QQ#R[86$_/E):VP/*R4X0G3H3- MXX-IO&=S2F!H4YPZH9>I(*E@/CT8I7!KQLMU"89(YQ_ZFVT@J &6T@K2*J,&R/2(]B% MIV[X6L8=\[E.6,,AP0@4T!ZT0@[( 7TL!MS4&9 >UH,.#0/R P5=#Y:*89!< M$,@84L"BH 'I9#+H#QFP(D2UT$74,N P0< 6: '2YH&)IJNZ(OQ4"_@8H@EB M;M00Q$]#)I*[JEB(,K4 8".:+L\_"2JCCLN<%Z( M0G>;#><-!OF7 BDQ_X-$20%Z%'&G3?U(A7NRHE5!P?7AB1VG7 K;B!P5W&' MY+YKC2,#XE7')5<6]SF5J6K5;R*@OK&&RXI?;2$)(PK3%6(ZN2.'6:6<5Z%R M>RB\ 5B[Z3_LBG,A$%*"2I00BT! \,*6X LI08&HA+I VC 8"@3AN$NT(": M( -D W("1IDPEZ&#N)!^(**S0Q;P4YPAA=+8\$"GZ "W8'ES)0'RP9B"JD@ M'V/@J#RA0.,P7 UN6 \\,SVT!J@36)#K;'@+4N%F3($FT#.*0"H24,V$652% M)R,LAE8P,EK6)D9\"C<09M&5$&(!BR_M,(R8B8YC%16$ID0)6=(

.AKNH7%F(HUJ(F],L>@:.A3XU3% ( M##J[KIK"C D#ZX&)* FBS!N!8_5%3VCO@5%1#0^\*R: 1#IJM*B!Z8@^9Y1 M&5 2235P8@\RZ961+;P-V^ ZP 8 &OE 46^K'=8X-W*P%5!*:@VH*A:\4 J:!8M8EH=X]3)VC5K:*)14SR=%$,!B%0GD1;^ M UR9 W*%KCC8@= C/%UD@48IQ=7J._BS(LC'6#U$2,<-E(>V<+I B<"0/&"2 M*E ,BQ$H]BSVNAXLY?M0(Z@C!T*1'@HK?L;:@A_R\7"B$5-\M68!1LA9["4X M!52 \FO.9%4@C/57<#,&GZ6XC$@\N),T2Z) S)Q4LOF"9Q"%<3LK)E^,2#FL M(7G&'_+1!)" _$$(*T-30A2>H0"JTABIG.$_,%LB=T1N++RU)K<$VG+:3G'1$ M*AZL@[T8$4'Q[SY<]]$SFD!T2@-3PW*!7!PT2,C'VX4Z"L#LVEGYLQZF1)#- M#0&J V&,^\!GJ(!<9%XT*P(^;]SU>FY@^0J$YOL6#L;J MS4EP=P@1WZJ;,79NCM642:M9)(XJ%Q#"F[N-1-J7-?",MP $.$95^!&E8*.D!.^BA_@S6?]$965$CF-<35EHRT3&"*?%2>9C M4Z 9*Y5ZGZZ%4*FT#GN X9++!M!LLHBUTKN/.BA1P3A[T2*WPLJ=BI*F*I8%0Q<=H5EG24< M4;@UB)>M41N$<%QKQN%6%-<85>R,WV 2?H-+>!IO&;(;;ZD1#>[%L)@::<$U MJH4'R3'^PA9O#BB VL$$3,?&=8R-B!EDUMR+@]E1I98H'<*KYOVRDI"H#6XJ3@^YT&L:.]N\'8[R&Z MH25OO3$YUL(*8#8LBJ]A*\9P-#IV?>4(IKO#*)%5:L\XJJ*&7(W:1B&T5@2: M<@A" <8*W^+Q<#$,;N*%Q=,BWYE?8/Q+;LDR'F#DV B; MXZ>"CJ5Q$Z;&[9A\O&.;XXOE,1:N)5UY"Z^(>YR,P? ^=@+]6+92HY9$D&WR M0D;(SD(A?Q@U['=181MNMP$Y#@?&>N4E%TL8PJ' A#$;O4D M<^5KHI*QQ@IIR3"M&==CF;P>:')!#KU+ ]1HBC&"DQSR /O)5%HN2X'&X_W&IH 2>5 MKIF+9NN$BP([1KO0H@,["T0B<0MR:N!%:^#H*%D>Q((:1TD<+_J8.S DA_1: M60YETLRU82DOC="Y'LY)QTFZM!G-4";4K&3-L''>;W+M8*1+ ?4:QA*OV \R MK@5 O+\VG>DN6AX/UKC2_F9YNXT'3&UPSG$M.I^!<+N@$9N&EKO4^4&+7FQ, MH=7NA:YPT%FQ58IP^UY3=&M;; V:-53G0@R%*;1V/EW=>0Q/SO!LA2(%%@H0 MYWG7<(Q% BNJ+FQU< 09S6!H%^V?Q@BM;11_62 LVK<((Y*" FC1&IHR1Z. M()*$HK\Y,W\8Z18A =4IR(EH"E?+6T%,6RZ-;AI MXZR>_P1[MK=U^MUNYKR;FU6*C%C!1EF?SKAH=&'*<$(&+.$V04.\UP"B'?0Z MAL(1^NQF8P!AH@4U0=#0'-I',^DMQ-EBM+,5T;%Z],[J"EV9L;2*WM#N]JC> M!Z/S+%2&E!#*&0CQ#IIWLX*#->'8.$2943B*5TOY1D#,D+=O 4QAF18$,0C' M]^6SGMHIP%X:+8MIBBV&"S)X#_-9-!,MVH#Y4 T*HMOY&6&Q@>M J$@DUNQC M_ VAQ9.-W]!",X'64+_69@)EC\IJ'C4LAXD$"QU,/O"PJDLXW6$>H]*A=T9T M$FVR"99LS-IFJR S*W&*NVES;2;MM-^VE [:DOMJ4VU MJ[;5OMI8.VMK[:WMM =&T+R;UC6*73E@OZ8V]*=K M>UT"U+)Y3\]FW'Z:7E..OFV%RC7EMKG@EWL*;-YML9DZG\0XC&YN,\Q=M^$E M-QG*KG28(VYHYLWM0=W@IM9$J'Q[H!).@F@XRP#B1 &*<\PP3JH<*!YGY)R< M<%H;(]1I:LXV6O7IG,^JTY7.T%D3"[<=G-VBTW:OSM9ICM4BMC2F_,K%L\!1Z$H7YB3U+D%D; M0=73*U;O\6!/]>$397R&JWSFR0/*M0#3!^6@Z[-K^4GV7;80I?,:H6J+;050 M1PFWYO?^II0$U%*>$O:=*3=E$8U5;))-T2=5*#TE:!:AH*;)@N),R91!%Y-(A/4<%819DI M%I58>8>+CIG[(PRO=VB$KHL25=K2\VU*UZBKU%]K[HV>/^X5N+$@'46F6;R' M.U(IBDOCLBY]E=NQEV[Q0+I.XK(PA>.']'MB)T5:1U=C(R6EOS1D1%)(F$HI M:0*SI! #DV[.@I+69+@4VG7+$Y1B<6?G2]GXP#BE_B&5*B=6.KTP^1CO6;/4 MIUFU.?Y+!:D;_^)V[;1E%4!:RNLX,$'EL:UG%=,1B,:UB'W-(E:4WCG3G8T0 M8>0TK:;,M+@ZU$X4)SR@@YNHR966LU-]I;;BZ3E-YMIGG;:V=OI.GZYP1UF;O$\82YP^9Z&N80U2K=VXYZ MZ: W0YGG'G4_@-1Q-VY! $E% 2;U6"\GE1I<#5>A>ZEY(*8N55I14W4J3D5^ M.S4C_]2@2C_L W_=;LJZ9"A5IDH5)O)3=0,7?;]-U:IZ5;,J#;6J7[46R8&O M"A?"JH[CJ&6UI9Y5N2:J<<-:11EME?V.5CH@5TMAH;.K8RF\]72#OE?[:DTR M;^"-5@S6]5)8GT]!?W**5;OY5<>JTC&09'T1E+4N6[R0GEDWJTT"*9[5'(/6 MJJO3VTYI[3 2XZD36/S*6HF":T4S[MG!Z>5'G8!L*V[5K;Q5;.X,X$I4AZLP M/Z[)%F5Z<1% MN+&MXM IBXOLW;6]RO7W>MDI$WTE?'?P8P)!_*I?BUQJE>F8E>M>]K9]7[>; M-T:P826^-E@ $F&E=H75$FH"PY($#0LF,(*')1.%(8*(6!)K8E%LF^#:$X'% MMMBI+4+N!'1?VG;7S;7K3ZL@K/#I';+^ILA"C"-++VP%G]V[!H)A6Y2CTAJF M;)6]LB/-&N=_;-\5=6N@M>?: M0OM9UM!DU7*A-12'-BC.\T6KDT\RI$V_D]9:AQK2JV0WK7$F%;/X98!:HB!J M9S,UHK6M6%V]8GG5:BVSQ9ZUIW94V-I DVM%T:Y]5TK!UW9:\A'B>T2QA0O' M-G0FVV5+G0_&EDZUKYC:VHKNC&VIT8O7T@LY"(';_RN6W*+ M$$2TO 4VG9=.4]0TU"G(@WF /KE!\@+%^XH5;5APN#>X4 MW1GEKFF+.R$T+4;^QP/ZI'S1]LKKT@&GNN&(X70S184P^@*##&M=$$ TTT#3G=63/BI&Y2M+N(\ M+R\G'.^D*X]NLWS8I?3 FFA):.RLC6MUE?<1;C<'7]^Y*Z,?M'R^RGZF[T*5 M,1)X.8EX+KQ-00,=7S1K.8]%XU5TI2'S1MZTP)K9;^6]O)GW.#<'SFM^6X/U M?;7VG<.;WJ/2652O57:]GSKVSM[:2P9N;VO(O9&V;5 ,0\P6$+$Y'KYNI?BN M!X;+(I+O;(B_W/?YWO#HNW!&!/4]]_\A AW)?'2*M M^G6K5(%;FO!(; +D " M4V +C(%;@P:.,8W$ S?YI",01G!>-\%#A\^F8*80CTGR"^;-\1I;<* I3"IL ML"V:$'U7\I;I;)V9@SU9"\MWJ->1Y0&6CL_RJRZ[\G8MP^ =G['?\FB>RUC= M"VMUA12&5X1?[L^GFJ6@X7+U6MFPFMW(BMDBTV$[O!Y>O!Y>#\:B#]\,3SZ9 M,;.W+\03XA#OY3>HB-<#(]X9YLI90&*PD3PGL4:>/Q-Y17IN)9NT"#*>CGRA MN&6^9$#]C%>Z:&;%2)Y=L?WM/FQKL8#!Q4Q!%]-:>,SV-S5Z2/3$V#H8X[B/ MC)_N,B9KS5@LB_UHS(1GM*9.*1J>U]-J;GR'OCXXWKJJ/_F'?50X]G=2V7?^ MUWE6JWW>//NO,#U.R7!_\LC]Q7R7\_(_WLCFB5?8:;MOD/^R?];["YGONV;# M_"K0#.#WTH(?1N:8:0V@GTH5_PEC'QF\%9*=6B/98U:2968TFN_G&IP5GAEY MX7F%9K?9(!63T6>!0N[GG=UDJIE.5IGY?P7@60&;!66CA8D'7!QE&.#BH)3% M9=#6;L920&78F"XVE=U:P-^'=[E4+%M9?,:U?_Z8+L:7S7\?H/V7]UD/^1]AYO=9#T^7S@"' M 8!SF "(^#F O4YD-G1,9B*9JW69/8"/W_,WFE& +!DU8IN58BD9!VB:35G\ M&4ZVFG$@/-D56)/$9BE@LY:?57]>Q4LFG^EFH +Y1P/^9C9@<$:ZY8"^6%8F MEP%B/J ET9RA:!^:KW8$HGW42-"WG5D'.1KGL*.)9W!->>;:. L6F: EI[5G M^,)[%@%F@IS:?+8HV&>X 7XVP>AG#@Y_9JH%9O^9B7*IW%S.QTE1H$T'!UJ? MYIDH:!$/'="J%7MG'_2GZ\EJ)1KUMZ3A:E1>,[BKF6?2&;'WJT6#$-HT**Q5 M@Q8:>,6#;(.K((LVJ!UKS^ W:'>!@DB7<\*=02.TB(X&GHEG5PBI$:1!"A]% MD08+\A2RH,\0JEV# MV3AH9Y;K9"HD9(5&D&@K'VH@D,M-:6MC,H9O\&XY>= MC6DGQ=;G\Z$&ZT2:%G!%:JH@H!6G66ISFJ26J=UIGICYLZ>=@\K@0^@L_&G" MGZW@$#9I$&&AMJTI68C:1$B-,&HC@@R&B]16B=ZD)A*^@I@:.@6?X6;Z6+I6 MA85JL16IMFO]@E=9JK8,KFIP0#OX"4J#7]8X& K6:C,AKY:KO0;H((SF#5Z% MX6!62*)MA=1?5\@-(FM;1D;'K/E@S]J%08!(:VL6,9?N86LJ@Z$6D8D WEIE M1CZ$:T,'X;&!F6M6F5*XKKU;M!\MUF.]:STAR 9ST6N3R+V6!N1K?4;QQ2) M#/[:?3"D14YPP< &;:$9!ML*@; 9" H;?M82L044(ENV]>1A;""# MV[=RG12.X<0VLI4[&][)QNTA0?F8RN8ML&PODD*"$Z%)$Q#0MB();4V!BQ1P M@4A04G.4LTUR*QLTU1[Y; "/<=@E-4!,4EY4M"UR%-!R@P)<=^!A>"@>CH?D *87EH'IZ'Z.%U!QLT end From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Theodore Ts'o Date: Fri, 26 Mar 93 13:04:15 PST To: mccoy@ccwf.cc.utexas.edu Subject: Re: Anonymity, accountability, and control In-Reply-To: <9303261754.AA06965@tramp.cc.utexas.edu> Message-ID: <9303262102.AA04094@SOS> MIME-Version: 1.0 Content-Type: text/plain From: mccoy@ccwf.cc.utexas.edu (Jim McCoy) Date: Fri, 26 Mar 1993 11:54:39 -0600 (CST) I believe that UUNET has applied for and received common carrier status, in which case they are not responsible for thier traffic and cannot make any judgement calls regarding the traffic coming from a particular site. It is kind of like the phone company; they may not approve of the 976-BABE numbers, but as long as those operations do not break the law there is nothing the phone company can do about them no matter how many complaints they may receive. I'd love to hear more about this --- my understanding was that "common carrier" status only had a specific meaning for telephone companies, and also meant as a side effect that they had to regulated by the FCC. I was not aware that "common carrier" status had any meaning in the computer networking arena, since no regulatory agency would have the right to receive applications and grant common carrier status, unless a law were specifically passed by Congress or perhaps some action resulting from a Federal court decision. Or is it that UUNET merely considers themselves a "common carrier" but that this has yet to be tested in court? Would Mike Goodwin be willing to comment on this? It would certainly have a lot of implications towards providing free speech on computer nets, and I'd love to have a real lawyer's perspective on this --- as opposed to the perspective of millions of people who merely play one on USENET. :-) - Ted From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pete@cirrus.com (Pete Carpenter) Date: Fri, 26 Mar 93 16:57:36 PST To: cypherpunks@toad.com Subject: Re: ANON: Shutdown of Anon.penet.fi Message-ID: <9303270027.AA11431@ss2138.cirrus.com> MIME-Version: 1.0 Content-Type: text/plain ----- Begin Included Message ----- Date: Fri, 26 Mar 1993 10:38:31 -0800 To: cypherpunks@toad.com From: lefty@apple.com (Lefty) Subject: ANON: Shutdown of Anon.penet.fi I have been told that Clayton Cramer, the bete noire of alt.sex.bondage, is the "net.personality" responsible for the shutdown of anon.penet.fi. I do not know this to be a fact. Funny, I never thought of him as being particularly "highly regarded". ----- End Included Message ----- Mr. Cramer is highly regarded for his scolarly work in regard to the Civil War, and the political history of the Second Amendment. He has just published a book on the later. His other 'opinions' have always amused me somewhat, because he was one of the first net.people that got me interested in the Libertarian Party. Those rantings seem very out of step with this general political attitude, quite un-libertarian, in fact. Pete Carpenter pete@cirrus.com Talk about your plenty, talk about your ills, One man gathers what another man spills. - Robert Hunter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Chael Hall) Date: Fri, 26 Mar 93 13:26:10 PST To: cypherpunks@toad.com Subject: REMAIL: sendmail.cf problems Message-ID: <9303262128.AA18752@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain I am working on a new project on 386BSD with pseudonymous user ID's. What I want to do is use a rule in the /etc/sendmail.cf file to make all messages to "anon.###" be processed by the anonymous contact service and everything else to be processed as local mail. I added the following lines to my configuration file and made a new frozen config file, but I keep having trouble getting it to work: Ranon.$- $#acs$:anon.$1 Macs, P=/usr/guest/anon/anon-reply, F=nlF, S=10, R=20, A=anon-reply $u The first line should make all mail directed to "anon.*" be processed by the mailer "acs." The second should define a mailer named acs that executes anon-reply. I found that this would make it impossible to alias anon.post, anon.admin, anon.ping, anon.help, etc. So, I changed the first line to: Ranon.[0-9]$- $#acs$:anon.$1 That makes newaliases stop bitching about the aliases, but any mail directed to an anon.### account bounces and it says "User unknown." I ignored the alias problem once and actually got it to get farther, where it said "Unknown mailer error 2." I think that's because it was using /bin/sh instead of /bin/csh which is required for the scripts that I got from a friend. (acs2.2 is what I got, it was used for alt.personals) I want to rewrite it, but the important part is getting the aliasing to work. The rest is a piece of cake once I can get sendmail do to this. I hate to rebuild my alias database, besides which, that slows down ALL mail. If anyone knows which RFC's to look at for the sendmail.cf format or has experience with this problem, I would be eternally grateful. Chael Hall -- Chael Hall nowhere@bsu-cs.bsu.edu, 00CCHALL@BSUVC.BSU.EDU (317) 285-3648 after 5 pm EST From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: baumbach@atmel.com (Peter Baumbach) Date: Fri, 26 Mar 93 13:55:59 PST To: cypherpunks@toad.com Subject: How secure is an anonomous mail-server Message-ID: <9303262144.AA07992@walrus.chp.atmel.com> MIME-Version: 1.0 Content-Type: text/plain Suppose somone wanted to compromise an anonomous mail-server. Couldn't it be possible without the owner of the mail-server knowing? The attack might consist of monitoring all traffic to and from that address. Unless the server waits a long and random time to forward the incoming mail, couldn't a mapping be made of real-name/possible-anon-names? If a users uses the same anonomous name for long enough (2 times?) couldn't the attacker be very confident of the mapping? If the attacker uses the server themselves creatively, wouldn't the task be even easier? This seems like a simple cipher easily broken. I am new to this, so I appologize if this is a dumb question. Peter Baumbach baumbach@atmel.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: stig@transam.ece.cmu.edu (Jonathan Stigelman) Date: Fri, 26 Mar 93 20:55:04 PST To: cypherpunks@toad.com Subject: Availability of filtering scripts Message-ID: <223@x15_remote.stigmobile.usa> MIME-Version: 1.0 Content-Type: text/plain In message <9303260732.AA23550@soda.berkeley.edu> you write: >Were such a utility posted to alt.sources, and if all a user had to do >was ftp it from an archive, unpack it, and run it once, we would be in >a much better position politically, (even if the utility received very >little use). > >It is difficult to install mail filters. Our argument for user >filtering would be much stronger if installation were simple. > >A similar argument holds for anonymous posting filters in a global >KILL file. > two points: 1. An even more convienient way to distribute this filter would be by having it available from the anonymizing server itself. Mail to filter-request@anon.foonet.bar to get a copy. This is better for sites that do not have ftp available. 1.5 A variant on this approach would be for the server itself to do the blocking of mail. Mail to block-my-mail@anon.foonet.bar. Would prevent that server from sending anonymous mail to you. (the server would, of course, send a receipt for the transaction to the user who's mail is blocked...just in case of request forgery.) 2. This would be a political win, but it would really be just a step in the right direction since many people don't read their mail from UNIX boxes.... PCs, Macs, Fidonet boards, VMS, etc. Stig From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Fri, 26 Mar 93 17:38:00 PST To: tcmay@netcom.com (Timothy C. May) Subject: we need a faq. In-Reply-To: <9303262247.AA18162@netcom3.netcom.com> Message-ID: <9303270136.AA27824@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain > > Not a dumb question, just one that's come up several times. (Someday > we may even have a Cypherpunk FAQ.) > I will mantain the faq if people will send my usefull information, such as ftp sites, remailer-reposter sites, short answers to "obvious" questions, etc. I will mail it out on a regular basis and perhapse to new subscribers, if that is possible. Come on folks give me a hand here! ;^) +----------------------+----------------------------------------------------+ | J. Michael Diehl ;-) | I thought I was wrong once. But, I was mistaken. | | +----------------------------------------------------+ | mdiehl@triton.unm.edu| "I'm just looking for the opportunity to be | | Thunder@forum | Politically Incorrect! | | (505) 299-2282 | | +----------------------+----------------------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Fri, 26 Mar 93 18:57:57 PST To: J. Michael Diehl Subject: Re: we need a faq. Message-ID: <9303270256.AA21236@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain J. Michael Diehl writes: >I will mantain the faq if people will send my usefull information, such as ftp >sites, remailer-reposter sites, short answers to "obvious" questions, etc. I >will mail it out on a regular basis and perhapse to new subscribers, if that is >possible. > >Come on folks give me a hand here! ;^) The problem with FAQs is that someone almost always volunteers to put together a FAQ if people will "send them stuff." Then he realizes what an enormous job it is, as the submissions are either a) not there, b) are too brief or confusing, c) require lots of editing, or d) other problems exist. Then that volunteer just sort of lets it all slide--and several months later some new eager beaver makes a similar proposal. I've seen this happen on several groups and mailing lists. Someone on this list boldly stepped forward last September, begged for submissions (some of us even sent stuff in), then let it slide. Officially, I suppose he is still working on it, but nothing has appeared. I'm not holding my breath. Since we are an anarchy, nobody can force him--or you, for that mattter--to finish it. The way FAQs traditionally get done is for someone to just write the whole damn thing...this will of course mean that someone must become quite knowledgeable about remailers, PERL, Chaum's work, the math of crypto, the politics and jargon of crypto privacy, and on and on. Not trying to scare you off, just pointing out that a FAQ will not write itself, nor can you count on others to "contribute" (for the reasons mentioned above). (Sometimes a "stone soup" approach works, where a "Rev. 0" FAQ is posted and then the critics come out of the woodwork to suggest improvements. If I was writing the FAQ, that's how I'd approach it...just get *something* out as quickly as possible and then see if anyone wants to change anything or make additions.) If you publicly announce your plans to do the FAQ, and begin soliciting contributions, PLEASE make sure it gets finished! By the way, in my opinion, the Cypherpunks FAQ is *essentially* available already in the regular postings of list members Lance Detweiler (he posts a long article to sci.crypt describing privacy on the Internet) and Karl Barrus (he keeps an updated list of remailers). Good luck. -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Fri, 26 Mar 93 19:06:39 PST To: cypherpunks@toad.com Subject: Remailers In-Reply-To: <9303261530.AA19663@toad.com> Message-ID: <9303270302.AA28743@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain I wrote: >The question you asked me about understanding the remailer operation >is of general enough interest that you ought to just ask the list at >large. >In specific, I don't know of any such theory of operation. When I wrote this, I wasn't thinking. When I wrote the original remailer code, I posted it to alt.hackers along with a theory of operation. I don't know if I have a copy of that anymore. Can someone provide it? It was from last September. Who gets Usenet on CD here, anyway? Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Fri, 26 Mar 93 19:43:32 PST To: cypherpunks@toad.com Subject: Many Important Items in the News In-Reply-To: <9303262110.AA06813@longs.lance.colostate.edu> Message-ID: <9303270339.AA00329@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >>All the more reason to allow the backbone admins the power to not pass >>anonymous articles. It won't work, they'll feel like they're in >>control, and everyone wins. >wait, are you advocating news admins allowed to filter anonymous mail >from downstream/upstream feeds? I don't get this. Yes. If someone doesn't want to pass traffic, let them. It's extremely foolish; they'll get a bad rep for it. If they're a commercial site, they'll lose customers. If they're not, they'll lose face. Freedom to filter is freedom to shoot yourself in the foot. But as Peter Honeyman points out, filtering anonymous posts won't work to prevent them from being passed around, and they'll continue to use external channels to pressure connectivity and administration. These channels have no technical amelioration; doing politics in the broad sense is the only solution for this. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Fri, 26 Mar 93 12:59:08 PST To: "Timothy C. May" Subject: Re: Many Important Items in the News In-Reply-To: <9303242312.AA07079@netcom.netcom.com> Message-ID: <9303261839.aa28234@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > And given that our systems are "even more anonymous" that Julf's was, the > abuses seen with his system will have to be faced on our systems. The > alleged abuses of Julf's system: supposedly a picture of a burn victim was > posted to one of the erotica groups (tacky in the extreme, but hardly > illegal or a threat), instructions on how to poison cats (also tacky but > not ipso facto criminal), etc. (I don't know what the culminating case was, > nor will I speculate.) Uh... I really am a bit hesitant to talk about this, so I would appreciate it if you kept this private. A very visible and highly-regarded net personality took offense at some rather abusive exchanges in talk.politics.mideast, and contacted just the right people in a very politically loaded Finnish networking scene, but I know he acted out of a regard for (his wiew of) the best for the networking community. I have been expecting him to come forward and state his reasons. The problem is that I live in a country where somebody got thrown in jail for high treason for selling a couple of old, second-hand VAX machines to the former Eastern Block. And as people managed to turn the mail "from an international networking authority" into proof of the fact that I was destroying the image of networking in Finland in the eyes of the international community.... > There was also a major flamewar over the weekend when one Richard DePew > decided to initiate his "ARMM" ("Automated Retroactive Minimal Moderation") > program, which sent out "CANCEL" notices for anonymous messages posted to > certain groups. Very controversial, and a sign of things to come. (The > connection, if any, with Julf's shutdown remains unclear. Certainly the > whole issue of anonymous postings reached a head this past weekend. > Sternlight's threats about PGP may have been involved as well. Julf?) The ARMM thing actually backfired in a spectacular fashion, causing a lot of people to speak up in defence of the service. > These are certainly interesting times. Uh, yes, in many ways (says Julf, fresh back from Slovakia...) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Lord Krieg" Date: Fri, 26 Mar 93 22:38:11 PST To: "cypherpunks" Subject: Comments on anonymous servers Message-ID: <9303270638.AA02109@toad.com> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Joe Thomas has suggested that a group of penet-style anonymous servers be set up to act as "front ends" for the Cypherpunk remailers. This seems like a good idea (provided that the technical problems can be overcome), but I'd like to propose an addition. Having more than one of the penet-style front ends active at once will only provide more targets for (anonymous) net.fascists. I suggest that instead of having a handful of front ends operating, have only one front end actually operational at a time. Other servers would be on standby, and would constantly update their database with the active server. That way, the moment someone trashed the active server, another could be activated. This way the service would be interupted only briefly. Since it has thus far taken some time for anonymous servers to be brought down, this should allow the front ends to keep up. If someone out there trashes a new front end every month, we would only need to find a new server every month, with a "cushion" of servers waiting on standby. Now, as I understood the suggestion from Joe Thomas, the Cypherpunk remailers behind the front ends would only be "visible" to the people involved in running the service. This would certainly make the remailers more secure, since the net.fascists would not know who to terrorize to can the remailers. Although I certainly may be misunderstanding something, I don't really see why the users of the service would ever need to see a message about "if mail to here bounces, try there." Shouldn't the loss of a remailer be dealt with entirely "behind the scenes," by the service administrators? If I've said something really stupid or obvious here, please bear with me. The whole idea of anonymity only became of interest to me a few days ago. (It's amazing how badly some people react to fascist slime telling them they can't do something, even if they never thought of doing it before.) Kenneth G. Hagler ********************************************************************** * Internet: cvadsaav@csupomona.edu * My insurance company * * Phone: (909) 865-7751 * is Beretta U.S.A. * * PGP 2.2 key available on request * * *--------------------------------------------------------------------* * ...study of the military arts will make one who is naturally * * clever more so and one who is born somewhat dull rather less * * so. * * --Daidoji Yuzan Shigesuke, _Budo Shoshinshu_ * ********************************************************************** -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK7PzpiipatcRAyu9AQGqfAQAlO2qB1QkrUg4oRA03nQw3qhPnIz8GpQt jFBKGdlXFYgVRbVQsG2ZvkUFwSZe9UOnFn8YXsCimRKA/9V7L0tpIeDRdAJvApvs Wfg0AsJ0toV+O8M1zw0Rfni1zy/HBvfJbc9rAJoRKR+3JaeFoqNI3KZ68jqa5Lk4 Lm7EYHHQXT0= =aB5h -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: edgar@spectrx.Saigon.COM (Edgar W. Swank) Date: Sat, 27 Mar 93 07:44:18 PST To: Cypherpunks Subject: PGP: Key Updates Message-ID: MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- I'm re-posting my 512 and 1024 bit public keys. They haven't changed, but some new signatures have been added. - --Type bits/keyID Date User ID - --pub 1024/87C0C7 1992/10/17 Edgar W. Swank - --sig AF00E5 David Del Torto - --sig DD98D9 Vesselin V. Bontchev - -- - --sig 67F70B Philip R. Zimmermann - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.1 mQCNAirfypkAAAEEAKe2jziPeFw6hY19clR2GtQ4gtGCSSVOTgPKEJzHfuC74Scf 9PEuu1kebLhHk43A9wo1vr52o4jpH/P/tnFmRtBQOMzLUzAt5rMucswtSVviMQS2 hBuc9yGJKWHVcyfA79EARKEYTdhx+2qKI+hFJcPE+rmD8wVoF94nNf3ah8DHAAUR tClFZGdhciBXLiBTd2FuayA8ZWRnYXJAc3BlY3RyeC5zYWlnb24uY29tPokAlQIF ECuXMhOhwThfSq8A5QEBqF0D/itGhJWncb4qLTC+RwC+mfC3u9IRikddKTKgLwt0 Cqz1t+3k0NM7KSDDkfWoUbUOiqTqhHTLFjST3V5WgFVyUtYNv3iw07cmMcko79B0 4OKTkOmZcSdCEF8uW6O5iQK0mOgG/X5B0iaee/1o2J0a4sCd429n5Q02p8TchFKH M3DciQCVAgUQK2PmLDZWl8Yy3ZjZAQEMRgP/aIwyaXrl4Vo1as0/tptiHxBbf4ye PKXkI2kCMaTF6OYibidkqpQc3kO4bOkkOey1HBvPp1pcrXldygzWbyC6G7pTMjAe z36FsoTqKdMLPgLSYTnk9Ka8X96ON7GcbOyIWm4WeM3+xGtIdznt+U4hRYEJkPwe LPPdpgHGa/AnzreJAJUCBRArERcc4nXeDv9n9wsBAbJiA/9qly/1XYxscWBTSGXQ PgwuoaMFF5R8OujFAKyCxNv/SevVb3KW0Eypg+APtOEsB/avEg81sbIPtVQDbstP BBNLqfaZu2Qc68ZBXDsnYbBMDrfX0Z/RCd7QzWHtUlaMVfRXOO6H+eTpu3Eza5Mt IXadSwNd7n/03ld56wWGttc2sw== =F7iK - -----END PGP PUBLIC KEY BLOCK----- - --Type bits/keyID Date User ID - --pub 512/4F0C47 1992/09/26 Edgar W. Swank - --sig! DD98D9 1993/02/02 Vesselin V. Bontchev - --sig! 67F70B 1992/10/14 Philip R. Zimmermann - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.1 mQBNAirEvxwAAAECAMUkLHrx6JH45BMd4bxZDNQO3HrLmhZSvsHJzLH9+90BTbuX 3Kvo0pSLCh98m2Abu/LtoHDggJOKxRGee+5PDEcABRG0KUVkZ2FyIFcuIFN3YW5r IDxlZGdhckBzcGVjdHJ4LnNhaWdvbi5jb20+iQCVAgUQK27LwjZWl8Yy3ZjZAQHi 5AP6AwciH+ZSRaeBF0Qrt6yNOTkYiM4BxyKQ3GldPbcXlIU9p2fSsaMHzGwnn4ka hekEWAXM76PR3i/wwrFKehwCBrRqawUKZZonomDAQYkmQoVVTU/PWCvv8XveDaOb NMEAJ1klELvORoCx+HMirJPzLD0GQHCaZFmnmPHfQYn8T7SJAJUCBRAq27WH4nXe Dv9n9wsBAWCcBACNGUqaZK8MxlRYozYFAWamocGJoKDs4soQWeD2lkbHarNgcJk4 v5r0DR7E309EC1XpsSb34XxWg4SlXIXfjpcnDATV7/XcgRMcWLsl319uOzDy+hAW rPr1fanzGgQvFi2pKXB85DdLsk7LLHj+nTh8b8lm5EmJxVpQhGUMock8nQ== =XtlP - -----END PGP PUBLIC KEY BLOCK----- I can receive messages encrypted with either key, but I will usually -sign- messages with the 1024-bit key. -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK7RY1N4nNf3ah8DHAQHB4QP+LE70bsNtOy1TjpV73P5xHHib4wH/LGX5 rMoU5w8t4p8q8OCUhUaQG5OmtE79nZFt2q49rIg9FQZH1NlhKlfpZa5JSCMcs4Ls IOY2BKDw2voxAIpooueqUTHMwRNGakMA3utUnVTQ8gf001Ie8GRpdomDxbsmW6uG PtXkyQpuRQo= =TGiw -----END PGP SIGNATURE----- -- edgar@spectrx.saigon.com (Edgar W. Swank) SPECTROX SYSTEMS +1.408.252.1005 Silicon Valley, Ca From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: edgar@spectrx.Saigon.COM (Edgar W. Swank) Date: Sat, 27 Mar 93 07:44:22 PST To: Cypherpunks Subject: REMAIL: "Stealth" Remailers Message-ID: MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- In the wake of the forced demise of penet.fi, Dave del Torto said: >>> The anonymous service at anon.penet.fi has been closed down. This is a dark day indeed. The forces of Repression are upon us yet again. OK, where do we set up the next one? I guess the solution here is to have a floating set of difficult-to-detect anon remailers and switch between them regularly. I have an idea for making remailers more difficult to find. This applies only to systems where the remailer operator owns the system, such as at wimsey.com. (But a "system" can be just a PC/XT with hard disk and modem - maybe under $1000). Where the remailer operator controls the system, it's easy to "forge" net headers. The problem is that once you send mail, other systems are going to add "Received:" lines to the net headers that point back to you. I don't know how to stop this once the mail leaves your control. But it should be possible to add -extra- "Received:" headers, indicating you received the message from some system "behind" you. Should the "net police" trace an "offensive" message back to you, you can point to the added net headers and say, "Oh, but this came from -him-, not -me-; -I'm- just an innocent forwarder (not remailer) of this message. That SOB down at the end there must be running one of those infernal remailers; Go get him!!" By the way, these phony added headers should all have -real- system names. It's fairly easy to trace messages along the "mainline" internet, because those are all "hard-wired" leased lines. But there's another class of system called UUCP which sends and receives messages over the - -switched- network (ordinary dialup telephone lines). Many of the mainline systems accept UUCP accounts, so UUCP systems usually have the same internet connectivity as the mainline systems for E-mail. (They can't do FTP and Telnet). Furthermore, UUCP systems can allow other systems UUCP accounts, creating long chains over the dial-up net. Furthermore, a UUCP system can be set up with a minimal investment in hardware. A single hardware system can be -many- different UUCP "systems" by just dialing into different UUCP "accounts". A good strategy is to accept mail for remailing at one well-publicized UUCP address, but -never- use that same account for -sending- remailed mail. Just use one of several -other- UUCP accounts for that, adding phony "From:" and "Received:" net headers as explained above. Be generous in accepting UUCP accounts from other systems; don't take too much trouble verifying the registration info they give you. Once they've been on a while, start using their names in the phony "Received:" headers you generate. Well, I'm not an expert on either the net or the "Waffle" software used to run small UUCP systems (like this one). But perhaps the above ideas will prove useful to those of you who are. -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK7RidN4nNf3ah8DHAQG1/AP/dphEH+j0pou/jZ86PhQEffyVyzcHBm0A lwEnJFhX7RXx3l4RNlhv9dTRwQwaQPiaZ7qfWhdtqIsWwBSD39krfv7RwZDVI6Rs nuzE67BvLljl4N1rEqUdW/ln3gFvUBo/ud+b3DBFJFZEOMRPJFFkE5hux5RBxG+N wk3X28rUUM8= =BVPy -----END PGP SIGNATURE----- -- edgar@spectrx.saigon.com (Edgar W. Swank) SPECTROX SYSTEMS +1.408.252.1005 Silicon Valley, Ca From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: grady@netcom.com (Grady Ward) Date: Sat, 27 Mar 93 09:30:12 PST To: cypherpunks@toad.com Subject: Distributed distribution of PGP 2.2 Message-ID: <9303271728.AA12159@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Since most of us live in widely-separated places, it might really help broaden the popular support and use of PGP by distributing it to your local BBS. Most of these people are disjoint from Unix people with Internet connections and so would welcome access to whatever versions and platforms of PGP you can upload. I've just finished uploading the MSDOS, Mac, and Unix (with source) versions to the local rural BBS. If many people did the same for their areas it is hard to imagine how PGP could ever be "stamped out". Lists of BBS for your area code are available from your favorite platform archive site. Not negligibly, many more people exposed to and using PGP means that many more eyes and fingers finding bugs, suggesting patches and improvments and generally playing with the PGP concept. Apple Computer is reputed to be readying the release of their new "cyclone" computers during the next month or so. This top-end line of machines has been said to incorporate licensed RSA technology at the operating system level. With the usual marketing hoopla this will mean that security in general but specifically RSA and public key technologies will get a big public push. It would be great if at the time of this marketing blitz people could turn to their local bbs and satisfy their curiosity about RSA and public keys with PGP 2.2... -- grady@netcom.com 2EF221 / 15 E2 AD D3 D1 C6 F3 FC 58 AC F7 3D 4F 01 1E 2F From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Honeyman Date: Sat, 27 Mar 93 07:47:28 PST To: cypherpunks@toad.com Subject: Re: How secure is an anonomous mail-server Message-ID: <9303271547.AA16120@toad.com> MIME-Version: 1.0 Content-Type: text/plain one way to defeat traffic analysis is to maintain a steady stream of traffic. to this end, avi and i are considering a "remailer tax" -- if you send a message through a remailer, you pay a tax of (say) ten additional messages sent and ten received. so if you send a message via a remailer, your software is obliged to send out an additional ten nonce messages, spaced out over time. that's not so onerous ... but those messages have to *go* somewhere, so you will also be taxed by receiving ten nonce messages. this remailer tax is not completely thought out ... what do you think? if remailers catch on, the nonce traffic can be cut back. i'm also still enamored of the probabilistic remailer notion i proposed a few months ago, where a remailer flips a coin to determine whether to deliver a message to it's destination or whether to throw it back into a pool of like remailers. peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ghoast@gnu.ai.mit.edu Date: Sat, 27 Mar 93 12:33:31 PST To: cypherpunks@toad.com Subject: Re: TEMPEST in a teapot Message-ID: <9303272031.AA36215@hal.gnu.ai.mit.edu> MIME-Version: 1.0 Content-Type: text/plain > > ----- Begin Included Message ----- > > It is speculated that poorly protected systems can > be effectively monitored up to the order of one kilometer from the target > equipment. > > ----- End Included Message ----- > > The "readability" of the relatively high energy sweeps in a standard CRT monitor > is well known. Any idea of similar effects on LCD screens ? The energy involved > would be orders of magnitude less, just for starters. Also, since the whole screen > is effectively oscillating, I'm not sure that there is any 'raster' sweep per se > going on here at all. This could be a factor for the truly paranoid :-) using > portables with LCD screens. > > > Pete Carpenter pete@cirrus.com > I've been told that the CRT is not what is generating the signals at all, rather that it is the CPU, and that having an LCD screen won't save you, strength of signal reduced or otherwise. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: AJ Janschewitz <0005037030@mcimail.com> Date: Sat, 27 Mar 93 09:38:09 PST To: Cypherpunks Subject: PGP key Message-ID: <00930327173700/0005037030ND3EM@mcimail.com> MIME-Version: 1.0 Content-Type: text/plain My "old" PGP key died with my PSI account. The new key is below, and can be accessed by fingering my secondary mail address, ajay@holonet.net. If the list server ops would kindly kill my old key (which should have my name and an attached address of p00258@psilink.com), I'd appreciate it. Scary thought: If any goon wanted to trace remailers, with the Clintoon Administration now accepting E-Mail, all one would have to do is send a threatening message through a remailer and it would give the brownshirt squad license to do all kinds of things. A government bent on knowing everything might even initiate such a move itself. How do the people running remailers and those of us who might have occasion to use them deal with this straw man threat? ==a.j.== -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.2 mQCNAiuyVNUAAAEEAMWyeYBYXNT6JXDS/3ixsS1tFd02K/qekH6gjAThcm8KkFmL FVRsW9pwgpkrLV/nra3kWKeV6tA1Lic+21pmoXhdAR9tMLpy6k0KFYPTbYob8hkr kZ6u6rpRz2WcvA3LxpVbPXMMa5R/rsH9r6lnE23gD3JxGoqkaxk4MFKFFwHhAAUT tDdBLkouIEphbnNjaGV3aXR6IDxhamF5QGhvbG9uZXQubmV0LDUwMzcwMzBAbWNp bWFpbC5jb20+ =Ylln -----END PGP PUBLIC KEY BLOCK----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Sat, 27 Mar 93 15:28:58 PST To: CYPHERPUNKS Subject: REMAIL: Anon. remailers Message-ID: <930327232156_74076.1041_FHD20-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Kenneth G. Hagler, "Lord Krieg" , writes: > Joe Thomas has suggested that a group of penet-style anonymous servers > be set up to act as "front ends" for the Cypherpunk remailers. This seems > like a good idea (provided that the technical problems can be overcome), > but I'd like to propose an addition. I don't see the advantage of having behind-the-scenes remailers. The addresses of the front-end remailer(s) will have to be advertised, and that is where people will think of the service as originating. That is where their attacks will be focussed. It won't matter if there are other systems involved with the remailing. If one front-end gets shut down then yes, it would be nice to have another. Again, I don't see how this is made much easier by the existance of multiple back-end systems. Penet has not been replaced yet, and I think the reason is because nobody wants to take the heat for running such a system. What difference does it make whether you are running front-end software or an entire remailer? Either way you have to be a system manager in order to install new mail aliases ("an12345", etc.). There just aren't that many system managers out there willing to take on the traffic load and the political heat for a service which they may not even believe in that strongly. > Now, as I understood the suggestion from Joe Thomas, the Cypherpunk > remailers behind the front ends would only be "visible" to the people > involved in running the service. This would certainly make the remailers > more secure, since the net.fascists would not know who to terrorize to > can the remailers. Again, saying that it is the back ends which are the remailers is misleading. As far as the net at large will be concerned, it is the front end which is the remailer. That is where you send your mail if you want it to be remailed. That is where the heat will be. And shutting down all the front ends will shut down the remailing service. The existance of back ends does not affect the strategy used by our opponents, nor does it give us any additional defense that I can see. > Although I certainly may be misunderstanding something, I don't really > see why the users of the service would ever need to see a message about > "if mail to here bounces, try there." Shouldn't the loss of a remailer be > dealt with entirely "behind the scenes," by the service administrators? How could this be done? If I still try to send mail to an1234@anon.penet.fi, it will not be remailed. If Julf does start enabling such messages to be remailed, by forwarding or by any other way, he will presumably face the same consequences which convinced him to stop. On the other hand, if all messages from a remailer say "reply to address A; if that doesn't work try B, and then C" then I can guarantee that when net powers try to shut down the remailers they will go after A, B, and C. Exposing their names like that will just give opponents of anonymity more time to marshall their forces against these alternative remailer sites. I think the only reasonable approach is to make the remailer code widely available, and to try to convince people to run it who are in a position not to be exposed to pressure. From earlier postings here, it sounds like someone who is paying his own money for a UUNET connection, which someone said costs about $50 per month (what does that $50 include?), would be a good choice. It sounds like UUNET is not going to cut off a paying customer just because others complain about his use of the net, particularly if it is true that UUNET is a immune to legal threats about what they carry. If he who pays for the feed is willing to carry the remailer traffic then he should be immune to pressure. Hal Finney 74076.1041@compuserve.com -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK7SyjagTA69YIUw3AQEVkwP/T6VMZJToUCvNnBTwrYZRKiJarxproRRP usOFFWyQ27ABBGypS79PfJmJZUyJAuZkAGExEapMTF/Nh0zNb8feZimfJk8A7SbM 5CvlITUMJsjmNCvk/HeeJadhkADyFiD9zRbuZiSzPGNCankt4lCxoGA2qIDklBYp ZlcMs+eHxbs= =IT8B -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Sat, 27 Mar 93 15:28:55 PST To: CYPHERPUNKS Subject: ANON: Mark anon. posts a Message-ID: <930327232219_74076.1041_FHD20-2@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- I sent mail to Cypherpunks on this a couple of days ago, but it never appeared. There is a problem with the notion that all "anonymous" remailers and news-posting services should label their messages as anonymous so that users can decide whether to read them or not. This approach abandons one of the strongest arguments in favor of anonymous remailers, which is that the net is inherently an anonymous environment. Especially as more public access Unix systems, BBS systems, and so on become part of the net, we are going to see less and less of the strict controls on identity which were possible when the net was restricted to a few government labs and large universities. The level of anarchy will inevitably increase as larger numbers of people acquire net access. Unless massive and universal authentication efforts are undertaken, it is going to be more and more the case that you will know little about the true identity of a poster. Because of this, those who object to having to read the words of an "anonymous" poster are taking an untenable position. They are already reading words of people about whom they know no more than they would about an anonymous poster. And the argument that "non-anonymous" posters are subject to a form of discipline not available to anonymous posters - messages to the system operator - is clearly falsified by the existance of many sysops who care nothing about complaints. As more and more people run their own machines with net access, these cases will only increase. In short, we anonymous remailer operators have every right to be part of the net. We introduce no more problems than are already happening and will continue to occur as the net grows and becomes more universal. The resistance we've seen is from old-time sysops who are unable to adjust to a changing network environment. Rather than placating obsolete beliefs about network identity by agreeing to mark our messages with the scarlett letter A for anonymity, by accepting that we deserve to be in a ghetto set aside for inferior posts, I feel that we should challenge the net with messages that blur the distinction between anonymous and authenticated posts. The sooner people realize that there is no line that divides the clean from the unclean, the sooner anonymity will be widely accepted on the net. Hal Finney 74076.1041@compuserve.com -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK7S2oqgTA69YIUw3AQEfagP8DlzINcvUDn7jc351S+hHTBz5NtB3RbRC l+0rgltFcn6QxWaE0GsWFcOa6RcPOe1DOTlwiJejiT6MbnfuDopbUoS98bCiIzLE 0Q2ZVhtsfLs5zFdUj08bRzzU7zyuzSmNoSsCx01O6OiGZB/zs0PEnx/0XqRtXFD2 RM1YTCPIF7Y= =0zw5 -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wixer!pacoid@cactus.org (Paco Xander Nathan) Date: Sat, 27 Mar 93 17:48:55 PST To: cypherpunks@toad.com Subject: REMAIL: Anon. remailers Message-ID: <9303280123.AA04407@wixer> MIME-Version: 1.0 Content-Type: text/plain One alternative would be to use the technology within its own narrative.. If IP providers and other sysops are *annoyed* that an anonymous remailer passes "untraceable" email, why not have a remailer that passes email with a trail of encrypted SASE ?? That way, the identity of the person posting is preserved, albeit not the physical location.. pxn. pacoid@wixer.cactus.org From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@alumni.cco.caltech.edu Date: Sat, 27 Mar 93 20:37:54 PST To: cypherpunks@toad.com Subject: Re: ANON: Shutdown of Anon.penet.fi Message-ID: <9303280437.AA23525@alumni.cco.caltech.edu> MIME-Version: 1.0 Content-Type: text/plain It is fruitless to try to guess the identity of the famous network personality. You only tar innocent people. The truth will come out, more likely sooner than later. Nowhere, Man From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Round Waffle Date: Sat, 27 Mar 93 19:12:58 PST To: cypherpunks@toad.com Subject: Re: TEMPEST in a teapot In-Reply-To: <9303272031.AA36215@hal.gnu.ai.mit.edu> Message-ID: <9303280311.AA28562@titan.ucs.umass.edu> MIME-Version: 1.0 Content-Type: text Possessed by The Unholy, ghoast@gnu.ai.mit.edu scrawled the following in blood: > I've been told that the CRT is not what is generating the signals at all, rather > that it is the CPU, and that having an LCD screen won't save you, strength of > signal reduced or otherwise. > Actually, it's almost entirely the cables, and somewhat the screen (CRT, that is). A shielded CPU box isn't going to be giving off really any appreciable amount of RF waves, certainly not enough to read coherently. An LCD will help, since they don't emit the same kind of signals (no CRT), and no cables going to them. +- eggo@titan.ucs.umass.edu --><-- Eat Some Paste -+ +- Yorn desh born, der ritt de gitt der gue, -+ +- Orn desh, dee born desh, de umn bork! bork! bork! -+ +----------------- The Durex Blender Corporation -----------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: David Heck Date: Sat, 27 Mar 93 20:07:25 PST To: cypherpunks@toad.com Subject: Speaking of TEMPEST.... Message-ID: <9303280407.AA07006@toad.com> MIME-Version: 1.0 Content-Type: text/plain I was able to procure a tempest specced HP Laserjet + (model 2686 TA), used around a year ago and recently did a motherboard swap to upgrade the unit to 2mb of RAM...wasn't all that much to rip apart and put back together...even with all the damn machined-screws and shielding, the thing still emits a fair amount of noise, but no farther than the room it's in... I checked all my cables and system box and switched to shielded cables and cleaned up the the noise as best I could...interesting design and at least I would see the damn snoops...they'd have to be in my front yard to pick it up...anyone else hack any used TEMPEST stuff? David a.k.a. Unixorn From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Sat, 27 Mar 93 22:46:25 PST To: O1DSH@VM1.CC.UAKRON.EDU (David Heck) Subject: Re: Speaking of TEMPEST.... In-Reply-To: <9303280407.AA07006@toad.com> Message-ID: <9303280644.AA11996@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain > I was able to procure a tempest specced HP Laserjet + (model 2686 TA), > used around a year ago and recently did a motherboard swap to upgrade > the unit to 2mb of RAM...wasn't all that much to rip apart and put back > together...even with all the damn machined-screws and shielding, the thing > still emits a fair amount of noise, but no farther than the room it's in... How does one go about testing such a thing? > I checked all my cables and system box and switched to shielded cables and > cleaned up the the noise as best I could...interesting design and at least > I would see the damn snoops...they'd have to be in my front yard to pick it > up...anyone else hack any used TEMPEST stuff? Is there any way of Jamming a computers emmisissions? Just a thought. +----------------------+----------------------------------------------------+ | J. Michael Diehl ;-) | I thought I was wrong once. But, I was mistaken. | | +----------------------------------------------------+ | mdiehl@triton.unm.edu| "I'm just looking for the opportunity to be | | Thunder@forum | Politically Incorrect! | | (505) 299-2282 | | +----------------------+----------------------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eli Brandt Date: Sat, 27 Mar 93 23:35:48 PST To: cypherpunks@toad.com Subject: Re: Speaking of TEMPEST.... In-Reply-To: <9303280644.AA11996@triton.unm.edu> Message-ID: <9303280735.AA11161@toad.com> MIME-Version: 1.0 Content-Type: text/plain > How does one go about testing such a thing? Anything that is interfered with will work, but listening to an AM radio tuned to maximal interference is easy. When you have no audible interference, though, it just means that there's none left that this will pick up. > Is there any way of Jamming a computers emmisissions? Just a thought. Technically, sure. But you'd need some kinda broadband licence to operate it... legally. > | J. Michael Diehl ;-) | I thought I was wrong once. But, I was mistaken. | PGP 2 key by finger or e-mail Eli ebrandt@jarthur.claremont.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc.Ringuette@GS80.SP.CS.CMU.EDU Date: Sat, 27 Mar 93 23:26:59 PST To: cypherpunks@toad.com Subject: ANON: real-person newsgroups Message-ID: <9303280726.AA11118@toad.com> MIME-Version: 1.0 Content-Type: text/plain Hal Finney (I think) writes, > the net is inherently an anonymous environment. > ...The sooner people realize that there is > no line that divides the clean from the unclean, the sooner anonymity will > be widely accepted on the net. But there _is_ a line, and people will likely want to draw it. It's true that currently there aren't any security guarantees to prevent a person from pretending to be someone else, but there will be. PEM certificates will distinguish between real people and personas. A public-key-authenticated "real person newsgroup" can be implemented. This raises the possibility that most newsgroups will transition to real-person-only status. This will cramp the style of those of us who wish to participate in the net using a persona. I think a major task ahead of us is to provide an alternative to "real people = good, personas = bad", and to put forward alternatives to "real person newsgroups" which are tolerable to most and more palatable to us. So what's the distinction we might wish to put forward instead of "real person"? "Paying customer", perhaps, or "respected reputation"? Yeah, that sounds good. Maybe it's time to set up some reputation based newsgroups, with a means of keeping track of who has been posting good stuff, and of filtering for credibility. -- Marc Ringuette (mnr@cs.cmu.edu) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sun, 28 Mar 93 08:58:12 PST To: cypherpunks@toad.com Subject: ANON: real-person newsgroups In-Reply-To: <9303280726.AA11118@toad.com> Message-ID: <9303281938.AA29951@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Marc Ringuette writes: >PEM certificates will distinguish between real people and personas. >A public-key-authenticated "real person newsgroup" can be >implemented. I am opposed to "is-a-person" credentials, especially of the type "is-this-specific-person". The knowledge of personal identity is in most cases not salient. We are in danger of creating a system similar to the SSN fiasco, where a public identity is now not only a number but a cryptographically protected one. When such a system exists, there will be strong pressures to use it for other purposes, just as there are with SSN's. In short, do not support the PEM certification hierarchy in any way. If you are in a corporate position with the power to make this decision, nix it. If you are an individual, do not get or use these certificates. Do not even get persona certificates; it strengthens the person identification system by its negative. >I think a major task ahead of us is to provide an alternative to >"real people = good, personas = bad", and to put forward alternatives >to "real person newsgroups" which are tolerable to most and more >palatable to us. Newsgroups could be the first structure to require identity, and they wouldn't be the last. We need alternatives before authentication to real people becomes prevalent. I fully agree that the creation of better structures is pressing on us. I would prefer to be the default and make PEM "the alternative". >So what's the distinction we might wish to put forward instead of >"real person"? "Paying customer", perhaps, or "respected reputation"? The simplest replacement for "real person" is "public key." Carl Ellison argues mightily and well for this, and has for several years. By going to just public key, you can support other models and retain continuity of conversation, where that is desired. >Yeah, that sounds good. Maybe it's time to set up some reputation >based newsgroups, with a means of keeping track of who has been >posting good stuff, and of filtering for credibility. We need to set up some replacement for the existing fora. Here are some of the characteristics I've thought about: 1. Eliminate the default behavior to transmit everything received. On both mailing lists and newsgroups, everthing anybody wants to say to is sent to the whole group. There are two common restrictions on this. One is closed mailing lists, where the same default transmission occurs but is a closed group. That group can get large, however, and manifest all the probelms of an open group. The other is to use a moderator, or more accurately an approver, to pre-read all the material before transmission. So default transmission has to go. What will replace it? Whatever it is, it must have the characteristic that there will be posts that will not be sent to everybody when they first arrive. Simple, but this is an extremely important characteristic of any future forum. I think the origin of this behavior lies in the UUCP origins of newsgroups, where interactive use was difficult and expensive, and where mail delivery turnaround times were measured in days. Back then, it actually was better to do default transmission, especially in a fairly homogenous environment where most people got along OK. 2. For bootstrapping purposes, default transmission must be supported to some subset of the member of the forum. This seems to directly conflict the point made above. Default transmission must be supported to some, but can't be to all. If you require that anybody who wants to use this new forum install "work-in-progress" software in order to participate, you'll cut out most of your participants. Now people won't participate unless there's some content to the forum, and that will have to be provided by more than just the users of the new software. 2a. Corollary: A "lurker-only" mode must always be supported. There will always be those who just want to listen who are not expected to otherwise participate. A lurker mode, by its nature, will be default transmission, but not of the whole discussion, perhaps. 3. The social relations among individuals must not have any assymetry enforced by the software. A moderator, for example, is in a different position than any other list participant. That means that all people must be able to participate in deciding what they want to read and what they want to say about what they've read. 4. The development of social assymetries must not be prevented by the software. Some people will want to ignore others and want to listen only to others. When these preferences become commonplace, there are optimizations that can take place which create assymetries, for example, by doing transmissions to lurkers based on the ratings of the most respected group members. 5. Since people must base their decisions on something other than the content of the postings themselves, and since meta-traffic about postings shouldn't completely overwhelm the forum itself, it is desirable that ratings be specified in some contrained grammar, preferably very small and machine-parsable. 6. There must exist a mechanism for ensuring that the aggregate rating information is not unbounded. This is a subtle point which I illustrate with an analogue: in an adventure game, there must be some limit on the total amount of money. If voting is completely unconstrained, you quickly get vote inflation and the devaluation of an individual's opinion. If I can vote one hundred times for myself, something's wrong. Therefore I suggest that opinion votes be issued similarly to money. Each person voting gets to withdraw one "permission to publish an opinion" per message, withdrawn by a blind signature, and then gets to use it however they want. They can cast it themselves, or give it someone else to cast by proxy. (Note that a blind signature is an interactive protocol.) You want a blind signature to avoid the trap of revealing privacy information by default. If someone wants to say what they thought, they are, of course, free to do so. 7. Participants should have the ability to distinguish between blind votes and public votes. People should have the option of ignoring the "prevailing wisdom," especially when that prevailing wisdom tends to crush minority opinions. 8. The rating system should be separable from the transmission system. This is to allow multiple rating systems to emerge. A rating collective built on top of a mailing list, for example, could get a full feed of all posts, but not transmit all of them to all of its members. 9. Someone is going to have to look at the really awful stuff in order to rate it negatively. "I just don't want it to be me." Many will say this, no doubt. That's all for now. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sun, 28 Mar 93 09:13:28 PST To: cypherpunks@toad.com Subject: ANON: Mark anon. posts a In-Reply-To: <930327232219_74076.1041_FHD20-2@CompuServe.COM> Message-ID: <9303281953.AA00227@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Hal writes: >[...] one >of the strongest arguments in favor of anonymous remailers, which is >that the net is inherently an anonymous environment. It is anonymous by default. If someone wants to break anonymity, they may. I make this stronger below. >In short, we anonymous remailer operators have every right to be part of >the net. We introduce no more problems than are already happening and >will continue to occur as the net grows and becomes more universal. We create no new problems to be sure; we just bring them on faster, in order to prepare for them. >Rather than placating obsolete beliefs about network identity by agreeing >to mark our messages with the scarlett letter A for anonymity, by accepting >that we deserve to be in a ghetto set aside for inferior posts, I feel that >we should challenge the net with messages that blur the distinction between >anonymous and authenticated posts. I agree. Hal argues that this means not marking anonymous posts. I disagree with this technique. My solution to this is to make the posting anonymous but to sign the post with your real name. (Yes, that means however _you_ construe your real name.) If we wish to blur the distinction, we should make the means of transport anonymous and the contents of the posting named. Surely this blurs the distinction between named and anonymous posts. People will ask "Why would anyone not want the routing information revealed when they are saying who they are?" This question, even merely asked, has positive effects. It makes one aware that identity is not an email address, nor is accountability the ability to complain to an authority. It allows people to kill anonymous posts out of whatever spite they feel to "those cowardly hypocrites". It also allows the worst excesses to be restrained. Yet if there is a visible group of respected individuals who use anonymous mechanisms for reasons other than avoiding rebuttal, those who unrestrainedly ignore anonymity will find themselves missing out. I suggest that those who participate in news.admin.policy and sci.crypt be the first to start this practice. The more respected users of anonymous servers there are, the greater will be the incentive not to ignore anonymity completely. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sun, 28 Mar 93 09:17:40 PST To: cypherpunks@toad.com Subject: REMAIL: "Stealth" Remailers In-Reply-To: Message-ID: <9303281958.AA00395@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Edgar writes: >I have an idea for making remailers more difficult to find. [added extra Received: fields to obscure the actual origin] I do not think that any solution which requires deception in order to work is a good solution for creating a social agreement. We should implement systems that are upfront about their activity. We wish to say "I am protecting the privacy of others, and in doing so I am protecting my own." We do not wish to say "Who, me?" and be roundly disbelieved. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sun, 28 Mar 93 09:26:28 PST To: cypherpunks@toad.com Subject: alt.hackers post Message-ID: <9303282007.AA00701@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Rusty Babani forwarded me my hackers postings from six months ago. Thanks! Here they are (in two messages). Eric ----------------------------------------------------------------------------- From: hughes@soda.berkeley.edu (Eric Hughes) Newsgroups: alt.hackers Subject: Remailer that will run on a user account Date: 25 Sep 92 16:17:25 GMT Distribution: alt Organization: /accounts/hughes/.organization Lines: 347 What follows are a couple of postings to the recently formed cypherpunks mailing list. They are tutorial in form because the list is not entirely hackers. Enjoy and deploy. Eric ============================================================================= How to Make an Automated Remailer in Your Copious Spare Time with Easy to Find and Inexpensive Software Tools You May Have Lying Around. The basic remailer illustrates how to hook in automated software processing into the Unix mail system. Here are the basic elements. 1. .forward 2. slocal and .maildelivery 3. remail.perl 4. /usr/lib/sendmail -------------------------------------------- 1. .forward Unix mail provides a way to have accounts on many different machines but to receive all your mail in one place. That facility is the .forward file, which resides in the home directory. The file is one line long and contains the email address to which the mail will be forwarded. But the .forward file has another mode of operation. If the string begins with the pipe character '|', the mail will be piped through the program listed. Enclose the string with double quotes if you need spaces included. Here is my .forward file: "| /usr/local/lib/mh/slocal -user hughes" Thus all my mail gets processed by the slocal program, described next. I don't know where the man page for .forward is. Perhaps someone could provide a reference. --------- 2. slocal and .maildelivery The software system MH contains a bunch of useful tools for handling mail, only one of which we need. For details on MH, do 'man mh'. MH has a nice little mail hook processor called slocal. Its docs can be found by 'man mhook'. slocal can conditionally perform operations on mail messages and consider them either delivered or not. It allows multiple operations on individual mail messages. slocal reads the file .maildelivery when it starts up for instructions. Here is my .maildelivery file: # # field pattern action/ string # result (quote included spaces) # Request-Remailing-To "" pipe R "perl remail.perl" Request-Remailing-To "" file R archive.remailer The various pieces of the .maildelivery file are fully documented in the man page. I'll just explain what mine does. Each line describes one operation to be performed on each incoming mail message. Fields are separated by whitespace, so if you need to include spaces, use quotes. The first field, labelled field, is the mail header field to look for. slocal can selectively process on any header line. If the header line does not exist, then the mail does not match this line and no operation is performed. If the header line does exist, processing continues. The second field, pattern, is a text string to match with the contents of that header line, i.e. with everything after the colon. In my case, I put the empty string in, which matches everything. You need the pair of quotes to have a placeholder for the field contents. The next field, action, tells what to do with the message. 'pipe' sends the message to the standard input of the named program. 'file' appends the message to an archive or log file. A useful pipe command for testing is "tee foo", which makes a copy of the message in file foo, but does not append, so that you get an exact copy of what slocal is going to pass to your pipe. This allows testing of the pipe program without sending yourself mail all the time. The next field, result, tells what to do with the message after processing. I am currently using R for Regardless to indicate that this action should always be performed no matter what. The code R indicates that the mail should be considered not delivered after processing; thus slocal writes the mail back into my local spool and I see it as normal. Later, after I'm sick of looking at all the forwarded mail, I'll change this code to A, meaning if the processing succeeds, then the mail is considered delivered. The archive file will always remain R. The last field, string, is the parameter to the action. It is a file name or program. Use quotes to include spaces. The name of my mail processor is "perl remail.perl", which is to run the perl script remail.perl on the mail. The .maildelivery file is also the place to put encryption hooks to automatically decrypt the bodies of messages. More on that in a future version. --------- 3. remail.perl Perl is a wonderful language for doing all sorts of useful work like processing mail headers. Do 'man perl' for details, or get the O'Reilly book and really learn how to use it. The perl script, in summary, strips off the mail headers, saving the Subject: line, rewrites a new header, and appends the body of the previous message. Here is the script: --------- cut here --------- while (<>) { last if /^$/ ; $subject = $_ if /^Subject:/ ; if (/^Request-Remailing-To:/) { chop ; s/^.*:// ; $addressee = $_ ; } } #open( OUTPUT, ">foo" ) || die "Cannot open 'foo'." ; open( OUTPUT, "| /usr/lib/sendmail " . $addressee ) ; select( OUTPUT ) ; print "To:" . $addressee . "\n" ; print "From: nobody\n" ; print $subject ; print "Remailed-By: Eric Hughes \n" ; print "\n" ; while (<>) { } continue { print ; } --------- cut here --------- Here is a summary of the operation. To really understand this, you'll have to learn perl. The while loop processes standard input. 'last' terminates the loop as soon as a blank line is seen. A blank line separates the header from the body. The subject line, if seen, sets the subject variable to the whole subject line. The Request- header line has its final newline removed, the contents up to the colon substituted into nonexistence, and saves the rest in the addressee variable. Next the pipe to sendmail is opened and its output is selected so that all print commands will go to the pipe. There is a comment for a different output channel to the file foo which can be commented in for testing. Next the remailed header is constructed out of print statements. Lastly the rest of the standard input is passed through unmodified to the output channel. The while loop terminates when there is no more input. --------- 4. sendmail sendmail is the backend mailer; it expects complete mail messages and does not usually generate any line itself except for the first "From" (with no colon) line. Any header you construct will thus get passed through mostly unmodified. Hence you can put in any "From:" line you want and any other header info, such as my "Remailed-By:" line. sendmail expects the name of the addressee on its command line, otherwise it puts an "Apparently-To:" line in the header. Any mail processor which remails should probably go through sendmail, although it would also be possible to talk to an SMTP port directly, were you so motivated. MH also has some remailing programs; see 'man mhook'. --------- A few words for tinkerers. -- You can always send mail to yourself. Especially after you've done one kind of mail processing and want to pass the mail through the filters again. -- When getting started, create an empty .maildelivery file first and then get your .forward file working. Test it by sending messages to yourself. If you're not getting them, they are going into the bit bucket. All your other mail will as well, in this case, so if you can't afford to lose mail, do it right the first time or work on a spare account. -- Any mail slocal does not process will get delivered as normal. Running a remailer will not interfere with your other work. -- Remember to use quote marks. -- You don't need to be a sysadmin to run this kind of remailer. There is nothing, however, to prevent a sysadmin from running this sofware under an alias. The sysadmin is also a 'trusted user' to sendmail and can get rid of pesky "From"-no-colon lines. -- Perl has a random function which could be used to automatically choose various "From:" lines from a database. Remember to include yeltsy@kremvax.rus. -- postnews or inews could be substituted for sendmail. Different header lines would have to be created. Such a service could run in parallel with a remailer. You too can now repost to alt.sex.bondage! Enjoy. And watch for interesting improvements like encryption. Eric ============================================================================= The hopping remailer is finished. I wrote it this morning. The change to make a hopping remailer is very easy. Here's the new perl script: --------- cut here --------- while (<>) { last if /^$/ ; $subject = $_ if /^Subject:/ ; if (/^Request-Remailing-To:/) { chop ; s/^.*:// ; $addressee = $_ ; } } #open( OUTPUT, ">foo" ) || die "Cannot open 'foo'." ; open( OUTPUT, "| /usr/lib/sendmail " . $addressee ) ; select( OUTPUT ) ; print "To:" . $addressee . "\n" ; print "From: nobody\n" ; print $subject ; print "Remailed-By: Eric Hughes \n" ; # # check to see if there are header lines in the body to collapse # into the full header. # if ( $_ = <> ) { if (/^##$/) { # do nothing if the pasting token appears # the rest of the body will be directly appended # this allows for extra header lines to be added } else { # normal line print "\n" ; print $_ ; } } else { # empty body exit ; } while (<>) { } continue { print ; } --------- cut here --------- Short explanation. The 'print "\n" ;' line was moved inside the new if statement. The if statement reads a line of the body and stops the script if there is no body. The line read is tested to see if it contains the two characters "##" alone on the line. "##" is the ANSI C token pasting operator. If there is no pasting, a blank line is printed to mark the end of the header and the first line of the body is printed. If there is pasting, then the conditional does nothing, which has the effect that the body is appended directly onto the end of the header, allowing you to add more header lines after the header is rewritten. Here is a sample message that I sent myself after the new script was installed: --------- cut here --------- To: hughes Subject: multiple hops Request-Remailing-To: hughes ## X-Hop: 1 Request-Remailing-To: hughes ## X-Hop: 2 Request-Remailing-To: hughes ## X-Hop: 3 This is a test message of multiple hops. Eric --------- cut here --------- I received four pieces of mail after sending this to myself. The first was the actual letter, which is still delivering normally and not being filtered. The next two were the first and second remailings; they had X-Hop: 1 and 2. The last message was the final one, had X-Hop: 3 in its header and was delivered normally. At each stage, the header got rewritten and a new Request-Remailing-To: line inserted. When that mail got delivered, it was again rewritten, with a new remailing request. This process is extensible up to the 50K or so practical limitatation on mail size. Note that this system is not at all secure by itself. But if each message body were encrypted first, and the message first decrypted before the header re-write took place, the routing instructions as a whole would be hidden from prying eyes. That's the next project. Eric ============================================================================= To be on the cyhperpunks mailing list, mail to cypherpunks-request@toad.com I'll put you on. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sun, 28 Mar 93 09:27:10 PST To: cypherpunks@toad.com Subject: alt.hackers post Message-ID: <9303282007.AA00730@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Here's the other one Eric ----------------------------------------------------------------------------- From: hughes@soda.berkeley.edu (Eric Hughes) Newsgroups: alt.hackers Subject: a new feature of the remailer Message-ID: Date: 9 Oct 92 13:58:48 GMT Distribution: alt Organization: /accounts/hughes/.organization Lines: 191 Here is the third in the series of articles on the remailer. Remember, these are meant to be fairly tutorial. Eric ----------------------------------------------------------------------------- There's a new feature in the remailing software. Some people can't add arbitrary header fields because of mailer or gateway restrictions. This restricts them from using the remailer. I have added a facility to allow new header fields to be pasted onto the end of a header when the mail arrives. This effectively happens before processing by the remailer software. These new fields exist during transit in the message body, where they remain untouched. Only after the message is delivered to my account does this operator take effect. Syntax: If the first line of the body is the two characters "::", then the following lines are appended to the header, up to the next blank line. Here's how it works. First of all, here's my new .maildelivery file: ------- cut here ------- # # field pattern action/ string # result (quote included spaces) # Request-Remailing-To "" pipe R "perl remailer/remail.perl" Request-Remailing-To "" file R remailer/archive * "" pipe R "/usr/local/lib/mh/rcvtty -biff" * "" pipe ? "perl remailer/incoming.header.perl" ------- cut here ------- Comments are indicated by #. The Request-Remailing-To lines have been there. The second of the makes an archive for debugging purposes. It will go eventually. The third field, "*", indicates all fields, it runs 'rcvtty' on my mail; this replaces the function of biff, since mail is getting piped to slocal now, disabling biff. The last line is the important one. It says "If the mail hasn't been delivered by now, run the incoming header rewrite script on it. If that doesn't work, continue trying to deliver it." Now here's the trick. slocal has no way of taking the output of the rewrite and continuing to process it. (It should. It would make this whole job easy.) So in order to continue processing, you need to redeliver the mail. You could invoke sendmail and mail it back to yourself, but that would mangle the existing header. So the thing to do is to recursively invoke slocal from within the perl script. Here's the perl script to do all this: ------- cut here ------- # First read in the whole header. # We check for the Second-Pass: line to detect infinite loops. while (<>) { last if /^$/ ; exit 1 if /^Second-Pass:/ ; $header .= $_ ; } # We have just read the last line in the header. # Now we check to see if there is a pasting operator. if ( ( $_ = <> ) && /^::$/ ) { while (<>) { last if /^$/ ; $header .= $_ ; } } else { # There is either an empty body or no pasting operator # Thus exit with a return code of 1 to indicate that # the mail has not been delivered. exit 1 ; } # There was a header pasting operator. # So we open 'slocal' as a pipe, effectively redelivering the mail # back to ourselves. #open( OUTPUT, ">foo" ) ; open( OUTPUT, "| /usr/local/lib/mh/slocal -user hughes" ) ; select( OUTPUT ) ; # print a "From " line to satisfy slocal @weekdays = ( "Sun","Mon","Tue","Wed","Thu","Fri", "Sat" ) ; @months = ( "Jan","Feb","Mar","Apr","May", "Jun","Jul","Aug","Sep","Oct","Nov","Dec" ) ; ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime ; printf "From hughes %s %s ", @weekdays[ $wday ], @months[ $mon ] ; printf "%2d %02d:%02d:%02d 19%d\n", $mday, $hour, $min, $sec, $year ; # Now just print out the message print $header ; print "Second-Pass:\n" ; print "\n" ; while (<>) { } continue { print ; } ------- cut here ------- Here's how the perl script works. The first loop reads lines from the existing header. When it sees a blank line (regexp /^$/) it terminates the loop. If it sees a field "Second-Pass", it knows it has filtered this message before and exits with a return code indicating that the mail has not been delivered. The variable $header is appended with the current header line. $header contains the whole header when the loop terminates. Properly speaking, the Second-Pass test is not necessary to detect infinite loops. Since the pasting operator gets removed during the rewrite, the script won't return an exit status of 0 more times than the pasting operator appears. But should something get screwed up, such as a different module adding pasting commands (how? I don't know), the Second-Pass test should prevent infinite recursion. The next statement reads another line from the input file. This line is the first line of the message body. If this line is the pasting operator, then header lines are accumulated in $header as before until a blank line. The difference is that these header lines are being read from the body of the message. If there is no pasting operator, the script exits undelivered. At this point we now have to redeliver the message back to ourselves. We first open slocal as the output pipe. The next section is a kludge. It turns out that slocal strips off the out-of-band "From " (no colon) line that the mail delivery system uses. In other words, the message which slocal pipes into its pipes is not identical to the message it itself received. This means that slocal cannot be directly recursed. What this section does is to create a "From " line to make slocal happy. It calls localtime() and then formats those numbers into the proper form. It turns out that slocal will deliver this mail without the "From " line, even to /usr/spool/mail, but it doesn't do so properly. On my system, in added some delimiters which I think I've tracked down to the 'mtstailor' file, namely mmdelivery1 and mmdelivery2. Since these are not null on my system, there's some garbage added which screws up separation of the spool file into messages. Adding a "From " line fixes that. This misbehavior may not be so surprising, considering that slocal was "meant" to be invoked only in a .forward file. Now we print the variable $header which contains the whole header, including newlines. Using a single string removes the need for an array. We added the Second-Pass line and a blank line for the end of the header. The final loop prints out the rest of the message body. There is another way to proceed to get the same functionality. One could write a filter to translate the first occurrence only of \n\n::\n into \n. We could then pass the message through this filter before slocal saw it. And for now, that would do the same thing. But suppose we want more that one rewrite rule active? Then you would only be able to apply each rewrite rule exactly once in fixed order. You want to be able to rewrite a message and then apply all the rewrite rules again. At least one other rewrite rule is planned: automatic decryption. Since decrypting a message will completely change the body, and since some of the header fields may need to be hidden, you have to be able to decrypt the body and then paste on header lines. But since you need to indicate an encrypted body by a header line (well, not really, but it's more reliable), and since some people can't add these header lines, you need to paste lines before encryption as well. Thus the rewrite rules need to be applied asyncronously and hence I'm using a fairly complex slocal scheme to do a simple filter. Eventually I hope to write an equivalent to slocal which knows about message rewrites and simple filters, but that's for later. ----------------------------------------------------------------------------- To follow this project (and others soon to be started), send mail to cypherpunks-request@toad.com and I'll add you to the mailing list. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Dan McGuirk Date: Sun, 28 Mar 93 10:43:05 PST To: cypherpunks@toad.com Subject: Penet.fi replacement up Message-ID: <9303282130.AA00433@enws302> MIME-Version: 1.0 Content-Type: text/plain I just wanted to let everyone know that another penet.fi-style anonymous service has been set up. It works the same as anon.penet.fi did for anonymous mail, but it only allows anonymous posting to about ten newsgroups. For information, send a message to "anonymus+info@charcoal.com" (yes, anonymous should be misspelled). From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eli Brandt Date: Sun, 28 Mar 93 16:17:30 PST To: cypherpunks@toad.com Subject: a blackmail opportunity Message-ID: <9303290017.AA05745@toad.com> MIME-Version: 1.0 Content-Type: text/plain While writing some appropriate paranoia for a canned response to remailer info requests, I realized that running a remailer is a perfect prelude to blackmail. An unscrupulous person running a remailer can obviously keep records of truenames, along with messages that their senders do not want associated with them. Making use of this information could involve a scenario to the crypto-extortion previously discussed, but blackmail would be far more believable than anonymous threats. Alternatively, the blackmailer could be low-tech and resort to present techniques. Always encrypting helps with mail, but not with news. PGP 2 key by finger or e-mail Eli ebrandt@jarthur.claremont.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Lord Krieg" Date: Sun, 28 Mar 93 18:42:51 PST To: "cypherpunks" Subject: anonymous services Message-ID: <9303290242.AA09702@toad.com> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- After reading Mr. Finney's response to my comments, I can see that I really shouldn't try to make suggestions on how an anonymous service should be implemented. I clearly don't have the knowledge necessary to address this subject without sounding like an idiot. :-) So... I'll instead simply say what I would like to see in an anonymous service, and I'll leave discussion of the technicalities to people who know what they're talking about. I'd like to see something which combines the strengths of the different types of anonymous services while reducing or eliminating the weaknesses. A service which can be used as easily as anon.penet.fi would certainly be nice. I'd also like to see encryption available as an option. Ideally, messages would not _have_ to be encrypted. Making encryption optional would be good for paranoid individuals such as myself, while making the service more accessible to people who are willing to sacrifice security. This would also accomodate people within the U.S. who want to use the service put are afraid of Mr. Sternlight. :-) I like the way the Cypherpunks Remailers let users chain and encrypt their messages so that even the remailers can't know both the sender and recipient. This is something I'd also like to see in a new anonymous service. I still think that one or more back-up servers would not be a totally bad idea. I realize that I don't know what I'm talking about, but I just don't understand why it would be impossible to have a back-up server (with a copy of the active server's database) on standby. I'm not saying that the existence of such a back-up should be advertised--I just think that it should be possible to have somebody set up a backup _without actually running it_ so that when the active server gets shut down, it can quickly step in to take over. Oh, and on a unrelated subject... Could anybody with information on $50/month UUNET connections please send it to me, or tell me who I should write to about it? Thanks in advance. Kenneth G. Hagler ********************************************************************** * Internet: cvadsaav@csupomona.edu * My insurance company * * Phone: (909) 865-7751 * is Beretta U.S.A. * * PGP 2.2 key available on request * * *--------------------------------------------------------------------* * ...study of the military arts will make one who is naturally * * clever more so and one who is born somewhat dull rather less * * so. * * --Daidoji Yuzan Shigesuke, _Budo Shoshinshu_ * ********************************************************************** -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK7aFnSipatcRAyu9AQF6UgQAwmchM/JwJS16i/FA6MF0yVAhUg2gpkX2 osLEPpPrlISCwy1dulBxpHJhFyIVSshTx2J5962efiw4pR9+/1F47tOESFHbGLN1 yfKU1pJo1pNyh2ZX72YKK2AvOvAtgz22sXZK01I7jDJbCZdvfoha2T1c5H4KfRQ6 23ddGKcUOVc= =VXNO -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: miron@extropia.wimsey.com (Miron Cuperman) Date: Sun, 28 Mar 93 12:45:57 PST To: cypherpunks@toad.com Subject: Re: REMAIL: "Stealth" Remailers In-Reply-To: Message-ID: <1993Mar28.223940.23755@extropia.wimsey.bc.ca> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- edgar@spectrx.Saigon.COM (Edgar W. Swank) writes: >I have an idea for making remailers more difficult to find. This >applies only to systems where the remailer operator owns the >system, such as at wimsey.com. (But a "system" can be just Make that "extropia.wimsey.com". "wimsey.com" is my feed. - -- Miron Cuperman | NeXTmail/Mime ok | Public key avail AMIX: MCuperman | PSM 18Mar93 0/0 Laissez faire, laissez passer. Le monde va de lui meme. -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK7YpDpNxvvA36ONDAQH6TQP+MvdAXTKDqzDgKJVHgsw5qBab+SEYsYRh ohCmrAkY5Y+N7RFRuwIv1COiE8Z9o67SYLWZ+yxCrBjF9SM2gAPlxIRCy/sK7BjZ /x5t7Znhhip1ihkh8lAqV6VHPz4L692x7j0yT2L8yAD89Yw6fA+ypSE7SAMHikL/ 9D8RdipXrXA= =CBh9 -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: greg@ideath.goldenbear.com (Greg Broiles) Date: Sun, 28 Mar 93 21:53:38 PST To: cypherpunks@toad.com Subject: UUNET connections Message-ID: <8qZ61B1w164w@ideath.goldenbear.com> MIME-Version: 1.0 Content-Type: text/plain My previous message re my UUCP connection to UUNET has generated several questions in E-mail, as well as a recently posted question about "the $50 connections to UUNET", so I feel like I oughta answer the question(s) apparently created by my quick summary of my use of UUNET's services. UUNET will allow you to make a UUCP connection to their machines for an "administrative fee" of $36 per month, plus hourly connect rates. These rates are (as of my booklet rcvd from them in 1/93) $2.60/hr if you call their local dialup (NPA 703), and $5.60/hr if you dial in via the Compuserve packet network. Their local dialups support the PEP protocol as well as v.32 connections; I average around 700 cps when I dial in directly with v.32, and around 450 cps when I dial in via Compuserve. The $50 figure I quoted is my average monthly cost for a slow but steady trickle of mail (roughly 7K per day) and approximately 20 newsgroups, none of which are binary-oriented and none of which are super-high traffic. This includes my hourly cost for both direct-dial and Compuserve connections; I prefer to dial in directly, but have my Systems file set up to use Compuserve as a backup means of connection when the direct lines are busy (which happens with some frequency.) UUNET will register a domain name for you for free if you are a subscriber; if you do not subscribe to their service, the cost is $50. (I incorrectly quoted $25 for this to someone via E-mail.) UUNET sends a free copy of O'Reilly & Associates' _Managing uucp & Usenet_ when you sign up with them; great book, nice touch, probably saves them money for all of the questions it answers. To get in touch with UUNET: info@uunet.uu.net or 800-488-6384 I think you could also probably find some information files if you FTP'd to ftp.uu.net; I'm unsure about that and offer no guarantees. UUNET also offers a "low-volume" agreement that I don't know much about since I don't subscribe to it. I know that PSI offers similar service; my recollection is that they want $75/3mos for mail, and $225/3mos for news, flat-rate. PSI can be reached at 'info@psi.com' or 703-620-6651. I have no connection with UUNET beyond being a happy & satisfied customer; I've found them to be friendly & helpful and generally good to work with. The folks at PSI seem nice too but their prices for what I want right now are higher. UUNET and PSI both offer realtime IP connections, in addition to UUCP links like the one I use; call them for more information. -- Greg Broiles greg@goldenbear.com Golden Bear Consulting +1 503 465 0325 Box 12005 Eugene OR 97440 BBS: +1 503 687 7764 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mccoy@ccwf.cc.utexas.edu (Jim McCoy) Date: Sun, 28 Mar 93 19:49:13 PST To: uni@acs.bu.edu (Shaen Bernhardt) Subject: Re: PGP Secure? In-Reply-To: <9303290550.AA41108@acs.bu.edu> Message-ID: <9303290632.AA21124@tigger.cc.utexas.edu> MIME-Version: 1.0 Content-Type: text > > Forgive my slow math mind, but I pose the following question, knowing > in advance that it's a FAQ, but I can't find an answer anywhere.... > > Given a brute force attack on ciphertext encrypted with PGP2.2 > using the 1024 bit key, how many operations are required to > hit on the session key...? > (The session key being used with the IDEA cipher) This has been recently hashed over in sci.crypt. Here are a few generalities, read the articles in sci.crypt for the real numbers. -If you did 1000 attempts to break a 1024 bit RSA key every second and started your calculations at the beginning of the universe, you would still have several trillion years to go. -If you stored every attempted key in a single atom, you would run out of atoms in the universe long before you ran out of keys. If I remeber correctly there are something like 10^152 primes possible with a 512 bit key. That is what most people refer to as a BIG number... :) > The real meat of this question boils down to: What are the capabilities > currently, and what is required to brute force the various stages of PGP? What it boils down to is that anyone who tried a brute-force attack on your RSA key is either very stupid or hopes to be very lucky. (very, very, very lucky) It would be easier for the person to track you down, put a gun to your face and force you to disclose the message. Barring any mathematical miracle with regards to factoring large numbers, RSA using large keys is safe from brute-force attack. > Also: What does 1024 bit refer to? The IDEA session key? or the RSA key? The RSA key. It would probably be easier for someone to try to brute-force your IDEA session key than your RSA key; but this would only give them one message, while cracking a RSA key gives you all messages that have the session key wrapped with that RSA keypair. jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uni@acs.bu.edu (Shaen Bernhardt) Date: Sun, 28 Mar 93 19:07:03 PST To: cypherpunks@toad.com Subject: PGP Secure? Message-ID: <9303290550.AA41108@acs.bu.edu> MIME-Version: 1.0 Content-Type: text/plain Forgive my slow math mind, but I pose the following question, knowing in advance that it's a FAQ, but I can't find an answer anywhere.... Given a brute force attack on ciphertext encrypted with PGP2.2 using the 1024 bit key, how many operations are required to hit on the session key...? (The session key being used with the IDEA cipher) What about derriving the RSA key pair from the public key and message? How many operations might this require? Along these lines, what's the best guess at the highest technology level available today with regard to speed? How many operations per second might the most resourced orginization be expected to achieve? The real meat of this question boils down to: What are the capabilities currently, and what is required to brute force the various stages of PGP? Also: What does 1024 bit refer to? The IDEA session key? or the RSA key? Thanks in advance... uni From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Mon, 29 Mar 93 06:36:45 PST To: cypherpunks@toad.com Subject: anonymous services In-Reply-To: <9303290242.AA09702@toad.com> Message-ID: <9303291717.AA20805@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >A service which can be used as easily as anon.penet.fi would certainly be >nice. Right now the cypherpunks remailers are designed as a back end. Clever people can program the back end directly, but it's not for everybody. It's the user's software that should provide a good front end. >I'd also like to see encryption available as an option. Ideally, >messages would not _have_ to be encrypted. That's the way the current remailers work (with the exception of Miron Cuperman's). But fundamentally, there's no good reason not to encrypt, except, of course, for the last hop out of a Usenet post. The user's front end software should encrypt automatically. Remember, you need to encrypt everything, so that when you really need the protection, it doesn't appear as though anything is different. >This would also accomodate people within the U.S. who want to use the >service put are afraid of Mr. Sternlight. :-) The remailers could just as easily be built on top of RSAREF. Licensing is a red herring for this project. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Mon, 29 Mar 93 06:47:27 PST To: cypherpunks@toad.com Subject: a blackmail opportunity In-Reply-To: <9303290017.AA05745@toad.com> Message-ID: <9303291727.AA21227@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Eli Brandt writes: >An unscrupulous person running a >remailer can obviously keep records of truenames, along with >messages that their senders do not want associated with them. >Always encrypting helps with mail, but not with news. If you don't trust your remailer operator, use more than one. This is the whole point of multiple chainings. A single point failure can be any number of different threats: blackmail, coerced disclosure by threat of violence, compromised equipment. All of these can be defended against by making a system proof against single point failure. For posting to news, one should always use two hops. The first destroys any the identity of the poster and the second one decrypts it for transmission. Both hops are encrypted, but the second relay sees the plaintext and cannot link it to anyone because the first relay is anonymous. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: thug@phantom.com (Murdering Thug) Date: Mon, 29 Mar 93 05:40:09 PST To: cypherpunks@toad.com Subject: PGP: Improvements needed. Message-ID: MIME-Version: 1.0 Content-Type: text/plain I like PGP 2.2 a lot, but I think there is still much room for improvement. I would like to throw the following suggestions on the table and open up a discussion on them: Here is what I think needs to be done: - PGP needs the talked about "stealth" mode, wherein PGP encrypted files and documents contain no PGP header. This would allow the embedding of PGP documents into files containing "white noise static" data, or into the LSBs of graphic and sound files. - PGP needs to use a better compression algorithm. From what I know, I believe PGP currently uses LZW (the same algorithm as in the Unix compress utility). Anyone who has used Gnuzip (aka: gzip) knows that LZW typically compresses text files down to only 40-45% of their original size, while LZ77 (the algorithm in gzip) compresses text files down to 30% or less of their original size. Clearly LZ77 not only saves space, but improves the entropy/randomness of the cyphertext, making PGP that much harder to crack. - PGP needs a version or front end for the masses. A point-and-click version or front end that runs under DOS. I know there are really good front ends for pkzip for DOS, so how come someone doesn't write a front end for pgp2.2? I would also suggest a Windows version, but that is not as important as having a really user friendly DOS version. Hopefully, by PGP 2.5 or 3.0, these things will happen. But I'd like to see them in 2.3 if possible. Thug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uri@watson.ibm.com Date: Mon, 29 Mar 93 06:16:49 PST To: mccoy@ccwf.cc.utexas.edu (Jim McCoy) Subject: Re: PGP Secure? In-Reply-To: <9303290550.AA41108@acs.bu.edu> Message-ID: <9303291700.AA17161@buoy.watson.ibm.com> MIME-Version: 1.0 Content-Type: text/plain Jim McCoy writes: > > Given a brute force attack on ciphertext encrypted with PGP2.2 ^^^^^^^^^^^^^^^^^^^^ > > using the 1024 bit key, how many operations are required to > > hit on the session key...? > -If you did 1000 attempts to break a 1024 bit RSA key every second > and started your calculations at the beginning of the universe, you > would still have several trillion years to go. > -If you stored every attempted key in a single atom, you would run > out of atoms in the universe long before you ran out of keys. Well, of course one doesn't have to break RSA to get the _session_ key, it would be enough to break IDEA, which will automatically deliver the key to you along with the cleartext. Again of course, it's not obvious, why one might want that session key (:-). > What it boils down to is that anyone who tried a brute-force attack on your > RSA key is either very stupid or hopes to be very lucky. (very, very, very > lucky) ............. Sure... How about one, who simply knows how to improve brute-force key-search attack on IDEA? A possibility? (:-) Regards, Uri. ------------ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Mr. Noise" Date: Mon, 29 Mar 93 07:01:58 PST To: cypherpunks@toad.com Subject: anon email/caller id Message-ID: <9303291745.AA27050@titan.ucs.umass.edu> MIME-Version: 1.0 Content-Type: text Phil Karn's anology between anonymous e-mail & caller i.d. gets it right, I think. If you don't want to read it, don't, just as you may block calls without caller i.d. There are two concerns I'd like to see addressed, though: first, what about those who use anon email to get away with behavior that wastes net resources? When the identity of the poster is know, they can be 'disciplined' by other net.citizens (call it frontier justice if you like...). second, from the opposite end, won't the availability of caller i.d. mean that it will become more diffuclt to engage in truly anonymous conversations over the telephone network, as revealing one's identity becomes the norm? As to the first objection, I suppose we could continue to rely on the site administrators (& remailer admins) to discipline the offenders. After all, the sites are still subject to the same discipline we can inflict on the individual poster if known. As to the second, I suppose we can always observe that those who won't accept our anonymous call aren't worth talking to in the first place, but that evades the question IMHO. Also, having the capability in the phone system means someone can still abuse it without our knowledge. I would suggest another solution to this dilemma: 'handles'. Having a semi-secret identity means having control over your Real Life exposure to risk, whiel still allowing those you come in contact with to indentify you-- & ignore you if they wish with minimal trouble. It also means that you can set different levels of security: anyone who cares to can find out who Mr. Noise is, but how many of you know the *other* 'real mes'? Well, just some rambling thoughts at lunchtime as a way of saying hello to all of you on this list, since I just joined a week ago & didn't want to 'lurk'. :-) Have an anonymous day! Mr. Noise From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: baumbach@atmel.com (Peter Baumbach) Date: Mon, 29 Mar 93 08:50:32 PST To: cypherpunks@toad.com Subject: Re: PGP Secure? Message-ID: <9303291843.AA08556@walrus.chp.atmel.com> MIME-Version: 1.0 Content-Type: text/plain > This has been recently hashed over in sci.crypt. Here are a few > generalities, read the articles in sci.crypt for the real numbers. For those of us who don't have access to USENET, is there a mailing-list that echo's it's content and allows posting? > -If you did 1000 attempts to break a 1024 bit RSA key every second > and started your calculations at the beginning of the universe, you > would still have several trillion years to go. > -If you stored every attempted key in a single atom, you would run > out of atoms in the universe long before you ran out of keys. Couldn't this argument also be made about a simple substitution code? How secure is PGP with current smarter attacks? Peter Baumbach baumbach@atmel.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: George A. Gleason Date: Tue, 30 Mar 93 01:54:36 PST To: cypherpunks@toad.com Subject: discount datacom rates? Message-ID: <199303300954.AA03537@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain I've discovered there may be a way to provide late night (1am - 4am) dialup data communication at a substantial discount in long distance charges. We'd need something like a few thousand users in order to get this running. Feedback...? Ideas...? Email gg@well.sf.ca.us From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jcook@pro-storm.metronet.com (Julian Cook) Date: Tue, 30 Mar 93 07:06:10 PST To: gg%well.sf.ca.us.cypherpunks@toad.com Subject: Re: discount datacom rates? Message-ID: MIME-Version: 1.0 Content-Type: text/plain Well you definitely have my interest peaked. Let's discuss this scheme some more Julian Cook JCook@pro-storm.metronet.com ProLine: jcook@pro-storm Internet: jcook@pro-storm.cts.com UUCP: crash!pro-storm!jcook Bitnet: jcook%pro-storm.cts.com@nosc.mil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: stig@transam.ece.cmu.edu (Jonathan Stigelman) Date: Tue, 30 Mar 93 12:51:19 PST To: cypherpunks@toad.com Subject: Re: Many Important Items in the News Message-ID: <227@x15_remote.stigmobile.usa> MIME-Version: 1.0 Content-Type: text/plain In message <9303270339.AA00329@soda.berkeley.edu> you write: >>wait, are you advocating news admins allowed to filter anonymous mail >>from downstream/upstream feeds? I don't get this. > >Yes. If someone doesn't want to pass traffic, let them. It's >extremely foolish; they'll get a bad rep for it. If they're a >commercial site, they'll lose customers. If they're not, they'll lose >face. Freedom to filter is freedom to shoot yourself in the foot. > All this is presuming that future and present net.users remain as abreast of net activity as the frontiersmen (hi John) that were adamant enough about uncensored communication to create the alt backbone. Thankfully, the frontiersmen haven't ridden off into the sunset, never to be seen again...and the number of net users with their mindset has even grown. But, the growth of the net also means that there will be a continuing influx of people who think a lot more about Monday night football than they think about censorship. >[...] doing politics in the broad sense is the only solution for this. If, by this, you mean that the *REAL* battle is one of marketing, I think that you're right. People with censored feeds WON'T KNOW WHAT THEY'RE MISSING (because they don't get to see it)! And, if the votes for the right to anonymous expression are going to be cast via economic choices, then it's important to remember that it's not a one person one vote situation. Stig From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: stig@transam.ece.cmu.edu (Jonathan Stigelman) Date: Tue, 30 Mar 93 12:51:22 PST To: cypherpunks@toad.com Subject: Re: ANON: Mark anon. posts a Message-ID: <229@x15_remote.stigmobile.usa> MIME-Version: 1.0 Content-Type: text/plain >There is a problem with the notion that all "anonymous" remailers and >news-posting services should label their messages as anonymous so that >users can decide whether to read them or not. This approach abandons one >of the strongest arguments in favor of anonymous remailers, which is >that the net is inherently an anonymous environment. > Here's a queer thought: You've heard about the usenet dossiers that have been compiled and sold to prospective employers? How about a dossier-lookup function integrated into your favorite news reader? It would connect to a dossier server and quickly provide a cross-reference of all the other posts by the current poster...copies of the last 10 revisions of his plan file...and an analysis of his individual quirks...(along with, perhaps, a list of the top ten reasons not to hire him).... Is this so off-base? We've also been talking a lot about reputation filters, which would probably require such activity logging. Hell, it could even be put to a few good uses: We could call up Eric's dossier to quickly find his original remailer post to alt.hackers... Stig From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: scott@shrug.dur.ac.uk (Scott A. McIntyre) Date: Tue, 30 Mar 93 02:53:13 PST To: cypherpunks@toad.com (Cypherpunks) Subject: Anybody out there? Message-ID: MIME-Version: 1.0 Content-Type: text/plain I have received nothing on this list sicne Feb 20th, is it just me? Thanks, Scott From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Tue, 30 Mar 93 09:22:34 PST To: CYPHERPUNKS Subject: ANON: UUNET Info. Message-ID: <930330171358_74076.1041_FHD43-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain Thanks to Greg Broiles for the information on UUNET. I ftp'd some info from ftp.uu.net as he suggested. Here is an edited version of one of their main info files. I have left in the part relevant to UUCP connections. I would comment that this looks like it would not be an economical approach for providing an anonymous posting service. The volume experienced by these services has been very high. Greg indicates that he gets about 700 chars per second for his link. Any posting or remailing request is going to have to be transmitted twice (once in, once out). At $2.47 per connect-hour we're talking about $2.00 per megabyte posted or remailed. I believe Julf has seen several megabytes per day. So this volume will push the bill up to the range of hundreds of dollars a month. This is pretty expensive just to support truth, justice and the American way on the net. (This could be reduced if large messages were filtered, but I don't know if UUCP allows for a way to filter incoming messages so you don't get billed for them. After a while, though, if people learned that large messages don't get remailed, they might stop sending them. OTOH, the operator of this service would be vulnerable to mail bombs by those opposed; the bombs would land right in his wallet.) Info from UUNET, edited, follows below. Hal 74076.1041@compuserve.com -------------------------------------------------------------------------- UUNET offers access to: * UUCP mail - Over 2,000 direct mail connections - UUNET is an authorized Internet mail gateway, and can act as your Internet mail forwarder. - UUNET serves as the principal gateway to European, Australian Asian, Indian, and South American UUCP sites. * USENET news - UUNET offers a full or partial news feed; all news groups are offered. - Over 1,000 news feeds [...] WHICH ACCESS METHODS ARE AVAILABLE? * From within the United States: - Dial your closest CompuServe network access number (local from thousands of US cities). You are then connected to UUNET via the X.25 public data network. No registration with CompuServe is necessary. - Direct dial modem at our Austin, TX; Berkeley, CA, Boston, MA; Falls Church, VA; Palo Alto, CA; Portland, OR; and San Jose, CA hubs. - 800 number - 900 number for anonymous access to our archive * Connection Methods - UUNET supports all standard modems (V.32 / V.22bis / Bell 212A / Bell 103) - For those of you with UNIX platforms, you only need the standard UNIX uucp programs. For those with non-UNIX platforms, software is available through commercial vendors. * Modem Types - UUNET uses Telebit T2500 Modems - We support Telebit PEP / 9600 V.32 / 2400 / 1200 / 300 bps [...] HOW DO I SUBSCRIBE TO UUNET? We have several subscription options for users with different needs. The options and pricing are described below. Call us and ask for the General Information Packet on UUNET and AlterNet. Fill out the UUNET Subscription Form and send the original in to us! Subscription options are: * Regular uucp Our basic service which provides email and news connectivity for $36 per month plus your connect hours. Charges for connect hours are listed below. RATE TYPE RATE LESS 5% MINIMUM _____________________________________________________________________ Local Inbound (per hour) | $2.60 | $2.47 | 1 min. Local Outbound (per hour) | $2.60 | $2.47 | 3.6 min. | | | Remote Inbound (per hour) | $5.60 | $5.32 | 1 min. | | | Compuserve Modem (per hour) | $5.60 | $5.32 | 1 min. | | | Inbound (800) and Outbound WATS Daytime | $16.00 | $15.20 | 1 min. Inbound (800) and Outbound WATS Evening | $13.00 | $12.35 | 1 min. Inbound (800) and Outbound WATS Night | $10.00 | $9.50 | 1 min. -------------------------------------------------------------------- * Low-volume Users All sites are entitled to three connect hours per month for an annual fee of $300, paid in advance. Customers may connect via local dialup, remote dialup, or the CompuServe remote network (CompuServe charges are included in the fee). In addition, customers may use UUNET's 800 number for an additional $180 per year (total $480, paid in advance). Restrictions - Sites exceeding three connect hours will be charged at regular UUNET rates for the entire monthly usage, not just the excess. This includes the $36 administrative fee. - The yearly fee is non-refundable and will not be prorated for partial months. - This offer is only available in the continental USA and may be withdrawn at any time. [...] WHO DO I CONTACT WITH QUESTIONS? Please contact us and ask for Customer Support. WHERE IS UUNET? The address is: UUNET Technologies, Inc. 3110 Fairview Park Drive, Suite 570 Falls Church, Virginia 22042 USA +1 800 4UUNET4 (voice) +1 703 204 8000 (voice) +1 703 204 8001 (fax) info@uunet.uu.net From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Joe Thomas Date: Tue, 30 Mar 93 10:49:27 PST To: cypherpunks@toad.com Subject: FWEE!: Supreme Court news Message-ID: MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- In the ÒWhy We Need an Anonymous Whistleblower GroupÓ department, I quote the last few paragraphs of a story in todayÕs paper (ÒJustices to Rule on ÔPretty WomanÕ Parody,Ó but thatÕs not what this is about...) The Washington Post, page A4, Thursday, 30 March 1993, reproduced without permission: Separately yesterday, the justices refused to hear an appeal by two former defense contractors who were convicted in 1991 of illegally obtaining Pentagon information in the fraud scandal known as ÒOperation Ill Wind.Ó Thomas D. McAusland and Christopher M. Pafort, former executives at Litton Data Systems, which was seeking Navy contracts, were prosecuted under federal statutes that bar theft of government property. In their appeal, they argued that government information is not ÒpropertyÓ and that no statute or published regulation actually barred dissemination of the information. Their lawyers said an appeals court ruling in the case, _McAusland v. U.S._, could make any leak of government information, even to the press, the basis for criminal liability. [The defendants are apparently typical sleazy contractors who managed to get some inside information on a contract they were pursuing. Obtaining such information was made a crime _after_ they got the information, so the government charged them with the Òtheft of government propertyÓ crime -JGT] And, from an editorial in the Post (Ò. . . Custom and CrimeÓ), page A20: It is not necessary to make a judgment on the defendantsÕ conduct to be appalled by the use of the theft statute to prosecute them. There should be a presumption that government information belongs to the people unless specifically protected by law, as national security data have been for some time and as contracting information now is. The Washington Post joined other media organizations in filing a brief in this case to make exactly that point. The high courtÕs failure to review this case leaves in place a ruling that would make it possible to prosecute journalists who receive tips from government sources about corruption or public advocacy groups that listen to whistleblowersÕ charges about waste and inefficiency. It is not enough to say, as the government does, that this probably wonÕt happen. The court should have reversed these convictions to make clear that it cannot happen. -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK7iTLYwu6QoBw6rbAQHcMgP+N0g3KbTfy5KOlKoylYMg+ZFZrw+Rf4T7 pERTml6QQ4ZYkerLXZD24QGqJHNv/eNeHhwQmTvm4b8mQIY0M1fdecOZNsfKV9GJ sRKs2gu0Jgl/PW51gDkbZaIvTnz1bJF5gbvGylcZHOiMwva+p5ioxYOMhey79bOk 15KzBlhTQ94= =G3NJ -----END PGP SIGNATURE----- -- Joe Thomas PGP key available by request or by finger. PGP key fingerprint: 1E E1 B8 6E 49 67 C4 19 8B F1 E4 9D F0 6D 68 4B From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: deltorto@aol.com Date: Tue, 30 Mar 93 11:34:27 PST To: cypherpunks@toad.com Subject: FWEE! latest WB news/ideas Message-ID: <9303301434.tn14761@aol.com> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Gang, Much Cpunx mail is passing under the bridge and my boat is brimming, but I am bailing with alacrity. In this case, I prefer to view things as "half empty" (with apologies to Confucius), to wit: Eric Hughes contributed these [>>] kewl comments: >>regarding Tim May's whistleblower test: >>>I know you >>>really wanted to post that nifty F-117A thing you OCR'd _somewhere_ but that >>>was not particularly helpful. >> >>I think it was extremely helpful. Especially when we are in a design >>phase, it is good to know just how strong a reaction there will be to >>some of these posts. It benefits us to have had the experience, not >>just an awareness of the problem. Touche`, mon ami. I guess what I meant to say was "I'M not ready," which is different. I am getting ready-er. :-) >>>Someone suggested a set of WB guidelines should be posted. >> >>Any guidelines must remain completely neutral about content of >>postings. A whistleblowers group is for expressing outrage. And well should they be - neutral, that is. Any and all submissions to me at or on the list* are appreciated. While I accept that WB's themselves might BE outraged, it is my hope to enshrine in the WB Guidelines the idea that the area is for CONSTRUCTIVE CRITICISM of some ABUSIVE STATUS QUO in government or industry that needs attending to by the media or activist groups, and NOT simple OUTRAGE that there's "bad stuff going on in government" (gee, really, Virginia?). We have a loooong way to go with this and I would like it to at least get OFF on the right foot. I'm sure that in short order, lots of "maroons" will be posting spurious dingleberries (not _you_ Tim, you're just helping to test the system !) and we'll be attacked by various three-lettered government agencies. There will also be the many, many interested onlookers posting items of dubious value and waves of inane banter, but we'll have to develop strict guidelines/metaprefixes to help filter that noise-chaff from the Pithy Stuff. (Earpluuugs, gitcher-earplugs heere... fittycents! gitcher-eeearplugs!) One among us, who shall remain anonymous mainly because I like him, suggested in private to me that Organized Crime might be interested in providing an "impervious" site for anon remailing, but I am publicly poo-pooing that idea lest we get off on the wrong foot in deep water with cement overshoes (howzat for mixed metaphors, big daddy-o?). >>A whistleblowers newsgroup must remain value-neutral with respect to >>all values except the freedom to speak. Solid, baby. That's a 10-4, as long as the normal newsgroup guidelines such as adhering to the general topic-flow are inherently adhered to by all adherents (coherently, if possible). >>Value neutrality must be taught; it will not come automatically. Amen, however, once we achieve value-neutrality as a species we will either: [1] simultaneously enter the Kingdom of Heaven hand-in-hand and thus never need encryption ever again, rendering this entire discussion moot, or [2] perish in a vast and uniformly logical fireball of hitherto unimagined proportions Pick a scenario, any scenario, operators are standing by at 976-ARMAGEDDON. Self-fulfilling prophecies accepted upon receipt of your validated reality check-stub. >>This, and the ability to teach the defense of privacy, are in the long >>run much more valuable than any one specific whistleblowing. Perhaps so, but then one day, there may be that _one special whistle_ that gets blown, iykwim. That's the one I'M listening for, the "Big Fwee," as it were. Or as Bullwinkle might say to Rocky: "Give me Fweedom or give me Death." And now, here's something you'll REALLY like: >>>Nicholas Johnson, the former head of the FCC (under Johnson) >>>Ralph Nader's organization >>>Jim Settle (FBI Computer Crime Squad) >>>a fellow from the CIA [his name's Ross Stapleton] >> >>Dave mentions all these people are in favor of whistleblowing. The >>place where they can help the most is by affixing their signature to a >>document that defends the whistleblowers group in advance of >>"problems" with it. Speaking of Boris & Natasha, with the _specific exception_ of the "fellow from the CIA" whose name I did not mention at his express request (| open mouth; insert keyboard; repeat | Eric) and will not herein verify 'identity-wise' (regardless of Mr. Hughes' dental bills), the above-mentioned entities are well-intentioned and supportive of the WB idea in general and might well help out with signatures affixed to such a predefensive document. The Devil's in the Details however, and they may balk depending on how "mature" that document is. We can gather a lot of support beforehand, so spread the word now and have people email me at so I can put them into the db. The WB Position Paper is "under construction" and will be pre-circulated on the Cpunks list for commentary and revision before being broadcast publicly. >>If we can gather enough signatures from a wide enough spectrum >>of the political process, the publication of the document alone >>will be worth press coverage. It might also be worthwhile to >>take out a few big ads in major newspapers and print a position >>paper. Agreed, wholeheartedly. I am quietly trying to garner support from various left-leaning politcos as we type (She with the pugilistic name for one). I caution all that this is currently an "idea under development" and they are all post-nasal-Hip enough to regard it as such until we broadcast its availability widely. Needless to say, almost everyone I have spoken to about it is fairly-to-extremely enthusiastic about the idea and wants immediate access when it's online. I also plan to send a note to Billary Clinton when we have our schtick happening, so's the White House can tune in and listen to the crackle of disgruntled Govvamint Employees. Again submissions for the WB Guidelines and the WB Position Paper are strongly encouraged. Keep in mind that this is a positive, constructive outlet for the technology we're discussing on this list and a great opportunity for good press. And write lots of clever stuff so I don't have to, willya? :-) >>[Re: comments from xxxxx Mistah CIA-mon xxxxx] >>>done "correctly," the system can 'perhaps be somewhat protected' from >>>posting by pranksters/attackers with bogus revelations - it might >>>require someone to preview postings >> >>There's no need to preview anything. Let people say whatever they >>want. Then, should the CIA wish to confirm something, they can issue >>a statement with a digital signature attached to it, referencing the >>post in question. I explained what the "nameless one from the CIA" had to say rather poorly. He was not proposing that his Agency have any previewing capabilities, although he ventured in the most generic terms the opinion that CIA Tech would be doing it's best to break the anonymity as soon as possible (anon remailer technologists take heed of the most subtle and pernicious attacks). Rather, what we discussed as two private citizens interested in Freedom of Speech and the Occasional Corrective Force applied to the Tiller of the Ship of State was more along the lines of: >>Review and verification [...as was ably interpreted by E. Hughes...] ...by a Cypherpunk committee monitoring the WB list or _another group_ whose charge is to evaluate claims by anon posters for their veracity and to establish the reliability of such sources for future correspondence. I ventured that this would be far too involved for the Cpunks to deal with and that it would have to be the responsibility of the interested parties in the media or activist org's to verify anon WB claims. We can at best provide good mechanisms for them to use, IMHO. Furthermore, there was no implication that ANYone would edit postings (least of all the Certifiably Insane Agency), only that those chartered with verification might scribble them into invisibility if it was determined by the committee that the source was chronically unreliable. Beware, anon bombers and other nefarious monkey-wrenchers, lest you SLIP on your own banana protocols. This Verification Thing, by the way, is the single biggest issue with the entire WB process and the one that frames encryption as an interesting possible solution to the problem of establishing successive levels of trust between postees and verifiers (on top of the basic anon remail technology). More on this later as Those Who Know Far More than I Do contribute their Wisdom. IMPORTANT NOTE along those Lines: would all Cypherpunks who: [1] run an anonymous service [2] have new improvements to existing anon services [3] have experience and/or the desire to actually run the WB remailer system [4] know what a dingleberry is ...PLEASE make yourselves known to me asap so I can know who the players are and co-ordinate who can be asked to provide what part of the process and when. There is no purchase necessary and no commitment for now, I just need to build a db of skills and volunteers. For this purpose ONLY, please mail me at . Please include (and format in NEON for easy readability): [1] What you would be willing to offer in the way of remailer software/hardware technology and wisdom, etc. [2] Your current Public Key (even if you think I already have it and esp if you bin slackin' off sending it) [that means YOU, Gnu... git with the program!] [3] Your t-shirt size (S, M, L, XL) and 1-bit chromatic preference (B or W) [4] Your favorite recipe for fudge brownies (optional, but really helpful) Hey, is this great or what? dave * My mail reader (sweet Eudora) and I are noting a strong propensity for folks to FORGET to use metaprefixes in their SUBJECT lines. Once again, and on behalf of all those suffering masses who have to sift daily through Unsubscribe dribble, flame-flotsam and other ubiquitous jetsam, I ask that ALL Cypherpunks with even a passing semblance of politesse put appropriate "PREFIX: blahblahblah" thingies in the SUBJECTs of their postings to the list: it's a courteous habit to get into (...that, and wearing clean underwear on a second date). - ------- PS/FYI: All of you who have requested an anon ftp site for MacPGP v2.2 will not have much longer to wait (zzzzzzz-HUH?!?). Also, the version about to be posted (ftp details soon) will be the "final" version and not the .91 beta previously mentioned. I will also make it available to CompuServe people who can then forward it along to colleagues, friends and relatives FOR EDUCATIONAL PURPOSES ONLY. Any weasel who sent me mail asking for it thusly and who didn't include a CompuServe address better get aboard - you know who you are. It will be a self-expanding archive, fully System 7.1-compatible. There's even an custom folder icon for that educational "ooohhh-aaahhh" factor. Wowsie-wowsie-woo-woo. -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK7gshKHBOF9KrwDlAQF3swP/d6z6k/NYLBw0I4peteh8Nif+1Z3r0NoL UnhoHJVfMmYON5XJcIOgcBgzYvMJgZuEXVjjwMnXgUf0jmG/FJTV6VFv89PseigT V/tj/D5rcDUnK9+gkbTAwYdISmnGroXyZc5+L+Ozm0xgACWDlz2iM3B4FfMYG0ew VfUI9sSKsa8= =95TB -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 30 Mar 93 19:26:51 PST To: cypherpunks@toad.com Subject: Another UUCP service provider In-Reply-To: <5ga01B1w164w@ideath.goldenbear.com> Message-ID: <9303311648.AA18969@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >I'm >getting kinda bored with the topic of small-system connectivity and don't >think it's really what the cypherpunks list is about/for; This information is generally useful for the following tactical reasons: 1. Anonymous remailers are disapproved of. 2. Pressure is brought to bear against the operators of such systems. 3. All the owners of the machines and the communications channels must not give in to such pressure in order to avoid shutdown. 4. Private ownership of remailer nodes seems essential. 5. No organizations have volunteered use of their machines. 6. Personal ownership by individuals seems necessary in order to get this off the ground. We don't need to discuss it much, but news is appreciated. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Wed, 31 Mar 93 09:27:47 PST To: CYPHERPUNKS Subject: REMAIL: Filters for copyright? Message-ID: <930331171832_74076.1041_FHD21-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain Among thuh objections to anonymous postin', like, we have discussed various ideas for controllin' volume abuse. Content abuse is ya know, like, what seems to cause most of thuh complaints, like, wow, though. I think we can awesumly ignore those who simply object to an obnoxious, tasteless or inappropriate message. Man, another issue that has been raised is the question of illegal messages. It's not clear to me what would be illegal in thuh U.S. Like, there is that nasty old First Amendment that keeps gettin' in thuh way. One class which has been discussed is copyrighted messages. If someone posts a long excerpt from a published document without thuh author's permission, man, this would violate his copyright. I had thuh idea of performin' a transformation on all messages so that the text of a message would be altered. Since copyright does not protect ideas, fer shure, but rather thuh specific expression of an idea, man, this might keep any message from violatin' copyright. Like, there are a couple of filters in comp.sources.games: jive and valspeak. These are pretty amusin'. Perhaps a variation on these filters, fer shure, ones which do some simple word substitution, man, would be enough to prevent copyright violations to come out of an anonymous postin' service. Like, ya know, this messages has been processed by thuh valspeak filter. Hal Finney 74076.1041@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tjw@GAS.uug.Arizona.EDU (Theodore J Weinberg) Date: Wed, 31 Mar 93 11:32:23 PST To: cypherpunks@toad.com Subject: subscribe Message-ID: <9303311954.AA09764@GAS.uug.Arizona.EDU> MIME-Version: 1.0 Content-Type: text/plain thanks '. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: stig@transam.ece.cmu.edu (Jonathan Stigelman) Date: Thu, 1 Apr 93 11:24:31 PST To: cypherpunks@toad.com Subject: Re: a blackmail opportunity Message-ID: <232@x15_remote.stigmobile.usa> MIME-Version: 1.0 Content-Type: text/plain In message <9303290017.AA05745@toad.com> you write: >perfect prelude to blackmail. An unscrupulous person running a >remailer can obviously keep records of truenames, along with >messages that their senders do not want associated with them. That's why you use more than one remailer and you encrypt the messages. This guards against single-point failures... >Always encrypting helps with mail, but not with news. > Why? One layer of encription is stripped by each remailer. Use three layers of encription and three remailers: The first remailer will know that you sent something encripted; the third will see the message and the destination but not know that you were the author. stig From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: robichau@lambda.msfc.nasa.gov (Paul Robichaux) Date: Thu, 1 Apr 93 08:18:16 PST To: cypherpunks@toad.com Subject: PHRACK: Article from PHRACK 42 on encryption Message-ID: <9304011902.AA26513@lambda.msfc.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain Attached is an article from PHRACK 42 written by "The Racketeer." Exposing factual errors and flaws in reasoning is left as an exercise for the reader. -Paul ################################################### # The Paranoid Schizophrenics Guide to Encryption # # (or How to Avoid Getting Tapped and Raided) # ################################################### Written by The Racketeer of The /-/ellfire Club The purpose of this file is to explain the why and the how of Data Encryption, with a brief description of the future of computer security, TEMPEST. At the time of this issue's release, two of the more modern software packages use encryption methods covered in this article, so exercise some of your neurons and check into newer releases if they are available. Methods described in this file use PGP, covering an implementation of Phil Zimmermann's RSA variant, and the MDC and IDEA conventional encryption techniques by using PGP and HPACK. -------------------- WHY DATA ENCRYPTION? -------------------- This isn't exactly the typical topic discussed by me in Phrack. However, the importance of knowing encryption is necessary when dealing with any quasi-legal computer activity. I was planning on starting my series on hacking Novell Networks (so non-Internet users can have something to do), but recent events have caused me to change my mind and, instead of showing people how to get into more trouble (well, okay, there is plenty of that in this file too, since you're going to be working with contraband software), I've opted instead to show people how to protect themselves from the long arm of the Law. Why all this concern? Relatively recently, The Masters of Deception (MoD) were raided by various federal agencies and were accused of several crimes. The crimes they did commit will doubtlessly cause more mandates, making the already too-outrageous penalties even worse. "So?" you might ask. The MoD weren't exactly friends of mine. In fact, quite the contrary. But unlike many of the hackers whom I dealt with in the "final days" prior to their arrest, I bitterly protested any action against the MoD. Admittedly, I followed the episode from the beginning to the end, and the moral arguments were enough to rip the "Hacker World" to pieces. But these moral issues are done, the past behind most of us. It is now time to examine the aftermath of the bust. According to the officials in charge of the investigation against MoD members, telephone taps were used to gain evidence against members successfully. All data going in and out of their house was monitored and all voice communications were monitored, especially between members. So, how do you make a line secure? The party line answer is use of effective encryption methods. Federal investigative agencies are currently pushing for more technological research into the issue of computer security. All of the popular techniques which are being used by hackers today are being used by the government's R&D departments. Over the course of the last 5 years, I've watched as the U.S. Government went from a task force of nearly nil all the way to a powerful marauder. Their mission? Unclear. Regardless, the research being accomplished by federally-funded projects dealing with the issues of computer security are escalating. I've personally joined and examined many such conferences and have carefully examined the issues. Many of these issues will become future Phrack articles which I'll write. Others, such as limited-life semiconductors and deliberate telephone line noise sabotage caused by ACK packet detections in order to drive telecommunication costs higher, are sadly unpreventable problems of the future which won't be cured by simple awareness of the problem. They have different names -- Computer Emergency Response Team (CERT), Computer Assisted Security Investigative Analysis Tool (FBI's CASIAT), the Secret Service's Computer Fraud Division, or the National Computer Security Center (NSA's NCSC). Scores of other groups exist for every network, even every operating system. Their goal isn't necessarily to catch hackers; their goal is to acquire information about the act of hacking itself until it is no longer is a problem. Encryption stands in the way. Computer Security is literally so VAST a concept that, once a person awakens to low-level computer mechanics, it becomes nearly impossible to prevent that person from gaining unauthorized access to machines. This is somewhat contradictory to the "it's all social engineering" concept which we have been hearing about on Nightline and in the papers. If you can't snag them one way though, you can get them another -- the fact is that computers are still too damn vulnerable these days to traditional hacking techniques. Because of the ease of breaking through security, it becomes very difficult to actually create an effective way to protect yourself from any form of computer hacking. Look at piracy: they've tried every trick in the book to protect software and, so far, the only success they have had was writing software that sucked so much nobody wanted a copy. Furthermore, totally non-CPU related attacks are taking place. The passing of Anti-TEMPEST Protection Laws which prevent homes from owning computers that don't give off RF emissions has made it possible for any Joe with a few semesters of electrical engineering knowledge to rig together a device that can read what's on your computer monitor. Therefore: Q: How does a person protect their own computer from getting hacked? A: You pretty much can't. I've memorized so many ways to bypass computer security that I can rattle them off in pyramid levels. If a computer is not even connected to a network or phone line, people can watch every keystroke typed and everything displayed on the screen. Why aren't the Fedz using these techniques RIGHT NOW? I can't say they are not. However, a little research into TEMPEST technology resulted in a pretty blunt fact: There are too many computer components to scan accurately. Not the monitor, oh no! You're pretty much fucked there. But accessories for input and output, such as printers, sound cards, scanners, disk drives, and so forth...the possibility of parallel CPU TEMPEST technology exists, but there are more CPU types than any mobile unit could possibly use accurately. Keyboards are currently manufactured by IBM, Compaq, Dell, Northgate, Mitsuma (bleah), Fujitsu, Gateway, Focus, Chichony, Omni, Tandy, Apple, Sun, Packard-Bell (may they rot in hell), Next, Prime, Digital, Unisys, Sony, Hewlett-Packard, AT&T, and a scattering of hundreds of lesser companies. Each of these keyboards have custom models, programmable models, 100+ key and < 100 key models, different connectors, different interpreters, and different levels of cable shielding. For the IBM compatible alone, patents are owned on multiple keyboard pin connectors, such as those for OS/2 and Tandy, as well as the fact that the ISA chipsets are nearly as diverse as the hundreds of manufacturers of motherboards. Because of lowest-bid practices, there can be no certainty of any particular connection -- especially when you are trying to monitor a computer you've never actually seen! In short -- it costs too much for the TEMPEST device to be mobile and to be able to detect keystrokes from a "standard" keyboard, mostly because keyboards aren't "standard" enough! In fact, the only real standard which I can tell exists on regular computers is the fact that monitors still use good old CRT technology. Arguments against this include the fact that most of the available PC computers use standard DIN connectors which means that MOST of the keyboards could be examined. Furthermore, these keyboards are traditionally serial connections using highly vulnerable wire (see Appendix B). Once again, I raise the defense that keyboard cables are traditionally the most heavily shielded (mine is nearly 1/4 inch thick) and therefore falls back on the question of how accurate a TEMPEST device which is portable can be, and if it is cost effective enough to use against hackers. Further viewpoints and TEMPEST overview can be seen in Appendix B. As a result, we have opened up the possibility for protection from outside interference for our computer systems. Because any DECENT encryption program doesn't echo the password to your screen, a typical encryption program could provide reasonable security to your machine. How reasonable? If you have 9 pirated programs installed on your computer at a given time and you were raided by some law enforcement holes, you would not be labeled at a felon. Instead, it wouldn't even be worth their time to even raid you. If you have 9 pirated programs installed on your computer, had 200 pirated programs encrypted in a disk box, and you were raided, you would have to be charged with possession of 9 pirated programs (unless you did something stupid, like write "Pirated Ultima" or something on the label). We all suspected encryption was the right thing to do, but what about encryption itself? How secure IS encryption? If you think that the world of the Hackers is deeply shrouded with extreme prejudice, I bet you can't wait to talk with crypto-analysts. These people are traditionally the biggest bunch of holes I've ever laid eyes on. In their mind, people have been debating the concepts of encryption since the dawn of time, and if you come up with a totally new method of data encryption, -YOU ARE INSULTING EVERYONE WHO HAS EVER DONE ENCRYPTION-, mostly by saying "Oh, I just came up with this idea for an encryption which might be the best one yet" when people have dedicated all their lives to designing and breaking encryption techniques -- so what makes you think you're so fucking bright? Anyway, crypto-(anal)ysts tend to take most comments as veiled insults, and are easily terribly offended. Well, make no mistake, if I wanted to insult these people, I'd do it. I've already done it. I'll continue to do it. And I won't thinly veil it with good manners, either. The field of Crypto-analysis has traditionally had a mathematical emphasis. The Beal Cipher and the German Enigma Cipher are some of the more popular views of the field. Ever since World War 2, people have spent time researching how technology was going to affect the future of data encryption. If the United States went to war with some other country, they'd have a strong advantage if they knew the orders of the opposing side before they were carried out. Using spies and wire taps, they can gain encrypted data referred to as Ciphertext. They hand the information over to groups that deal with encryption such as the NSA and the CIA, and they attempt to decode the information before the encrypted information is too old to be of any use. The future of Computer Criminology rests in the same ways. The deadline on white collar crimes is defaulted to about 3-4 years, which is called the Statute of Limitations. Once a file is obtained which is encrypted, it becomes a task to decrypt it within the statute's time. As most crypto-analysts would agree, the cost in man-hours as well as supercomputer time would make it unfeasible to enforce brute force decryption techniques of random encryption methods. As a result of this, government regulation stepped in. The National Security Agency (referred to as "Spooks" by the relatively famous tormenter of KGB-paid-off hackers, Cliff Stoll, which is probably the only thing he's ever said which makes me think he could be a real human being) released the DES -- Data Encryption Standard. This encryption method was basically solid and took a long time to crack, which was also the Catch-22. DES wasn't uncrackable, it was just that it took "an unreasonable length of time to crack." The attack against the word "unreasonable" keeps getting stronger and stronger. While DES originated on Honeywell and DEC PDPs, it was rumored that they'd networked enough computers together to break a typical DES encrypted file. Now that we have better computers and the cost requirements for high-speed workstations are even less, I believe that even if they overestimated "unreasonable" a hundredfold, they'd be in the "reasonable" levels now. To explain how fast DES runs these days... I personally wrote a password cracker for DES which was arguably the very first true high-speed cracker. It used the German "Ultra-Fast Crypt" version of the DES algorithm, which happened to contain a static variable used to hold part of the previous attempt at encrypting the password, called the salt. By making sure the system wouldn't resalt on every password attempt, I was able to guess passwords out of a dictionary at the rate of 400+ words per second on a 386-25 (other methods at that time were going at about 30 per second). As I understand it now, levels at 500+ for the same CPU have been achieved. Now this means I can go through an entire dictionary in about five minutes on a DES-encrypted segment. The NSA has REAL cash and some of the finest mathematicians in the world, so if they wanted to gain some really decent speed on encryption, DES fits the ideal for parallel programming. Splitting a DES segment across a hundred CPUs, each relatively modern, they could crank out terraflops of speed. They'd probably be able to crack the code within a few days if they wanted to. Ten years from now, they could do it in a few seconds. Of course, the proper way to circumnavigate DES encryption is to locate and discover a more reliable, less popular method. Because the U.S. Government regulates it, it doesn't mean it's the best. In fact, it means it's the fucking lamest thing they could sweeten up and hope the public swallows it! The last attempt the NSA made at regulating a standard dealing with encryption, they got roasted. I'm somewhat convinced that the NSA is against personal security, and from all the press they give, they don't WANT anyone to have personal security. Neither does the Media for that matter. Because of lamers in the "Biblical Injustice Grievance Group of Opposing Terrible Sacrilege" (or BIGGOTS) who think that if you violate a LAW you're going to Hell (see APPENDIX C for my viewpoint of these people) and who will have convinced Congress to pass ease-of-use wire taps on telephone lines and networks so that they can monitor casual connections without search warrants, encryption will be mandatory if you want any privacy at all. And to quote Phil Zimmermann, "If privacy is outlawed, only the outlaws will have privacy." Therefore, encryption methods that we must use should be gathered into very solid categories which do NOT have endorsement of the NSA and also have usefulness in technique. HOW TO USE DECENT ENCRYPTION: (First, go to APPENDIX D, and get yourself a copy of PGP, latest version.) First of all, PGP is contraband software, presumably illegal to use in the United States because of a patent infringement it allegedly carries. The patent infringement is the usage of a variant of the RSA encryption algorithm. Can you patent an algorithm? By definition, you cannot patent an idea, just a product -- like source code. Yet, the patent exists to be true until proven false. More examples of how people in the crypto-analyst field can be assholes. Anyway, Phil's Pretty Good Software, creators of PGP, were sued and all rights to PGP were forfeited in the United States of America. Here comes the violation of the SECOND law, illegal exportation of a data encryption outside of the United States of America. Phil distributed his encryption techniques outside the USA, which is against the law as well. Even though Mr. Zimmermann doesn't do any work with PGP, because he freely gave his source code to others, people in countries besides the United States are constantly updating and improving the PGP package. PGP handles two very important methods of encryption -- conventional and public key. These are both very important to understand because they protect against completely different things. ----------------------- CONVENTIONAL ENCRYPTION ----------------------- Conventional encryption techniques are easiest to understand. You supply a password and the password you enter encrypts a file or some other sort of data. By re-entering the password, it allows you to recreate the original data. Simple enough concept, just don't give the password to someone you don't trust. If you give the password to the wrong person, your whole business is in jeopardy. Of course, that goes with just about anything you consider important. There are doubtlessly many "secure enough" ciphers which exist right now. Unfortunately, the availability of these methods are somewhat slim because of exportation laws. The "major" encryption programs which I believe are worth talking about here are maintained by people foreign to the USA. The two methods of "conventional" encryption are at least not DES, which qualifies them as okay in my book. This doesn't mean they are impossible to break, but they don't have certain DES limitations which I know exist, such as 8 character password maximum. The methods are: MDC, as available in the package HPACK; and IDEA, as available in Pretty Good Privacy. Once you've installed PGP, we can start by practicing encrypting some typical files on your PC. To conventionally encrypt your AUTOEXEC.BAT file (it won't delete the file after encryption), use the following command: C:\> pgp -c autoexec.bat Pretty Good Privacy 2.1 - Public-key encryption for the masses. (c) 1990-1992 Philip Zimmermann, Phil's Pretty Good Software. 6 Dec 92 Date: 1993/01/19 03:06 GMT You need a pass phrase to encrypt the file. Enter pass phrase: { Password not echoed } Enter same pass phrase again: Just a moment.... Ciphertext file: autoexec.pgp C:\> dir Volume in drive C is RACK'S Directory of c:\autoexec.pgp autoexec.pgp 330 1-18-93 21:05 330 bytes in 1 file(s) 8,192 bytes allocated 52,527,104 bytes free PGP will compress the file before encrypting it. I'd say this is a vulnerability to the encryption on the basis that the file contains a ZIP file signature which could conceivably make the overall encryption less secure. Although no reports have been made of someone breaking PGP this way, I'd feel more comfortable with the ZIP features turned off. This is somewhat contrary to the fact that redundancy checking is another way of breaking ciphertext. However, it isn't as reliable as checking a ZIP signature. Although PGP will doubtlessly become the more popular of the two programs, HPACK's encryption "strength" is that by being less popular, it will probably not be as heavily researched as PGP's methods will be. Of course, by following PGP, new methods of encryption will doubtlessly be added as the program is improved. Here is how you'd go about encrypting an entire file using the HPACK program using the MDC "conventional" encryption: C:\> hpack A -C secret.hpk secret.txt HPACK - The multi-system archiver Version 0.78a0 (shareware version) For Amiga, Archimedes, Macintosh, MSDOS, OS/2, and UNIX Copyright (c) Peter Gutmann 1989 - 1992. Release date: 1 Sept 1992 Archive is 'SECRET.HPK' Please enter password (8..80 characters): Reenter password to confirm: Adding SECRET .TXT Done Anyway, I don't personally think HPACK will ever become truly popular for any reason besides its encryption capabilities. ZIP has been ported to an amazing number of platforms, in which lies ZIP's encryption weakness. If you think ZIP is safe, remember that you need to prevent the possibility of four years of attempted password cracking in order to beat the Statutes of Limitations: Here is the introduction to ZIPCRACK, and what it had to say about how easy it is to break through this barrier: (Taken from ZIPCRACK.DOC) ----- ZIPCRACK is a program designed to demonstrate how easy it is to find passwords on files created with PKZIP. The approach used is a fast, brute-force attack, capable of scanning thousands of passwords per second (5-6000 on an 80386-33). While there is currently no known way to decrypt PKZIP's files without first locating the correct password, the probability that a particular ZIP's password can be found in a billion-word search (which takes about a day on a fast '486) is high enough that anyone using the encryption included in PKZIP 1.10 should be cautious (note: as of this writing, PKZIP version 2.00 has not been released, so it is not yet known whether future versions of PKZIP will use an improved encryption algorithm). The author's primary purpose in releasing this program is to encourage improvements in ZIP security. The intended goal is NOT to make it easy for every computer user to break into any ZIP, so no effort has been made to make the program user-friendly. ----- End Blurb Likewise, WordPerfect is even more vulnerable. I've caught a copy of WordPerfect Crack out on the Internet and here is what it has to say about WordPerfect's impossible-to-break methods: (Taken from WPCRACK.DOC:) ----- WordPerfect's manual claims that "You can protect or lock your documents with a password so that no one will be able to retrieve or print the file without knowing the password - not even you," and "If you forget the password, there is absolutely no way to retrieve the document." [1] Pretty impressive! Actually, you could crack the password of a Word Perfect 5.x file on a 8 1/2" x 11" sheet of paper, it's so simple. If you are counting on your files being safe, they are NOT. Bennet [2] originally discovered how the file was encrypted, and Bergen and Caelli [3] determined further information regarding version 5.x. I have taken these papers, extended them, and written some programs to extract the password from the file. ----- End Blurb --------------------- PUBLIC KEY ENCRYPTION --------------------- Back to the Masters of Deception analogy -- they were telephone tapped. Conventional encryption is good for home use, because only one person could possibly know the password. But what happens when you want to transmit the encrypted data by telephone? If the Secret Service is listening in on your phone calls, you can't tell the password to the person that you want to send the encrypted information to. The SS will grab the password every single time. Enter Public-Key encryption! The concepts behind Public-Key are very in-depth compared to conventional encryption. The idea here is that passwords are not exchanged; instead a "key" which tells HOW to encrypt the file for the other person is given to them. This is called the Public Key. You retain the PRIVATE key and the PASSWORD. They tell you how to decrypt the file that someone sent you. There is no "straight" path between the Public Key and the Private Key, so just because someone HAS the public key, it doesn't mean they can produce either your Secret Key or Password. All it means is that if they encrypt the file using the Public Key, you will be able to decrypt it. Furthermore, because of one-way encryption methods, the output your Public Key produces is original each time, and therefore, you can't decrypt the information you encrypted with the Public Key -- even if you encrypted it yourself! Therefore, you can freely give out your own Public Key to anyone you want, and any information you receive, tapped or not, won't make a difference. As a result, you can trade anything you want and not worry about telephone taps! This technique supposedly is being used to defend the United States' Nuclear Arsenal, if you disbelieve this is secure. I've actually talked with some of the makers of the RSA "Public-Key" algorithm, and, albeit they are quite brilliant individuals, I'm somewhat miffed at their lack of enthusiasm for aiding the public in getting a hold of tools to use Public Key. As a result, they are about to get railroaded by people choosing to use PGP in preference to squat. Okay, maybe they don't have "squat" available. In fact, they have a totally free package with source code available to the USA public (no exportation of code) which people can use called RSAREF. Appendix E explains more about why I'm not suggesting you use this package, and also how to obtain it so you can see for yourself. Now that we know the basic concepts of Public-Key, let's go ahead and create the basics for effective tap-proof communications. Generation of your own secret key (comments in {}s): C:\> pgp -kg { Command used to activate PGP for key generation } Pretty Good Privacy 2.1 - Public-key encryption for the masses. (c) 1990-1992 Philip Zimmermann, Phil's Pretty Good Software. 6 Dec 92 Date: 1993/01/18 19:53 GMT Pick your RSA key size: 1) 384 bits- Casual grade, fast but less secure 2) 512 bits- Commercial grade, medium speed, good security 3) 1024 bits- Military grade, very slow, highest security Choose 1, 2, or 3, or enter desired number of bits: 3 {DAMN STRAIGHT MILITARY} Generating an RSA key with a 1024-bit modulus... You need a user ID for your public key. The desired form for this user ID is your name, followed by your E-mail address enclosed in , if you have an E-mail address. For example: John Q. Smith <12345.6789@compuserve.com> Enter a user ID for your public key: The Racketeer You need a pass phrase to protect your RSA secret key. Your pass phrase can be any sentence or phrase and may have many words, spaces, punctuation, or any other printable characters. Enter pass phrase: { Not echoed to screen } Enter same pass phrase again: { " " " " } Note that key generation is a VERY lengthy process. We need to generate 105 random bytes. This is done by measuring the time intervals between your keystrokes. Please enter some text on your keyboard, at least 210 nonrepeating keystrokes, until you hear the beep: 1 .* { decrements } -Enough, thank you. ..................................................++++ ........++++ Key generation completed. It took a 33-386DX a grand total of about 10 minutes to make the key. Now that it has been generated, it has been placed in your key ring. We can examine the key ring using the following command: C:\> pgp -kv Pretty Good Privacy 2.1 - Public-key encryption for the masses. (c) 1990-1992 Philip Zimmermann, Phil's Pretty Good Software. 6 Dec 92 Date: 1993/01/18 20:19 GMT Key ring: 'c:\pgp\pubring.pgp' Type bits/keyID Date User ID pub 1024/7C8C3D 1993/01/18 The Racketeer 1 key(s) examined. We've now got a viable keyring with your own keys. Now, you need to extract your Public Key so that you can have other people encrypt shit and have it sent to you. In order to do this, you need to be able to mail it to them. Therefore, you need to extract it in ASCII format. This is done by the following: C:\> pgp -kxa "The Racketeer " Pretty Good Privacy 2.1 - Public-key encryption for the masses (c) 1990-1992 Philip Zimmermann, Phil's Pretty Good Software. 6 Dec 92 Date: 1993/01/18 20:56 GMT Extracting from key ring: 'c:\pgp\pubring.pgp', userid "The Racketeer ". Key for user ID: The Racketeer 1024-bit key, Key ID 0C975F, created 1993/01/18 Extract the above key into which file? rackkey Transport armor file: rackkey.asc Key extracted to file 'rackkey.asc'. Done. The end result of the key is a file which contains: -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.1 mQCNAisuyi4AAAEEAN+cY6nUU+VIhYOqBfcc12rEMph+A7iadUi8xQJ00ANvp/iF +ugZ+GP2ZnzA0fob9cG/MVbh+iiz3g+nbS+ZljD2uK4VyxZfu5alsbCBFbJ6Oa8K /c/e19lzaksSlTcqTMQEae60JUkrHWpnxQMM3IqSnh3D+SbsmLBs4pFrfIw9AAUR tCRUaGUgUmFja2V0ZWVyIDxyYWNrQGx5Y2FldW0uaGZjLmNvbT4= =6rFE -----END PGP PUBLIC KEY BLOCK----- This can be tagged to the bottom of whatever E-Mail message you want to send or whatever. This key can added to someone else's public key ring and thereby used to encrypt information so that it can be sent to you. Most people who use this on USENET add it onto their signature files so that it is automatically posted on their messages. Let's assume someone else wanted to communicate with you. As a result, they sent you their own Public Key: -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.1 mQA9AitgcOsAAAEBgMlGLWl8rub0Ulzv3wpxI5OFLRkx3UcGCGsi/y/Qg7nR8dwI owUy65l9XZsp0MUnFQAFEbQlT25lIER1bWIgUHVkIDwxRHVtUHVkQG1haWxydXMu Yml0bmV0Pg== =FZBm -----END PGP PUBLIC KEY BLOCK----- Notice this guy, Mr. One Dumb Pud, used a smaller key size than you did. This shouldn't make any difference because PGP detects this automatically. Let's now add the schlep onto your key ring. C:\> pgp -ka dumbpud.asc Pretty Good Privacy 2.1 - Public-key encryption for the masses. (c) 1990-1992 Philip Zimmermann, Phil's Pretty Good Software. 6 Dec 92 Date: 1993/01/22 22:17 GMT Key ring: 'c:\pgp\pubring.$01' Type bits/keyID Date User ID pub 384/C52715 1993/01/22 One Dumb Pud <1DumPud@mailrus.bitnet> New key ID: C52715 Keyfile contains: 1 new key(s) Adding key ID C52715 from file 'dumbpud.asc' to key ring 'c:\pgp\pubring.pgp'. Key for user ID: One Dumb Pud <1DumPud@mailrus.bitnet> 384-bit key, Key ID C52715, crated 1993/01/22 This key/userID associate is not certified. Do you want to certify this key yourself (y/N)? n {We'll deal with this later} Okay, now we have the guy on our key ring. Let's go ahead and encrypt a file for the guy. How about having the honor of an unedited copy of this file? C:\> pgp -e encrypt One {PGP has automatic name completion} Pretty Good Privacy 2.1 - Public-key encryption for the masses. (c) 1990-1992 Philip Zimmermann, Phil's Pretty Good Software. 6 Dec 92 Date: 1993/01/22 22:24 GMT Recipient's public key will be used to encrypt. Key for user ID: One Dumb Pud <1DumPud@mailrus.bitnet> 384-bit key, Key ID C52715, created 1993/01/22 WARNING: Because this public key is not certified with a trusted signature, it is not known with high confidence that this public key actually belongs to: "One Dumb Pud <1DumPud@mailrus.bitnet>". Are you sure you want to use this public key (y/N)? y -- Paul Robichaux, KD4JZG | May explode if disposed of improperly. NTI Mission Software Development Div. | RIPEM key on request. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Thu, 1 Apr 93 12:27:00 PST To: cypherpunks@toad.com Subject: (fwd) Plan Nine from Cypherspace Message-ID: <9304012311.AA13318@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain I noticed a new group formed, called alt.cabal, and decided to "christen" it with a suitably caballistic message. Don't bother trying to decrypt it, obviously. Perhaps we can simply co-opt alt.cabal for our own uses? -Tim Newsgroups: alt.cabal Path: netcom.com!tcmay From: tcmay@netcom.com (Timothy C. May) Subject: Plan Nine from Cypherspace Message-ID: Organization: Netcom - Online Communication Services (408 241-9760 guest) X-Newsreader: Tin 1.1 PL5 Date: Thu, 1 Apr 1993 22:55:37 GMT -----BEGIN PGP MESSAGE----- Version: 2.2 hIwCVmLN1FTnSD8BBACcHs6kxtMxO2flzZ64d2v9ahYsAPeHVPOujSbgrbCeGk4U xqSFJkcuPY2EulukPQZA9UaImSx/UB6to/puRPl2pQn1qrYwH/irnpTCrsjIVDDo w+tWUA5vbg0LZJP4b/7NZ5u/SUI6cLy4d9abSTJd5kbMkzfNfQVlv7D6NPguoqYA AAIzerOdgHncZ1jEn24ngv4UaqUhZjN0Hf5KjF8yNZt1snugGMMFGCNdfElflkLR fEHOFDDOIWCmpFYv0ACr03CRuXX+wb35iZdZp/lUlSmLvt3wKOyw3zoJ1nWiEwoV mV6wsjHDvg4QIckKzmZFpSX7uGlV6UQLAJW9txsFxRbFFzEY1GoCYDzEhWofW3su h5UPzH2TguBEbAZ/MU1qLtud7+o/Zmfnoj0GleaQvl1bs2GeRGjaklS7/m+WnMy+ k7Y0amFkqj6wf7ML0zN05TkBLS6T/jFX+Re8ffQJIilDVIYjo4nvKe4Q/J9C8Y4+ vViiPxBlJ+177neHTAa8QHO0BTRSsmhoj1b+OjoV7PG0CijKjcsYBDHmoz4gNAv4 UN7pThYSnt2WtkDBfbRmuKyB9CVzEl2kChMYOYnifQ3BK5LvYb2jBLpM4c/ThV04 jHdvMCIsPAAr/lFXdv5jaWHeff9XVhddyhcWP9MYkQ+/Gjle6eV8vfexVotse+Iu nel23SyuzTZjU5/CtGGxVm0aVoiU7X7Y9fg3Q3QOMJP5W0oamaFnJ5kLc7nsGHn7 +kuOmlZ6wb8hmAXb9/YScngWAbJmAEsThnmklxpdjRwV8/j+ScuAxUEJZ8dx/3xY W0w06Oll1Osm/fILU4NkRUxU02CB9hZUfa5k7BYi685gB4e3EEVceT7zbXo+72yh 42h9m3eNBUGGSZCL7X1Zy9JDciT/rOSsU2U31ywSflS7DnANJEo= =VFR9 -----END PGP MESSAGE----- Post response to alt.cabal in normal form. -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Thu, 1 Apr 93 10:20:53 PST To: cypherpunks@toad.com Subject: Re: PHRACK: Article from PHRACK 42 on encryption In-Reply-To: <9304011902.AA26513@lambda.msfc.nasa.gov> Message-ID: <9304012043.AA04761@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain Paul Robichaux says: > Attached is an article from PHRACK 42 written by "The Racketeer." > > Exposing factual errors and flaws in reasoning is left as an exercise > for the reader. > The flaws are big enough to drive a bakery truck through. Its trash. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Thu, 1 Apr 93 13:20:30 PST To: Subject: REMAIL: Usage statistics Message-ID: <930401235941_74076.1041_FHD46-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain About a month ago, I added a simple logging capability to my remailer, by adding these lines to my maildelivery file: Request-Remailing-To "" pipe R "date >> LOG.REMAIL" Anon-To "" pipe R "date >> LOG.REMAIL" Encrypted PGP pipe R "date >> LOG.ENCRYPTED" Here is a summary of the information from my LOG.REMAIL file. It shows the dates on which a remailed message went through my remailer, with a count of how many messages went through on that day: 1 Tue Mar 2 2 Wed Mar 3 1 Thu Mar 4 7 Fri Mar 5 1 Wed Mar 10 1 Sun Mar 14 1 Mon Mar 15 1 Tue Mar 16 1 Wed Mar 17 1 Thu Mar 18 1 Sun Mar 21 2 Mon Mar 22 10 Tue Mar 23 10 Wed Mar 24 6 Thu Mar 25 7 Fri Mar 26 6 Sat Mar 27 4 Sun Mar 28 1 Mon Mar 29 3 Wed Mar 31 4 Thu Apr 1 These statistics may be useful in considering such approaches as batching or rearranging messages to achieve greater anonymity. Hal 74076.1041@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phiber Optik Date: Thu, 1 Apr 93 22:54:28 PST To: pmetzger@shearson.com Subject: Re: PHRACK: Article from PHRACK 42 on encryption In-Reply-To: <9304012043.AA04761@snark.shearson.com> Message-ID: <199304020654.AA27442@eff.org> MIME-Version: 1.0 Content-Type: text/plain > > > Paul Robichaux says: > > Attached is an article from PHRACK 42 written by "The Racketeer." > > > > Exposing factual errors and flaws in reasoning is left as an exercise > > for the reader. > > > > The flaws are big enough to drive a bakery truck through. Its trash. > > > Perry > Welcome to the wonderful world of "Phrack". From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: trump@pluto.ee.cua.edu (Louis Edward Trumpbour) Date: Fri, 2 Apr 93 07:34:19 PST To: cypherpunks@toad.com Subject: could someone Message-ID: <9304021534.AA21746@pluto.ee.cua.edu> MIME-Version: 1.0 Content-Type: text/plain could someone please re mail me the letter that contains the Phrack 42 article and comentary... my mail was lost and i would like to see this one Clovis From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: robichau@lambda.msfc.nasa.gov (Paul Robichaux) Date: Fri, 2 Apr 93 13:11:29 PST To: cypherpunks@toad.com Subject: list ping; ignore Message-ID: <9304022111.AA26160@lambda.msfc.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain [ sorry to do this; listmail is only reaching us sporadically and I'm trying to find out why. ] -- Paul Robichaux, KD4JZG | May explode if disposed of improperly. NTI Mission Software Development Div. | RIPEM key on request. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Fri, 2 Apr 93 16:11:04 PST To: Theodore Ts'o Subject: Uunet is an "enhanced service provider", not a common carrier In-Reply-To: <9303262102.AA04094@SOS> Message-ID: <9304030010.AA04500@toad.com> MIME-Version: 1.0 Content-Type: text/plain I spoke with Mike O'Dell about this; he says uunet is an enhanced service provider. It is not a common carrier. (Let's not discuss this in cypherpunks anyway -- I just wanted to set the record straight.) John From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sat, 3 Apr 93 12:06:43 PST To: cypherpunks@toad.com Subject: WB: public kiosks Message-ID: <9304032003.AA11049@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain One of the necessities of a truly effect whistleblowing system is the existence of public kiosks where anybody can post from--the equivalent of public telephones for the net. This is useful when the sending of any encrypted message at all will be grounds for reprisal. (It is, of course, useful for paranoids as well...) Last night I spoke with Wayne Gregori, who runs a system called sfnet (with some variant of capitalization) here in the Bay Area. sfnet is a coffeehouse network, with public terminals located in various locations in SF, Berkeley, Oakland, etc. There is the equivalent of IRC and private mail for the users, almost all of whom use handles. there is also dialup service available. sfnet just got their internet hookup. It's not integrated into the rest of the software yet; that is being worked on. Wayne is supportive of the idea of putting a whistleblowers interface into the sfnet public terminals. New slogan: Drop the dirty quarter! Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: kieran2101@aol.com Date: Sat, 3 Apr 93 09:23:54 PST To: cypherpunks@toad.com Subject: Re: could someone Message-ID: <9304031222.tn14272@aol.com> MIME-Version: 1.0 Content-Type: text/plain I'd also like a copy of the Phrack article, since my account here clipped off a big chunk of the article at the end. If someone could forward a copy to my account at kieran@mindvox.phantom.com, I'd appreciate it. --Aaron From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: grady@netcom.com (1016/2EF221) Date: Sat, 3 Apr 93 12:57:04 PST To: cypherpunks@toad.com Subject: PGP: suggestions from the trench Message-ID: <9304032057.AA06227@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain After carefully reading RSA.COM's FAQ (version 1.0 draft 1e [14 Sep 1992] by Paul Fahn; available via anonymous ftp from RSA.COM), I have some comments about the various PGP implementations. First of all: well done! These implementations and ports have taken a lot of unremunerated work from a lot of people. If you compare the number of people registering public keys on the PGP servers such as pgp-public-keys@toxicwaste.mit.edu to the number registering for the RIPEM versions licensed by RSA/PK partners, for example, found on rpub.cl.msu.edu, PGP enjoys an order of magnitude more popularity. So regardless of the outcome of legal, support, standards and interoperability issues, the PGP experiment has already been a tremendous success in letting us common folk learn about effective and convenient public key encryption. One of the great advantages of a popular application is the great number of fingers and eyes that can be used to detect and document problems to make PGP even a greater success. Here are the thoughts of one user: 1. PGP RSA bit lengths are too short. According to RSA's FAQ, the US Government (NSA) does not consider export licenses for RSA moduli used for privacy greater than 512 bits [section 2.23]. This may imply something about NSA's capability in attacking RSA systems with fewer than 512 bits of modulus; Ron Rivest, a co- inventor of RSA, estimates the cost of factoring a 512-bit modulus *today* at $8.2 million dollars (much less of course in the future) [section 2.8]. Although it is true that the time to generate a new RSA key goes as the order of 16 times the modulus length, this is only done once or a very few times. Encryption and signature verification time on the other hand goes only as the order of four time the modulus length [section 2.8]. And the faster computers of tomorrow will virtually eliminate this performance penalty compared to the vastly increased time required for a factoring attack on RSA moduli that increasing its size entails. Taking all these factors into consideration, I would suggest that the *minimum* size of the RSA modulus available for PGP is 1024 bits with a minimum ceiling of 2048 bits (or even more). If for performance reasons on certain platforms 1024 is deemed impossibly slow, then a lesser number of bits ought to be permitted *provided* that the security level for any key length under, say, 768 bits is clearly labeled "TOY GRADE". And because factoring security is a moving target with increases in computer speed and factoring methods, rather than the static (and rather melodramatic) labels of "commercial grade," military grade", and so on, the labels ought to be specific years that intelligent estimates (such as Ron Rivest's) that that size modulus will be factored by a determined opponent. For example, 512 bits should be labeled "1992", 768 bits labeled "2005", 1024 bits labeled "2020", and so on, using an estimate of about 15-20 bits a year of modulus degradation. This also supplies a clue as to selecting intelligent public key expirations given individual security goals. While this may seem too conservative, consider that many public moduli kept by a certifying authority may be attacked in parallel, similar to cracking a passwd file NOT using a salt. We must be *absolutely sure* that the theoretical basis of the encryption function is the paramount consideration in PGP. 2. The hash function generates too short a digest. In section 6.3 of the RSA FAQ, RSA recommends MD5 with its 128 bit digest when using 512 bit or shorter RSA keys. This is because they estimate the work factor of breaking a 128 bit digest is on the order of 2^64 operations or roughly equivalent today to factoring 512 bit numbers. If PGP increases the minimum recommended modulus size but does not simultaneously increase the hash digest size, then attacks such as "guessed plaintext," where guesses are made as to the IDEA key being encrypted under RSA are made compared to a trial RSA encryption, will become more and more attractive. The RSA FAQ recommends using the SHS (Secure Hash Standard) [available from csrc.nist.gov] which generates a 160 bit digest or a modified MD4 algorithm that produces a 256 bit digest. In any event, the 128 bit IDEA key to be encrypted under RSA ought to at the very least have a 64 or 128 bit random salt (that will later be discarded) appended before RSA encryption to thwart the "guessed plaintext" attack on RSA. According to the RSA FAQ, MD4 and MD5 are available for unrestricted use via RSA.COM or ftp.nisc.sri.com as rfc1320 (MD4) and rfc1321 (MD5). 3. Triply encrypted DES with CBC ought to be another "conventional encryption" option under PGP menus. RSA FAQ cites Campbell and Wiener's "Proof that DES is not a group" (Advances in Cryptology - Crypto '92 Springer-Verlag, New York 1993, To appear) that proves that DES with multiple encryption does indeed spread the encryption mapping over a broader space and thus presumably increases the work factor to direct cryptanalysis. IDEA, while attractive in speed, size and theory, has no such group-free proof and has not long withstood the public scrutiny that DES has endured. Three 56 bit keys could easily be derived from a single MD4 256 bit digest (with an additional 64 bits of Initializing Vector, to boot) to double the brute-force key guessing DES work factor to roughly 112 bits. A slightly non- standard version such as Outerbridge/Lau/Gillogly/Karn's newdes, which is provably at *least* as secure as plain DES, might be used in order to thwart dedicated DES hardware attacks. 4. Add a "enter random seed" option in addition to keystroke timing. It is suspected that the timing biases in keystroke timing is far more pronounced than rolls of an ordinary die, especially over the broad range of platforms that PGP has been ported to. A useful option to make user rest easier about the amount of bias in the random seeding for the search for the public-key RSA modulus and the generation of conventional (IDEA and triple-DES keys) would be to permit the direct data entry of fifty or sixty rolls of a die to further disperse the original seed. Given the difficulty of obtaining noisy diodes or sources counting radioactive decay, rolling dice is probably the easiest and comparatively least biased of ways of selecting random seeds [see Knuth v.2] *and* is under the direct personal control of the user. 5. Offer a "use strong primes" option in RSA key generation. While it is true that as it is said in the RSA FAQ [section 2.7] and the PGP documentation that "strong primes" may not now be necessary given the non-favoritism of ECM ("elliptic curve method") of factoring (Lenstra: Factoring integers with elliptic curves. Annals of Mathematics 126:649-673, 1987), there is only the one-time penalty of selecting "strong" primes in public key generation and, as the RSA FAQ suggests, future breakthroughs in factoring technique may very well once again favor the "strong" prime over the garden variety one. 6. Probably my most urgent recommendation: I use MacPGP 2.2 and it did not come with a) a source b) a digitally-signed archive or c) a pointer to send bug reports. Without these features it is very hard to make specific implementation bug reports or interface improvement suggestions. As the RSA FAQ says in section 2.6: "In practice, most successful attacks will likely be aimed at insecure implementations and at the key management stages of an RSA system." Please, please include the source to the Mac version (or upon request), or at least an object map so I can effectively disassemble and test portions of the code. -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.2 mQCOAiumM0QAAAED+JPD8OULO2aXRvU2FDksMjJeGT96kGK5eJK1grkXuIHz+6pe jiedYOv72kBQoquycun191Ku4wsWVTz6ox/bpReBs5414OTPzQVJgWQzCW1N4BfV Wr4eEn3qnFsVLXXxk3oYGydIeJcmelSyuPSq/Oq7Q+eHkKgjqxDTjVMu8iEAEQEA AbABh7QuR3JhZHkgV2FyZCAgPGdyYWR5QG5ldGNvbS5jb20+ICAoNzA3KSA4MjYt NzcxNbABAw== =e3rN -----END PGP PUBLIC KEY BLOCK----- Comments appreciated. Grady Ward grady@netcom.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Sat, 3 Apr 93 16:56:53 PST To: Cypherpunks@toad.com Subject: Re: TEMPEST in a teapot Message-ID: <9304040056.AA07411@servo> MIME-Version: 1.0 Content-Type: text/plain A few minor comments on a pretty comprehensive and well written article. Although TEMPEST is closely related to EMI shielding, remember that TEMPEST is concerned only with *information bearing* radiations, not interference. In particular, the switching power supply, a potentially prodigious source of EMI, is not a significant TEMPEST issue because power supply emissions carry little if any information. (Varying loads might cause minor modulations of switching frequencies, etc, but this is probably something that only the paranoid "covert channel" types worry about. Maybe you coull tell when the floppy drive motor starts and stops, but I doubt you could do much else.) Who knows, cutting down on power supply radiation might make it easier to extract information from the emissions that remain, because of the jamming effect of power supply noise. But don't let that stop you. It's your duty to your neighbors to emit as little RF noise as possible. When I lived in New Jersey, I learned to my chagrin that my two PC clones made my next door neighbor's AM radio useless. Only 25 miles from New York, he was unable to listen to WABC, a 50KW clear channel AM station! The problem disappeared completely when I installed some inline AC RFI filters in the power supplies. Since we shared a pole transformer, I theorize that the noise was conducted from my computer to his radio directly over the power lines. Which brings me to my next point. I have not seen *any* clone-grade PC power supplies with adequate power line filtering. They have a minimal LC lowpass network on the power supply board itself, but this is usually inadequate. Whenever I buy a new power supply, the first thing I do when I get it home is to replace the IEC power connector with an integrated, shielded power connector/RFI line filter. These devices are widely available for several dollars from electronics surplus houses and amateur radio "hamfests". I also use power cords with built-in ferrite "lumps" but these are probably harder to find (one particular hamfest vendor had a lot of them a few years ago, but I haven't seen them since.) Modern monitors are *much* better shielded than the early PC monitors, especially those no-name Korean or Taiwanese copies of the original IBM PC monochrome monitor. If you have the misfortune of owning one of those old monitors, as I do on one of my systems, chances are the lion's share of its emissions are coming from the +70V power lead that runs from the main circuit board to the video output stage on the base of the CRT. (Note! Do NOT confuse this with the high voltage lead going to the anode of the CRT!) The +70V power line to the video output driver acts as an antenna for radiated video signals that can be *quite* strong. I suspect that the reports we've seen of successfully picking up the image on a computer display were taking advantage of this. To fix the problem, just replace the plain wire with a piece of shielded coax, bypass the ends with .01 or .1 uF capacitors of sufficient working voltage, and ground the shields to circuit board ground on both ends. Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Sat, 3 Apr 93 18:07:59 PST To: cypherpunks@toad.com Subject: MEET: I'm going West! (Bay Area) Message-ID: <9304040207.AA00881@deathtongue> MIME-Version: 1.0 Content-Type: text/plain I'm going to be at a meeting at the Westin hotel in Milbrae, CA. I'm taking an early-morning (ugh) flight out on Tuesday, and I'm red-eye'ing back Friday night/Saturday morning (to be back for the Boston Area Cypherpunks meeting :-) I should be free in the evenings, namely, Tuesday, Wednesday, and Thursday nights. I'd be interested in getting together with people to exchange signatures, talk about stuff, eat dinner, or whatever. I can be reached by email at , which I should be reading remotely, or you can leave a message for me at the hotel at 415-692-3500. Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Sat, 3 Apr 93 21:58:14 PST To: cypherpunks@toad.com Subject: PGP help and comments. Message-ID: <9304040558.AA17596@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain I am really learning to love PGP, and I haven't even used it much yet! I'm insisting that all my friends get keys. But.... I would like to set up two secret keys for myself. One 512 bits long and another 1024 bits long. I'll distribute the short one. I'll give the long one to trusted and close friends. I'm having difficulty setting it up so that pgp defaults to using the short key to encrypt stuff. Note that I want the same user id for both, but perhapse with a "secure" flag in the user id of the large key. How can I do this? Can we get someone to compile and distribute pgp for the amoeba, er, I mean Amiga? ;^) My friend has one, but no C compiler. Some suggestions for future versions... Is there any chance of pgp cloaking it's ascii armoured output to look like uuencoded data? I would like to use pgp on the mainframes, but don't want to store my secret key on their disks. Would it be possible to have pgp accept it's secret key via stdin. I could do an ascii upload of my secret key and never expose my key to disk-storage. How about password protecting pgp itself. No one could use my copy of pgp unless they knew my password. And only my copy of pgp could decrypt my secret key. Just a thought. How about a -wn option that would wipe the original file 'n' times. Like pgp -wen10 very_secret_stuff cohort. That should keep even Big Brother from prying. Is it possible to have pgp develope a third key that looks just like a regular key except that when it is used in place of your secret key, it produces an alternate plaintext. This way, if Big Brother "requested" you'r key, and you needed to dissavow all of you'r messages, you could exchange the third key for you'r secret key. When someone used this key, they'd get some insulting message that may or may not have been the original message...and there'd be no way of knowing. I kinda doubt it on this one, but wouldn't it be nice! Geez, have I really gone on for 40 lines? Sorry about that, but any comments? Hope to hear from you. -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.2 mQBNAiu21SIAAAECAMKkKKP4JIxSPR7rOUZ7mbi6yDPfFa7T6zOtOBX8iI939tIU 9JFTxdyvTejK3qmYDGozNaqySQ/0++nGqZgikcsABRG0LUouIE1pY2hhZWwgRGll aGwsIG1lLCA8bWRpZWhsQHRyaXRvbi51bW4uZWR1Pg== =YquS -----END PGP PUBLIC KEY BLOCK----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eli Brandt Date: Sun, 4 Apr 93 00:05:14 PST To: cypherpunks@toad.com Subject: jarthur remailer has PGP Message-ID: <9304040805.AA19784@toad.com> MIME-Version: 1.0 Content-Type: text/plain Snarfed PGP 2.2 and found it more successful on a Symmetry than 2.1, which I couldn't get to stop dumping core on keygen. So the remailer on jarthur now supports encryption, I think. Bang on it and see if you agree. The jarthur remailer's key: (512 bits only, it's on an insecure box) -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.2 mQBNAiu+hVUAAAECAMVjEfl2IMNgSOJ+/fx1V6EbH50ofa6K4r1PBKMmkcHQextP ghwC4lXIgaAWUlLJ9x61+qf4jB5fpNUZLrF9FUsABRG0NWphcnRodXIgcmVtYWls ZXIgIGMvbyA8ZWJyYW5kdEBqYXJ0aHVyLmNsYXJlbW9udC5lZHU+ =Zxy7 -----END PGP PUBLIC KEY BLOCK----- The makefile paragraph: symmetry_gcc: $(MAKE) all CC=gcc LD=gcc OBJS_EXT=_80386.o \ CFLAGS="-O -I. -DNOTERMIO -D_BSD -DUNIX -DUSE_NBIO $(BYTEORDER) -Di386" Logging is turned back on until the glitches are out. Enjoy. PGP 2 key by finger or e-mail Eli ebrandt@jarthur.claremont.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Sun, 4 Apr 93 00:18:19 PST To: mccoy@ccwf.cc.utexas.edu (Jim McCoy) Subject: Re: PGP help and comments. In-Reply-To: <9304040758.AA07164@tigger.cc.utexas.edu> Message-ID: <9304040818.AA20036@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain >J. Michael Diehl writes: >> I would like to use pgp on the mainframes, but don't want to store my secret >> key on their disks. Would it be possible to have pgp accept it's secret key >> via stdin. I could do an ascii upload of my secret key and never expose my >> key to disk-storage. > > This is even more dangerous than storing it on the disks of a multi-user > machine. Unless you are running in a kerberos environment it is trivial to > snoop your upload off the network, and even without that weakness you are > exposing yourself to the same problem that the docs mention (it is really > pretty easy to scan someone's terminal input) only you are giving them the > key outright instead of only giving them the passphrase to your key. Point taken. > > Bad idea. Sure is. Thanx. -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.2 mQBNAiu21SIAAAECAMKkKKP4JIxSPR7rOUZ7mbi6yDPfFa7T6zOtOBX8iI939tIU 9JFTxdyvTejK3qmYDGozNaqySQ/0++nGqZgikcsABRG0LUouIE1pY2hhZWwgRGll aGwsIG1lLCA8bWRpZWhsQHRyaXRvbi51bW4uZWR1Pg== =YquS -----END PGP PUBLIC KEY BLOCK----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mccoy@ccwf.cc.utexas.edu (Jim McCoy) Date: Sat, 3 Apr 93 23:58:38 PST To: mdiehl@triton.unm.edu (J. Michael Diehl) Subject: Re: PGP help and comments. In-Reply-To: <9304040558.AA17596@triton.unm.edu> Message-ID: <9304040758.AA07164@tigger.cc.utexas.edu> MIME-Version: 1.0 Content-Type: text J. Michael Diehl writes: > > I would like to use pgp on the mainframes, but don't want to store my secret > key on their disks. Would it be possible to have pgp accept it's secret key > via stdin. I could do an ascii upload of my secret key and never expose my > key to disk-storage. This is even more dangerous than storing it on the disks of a multi-user machine. Unless you are running in a kerberos environment it is trivial to snoop your upload off the network, and even without that weakness you are exposing yourself to the same problem that the docs mention (it is really pretty easy to scan someone's terminal input) only you are giving them the key outright instead of only giving them the passphrase to your key. Bad idea. jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: George A. Gleason Date: Sun, 4 Apr 93 03:31:52 PDT To: hughes@soda.berkeley.edu Subject: Re: WB: public kiosks Message-ID: <199304041031.AA11760@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Re public kiosks; recall that Community Memory started the idea of coin-operated kiosks years ago; and presumably still has terminals located around town. The technology is quite simple apparently. Could be genralised pretty easily. The terminals are connected to their servers via off-premise extension circuits, which allow keeping the lines open fulltime at no per-minute charge. Then you drop coins in order to respond to stuff. This of course requires a server in evrey local exchange area where you want terminals, but that should be no problem in most places. -gg From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Nickey MacDonald Date: Sat, 3 Apr 93 22:47:55 PST To: "J. Michael Diehl" Subject: Re: PGP help and comments. In-Reply-To: <9304040558.AA17596@triton.unm.edu> Message-ID: MIME-Version: 1.0 Content-Type: text/plain My comments below... --- Nick MacDonald | NMD on IRC i6t4@jupiter.sun.csd.unb.ca | PGP 2.1 Public key available via finger On Sat, 3 Apr 1993, J. Michael Diehl wrote: > I am really learning to love PGP, and I haven't even used it much yet! I'm > insisting that all my friends get keys. But.... I have been 'introducing' my friends to PGP too... I figure that its no good if I have a key, but no one to use it with... :-) Its amazing how many people will take the time to play with an interesting new toy... > I would like to set up two secret keys for myself. One 512 bits long and > another 1024 bits long. I'll distribute the short one. I'll give the long > one to trusted and close friends. I'm having difficulty setting it up so that > pgp defaults to using the short key to encrypt stuff. Note that I want the > same user id for both, but perhapse with a "secure" flag in the user id of the > large key. How can I do this? I'm not too sure here... but PGP should default to using the newest (youngest) key on you private key ring... If you have two of them with the same name, I'm not sure how you could choose other than the first... The trick here might be to a a key size option to PGP, to say I want the key that is (or is at least) n bits in size. > Can we get someone to compile and distribute pgp for the amoeba, er, I mean > Amiga? ;^) My friend has one, but no C compiler. I'll not get into computer wars... I'll just say that I'll take an Amiga over an IBM clone any day! >;-) As far as I can tell.. there are folx out there that make sure the Amiga version goes public pretty soon after a new version is released... I've hade 2.2 since about 3 days after I knew it was released... There are a series on AmiNet "mirrors" all over the world, the one that most IBM'ers would recognize right off being wuarchive.wustle.edu (128.252.135.4) in /pub/aminet/util/crypt. > Some suggestions for future versions... I have some options on some of your ideas, but I'll save them for another post at another time.. :-) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Derek Atkins Date: Sun, 4 Apr 93 00:52:45 PST To: Eric Fogleman Message-ID: <9304040852.AA13135@hodge> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- The FIRST Boston-area cypherpunks meeting: Date: Saturday, April 10, 1993 Time: 12 noon - ~5 pm Where: MIT Room 1-115 If you need better directions, please feel free to send me e-mail, or you can call me at 617 868-4469. Hope to see people there! - -derek PGP 2 key available upon request on the key-server: pgp-public-keys@toxicwaste.mit.edu - -- Derek Atkins, MIT '93, Electrical Engineering and Computer Science Secretary, MIT Student Information Processing Board (SIPB) MIT Media Laboratory, Speech Research Group warlord@MIT.EDU PP-ASEL N1NWH -----BEGIN PGP SIGNATURE----- Version: 2.2 iQBuAgUBK76hsTh0K1zBsGrxAQHD7ALFExaf+JQ3l21P1c5Tuxx2RdKy/AsLLZo1 D6Y0LsaPe7YEW9bofbQr0HKdW08KvZgDHowUomjCFgLRVJPtwyTJkqWuL4424/XU cuSe+LWeNJ+llrbosFgsk/o= =wZJR -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: x62727g2@usma8.USMA.EDU (Gatlin Anthony CDT) Date: Sun, 4 Apr 93 10:07:07 PDT To: cypherpunks@toad.com Subject: Mailing LIst Message-ID: <9304041704.AA14583@usma8.usma.edu> MIME-Version: 1.0 Content-Type: text/plain I am very very interested in getting on your mailing list. PLease include me. Thank you. Anthony GAtlin ------------------------------------------------------------------------------ Notice: In accordance with Title 18 USC 2511 and 18 USC 2703, any monitoring of this communication without a Federal warrant or consent of sender or receiver is in violation of Federal Law. Consent for monitoring is not given. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: zane@genesis.mcs.com (Sameer Parekh) Date: Sun, 4 Apr 93 13:45:16 PDT To: cypherpunks@toad.com Subject: Looking for PGP porting help Message-ID: MIME-Version: 1.0 Content-Type: text/plain I'm busy (actually, I'm procrastinating doing my schoolwork ;-) porting PGP 2.2 to the Apple IIGS. I have two problems and one question-- The question: Who should I contact with the fact that I'm doing this port so that once a new version of PGP comes out all my porting work isn't lost? The problems: I'm not a very experienced C programmer/porter. I seem to be one of two people in the Apple IIGS community who's interested in porting PGP. (The other is even LESS experienced at C-- he just learned C recently.) Any ideas? Thanks, -- | Sameer Parekh-zane@genesis.MCS.COM-PFA related mail to pfa@genesis.MCS.COM | | Apprentice Philosopher, Writer, Physicist, Healer, Programmer, Lover, more | | "Be God" - Me __ "Specialization is for Insects" - Robert A. Heinlein ____/ \_____________/ \____________________________________________________/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: szabo@techbook.com (Nick Szabo) Date: Sun, 4 Apr 93 15:20:37 PDT To: uunet!toad.com!cypherpunks@uunet.UU.NET Subject: Keys on public machines Message-ID: MIME-Version: 1.0 Content-Type: text/plain [lost attributions, sorry] >> I could do an ascii upload of my secret key and never expose my >> key to disk-storage. >> > This is even more dangerous than storing it on the disks of a multi-user > machine. Unless you are running in a kerberos environment it is trivial to > snoop your upload off the network... I don't find the risk of a real-time snoop to be as bad as the risk of a future snoop finding my private key alongside encrypted files that have been stored forever (backups). To mitigate either problem, how about having two layers of encryption: a private key to decrypt files for reading on a public machine, and a second public/private pair to reencrypt the files for storage and transmission to the home machine. The public machine knows the first private key (if snooped) and the second public key; only the home machine knows the second private key. Snooping the first private key compromises only unread and future messages until the key is changed. Messages archived in the reencrypted state are secure, but messages archived in the unread state with the first private key are still compromised forever. Is backing up mail directories a common practice? Are there (probably system-dependent) ways to avoid backups, such as anticipating or detecting when backups are about to occur, hidden directories, file permissions, etc? Also, this system introduces some user hostility, in that reencrypted files cannot be read again until moved to the home machine. Another idea is to implement the relevant features of Kerberos in a high-level client/server package that can be used to secure personal network communications of this kind. The package could be distributed with PGP. Nick Szabo szabo@techbook.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: treason@gnu.ai.mit.edu Date: Sun, 4 Apr 93 13:14:32 PDT To: cypherpunks@toad.com Subject: Second posting (emucs) Message-ID: <9304042014.AA15614@spiff.gnu.ai.mit.edu> MIME-Version: 1.0 Content-Type: text/plain This is the second posting I have posted about emucs (encrypted multi-user chat system) on the list. I am hoping to get a little more involvement from stable coders to help develop this product. Most of you are knowledgable of irc and how flawed it is, the ease of logging, and the fascism of the operators therof. I want to alleviate this problem by producing a multi-user chat system involving 1 server and up to 50 clients which is counterproductive to promoting logging and such. My design is easy: All messages sent from a user will be encrypted(pgp) by the pc(msdos machine initially) before its sent over the phone line, to the server. The server will then determine if the message is public or private (very easy to do) and if private, will decrypt it using the servers public key. It will then pass the message to all users on the server in unencrypted format. If it is private the server will pass it directly to the recieving party, who's client will decrypt it (if its private the sender must have the receiver's public key) and display it to their view screen. I was considering encrypting and handling everything in a private manner, but have decided that this would be more than too much load on the recieving pc's so have decided to keep only private messages completely secure. When the person wanting to engage in the chat decides to run the client, he would supply his pass phrase as a command line parameter, and it would be stored in memory until the chat is terminated. Any time a private message comes to him the client would automatically decrypt it with his key and pass phrase. There will be key handling and exchanging utilities built into the server. The client will allow for vt100 emulation and will work as a terminal program until the chat is entered, at which time, the client wwill be prompted by the server to start its new function(ie. encryption). If anyone has any ideas or wishes to help me with this, please respond to treason@gnu.ai.mit.edu and explain what you can do, or what ideas you have. On the last posting of this sort, there was very little response, which frightens me because of the serious need for this kind of software. Treason@gnu.ai.mit.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu@cygnus.com Date: Sun, 4 Apr 93 17:56:05 PDT To: cypherpunks@toad.com Subject: Problems with "high quality" random number generators, FYI Message-ID: <9304050056.AA05690@cygnus.com> MIME-Version: 1.0 Content-Type: text/plain Good sources of randomness are key to good cryptography. Date: 03 Apr 1993 13:04:37 -0700 (MST) From: uunet!asgard.lpl.Arizona.EDU!schulze@uunet.UU.NET (Dean Schulze) Subject: Problems with "high quality" random number generators To: na.digest@surfer.EPM.ORNL.GOV Cc: numeric-interest@validgh.com Message-Id: <9304032004.AA06752@asgard.lpl.Arizona.EDU.LPL-West> A recent Physical Review Letter [1] points out that serious problems can arise in Monte Carlo computations due to subtle correlations in "high quality" random number generators. The quality of these number generators was determined to be "good" because they passed a battery of tests for randomness. However, they produced erroneous results when used together with the Wolff algorithm for cluster-flipping in a simulation of a 2 dimensional Ising model for which the results are known. The author of this Letter, Alan M. Ferrenburg of the University of Georgia, says that an algorithm must be tested together with the random number generator being used regardless of which tests the random number generator has passed on its own. In another development, Shu Tezuka of IBM, Tokyo and Pierre L'Ecuyer of the University of Montreal have proven that the Marsaglia-Zaman random number generators are "essentially equivalent" to linear congruential methods [2]. (Linear congruential number generators produced better results in Ferrenburg's simulations than random number generation algorithms that are of higher quality, however.) [1] Alan M. Ferrenburg, D.P. Landau, and Y. Joanna Wong, "Monte Carlo simulations: Hidden errors from 'good' random number generators", Phys. Rev. Lett., 69, pp. 3382-4, 1992. [2] Science News, v142, pg. 422, 1992. ------- End of Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wixer!pacoid@cactus.org (Paco Xander Nathan) Date: Sun, 4 Apr 93 17:31:28 PDT To: cypherpunks@toad.com Subject: CONF - "CopCon", organized by B Sterling Message-ID: <9304042359.AA22084@wixer> MIME-Version: 1.0 Content-Type: text/plain Electronic Frontier Foundation -- Austin in conjunction with The University Co-op and The University of Texas Computer Science Department Presents ..from the Federal Computer Investigations Committee, Federal Law Enforcement Training Center, and the International Association of Computer Investigation Specialists: GAIL THACKERAY Maricopa County prosecuting attorney, Phoenix, Arizona speaking on: computer crime in the 1990s, "Operation Sundevil," corporate PBX fraud, boiler-room consumer-fraud rackets, credit-card rip-offs, pirate bulletin-board systems, and outlaw hacking! Sunday, April 18, 1993, 1:30PM-3:30PM UT Campus, Taylor Hall, room 2.106 TO BE FOLLOWED BY: C O M P U T E R S E C U R I T Y S O I R E E ! UT Co-op, Second Floor, Computer Books Section From 3:30 PM -- (?) where Ms. Thackeray will greet the Austin public and answer questions from any and all interested parties! FREE!! ..another EFF-Austin service to the Texan computer community EFF-Austin, PO Box 18957, Austin, Texas 78760 eff-austin@tic.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: trump@pluto.ee.cua.edu (Louis Edward Trumpbour) Date: Sun, 4 Apr 93 16:53:36 PDT To: cypherpunks@toad.com Subject: PGP 2.2 for mac Message-ID: <9304042354.AA04977@pluto.ee.cua.edu> MIME-Version: 1.0 Content-Type: text/plain yes i am looking for pgp 2.2 for mac so if anyone knows where i can find it or if anyone can tell me if they can uuencode it and mail it to me (please contact me before mailing) i would be most greatful... i do not have a mac but i have a friend at the university of wisconsin that i feel sould have pgp... so as i plea for help into the black hole of the internet cypherpunk remailer i hope to hear some feed back.... also do the people in dc want to get a cypher punk meeting together??? i am wi willing to organize... Clovis From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Sun, 4 Apr 93 19:06:26 PDT To: szabo@techbook.com (Nick Szabo) Subject: Re: PGP help and comments. In-Reply-To: Message-ID: <9304050206.AA13467@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain > [lost attributions, sorry] So did I! ;^) > >> I could do an ascii upload of my secret key and never expose my > >> key to disk-storage. > > This is even more dangerous than storing it on the disks of a multi-user > > machine. Unless you are running in a kerberos environment it is trivial to > > snoop your upload off the network... > I don't find the risk of a real-time snoop to be as bad as the risk > of a future snoop finding my private key alongside encrypted files that > have been stored forever (backups). I am the writer of the original post, and I quite agree with the responce that said that this was a bad idea. The whole point in being secure, is being as secure as possible. > To mitigate either problem, how about having two layers of encryption: a > private key to decrypt files for reading on a public machine, and a second > public/private pair to reencrypt the files for storage and > transmission to the home machine. The public machine knows > the first private key (if snooped) and the second public key; only the > home machine knows the second private key. Snooping the first private You still have to store a secret key somewhere. And to do that, you must trust your system administrater..... > key compromises only unread and future messages until the key is > changed. Messages archived in the reencrypted state are secure, but > messages archived in the unread state with the first private key are > still compromised forever. Is backing up mail directories a common > practice? Are there (probably system-dependent) ways to avoid backups, > such as anticipating or detecting when backups are about to occur, > hidden directories, file permissions, etc? > > Also, this system introduces some user hostility, in that > reencrypted files cannot be read again until moved to the > home machine. It was suggested that I keep my public keyring on the mainframe and use it to read mail. When I want to send mail, I encrypt it at home and upload it into my mailer. This is what I do now. I forgot who you were, but you gave me a good idea. Thanx. > Another idea is to implement the relevant features of Kerberos in > a high-level client/server package that can be used to secure personal > network communications of this kind. The package could be distributed > with PGP. What are these features? I don't know what kerberos is. +----------------------+----------------------------------------------------+ | J. Michael Diehl ;-) | I thought I was wrong once. But, I was mistaken. | | +----------------------------------------------------+ | mdiehl@triton.unm.edu| "I'm just looking for the opportunity to be | | Thunder@forum | Politically Incorrect! | | (505) 299-2282 | | +----------------------+----------------------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Sun, 4 Apr 93 23:38:08 PDT To: cypherpunks@toad.com Subject: PGP help Message-ID: <9304050638.AA25783@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain Hi all. The manual for pgp ver. 2.2 says that it can encrypt a file for receipt by multiple users, pgp -e file user1 user2. I can't seem to get it to work. It creates one file, readable by user1. I'm using the msdos version. What am I doing wrong? Thanx in advance. +----------------------+----------------------------------------------------+ | J. Michael Diehl ;-) | I thought I was wrong once. But, I was mistaken. | | +----------------------------------------------------+ | mdiehl@triton.unm.edu| "I'm just looking for the opportunity to be | | Thunder@forum | Politically Incorrect! | | (505) 299-2282 | | +----------------------+----------------------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Derek Atkins Date: Mon, 5 Apr 93 00:08:07 PDT To: J. Michael Diehl Subject: Re: PGP help In-Reply-To: <9304050638.AA25783@triton.unm.edu> Message-ID: <9304050708.AA01498@deathtongue> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- > The manual for pgp ver. 2.2 says that it can encrypt a file for receipt by > multiple users, pgp -e file user1 user2. I can't seem to get it to work. > It creates one file, readable by user1. I'm using the msdos version. > > What am I doing wrong? This should create a single file which is readable by both users, user1 and user2. Did you try giving this file to user2 and have them decrypt it? Is user2 using PGP 2.2, or an earlier version? It doesn't look like you are doing anything wrong... - -derek PGP 2 key available upon request on the key-server: pgp-public-keys@toxicwaste.mit.edu - -- Derek Atkins, MIT '93, Electrical Engineering and Computer Science Secretary, MIT Student Information Processing Board (SIPB) MIT Media Laboratory, Speech Research Group warlord@MIT.EDU PP-ASEL N1NWH -----BEGIN PGP SIGNATURE----- Version: 2.2 iQBuAgUBK7/awTh0K1zBsGrxAQGwKwLDBE/AgE5YY84RDMIcXa/qW7qEkgAd+jZW Wl5wXZDGrgbWZuZOiR9HKnEs4HzJtGrhi5DmDwPTVXu/rASU6trS1suk5thK/Fu8 TuDKvGX/6S+tOGQlgdRDdDg= =a8mO -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Mon, 5 Apr 93 11:58:33 PDT To: cypherpunks@toad.com Subject: wpcrack on archive site Message-ID: <9304051855.AA28910@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain I just put up Ron Dippold's wpcrack code up on the ftp site, a program that breaks the (very bad) encryption of Word Perfect files. The distribution is four files wpcrack.c wpcrack.doc wpuncryp.c wpuncryp.doc in directory pub/cypherpunks/cryptanalysis. The anonymous ftp site is soda.berkeley.edu. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: stig@transam.ece.cmu.edu (Jonathan Stigelman) Date: Mon, 5 Apr 93 19:42:37 PDT To: cypherpunks@toad.com Subject: Re: Re: PGP help and comments. Message-ID: <243@x15_remote.stigmobile.usa> MIME-Version: 1.0 Content-Type: text/plain In message <9304040758.AA07164@tigger.cc.utexas.edu> you write: > >This is even more dangerous than storing it on the disks of a multi-user >machine. Unless you are running in a kerberos environment it is trivial to >snoop your upload off the network, and even without that weakness you are >exposing yourself to the same problem that the docs mention (it is really >pretty easy to scan someone's terminal input) only you are giving them the >key outright instead of only giving them the passphrase to your key. > Yeah.... So if your key can be snooped off the net, so can your cleartext. To decript online, then, is akin to using only weak encription...which indicates only the desire for limited privacy. But if even if you do decript online, you're still protected from file snooping. What's needed is PGP decription built into your terminal program. stig From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Mon, 5 Apr 93 17:28:01 PDT To: cypherpunks@toad.com Subject: WB: public kiosks In-Reply-To: <199304041031.AA11760@well.sf.ca.us> Message-ID: <9304060025.AA04499@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >Re public kiosks; recall that Community Memory started the idea of >coin-operated kiosks years ago; and presumably still has terminals located >around town. For those of you not familiar with Community Memory, it is a Berkeley only system intended to make community stronger in Berkeley. Steven Levy wrote about it in _Hackers_. SFNET is an expanding commercial service; I want to use SFNET as an example a springboard for much wider deployment of public access to whistleblowing. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Tue, 6 Apr 93 00:44:07 PDT To: cypherpunks@toad.com Subject: PGP error. Message-ID: <9304060743.AA28329@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain When I use the following command line in a batch file, I get a Compression/ decompression error. No files are created. The contents of the batch file is: pgp -es %1 %2 Diehl Where %1 is the name of the file to send, and %2 is the other person's name. What am I doing wrong, or is ther a problem with my pgp? Thanx in advance. -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.2 mQA9Aiu/jVAAAAEBgM2F5mSlCA+KRd6TXIrqmPfiiAEytwSttZs7Yua939GMu2mP JL+5Qpi/ZKqF2nAJAwAFEbQsSi4gTWljaGFlbCBEaWVobCwgMSwgPG1kaWVobEB0 cml0b24udW5tLmVkdT4= =lyvx -----END PGP PUBLIC KEY BLOCK----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Tue, 6 Apr 93 19:28:27 PDT To: cypherpunks@toad.com Subject: Smaller is better. Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Mon, 05 Apr 93 12:36:09 PST, Jonathan Stigelman writes - JS> Yeah.... So if your key can be snooped off the net, so can your JS> cleartext. To decript online, then, is akin to using only weak JS> encription...which indicates only the desire for limited privacy. JS> But if even if you do decript online, you're still protected from JS> file snooping. JS> What's needed is PGP decription built into your terminal program. I think that you guys are missing the point here. IMHO, if you wish maximum assurance of security, than I'd suggest not trying to run programs such as PGP on a multi-user system to begin with! What's wrong with using a PC for this? It offfers a maximum convenience, single-user secure system quite unlike the security problems associated with your university's mainframe. The PC offers the communications availability and the flexibilty to provide an extremely high level of privacy, if you know what you're doing. You should try it sometime .... Cheers. Paul Ferguson | "Sincerity is fine, but it's no Network Integration Consultant | excuse for stupidity." Centreville, Virginia USA | -- Anonymous fergp@sytex.com (Internet) | sytex.com!fergp (UUNet) | 1:109/229 (FidoNet) | PGP 2.2 public encryption key available upon request. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Tue, 6 Apr 93 16:39:24 PDT To: mdiehl@triton.unm.edu (J. Michael Diehl) Subject: Re: PGP help and comments. Message-ID: <9304062339.AA22656@servo> MIME-Version: 1.0 Content-Type: text/plain At 01:58 AM 4/4/93, Jim McCoy wrote: >J. Michael Diehl writes: >> >> I would like to use pgp on the mainframes, but don't want to store my secret >> key on their disks. >This is even more dangerous than storing it on the disks of a multi-user >machine. I agree 100%. Security packages like PGP are meaningful only when you have your own personal machine to run it on. Indeed, it would be nice if PGP could somehow tell when it is being run over a network, and severely warn the user when he is about to type something secret (like a passphrase). I don't know of any clean way to do it, though. Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Scott Northrop Date: Tue, 6 Apr 93 12:47:52 PDT To: cypherpunks@toad.com Subject: PGP and problems therewith. Message-ID: <9304061947.AA01322@first.cac.washington.edu> MIME-Version: 1.0 Content-Type: text/plain I was under the impression that there was a newsgroup for discussion of how to use PGP. I most certainly don't mind talk about how to most effectively use PGP (PC-based decryption of files on your unsecure unix box, for example), and I don't have much room for criticism given the nil that I've contributed to this forum. But please, in the name of all that's holy, could the How To Use PGP Q&A go somewhere else? Please? Scott PS - Did the list get the message by sand@u.washington.edu about the correct place to put hidden data in a JPEG image? Our mail reflector burped, and we didn't get that week... :( (Mail, please, don't reply to the list.) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Shipley Date: Tue, 6 Apr 93 14:12:42 PDT To: cypherpunks@toad.com Subject: Re: PHRACK: Article from PHRACK 42 on encryption Message-ID: <9304062112.AA23379@edev0.TFS> MIME-Version: 1.0 Content-Type: text/plain >> Exposing factual errors and flaws in reasoning is left as an exercise >> for the reader. >> > >The flaws are big enough to drive a bakery truck through. Its trash. maybe you should do a better writeup and publish it in PHRACK or 2600? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc.Ringuette@GS80.SP.CS.CMU.EDU Date: Tue, 6 Apr 93 11:25:46 PDT To: cypherpunks@toad.com Subject: WB: public kiosks Message-ID: <9304061825.AA28189@toad.com> MIME-Version: 1.0 Content-Type: text/plain Public kiosks are OK as a simple and moderately effective technique for assuring anonymity, and they're ideal for a security-naive person who is unable to verify the security of a more complex system. But for my own use, I am much more confident in the security guarantee given by encryption on a portable computer and anonymizing using Chaum-style remailers... -- Marc Ringuette (mnr@cs.cmu.edu) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Douglas Mason Date: Tue, 6 Apr 93 18:08:23 PDT To: Subject: Re: PHRACK: Article from PHRACK 42 on encryption Message-ID: MIME-Version: 1.0 Content-Type: text/plain > >> Exposing factual errors and flaws in reasoning is left as an exercise > >> for the reader. > >The flaws are big enough to drive a bakery truck through. Its trash. > maybe you should do a better writeup and publish it in PHRACK or 2600? I agree. Anyone can sit and say "Oh, that article is a piece of crap", but these same people never put their "money where their mouth is" and write an article of their own. I've written for both Phrack and 2600 and it sure as hell isn't hard to get something submitted. If you think you can do better by all means write an article and send it in. If trash is being published, why not try to correct it? If you have any problems with where to send it, I'll gladly forward you the address. Otherwise, shut the hell up. If you don't like your goverment, vote. If you don't like something that is published, write something yourself. It's not some type of elite club of writers, both publications welcome people of all walks to submit. --Doug --- Douglas Mason douglas@approach.com Network Administration CompuServe: 76646,3367 Approach Software Corporation +01 415.306.7890 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Tue, 6 Apr 93 18:00:45 PDT To: cypherpunks@toad.com Subject: Re: WB: public kiosks Message-ID: <9304070100.AA23113@servo> MIME-Version: 1.0 Content-Type: text/plain >Public kiosks are OK as a simple and moderately effective technique for >assuring anonymity, and they're ideal for a security-naive person who >is unable to verify the security of a more complex system. But for >my own use, I am much more confident in the security guarantee given by >encryption on a portable computer and anonymizing using Chaum-style >remailers... Indeed. By definition, a public kiosk is in a public area, with open access to all including the Bad Guy's agents and investigators. And tracking people's physical movements in public places is an art that investigators have had many years to refine and perfect. Many more than, say, factoring large RSA public keys... Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter shipley Date: Tue, 6 Apr 93 20:01:18 PDT To: Brad Huntting Subject: Re: "hacker" publications Message-ID: <9304070233.AA02535@merde.dis.org> MIME-Version: 1.0 Content-Type: text/plain > >> PHRACK or 2600? > >Does anyone have a phone number and/or address for these or any >other "hackers" publications? > 2600: 2600@well.sf.ca.us phrack: phrack@stormking.com (also see included file) InfoHax: see nestey@csn.org there is also a list called zardoz but I suspect it is dead. the main problem with these lists is that people want info but do not want to give up any of their secret. Some security lists I have been on insist that all members contribute something or they are droped from the list. -Pete ---- Included file - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - HOW TO SUBSCRIBE TO PHRACK MAGAZINE The distribution of Phrack is now being performed by the software called Listserv. All individuals on the Phrack Mailing List prior to your receipt of this letter have been deleted from the list. If you would like to re-subscribe to Phrack Inc. please follow these instructions: 1. Send a piece of electronic mail to "LISTSERV@STORMKING.COM". The mail must be sent from the account where you wish Phrack to be delivered. 2. Leave the "Subject:" field of that letter empty. 3. The first line of your mail message should read: SUBSCRIBE PHRACK 4. DO NOT leave your address in the name field! (This field is for PHRACK STAFF use only, so please use a full name) Once you receive the confirmation message, you will then be added to the Phrack Mailing List. If you do not receive this message within 48 hours, send another message. If you STILL do not receive a message, please contact "SERVER@STORMKING.COM". You will receive future mailings from "PHRACK@STORMKING.COM". If there are any problems with this procedure, please contact "SERVER@STORMKING.COM" with a detailed message. You should get a conformation message sent back to you on your subscription. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ---- End of Included file From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Brad Huntting Date: Tue, 6 Apr 93 18:50:25 PDT To: Peter Shipley Subject: "hacker" publications Message-ID: <199304070150.AA00873@misc.glarp.com> MIME-Version: 1.0 Content-Type: text/plain > PHRACK or 2600? Does anyone have a phone number and/or address for these or any other "hackers" publications? I've pretty much had it with the "legit" computer security information sources (CERT et al). Between the censorship and the untimely notification they are next to worthless for keeping abreast of computer and network security issues. thanx in advance, brad huntting@glarp.com P.S. I cant read Dutch (yet). From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Tue, 6 Apr 93 20:28:44 PDT To: fergp@sytex.com (Paul Ferguson) Subject: Re: Smaller is better. In-Reply-To: Message-ID: <9304070327.AA23357@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain Well, I guess I started this thread, so lets see if I can finish it... ;^) > On Mon, 05 Apr 93 12:36:09 PST, > Jonathan Stigelman writes - > JS> Yeah.... So if your key can be snooped off the net, so can your > JS> cleartext. To decript online, then, is akin to using only weak > JS> encription...which indicates only the desire for limited privacy. > JS> But if even if you do decript online, you're still protected from > JS> file snooping. This is akin to using an umbrella with a hole in it and saying, "Well, at least my face doesn't get wet. If you want to stay dry, you want to stay COMPLETELY dry. > JS> What's needed is PGP decription built into your terminal program. Someone posted a program, link, that would encrypt modem communcations. Would you post an address for it. I can't find where I put it. > I think that you guys are missing the point here. IMHO, if you wish > maximum assurance of security, than I'd suggest not trying to run > programs such as PGP on a multi-user system to begin with! What's > wrong with using a PC for this? It offfers a maximum convenience, > single-user secure system quite unlike the security problems > associated with your university's mainframe. This is, IMHO, the best solution. BTW, I have several telix scripts that make it actually convenient, even at 1200 baud! (gak!). I would post them, but they are trivial. Thanx, Phantom, for the suggestion. What we need here is a "security package" that we distribute in an effort to make it easier to use secure practices. > The PC offers the communications availability and the flexibilty to > provide an extremely high level of privacy, if you know what you're > doing. And many people don't... I've taken a minor flame or two for asking for help with using pgp on this list. The whole point of this list, IMHO, is to make strong security practices as easy and as wide-spread as possible. Correct me if I'm wrong. +----------------------+----------------------------------------------------+ | J. Michael Diehl ;-) | I thought I was wrong once. But, I was mistaken. | | +----------------------------------------------------+ | mdiehl@triton.unm.edu| "I'm just looking for the opportunity to be | | Thunder@forum | Politically Incorrect! | | (505) 299-2282 | | +----------------------+----------------------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: bmullane@ultrix.ramapo.edu (James Bond-007) Date: Tue, 6 Apr 93 18:27:26 PDT To: cypherpunks@toad.com Subject: please remove me Message-ID: <9304070131.AA20100@ultrix> MIME-Version: 1.0 Content-Type: text/plain please remove me from the mailing list i wish that i had the time to try to keep up with the list, but i dont i may rejoin at some time in the future thanks, Brian From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Round Waffle Date: Tue, 6 Apr 93 19:09:51 PDT To: huntting@glarp.com (Brad Huntting) Subject: Re: "hacker" publications In-Reply-To: <199304070150.AA00873@misc.glarp.com> Message-ID: <9304070208.AA11409@titan.ucs.umass.edu> MIME-Version: 1.0 Content-Type: text Possessed by The Unholy, Brad Huntting scrawled the following in blood: > > > > PHRACK or 2600? > > Does anyone have a phone number and/or address for these or any > other "hackers" publications? > > I've pretty much had it with the "legit" computer security information > sources (CERT et al). Between the censorship and the untimely > notification they are next to worthless for keeping abreast of > computer and network security issues. > > > thanx in advance, > brad > huntting@glarp.com 2600 Magazine PO Box 752 (for subscriptions) OR PO Box 99 (for letters/submissions) Middle Island, NY 11953-0752 (516) 751-2600 2600@well.sf.ca.us $21 for 4 issues back issues are $25/year Phrack Magazine 603 W. 13th #1A-278 Austin, TX 78701 phrack@well.sf.ca.us +- eggo@titan.ucs.umass.edu --><-- Eat Some Paste -+ +- Yorn desh born, der ritt de gitt der gue, -+ +- Orn desh, dee born desh, de umn bork! bork! bork! -+ +----------------- The Durex Blender Corporation -----------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fnordbox!loydb@cs.utexas.edu (Loyd Blankenship) Date: Wed, 7 Apr 93 00:23:17 PDT To: fnordbox!cypherpunks, cypherpunks@toad.com Subject: hello? Message-ID: <9304070532.AA00biv@fnordbox.UUCP> MIME-Version: 1.0 Content-Type: text/plain I hate messages like this one, but is this list sick? I haven't gotten anything for many days . . . Loyd *************************************************************************** * loydb@fnordbox.UUCP SJ Games: 1 * Loyd Blankenship * * GEnie: SJGAMES US Secret Service: 0 * PO Box 18957 * * Compu$erve: [73407,515] * Austin, TX 78760 * * cs.utexas.edu!dogface!fnordbox!loydb * 512/447-7866 * *************************************************************************** From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dlr@world.std.com (David L Racette) Date: Tue, 6 Apr 93 21:09:38 PDT To: cypherpunks@toad.com Subject: Mac PGP on The Well Message-ID: <199304070409.AA00146@world.std.com> MIME-Version: 1.0 Content-Type: text/plain I was just reading in the EFF conference on the Well that they have asked that the pgp version for the mac be removed ...at least temporarily because of the possible legal problems. I don't use a mac and already have a copy thankak you anyway From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Doug.Brightwell@Corp.Sun.COM (Doug Brightwell) Date: Wed, 7 Apr 93 06:47:15 PDT To: cypherpunks@toad.com Subject: Mac PGP 2.2 Sites? Message-ID: <9304071346.AA12241@media.Corp.Sun.COM> MIME-Version: 1.0 Content-Type: text/plain Anyone know of any ftp sites where I could find the new 2.2 version? Thanks, Doug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Douglas Mason Date: Wed, 7 Apr 93 08:28:27 PDT To: Subject: Re: PHRACK: Article from PHRACK 42 on encryption Message-ID: MIME-Version: 1.0 Content-Type: text/plain > groups like sci.crypt already have some pretty good documents. > There is no need for spreading of misinfomation like phrack. The problem is that Phrack has a distribution that goes in other directions, where a simple Usenet newsgroup can not reach. I've seen files from past Phrack issues available on Public Domain archive sets for BBS's. Phrack has been around for quite a while now and unlike a lot of the other series on-line mags, it is probably going to be around for a while longer. CuD and the likes are great for news, but where else can you find somewhat lengthy papers on various topics? Even if most of it is elementary, there is always something interesting in each issue, even if it is just to see some of the personalities that are out there. Like it or not, piece of crap or otherwise, it does get around. It's going through ownership changes and probably would like to find some people that would be willing to help out with "cleaning" it up. Why not help? --Doug --- Douglas Mason douglas@approach.com Network Administration CompuServe: 76646,3367 Approach Software Corporation +01 415.306.7890 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Derek Atkins Date: Wed, 7 Apr 93 07:08:28 PDT To: Doug.Brightwell@Corp.Sun.COM (Doug Brightwell) Subject: Re: Mac PGP 2.2 Sites? In-Reply-To: <9304071346.AA12241@media.Corp.Sun.COM> Message-ID: <9304071408.AA01175@toxicwaste.MEDIA.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- The sites I know of that carry MacPGP 2.2 are: black.ox.ac.uk (129.67.1.165) /src/security/macpgp2.2.cpt.hqx (Macintosh version) ftp.demon.co.uk (158.152.1.65) /pub/ibmpc/pgp/MacPGP2.2 (Macintosh version) nic.funet.fi (128.214.6.100) /pub/crypt/MacPGP2.2 soda.berkeley.edu (128.32.149.19) /pub/cypherpunks/pgp/macpgp2.2.cpt.hqx night.nig.ac.jp (133.39.16.66) /pub/security/PGP/MacPGP2.2 Enjoy! - -derek PGP 2 key available upon request on the key-server: pgp-public-keys@toxicwaste.mit.edu - -- Derek Atkins, MIT '93, Electrical Engineering and Computer Science Secretary, MIT Student Information Processing Board (SIPB) MIT Media Laboratory, Speech Research Group warlord@MIT.EDU PP-ASEL N1NWH -----BEGIN PGP SIGNATURE----- Version: 2.2 iQBuAgUBK8LgNzh0K1zBsGrxAQFqLwLFFGWzH5+NH/oGZq5Bv/TwkZeW47CEQwCC is1ZoVB8djkqZk7kD6IMpL552zly4q0mYfo7y2QKH/BJNQ7CcABSVReEd9uT5t+X UfHBYXgC+5zXi7AphDvRqIE= =Dbf7 -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: sean@gomez.Jpl.Nasa.Gov (Sean Barrett) Date: Wed, 7 Apr 93 10:20:01 PDT To: cypherpunks@toad.com Subject: Remailers Message-ID: <9304071720.AA00382@gomez.Jpl.Nasa.Gov> MIME-Version: 1.0 Content-Type: text/plain Would someone be so good as to mail me the list of anonymous remailers? My copy was lost in a backup-restore cycle. Thanks. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: cls6@midway.uchicago.edu (Cory Scott) Date: Wed, 7 Apr 93 08:37:46 PDT To: Doug.Brightwell@corp.sun.com (Doug Brightwell) Subject: Re: Mac PGP 2.2 Sites? Message-ID: <9304071537.AA09036@midway.uchicago.edu> MIME-Version: 1.0 Content-Type: text/plain >Anyone know of any ftp sites where I could find the new 2.2 version? Try soda.berkeley.edu /pub/cypherpunks/pgp. If that's, for some reason impossible, I will send it (Binhexed) to anyone who wants a copy. Cory Cory L. Scott ----------------------------------------------------------- Computing Assistant and Consultant Phoenix Project, Biological Sciences Division University of Chicago cls6@midway.uchicago.edu ----------------------------------------------------------- Member, U of C Student Computing Issues Committee From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: robichau@lambda.msfc.nasa.gov (Paul Robichaux) Date: Wed, 7 Apr 93 08:59:02 PDT To: cypherpunks@toad.com Subject: PHRACK: my draft reply to the crypt article Message-ID: <9304071558.AA12663@lambda.msfc.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain Attached is a short rebuttal or reply to the PHRACK article I posted last week. I'd appreciate comments and suggestions on how to improve it- my knowledge is far behind Marc, Tim, Perry, and many of the others on this list. So, I got off my butt. Hopefully this will satisfy Doug :) -Paul My background: I've been into the scene for about 12 years. My day job is writing unix s/w for a NASA contractor. My night job... well, never mind that. I have a strong amateur interest in crypto, and I'd like to share some of what people in the usenet/internet community have been kind enough to teach me. Racketeer sez: > If you think that the world of the Hackers is deeply shrouded with >extreme prejudice, I bet you can't wait to talk with crypto-analysts. These >people are traditionally the biggest bunch of holes I've ever laid eyes on. In >their mind, people have been debating the concepts of encryption since the >dawn of time, and if you come up with a totally new method of data encryption, > -YOU ARE INSULTING EVERYONE WHO HAS EVER DONE ENCRYPTION-, mostly by saying >"Oh, I just came up with this idea for an encryption which might be the best >one yet" when people have dedicated all their lives to designing and breaking >encryption techniques -- so what makes you think you're so fucking bright? One real reason for this reaction is that people _have_ been studying encryption for 100 years or so. As a result, many simple cryptosystems are continuallly being reinvented by people who haven't ever made even a simple study of cryptosystems. Imagine if someone came up to you and said "Wow! I just found a totally K00L way to send fake mail! It's radical! No one's ever thought of it before!" You'd laugh, right? _Anyone_ can figure out how to forge mail. Well, _anyone_ can come up with the n-th variation of the Vigniere or substitution cipher. An even more important reason for their 'tude is that cypherpunks are suspicious by nature. A key principle of crypto is that you can only trust algorithms that have been made public and thoroughly picked over. Without that public scrutiny, how can you trust it? The feds' Digital Signature Standard (DSS) got raked in the crypto and industry press because the feds wouldn't disclose details of the algorithm. "How do we know it's secure?" the cypherpunks asked. "We won't use it if we don't know it's secure!" Point being: (for those of you who skipped over) cypherpunks trust NO ONE when the subject is encryption algorithms. Maybe J. Random Hacker has come up with a scheme faster and more secure than, say, RSA. If JRH won't share the details, no one will use it. Racketeer goes on to talk about DES. It's fairly clear that for a known-ciphertext attack (i.e. you have a block of encoded text, but neither the key nor the plaintext) will, at worst, require 2^56 decryption attempts. Various schemes for parallel machines and so forth have been posted in sci.crypt. Does the NSA have something that can crack DES? Probably. My claim would be that cracking passwords is (at minimum) order-of-magnitude faster than a known-ciphertext attack against a "typically secure" ciphertext. By typically secure, I mean one encrypted with DES in CBC mode (_not_ the more common and easier-to-implement ECB mode) using a strong key (not a password of "123", for example.) Remember that DES is mostly used for short-lived session keys. ATMs are a good example; they typically use a DES key for one communication session with the central bank. New session, new key. DES is _not_ very well suited for long-term encryption, since it can probably be attacked in "reasonable" time by a determined, well-equipped opponent. Now, on to PGP. Pretty Good Software was indeed threatened with a lawsuit by Public Key Partners (PKP). PKP holds the patent on the RSA public-key algorithm. (Many people, me included, don't think that the patent would stand up in court; so far, no one's tried.) The nice thing about PGP is that it offers IDEA and RSA in a single, well-integrated package. When you encrypt a file, PGP generates an IDEA session key, which is then encrypted with RSA. An opponent would have to either a) exhaustively search the entire IDEA key space or b) break RSA to decrypt the file without the password. Racketeer also mentions that PGP can optionally compress files before encryption. There's a solid crypto reason behind this, too. One well-known and successful way to attack an encrypted file is to look for patterns of repeated characters. Since the statistical frequencies of word and letter use in English (and many other languages; some folks have even compiled these statistics for Pascal & C!) are well-known, comparing the file contents with a statistical profile can give some insight into the file's contents. By compressing files before encrypting them, PGP is moving the redundancy out of the text and into the small dictionary of compression symbols. You'd still have to decrypt the file before you could do anything useful with that dictionary, or even to determine that it _had_ a signature! -- Paul Robichaux, KD4JZG | May explode if disposed of improperly. NTI Mission Software Development Div. | RIPEM key on request. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mccoy@ccwf.cc.utexas.edu (Jim McCoy) Date: Wed, 7 Apr 93 09:25:24 PDT To: fergp@sytex.com (Paul Ferguson) Subject: Re: Smaller is better. In-Reply-To: Message-ID: <9304071625.AA25481@flubber.cc.utexas.edu> MIME-Version: 1.0 Content-Type: text fergp@sytex.com (Paul Ferguson) writes: > > On Mon, 05 Apr 93 12:36:09 PST, > Jonathan Stigelman writes - > > JS> [pgp on multi-user systesm stuff] > > I think that you guys are missing the point here. IMHO, if you wish > maximum assurance of security, than I'd suggest not trying to run > programs such as PGP on a multi-user system to begin with! What's > wrong with using a PC for this? It offfers a maximum convenience, > single-user secure system quite unlike the security problems > associated with your university's mainframe. Some people either do not have the option, or need the convenience of a multi-user system. My PC is sitting at home with a toasted modem (waiting for a Paradyne to arrive... :) and even when it is running fine I spend 8-12 hours a day working on multi-user systems with connectivity that is light-years beyond what my PC has. If I want to send out am email message and do not want to spend an hour walking home, encrypting it, walking back, and then transferring the file and sending it I will use my copy of PGP on a multi-user machine. I have a different key that I use (my key on a server) for this type of communication and accept and understand the consequences of using PGP in this manner. As long as the user knows the weaknesses of the system they are using they should make thier own choices regarding how to use PGP. You may consider your PC at home to be completely safe and secure, but unless you recognize the weaknesses of that particular setup you are not reaching the "maximum assurance of security" that you claim. jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fen@genmagic.genmagic.com (Fen Labalme) Date: Wed, 7 Apr 93 12:04:16 PDT To: pmetzger@shearson.com Subject: FLAME: Perry M. vs. taking action (was: Re: PHRACK...) Message-ID: <9304071904.AA17502@> MIME-Version: 1.0 Content-Type: text/plain Perry - > > If you don't like your goverment, vote. > > I'm an anarchist. You might as well say to an atheist "if you don't > like Catholicism, start a schism." I, too, aspire towards anarchy, but I don't ignore the tools around me. Not voting in today's society is a cop out. It is most certainly not perfect, and the choices suck, but it remains one of the major voices you have today in the world. Anarchy works best when people are informed. Education is key. Simply bad-mouthing other's works is not giving people a choice to decide which of two views they feel are better. Rather, it just fuels the fires of apathy (that the governemnt have been fanning for so long). Cypherpunks are trying to change the world. Sounds like you're just going to whine about it. Positive action will always be more effective. And better received. Fen PS: I must say that with your lack of content in your posts, if I had a filter on my email, it would filter out yours. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Wed, 7 Apr 93 12:39:02 PDT To: cypherpunks@toad.com Subject: Real-time BBS Encryption?? In-Reply-To: <01930407174710/0005857625DC2EM@mcimail.com> Message-ID: <9304071935.AA26846@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Re: encrypting modem links >I'm wondering if there is a way to do this with PCs? Yes, with difficulty, and not transparently. >Is there a way to encrypt a remote users entire connection with >the BBS, so that they would have to have a special term program to access >the system? For PC's, replacing the terminal software is really the best way. There is no effective abstraction of serial port hardware in the PC world. The int 0x14 driver in the BIOS was rampantly defective, and MSDOS does not provide a standard interface. As a result, almost all comm software on PC's talks to the serial port directly. Now in MS Windows, there is abstraction for ther serial ports, but I don't know how easy it is to insert a device layer. >It would be best if the user only had to load a device driver >or something so that they wouldn't all have to use the same comm program. It might be possible, using a 386, to make a driver that acted as if it were hardware but actually did encryption. Ick. Reliability and cross-program compatibility would be shit. And it would have to be made compatible with whatever else was taking over the 386. Remember: I hate DOS. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Wed, 7 Apr 93 12:46:31 PDT To: cypherpunks@toad.com Subject: WB: public kiosks In-Reply-To: <9304070100.AA23113@servo> Message-ID: <9304071943.AA27401@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain I thank Marc Ringuette and Phil Karn for their comments on public kiosks. They remind me that public kiosks are not a panacea, and that we need to educate others to that awareness. Nevertheless, let us remember the econmonics of the situation. It is expensive to follow people around--more expensive, say, than an illegal tap on a home phone line. By increasing the cost of the suppression of information, one ensures that more information, in the aggregate, is released. We may not be able to provide for any particular individual's privacy, but we can take actions for which we know that we will increase the total amount of privacy (however hard that would be to strictly define). Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl Barrus Date: Wed, 7 Apr 93 10:49:29 PDT To: cypherpunks@toad.com Subject: ANON: list of remailers Apr 7, 1993 Message-ID: <199304071749.AA04629@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain Sorry this is late, but I was delaying waiting for the uclink remailer's public key to be released, plus, I'm still not getting responses from remailer@dis.org (but at least I'm not getting bounced mail). Some users have informed me that they were able to use remailer@dis.org, so that's good! -----BEGIN PGP SIGNED MESSAGE----- Q1: What cypherpunk remailers exist? A1: 1: hh@pmantis.berkeley.edu 2: hh@cicada.berkeley.edu 3: hh@soda.berkeley.edu 4: nowhere@bsu-cs.bsu.edu 5: ebrandt@jarthur.claremont.edu 6: hal@alumni.caltech.edu 7: remailer@rebma.mn.org 8: elee7h5@rosebud.ee.uh.edu 9: phantom@mead.u.washington.edu 10: hfinney@shell.portal.com 11: remailer@utter.dis.org 12: 00x@uclink.berkeley.edu 13: remail@extropia.wimsey.com NOTES: #1-#5 remail only, no encryption of headers #6-#12 support encrypted headers #13 special - header and message must be encrypted together #7,#13 introduce larger than average delay #11 CANNOT CONFIRM OPERATION YET! TEST BEFORE ATTEMPTING TO USE. * #12 public key not yet released ====================================================================== Q2: What help is available? A2: Check out the pub/cypherpunks directory at soda.berkeley.edu (128.32.149.19). Instructions on how to use the remailers are in the remailer directory, along with some unix scripts and dos batch files. Mail to me (elee9sf@menudo.uh.edu) for further help and/or questions. ====================================================================== * I've had others tell me that they have successfully used this remailer, but I still don't get any responses...will keep trying! -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK8MS/YOA7OpLWtYzAQGgvwQAll6hwIfabxKGdtCSNPUa3M3RCBaqzPT2 VM+k8O94IVxAqX+RUMzRGUVJigrj+5XcNicX1ZvE61rh5InLbzqvUS8mQNbss6wr b098F0uHyCQCKCF13lzkLU0Gu+HxE+LoBuhaTiwonvcbQYgH+2+lhoU9yAbfduIq 9Syr3gaf3fk= =W8vL -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Wed, 7 Apr 93 11:22:45 PDT To: Douglas Mason Subject: Re: PHRACK: Article from PHRACK 42 on encryption Message-ID: <9304071652.AA02691@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain Douglas Mason says: > > > > >> Exposing factual errors and flaws in reasoning is left as an exercise > > >> for the reader. > > > >The flaws are big enough to drive a bakery truck through. Its trash. > > > maybe you should do a better writeup and publish it in PHRACK or 2600? > > I agree. Anyone can sit and say "Oh, that article is a piece of crap", but > these same people never put their "money where their mouth is" and write an > article of their own. > > I've written for both Phrack and 2600 and it sure as hell isn't hard to get > something submitted. If you think you can do better by all means write an > article and send it in. If trash is being published, why not try to correct > it? Because I lack an interest in doing so? Anyway, there is no need, as the PGP manual is very good and actually explains things properly. Lots of fine articles have already been written on all sorts of cryptography subjects. > If you have any problems with where to send it, I'll gladly forward you the > address. > > Otherwise, shut the hell up. Why should I? The article WAS crap. > If you don't like your goverment, vote. I'm an anarchist. You might as well say to an atheist "if you don't like Catholicism, start a schism." Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Wed, 7 Apr 93 13:08:41 PDT To: cypherpunks-announce@toad.com Subject: April 10 meeting Message-ID: <9304072002.AA28305@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Last month at Cypherpunks West, we decided that meetings would be held monthly on the second Saturday. So, for any of you planning to be in the area any time, keep this in mind. The April meeting for Cypherpunks West will be April 10, 1993. There was some delay getting this announcement out because our normal meeting sponsor, John Gilmore, will be out of town. Mike Werner, also of Cygnus, will be sponsoring our meeting at the same location, so there's no need to change plans. Thanks, Mike! ANNOUNCEMENT Cypherpunks West April Meeting Saturday, April 10, 1993 12:00 noon - 6:00 pm PDT Cygnus Support Offices, Mt. View (directions follow) Contact Mike Werner for physicalities: mtw@cygnus.com, 415-903-1421. AGENDA Arthur Abraham on hash functions Mail services (works in progress) Secure phones (updates) Other stuff as announced If you have anything you want to talk about, send me mail: hughes@soda.berkeley.edu DIRECTIONS Cygnus Support 1937 Landings Drive Mt. View, CA 94043 +1 415 903 1400 switchboard +1 415 903 1418 John Gilmore (out of town, see note above) Take US 101 toward Mt. View. From San Francisco, it's about a 40-minute drive. Get off at the Rengstorff Ave/Amphitheatre Parkway exit. If you were heading south on 101, you curve around to the right, cross over the freeway, and get to a stoplight. If you were heading north on 101, you just come right off the exit to the stoplight. The light is the intersection of Amphitheatre and Charleston Rd. Take a right on Charleston; there's a right-turn-only lane. Follow Charleston for a short distance. You'll pass the Metaphor/Kaleida buildings on the right. At a clump of palm trees and a "Landmark Deli" sign, take a right into Landings Drive. At the end of the road, turn left into the complex with the big concrete "Landmark" sign. Follow the road past the deli til you are in front of the clock tower that rises out of one of the buildings, facing you. Enter through the doors immediately under the clock tower. They'll be open between noon and 1PM at least. (See below if you're late.) Once inside, take the stairs up, immediately to your right. At the top of the stairs, turn right past the treetops, and we'll be in 1937 on your left. The door is marked "Cygnus". If you are late and the door under the clock tower is locked, you can walk to the deli (which will be around the building on your left, as you face the door). Go through the gate in the fence to the right of the deli, and into the back lawns between the complex and the farm behind it. Walk forward and right around the buildings until you see a satellite dish in the lawn. Go up the stairs next to the dish, which are the back stairs into the Cygnus office space. We'll prop the door (or you can bang on it if we forget). Or, you can find the guard who's wandering around the complex, who knows there's a meeting happening and will let you in. They can be beeped at 965 5250, though you'll have trouble finding a phone. Don't forget to eat first, or bring food at noon! I recommend hitting the burrito place on Rengstorff (La Costen~a) at about 11:45. To get there, when you get off 101, take Rengstorff (toward the hills) rather than Amphitheatre (toward the bay). Follow it about ten blocks until the major intersection at Middlefield Road. La Costen~a is the store on your left at the corner. You can turn left into the narrow lane behind the store, which leads to a parking lot, and enter by the front door, which faces the intersection. To get to the meeting from there, just retrace your route on Rengstorff, go straight over the freeway, and turn right at the stoplight onto Charleston; see above. See you there! John Gilmore From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pozar@kumr.lns.com (Tim Pozar) Date: Wed, 7 Apr 93 13:16:33 PDT To: hughes@soda.berkeley.edu (Eric Hughes) Subject: Re: Real-time BBS Encryption?? In-Reply-To: <9304071935.AA26846@soda.berkeley.edu> Message-ID: MIME-Version: 1.0 Content-Type: text Eric Hughes wrote: > >Is there a way to encrypt a remote users entire connection with > >the BBS, so that they would have to have a special term program to access > >the system? > > For PC's, replacing the terminal software is really the best way. > There is no effective abstraction of serial port hardware in the PC > world. The int 0x14 driver in the BIOS was rampantly defective, and > MSDOS does not provide a standard interface. > > As a result, almost all comm software on PC's talks to the serial port > directly. Now in MS Windows, there is abstraction for ther serial > ports, but I don't know how easy it is to insert a device layer. > > >It would be best if the user only had to load a device driver > >or something so that they wouldn't all have to use the same comm program. > > It might be possible, using a 386, to make a driver that acted as if > it were hardware but actually did encryption. Ick. Reliability and > cross-program compatibility would be shit. And it would have to be > made compatible with whatever else was taking over the 386. Using something like a FOSSIL driver (a replacement serial port driver that many BBSes use) you could do this. I would imagine that it would only encode when carrier is up and the BBS software sends an INT14 AX=xx instruction to turn on encryption. Tim -- Internet: pozar@kumr.lns.com FidoNet: Tim Pozar @ 1:125/555 Snail: Tim Pozar / KKSF / 77 Maiden Lane / San Francisco CA 94108 / USA POTS: +1 415 788 2022 Radio: KC6GNJ / KAE6247 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jet@nas.nasa.gov (J. Eric Townsend) Date: Wed, 7 Apr 93 13:35:21 PDT To: cypherpunks@toad.com Subject: Re: Real-time BBS Encryption?? In-Reply-To: Message-ID: <9304072035.AA14210@boxer.nas.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain What about a streams module that does encryption? Of course, it'd require people to run a real OS instead of dos/system... -- J. Eric Townsend jet@nas.nasa.gov 415.604.4311 NASA Ames Numerical Aerodynamic Simulation | play: jet@well.sf.ca.us Parallel Systems Support, CM-5 POC | '92 R100R / DoD# 0378 PGP2.1 public key available upon request or finger jet@simeon.nas.nasa.gov From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mccoy@ccwf.cc.utexas.edu (Jim McCoy) Date: Wed, 7 Apr 93 11:36:18 PDT To: 0005857625@mcimail.com (Michael McMahon) Subject: Re: Real-time BBS Encryption?? In-Reply-To: <01930407174710/0005857625DC2EM@mcimail.com> Message-ID: <9304071836.AA26678@flubber.cc.utexas.edu> MIME-Version: 1.0 Content-Type: text Michael McMahon <0005857625@mcimail.com> writes: [...] > I'm wondering if there is a way to do [end-to-end encryption] with PCs? > Is there a way to encrypt a remote users entire connection with the BBS, > so that they would have to have a special term program to access the > system? Sure, no problem, provided you are willing to do a lot of coding... The basic idea would be to use public-key encryption to do a short negotigiation of a one-time key to use for DES/IDEA encryption of the session. You could then use a public key for the system as a whole (with which the users can encrypt thier personal public keys for uploading during the initial connection) and the user's public key to send the key transmitted from the BBS for the session. All that would be necessary is for you to add a bit of code to the comm program so that it would recognize when it was talking to a system such as this and do the right thing when needed (the actual encryption code is readily available in systems like PGP and the various DES implementations out there.) The downside is that there are a lot of terminal programs out there for microcomputers and not many supply source code for such modifications. I had thought about using such a system when planning out a raid-proof 386BSD system and the hassles of trying to get at least one program to do this for every platform that might want to connect to such a BBS was more work that I wanted to do. Perhaps as an option (e.g. one line using end-to-end encryption and others normal) for connecting to a system, but if all the lines are done like this you will probably find making it difficult for people to connect like this keeps people away from the system. jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Wed, 7 Apr 93 14:23:13 PDT To: jet@nas.nasa.gov Subject: Re: Real-time BBS Encryption?? Message-ID: <9304072122.AA29477@servo> MIME-Version: 1.0 Content-Type: text/plain Actually, I think a much more powerful solution is to run TCP/IP over the serial link and to encrypt individual IP datagrams. This is the charter of the IETF "ip-security" working group, and there is already a prototype implementation of one approach working. Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Wed, 7 Apr 93 15:22:56 PDT To: cypherpunks@toad.com Subject: EMI shielding Message-ID: <9304072222.AA29676@servo> MIME-Version: 1.0 Content-Type: text/plain Apropos the recent discussion about TEMPEST shielding, there's an interesting product that might prove quite useful: CAPCON EMI suppressant tubing. A colleague got a shipment of it today. It's ordinary black rubber tubing that has been loaded with iron oxide. It comes in 26 sizes from .04" ID to 1.25" ID, and is claimed to have much better attenuation than ferrite beads, especially at UHF and microwave frequencies. You can shield entire cable lengths with it, or you can apply it in short segments (1" to 1') just like ferrite beads and get plenty of attenuation for less cost and weight (this stuff is *heavy*, and the 1/2" stuff cost several dollars per foot.) It's also available as sheeting in various thicknesses for lining cabinets, etc. I got the bright idea to test the absorptivity claims for this stuff by putting an 8" piece into a microwave oven. After 10 seconds, it was too hot to handle. I'd say it's doing just what it's supposed to do. Contact info: Capcon, Inc 147 W 25th St New York, NY 10001 212-243-6275 212-645-0185 (fax) Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Wed, 7 Apr 93 14:32:22 PDT To: cypherpunks@toad.com Subject: Re: Real-time BBS Encryption?? Message-ID: <9304072132.AA14268@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain > Re: encrypting modem links > >I'm wondering if there is a way to do this with PCs? > Yes, with difficulty, and not transparently. > > >Is there a way to encrypt a remote users entire connection with > >the BBS, so that they would have to have a special term program to access > >the system? > > For PC's, replacing the terminal software is really the best way. > There is no effective abstraction of serial port hardware in the PC > world. The int 0x14 driver in the BIOS was rampantly defective, and > MSDOS does not provide a standard interface. Or, we could impliment an "external protocal" like zmodem. This would simply take keystrokes, buffer them, then encrypt/decrypt them. Make the source portable, and obtainable. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Wed, 7 Apr 93 13:10:25 PDT To: cypherpunks@toad.com Subject: Re: FLAME: Perry M. vs. taking action (was: Re: PHRACK...) In-Reply-To: <9304071904.AA17502@> Message-ID: <9304071953.AA02995@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain Fen Labalme says: > Perry - > > > > If you don't like your goverment, vote. > > > > I'm an anarchist. You might as well say to an atheist "if you don't > > like Catholicism, start a schism." > > I, too, aspire towards anarchy, but I don't ignore the tools around me. [...] This isn't appropriate to this list -- I'm replying in private mail. .pm From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Brad Huntting Date: Wed, 7 Apr 93 15:04:02 PDT To: cypherpunks@toad.com Subject: Security Dynamics Message-ID: <199304072203.AA02670@misc.glarp.com> MIME-Version: 1.0 Content-Type: text/plain The MIS department where I work has started using "Secure-ID" cards made by Security Dynamics Inc for access to their MVS systems. After listening to a presentation by marketing droids and technical support from Security Dynamics I had these impressions: The cards are programmed at the factory with a "random" seed. They have an internal clock, and a lithium battery. They use a proprietary encryption algorithm to encrypt the time of day using the internal seed and display it on an LCD display using about 6 or 7 digits. The display updates itself every 60 seconds (this frequency is adjustable when you order the cards) An authenticating host will have the cards seed, as well as the cards "clock offset" (the time the card was seeded, and the clock reset). The user has a 4 digit PIN (personal identification number) known only to the host (and of course written on the back of the card :-). PIN numbers must be unique since they are used to identify the user. At login time, the user is asked to type in her PIN, as well as the number currently displayed on the card. This is checked by the host, and if it's correct the user is authenticated. If used on a regular basis, the authenticating host can detect clock drift and will adjust it's database accordingly. Cards can be used across multiple "realms", but this nessesitates trusting the cards shared key with each host that wants to authenticate that card. The cards are timed to deactivate after some time interval (again, this is an option) the default lifespan is 3 years, they can go as high as 4 or 5, but after that, the battery isn't reliable. You can probably imagine some of the problems with such a system. First and foremost in my opinion, it uses an unknown proprietary algorithm which is a closely guarded company secret known only to them and anyone which a dissasembler. Obviously such an algorithm has never undergone any serious scrutiny. Most respectable researchers (outside of Ft Meade) do not need to disassemble code to find material to write papers on. Second, the cards are programmed at the factory, and the user has no way of reseeding them. The company actually touts the fact that they have all the card info for all customers on file, and will gladly send you encrypted tapes or floppys if you loose you database! Of course they will only talk with one designated contact at your site, and they will only ship materials to that person. In all fairness if your a big client, and you insist, they might be compelled to tell you how to seed the cards, and give you a batch of "raw" cards. When I mentioned how ludicrous it was for us to trust their internal security, they made some lame noises about employees being "bonded". In other words, they have established plausible denyability and are "out of the loop" should your security data be compromised. I was a little furious. Lastly, their expensive. Something on the order of $60/card in quantities of 250 to 500 for cards that last 3 years and change every 60 seconds. Programmable DES devices (used by DEC and others) which employ a challenge response system are about one third as much. I came away from the talk with a bitter taste in my mouth. As I understand it (and please correct me if I'm wrong) they are, at this point, one of the largest companies "crypto card" companies in the world. This is, to say the least, unsettling. If you want more info, they're Colorado office is at: Security Dynamics 5299 DTC Boulevard Suite 500 Englewood, CO 80111 Phone: +1 303 773-6519 brad From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: David Reeve Sward Date: Wed, 7 Apr 93 13:38:27 PDT To: cypherpunks@toad.com Subject: Re: Real-time BBS Encryption?? In-Reply-To: <9304071935.AA26846@soda.berkeley.edu> Message-ID: MIME-Version: 1.0 Content-Type: text/plain Excerpts from internet.cypherpunks: 7-Apr-93 Real-time BBS Encryption?? by Eric Hughes@soda.berkele > For PC's, replacing the terminal software is really the best way. > There is no effective abstraction of serial port hardware in the PC > world. The int 0x14 driver in the BIOS was rampantly defective, and > MSDOS does not provide a standard interface. > > As a result, almost all comm software on PC's talks to the serial port > directly. Now in MS Windows, there is abstraction for ther serial > ports, but I don't know how easy it is to insert a device layer. Actually, there is a rather old (for the PC) abstraction called FOSSIL (Fido Opus Seadog Serial Interface Layer ... or so). It is essentially an extention/replacement for the BIOS int 0x14 driver. It is certainly possible to further extend this for encryption by adding some functions to the interface. The two FOSSILs I know of are X00 and BNU - They can be found in oak.oakland.edu:/pub/msdos/fossil -- David Sward sward+@cmu.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl Barrus Date: Wed, 7 Apr 93 14:43:25 PDT To: cypherpunks@toad.com Subject: WB: public kiosks Message-ID: <199304072143.AA00959@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain On the importance of anonymity (in regards to the whistleblower project): Last week, the Houston Chronicle ran two or three articles on how ill run the Nuclear Regulatory Commission is. Specifically, the article described how one or two people had their careers absolutely ruined by raising safety concerns at nuclear plants. In each case, the employees involved were terminated shortly after citing safety hazards (such as spills left uncleaned on table tops, etc.) Someone quoted in the article stated this behavior undoubtedly scares off other potential informers. Plus, I read an article in the Chronicle about how a NASA employee was fired for his political beliefs. Well, it is more complicated: the employee actively participated in some usenet group (talk.politics.china?), and had a store of back articles on his computer at work, which his superiors discovered. Shortly thereafter, he lost his job. I've been busy of late and could kick myself for not saving these papers, because real world incidents such as these strengthen our arguments for privacy and anonymity. Some people have such an irritating tendency to assume irresponsibility and abuse when a freedom becomes available - just read news.admin.policy. /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: trump@pluto.ee.cua.edu (Louis Edward Trumpbour) Date: Wed, 7 Apr 93 13:52:27 PDT To: cypherpunks@toad.com Subject: well Message-ID: <9304072053.AA17147@pluto.ee.cua.edu> MIME-Version: 1.0 Content-Type: text/plain if anyone comes up with a solution to the bbs encryption problem then get to me ... i plan on starting a Waffle based BBS that may have "sensitive" information on line in subs and in files... you all know the story... well if i could have this encryption feature i would be most happy... i have looked into this a bit but to my suprise it has comeup on the list... as for the problem of d distribution of the program the would encryp and decrypt via modem and bbs, i have that pretty much taken care of already... thanks Clovi /s ^ been bbsing for too long From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Mr. Noise" Date: Wed, 7 Apr 93 14:02:38 PDT To: grady@netcom.com (1016/2EF221) Subject: Re: PGP: suggestions from the trench In-Reply-To: <9304032057.AA06227@netcom.netcom.com> Message-ID: <9304072102.AA20984@titan.ucs.umass.edu> MIME-Version: 1.0 Content-Type: text > Taking all these factors into consideration, I would suggest that > the *minimum* size of the RSA modulus available for PGP is 1024 > bits with a minimum ceiling of 2048 bits (or even more). If for > performance reasons on certain platforms 1024 is deemed > impossibly slow, then a lesser number of bits ought to be > permitted *provided* that the security level for any key length > under, say, 768 bits is clearly labeled "TOY GRADE". While I agree that keys of greater lengths out to be made available for those fortunate enough to possess platforms powerful enough to use them, your choice of words--'TOY GRADE'--is, perhaps, unfortunate. Every user of PGP has different reasons for needing/wanting encryption, & not all users need the sort of protection that can withstand a determined attack mustered by cryptographic experts. Some users, frankly, just don't like people snooping into their private mail, & therefore use PGP encryption as an 'envelope'. Sure, the 'envelope' can be 'steamed open', but it's not likely to be worth the trouble if you have no major secrets to conceal... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Brad Huntting Date: Wed, 7 Apr 93 16:11:58 PDT To: fen@genmagic.genmagic.com (Fen Labalme) Subject: Re: FLAME: Perry M. vs. taking action (was: Re: PHRACK...) In-Reply-To: <9304071904.AA17502@> Message-ID: <199304072311.AA02853@misc.glarp.com> MIME-Version: 1.0 Content-Type: text/plain > Not voting in today's society is a cop out. It is most certainly not > perfect, and the choices suck, but it remains one of the major voices you > have today in the world. Voting arguably endorses the system. If you are vocal about why you dont endorse the system, your refusal to vote can have alot more impact than going to the polls. After all, in any reasonably large election, your vote barely counts at all, but your voice can be heard a long way away if your saying something interesting and your saying it loud enough. brad From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Michael McMahon <0005857625@mcimail.com> Date: Wed, 7 Apr 93 10:55:41 PDT To: cypherpunks Subject: Real-time BBS Encryption?? Message-ID: <01930407174710/0005857625DC2EM@mcimail.com> MIME-Version: 1.0 Content-Type: text/plain I thought of this the other day, but don't know enough about programming and cryptography to do it, or if it actually could be done. Anyways, I figured I'd share it with all of you and see if anyone has any ideas. Here's the situation: We all know that some advanced computer systems have real-time encryption built into all modem connections. When a bank branch dials into the main office the entire transmission may be encrypted. This occurs even between terminal connections and the host. I'm wondering if there is a way to do this with PCs? Say I'm setting up a computer bulletin board for my company that is going to run off of a DOS PC. Is there a way to encrypt a remote users entire connection with the BBS, so that they would have to have a special term program to access the system? It would be best if the user only had to load a device driver or something so that they wouldn't all have to use the same comm program. Could this be done by loading a special device driver on both the host and remote so that all data going through com port 2 (or whatever) is encrypted? Anybody know if something like this is available? * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * Mike McMahon * * Internet: 585-7625@mcimail.com * * PGP Fingerprint: 95 F9 2A 1B 81 4F D8 31 56 ED BC A5 4F 64 A7 02 * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *  From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Derek Atkins Date: Wed, 7 Apr 93 14:51:30 PDT To: J. Michael Diehl Subject: Re: Real-time BBS Encryption?? In-Reply-To: <9304072132.AA14268@triton.unm.edu> Message-ID: <9304072151.AA07442@steve-dallas.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- > Or, we could impliment an "external protocal" like zmodem. This would simply > take keystrokes, buffer them, then encrypt/decrypt them. > > Make the source portable, and obtainable. I'm doing something like this for my Thesis (i.e., wait a couple of weeks.. ;-) It's based upon Kerberos, but it will securely get you a TGT on a server machine that is on the Internet from a client terminal that is dialled up to it... Moreover, you can extract the session key from the protocol, which would allow for DES encryption of the session. While I haven't yet implemented the encryption of the session, I have been able to obtain kerberos tickets securely.... More info on request, or you can wait to read my thesis when it's done... Enjoy! - -derek PGP 2 key available upon request on the key-server: pgp-public-keys@toxicwaste.mit.edu - -- Derek Atkins, MIT '93, Electrical Engineering and Computer Science Secretary, MIT Student Information Processing Board (SIPB) MIT Media Laboratory, Speech Research Group warlord@MIT.EDU PP-ASEL N1NWH -----BEGIN PGP SIGNATURE----- Version: 2.2 iQBuAgUBK8NMvzh0K1zBsGrxAQFQwwLECieud4DvqHhkxsjwmrHt4Unpq2eR9hlT DKuKF2CqCfYVabks11r7TaZvrsSQ9Vs5zZFbXhfihaiQywTpdj2Bp8aSo0B+7paR ukzbY3GT1RLcSRrK+6KjPGw= =lzg8 -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Mr. Noise" Date: Wed, 7 Apr 93 15:25:38 PDT To: cypherpunks@toad.com Subject: Re: PHRACK: ...put up or... Message-ID: <9304072224.AA27727@titan.ucs.umass.edu> MIME-Version: 1.0 Content-Type: text > > >The flaws are big enough to drive a bakery truck through. Its trash. > > > maybe you should do a better writeup and publish it in PHRACK or 2600? > [...] > If you don't like your goverment, vote. If you don't like something that is > published, write something yourself. It's not some type of elite club of > writers, both publications welcome people of all walks to submit. Hear, hear! For cryin' out loud, Fido 'Snooze' accepts *everything* they're sent! ...& if that isn't good enough, start your own: electrons are free! (Well, sort of...) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Doug.Brightwell@Corp.Sun.COM (Doug Brightwell) Date: Wed, 7 Apr 93 19:32:10 PDT To: cypherpunks@toad.com Subject: Thanks for Mac PGP 2.2 Pointers Message-ID: <9304080231.AA12843@media.Corp.Sun.COM> MIME-Version: 1.0 Content-Type: text/plain Thanks to all who responded to my query regarding ftp sites for Mac PGP 2.2. Doug Brightwell From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: kieran2101@aol.com Date: Wed, 7 Apr 93 17:25:19 PDT To: cypherpunks@toad.com Subject: Re: PGP and problems therewith. Message-ID: <9304072025.tn41388@aol.com> MIME-Version: 1.0 Content-Type: text/plain > I was under the impression that there was a newsgroup for discussion of how > to use PGP. There is: alt.security.pgp. Of course, like all alt.* groups, its propagation may vary. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Wed, 7 Apr 93 17:41:58 PDT To: mccoy@ccwf.cc.utexas.edu (Jim McCoy) Subject: Re: Real-time BBS Encryption?? In-Reply-To: <9304071836.AA26678@flubber.cc.utexas.edu> Message-ID: <9304080043.AA28900@pad-thai.aktis.com> MIME-Version: 1.0 Content-Type: text/plain >> Sure, no problem, provided you are willing to do a lot of coding... A lot of coding? You can come very close to doing it with off-the-shelf code. ka9q for SLIP. Telnet authentication is now an RFC, and encryption will be available probably within a few weeks. Plus, with IP, you can use existing mechanisms (like POP) to get your mail on your local PC and do your decryption there. This is beyond any PC code I know, and would require new development. Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Wed, 7 Apr 93 21:33:22 PDT To: Extropians@gnu.ai.mit.edu Subject: MATH: Zero Knowledge Proofs Message-ID: <9304080431.AA26255@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain [Since this should also be of interest to the Cypherpunks list, which Ray is/was subscribed to, I am posting this essay to that list.] Ray Cromwell writes: > Could someone explain zero knowledge proofs and give me an example. I >have taken number theory and abstract algebra so feel free to use equations. > >(I know that zero knowledge proofs are a way of certifying something without >revealing the information you are certifying, but I want to know how they >work mathematically) Zero knowledge interactive proof systems ("ZKIPS") are sometimes called "minimum disclosure proofs" (with some subtle differences) and are exciting and mysterious (at first) methods that lie at the heart of modern cryptology. Here's a simple explanation. Too bad we don't have a blackboard! ALICE AND BOB (some people call them Peggy the Prover and Vic the Verifier) Alice wishes to prove to Bob that she knows some item of knowledge without actually giving Bob any of that knowledge. Let us first imagine that Alice claims she knows a "Hamiltonian cycle" on a particular graph. (For a given set of nodes and arcs linking some of those nodes, a Hamiltonian cycle is one which passes through each node once and only once. You might want to draw some graphs on a sheet of paper and try to find a Hamiltonian cycle for the graphs, to get a feel for the problem.) The particular graph may be "registered" somewhere with Alice's claim that she--and only she, for reasons I'll discuss at the end--knows a Hamiltonian cycle for the graph. In a sense, this is her "proof of identity." To make this example concrete, Alice is using this piece of knowledge as her *password* to get into some system. She presents a map of 50 cities and some set of highways interconnecting them and says "I am who I say I am if and only if I know a Hamiltonian cycle for this graph." The conventional (non zero knowledge) way to convey this knowledge is for Alice to simply *show* the Hamiltonian cycle to Bob. This is how passwords are currently handled. Bob, and anybody else who is spying on the exchange, then knows the "secret," which isn't a secret anymore. (Anybody who saw the exchange, including Sysadmin Bob, could then impersonate her.) ENTER ZERO KNOWLEDGE Alice, instead of showing Bob the Hamiltonian cycle, takes the cities and covers them with something, say, coins. (On a computer, this is all done in software, using the cryptographic protocol called "bit commitment.") Alice scrambles the position of the cities (covered by coins) so as not to allow positional cues. (Most of the 50 cities should have about the same number, ideally exactly the same number, of links to other cities, to ensure that some cities are not "marked" by having some unique number of links. A detail.) Needless to say, she scrambles the cities out of sight of Bob, so he can't figure out which cities are which. However, once she's done with the scrambling, she displays the cities in such a way that she can't *later change*..i.e., she "commits" to the values, using well-known cryptographic methods for this. (If this sounds mysterious, read up on it. It's how "mental poker" and other crypto protocols are handled.) Bob sees 50 cities with links to other cities, but he doesn't have any way of knowing which of the covered cities are which. Nor, I should add, are the links labelled in any way--it wouldn't do to have some links permanently labelled "Route 66" or "Highway 101"! She says to Bob: "Pick one choice. Either you can see a Hamiltonian cycle for this set of covered cities and links, or you can see the cities uncovered." In other words, "Alice cuts, Bob chooses." Bob tosses a coin or chooses randomly somehow and says: "Show me the cities." Alice uncovers all the cities and Bob examines the graph. He sees that Akron is indeed connected to Boise, to Chicago, to Denver, not to Erie, and so on. In short, he confirms that Alice has shown him the original graph. No substitution of another graph was made. Bob, who is suspicious that this person is really who she claims to be, says to Alice: "Ok, big deal! So you anticipated I was going to ask you to show me the cities. Anybody could have gotten Alice's publicly registered graph and just shown it to me. You had a 50-50 chance of guessing which choice I'd make." Alice smugly says to him: "Fine, let's do it again." She scrambles the cities (which are covered) and displays the graph to Bob...50 covered cities and various links between them. She tells Bob to choose again. This time Bob says: "Show me the Hamiltonian cycle." Without uncovering the cities (which would give the secret away, of course), Alice connects the cities together in a legal Hamiltonian cycle. Bob says, "OK, so this time you figured I was going to ask you the opposite of what I did last time and you just substituted some other graph that you happened to know the Hamiltonian cycle of. I have no guarantee the graphs are really the same." Alice, who knows this is just the beginning, says: "Let's do the next round." ...and so it goes.... After 30 rounds, Alice has either produced a legal Hamiltonian cycle or a graph that is the same as (isomorphic to...same cities linked to same other cities) the registered graph in each and every one of the rounds. There are two possibilities: 1. She's an imposter and has guessed correctly *each time* which choice Bob will make, thus allowing her to substitute either another graph altogether (for when Bob wants to see the Hamiltonian cycle) or just the original graph (for when Bob asks to see the cities uncovered to confirm it's the real graph). Remember, if Alice guesses wrong even once, she's caught red-handed. 2. She really is who she claims to be and she really does know a Hamiltonian cycle of the specified graph. The odds of #1 being true drop rapidly as the number of rounds are increased, and after 30 rounds, are only 1 in 2^30, or 1 in a billion. Bob choose to believe that Alice knows the solution. Alice has conveyed to Bob proof that she is in possession of some knowledge without actually revealing any knowledge at all! The proof is "probabilistic." This is the essence of a zero knowledge proof. There's more to it than just this example, of course, but this is the basic idea. SOME DETAILS 1. Could someone else discover the Hamiltonian cycle of Alice's graph? Exhaustive search is the only way to guarantee a solution will be found--the Hamiltonian cycle problem is a famous "NP-complete" combinatorial problem. This is intractable for reasonable numbers of nodes. 50 nodes is intractable. 2. If finding a Hamiltonian cycle is intractable, how the hell did Alice ever find one? She didn't *have* to find one! She started with 50 cities, quickly connected them so that the path went through each city only once and then wrote this path down as her "secret" solution. Then she went back and added the other randomly chosen interconnects to make the complete graph. For this graph, she obviously knows a Hamiltonian cycle, *by construction*. 3. Can Bob reconstruct what the Hamilonian cycle must be by asking for enough rounds to be done? Not generally. Read the papers for details on this, which gets deeply into under what circumstance partial knowledge of the solution gives away the complete solution. 4. Are there other problems that can be used in this same way? Yes, there are many forms. I find the Hamiltonian cycle explanation quite easy to explain to people. (Though usually I can draw pictures, which helps a lot.) 5. How general is the "zero knowledge interactive proof" approach? Anything provable in formal logic is provable in zero knowledge, saith the mathematicians and crypto gurus. Check out the various "Crypto Conference" Proceedings. Hope this helps. -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: crunch@netcom.com (John Draper) Date: Wed, 7 Apr 93 23:47:02 PDT To: cypherpunks@toad.com Subject: The WELL took off PGP from public downloads Message-ID: <9304080647.AA11935@netcom4.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Just thought I should mention, that "gail" has removed PGP from the WELL's public downloads, and when I asked her why, she didn't comment (yet!). JD From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: rjc@gnu.ai.mit.edu Date: Wed, 7 Apr 93 22:59:54 PDT To: tcmay@netcom.com (Timothy C. May) Subject: Re: MATH: Zero Knowledge Proofs In-Reply-To: <9304080431.AA26255@netcom.netcom.com> Message-ID: <9304080559.AA63552@hal.gnu.ai.mit.edu> MIME-Version: 1.0 Content-Type: text/plain Excellent essay Tim (as usual). Is there a more practical method based on a simpler 'intractable' problem? [not that it's useless. I could probably code up an implementation based on your description, but it seems like a pain to generate graphs everytime you want to prove some trivial knowledge.] -Ray -- Ray Cromwell | Engineering is the implementation of science; -- -- EE/Math Student | politics is the implementation of faith. -- -- rjc@gnu.ai.mit.edu | - Zetetic Commentaries -- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: George A. Gleason Date: Thu, 8 Apr 93 02:32:08 PDT To: cypherpunks@toad.com Subject: Musical Cypher CD project Message-ID: <199304080931.AA02038@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Excellent news...! Recall Matt's & my postings about putting cyphertext into a CD as part of the artistic presentation....? The idea being to establish it as part of the overall protected artistic speech as it were. Well, I've found a band in the area who have tried doing something VERY similar and currently have a very decent quantity of material READY TO GO. Includes hypercard stacks, quicktime movies, macromind movies, miscellaneous art & screen savers.... a lot of it is footage of the band playing live, with music tracks included (i.e. show videos), some of it is computer graphic art, and so on. The band is called NOW, and they sound like a cross between Rush, Crimson, and Yes; are incredibly talented, write new songs so prolifically (sp?) that they could put out 5-10 more albums with what's already ready... have a couple of albums out on an indie label... and are ready & willing & way interested in doing a project. What they wanted to do was put all the video and other stuff on the first track of a CD so it would be accessible on a CDROM player. They got that far and also some studio sessions with the songs for the album, and then ran into a wall as far as the tech angle on getting the stuff to work right. We have studios available to record the music, the band can go in any time, and they're hip to encrypting their video stuff & having people go hunting for the key (put it in the lyric sheets, have people write for it, etc). I recall someone from Contra Costa offering to fund this; well, we're ready. This will easily sell a few thousand copies which will pay back costs; and given the band's artistic strengths, will probably do better than that. And it will certainly be a first, and a decent stake in the ground for crypto as artistic freedom of expression. Email gg@well.sf.ca.us for more info. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: anon0709@nyx.cs.du.edu (Name withheld by request) Date: Thu, 8 Apr 93 03:31:44 PDT To: cypherpunks@toad.com Subject: subscribe Message-ID: <9304081033.AA24771@nyx.cs.du.edu> MIME-Version: 1.0 Content-Type: text/plain Please subscribe me to the cypherpunks list. Sean Carton /es From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mark@coombs.anu.edu.au (Mark) Date: Wed, 7 Apr 93 14:15:29 PDT To: cypherpunks@toad.com Subject: Re: Real-time BBS Encryption?? Message-ID: <9304072115.AA22888@coombs.anu.edu.au> MIME-Version: 1.0 Content-Type: text/plain >What about a streams module that does encryption? Of course, it'd >require people to run a real OS instead of dos/system... You might want to look at the link.tar.Z program newsham@wiliki.eng.hawaii.edu wrote. THe server is currently unix based but it should be transportable. It uses pgp to swap des session key and happily talks away. There are still some bugs and when he has the time they will be taken care of. The client is written for an amiga at the moment, I havent had the opportunity to do the ibm port yet. Contact him at the above address. He is busy with studies but you might get some joy from emailing him. Hope this helps Mark mark@coombs.anu.edu.au From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: D Anton Sherwood Date: Thu, 8 Apr 93 07:58:48 PDT To: cypherpunks@toad.com Subject: false analogy Message-ID: <199304081458.AA06134@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain > If you don't like your goverment, vote. If you don't like something that > is published, write something yourself. . . . That should be -- If you don't like your government, start your own. Or better yet --- If you don't like your government, govern yourself. *\\* Anton Ubi scriptum? ;) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: greg@ideath.goldenbear.com (Greg Broiles) Date: Thu, 8 Apr 93 14:56:11 PDT To: cypherpunks@toad.com Subject: Re: Real-time BBS Encryption?? In-Reply-To: <01930407174710/0005857625DC2EM@mcimail.com> Message-ID: MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Michael McMahon writes: [Talks about real-time end-to-end encryption of user sessions on BBS's.] It's not quite as sexy and "James Bond" as real-time end-to-end encryption, but I think an easier approach to this would be to adopt the architecture of the offline mail-reading programs that are available. For the benefit of people unaccustomed to offline readers, these programs collect up all of the unread messages, E-mails, and file descriptions from a BBS, .ZIPs or otherwise packs/compresses the files, and then the user downloads that "packet", and hangs up. The user then uses a program on her local PC to read and reply to messages in that packet, dials the BBS again, and uploads her responses. I haven't fussed around with offline readers much, but I'll bet it'd be pretty simple to add a step to the collection/.ZIP process, which would encrypt the whole package with some prearranged key. This would allow folks to use standard BBS programs, standard terminal programs, and perhaps even standard offline readers. It should be pretty simple from a programming standpoint, as well; it's perhaps implementable with only batch commands. Yes, the "bad guys" will get to watch the user log on and log off, and can read the menus and choices - but so what? It's possible (easy, really) to encrypt all of the really interesting stuff. - -- Greg Broiles greg@goldenbear.com Golden Bear Consulting +1 503 465 0325 Box 12005 Eugene OR 97440 BBS: +1 503 687 7764 -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK8R3jH3YhjZY3fMNAQHDagP6AkE+8WrEtSOVNfBDiL6UYplI+TAihl66 IffYPilZ+b9Nxq2VHBF8aUYnX7duLRaivILQ7CPIRsNnKRq3DF5bljcvLY9B9VNn 3SSFSGJFQFYvakElcZPbCGhFbsLdmF8QNN97Z8Cdbx4fGYmj83brNidhHYNeXhpo 5Nk2+5W80mE= =Yxdd -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pete@cirrus.com (Pete Carpenter) Date: Thu, 8 Apr 93 15:06:37 PDT To: cypherpunks@toad.com Subject: Re: FLAME: taking action Message-ID: <9304082207.AA16844@ss2138.cirrus.com> MIME-Version: 1.0 Content-Type: text/plain >> Not voting in today's society is a cop out. It is most certainly not >> perfect, and the choices suck, but it remains one of the major voices you >> have today in the world. > > Voting arguably endorses the system. If you are vocal about why > you don't endorse the system, your refusal to vote can have a lot > more impact than going to the polls. If you don't vote, your opinion literally doesn't count, and means that you are perfectly happy with the status quo. Not voting guarantees that you will have no voice. Perot's name will be remembered a lot longer than some nuts whining how about the process doesn't work. The best way to protest the current system, is to vote for something else. I'm a Libertarian rather than a Perotian, but I give him a lot of credit for allowing so many people to see beyond the two party system. Vote with your feet, not with your butt. --- Pete Carpenter pete@cirrus.com Talk about your plenty, talk about your ills, One man gathers what another man spills. - Robert Hunter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: vanam@shadow.ksu.ksu.edu (Stephen Lee(Second son of Caine)) Date: Thu, 8 Apr 93 15:17:22 PDT To: cypherpunks@toad.com Subject: Help, please. Message-ID: <9304082217.AA07305@shadow.ksu.ksu.edu> MIME-Version: 1.0 Content-Type: text/plain I am very new to the world of hacking... Could you all give me a hand understanding...(aka suggested reading and helpful tips for a newbie.) Thanx in advance Stephen From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Pat_Barron@transarc.com Date: Thu, 8 Apr 93 15:03:15 PDT To: cypherpunks@toad.com Subject: Re: Security Dynamics In-Reply-To: <199304072203.AA02670@misc.glarp.com> Message-ID: MIME-Version: 1.0 Content-Type: text/plain At one point, I talked to Security Dynamics, and experienced the same reaction as the original poster. Additionally, I found it ludicrous that the cards were programmed to self-destruct after a period of time, that they keep their encryption scheme so secret (though they'll sell you source code if you fork over sufficient bucks), and that there was no way to reprogram/reset the cards in the field. I also couldn't stomach their "well, you just have to trust us" response to a lot of my objections about it being a closed proprietary system, having them know all of my key data, and not being able to reprogram the cards. I had much better luck with Digital Pathways, and their "SecureNet Key" product. This is a small (about as long and wide as the SecurID card, but about 2.5 times as thick) hand-held authenticator that's meant to go with Digital Pathways' "Data Defender" secure communications front-end, though they sell the SecureNet Keys separately, and they're not very expensive. They use DES, are individually field-programmable, and Digital Pathways is only too happy to give you as much info about them as you want - for free. With the info they gave me, it was no problem towrite code that knows how to use the SecureNet Key. --Pat. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Thu, 8 Apr 93 16:18:45 PDT To: cypherpunks@toad.com (Pete Carpenter) Subject: Re: FLAME: taking action In-Reply-To: <9304082207.AA16844@ss2138.cirrus.com> Message-ID: <9304082228.AA10301@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain This message isn't appropriate for cypherpunks, so I am replying in private mail. Pete Carpenter says: > If you don't vote, your opinion literally doesn't count, and means that [...] From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: internaut@aol.com Date: Thu, 8 Apr 93 16:32:02 PDT To: cypherpunks@toad.com Subject: FWEE!: kiosks Message-ID: <9304081930.tn48662@aol.com> MIME-Version: 1.0 Content-Type: text/plain Yo Dewds, I guess it's time for me to throw in my two bits on the Public WB Kiosk idea... I guess I appreciate the intent of implementing such a system, but there are some BIG strikes against it: [1] Strike One: Installation and maintenance costs (economics again). Can you IMAGINE what it would cost to build and maintain a network (and it would have to be a big one!) of public kiosks? Better to piggyback on existing infrastructure for purely practical reasons. I have an account on the aforementioned SF Net (little tables in coffeehouses all over the San Francisco Bay Area) and I have come to the conclusion that it would be prohibitive to just maintain such a system. Wayne Gregori would back me up on this. If you think it's a pain to keep your baby-powdered PC at home in decent working order, imagine one with beer spilt on it daily, bozos who type like Paul Bunyan on Steroids and the occasional chairleg-yanking-the-plug-out-of-the-wall incident. Most of the time, I log in to SF Net from home anyway. [2] Strike Two: Lack of Privacy while using the kiosks. I think Eric Hughes' argument (with due respects to Eric) about the expensive economics of monitoring the kiosks falls down just a tad when you consider that these would not even be _moving targets_! (In both the literal and figurative senses.) Sure, it's expensive to "tail" someone and find out where they go and who they meet, but it's less than trivial to set up a discreet camera that just watches a stationary kiosk all day long or maybe photographically or electromagnetically (with a moderately sophisticated bug) monitor the keystrokes. Maybe you _could_ make them portable and move them around; maybe you _could_ come up with a clever physical design that would preclude keystroke photography (but bugs?), but any such defenses would pale in comparison with the Privacy inherent in the WB input from a single user's personal system. "Public Privacy:" now _there's_ an oxymoron for the 90's! All jocularity aside, it would be pretty difficult to convince anyone with serious information on Govt abuses to stroll into a Mall and spill their guts on a PC Junior in a plywood box - I sure as hell wouldn't, would you? Hell, you could put touchscreens on it and I STILL wouldn't take the chance. Anyone ever seen the "Human Jukebox" in SF? A guy dresses up in a huge cardboard refrigerator shipping box and when you drop a quarter in, he plays (on trumpet) some selection from a list on the outside. Very funny stuff: I suggest you ask for "Strangers in the Night." [3] Strike Three (yer OUT!): those ugly little plastic-encased keyboards get all that icky finger dirt on 'em. Sure you laugh NOW, but just IMAGINE where people put their fingers before typing on them little keyboards. Yuck! Think of the diseases! The nose pickings! The leftover popcorn-butter residue! The Jeri-Curl! Yeesh... makes me wanna HURL. But Serially, Folks: If a group COULD surmount these difficulties, it would then have to begin to focus on the TYPE of whistleblowing that would take place on such systems. I have the feeling that they would be a PRIMARY contributor to the overall bullshit noise that would clutter up a decent WB systems and exponentially increase the difficulty of filtering out the "good" stuff for proper use. Sure, you could rely on OTP's to provide relatively secure transmissions, but the big question is: do we really want a bunch of Valley Girls at the local Mall logging in and complaining that they "can't get the proper shade of eyeliner and, like, why doesn't the Federal Govurnmint toe-tully reform the Health In-fersure-ance System" so they could, like, get the bunyons burned off their right foot in time for the Prom. I think you get my point. We have a ot more to work on before I consider this to be a desirable, much less viable, idea. dave ------------------------------------------------ | | | no fancy-dan sig-stamps, just li'l ol' me. | | | ------------------------------------------------ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Aviel David Rubin Date: Fri, 9 Apr 93 09:03:17 PDT To: cypherpunks@toad.com Subject: Speed of RSA Message-ID: <9304091603.AA23216@toad.com> MIME-Version: 1.0 Content-Type: text/plain Does anyone have anything on the speed of RSA encryption for various key lengths on various machines? In particular, I am interested in how long it takes to decrypt mail headers on an IBM rt or RS6000, for various key lengths. I'm sure this has been measured. Any help would be appreicated. Thanks. Avi Rubin From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Chael Hall) Date: Fri, 9 Apr 93 11:01:37 PDT To: vanam@shadow.ksu.ksu.edu (Stephen Lee(Second son of Caine)) Subject: Re: Help, please. In-Reply-To: <9304082217.AA07305@shadow.ksu.ksu.edu> Message-ID: <9304091805.AA18414@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain > >I am very new to the world of hacking... Could you all give me a hand >understanding...(aka suggested reading and helpful tips for a newbie.) > >Thanx in advance > >Stephen Stephen, I would strongly suggest _Hackers_ by Steven Levy (ISBN: 0-440-13405-6). After you have read this book, you will have a very good understanding of what true hacking is (versus all of the new "meanings.") After that, perhaps the _Hacker Crackdown_ by Bruce Sterling (?). Then after that, you pretty much choose your own course... If you want to get into MSDOS programming, you will get lots of interrupt listings, disassemblers, etc. If you want to get into UNIX programming, you will get lots of UNIX books, recompile your kernel a few times, etc. :) Hacking is a very personal experience for me, and usually I'm hacking. The term is defined as "learning by trial and error." You can hack a car if you get the manual, sit down, and just start fiddling until you get it right. Incidentally, psychology backs up hacking as a good method for learning, because operant conditioning (where when you are on the right track, you start getting positive responses [rewards], so you go in that direction, and when you eventually get it right, you will remember how you got there) is known to be a strong teaching tool. For example, your program isn't working, but when you add a particular statement to the code, it starts to behave, but the results aren't right. So you follow in that vein of thinking and soon enough the whole thing is fixed (aside from new undocumented features.) I thought that psychology would come in handy sometime... Chael -- Chael Hall nowhere@bsu-cs.bsu.edu, 00CCHALL@BSUVC.BSU.EDU (317) 285-3648 after 5 pm EST From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Chael Hall) Date: Fri, 9 Apr 93 11:19:08 PDT To: greg@ideath.goldenbear.com (Greg Broiles) Subject: Re: Real-time BBS Encryption?? In-Reply-To: Message-ID: <9304091815.AA19210@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain [ Info on offline readers ] >I haven't fussed around with offline readers much, but I'll bet it'd be >pretty simple to add a step to the collection/.ZIP process, which would >encrypt the whole package with some prearranged key. Yes, that's a definite possibility. Most of the popular offline readers require that you first send them a packet (usually empty) so that they will put you in the database. The reader could just accept a certain file (pubkey.asc for example) that contains the key you want to be used. Then all sessions with you will be so encrypted. Your mail to the BBS could also be encrypted with the BBS's public key. Unfortunately, one problem still exists: I don't know of too many BBS's where the e-mail messages are actually encrypted on the disk. As a matter of fact, the SYSOP can usually read all mail. >This would allow folks to use standard BBS programs, standard terminal >programs, and perhaps even standard offline readers. It should be pretty >simple from a programming standpoint, as well; it's perhaps implementable >with only batch commands. Yes, the "bad guys" will get to watch the user log >on and log off, and can read the menus and choices - but so what? It's >possible (easy, really) to encrypt all of the really interesting stuff. Some of those programs (MegaMail, TomCat, etc) run PKUNZIP to unzip the file(s) then take care of the files themselves. There isn't an easy way to throw in encryption. I would be willing to add an encryption option to my offline mail software, though. I have written a UTI (Universal Text Interface) for ChaelBoard that lets it interface with RelayNet(tm) and offline mail readers that use UTI's. I also write a QWK/REP interface that allows ChaelBoard to be a node (the hub software isn't quite done yet) on WildNet and for offline mail reading/replying. I could implement encryption in the ZIP/UNZIP step (for the users who have PGP keys registered with the BBS). Do you think it's worth my time? Chael Hall -- Chael Hall nowhere@bsu-cs.bsu.edu, 00CCHALL@BSUVC.BSU.EDU (317) 285-3648 after 5 pm EST From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: rustman@netcom.com (Rusty Hodge) Date: Sat, 10 Apr 93 22:43:25 PDT To: 0005857625@mcimail.com (Michael McMahon) Subject: Re: Real-time BBS Encryption?? In-Reply-To: <01930407174710/0005857625DC2EM@mcimail.com> Message-ID: <9304110543.AA26230@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain > Here's the situation: We all know that some advanced computer systems > have real-time encryption built into all modem connections. When a > bank branch dials into the main office the entire transmission may be > encrypted. This occurs even between terminal connections and the host. This is usually accomplished through an external "data encryption unit", which is interfaced between the terminal (host) and modem. It is NOT in software. > I'm wondering if there is a way to do this with PCs? Aside from those very expensive high-end boxes that banks use for their sensative information, there was a DES encryptor made by Practical Peripherals years ago. It still may be available. -- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: norm@netcom.com (Norman Hardy) Date: Sun, 11 Apr 93 00:18:32 PDT To: cypherpunks@toad.com Subject: Re: REMAIL: cypherpunks strategy Message-ID: <9304110718.AA19161@netcom4.netcom.com> MIME-Version: 1.0 Content-Type: text/plain In-Reply-To: <26H11B1w164w@ideath.goldenbear.com> I just got around to Greg Broiles interesting note where he describes his practice of using several account names. He feels apologetic about it. Authors have used pen-names for a long time without opprobrium. The mathematician Eric Temple Bell wrote science fiction under the pen name "John Taine". Several authors have written different styles of works, one pen name per style. As I understand the law there is nothing illegal in using an alias as long as the purpose is not fraud, which is already illegal. One must protect the reputation of each alias. Where aliases are common negative reputations loose their bite but the benefits of positive reputations provide incentives for good behavior. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mike@EGFABT.ORG (Mike Sherwood) Date: Mon, 12 Apr 93 12:14:20 PDT To: cypherpunks@toad.com Subject: Re: REMAIL: cypherpunks strategy In-Reply-To: <9304110718.AA19161@netcom4.netcom.com> Message-ID: MIME-Version: 1.0 Content-Type: text/plain norm@netcom.com (Norman Hardy) writes: > I just got around to Greg Broiles interesting note where he describes > his practice of using several account names. He feels apologetic about it. > Authors have used pen-names for a long time without opprobrium. > The mathematician Eric Temple Bell wrote science fiction under the pen name > "John Taine". Several authors have written different styles of works, > one pen name per style. As I understand the law there is nothing illegal > in using an alias as long as the purpose is not fraud, which is already > illegal. One must protect the reputation of each alias. > Where aliases are common negative reputations loose their bite but the > benefits of positive reputations provide incentives for good behavior. How does everyone else feel about the idea of maintaining multiple accounts as a method of maintaining pseudo-anonymity? I commonly use two accounts on each of my systems, one by my real name, one by my alias, which is the same everywhere. The purpose of this is to allow me to send or recieve mail to/from people who I know from other bbs's and such and relay information in that way without giving them my real name. as greg pointed out, it's very easy to have multiple accounts; some of us run sites that give us the ability to create pseudo-users, and pseudo-sites for that matter, and others can make use of public bbs's with net access. I know of a few bbs's in my area (silicon valley) that offer net access and don't do any sort of validation, making it very simple to set up and maintain multiple accounts. How do people feel about doing something like this rather than using remailers since it seems that a lot of problems come up when people run remailers and start getting complaints? -Mike -- Mike Sherwood internet: mike@EGFABT.ORG uucp: ...!sgiblab!egfabt!mike From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: stig@netcom.com (Jonathan Stigelman) Date: Mon, 12 Apr 93 12:27:09 PDT To: vanam@shadow.ksu.ksu.edu) Subject: Help, please. In-Reply-To: <9304082217.AA07305@shadow.ksu.ksu.edu> Message-ID: <9304120053.AA11205@netcom2.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Not that I'm exactly of godlike hacking proportions, but these are obvious to me.... patience, persistance, obsessiveness, curiousity also, there's no such thing as a dumb question, but it's not terribly difficult to ask questions in the wrong place and,thereby, waste other people's time and piss them off. Your question isn't terribly appropriate to the cypherpunks list and it's so amazingly general that you won't get anything but a general answer. the most important thing about being a hacker is working with other hackers. Despite common misperceptions, hacking is a social thing. stig From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: stig@netcom.com (Jonathan Stigelman) Date: Mon, 12 Apr 93 11:50:17 PDT To: greg@ideath.goldenbear.com Subject: Real-time BBS Encryption?? In-Reply-To: Message-ID: <9304120103.AA11884@netcom2.netcom.com> MIME-Version: 1.0 Content-Type: text/plain >I haven't fussed around with offline readers much, but I'll bet it'd be >pretty simple to add a step to the collection/.ZIP process, which would >encrypt the whole package with some prearranged key. that's vulnerable...it's the secret key problem. The ELEGANT way to do this with encription is to just make a normal ZIP file, but then build diffie-hellman into your file downloader (zmodem). This is also the least work solution. SO, since we're talking about offline mail readers... Whats the best one for the PC that works (or can easily be made to work) with rfc822 mail files? There's pcelm, which sucks...and there's mush, which is slooooow as hell because of all the overlays. I was writing my own, but I got side-tracked...somebody want to save me some programming? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Mon, 12 Apr 93 11:15:54 PDT To: cypherpunks@toad.com Subject: how secure is secring.pgp? Message-ID: <9304120127.AA06741@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain Yet another pgp question... We don't get any pgp news groups here. Since we need a passphrase to access our secret key, it is reasonable to think that our secring.pgp file is pretty secure, as long as our passphrase is notrivial. What am I missing here? Thanx in advance. +----------------------+----------------------------------------------------+ | J. Michael Diehl ;-) | I thought I was wrong once. But, I was mistaken. | | +----------------------------------------------------+ | mdiehl@triton.unm.edu| "I'm just looking for the opportunity to be | | Thunder@forum | Politically Incorrect! | | (505) 299-2282 | | +----------------------+----------------------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: sdw@sdwsys.lig.net (Stephen D. Williams) Date: Mon, 12 Apr 93 11:20:59 PDT To: hughes@soda.berkeley.edu (Eric Hughes) Subject: Re: Distributed anonymous posting (was Re: Many Important Items...) In-Reply-To: <9303260725.AA23290@soda.berkeley.edu> Message-ID: <9304120045.AA13308@sdwsys.lig.net> MIME-Version: 1.0 Content-Type: text/plain ... > > A soft node necessity: a directory lookup service, distributed, > sharing data. Merely specifying the first point of contact and > alternate paths doesn't cut it. You don't want to have to retry a > bounced message so many times. > > Who here knows enough about sendmail to consider the eventual > feasibility of integrating pseudonym lookup into mail transfer? > > Eric Hey, no problem! Just use the same escape call as the uucp pathalias. When integrating an Internet/DNS aware gateway with 1200 Unix workstations using /etc/hosts (no domain) and an X.400 connection to a VMS X.400 backbone, I hooked in a little C program that converted all the addressing to proper formats while also looking up userid's <-> fullnames in a B+tree database. I even did fuzzy matching on names on a best-unique or exact basis. Blew away X.500 functionality, which Dec and HP didn't even have integrated with X.400 at the time. Just need a program that takes an address on the command line and returns it possibly modified with a yey or ney return code. sdw From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: norm@netcom.com (Norman Hardy) Date: Mon, 12 Apr 93 10:54:32 PDT To: cypherpunks@toad.com Subject: Trusting PGP Message-ID: <9304120442.AA28271@netcom2.netcom.com> MIME-Version: 1.0 Content-Type: text/plain At last I have read the operating instructions for PGP 2.2. I am impressed. I raised the issue of trusting PGP. John Draper correctly suggested that it was possible to trust PGP because the code was available for inspection. I agree that this places PGP far ahead of various competition regarding trust. I propose, however, that if there were a single specification that covered various file formats and perhaps program logic, that PGP would eventually gain substantially more trust. Here is why. As it is now, someone who reads the code to establish his trust in PGP must be familiar with C, in which PGP is written, number theory and various crypto threats and weaknesses. There are certainly such people. If, however, there were one operating specification then many more people would be attracted to the effort, ultimately yielding greater trust in PGP. Cryptographers without the skill or tenacity to read the code could contribute, as could programmers without the crypto theory. Each class would consult the specs, the programmers to verify that the code implemented the specs and the cryptographers to ponder whether programs with such specs were appropriate for their market. Such specifications are required for government rated secure software for just this reason. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: miron@extropia.wimsey.com (Miron Cuperman) Date: Mon, 12 Apr 93 10:54:16 PDT To: cypherpunks@toad.com Subject: Modem encryption proposal In-Reply-To: <01930407174710_0005857625DC2EM@mcimail.com> Message-ID: <1993Apr12.030810.5488@extropia.wimsey.bc.ca> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Let's talk less and do more. :) How about adding encryption to kermit and iScreen so that they may talk to each other in a secure manner? I am proposing these two programs because they are widely portable. kermit works on most Unix and MSDOS systems. iScreen works on most Unix systems. (Note that this would solve the network/modem eavesdropping problem, but not the untrusted remote system problem. The latter has no solution in my opinion. You just have to trust the sysadmin.) I propose writing a link encryption library which could be usable in other comm and BBS programs. Any takers? BTW, watch for an encrypted Unix talk program coming to a ftp site near you. - -- Miron Cuperman | NeXTmail/Mime ok | Public key avail AMIX: MCuperman | PSM 18Mar93 0/0 Laissez faire, laissez passer. Le monde va de lui meme. -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK8jc6pNxvvA36ONDAQEJlAP9HYJ94Ll7H0YHr5tNj3Kp3xQ8WRryyO2W BNLKYhBvoPapNMZ/4mPiPSgVZw8Tu/JXFdVtbhhA2Q7u8ef7+daf2g/fyi4M1Mb4 0a9+AKjDG6FvwMMo4AjlqTG1x0+Xl/YeizBqD1hVW/2pAu3I7IyvZavWY2HkVwwD tTDfiOSIxVk= =zhoD -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: edgar@spectrx.Saigon.COM (Edgar W. Swank) Date: Mon, 12 Apr 93 10:29:20 PDT To: Cypherpunks Subject: PGP: Re: PGP Error Message-ID: MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Michael Diehl wrote on April 6: When I use the following command line in a batch file, I get a Compression/ decompression error. No files are created. The contents of the batch file is: pgp -es %1 %2 Diehl Where %1 is the name of the file to send, and %2 is the other person's name. What am I doing wrong, or is ther a problem with my pgp? I think there's a problem with PGP. A net-friend of mine in Poland first brought this to my attention. He says he's already notified PGP author Branko Lankester. The problem's occurance seems to depend on the file being compressed/encrypted. Files which are already compressed, but are not ZIP files (e.g. ARJ files) seem to cause the problem. I was able to reproduce a similar problem by trying to compress ARJ.EXE (ARJ 2.30). In my case, the system crashed shortly - -after- PGP exited, and some of the armored files produced (I used - -eas) were obviously messed up. The obvious temporary bypass is to turn off compression for files which cause problems; not much of a penalty, since the file is already compressed. This can be done by a (temporary) change to the CONFIG.TXT file. I think there may also be an (undocumented) way to do this from the command line. Try: +compress=off -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK8YEFN4nNf3ah8DHAQH1IgP9E0gvLSF2DQ5dkVcyXGGLZa4+bCcZ0kOM TefqfqFZLjU4MvOPMzXzkB01aDpg1IUyfExJazNjADCrbJKqFoZymyhuB+X6KMmy faTyFGsCeNcpA5x897qwsD/M7zM3j7EVauctAjNBTM9t/34eTuaYuesPPBmEaUcS yp7J1VOvbWM= =8+bK -----END PGP SIGNATURE----- -- edgar@spectrx.saigon.com (Edgar W. Swank) SPECTROX SYSTEMS +1.408.252.1005 Silicon Valley, Ca From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Mon, 12 Apr 93 09:53:09 PDT To: cypherpunks@toad.com Subject: Security Dynamics In-Reply-To: Message-ID: <9304121649.AA26494@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Re: security dynamics One could perform an interesting test with one of these Security Dynamics card. Aim a video camera at the LCD display so that the display takes up the full width of the image. Hook the video signal up to a digitizer board, and recognize the numbers that appear on the face. Spit them out as often as they appear. For someone with all the equipment, this should be a one or two evening hack. Now, if the number changes every minute, that's a little over 10,000 samples in a week, certainly enough to determine if they are using weak random number generation. I'll put the data on the ftp site, should anyone actually do this. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Mon, 12 Apr 93 10:17:28 PDT To: cypherpunks@toad.com Subject: FWEE!: kiosks In-Reply-To: <9304081930.tn48662@aol.com> Message-ID: <9304121714.AA28356@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Dave writes on public kiosks: >[1] Strike One: Installation and maintenance costs (economics again). >[They are too high.] I'm not talking about building a network of machines just for the purpose of whistleblowing. I'm talking about making interfaces to existing systems. In particular, the public machines at sfnet would _also_ be interfaces to any whistleblowing system. The incremental cost is minimal; it's a small bit of software at the server. >[2] Strike Two: Lack of Privacy while using the kiosks. There is a different kind of privacy in a public space than in private space. In a private space, everyone may know where you live, but nobody knows what goes on inside. In a public space, everyone may see what happens, but no one knows who you are. Please consider these approximations to reality. In particular, since it is anonymity which is desired, a public place is sufficient. >I think Eric Hughes' argument (with due respects to Eric) about the >expensive economics of monitoring the kiosks falls down just a tad >when you consider that these would not even be _moving targets_! The cost of placing a video camera to monitor a computer inside a coffeehouse must also include the possibility of negative publicity and lawsuit when such an emplacement is discovered. Monitoring a public place in advance of any "crime" being committed is _very_ bad for job security and department funding. >[...] but any such defenses would pale in comparison with the Privacy >inherent in the WB input from a single user's personal system. I am also not talking about replacing the ability to post from home. I am talking about expanding the number of entry points into the distribution system. The largest benefit for public-space access is that you can use this if you don't have a computer at home. You can also use it if you don't have a computer at work. >have the feeling that they would be a PRIMARY contributor to the overall >bullshit noise that would clutter up a decent WB systems and exponentially >increase the difficulty of filtering out the "good" stuff for proper use. A whistleblower system, by default, must be free of judgements about what is "good" to be on it and what is "bad". If someone thinks that something ought to be brought to light, then I say let them speak, no matter how trivial or inappropriate it might be. It is easy to ignore messages you don't want to consider. It is much, much harder to read messages that the author hesistates to write for fear of reprisal. A whistleblower system can tolerate more noise than usenet, since the core content of it can be so extremely valuable. If there is only access to a whistleblowing system for those who own computers or are provided access to them, then any such system will remain only a tool of the wealthy. You do not hear of abuses in labor law from anybody but the employees; these employees do not have computers. Anybody who has NATIONAL SECRETS to tell is, I would guess, a fool to post twice from a particular location. Anybody who has anything lengthy or digitally copied to say cannot easily use this system. It's not conducive to digital signatures. Public kiosks are not a panacea. To argue that they should therefore not exist is nonsense. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Mon, 12 Apr 93 11:57:22 PDT To: cypherpunks@toad.com Subject: a new usenet group Message-ID: <9304121854.AA06143@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain There is a new Usenet group that some on this list might be interested in. It's called alt.privacy.anon-server This group seems to have been created as a spillover for the debate on anonymity in news.admin.policy. My nntp server has seen less than 100 articles to date. I would encourage those in this group who have strong opinions to participate in this new forum, as it seems the advocates of strong privacy are not so numerous as they are here. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: david@staff.udc.upenn.edu (R. David Murray) Date: Mon, 12 Apr 93 11:10:31 PDT To: cypherpunks@toad.com Subject: forward: cryptanalysis talk abstract Message-ID: <9304121808.AA14458@staff.udc.upenn.edu> MIME-Version: 1.0 Content-Type: text/plain Thought people might find this abstract of a talk being given here at Penn of some interest. Please let me know if I'm wrong . (And, no, I won't be attending; almost all of it would be over my head. What is in this abstract is probably as much of it as I could understand without considerable preparation ). ------------------------------------------------------------------------ In article <119753@netnews.upenn.edu>, holland@central.cis.upenn.edu (Billie Holland) writes: > > Statistical Techniques for Language Recognition: > An Introduction and Empirical Study for Cryptanalysts > > Alan T. Sherman > Computer Science Department > University of Maryland Baltimore County > > In cryptanalysis, how can a computer program recognize when it has > discovered all or part of the secret message? For example, how can a > program recognize character strings such as ``Attack at dawn!'', > ``DES@RT ST\&RM'', or ``?tta????t d?wn'' as fragments of intelligible > messages? In the early days of cryptology a human would perform these > language-recognition tasks manually. In this talk I will explain how > to recognize language automatically with statistical techniques. > > Statistical techniques provide powerful tools for solving several > language-recognition problems that arise in cryptanalysis and other > domains. Language recognition is important in cryptanalysis because, > among other applications, an exhaustive key search of any cryptosystem > from ciphertext alone requires a test that recognizes valid plaintext. > Although I will focus on cryptanalysis, this talk should be relevant > to anyone interested in statistical inference on Markov chains or > applied language recognition. > > Modeling language as a finite stationary Markov process, I will adapt > a statistical model of pattern recognition to language recognition. > Within this framework I will consider four well-defined > language-recognition problems: 1) recognizing a known language, 2) > distinguishing a known language from uniform noise, 3) distinguishing > unknown 0th-order noise from unknown 1st-order language, and 4) > detecting non-uniform unknown language. For the second problem I will > give a most powerful test based on the Neyman-Pearson Lemma. For the > other problems, which typically have no uniformly most powerful tests, > I will give likelihood ratio tests. I will also discuss the > chi-squared test statistic $X^2$ and the Index of Coincidence $IC$. > > In addition, I will present the results of computer experiments that > characterize the distributions of five test statistics when applied to > strings of various lengths drawn from nine types of real and simulated > English. > > > This is joint work with Ravi Ganesan. Most of this work was carried > out while Sherman was a member of the Institute for Advanced Computer > Studies, University of Maryland College Park. > > Thursday, 15 April 93 > TOWNE BUILDING - 337 > 3:00 - 4:30 > -- david david@staff.udc.upenn.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Mon, 12 Apr 93 12:24:30 PDT To: cypherpunks@toad.com Subject: Re: Modem encryption proposal In-Reply-To: <1993Apr12.030810.5488@extropia.wimsey.bc.ca> Message-ID: <9304121904.AA01126@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain Miron Cuperman says: > Let's talk less and do more. :) > > How about adding encryption to kermit and iScreen so that they may > talk to each other in a secure manner? I am proposing these two > programs because they are widely portable. kermit works on most > Unix and MSDOS systems. iScreen works on most Unix systems. > > (Note that this would solve the network/modem eavesdropping problem, > but not the untrusted remote system problem. The latter has no > solution in my opinion. You just have to trust the sysadmin.) > > I propose writing a link encryption library which could be usable > in other comm and BBS programs. A good idea, but getting the protocol right is hard -- you don't want to put any real overhead on the line, but you also want to do error detection and resychronization so that your cypher will run properly. Discussing a proposal for a line protocol that has these features would, of course, be germane to the list. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: vanam@interceptor.ksu.ksu.edu (Stephen Lee(Second son of Caine)) Date: Mon, 12 Apr 93 15:35:48 PDT To: cypherpunks@toad.com Subject: Thanks a lot!!!!! Message-ID: <9304122235.AA01870@interceptor.ksu.ksu.edu> MIME-Version: 1.0 Content-Type: text/plain Thank for your answers and any other help for a beginer would be helpful... But to all that answered Thanks again... Stephen From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Derek Atkins Date: Mon, 12 Apr 93 19:36:55 PDT To: J. Michael Diehl Subject: Re: how secure is secring.pgp? In-Reply-To: <9304120127.AA06741@triton.unm.edu> Message-ID: <9304130236.AA01768@hodge> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- > Since we need a passphrase to access our secret key, it is > reasonable to think that our secring.pgp file is pretty secure, as > long as our passphrase is notrivial. What am I missing here? The secret key on the secring.pgp is IDEA-encrypted... So, it is only as strong as IDEA, and your passphrase. To break the security, someone needs to be able to: 1) Obtain your secret keyring.. This is either watching it go over the net, reading the file system, borrowing your floppy, or whatever, and 2) Obtain your secret passphrase... Only when both are accomplished can they get to your secret key, although once they have accomplished #1, they can try to break the IDEA algorithm... - -derek PGP 2 key available upon request on the key-server: pgp-public-keys@toxicwaste.mit.edu - -- Derek Atkins, MIT '93, Electrical Engineering and Computer Science Secretary, MIT Student Information Processing Board (SIPB) MIT Media Laboratory, Speech Research Group warlord@MIT.EDU PP-ASEL N1NWH -----BEGIN PGP SIGNATURE----- Version: 2.2 iQBuAgUBK8onIzh0K1zBsGrxAQHn0QLECpGbaKS3PpXdJTE0956AkeaYGuZGATJ3 Jgq7I/cEB5l2e3PPr31xdctywTi/+RBIKOJEVokPO9UMsu5KQvwngHta7NeYF8UB qS3wPDH85ro60H4fFsg/s6E= =4s7l -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Mon, 12 Apr 93 20:01:11 PDT To: Eric Hughes Subject: Re: Security Dynamics In-Reply-To: <9304121649.AA26494@soda.berkeley.edu> Message-ID: <9304130302.AA02654@pad-thai.aktis.com> MIME-Version: 1.0 Content-Type: text/plain >> Now, if the number changes every minute, that's a little over 10,000 >> samples in a week, certainly enough to determine if they are using >> weak random number generation. 1) not true. I read an article about a pseudorandom number generator which appeared random to every test they used on it. Then they went and did a monte carlo simulation of something based on that prng. Guess what? It wasn't quite random enough. Lesson: it can be *very* hard to determine randomness. 2) The sequence is not random. It is cryptographically pseudorandom. This is very different. 3) A friend who has a significant math background in crypto stuff has seen the Security Dynamics algorithms (under non-disclosure), and says that they're credible. That vouches for their theory. That they insist on programming the cards and keeping the keys themselves, and that they do not allow you to program the cards yourself, is a major problem, no matter how good their math is. Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Mon, 12 Apr 93 23:36:15 PDT To: hughes@soda.berkeley.edu Subject: Re: FWEE!: kiosks Message-ID: <9304130636.AA27437@servo> MIME-Version: 1.0 Content-Type: text/plain Eric's comment about the complementary natures of a public kiosk and a person's home suggests a hybrid whistleblowing scheme that combines the best of both. The whistleblower creates his file in the privacy of his own home on a floppy disk, encrypts it in the public key of the whistleblowing system, and carries it to a public kiosk where he sends it. This gives the whistleblower plenty of time and quite a bit of privacy as he composes his message (unless the PTB have bugged his home computer, a possibility for a suspected repeat "offender"). The step of physically carrying his file to the kiosk eliminates anything that could be done to the whistleblower's phone (including traffic analysis), although it would not stop physical surveillance of the whistleblower. And if the whistleblower is accosted on his way to the kiosk, all they could seize would be the ciphertext of his message, encrypted in the public key of the whistleblowing service -- which the whistleblower himself would not be able to decrypt even if he wanted to. Think of the kiosk more as a public mailbox than a public phone. Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Tue, 13 Apr 93 00:21:26 PDT To: pmetzger@lehman.com Subject: Re: Modem encryption proposal Message-ID: <9304130721.AA29941@servo> MIME-Version: 1.0 Content-Type: text/plain Crypto synchronization seems to be a problem mainly in real-time appliations like digital voice, where you don't have a reliable protocol underneath you. I advocate two approaches that don't seem to have been pursued much yet, at least in the Internet: per-packet encryption (and possibly) authentication) just above the IP layer, and stream encryption just above TCP. The former technique has the advantage of denying your adversary the maximum amount of information, because only the IP header is in the clear. The transport header and all user data is protected, so an eavesdropper can't tell which applications are communicating. And with IP-in-IP encapsulation, you can even deny him knowledge about which machines are actually communicating - a network-level service analogous to anonymous remailers. With authentication, network level security also provides good protection against replay attacks. The latter technique (encrypting above TCP) has the advantage of being more efficient (it doesn't break Van Jacobson TCP/IP header compression), which may make it desirable for some interactive sessions. This is essentially how encrypted Kerberos Telnet works now, although I would like to generalize the service to work with any TCP client. Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Tue, 13 Apr 93 01:15:15 PDT To: cypherpunks@toad.com Subject: Re: Security Dynamics Message-ID: <9304130815.AA00379@servo> MIME-Version: 1.0 Content-Type: text/plain Several years ago, before leaving Bellcore, I got so annoyed at the SecurID cards and how they were being foisted on us by a paranoid security organization that I built an alternative one-time password system of my own. It's now called "S/KEY" (no, I didn't pick the name). Essentially, I reinvented a scheme of Leslie Lamport involving iterated one way functions. Each time you log in, you crunch your password N-1 times through a one-way function like MD4 or MD5, where N is the number of times you did it last time. The host crunches it once more (to make its password file somewhat less sensitive) and compares it to the stored password. If it matches, the file is updated and you get in. A passive eavesdropper cannot generate the next password in the sequence from the current one because that would require inverting the one-way function. The nice thing about this scheme is that it provides essentially the same service as SecurID (protection against passive eavesdropping of user passwords) without having to pay exhorbitant prices for cards and integrating some really clunky hardware into your host. You have the option of building the algorithm into your own comm programs, or even the ultra-low-tech option of printing out a list in advance and putting it in your wallet. (Use rice paper if you fear capture - you can eat it! :-)) The bad thing about this scheme is that it provides no more protection than SecurID -- it doesn't stop someone from hijacking your session after you've authenticated it, nor does it protect the session itself against eavesdropping. And frankly, at the time I was more concerned about the security droids reading my email off the Ethernet than I was about some outside cracker guessing my password. Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Honeyman Date: Mon, 12 Apr 93 22:17:12 PDT To: cypherpunks@toad.com Subject: Re: Security Dynamics Message-ID: <9304130517.AA24164@toad.com> MIME-Version: 1.0 Content-Type: text/plain > I read an article about a pseudorandom number generator > which appeared random to every test they used on it. Then they went > and did a monte carlo simulation of something based on that prng. > Guess what? It wasn't quite random enough. Lesson: it can be *very* > hard to determine randomness. if this is the phys. rev. let. paper by ferenburg et al., there's a postscript copy up for ftp in csp2.csp.uga.edu:/pub/documents/amf1/. i can summarize. their simulations were based on five to ten runs, with 10^7 updates per run. they aren't precise about the exact number of random numbers needed, at least not in this paper, but i assume it's in the order of one per update, in which case 10,000 would not be enough. more info can be gleaned from the paper in /pub/documents/adler3/. they compared four basic rngs. a linear congruential algorithm (cong) x[n] = (16807 * x[n-1]) mod 2^31-1 two different shift register algorithms (sr250 and sr1279) x[n] = x[n-103] xor x[n-250] x[n] = x[n-103] xor x[n-1279] a subtract with carry generator algorithm (swc) x[n] = x[n-22] - x[n-43] - c if x[n] < 0 { x[n] += 2^32 - 5 c = 1 } else c = 0 a combined swc-Weyl generator (swcw) y[n] = (y[n-1] - 362436069) mod 2^32 x[n] = (swc[n] - y[n]) mod 2^32 the authors report that the tables were initialized with some care (i.e., with cong). the result reported in the phys rev let paper is that r250 gave results that were way off (the model being simulated has an exact solution), swc was better, but had error in the opposite direction, swcw was better but still showed signs of bias, and cong was within error limits. they also report that r1279 was much better than r250, but the tables are missing from the paper, so ... on the other hand, using every fifth value from r250 gave results within error limits. same with swc. odd ... maybe someone can comment on the particular rngs being tested here. they don't look particularly sophisticated to me, although the authors describe them as "ostensibly high quality rngs." hmmm ... looking over thir recent pubs, it doesn't look like this group (of statistical physicists) is following up on the rng testing angle. peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Nickey MacDonald Date: Mon, 12 Apr 93 23:29:09 PDT To: pmetzger@lehman.com Subject: Re: Modem encryption proposal In-Reply-To: <9304121904.AA01126@snark.shearson.com> Message-ID: MIME-Version: 1.0 Content-Type: text/plain Perry: I may have missed something, but I don't see where synchronization is a concern. The whole of idea of Kermit is to provide a "binary" path between two computers. It is Kermit's responsibility to ensure the data is received in the same order as sent (sychronization is part of the Kermit protocol, no?). If we have a data stream coming from a keyboard or whatever, which we run through an invertable encryption algorithm, and then pipe it into Kermit which makes sure it gets to the other side, Kermit need not know where the data is coming from. The other side of course has to know the protocol and the key... I believe that Kermit allows variable sized packets per file transferred, but does it allow the packet size to vary during the transfer? I'd have to go find my Kermit protocol reference on that one. You would want this, as well as a relaxed timing on the protocol, if its to come from the keyboard, as a user does not (and/or cannot) normally type as a consistant rate... --- Nick MacDonald | NMD on IRC i6t4@jupiter.sun.csd.unb.ca | PGP 2.1 Public key available via finger On Mon, 12 Apr 1993, Perry E. Metzger wrote: > A good idea, but getting the protocol right is hard -- you don't want > to put any real overhead on the line, but you also want to do error > detection and resychronization so that your cypher will run properly. > Discussing a proposal for a line protocol that has these features > would, of course, be germane to the list. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Derek Atkins Date: Tue, 13 Apr 93 02:46:14 PDT To: karn@qualcomm.com (Phil Karn) Subject: Re: Modem encryption proposal In-Reply-To: <9304130721.AA29941@servo> Message-ID: <9304130945.AA02555@hodge> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- > Crypto synchronization seems to be a problem mainly in real-time > appliations like digital voice, where you don't have a reliable > protocol underneath you. Phil, there is more to this than meets the eye. What happens if I, as an attacker, start feeding extra characters onto the modem line? Granted, I wont know what you are saying, since the link is encrypted, but if I can get an extra character on there, then the decryption will lose sync, and wont return the proper value... For example... Sender: more foo Encrypted data: HaoVwAog Received data: HaooVwAog Decrypted: morOmf&sm Now what? The sender and receiver are out of sync.... I believe this was what Nickey was talking about.. I was discussing this problem with a few people and haven't come up with a good, viable solution... yet. > This is essentially how encrypted Kerberos Telnet works now, > although I would like to generalize the service to work with any TCP > client. Uhh, there is a kstream package somewhere (or am I thinking of vapor-ware, it's late and I'm tried). This wouldn't be very hard to create. In fact, I was hoping to do something like this with my Thesis... Although it might get left for "future work". This depends upon having a clearly denoted stream, which neither telnet nor kermit provide a good interface. (Trust me on this -- it took me a while to try to create one for the little I've hacked them for my Thesis). - -derek PGP 2 key available upon request on the key-server: pgp-public-keys@toxicwaste.mit.edu - -- Derek Atkins, MIT '93, Electrical Engineering and Computer Science Secretary, MIT Student Information Processing Board (SIPB) MIT Media Laboratory, Speech Research Group warlord@MIT.EDU PP-ASEL N1NWH -----BEGIN PGP SIGNATURE----- Version: 2.2 iQBuAgUBK8qLvTh0K1zBsGrxAQG39QLFFn0/Nz1zVRi6kHp+j+R0KAQQlEL6588d RfSshGGFhuXIJE/S8BP8kqLrKeSeRgSbil3zBLQZNeconnExaq6VUeO5Yvn9U/0S cHggKYBTlcz1zqjp7BLxLz8= =TBaq -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 13 Apr 93 08:15:58 PDT To: cypherpunks@toad.com Subject: FWEE!: kiosks In-Reply-To: <9304130636.AA27437@servo> Message-ID: <9304131512.AA13719@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >The whistleblower creates his file in the privacy >of his own home on a floppy disk, encrypts it in the public key of >the whistleblowing system, and carries it to a public kiosk where he >sends it. This is the ideal scenario. I suspect that kiosks for other purposes will eventually contain some form of user-available I/O. I'm guessing it will be infrared, maybe rs232 serial. Diskette drives are too vulnerable and expensive to be feasible in a pay phone environment; they're called armor phones, and for good reason. In particular, sfnet doesn't have diskette access. No bother, we're not going to create the best system on the first revision. A good enough system will drive later systems. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 13 Apr 93 08:18:34 PDT To: cypherpunks@toad.com Subject: Security Dynamics In-Reply-To: <9304130517.AA24164@toad.com> Message-ID: <9304131515.AA13826@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Re: checking distribution in 10^4 samples >their simulations were based on five to ten runs, with 10^7 updates >per run. they aren't precise about the exact number of random >numbers needed, at least not in this paper, but i assume it's in the >order of one per update, in which case 10,000 would not be enough. The method of randomness-checking done here is to run a physical simulation with the random numbers. Direct statistical methods are much more efficient. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 13 Apr 93 08:29:10 PDT To: cypherpunks@toad.com Subject: Security Dynamics In-Reply-To: <9304130302.AA02654@pad-thai.aktis.com> Message-ID: <9304131525.AA14338@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >>> Now, if the number changes every minute, that's a little over 10,000 >>> samples in a week, certainly enough to determine if they are using >>> weak random number generation. >1) not true. I read an article about a pseudorandom number generator >which appeared random to every test they used on it. [...] Lesson: >it can be *very* hard to determine randomness. The experiment I was proposing would possibly answer 'yes' to the question "Is the number generation weak?" It would not say how strong it was, or even if it was strong. it would, however, give some lower bound on its strength or else show that it was in fact not very strong at all. >2) The sequence is not random. It is cryptographically pseudorandom. >This is very different. Since we are talking about a device in which a sequence is duplicated on two ends, I did not feel the need to belabor the difference between pseudorandom and random. The context makes it clear that this can't be a random device based on a physically random process. >3) A friend who has a significant math background in crypto stuff has >seen the Security Dynamics algorithms (under non-disclosure), and says >that they're credible. That bit of information may mean that a 10^4 sample test is not worth doing. >That vouches for their theory. That changes our trust from no trust at all into trust in your friend's ability and your assessment of it. :-) >That they >insist on programming the cards and keeping the keys themselves, and >that they do not allow you to program the cards yourself, is a major >problem, no matter how good their math is. Granted. Their keeping the keys is worth, say, using a linear congruential generator (or worse) in terms of overall security. I was merely curious as to whether they were fools on all fronts, as opposed just to the secrecy front. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 13 Apr 93 08:41:42 PDT To: cypherpunks@toad.com Subject: how secure is secring.pgp? In-Reply-To: <9304130236.AA01768@hodge> Message-ID: <9304131538.AA14939@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain I've-forgotten-who writes: >> Since we need a passphrase to access our secret key, it is >> reasonable to think that our secring.pgp file is pretty secure, as >> long as our passphrase is notrivial. What am I missing here? There are two security items here. The first is that the secret RSA key nott be revealed. The second is that the name attached to that key pair not be revealed. Derek writes: >The secret key on the secring.pgp is IDEA-encrypted... So, it is only >as strong as IDEA, and your passphrase. This protection applies to the first criterion--your secret key is not revealed. No one can steal your key and impersonate you. The second datum, name attached to a key, is protected only by one's sole possession of the secring.pgp file. If you are using a pseudonym, and using an RSA signature to enforce it, and doing thing with this pseudonym that you don't want identified with you, then you'd better make sure that secring.pgp file is not discovered on your machine. The format of the keyring file is such that the name attached to a key is in the clear. This is really a huge hole. Since secret keys are presumed to be in the possession of only those who actually use the keys, possession of a secret key on the secring.pgp is tantamount to proof that you are that pseudonym. In short: everything about a secret key ring should be encrypted. A parallel (not as consequential): everything about a public key ring should be encrypted. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 13 Apr 93 09:02:00 PDT To: cypherpunks@toad.com Subject: forward: cryptanalysis talk abstract In-Reply-To: <9304121808.AA14458@staff.udc.upenn.edu> Message-ID: <9304131558.AA16178@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >> Language recognition is important in cryptanalysis because, >> among other applications, an exhaustive key search of any cryptosystem >> from ciphertext alone requires a test that recognizes valid plaintext. For exhaustive key search on any reasonably good symmetric cipher (like DES), some simple entropy measure for n-bit-grams should suffice to distinguish random from non-random. These other approaches in this talk seem like overkill in this context. But then again, maybe we're trying to break Enigma. :-) >> Modeling language as a finite stationary Markov process, A finite stationary Markov process is large fancy math-speak for what a travesty generator does. "finite" means that the total number of states is finite, and that means you get to use matrices instead of kernel integrals, which means that your averagely educated scientist can follow this. "stationary" means that the transition matrix is not a function of time, that is, it's a constant matrix. This means that time appears only in an exponent. A "Markov process" is a transition from one state to another, probabilistically. (Approximately. All these definitions are meant to explain, not to define.) The talk looks interesting, to be sure, but it looks more significant for making a better /etc/magic for file(1) than it does for cryptanalysis. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Tue, 13 Apr 93 07:40:28 PDT To: Nickey MacDonald Subject: Re: Modem encryption proposal In-Reply-To: Message-ID: <9304131439.AA06324@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain Nickey MacDonald says: > I may have missed something, but I don't see where synchronization is a > concern. The whole of idea of Kermit is to provide a "binary" path > between two computers. It is Kermit's responsibility to ensure the data > is received in the same order as sent (sychronization is part of the > Kermit protocol, no?). I don't belive people were talking about Kermit the Protocol. They were talking about Kermit the PD terminal emulation software, which contains Kermit the Protocol. Obviously the protocol can handle error correction -- but that does nothing for you if you want to log in to a machine and do arbitrary things. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: eichin@cygnus.com (Mark Eichin) Date: Tue, 13 Apr 93 11:25:32 PDT To: warlord@Athena.MIT.EDU Subject: re: Modem encryption proposal In-Reply-To: <9304130945.AA02555@hodge> Message-ID: <9304131825.AA04147@cygnus.com> MIME-Version: 1.0 Content-Type: text/plain >> Uhh, there is a kstream package somewhere (or am I thinking of >> vapor-ware, it's late and I'm tried). This wouldn't be very hard to kstream was written by Ken Raeburn of Cygnus as part of our Cygnus Network Security work (support for Kerberos V4) and was included in the MIT Kerberos V4 patchlevel 10 "final" release. Our kerberized rlogin and rcp use it to handle encryption, it cleans up the code a bit and makes it easier to modify other programs. _Mark_ MIT Student Information Processing Board Cygnus Support From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: sean@gomez.Jpl.Nasa.Gov (Sean Barrett) Date: Tue, 13 Apr 93 16:39:03 PDT To: cypherpunks@toad.com Subject: Sign-off Message-ID: <9304132338.AA15246@gomez.Jpl.Nasa.Gov> MIME-Version: 1.0 Content-Type: text/plain Please remove me from this list. Thanks. -- Sean Barrett How many boards would the Mongols sean@pugsley.jpl.nasa.gov (fast) hoard, if the Mongol Hordes got bored? sbar@genie.geis.com (reliable) PGP key by finger or from key servers. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 13 Apr 93 17:53:45 PDT To: cypherpunks@toad.com Subject: how secure is secring.pgp? In-Reply-To: <9304132317.AA03404@dun-dun-noodles.aktis.com> Message-ID: <9304140050.AA03988@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain I said: >>> There are two security items here. The first is that the secret RSA >>> key not be revealed. The second is that the name attached to that >>> key pair not be revealed. Marc said: >I may be nitpicking here, but I have to argue. Although there is a >relationship, security and privacy are not one and the same. You have >named a security item, and a privacy item, not two security items. As long as we're being precise, allow me to restate my claim. If you use a pseudonym with PGP, and you don't want it revealed, and for some reason it is revealed (through some other security breach), then the secret ring has a security failure (lack of encryption) which leads to a breach of privacy. The lack of encryption is a material cause of the privacy compromise. As far as I can tell, I was using security to refer to material causes and Marc was referring to end results. >I believe that the secring.pgp is secure, for most reasonable >purposes. So do I. On an encrypted file system, this is not nearly so large an issue. >>> A parallel (not as consequential): everything about a public key ring >>> should be encrypted. A point of clarification for below: that's one's own personal copy of a public key ring. >[... this] point is >ludicrous, IMHO. If it's a public key, why should it be encrypted? >The whole purpose of a public key is that it can be widely published. The point of a public key is that someone else can perform an operation that only you can undo (and vice-versa, properly stated). Public keys are for anybody that is not you. This does not mean that everyone will have them, or even that everyone should have them. The social form of fully published keys need not be the norm. >You could claim that the keyring >identified the people with whom I talk, but that is easily overcome by >just keeping a few thousand people on your keyring. If this is the only datum available, that would work. When another list is available to intersect your keyring with, the attempted diffusion may fail unexpectedly. Keeping your identities of your correspondents private (through a security mechanism on the keyring) is much the same as using some of the stronger forms of remailers that have been discussed. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Tue, 13 Apr 93 16:20:28 PDT To: Eric Hughes Subject: Re: how secure is secring.pgp? In-Reply-To: <9304131538.AA14939@soda.berkeley.edu> Message-ID: <9304132317.AA03404@dun-dun-noodles.aktis.com> MIME-Version: 1.0 Content-Type: text/plain >> There are two security items here. The first is that the secret RSA >> key nott be revealed. The second is that the name attached to that >> key pair not be revealed. I may be nitpicking here, but I have to argue. Although there is a relationship, security and privacy are not one and the same. You have named a security item, and a privacy item, not two security items. For privacy to exist, security may be necessary, but that doens't make it a security item. For instance, I trust my roommate to respect my privacy. There's no lock on my bedroom door. He knocks before coming in if I'm in there. This is a privacy system based on trust, not on security. I'm not proposing this model for the net, don't worry! (That's Dorothy Denning's job. :-) I'm just pointing out that privacy can exist without security, given appropriate constraints. Similarly, security can exist without privacy: You can clearsign a message w/o encrypting it. >> This is really a huge hole. Since secret keys are presumed to be in >> the possession of only those who actually use the keys, possession of >> a secret key on the secring.pgp is tantamount to proof that you are >> that pseudonym. I believe that the secring.pgp is secure, for most reasonable purposes. (You can debate this, but I'll just keep changing my definition of reasonable on you. So don't bother.) However, it is clearly not private. One could argue that the entire secring.pgp should be encrypted, and I might even agree with you. I'll have to think about it more. >> In short: everything about a secret key ring should be encrypted. >> >> A parallel (not as consequential): everything about a public key ring >> should be encrypted. The former point is probably true. However, the latter point is ludicrous, IMHO. If it's a public key, why should it be encrypted? The whole purpose of a public key is that it can be widely published. Encrypting it sort of kills the idea. If the name<->key mapping on the public key is protected, it's useless for me to know that key ID B4B951 signed some message. I want to know who that person is, or at least, who they claim to be. You could claim that the keyring identified the people with whom I talk, but that is easily overcome by just keeping a few thousand people on your keyring. Then the signal is buried in the noise. Even if you don't want someone's public key visible on your own keyring, it's still reasonable for their key to be published in some "global" directory, in the clear. Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Sandy <72114.1712@CompuServe.COM> Date: Tue, 13 Apr 93 17:27:44 PDT To: Subject: Encrypted Cordless phones Message-ID: <930414002026_72114.1712_FHF79-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain _________________________________________________________________ FROM THE VIRTUAL DESK OF SANDY SANDFORT ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ At the Bay Area Cypherpunks meeting, I mentioned two cordless telephones that encrypt between the handset and the base unit. Here is some information about them. VTech Tropez 900DX Transmits signal digitally between handset and base unit on one of 20 channels in the 900 MHz band. Automatically selects one of over 65,000 digital security codes each time handset is returned to the base unit. Range is up to 800 meters; with up to 4.5 hours of continuous talk time. Suggested retail cost is $349.95. For more information: Steve Johnson, (503) 643-8981. PhoneMate 2910 Transmits signal digitally between handset and base unit on one of 10 channels in the 900 MHz band. Automatically selects one of over 1,000 digital security codes each time handset is returned to the base unit. Range is up to probably about the same as the VTech. No figures are given for talk time. Suggested retail price is $219.95. For more information: Suzanne Nastaskin, (310) 314-6649. Both phones have all the usual advanced features like auto-redial and such. Neither company's literature tells what encryption technology they uses. S a n d y _________________________________________________________________ PLEASE RESPOND TO: ssandfort@attmail.com (except from CompuServe) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Clark Reynard Date: Tue, 13 Apr 93 17:28:43 PDT To: cypherpunks@toad.com Subject: alt.whistleblowers Message-ID: <9304140125.AA16266@metal.psu.edu> MIME-Version: 1.0 Content-Type: text/plain I suggest that as a first step in the process of making alt.whistleblowers a reality, that we kick around the idea for a while, either here or on alt.config. If I receive a positive response, I will post the control message myself. Three possible choices of action: 1) Kick it around on alt.config. 2) Kick it around on news.groups, etc. 3) Kick it around here. 4) Don't even bother kicking it around; just create the group, and hell with anyone who doesn't like it. So, what's the general consensus on the best course of action? And, yes, I know that was four, and not three possible choices; it's probably really eight or ten. ---- Robert W. Clark rclark@nyx.cs.du.edu PGP signature available by mail or finger From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eli Brandt Date: Tue, 13 Apr 93 20:31:51 PDT To: cypherpunks@toad.com Subject: Re: Encrypted Cordless phones In-Reply-To: <930414002026_72114.1712_FHF79-1@CompuServe.COM> Message-ID: <9304140331.AA27969@toad.com> MIME-Version: 1.0 Content-Type: text/plain > Both phones have all the usual advanced features like auto-redial > and such. Neither company's literature tells what encryption > technology they uses. It doesn't much matter; they're using ten- and sixteen-bit keys. Assuming it takes some 50 ms to tell voice from the white noise that a failed attempt will generate, a brute-force attack on these systems should take under a minute and an hour respectively, worst-case. This is hardly rock-solid security; it looks like it rests mostly on nobody reverse-engineering their algorithm. > S a n d y Eli ebrandt@jarthur.claremont.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Joe Thomas Date: Tue, 13 Apr 93 19:18:30 PDT To: Mark Subject: Re: alt.whistleblowers In-Reply-To: <9304140117.AA19145@coombs.anu.edu.au> Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Wed, 14 Apr 1993, Mark wrote: > >4) Don't even bother kicking it around; just create the group, > > and hell with anyone who doesn't like it. > > We're sposed to be anarchists right? :) 'sides alt.* groups come out daily > with little or no discussion. Ours wont rock boats, at least in it's creation, > the content is a different story. Personally I hope it doesnt degenrate into a > narc fest for people who have grudges against people... that would be sad.. > > I vote to just make it. Not all will like it, but then they are maybe the ones > who will feature in it (great way to shut them up :). Couldn't hurt to mention it in alt.config. It would probably get a good response, and get propagated more widely (some newsadmins are a bit skeptical about newgroups from out of the blue...) Joe -- Joe Thomas PGP key available by request or by finger. PGP key fingerprint: 1E E1 B8 6E 49 67 C4 19 8B F1 E4 9D F0 6D 68 4B From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Tue, 13 Apr 93 20:11:29 PDT To: cypherpunks@toad.com Subject: ["Vinton G. Cerf": Letter to Congress/RSA + DES] Message-ID: <9304140312.AA23170@pad-thai.aktis.com> MIME-Version: 1.0 Content-Type: text/plain Vint Cerf is a very well-known and respected person in the Internet community. I don't know if his testimony will mean anything, but it's interesting to read. Marc ------- Forwarded Message To: internauts:;@IETF.CNRI.Reston.VA.US Subject: Letter to Congress/RSA + DES Date: Tue, 13 Apr 93 20:26:01 -0400 Sender: cclark@IETF.CNRI.Reston.VA.US From: "Vinton G. Cerf" Dr. Vinton G. Cerf 3614 Camelot Drive Annandale, VA 22003-1302 11 April 1993 The Honorable Timothy Valentine Committee on Science, Space and Technology Subcommittee on Technology, Environment and Aviation House of Representatives Rayburn House Office Building Dear Chairman Valentine: I recently had the honor of testifying before the Subcommittee on Technology, Environment and Aviation during which time Representative Rohrabacher (R, California) made the request that I prepare correspondence to the committee concerning the present US policy on the export of hardware and software implementing the Data Encryption Standard (DES) and the RSA Public Key encryption algorithm (RSA). As you know, the DES was developed by the National Institute for Standards and Technology (NIST) in the mid-1970s, based on technology developed by Internatonal Business Machines (IBM). The details of the algorithm were made widely available to the public and considerable opportunity for public comment on the technology was offered. In the same general time period, two researchers at Stanford University (Martin Hellman and Whitfield Diffie) published a paper describing the possible existence of mathematical functions which, unlike the symmetric DES algorithm, could act in a special, pairwise fashion to support encryption and decryption. These so-called "public key algorithms" had the unusual property that one function would encrypt and the other decrypt -- differing from the symmetric DES in which a single function performs both operations. The public key system uses a pair of keys, one held private and the other made public. DES uses one key which is kept secret by all parties using it. Three researchers at MIT (Rivest, Shamir and Adelman) discovered an algorithm which met Hellman and Diffie's criteria. This algorithm is now called "RSA" in reference to its inventors. The RSA technology was patented by Stanford and MIT and a company, Public Key Partners (PKP), created to manage licensing of the RSA technology. A company called RSA Data Security, Inc., was also formed, which licensed the technology from PKP and markets products to the public based on the technology. The current policy of the United States places DES and RSA technology under export control. Because cryptography falls into the category of munitions, it is controlled not only by the Commerce Department but also by the State Department under the terms of the International Traffic in Arms regulations. Despite the public development of both of these technologies and their documented availability outside the United States over the last 15 years, US policy has been uniformly restrictive concerning export licensing. As the United States and the rest of the world enter more fully into the Information Age in which digital communications plays a critical role in the global infrastructure, the "digital signature" capability of public key cryptography is a critical necessity for validating business transactions and for identifying ownership of intellectual property expressed in digital electronic forms. Registration and transfer of intellectual property rights in works which can be represented in digital form will be cenral factors in the national and global information infrastructure. A number of parties are exploring technical means for carrying out rights registration and transfer, making use of public key cryptography as a basic tool. In addition, there is a great deal of current work on electronic mail systems which support privacy by means of encryption and support authenticity by means of digital signatures. One of these systems, developed in the Internet environment I mentioned in my testimony, is called Privacy-enhanced Mail (PEM) and makes use of DES, RSA and some other special "hash" functions which are integral to the production of digital signatures. For these various systems to be compatible on an international basis, it would be very helpful for the cryptographic components to be exportable on a world-wide basis. A number of vendors make produces relying on these technologies within the United States but often find it very difficult to engage in international commerce owing to the export licensing required for these technologies. Ironically, the technology appears to be widely available outside the US and also outside the COCOM countries, so US firms face both competition outside the US and export inhibitions in their attempts to develop worldwide markets. There are many valid national security reasons for limiting the export of cryptographic capabilities, since these technologies may aid an opponent in time of war or other conflict. Perhaps just as important, US intelligence gathering capability can be eroded by the availability of high grade cryptography on a worldwide basis. Recently, it has also been alleged that the world-wide availability of cryptography would also seriously impede US drug enforcement and anti-crime efforts. While these reasons seem sufficient, many have pointed out that the widespread accessibility to the detailed specifications of DES and RSA and availability and existence of software and hardware outside the US have long since done whatever damage is going to be done in respect of warfighting, crime or drug potential. This line of reasoning leads to the conclusion that our policies only inhibit legitimate commerce, but have little impact on the other concerns expressed. As in all such controversy, there is often some truth on both sides. The National Institutes of Standards and Technology (NIST), has offered alternative digital signature capability. Technical assessments of the alternative have turned up weaknesses, in the opinions of some experts. There is not yet an alternative to DES, unless it is to be found in NSA's Commercial Crypto Evaluation Program (CCEP) in which NSA proposes to provide algorithms which are implemented in hardware by industry and made available for civilian use. As I understand this program, NSA does not intend to release any details of the algorithms, leaving open questions about the nature and strength of the technology. Some experts will persist in the belief that such offerings have weaknesses which are deliberately built in and hidden (so-called "Trojan Horses") which will allow the agency to "break" any messages protected by this means. The critics complained loudly that the reasoning behind the design of certain parts of the DES algorithm (specifically the "S-boxes") was never made public and therefore that the algorithm was suspect. In fact, the DES has proven to be very strong - indeed, it may be that very fact which makes it so unpalatable in some quarters to permit its unrestricted export. It may be that the CCEP technology offered is satisfactory, but this is hard to tell without knowing more about its provenance. Presuming the wide availability of both DES and RSA technology, it seems to me appropriate and timely to re-examine US export control policy regarding these two algorithms. In all probability, any such review will require some classified testimony which will have to be heard in confidence by cleared members of your committee. I sincerely hope that the outcome will be favorable to use by US industry in international commerce, but even if the outcome results in continuation of present policy, it is timely to make such a review, in my opinion. Sincerely, Vinton G. Cerf ------- End of Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Tue, 13 Apr 93 23:38:45 PDT To: CYPHERPUNKS Subject: REMAIL: Positive Reputations Now! Message-ID: <930414063404_74076.1041_FHD59-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- There's been a lot of talk on news.admin.policy about ways of handling abusive or illegal anonymous posts. One proposal is to restrict posts from certain people, but this will fail if multiple remailers allowing chaining become available. I had an idea for another way of filtering anonymous posts which might be achievable with current news software. It would require some work by the remailer operators, though. We have talked here about positive reputations as a filtering method. A positive reputation would basically be a recommendation by some respected person that a particular poster is worth listening to. If posts could be marked with such recommendations, people could set up their news software to filter out non-recommended anonymous posts. This would be a way of distinguishing between those who want to post anonymously just for privacy, and those who want to harrass or abuse others. Current news software doesn't provide for such reputations. But there were suggestions being made at one time for a standard way of marking anonymous posts. One idea was to give them a unique identifier in the "Distribution" field of "anon". I gather that this would require a little modification of major news distribution sites to honor this distribution but from what I understand the changes needed are not major. My idea is to implement positive reputations at the source which is in the best position to provide them: the remailer operator. Applying the distribution idea, posts which were from people on a "good guys list" would be posted from the remailer with a specific distribution that identifies them as such. Anonymous posts from people not on the list would get a different identification. In order to verify that posts were really from who they claimed, they would have to be PGP (or RIPEM or PEM) signed. The list would actually be a list of keys rather than a list of user ID's. People would get on the list by asking the remailer operator, perhaps by pointing to some of their posts which were responsible. People would be removed from the list at the remailer operator's discretion, presumably when they posted objectionable messages. The advantage of this system is that it introduces, in a limited way, the idea of positive reputations. It fits into the current killfile system so that people easily offended can avoid seeing most offensive anonymous posts. It encourages the use of encryption software on the part of people who want to post anonymously and get a good reputation. And the only difficult software requirements are in the remailing/posting software; everybody else just runs the current SW. Now, since I don't run a remailing/posting service, I am in the rather embarrassing position of offering a "solution" which requires somebody else to do the work. I would be very willing to help with the software requirements for recognizing incoming PGP signed messages and looking up keys in a database. The actual maintenance of the good posters list would take some time and energy on the part of the operator. But perhaps this would not be that much more than the other activities involved. And it would have the advantage that it would point out a new direction for the net, towards a system where privacy and responsibility can coexist. Hal Finney 74076.1041@compuserve.com -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK8uFMqgTA69YIUw3AQFqswQAhx/GN/qg4Jx6Ggqh8Rmt6Lta1iN82dOQ gAAkEwcgJsMuvEjtcgRFkHxxW6uCF/8m2kLU3HUA8lnT94BR5TJc/0K5xH05gKhH NvU+74sCxIV68ef+0pz1X9TzC1E7tUxAhJKPQ80li1QFsBw5yATzuh1UHeDIk/5O 7yyVS8AGQFc= =RyI6 -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: George A. Gleason Date: Wed, 14 Apr 93 03:20:16 PDT To: ebrandt@jarthur.Claremont.EDU Subject: Re: Encrypted Cordless phones Message-ID: <199304141019.AA21841@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain And also.... Radio Shack just entered the market with a cordless which uses frequency inversion. That's analog... Probably can be broken in less than a minute, even by amateurs who know how to solder. About 1986 or so, a certain state agency ordered some expensive walkie-talkies which were supposed to be secure against protesters with scanners. Guess what? Analog frequency inversion. And in fact, with a little practice, you can listen to inverted speech directly and make sense of it. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Brad Huntting Date: Wed, 14 Apr 93 08:42:16 PDT To: Clark Reynard Subject: Re: alt.whistleblowers In-Reply-To: <9304140125.AA16266@metal.psu.edu> Message-ID: <9304141542.AA19694@futureworld.advtech.uswest.com.advtech.uswest.com> MIME-Version: 1.0 Content-Type: text/plain > 1) Kick it around on alt.config. I think this is the best option. news.groups is (mostly) for standard "usenet" hierarchies (e.g. misc.whisleblowers). If you mention "discussed in alt.config" in your newgroup I think you will get much better reception. brad From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mark@coombs.anu.edu.au (Mark) Date: Tue, 13 Apr 93 18:17:29 PDT To: cypherpunks@toad.com Subject: Re: alt.whistleblowers In-Reply-To: <9304140125.AA16266@metal.psu.edu> Message-ID: <9304140117.AA19145@coombs.anu.edu.au> MIME-Version: 1.0 Content-Type: text/plain >4) Don't even bother kicking it around; just create the group, > and hell with anyone who doesn't like it. We're sposed to be anarchists right? :) 'sides alt.* groups come out daily with little or no discussion. Ours wont rock boats, at least in it's creation, the content is a different story. Personally I hope it doesnt degenrate into a narc fest for people who have grudges against people... that would be sad.. I vote to just make it. Not all will like it, but then they are maybe the ones who will feature in it (great way to shut them up :). Mark mark@coombs.anu.edu.au From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com Date: Wed, 14 Apr 93 10:46:44 PDT To: cypherpunks@toad.com Subject: FWEE! Re: alt.whistleblowers Message-ID: <9304141746.AA27675@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text > Kick it around on alt.config >> Just do it .... The problem is that alt.whistleblowers is technically more complex than just creating an alt.group and having one anon.poster site - we need to resolve issues of secure mail standards (e.g. should the system use RIPEM or just PGP, are there any non-US sites with RIPEM so that non-US anon.poster sites can use it, should there be multiple anon.sites and should they do remailing between them, etc.) Otherwise we may end up with a single point of failure, and if it's any good, it will at least get its mail watched, if it doesn't get raided - traffic analysis is important here. Are we only going to use anon.posting sites, or are forged postings also going to be an acceptable technique? Do we at least need to publish a guide to forging mail headers so your mail to the anon.poster can appear to come from kremvax or whitehouse.com? Let's try to get a good idea of what we want to do before dropping it into alt.config. Bill Stewart -- This isn't the 8th Dimension, we're somewhere over New Jersey From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: rclark@nyx.cs.du.edu (Robert W. F. Clark) Date: Wed, 14 Apr 93 14:02:36 PDT To: extropians@gnu.ai.mit.edu Subject: WARNING: Forward of unposted alt.config message Message-ID: <9304142104.AA19705@nyx.cs.du.edu> MIME-Version: 1.0 Content-Type: text/plain I am sending this here _prior_ to posting it to give advance warning; responses received have varied on the methods of creation of the group, but have largely tended toward a consensus that it is wise to have some sort of discussion period; in addition, I have chosen a cross-post to those groups most likely to have an interest in creating the group, and if this results in a flamewar in alt.config, so be it. After I tally the votes and they vastly outnumber the NOs I will create the newsgroup without further delay. I just wish for people to clarify; sorry if you missed it, but this is going out in four hours exactly to the aforementioned newsgroups. I will implement all important suggestions mailed to me by that time, including alteration of procedural points, wording changes, alteration of Newsgroups: line, etc. I will also delay posting if valid and immediate concerns are brought to light; however, since I leave the major axes: Moderated or unmoderated, length of discussion period, length of voting period, open for discussion, it should not be a disaster if it goes out in its current form. Join the discussion, and if you like the idea, PLEASE send a YES vote only WHEN the Call for Votes is posted. Additionally, suggestions for additions/deletions of Newsgroups from the crosspost, or a more appropriate place to redirect replies, or any suggestions whatever will be adopted if suitable. If you have no interest in the privacy issue, please type 'd' now. ---- Newsgroups: alt.config, alt.privacy, alt.privacy.anon-server, soc.motss, alt.sex, alt.sex.bestiality, alt.drugs, comp.protocols.tcp-ip.eniac Followup-to: alt.config Subject: Call for discussion: alt.whistleblower In light of the current debate concerning whether anonymous posting can serve a useful purpose, I propose the immediate experiment of creating a group which shall provide a genuinely useful service to the public. This newsgroup is to be called alt.whistleblower, and is for the purpose of allowing those who might otherwise be unwilling to come forward to provide information about the illegal activities of government agencies, large corporations and similar malefactors without fear of illegal reprisals against them. The need for this group is evident in light of the extreme usefulness of information concerning the behavior of the governing bodies of the United States, and the large number of government employees and corporate employees with access to the Internet and anonymous posting services. This group could also include reports of illegal discrimination by those who fear reprisal if they reveal their names, information concerning safety issues by those who know that their company is releasing an unsafe or dangerous product, or defrauding customers by dishonest and illegal means. Considering the immediate need for this newsgroup in light of those who, in many cases, provide services for a fee and then provide an inadequate service by cutting their downstream sites from reading anything that the service-provider deems is inappropriate, I request a waiver of procedure in this matter and that, if significant interest is present and seems to form a general consensus, it shall be accepted that I revise and present a prospectus for this newsgroup and a call for votes on a date no sooner than seven days from this initial posting and no later than ten days after the call for discussion. Procedural points concerning the length of the voting period are to be addressed in the public discussion, and anyone wishing to send anonymous mail should forward it to me. This newsgroup is necessary and of great potential use, as those of you with a legitimate need for privacy know well. If you value your privacy, let us discuss this wisely and equitably in order to reach a consensus. Whether this newsgroup is to be moderated or unmoderated, whether the name is appropriate or another hierarchy would be preferable, and all procedural points are to be decided based on the general consensus. I realize there will be those who will oppose the creation of this newsgroup on the oft-cited grounds that "Anyone who needs privacy must be hiding something." This is true; however, in our society there are many things which need to be revealed as well as many things which need to be concealed. I believe that a corollary truism could be applied to those who oppose the notion of public privacy. "Anyone who fears privacy must be hiding something." Let the discussion begin. Final note: Do NOT, repeat, NOT send votes until I post a "Call for Votes" at the end of the discussion period. The length of the discussion period may be increased if some drastic occurrence requires it, but I'm planning to post it in one week. Vote then. I thank you for your consideration in this matter. ---- "Occasionally an honest man is sent to the legislature." Mark Twain rclark@nyx.cs.du.edu PGP key available by mail or finger rclark@metal.psu.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eli Brandt Date: Wed, 14 Apr 93 15:10:46 PDT To: clark@metal.psu.edu Subject: Re: WARNING: Forward of unposted alt.config message In-Reply-To: <9304142104.AA19705@nyx.cs.du.edu> Message-ID: <9304142210.AA23480@toad.com> MIME-Version: 1.0 Content-Type: text/plain > From: rclark@nyx.cs.du.edu (Robert W. F. Clark) > Join the discussion, and if you like the idea, PLEASE send a YES > vote only WHEN the Call for Votes is posted. Is there some reason to run a CFV and all that on this proposed alt group? Looks to me as if the usual creation procedure should work fine for this group. > Newsgroups: [...] alt.sex.bestiality, alt.drugs, comp.protocols.tcp-ip.eniac Chuckle. Eli ebrandt@jarthur.claremont.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Clark Reynard Date: Wed, 14 Apr 93 15:10:20 PDT To: wcs@anchor.ho.att.com Subject: Re: FWEE! Re: alt.whistleblowers Message-ID: <9304142306.AA01506@metal.psu.edu> MIME-Version: 1.0 Content-Type: text/plain This would come into play as something necessary only after the creation of the group, and at least the anonymous posting part of it is already being studied by others, for entirely different reasons. And, in addition, the method of posting will be determined by the nature of the group itself, which is only determinable after a period of discussion. For which alt.config is as suitable a place for discussion as this mailing list. In fact, the newsgroup is better, since we'll be getting feedback from the Enemy as well. A fogware (not quite vaporware) FAQ could be provided at a moment's notice, simply containing an explanation of the newsgroup and its purpose (which would be a slightly modified carbon copy of the Call for Votes; more vaporware), the list of anonymous remailers at soda.berkeley.edu, and perhaps some cullings from more cogent postings regarding the anonymity issue. Then, as FAQs actually appear, it can be expanded. I am capable of doing this at least for the next few months, and probably longer. Once the newsgroup, which I think would be unmoderated by its very nature, or moderated in something of the same way as alt.hackers, except that the accepted moderator-list would consist of any anonymous remailer on the list in the FAQ (this, I couldn't do, since I don't maintain the anonymous remailer list and couldn't be guaranteed of getting it right). In any case, I think that having it unmoderated and not doing anything but posting a FAQ every week should take care of it. It's an unusual newsgroup idea, but in execution it should be similar to existing newsgroups. In any case, I think that beginning the discussion is appropriate; if the specs for the newsgroup are to be changed, they can always be changed before the posting of the Call for Votes, when everything becomes Locked in Stone. ---- Robert W. Clark rclark@nyx.cs.du.edu PGP signature available by mail or finger From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: trump@pluto.ee.cua.edu (Louis Edward Trumpbour) Date: Wed, 14 Apr 93 15:27:16 PDT To: cypherpunks@toad.com Subject: ..... Message-ID: <9304142228.AA08551@pluto.ee.cua.edu> MIME-Version: 1.0 Content-Type: text/plain ok well i am sure that there are a lot of people out there that want to learn how to do basic cypher/decyphering... so i think it would be nice if people gave their knowledge on how to do decryption... even if its very very basic and perhaps a faq could be made out of this info... Clovis From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: KINNEY WILLIAM H Date: Wed, 14 Apr 93 17:58:52 PDT To: cypherpunks@toad.com Subject: Re: alt.whistleblowers Message-ID: <199304150058.AA21866@spot.Colorado.EDU> MIME-Version: 1.0 Content-Type: text/plain Some comments on alt.whistleblowers from an (up to now) lurker. In brief, this strikes me as being a very foolish idea. In detail: -- Does anyone really think this is going to have much of an effect on anything? My suspicion is that a forum providing unlimited ability for people to anonymously post undocumented accusations against powerful people will be summarily ignored, not just by the targets of the accusations, but by everybody else with an actual life. There seems to be no discussion of the biggest weakness of this idea: the expected signal to noise ratio. This accomplishes nothing if it is overrun by, say, Kennedy asassination loons. It doesn't seem wise to me for the Cypherpunks' first major public act to be something this pointless and ill-conceived. Ok. Suppose I'm wrong about the above, and this thing works like people seem to think it will. -- The tools available to accomplish this task (PGP, remailers, anon servers) are certainly impressive, but I really don't think they're well developed enough yet to give cause for much confidence in taking on the government and the entire U.S. corporate sector in a frontal assault. -- Is this really in line with the purpose of the Cypherpunks? To quote from the charter "Cypherpunks write code. They know that someone has to write code to defend privacy, and since it's their privacy, they're going to write it. Cypherpunks publish their code so that their fellow cypherpunks may practice and play with it. Cypherpunks realize that security is not built in a day and are patient with incremental progress." I like this paragraph, and what it says to me is that (a) people are, in the end, responsible for their OWN security and need to be made to realize this, and (b) PATIENCE is the most important prerequisite for success. Both of these principles are being violated by the hasty creation of alt.whistleblowers. This has nothing to do with enabling people to independently achieve data security, and it shows no patience whatsoever. Wouldn't everybody be better served by quiet, patient development and distribution of tools, instead of a huge juvenile "FUCK YOU!" to people who could really care less? Let's not piss away a solid foundation with cheap theatrics. -- Will "Getting people to fight by letting the force of momentum work is like rolling logs and rocks. Logs and rocks are still when in a secure place, but roll on an incline; they remain stationary if square, they roll if round. Therefore, when people are skillfully led into battle, the momentum is like that of round rocks rolling down a high mountain -- this is force." -- Sun Tzu *** PGP PUBLIC KEY AVAILABLE BY FINGER From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Wed, 14 Apr 93 18:10:50 PDT To: trump@pluto.ee.cua.edu (Louis Edward Trumpbour) Subject: Re:decryption request. In-Reply-To: <9304142228.AA08551@pluto.ee.cua.edu> Message-ID: <9304150110.AA14652@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain > ok well i am sure that there are a lot of people out there that want to learn > how to do basic cypher/decyphering... so i think it would be nice if people > gave their knowledge on how to do decryption... even if its very very basic > and perhaps a faq could be made out of this info... Well, you took the words right out of my fingers! ;^) I was going to post the same request myself. So....any offers? Thanx in advance. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | | But, I was mistaken. |available| | +-----------------------------+---------+ | mdiehl@triton.unm.edu | "I'm just looking for the opportunity | | mike.diehl@fido.org | to be Politically Incorrect! | | (505) 299-2282 | | +-----------------------+---------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: rclark@nyx.cs.du.edu (Robert W. F. Clark) Date: Wed, 14 Apr 93 19:02:53 PDT To: kinney@spot.Colorado.EDU (KINNEY WILLIAM H) Subject: Re: alt.whistleblowers In-Reply-To: <199304150058.AA21866@spot.Colorado.EDU> Message-ID: <9304150204.AA03482@nyx.cs.du.edu> MIME-Version: 1.0 Content-Type: text/plain > Some comments on alt.whistleblowers from an (up to now) lurker. In brief, > this strikes me as being a very foolish idea. Perhaps it is; this is why I'm sending it out for discussion instead of just newgrouping it. > -- Does anyone really think this is going to have much of an effect on > anything? My suspicion is that a forum providing unlimited ability > for people to anonymously post undocumented accusations against > powerful people will be summarily ignored, not just by the targets > of the accusations, but by everybody else with an actual life. There > seems to be no discussion of the biggest weakness of this idea: the > expected signal to noise ratio. This accomplishes nothing if it is > overrun by, say, Kennedy asassination loons. It doesn't seem wise to me > for the Cypherpunks' first major public act to be something this > pointless and ill-conceived. Actually, it is more my act, which I decided upon based on memes I received partially from this list; the cypherpunks, if they do choose to support the idea, will do it individually; and, as yet, I have not had the arrogance to make a public announcement to the effect that the cypherpunks made this action. My name only is attached to this; no praise, no blame. > Ok. Suppose I'm wrong about the above, and this thing works like people > seem to think it will. Well, it might not; there are a number of potential hurdles, like the possibility that it will turn into a mindless narc fest; my personal opinion as to this is that I would prefer to leave the group unmoderated, but with an _option_ to moderate if the worst occurs. Of _course_ this will be abused, but I believe that it will also be used. This will provide an empirical basis for our principles. Success or failure will determine whether hypotheses need to be revised, or if they do, in fact, have predictive capability. > -- The tools available to accomplish this task (PGP, remailers, anon servers) > are certainly impressive, but I really don't think they're well developed > enough yet to give cause for much confidence in taking on the government > and the entire U.S. corporate sector in a frontal assault. Well, if people are careful, and don't log in to an anonymous server _from_ an account with their name, but from an anonymous dataswitch, all Bell or the Department of Housing and Urban Development would know is that someone who works for them posted this anonymous message; which they knew already. Of course, anything beyond the first posting would be tracable if someone really wanted to do it, but what would it prove, unless they traced it to that person? Another possibility is to go primitive and use snailmail, digitize images and data or type in by hand. Without very specific reasons, opening U S Mail is not condoned. > -- Is this really in line with the purpose of the Cypherpunks? To quote from > the charter >["Cypherpunks write code" paragraph from FAQ] > I like this paragraph, and what it says to me is that (a) people > are, in the end, responsible for their OWN security and need to be made > to realize this, and (b) PATIENCE is the most important prerequisite > for success. Both of these principles are being violated by the > hasty creation of alt.whistleblowers. This has nothing to do with > enabling people to independently achieve data security, and it shows > no patience whatsoever. You may be right. I may not be orthodox cypherpunk. However, with the proliferation of retroactive posting cancellation of anonymous posts, I believe it is possible to be patient to so great an extent that one calmly and rationally discusses a situation until the moment when action would have been useful has passed; in other words, you've discussed battle strategy until the enemy's won. > Wouldn't everybody be better served by quiet, patient development and > distribution of tools, instead of a huge juvenile "FUCK YOU!" to people > who could really care less? Let's not piss away a solid foundation with > cheap theatrics. Again, I believe that you _can_ be quiet and develop tools. It is good that this is being done by _somebody_. However, I take issue with your assertion that a formal Request for Discussion, worded in a non-inflammatory manner, is a juvenile "FUCK YOU!" If you doubt this, check out the RFD when it appears in news.announce.newgroups. What little temperature was in it was deleted; I spent about three hours implementing the suggestions of others and cut the verbiage by a half. I do not see how this can damage what foundation we have; essentially a few software packages and an ideology. However, to protect from just this occurence, I did not present my viewpoints as cypherpunk viewpoints in the announcement, merely as my own. The word 'cypherpunk' does not occur anywhere in the article. If cypherpunks wish to discuss this group, why it would be a good or bad idea, or if it would be better-named, it may be discussed. If it is decided that the idea should be shelved, then so be it. I, and we, shall bide our time, and create it as an alt.group in the meantime. Very likely, at least in the beginning, privacy will be provided by the person who wishes to have it, and that person will take responsibility for the consequence of his or her actions. Check out the discussion. Let the net decide. ---- Robert W. Clark rclark@nyx.cs.du.edu PGP signature available by mail or finger From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ld231782@longs.lance.colostate.edu Date: Wed, 14 Apr 93 22:27:19 PDT To: KINNEY WILLIAM H Subject: Re: alt.whistleblowers In-Reply-To: <199304150058.AA21866@spot.Colorado.EDU> Message-ID: <9304150527.AA21340@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain >Some comments on alt.whistleblowers from an (up to now) lurker. In brief, >this strikes me as being a very foolish idea. > My suspicion is that a forum providing unlimited ability > for people to anonymously post undocumented accusations against > powerful people will be summarily ignored, not just by the targets > of the accusations, but by everybody else with an actual life. Mr. Kinney's comments annoy me tremendously. They bespeak a lukewarm, lackadaisical, and wishwashy view of something of extreme importance. Frankly, it bothers me that it has taken this long just to get the whistleblower group going. I don't think anything is being accomplished by delaying newsgroup creation. It just gives people who are enemies more time to mount a concerted attack against this new blip in the status quo. Where is your trademark cypherpunk fanaticism, Mr. Kinney? Do you wear a suit and tie and go to endless meetings debating the relative merits of implementing a given policy? Where is your passion? Where is your *impatience*? Where is your frustration that nothing seems to be happening? The point is that these things will start out unpolished and become refined. But they don't become refined by people debating their theoretical implications in a vacuum. They get refined when problems *arise* from *use*. That is the place where unforeseen merits and demerits are discovered (the unanticipated ones discovered in practice, I assure you, are always the most significant). Julf's server is a beautiful example of the evolution of an unrefined idea into a practical and increasingly sophisticated reality. It alarms me tremendously that word leaked out about the whistleblower group at the Freedom and Privacy conference (attended by such luminaries as e.g. D. Denning, and don't ask what the D. stands for); and that a former C.I.A. official has ideas on how to filter out the "noise". I find this quite nauseating. The greatest inventions are not the result of people who sought to reduce risks. It is precisely this risktaking (and yes, somewhat cavalier attitude) that produces the breakthrough! > The tools available to accomplish this task (PGP, remailers, anon servers) > are certainly impressive, but I really don't think they're well developed > enough yet to give cause for much confidence in taking on the government > and the entire U.S. corporate sector in a frontal assault. We are all playing with toys right now in the hope that they become entrenched and refined. Which they will, inevitably! Because they are good ideas! (Time is the universe's mechanism for rewarding good ideas!) Yesterday's Apple II is today's Quadra. Paved roads started out as rocky dirt paths, and in retrospect they look quaint, but they progressed because they were well-trodden. People just used them. If you think that new technology starts out any other way, then I'm impressed with your naivete... >-- Is this really in line with the purpose of the Cypherpunks? To quote from > the charter well, let me put it this way--if it isn't virtually the essence of Cypherpunkhood (challenging entrenched, ineffective, mediocre, bloated, or even corrupt and sinister authority through revolutionary new technology) then what is? What is your vision? Or do you prefer not to have one because they are so inconvenient and uncomfortable to pledge allegiance to, to nourish and sustain? Because they force you to rethink some of your most beloved and rooted prejudices? Because they require such devotion and sacrifice? > PATIENCE is the most important prerequisite > for success. patience has its place *after* all possible means for advancement have been employed. This `patience' thing of yours seems to me like a euphemism for `chill out'. Patience is for saints. Impatience is for humans. Agitation is for cypherpunks. >Wouldn't everybody be better served by quiet, patient development and >distribution of tools, instead of a huge juvenile "FUCK YOU!" to people >who could really care less? Let's not piss away a solid foundation with >cheap theatrics. Is that your perception of this project? Do you think that the creation of the newsgroup is equivalent to advocating that statement? Where do you find such animosity? How is it that something so intrinsically neutral such as creating a newsgroup be twisted into an act of evil rebellion and subversion? Is it possible that you should be embarrassed by reading a bit more into cypherpunks than is there? Is it possible that you have some agenda we don't know about? The whistleblower newsgroup will be quite like any other newsgroup. There will be plenty of noise and unverifiable froth and fizz. We will work toward trying to improve that content, but it is always a case of `caveat emptor'. It is a ridiculously impossible ideal to attain of having a group with only the `truth' posted. We are not setting out to replace the entire world government today (although, as for *tomorrow*...) I think the freedom in posting is the very essence of the whistleblower group. I think it might be interesting to promote the idea of different groups, each with different levels of verifiability. The lowest level would have completely unverified claims and *totally* free posting (esp. anonymity). Higher groups would have more important mechanisms to ensure the quality of the information (moderation, prerequisites to posting, digital signatures, etc.) I imagine that the verifiable and meritorious claims would tend to "rise" to higher groups where people with much higher reputations toss around the data. (Actually, I can imagine all of Usenet of the future working like this, with various `tiers' that people can pick at will. People into totally rabid free speech can subscribe to the raw unfiltered stuff, and at the other end of the spectrum, all the PC academics into diversity but no offensiveness to sensitive sensibilities can subscribe to the groups where a few happy-sunny-whee messages slip through a day...) p.s. I hate to jab a self-admitted lurker so bluntly, but this reminds me of Lincoln's advice that ``it is better to be silent and thought a fool than to speak up and remove all doubt''... Mr. Kinney, maybe we should call you back in a few years when everything is commercialized, corporate, conservative, and soulless enough for your tastes. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: internaut@aol.com Date: Thu, 15 Apr 93 03:31:51 PDT To: cypherpunks@toad.com Subject: FWEE!: alt.prematurity Message-ID: <9304150631.tn01219@aol.com> MIME-Version: 1.0 Content-Type: text/plain */ Ladies & Germs, /* Certain cpunks have called for the immediate establishment of alt.whistleblowerson Usenet. I have noted a certain respect for engineering matters in these notes, but a lack of acknowledgement for the "other" business involved in setting up a serious whistleblower service. I beg your attention for a moment whilst I toss in my two cents: As I am the person doing some of the legwork to establish the body of Users/Subscribers for the alt.wb service (in my spare time), I would like to request that this action NOT be taken at this time. I am as anxious as anyone to see this become a reality, but I have learned over the years that both information services and sex can be ruined by prematurity. You're welcome to screw up your sex lives by cumming in your pants too soon, but PLEASE don't give saddle this potentially IMPORTANT information service a huge birth defect by putting it out before I am ready. There, I've admitted it, I am not ready yet (nor are the Users). If it flies before I can set up the org's that will take advantage of it, it would not be a good thing, IMHO. I have mentioned prematurity before this and have been roundly ignored, to my chagrin. Alas... I am not suggesting that we can't begin exPERimenting in SOME way to get the technology right, but I AM saying that we have a LOT of work to do if we want this service to mean anything. On the other hand, if we're just a bunch of engineers jacking off over our ideas, and not true crusaders trying to invent a new method for busting sniveling government weasel-embezzelers, then who am I to stop y'all? Gee, Dave, just _why_ is it a bad idea right now? - Not enough people are educated enough to use it. I have spoken with Congressional staffers, media people and several activist orgs. They all need either email accounts, PGP software and some readme files (or all three) before they can take advantage of any WB info. They're not even sure how to approach the issue of verification and we'll have to help them with this concept. Imagine Picasso pitching the wonders of Assymetry to an audience of People Who've Never Heard of Painting. - We haven't figured out who'll be polled to send in msgs and exactly HOW we'll offer them some sort of anonymity and what they need to do afterward. It should be a select group at first, but we have not established the guidelines for this service. Putting it out without any kind of guidelines could be disastrous. This is the Trusted Reputation Issue. Please do not underestimate this. - Not a single cpunk has yet submitted any suggestions to me for the Guidelines as I have asked twice. Not one person. Do that first, O Verbose Ones! After we build such a document and have prominent people (such as Nicholas Johnson, former FCC head under L.B.Johnson - "eh... no relation") sign statements of support based on it (as discussed before, with I think, nearly unanimous approval), then we can more _safely_ proceed. Have you heard of the Declaration of Independence? They prepared that document well, got all their Ducks in a Row and it's lasted for over 200 years. How many decades do you think a good WB system could last/evolve for? I ask only that you engage your long-range vision for a moment. - Except for good ol' John Gilmore, no one has sent me their pubkey for the list of volunteers after I publicly requested same some weeks back. Belly up to the Bar, Dewds. - ? There are other excellent reasons to keep it in our collective pants for a while, but if THESE don't convince you, then perhaps I am asking the wrong group of folks to help get this started properly. I suggest that we set up a dummy area and begin to conduct some experiments ala Tim May's F117A bogus post. Hopefully, this will allow our more impatient members to spew to their heart's delight while the rest of us continue with the legwork and phonework to give it social armor. Anybody can put a box out on the street and say "everybody put your complaints in here," but it takes some real thinkers to put out a serious whistleblower system. Lastly, I ask your forgiveness for all my sins... dave PS: Only kiddin', I never sin. Well, hardly ever these days. Well, pretty often then, but I keep it to a few times a day. OK, well, maybe hourly, but I'm really acting in the best interest of everyone. OK, I lied, I sin and sin and sin every second of my existence. ...So sue me! From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Meyer Date: Thu, 15 Apr 93 11:47:50 PDT To: cypherpunks@toad.com Subject: Decryption In-Reply-To: <9304142228.AA08551@pluto.ee.cua.edu> Message-ID: <19930415184700.2.MEYER@OGHMA.MCC.COM> MIME-Version: 1.0 Content-Type: text/plain Date: Wed, 14 Apr 1993 17:28 CDT From: trump@pluto.ee.cua.edu (Louis Edward Trumpbour) ok well i am sure that there are a lot of people out there that want to learn how to do basic cypher/decyphering... so i think it would be nice if people gave their knowledge on how to do decryption... even if its very very basic and perhaps a faq could be made out of this info... Clovis sci.crypt has recently put out a FAQ (at last). I forget where it's ftp-able from but there's always someone on sci.crypt asking where the FAQ is, and it gets reposted from time to time. There are lots of ways to encrypt/decrypt/cryptanalyze. The sci.crypt FAQ lists some books on the subject. Would-be cryptanalysts could take a look at Abraham Sinkov's "Elementary Cryptanalysis, A Mathematical Approach", published by The Mathematical Association of America, 1966. -- Peter Meyer From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: hal@alumni.cco.caltech.edu (Hal Finney) Date: Thu, 15 Apr 93 14:08:16 PDT To: cypherpunks@toad.com Subject: Chaining to Julf's remailer Message-ID: <9304152107.AA16806@alumni.cco.caltech.edu> MIME-Version: 1.0 Content-Type: text/plain On news.admin.policy, a 'nym' called Nowhere, Man called somebody an asshole and told them to fuck off. Someone objected, and Nowhere responded: > You're right, and I'm really sorry if my insults got somebody bent out > of shape. I just think some people deserve to get flamed once in a while. > Also, the mail return address doesn't work becuase this message goes therough > a chain of other remailers before it gets to JUlf's base. So netnews is > the only way to get messages to me. Hey, maybe there should be a board > just for messages to nyms. Crypted, even. How about it, news.admin.policy > phreaks, should we put it to a vote? Nowhere, Man . Apparently it is in fact possible to chain remailers now. I assume that he is chaining through cypherpunks remailers into penet. I'm curious to know which remailer is being used for this purpose? Perhaps we could add a description of how to do this to the documentation. My guess is that "Nowhere" reads this list. Hal From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: grady@netcom.com (1016/2EF221) Date: Thu, 15 Apr 93 16:46:44 PDT To: cypherpunks@toad.com Subject: SOURCE to Macintosh PGP 2.2 released Message-ID: <9304152346.AA07957@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Complete Symantec THINK C 5.0.4 source code including projects and user documentation is available via anonymous FTP from: netcom.com [192.100.81.100] in directory pub/grady file is type ASCII, Compact Pro .sea processed with BinHex 4.0. MGET MacPGP2.2src.sea.hqx MGET MacPGP2.2srcSIGNATURE HQX file is digitally signed by me; verification of signature via public key servers or by phone. Please distribute this code widely -- read the READ ME file included with the package. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ORNTS188@ksuvxb.kent.edu Date: Thu, 15 Apr 93 15:12:28 PDT To: cypherpunks@toad.com Subject: Q&A DataBase Message-ID: <01GX1S55DSEA0005UJ@ksuvxb.kent.edu> MIME-Version: 1.0 Content-Type: text/plain Hello All, does anyone know much about the this program? I would like to be able to pick the passwords out of the database file. In this program (Q&A) the database can be set up so that users have limeted access to different areas of the files. I just got the code and doc files for WP hack, and they were great. I am still going thur the code. Well thanks Red :) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Thu, 15 Apr 93 15:30:38 PDT To: cypherpunks@toad.com Subject: Re: Q&A DataBase In-Reply-To: <01GX1S55DSEA0005UJ@ksuvxb.kent.edu> Message-ID: <9304152230.AA22243@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain ORNTS188@ksuvxb.kent.edu says: > Hello All, does anyone know much about the this program? > I would like to be able to pick the passwords out of the database file. > In this program (Q&A) the database can be set up so that users have lim eted access to different areas of the files. I just got the code and doc files > for WP hack, and they were great. I am still going thur the code. Pardon, but what does this have to do with Cypherpunks? Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: rclark@nyx.cs.du.edu (Robert W. F. Clark) Date: Thu, 15 Apr 93 20:22:07 PDT To: extropians@gnu.ai.mit.edu Subject: WARNING: Pointer article to soc.whistleblowers debate Message-ID: <9304160323.AA06370@nyx.cs.du.edu> MIME-Version: 1.0 Content-Type: text/plain The news software has been activated. David Tale has accepted the article, sans a paragraph specifying a procedural point (which I didn't think would fly, anyway) and bagging alt.sex and alt.drugs from the discussion, but keeping many others; I think if I hadn't put those two in, he might have knocked out a few I was serious about. So, in any case, the article, in a modified form, partially by me and partially by Tale, is now posted to news.announce.newgroups, and the debate shall begin shortly. Those of you who consider this newsgroup a beneficial and good thing, and who wish to discuss its implementation and name and other germane issues, should immediately go to news.groups and begin posting like lunatics. Those of you who consider this newsgroup a menace to society should go to news.groups and post scathing articles about my sexual preferences. (Humor, of course.) In any case, I have not identified myself as a cypherpunk or, for that matter, as an Extropian, not having the boundless arrogance to presume that cypherpunks all share my opinion of the methods of implementing this; so those of you who do agree with me, or disagree only on procedural points, should post your opinion; people have a larger tendency to vote YES when they think others agree with them. Also try to avoid excessively inflammatory postings (on the order of "You fucking moron, how DARE you disagree with me."), as these will tend to garner a bunch of NOs. I don't mean be a total schmuck and bend over backwards for a flaming, but flame back in a constructive spirit and without senseless _ad hominem_ attacks. I hope that this group can be created with as little sturm and drang as possible, but if it _does_ require sturm OR drang OR both, heat may need to be applied. Again, post whether or not you agree. And don't send votes yet, of course. I'll just junk them, according to net.law. If the cypherpunks wish to present this as a cypherpunk issue, or if individuals wish to support it as individuals, feel free. I'm not going to attach the name 'cypherpunk' to it myself because, not to be rude, it would further politicize an already highly-politicized issue. However, if we'd be more effective as THE DREADED Extropians/Cypherpunks bloc, which I don't think is necessarily the case, feel free. It's not my net. Apologies are extended for the lengthy crosspost, but it shall be the last crosspost; further discussion ought to occur in news.groups. And battle plans in cypherpunks, if we even need battle plans. With any luck, there won't be a battle. If we sneak this in by acclamation without a flamewar or controversy, we're ENTRENCHED. NOBODY can stop us, or any other people who could utilize this most valuable resource. But I'm not holding my breath on that one. Although I cross-posted mainly to groups with a large population of potential YES voters, and ignored, say, news admin hangouts, those who would oppose this are sure to find out about it; but I think we can muster sufficient political clout to pass this. Me? I'm currently going to enlist some old friends from talk.bizarre. . . Don't worry, they're not the current crop but the same crowd that passed comp.protocols.tcp-ip.eniac. I'll ask for as little inflammatory material as possible, like I did here, but I don't want this to become any more of a flamewar than necessary, and, again and for the last time, would prefer it didn't end up that way at all. End of crosspost. We now return you to your regular round of discussing radix sorts and monozygotic recessives. Thank you. ---- Robert W. Clark rclark@nyx.cs.du.edu PGP signature available by mail or finger From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Thu, 15 Apr 93 22:13:49 PDT To: Subject: ANON: Chaining to Penet remailer Message-ID: <930416050708_74076.1041_FHD24-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain Well, after a fair amount of experimentation I have learned who the mysterious an10757@anon.penet.fi is. It's me. Or, more specifically, it is my remailer operating at hal@alumni.caltech.edu. If you send mail from this remailer to anon.penet.fi for posting or remailing it is identified as comin from an10757, the same address used in the post by "Nowhere, Man". This address is different from the address I get if I just send to ping@anon.penet.fi from that account. I think the reason is that the mail sent from the remailer is identified as comin from "nobody" instead of "hal" in the From: field. This causes Julf's remailing software to assign a different anonymous ID. I don't see any problems with this (not right away, anyway) and in fact it seems to me to be a desirable feature. I think we should document this for people who want to use the Penet remailer for posting, in a more untraceable way. Send mail to either: hal@alumni.caltech.edu (posts as an10757@anon.penet.fi) hfinney@shell.portal.com (posts as an19579@anon.penet.fi) Have as the first lines of your message: :: Request-Remailing-To: anon@anon.penet.fi X-Anon-To: news.admin.policy Follow this with a blank line, then your message. Put whatever newsgroups you like (separated by commas) after X-Anon-To. This method of posting does not allow you to receive replies. I have set "nicknames" for these two accounts as "Untraceable account" which will appear in the "From" line on the postings. Hopefully that will offer a clue that the normal reply mechanism doesn't work. Maybe the nickname should say so more explicitly? I believe this approach would work with most of the other Cypherpunks remailers. The one thing for remailer operators to watch out for is what is put in the From: line when the remailer sends it. You want it to be different from your regular account name or else your anonymous ID will be used for all messages through that remailer. Naturally, this is vulnerable to abuse. If "Nowhere" or someone else continues to post obscenities and flames then Julf may have to block off all of our cypherpunks remailers, which would be unfortunate. Until there are more remailers I think anonymous posters need to continue to exercise some self- restraint. Hal From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eli Brandt Date: Fri, 16 Apr 93 02:00:58 PDT To: cypherpunks@toad.com Subject: Re: ANON: Chaining to Penet remailer In-Reply-To: <930416050708_74076.1041_FHD24-1@CompuServe.COM> Message-ID: <9304160900.AA04650@toad.com> MIME-Version: 1.0 Content-Type: text/plain > From: Hal <74076.1041@CompuServe.COM> > This method of posting does not allow you to receive replies. I have set > "nicknames" for these two accounts as "Untraceable account" which will appear > in the "From" line on the postings. Hopefully that will offer a clue that > the normal reply mechanism doesn't work. Maybe the nickname should say so > more explicitly? You'd better make it quite clear that replies will not work. The consequences of misunderstanding here is that somebody's missive to an apparent penet user ends up in your remailer machine's postmaster's mailbox. This is not good; it's an unexpected breach of privacy, and it will tick off the sysadmin if it continues to happen. It's happened at least once -- I did it. Fortunately, my message to "NOWHERE, MAN" was about netiquette, not 'shrooms. Nothing to cause your postmaster's jaw to drop, but it could have been. The security provided by this technique could be provided without the IMHO serious disadvantage of having no return address. Eric's hybrid approach, where a pseudonym server hands mail to an remailer chain, is secure (barring sophisticated traffic analysis) if you trust the last remailer in the chain. Julf, have you thought about whether you want to do something like this? > Hal Eli ebrandt@jarthur.claremont.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: KINNEY WILLIAM H Date: Fri, 16 Apr 93 07:13:24 PDT To: 74076.1041@compuserve.com Subject: Proposal for anon chaining Message-ID: <199304161412.AA09006@spot.Colorado.EDU> MIME-Version: 1.0 Content-Type: text/plain Recent traffic on anonymous remailers/servers: >From: Eli >> From: Hal <74076.1041@CompuServe.COM> >> This method of posting does not allow you to receive replies. I have set >> "nicknames" for these two accounts as "Untraceable account" which will appear > >in the "From" line on the postings. Hopefully that will offer a clue that > >the normal reply mechanism doesn't work. Maybe the nickname should say so >> more explicitly? > > >The security provided by this technique could be provided without >the IMHO serious disadvantage of having no return address. Eric's >hybrid approach, where a pseudonym server hands mail to an remailer >chain, is secure (barring sophisticated traffic analysis) if you >trust the last remailer in the chain. Julf, have you thought about >whether you want to do something like this? > Hal Here's an idea I haven't seen suggested before, which would remove the need for a pseudonym server: The way things stand now, chaining Cypherpunk remailers works by nesting PGP encryptions of the form *********** message text *********** If you want to chain remailers, you encrypt the above, make IT the new message text, and then add another header, and so on until you get bored. My proposal is for a modification of this protocol to allow for pseudonymous return mail addresses, like this: The trick would be to separate the message text from the remailer routing information, in a message of the form *********** ROUTING INFORMATION *********** *********** MESSAGE TEXT *********** where both blocks are encrypted with PGP. The message text would be encrypted with the PGP public key of the intended final recipient of the message, and would not be modified by the intermediate anon remailers. The routing information would be for the benefit of the remailers only. It would be created by the RECIPIENT and made publicly available as a pseudonymous mail address. It would work like this: Suppose user foo@bar.com wishes to establish a pseudonymous identity, and wants to route it through anon remailers "anon1" and "anon2". What he does is take a message of the form :: Request-Remailing-To: foo@bar.com and encrypts it with server anon1's PGP public key, to create . Then he adds another header to make :: Request-Remailing-To: anon1 and encrypts THIS with anon2's public key to make , and adds a header to make :: Request-Remailing-To: anon2 Obviously, this procedure can be nested to arbitrary depth, chaining through as many anon servers as you like. The trick is that this address block can be made PUBLIC, since the only way to unwind the routing is to have access to the secret keys of all the intermediate anon servers, and the identity of the recipient is protected. foo@bar.com then anonymously posts a PGP public key and a routing block to some public forum, and people can communicate with him without having any idea as to his actual identity. When I want to send a message to him, I encrypt the message with his provided public key, and then add the encrypted routing header, which he has also provided. I give him my own pseudonymous mail routing header to allow him to reply. This seems to me to be a very robust pseudonymous mail system which could be implemented by relatively minor changes to the existing Cypherpunk remailer structure. It has the additional advantage of being decentralized and maintenance-free. It could be used for pseudonyms on net news, e-mail, wherever, and could presumably be integrated in some way into Julf's anon server. Comments? -- Will From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Fri, 16 Apr 93 09:38:00 PDT To: cypherpunks@toad.com Subject: White House announcement on encryption--FORWARDED Message-ID: <9304161638.AA19495@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Cypherpunks, Here's a message from sci.crypt that's of relevance to us in several ways. I assume from its length, seriousness, and wording that it's not a spoof...I can't check the White House's signature! Some messages: 1. It tells us what Denning and Rivest were probably actually working on when they floated their "trial balloons" last summer and fall. 2. A goverment-sanctioned phone encryption technique has implications for the phone encryption topics we've discussed at the Cypherpunks meetings (notably with Paul Rubin and Whit Diffie). 3. As always, end-to-end encryption, bypassing such schemes as this, is looking better and better. 4. It is not clear if the government scheme will legally preclude other encryption schemes. 5. I expect a lively debate will soon take place in sci.crypt. Newsgroups: sci.crypt Path: netcom.com!netcomsv!decwrl!uunet!dove!csrc.ncsl.nist.gov!clipper From: clipper@csrc.ncsl.nist.gov (Clipper Chip Announcement) Subject: text of White House announcement and Q&As on clipper chip encryption Message-ID: Sender: news@dove.nist.gov Organization: National Institute of Standards & Technology Distribution: na Date: Fri, 16 Apr 1993 15:19:06 GMT Lines: 282 Note: This file will also be available via anonymous file transfer from csrc.ncsl.nist.gov in directory /pub/nistnews and via the NIST Computer Security BBS at 301-948-5717. --------------------------------------------------- THE WHITE HOUSE Office of the Press Secretary _________________________________________________________________ For Immediate Release April 16, 1993 STATEMENT BY THE PRESS SECRETARY The President today announced a new initiative that will bring the Federal Government together with industry in a voluntary program to improve the security and privacy of telephone communications while meeting the legitimate needs of law enforcement. The initiative will involve the creation of new products to accelerate the development and use of advanced and secure telecommunications networks and wireless communications links. For too long there has been little or no dialogue between our private sector and the law enforcement community to resolve the tension between economic vitality and the real challenges of protecting Americans. Rather than use technology to accommodate the sometimes competing interests of economic growth, privacy and law enforcement, previous policies have pitted government against industry and the rights of privacy against law enforcement. Sophisticated encryption technology has been used for years to protect electronic funds transfer. It is now being used to protect electronic mail and computer files. While encryption technology can help Americans protect business secrets and the unauthorized release of personal information, it also can be used by terrorists, drug dealers, and other criminals. A state-of-the-art microcircuit called the "Clipper Chip" has been developed by government engineers. The chip represents a new approach to encryption technology. It can be used in new, relatively inexpensive encryption devices that can be attached to an ordinary telephone. It scrambles telephone communications using an encryption algorithm that is more powerful than many in commercial use today. This new technology will help companies protect proprietary information, protect the privacy of personal phone conversations and prevent unauthorized release of data transmitted electronically. At the same time this technology preserves the ability of federal, state and local law enforcement agencies to intercept lawfully the phone conversations of criminals. A "key-escrow" system will be established to ensure that the "Clipper Chip" is used to protect the privacy of law-abiding Americans. Each device containing the chip will have two unique 2 "keys," numbers that will be needed by authorized government agencies to decode messages encoded by the device. When the device is manufactured, the two keys will be deposited separately in two "key-escrow" data bases that will be established by the Attorney General. Access to these keys will be limited to government officials with legal authorization to conduct a wiretap. The "Clipper Chip" technology provides law enforcement with no new authorities to access the content of the private conversations of Americans. To demonstrate the effectiveness of this new technology, the Attorney General will soon purchase several thousand of the new devices. In addition, respected experts from outside the government will be offered access to the confidential details of the algorithm to assess its capabilities and publicly report their findings. The chip is an important step in addressing the problem of encryption's dual-edge sword: encryption helps to protect the privacy of individuals and industry, but it also can shield criminals and terrorists. We need the "Clipper Chip" and other approaches that can both provide law-abiding citizens with access to the encryption they need and prevent criminals from using it to hide their illegal activities. In order to assess technology trends and explore new approaches (like the key-escrow system), the President has directed government agencies to develop a comprehensive policy on encryption that accommodates: -- the privacy of our citizens, including the need to employ voice or data encryption for business purposes; -- the ability of authorized officials to access telephone calls and data, under proper court or other legal order, when necessary to protect our citizens; -- the effective and timely use of the most modern technology to build the National Information Infrastructure needed to promote economic growth and the competitiveness of American industry in the global marketplace; and -- the need of U.S. companies to manufacture and export high technology products. The President has directed early and frequent consultations with affected industries, the Congress and groups that advocate the privacy rights of individuals as policy options are developed. 3 The Administration is committed to working with the private sector to spur the development of a National Information Infrastructure which will use new telecommunications and computer technologies to give Americans unprecedented access to information. This infrastructure of high-speed networks ("information superhighways") will transmit video, images, HDTV programming, and huge data files as easily as today's telephone system transmits voice. Since encryption technology will play an increasingly important role in that infrastructure, the Federal Government must act quickly to develop consistent, comprehensive policies regarding its use. The Administration is committed to policies that protect all Americans' right to privacy while also protecting them from those who break the law. Further information is provided in an accompanying fact sheet. The provisions of the President's directive to acquire the new encryption technology are also available. For additional details, call Mat Heyman, National Institute of Standards and Technology, (301) 975-2758. --------------------------------- QUESTIONS AND ANSWERS ABOUT THE CLINTON ADMINISTRATION'S TELECOMMUNICATIONS INITIATIVE Q: Does this approach expand the authority of government agencies to listen in on phone conversations? A: No. "Clipper Chip" technology provides law enforcement with no new authorities to access the content of the private conversations of Americans. Q: Suppose a law enforcement agency is conducting a wiretap on a drug smuggling ring and intercepts a conversation encrypted using the device. What would they have to do to decipher the message? A: They would have to obtain legal authorization, normally a court order, to do the wiretap in the first place. They would then present documentation of this authorization to the two entities responsible for safeguarding the keys and obtain the keys for the device being used by the drug smugglers. The key is split into two parts, which are stored separately in order to ensure the security of the key escrow system. Q: Who will run the key-escrow data banks? A: The two key-escrow data banks will be run by two independent entities. At this point, the Department of Justice and the Administration have yet to determine which agencies will oversee the key-escrow data banks. Q: How strong is the security in the device? How can I be sure how strong the security is? A: This system is more secure than many other voice encryption systems readily available today. While the algorithm will remain classified to protect the security of the key escrow system, we are willing to invite an independent panel of cryptography experts to evaluate the algorithm to assure all potential users that there are no unrecognized vulnerabilities. Q: Whose decision was it to propose this product? A: The National Security Council, the Justice Department, the Commerce Department, and other key agencies were involved in this decision. This approach has been endorsed by the President, the Vice President, and appropriate Cabinet officials. Q: Who was consulted? The Congress? Industry? A: We have on-going discussions with Congress and industry on encryption issues, and expect those discussions to intensify as we carry out our review of encryption policy. We have briefed members of Congress and industry leaders on the decisions related to this initiative. Q: Will the government provide the hardware to manufacturers? A: The government designed and developed the key access encryption microcircuits, but it is not providing the microcircuits to product manufacturers. Product manufacturers can acquire the microcircuits from the chip manufacturer that produces them. Q: Who provides the "Clipper Chip"? A: Mykotronx programs it at their facility in Torrance, California, and will sell the chip to encryption device manufacturers. The programming function could be licensed to other vendors in the future. Q: How do I buy one of these encryption devices? A: We expect several manufacturers to consider incorporating the "Clipper Chip" into their devices. Q: If the Administration were unable to find a technological solution like the one proposed, would the Administration be willing to use legal remedies to restrict access to more powerful encryption devices? A: This is a fundamental policy question which will be considered during the broad policy review. The key escrow mechanism will provide Americans with an encryption product that is more secure, more convenient, and less expensive than others readily available today, but it is just one piece of what must be the comprehensive approach to encryption technology, which the Administration is developing. The Administration is not saying, "since encryption threatens the public safety and effective law enforcement, we will prohibit it outright" (as some countries have effectively done); nor is the U.S. saying that "every American, as a matter of right, is entitled to an unbreakable commercial encryption product." There is a false "tension" created in the assessment that this issue is an "either-or" proposition. Rather, both concerns can be, and in fact are, harmoniously balanced through a reasoned, balanced approach such as is proposed with the "Clipper Chip" and similar encryption techniques. Q: What does this decision indicate about how the Clinton Administration's policy toward encryption will differ from that of the Bush Administration? A: It indicates that we understand the importance of encryption technology in telecommunications and computing and are committed to working with industry and public-interest groups to find innovative ways to protect Americans' privacy, help businesses to compete, and ensure that law enforcement agencies have the tools they need to fight crime and terrorism. Q: Will the devices be exportable? Will other devices that use the government hardware? A: Voice encryption devices are subject to export control requirements. Case-by-case review for each export is required to ensure appropriate use of these devices. The same is true for other encryption devices. One of the attractions of this technology is the protection it can give to U.S. companies operating at home and abroad. With this in mind, we expect export licenses will be granted on a case-by-case basis for U.S. companies seeking to use these devices to secure their own communications abroad. We plan to review the possibility of permitting wider exportability of these products. -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eli Brandt Date: Fri, 16 Apr 93 10:17:12 PDT To: cypherpunks@toad.com Subject: Re: Proposal for anon chaining In-Reply-To: <199304161412.AA09006@spot.Colorado.EDU> Message-ID: <9304161717.AA15797@toad.com> MIME-Version: 1.0 Content-Type: text/plain > From: KINNEY WILLIAM H > The routing information would be for the benefit of the remailers only. > It would be created by the RECIPIENT and made publicly available as a > pseudonymous mail address. It would work like this: ... > This seems to me to be a very robust pseudonymous mail system which > could be implemented by relatively minor changes to the existing Cypherpunk > remailer structure. This appears to be the ARA system that was previously suggested, which I was speaking of using with penet. Your comment that changes would be needed implies that it is different; if so, could you clarify the difference? The reason Eric suggested hanging this off the side of a pseudonym server is that it is rather inconvenient in its pure form, particularly for unsophisticated users. It involves a thirty-line block of cruft, cutting and pasting... ideally your MUA would handle everything, but this isn't going to happen soon. Grafting this onto a nymserver as a return address gives you the ease of use of something like penet, without having to maintain a central nym<--->name mapping. > -- Will Eli ebrandt@jarthur.claremont.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "L. Detweiler" Date: Fri, 16 Apr 93 11:02:29 PDT To: cypherpunks@toad.com Subject: Re: FWEE!: The Counterrevolutionaries Strike Back In-Reply-To: <9304150631.tn01219@aol.com> Message-ID: <9304161802.AA25932@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain [internaut] >As I am the person doing some of the legwork to establish the body of >Users/Subscribers for the alt.wb service (in my spare time), I would like to >request that this action NOT be taken at this time. I am as anxious as anyone >to see this become a reality, but I have learned over the years that both >information services and sex can be ruined by prematurity. > >There, I've admitted it, I am not >ready yet (nor are the Users). If you think that you are the whistleblower moderator, fine. Be one. But we need a completely unmoderated group. If you think you have any right to hold up an unmoderated group to squeeze through your own bottleneck, please go elsewhere. I admire and appreciate your work to gain mainstream acceptance of this group. But we have a great deal to lose through `premature' publicizing this project. Anonymous servers, if they hadn't been `sneaked on' to the net, would probably be specifically banned if news and network administrators were forewarned of their presence. Now I see an awful lot of backpeddling and fence-hopping by these hypocrites on e.g. news.admin.policy who say ``Oh gee, we think anonymity is *great*, we just want to control where you can use it.'' If it weren't for pioneering and underground cypherpunk work in this area, I believe the statement would be ``that issue was brought up, and they have been specifically banned from the network because anonymity is worthless and only for cowards and criminals.'' You are talking to many people (i.e. bureacrats and legislators) who may be totally displaced and bypassed (i.e. lose illegitimate power) by this service. There are a great many people you are talking to, I think, whose every interest is to totally castrate the project of any `offensiveness'. I think you are trying to operate on a much more respectable level than is possible currently. That level can only be attained by a gradual evolution of the medium, starting with something rather crude, kludgy, and unsophisticated. >Not enough people are educated enough to use it. we are not trying to get everyone in the U.S. to understand how this works immediately. This is an impossible goal. Your efforts amount to singlehandedly educating the public about the Internet. To most, the idea of a worldwide bulletin board is mindboggling enough. If you wait until everybody and his grandma know what you are talking about, I'll be dead by then. If you wait until every legislator and bureacrat understands it, the earth will have crumbled before you finish. There are plenty of sophisticated people who can benefit from this *immediately*. We are starting something with training wheels. If we were IBM we would be doing it like you have in mind, an incredible backroom strategizing effort before a massive and highly publicized public rollout with great hype and fanfare. But we are not IBM. We are cypherpunks. We are the silent underground who slips radical new conquests past people before they even realize it. Anything less is too formal, fragile, and lifeless. We are not waiting for you to come out with your Press Kit before this thing starts. >- We haven't figured out who'll be polled to send in msgs and exactly HOW >we'll offer them some sort of anonymity and what they need to do afterward. polled? sounds like an election, like something democratic, like something that can be twisted by a misguided majority. Again, you sound like you are looking for a group with high quality control. Unfortunately, I think this goal is largely antithetical the essential spirit of the whistleblower idea. The whistleblower is alone and isolated, almost by definition. Your ideas on filtering incoming messages, gained from those you've talked to, sound rather naive and dangerous to me. You're welcome to set up all these mechanisms outside of a *totally*free* group and `ride' on the traffic therein. But don't ever propose tampering with that traffic in a centralized fashion. You will be badly burned. >Not a single cpunk has yet submitted any suggestions to me for the >Guidelines as I have asked twice. Not one person. Do that first, O Verbose >Ones! I think a FAQ posted to the group is an excellent idea. In fact I am considering putting one up here. But if the group hasn't even been created yet, we have nowhere to post. The FAQ should come as soon as possible, but *after* the creation of the group. And if there are a lot of conflicting demands on a single group, than a FAQ that everyone agrees to would be impossible to come up with amidst all the objections. I just don't get it. This is a group like any other. Why do you think the whole international public has to be prepared for its creation by you personally? People have to judge for themselves what to post, and how reliable the mechanisms are. Sure, we will give the facts on the security of the medium in the FAQ. But if they don't trust it (and there will be plenty of reasons not to) then they shouldn't risk it. If anywhere else there should be less content restrictions and our overseeing `recommendations' (i.e. dictations) on postings. >Have you heard >of the Declaration of Independence? They prepared that document well, got all >their Ducks in a Row and it's lasted for over 200 years. How many decades do >you think a good WB system could last/evolve for? I ask only that you engage >your long-range vision for a moment. There was an interim government prior to the passage of this document. And there was enormous haggling over the content of it, with many compromises. The document is not perfect. There are flaws and cracks that have poked through after 200 years. Do you think our judicial system is as effective as possible? Do you think our legislative system is the most representative of people's expectations of and directives to their subservient government? Do you think our government today truly represents, in all ways, the intentions of its founders? Do you think they considered all possible scenarios? Do you think they would not want to make some minor adjustments or major changes after seeing 200 years pass from their noble experiment? Do you think that anything that is dynamic can be static? Our democratic system, at the time of its inception, was almost radically experimental. The broad commitment to state and human rights, to the exclusion of federal ones, was quite flabbergasting to the slaves of the European model... >Anybody can put a box out on the street and say "everybody put your >complaints in here," but it takes some real thinkers to put out a serious >whistleblower system. Look at everything that is efficient in the world, and you will see that it is so because of *independently operating* components, with minimized centralized control. When you want to get on your car and go somewhere, you don't submit any proposals to a government agency for a Transportation Plan. The capitalist system works (and certain others, which shall remain nameless, have failed) precisely because everybody pursues and uses money *independently*. If they have an idea how to run a business, they just start one (with great hassle from government regulations). Usenet works because every server keeps abreast of all articles *independently*. Message transmission on the internet is so reliable because virtually an infinite number of routing pathways exist that a message can take, avoiding any obstacles, each component performing its job *independently*. Now, let me hear again how you want us to submit all our public keys to you, submit the group guidelines for your personal perusal (and presumably veto), and wait for all your congressional friends to understand the concept? And how this will ultimately lead to an ideal and robust system? You simply don't understand. This idea is bigger than you, it is bigger than me. Anyone who tries to wrap themselves completely around it will explode from the pressure. This system will *grow* *itself* to become extremely sophisticated and respected. Let us not smother the sapling with misguided preconceptions for nourishment. >There are other excellent reasons to keep it in our collective pants for a >while, but if THESE don't convince you, then perhaps I am asking the wrong >group of folks to help get this started properly. `Let's' start a mailing group for `nambypambypunks'. `We'll' get George ``Wouldn't be Prudent at this Juncture'' Bush to join. In fact, `we' better even start it until `we're' sure he likes the idea. p.s. cypherpunks, I certainly don't claim to speak for the group as a whole (such a task would be impossible no matter *what* is said) but I am becoming a bit disenchanted and disillusioned with some of the opinions expressed herein. Is it just that the weasels are more vocal? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Fri, 16 Apr 93 09:03:13 PDT To: extropians@gnu.ai.mit.edu Subject: Dorothy Denning's friends strike Message-ID: <9304161602.AA27246@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain To: cypherpunks@toad.com, libernet@dartmouth.edu, extropians@gnu.ai.mit.edu [Libernet readers -- please do not follow up on libernet, as it is only for announcements. All readers -- please do not CC lists you are not on with replies.] According to a front page article in today's New York Times, the Clinton Administration is going to be releasing a standard encryption technology that commercial users will be encouraged to adopt that involves having the government keep copies of "back door" keys associated with every device deployed. The article is entitled, with unintentional irony, "Communications Plan to Balance Government Access with Privacy". The article indicates that the move is "inteded to resolve a long standing dilema[...] how to preserve the legitimate right for businesses and citizens to use codes [...] without letting criminals and terrorists conspire beyond the reach of the law". The implications are obvious. Perry Metzger From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Fri, 16 Apr 93 12:24:26 PDT To: cypherpunks@toad.com Subject: White House press release on encryption policy Message-ID: <9304161924.AA18313@toad.com> MIME-Version: 1.0 Content-Type: text/plain Note: This file will also be available via anonymous file transfer from csrc.ncsl.nist.gov in directory /pub/nistnews and via the NIST Computer Security BBS at 301-948-5717. --------------------------------------------------- THE WHITE HOUSE Office of the Press Secretary _________________________________________________________________ For Immediate Release April 16, 1993 STATEMENT BY THE PRESS SECRETARY The President today announced a new initiative that will bring the Federal Government together with industry in a voluntary program to improve the security and privacy of telephone communications while meeting the legitimate needs of law enforcement. The initiative will involve the creation of new products to accelerate the development and use of advanced and secure telecommunications networks and wireless communications links. For too long there has been little or no dialogue between our private sector and the law enforcement community to resolve the tension between economic vitality and the real challenges of protecting Americans. Rather than use technology to accommodate the sometimes competing interests of economic growth, privacy and law enforcement, previous policies have pitted government against industry and the rights of privacy against law enforcement. Sophisticated encryption technology has been used for years to protect electronic funds transfer. It is now being used to protect electronic mail and computer files. While encryption technology can help Americans protect business secrets and the unauthorized release of personal information, it also can be used by terrorists, drug dealers, and other criminals. A state-of-the-art microcircuit called the "Clipper Chip" has been developed by government engineers. The chip represents a new approach to encryption technology. It can be used in new, relatively inexpensive encryption devices that can be attached to an ordinary telephone. It scrambles telephone communications using an encryption algorithm that is more powerful than many in commercial use today. This new technology will help companies protect proprietary information, protect the privacy of personal phone conversations and prevent unauthorized release of data transmitted electronically. At the same time this technology preserves the ability of federal, state and local law enforcement agencies to intercept lawfully the phone conversations of criminals. A "key-escrow" system will be established to ensure that the "Clipper Chip" is used to protect the privacy of law-abiding Americans. Each device containing the chip will have two unique 2 "keys," numbers that will be needed by authorized government agencies to decode messages encoded by the device. When the device is manufactured, the two keys will be deposited separately in two "key-escrow" data bases that will be established by the Attorney General. Access to these keys will be limited to government officials with legal authorization to conduct a wiretap. The "Clipper Chip" technology provides law enforcement with no new authorities to access the content of the private conversations of Americans. To demonstrate the effectiveness of this new technology, the Attorney General will soon purchase several thousand of the new devices. In addition, respected experts from outside the government will be offered access to the confidential details of the algorithm to assess its capabilities and publicly report their findings. The chip is an important step in addressing the problem of encryption's dual-edge sword: encryption helps to protect the privacy of individuals and industry, but it also can shield criminals and terrorists. We need the "Clipper Chip" and other approaches that can both provide law-abiding citizens with access to the encryption they need and prevent criminals from using it to hide their illegal activities. In order to assess technology trends and explore new approaches (like the key-escrow system), the President has directed government agencies to develop a comprehensive policy on encryption that accommodates: -- the privacy of our citizens, including the need to employ voice or data encryption for business purposes; -- the ability of authorized officials to access telephone calls and data, under proper court or other legal order, when necessary to protect our citizens; -- the effective and timely use of the most modern technology to build the National Information Infrastructure needed to promote economic growth and the competitiveness of American industry in the global marketplace; and -- the need of U.S. companies to manufacture and export high technology products. The President has directed early and frequent consultations with affected industries, the Congress and groups that advocate the privacy rights of individuals as policy options are developed. 3 The Administration is committed to working with the private sector to spur the development of a National Information Infrastructure which will use new telecommunications and computer technologies to give Americans unprecedented access to information. This infrastructure of high-speed networks ("information superhighways") will transmit video, images, HDTV programming, and huge data files as easily as today's telephone system transmits voice. Since encryption technology will play an increasingly important role in that infrastructure, the Federal Government must act quickly to develop consistent, comprehensive policies regarding its use. The Administration is committed to policies that protect all Americans' right to privacy while also protecting them from those who break the law. Further information is provided in an accompanying fact sheet. The provisions of the President's directive to acquire the new encryption technology are also available. For additional details, call Mat Heyman, National Institute of Standards and Technology, (301) 975-2758. - - --------------------------------- QUESTIONS AND ANSWERS ABOUT THE CLINTON ADMINISTRATION'S TELECOMMUNICATIONS INITIATIVE Q: Does this approach expand the authority of government agencies to listen in on phone conversations? A: No. "Clipper Chip" technology provides law enforcement with no new authorities to access the content of the private conversations of Americans. Q: Suppose a law enforcement agency is conducting a wiretap on a drug smuggling ring and intercepts a conversation encrypted using the device. What would they have to do to decipher the message? A: They would have to obtain legal authorization, normally a court order, to do the wiretap in the first place. They would then present documentation of this authorization to the two entities responsible for safeguarding the keys and obtain the keys for the device being used by the drug smugglers. The key is split into two parts, which are stored separately in order to ensure the security of the key escrow system. Q: Who will run the key-escrow data banks? A: The two key-escrow data banks will be run by two independent entities. At this point, the Department of Justice and the Administration have yet to determine which agencies will oversee the key-escrow data banks. Q: How strong is the security in the device? How can I be sure how strong the security is? A: This system is more secure than many other voice encryption systems readily available today. While the algorithm will remain classified to protect the security of the key escrow system, we are willing to invite an independent panel of cryptography experts to evaluate the algorithm to assure all potential users that there are no unrecognized vulnerabilities. Q: Whose decision was it to propose this product? A: The National Security Council, the Justice Department, the Commerce Department, and other key agencies were involved in this decision. This approach has been endorsed by the President, the Vice President, and appropriate Cabinet officials. Q: Who was consulted? The Congress? Industry? A: We have on-going discussions with Congress and industry on encryption issues, and expect those discussions to intensify as we carry out our review of encryption policy. We have briefed members of Congress and industry leaders on the decisions related to this initiative. Q: Will the government provide the hardware to manufacturers? A: The government designed and developed the key access encryption microcircuits, but it is not providing the microcircuits to product manufacturers. Product manufacturers can acquire the microcircuits from the chip manufacturer that produces them. Q: Who provides the "Clipper Chip"? A: Mykotronx programs it at their facility in Torrance, California, and will sell the chip to encryption device manufacturers. The programming function could be licensed to other vendors in the future. Q: How do I buy one of these encryption devices? A: We expect several manufacturers to consider incorporating the "Clipper Chip" into their devices. Q: If the Administration were unable to find a technological solution like the one proposed, would the Administration be willing to use legal remedies to restrict access to more powerful encryption devices? A: This is a fundamental policy question which will be considered during the broad policy review. The key escrow mechanism will provide Americans with an encryption product that is more secure, more convenient, and less expensive than others readily available today, but it is just one piece of what must be the comprehensive approach to encryption technology, which the Administration is developing. The Administration is not saying, "since encryption threatens the public safety and effective law enforcement, we will prohibit it outright" (as some countries have effectively done); nor is the U.S. saying that "every American, as a matter of right, is entitled to an unbreakable commercial encryption product." There is a false "tension" created in the assessment that this issue is an "either-or" proposition. Rather, both concerns can be, and in fact are, harmoniously balanced through a reasoned, balanced approach such as is proposed with the "Clipper Chip" and similar encryption techniques. Q: What does this decision indicate about how the Clinton Administration's policy toward encryption will differ from that of the Bush Administration? A: It indicates that we understand the importance of encryption technology in telecommunications and computing and are committed to working with industry and public-interest groups to find innovative ways to protect Americans' privacy, help businesses to compete, and ensure that law enforcement agencies have the tools they need to fight crime and terrorism. Q: Will the devices be exportable? Will other devices that use the government hardware? A: Voice encryption devices are subject to export control requirements. Case-by-case review for each export is required to ensure appropriate use of these devices. The same is true for other encryption devices. One of the attractions of this technology is the protection it can give to U.S. companies operating at home and abroad. With this in mind, we expect export licenses will be granted on a case-by-case basis for U.S. companies seeking to use these devices to secure their own communications abroad. We plan to review the possibility of permitting wider exportability of these products. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jthomas@coconut.mitre.org (Joe Thomas) Date: Fri, 16 Apr 93 09:27:24 PDT To: cypherpunks@toad.com Subject: Proposal for anon chaining Message-ID: <9304161626.AA02630@coconut> MIME-Version: 1.0 Content-Type: text/plain KINNEY WILLIAM H writes: > Recent traffic on anonymous remailers/servers: > > >From: Eli > >> From: Hal <74076.1041@CompuServe.COM> > >> This method of posting does not allow you to receive replies. I have set > >> "nicknames" for these two accounts as "Untraceable account" which will appear > > >in the "From" line on the postings. Hopefully that will offer a clue that > > >the normal reply mechanism doesn't work. Maybe the nickname should say so > >> more explicitly? > > > > > >The security provided by this technique could be provided without > >the IMHO serious disadvantage of having no return address. Eric's > >hybrid approach, where a pseudonym server hands mail to an remailer > >chain, is secure (barring sophisticated traffic analysis) if you > >trust the last remailer in the chain. Julf, have you thought about > >whether you want to do something like this? > > > Hal > > Here's an idea I haven't seen suggested before, which would remove the need > for a pseudonym server: > > [Description of chain-encrypted header info, separated from message text] > > This seems to me to be a very robust pseudonymous mail system which > could be implemented by relatively minor changes to the existing Cypherpunk > remailer structure. It has the additional advantage of being decentralized > and maintenance-free. It could be used for pseudonyms on net news, e-mail, > wherever, and could presumably be integrated in some way into Julf's > anon server. > Yes, this would seem to be the way to do this, and this type of nested-encrypted routing information is what I was referring to as an "SASE" in my front-end/back-end anonymous posting design. There are some drawbacks, however. Traffic analysis by watching a remailer's feed, and seeing messages come in and go back out is much easier, since the message _text_ is unchanged from one remailer to the next. In fact, however, such traffic analysis is not difficult with the present system, since message lengths can be used to correlate messages going in and out, and the remailers aren't getting enough traffic to do much internal "mixing" to avoid obvious FIFO behavior. The obvious solutions are a remailing protocol that supports padding out messages to a few "standard" lengths, and increasing the remailer traffic, perhaps with dummy messages. But this doesn't help in the above case, when routing information is separate from message text, and not known to the sender (except for the first hop). One possible solution relies on the fact that each remailer must know the next hop a message will take. When the remailer is forwarding mail with separately encrypted header information, it will append some random bits to the message, then encrypt it with the next remailer's public key. (Note that if the appending of random bits is skipped, the system provides no security against traffic analysis, since the adversary can simply try encrypting incoming messages with various remailers' public keys, then watch to see if that message comes back out). I've got some more ambitious ideas for this (encrypted return addresses as a MIME content-type?), but I think the version outlined above could be implemented pretty easily, although I admit I haven't really read through the remailer scripts. I'll take a crack at it as soon as I get my Linux box (a couple weeks) if people think it's a good idea. Joe From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Fri, 16 Apr 93 09:56:19 PDT To: Subject: ANON: Chaining suggestions Message-ID: <930416165143_74076.1041_FHD34-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain Will Kinney suggests a form of anonymous return address in which "Request-Remailing-To" headers are nested and encrypted, then used for addressing. This is a fine idea, Will, but we're way ahead of you on this. This approach has been used ever since we added encryption to the remailers. Karl Barrus even wrote a script specifically for constructing anonymous addresses like this. It's available from the Cypherpunks ftp site. (soda.berkeley.edu, /pub/cypherpunks. I think the file is something like "scripts.tar".) The problem with this in practice is, first, that the return address block is rather large, especially if more than one level of nesting is used (often 10, 20 lines or more); and second, that it does not lend itself to automatic use of the "reply" function. Instead, the replier has to cut and paste this block of text from the message he's replying to and put it in the right place in his own message. And he has to be instructed in how to do this. (Karl's script adds the instructions when it creates the return address.) This is pretty complicated. This is why Eli suggested (based on suggestions from Eric Hughes) that at least Julf's remailer be enhanced so instead of just mapping, say, an12345 to joe@foo.com, it would map to a Cypherpunks return address of the type Will is describing - a block of encrypted text. People could then have the convenience of automatic replies to an12345 along with the security of a chained address. I don't think the idea quite works in this form, since I don't see how messages to Julf get translated to an12345. Presumably only messages from one specific user should get posted under this ID (the user whose address is buried in the encrypted return address to which Julf's remailer will forward replies). Perhaps another set of commands is needed to tell the remailer what ID to use to post under. By the time you do this much I don't think that what you have bears much resemblence to Julf's current software. I am stymied in doing experimentation in this area by one fundamental problem. I do not have the power to create user ID's on any systems which I use, so I can't create pseudonym accounts. I have tried various tricks. For example, I sent mail with a "Reply-To:" of "hal@alumni.caltech.edu (Pseudonym 12345)". I hoped that if someone did a reply to this mail, it might come to me with that whole field in the "To" line, and I could then parse it for the pseudonym number. That didn't work on the particular reply mailer that I used; it stripped the comment field in parentheses. The one other idea I've had is to put something at the beginning of the Subject: line, so if the user remailed a message with a Subject: of "How's it going, Jack?" it would actually go out as "Subject: (P12345) How's it going, Jack?". Then when they reply it will probably come back as "Subject: Re: (P12345) How's it going, Jack?" or something similar, and I can parse for the (Pxxxxx). This might work pretty often but munging the Subject line is bad for news posting since a lot of news readers sort by subject line. I could put the (Pxxxxx) at the end but it might get truncated? Maybe not. I wonder if anyone knowledgable in mail systems could suggest a relatively robust way of setting up outgoing headers so that return mail will (A) come back to me (hal@alumni.caltech.edu in this case) and (B) be marked in some unique way that would let me do a pseudonym mapping. Any ideas would be appreciated. Hal Finney 74076.1041@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@alumni.cco.caltech.edu Date: Fri, 16 Apr 93 13:00:25 PDT To: cypherpunks@toad.com Subject: Re: ANON: Chaining to Penet remailer Message-ID: <9304162000.AA00123@alumni.cco.caltech.edu> MIME-Version: 1.0 Content-Type: text/plain I am not very inclined to defend myself or my news.admin.policy postings, since saying someones an asshole seems to be what the group is for, but I am listening to the discussion and take seriously peoples crticisms and listening hard. FOr what it's worth, I said I was sorry but It pisses me off that when a nym tells some jerk to fuck off, everyone jumps all over me. EVen so, I'll listen to what people have to say since I don't want to lose access ... without the remailers I am Nowhere, Man. Isn't that ironic??? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Fri, 16 Apr 93 13:54:23 PDT To: cypherpunks-announce@toad.com Subject: EFF crypto statement and press release Message-ID: <9304162054.AA19449@toad.com> MIME-Version: 1.0 Content-Type: text/plain April 16, 1993 INITIAL EFF ANALYSIS OF CLINTON PRIVACY AND SECURITY PROPOSAL The Clinton Administration today made a major announcement on cryptography policy which will effect the privacy and security of millions of Americans. The first part of the plan is to begin a comprehensive inquiry into major communications privacy issues such as export controls which have effectively denied most people easy access to robust encryption, and law enforcement issues posed by new technology. However, EFF is very concerned that the Administration has already reached a conclusion on one critical part of the inquiry, before any public comment or discussion has been allowed. Apparently, the Administration is going to use its leverage to get all telephone equipment vendors to adopt a voice encryption standard developed by the National Security Agency. The so-called "Clipper Chip" is an 80-bit, split key escrowed encryption scheme which will be built into chips manufactured by a military contractor. Two separate escrow agents would store users' keys, and be required to turn them over law enforcement upon presentation of a valid warrant. The encryption scheme used is to be classified, but the chips will be available to any manufacturer for incorporation into its communications products. This proposal raises a number of serious concerns . First, the Administration has adopted a solution before conducting an inquiry. The NSA-developed Clipper Chip may not be the most secure product. Other vendors or developers may have better schemes. Furthermore, we should not rely on the government as the sole source for the Clipper or any other chips. Rather, independent chip manufacturers should be able to produce chipsets based on open standards. Second, an algorithm cannot be trusted unless it can be tested. Yet, the Administration proposes to keep the chip algorithm classified. EFF believes that any standard adopted ought to be public and open. The public will only have confidence in the security of a standard that is open to independent, expert scrutiny. Third, while the use of the use of a split-key, dual escrowed system may prove to be a reasonable balance between privacy and law enforcement needs, the details of this scheme must be explored publicly before it is adopted. What will give people confidence in the safety of their keys? Does disclosure of keys to a third party waive an individual's Fifth Amendment rights in subsequent criminal inquiries? These are but a few of the many questions the Administrations proposal raised but fails to answer. In sum, the Administration has shown great sensitivity to the importance of these issues by planning a comprehensive inquiry into digital privacy and security. However, the "Clipper Chip" solution ought to be considered as part of the inquiry, and not be adopted before the discussion even begins. DETAILS OF THE PROPOSAL: ESCROW The 80-bit key will be divided between two escrow agents, each of whom hold 40-bits of each key. The manufacturer of the communications device would be required to register all keys with the two independent escrow agents. A key is tied to the device, however, not the person using it. Upon presentation of a valid court order, the two escrow agents would have to turn the key parts over to law enforcement agents. According to the Presidential Directive just issued, the Attorney General will be asked to identify appropriate escrow agents. Some in the Administration have suggested that one non-law enforcement federal agency (perhaps the Federal Reserve), and one non-governmental organization could be chosen, but there is no agreement on the identity of the agents yet. CLASSIFIED ALGORITHM AND THE POSSIBILITY OF BACK DOORS The Administration claims that there are no back doors -- means by which the government or others could break the code without securing keys from the escrow agents -- and that the President will be told there are no back doors to this classified algorithm. In order to prove this, Administration sources are interested in arranging for an all-star crypto cracker team to come in, under a security arrangement, and examine the algorithm for trap doors. The results of the investigation would then be made public. The Clipper Chipset was designed and is being produced and a sole-source, secret contract between the National Security Agency and two private firms: VLSI and Mycotronx. NSA work on this plan has been underway for about four years. The manufacturing contract was let 14 months ago. GOVERNMENT AS MARKET DRIVER In order to get a market moving, and to show that the government believes in the security of this system, the feds will be the first big customers for this product. Users will include the FBI, Secret Service, VP Al Gore, and maybe even the President. At today's Commerce Department press briefing, a number of people asked this question, though: why would any private organization or individual adopt a classified standard that had no independent guaranty of security or freedom from trap doors? COMPREHENSIVE POLICY INQUIRY The Administration has also announced that it is about to commence an inquiry into all policy issues related to privacy protection, encryption, and law enforcement. The items to be considered include: export controls on encryption technology and the FBI's Digital Telephony Proposal. It appears that the this inquiry will be conducted by the National Security Council. Unfortunately, however, the Presidential Directive describing the inquiry is classified. Some public involvement in the process has been promised, but they terms have yet to be specified. FROM MORE INFORMATION CONTACT: Jerry Berman, Executive Director (jberman@eff.org) Daniel J. Weitzner, Senior Staff Counsel (djw@eff.org) Full text of the Press releases and Fact Sheets issued by the Administration will be available on EFF's ftp site. =================== PRESS RELEASE FOR IMMEDIATE RELEASE: April 16, 1993 Electronic Frontier Foundation responds to Clinton Administration Digital Privacy and Security proposals. EFF Chairman Mitchell Kapor praises process but questions need for secret standard. The Clinton Administration today made a major announcement on privacy and security for electronic communications including regular and cellular phones. Mitchell Kapor, EFF Chairman of the Board, praised Administration efforts to study comprehensive solutions to privacy problems, but questioned the specific solution which the government is seeking to impose. "The Administration is to be commended for launching a broad inquiry into these critical problems," said Kapor, "but they should not attempt to impose a solution before the process has begun." "A system based on classified, secret technology will not and should not gain the confidence of the American public," continued Kapor, commenting on the proposed use of the NSA-developed "Clipper Chip." The Clipper chip is to be sold to private corporations for incorporation in communications products, but will be based on a classified coding system. Kapor explained that "in the past, government-designed standards have suffered under the suspicion that a hidden 'trap door' would allow unauthorized governmental or private intrusion. The only way to avoid this mistake is to publish open standards and subject them to expert, independent scrutiny." The Clipper proposal would also require users to deposit their code "keys" with "trusted" escrow agents in order to allow law enforcement to conduct court-authorized wiretaps. Jerry Berman, EFF's Executive Director, said that "the escrow system is an intriguing proposal, but the details of this scheme must be explored publicly before it is adopted. What will give people confidence in the safety of their keys? Does disclosure of keys to a third party waive an individual's Fifth Amendment rights against self-incrimination? The administration will need to answer questions such as these before it proceeds with this, or any other, proposal." Contact: Jerry Berman, Executive Director Daniel J. Weitzner, Senior Staff Counsel tel: 202-544-3077 or 202-544-9237 eff@eff.org From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Fri, 16 Apr 93 14:18:18 PDT To: Cypherpunks@toad.com Subject: Key Registration and Big Brother--Time to Fight! Message-ID: <9304162117.AA29302@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain (Perry Metzger forwarded my message this morning to the Cypherpunks list on the latest White House proposal....I should've also sent it to the Extropians list myself, my vacation from the list notwithstanding. Some things are just too important!) The latest White House proposal to authorize a certain form of encryption, called "Clipper Chip," (a bizarre name, which also conflicts with the "Clipper" processor made by Intergraph), represents the reification of all the "key registration" themes discussed for many months on sci.crypt and elsewhere. I urge those on the Extropians list who are interested in preserving their dwindling freedoms in these Beknighted States of America to: 1. Follow the debate on sci.crypt and elsewhere. Hal Finney just mentioned the various places the White House announcement was posted. 2. Subscribe to the Cypherpunks list by sending a message to "cypherpunks-request@toad.com". The latest "Wired," which I have not yet seen myself, apparently has some good stuff on our group. (I reviewed Levy's article for him, but haven't seen the mag on the newsstands yet.) 3. Get your PGP and MacPGP before "the other shoe drops." The "other shoe" may be legal moves by RSA Data Security and others (Commerce? Justice?) to crack down on PGP...rumblings of this have been heard for months now, and were discussed at the last physical Cypherpunks meeting. (And the steganographic aspects--the hiding of the mere _existence_ of an encrypted message--will probably assume a greater importance than before.) 4. The Boston area just had its first physical Cypherpunks meeting, with Julf intending to attend (J. Helsingius, operator of the Finnish anonymous remailer)....I haven't heard the outcome. The U.K has had one for several months, and of course the Bay Area has had one since before there was even a mailing list. The Southern California area has several leading Cypherpunks (Hal Finney, Phil Karn, Eli Brandt, others) and wants to host a meeting of "the Cypherpunks." Instead, and in light of the serious danger that encryption will soon have limits placed on it, I would urge them to *just begin their own meeting* ASAP! (Sorry to sound so urgent, but they need to start meeting long before we can arrange a meeting in San Diego or LA.) (One thing we talked about at the 4-10-93 meeting in Mountain View, CA, was a conference call linking up some of the "satellite Cypherpunks." Not secure, of course, but then neither is this list nor our physical meetings...anybody can attend, can get added to the list, etc.) 5. Prof. Denning has more to say about key escrow and registration in the latest (or very recent) "Communications of the ACM," which should be available in large university libraries. Now that the proposal has become real, it takes on more meaning. 6. It is clear that the "trial balloon" I cited in my message many months back to sci.crypt is nauseatingly real. Under the guise of stopping "drug dealers, terrorists, and child pornographers," we will see limits placed on our ability to communicate privately. I have few hopes that this proposal will be overturned by the courts, including the Supreme Court. A "garrison state" like the U.S. is turning itself into, what with the War on (Some) Drugs, the no-knock raids on suspects, the civil forfeiture laws, and the attacks on "whacko Waco religious cults," has need of Nazi-like police powers. It seems ironic, and appropriate, that this White House announcement came on the 50th anniversary of the discovery of LSD...April 16th, 1943. As I said six months ago, "Be afraid, be very afraid." As Phil Karn put it, the battle is joined. -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dmandl@shearson.com (David Mandl) Date: Fri, 16 Apr 93 12:03:03 PDT To: cypherpunks@toad.com Subject: Phil Zimmerman on the Radio Message-ID: <9304161840.AA17929@tardis.shearson.com> MIME-Version: 1.0 Content-Type: text/plain FYI, for those of you in the NYC area, I'm going to be conducting a brief interview with Phil Zimmerman (author of PGP) on my radio show tomorrow to discuss the recent NSA/Big Brother crypto developments (see the front page of today's New York Times). WFMU, East Orange, NJ, 91.1 FM. My show airs from noon-3:00 local time, and the interview will start at around 1:00. N.B.: I will NOT be taping the show, so I can't make tapes for anyone. Anyone else listening is free to make copies and do whatever they want with them, of course. --Dave. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: derek@cs.wisc.edu (Derek Zahn) Date: Fri, 16 Apr 93 13:00:08 PDT To: cypherpunks@toad.com Subject: circling the wagons Message-ID: <9304162000.AA29054@lynx.cs.wisc.edu> MIME-Version: 1.0 Content-Type: text/plain Assuming that the "Clipper chip" initiative isn't a teapot tempest, I suppose we'd better start sharpening our rhetorical knives. Privacy arguments and sheer outrage will be useful, but it seems to me that the "modern steganography" discussion from a few weeks back offers an irrefutable argument: By performing rather simple camouflaging, it is possible to make an encrypted message undetectable by encoding it in (images, voice, any other signal that could plausibly contain noise). This is rather easy to do, so those who REALLY want to hide what they're doing (terrorists, criminals, republican campaign staff) will still be able to do so. In fact, by encrypting the wrapper with your "Clipper" system, they look like they're hiding noting. All that you are buying is a false sense of security. derek From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pmetzger@lehman.com (Perry E. Metzger) Date: Fri, 16 Apr 93 12:46:29 PDT To: cypherpunks@toad.com Subject: Mailing list name Message-ID: <9304161946.AA27724@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain In the light of recent developments concerning government cryptography initiatives, we might soon find ourselves innundated by working press. Given this, I think that the name "cypherpunks" produces the wrong connotations -- it makes us sound like criminals when we are in fact people who are interested in expanding personal privacy with technology. Often, little things like this end up being of tremendous importance in the long haul. I would propose changing the name of the mailing list to "cryptoprivacy" or something similar. It denotes what we are about in a way that mundane people understand better, and it portrays us in the proper light -- as people struggling to improve the prospects for personal freedom, not a bunch of "punks". Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Wayner Date: Fri, 16 Apr 93 14:56:30 PDT To: cypherpunks@toad.com Subject: The New Mykotronix phones... Message-ID: <199304161954.AA20309@access.digex.com> MIME-Version: 1.0 Content-Type: text/plain Okay, let's suppose that the NSA/NIST/Mykotronix Registered Key system becomes standard and I'm able to buy such a system from my local radio shack. Every phone comes with a built in chip and the government has the key to every phone call. I go and buy a phone and dutifully register the key. What's to prevent me from swapping phones with a friend or buying a used phone at a garage sale? Whooa. The secret registered keys just became unsynchronized. When the government comes to listen in, they only receive gobbledly-gook because the secret key registered under my name isn't the right one. That leads me to conjecture that: 1) The system isn't that secure. There are just two master keys that work for all the phones in the country. The part about registering your keys is just bogus. or 2) The system is vulnerable to simple phone swapping attacks like this. Criminals will quickly figure this out and go to town. In either case, I think we need to look at this a bit deeper. -Peter Wayner From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: treason@gnu.ai.mit.edu Date: Fri, 16 Apr 93 13:14:50 PDT To: cypherpunks@toad.com Subject: White House Encryption idea Message-ID: <9304162014.AA05785@spiff.gnu.ai.mit.edu> MIME-Version: 1.0 Content-Type: text/plain Well, this all sounds fine and dandy, but... 1) They are not passing out the algorithym, and I dont trust ANYONE to tell me its secure. I am not a cryptographer, so it wouldn't help any if they gave the code to me, but it just being out there for public perusal helps me to think it IS secure. I trust no payola. 2) It is very possible that the 'criminal' effort may be able to modify these devices so that there is no possiblility for the agencies to decrypt their trasmissions (If it IS truly secure with no backdoors or decyphering possibilities) in which case, it can only harm the law abiding. 3) It allows the government the ability to determine WHAT encryption method industry uses, and they should be able to have a choice. Those who understand this very misleading comment will understand, those who do not, will prolly never be able to. 4) No explanation of what the 'key' contents are composed of (numbers, letters, alphanum, characters, some odd cyphercode???) is even implied. 5) No explanation of how the key is propegated or if it will even be needed for the remote site is mentioned. How are the remote sites going to decypher your cyphersounds(text)? There was no mention of further releases in information...is this all we get? treason@gnu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: treason@gnu.ai.mit.edu Date: Fri, 16 Apr 93 13:31:36 PDT To: pmetzger@lehman.com Subject: Re: Mailing list name In-Reply-To: <9304161946.AA27724@snark.shearson.com> Message-ID: <9304162031.AA05882@spiff.gnu.ai.mit.edu> MIME-Version: 1.0 Content-Type: text/plain > > > In the light of recent developments concerning government cryptography > initiatives, we might soon find ourselves innundated by working press. > > Given this, I think that the name "cypherpunks" produces the wrong > connotations -- it makes us sound like criminals when we are in fact > people who are interested in expanding personal privacy with > technology. Often, little things like this end up being of tremendous > importance in the long haul. > > I would propose changing the name of the mailing list to > "cryptoprivacy" or something similar. It denotes what we are about in > a way that mundane people understand better, and it portrays us in the > proper light -- as people struggling to improve the prospects for > personal freedom, not a bunch of "punks". > > Perry > > I agree wholeheartedly, and I think I have the experience to say so. You wouldn't believe how much importance people and groups put on names. Even though I have not, nor ever intend to commit the act described by my name, people still look at me with a leery eye. Becase I am treason@gnu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Timothy Newsham Date: Fri, 16 Apr 93 19:44:48 PDT To: cypherpunks@toad.com Subject: white house blunder Message-ID: <9304170244.AA25203@toad.com> MIME-Version: 1.0 Content-Type: text/plain Even though the white house proposal may seem bad it could be used to your advantage in some ways: swap keys with someone else... if serial number isnt sent in transmission this takes gives a big headache when they try to decrypt your stream. use another encryption before sending to clipper chip... this way everything looks normal, and if they are playing according to the rules (cross fingers) they dont know anything is fishy until they try to get a warrant and decrypt. First keys wont match. When they do find the correct key they'll decrypt and get a file encrypted in another system. This might be great for averting suspicion of using another crypto- system. Everyone will be using clipper, and your message will look like its from the clipper chip. It wont look like an RSA file or DES'ed voice or whatever. The chip gives you a opaque (hopefully) envelope to put things into. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Fri, 16 Apr 93 16:51:11 PDT To: extropians@gnu.ai.mit.edu Subject: (fwd) White House Public Encryption Management Fact Sheet Message-ID: <9304162351.AA00841@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Message from Tim: The following forwarded message (below, after these introductory comments) explains in more detail the NIST/NSA proposal and adds a few disturbing wrinkles: 1. Quote: "INSTALLATION OF GOVERNMENT-DEVELOPED MICROCIRCUITS The Attorney General of the United States, or her representative, shall request manufacturers of communications hardware which incorporates encryption to install the U.S. government-developed key-escrow microcircuits in their products." This suggests more than just voice communications will be affected by the policy. "Communications hardware" suggests a broad scope. Modem makers may be told to (somehow) incorporate this system into their products...not clear what this means for old equipment, incompatible equipment, etc. 2. The "shall request manufacturers..." bit does not sound voluntary. (The whole line about "Clipper" being so attractive that manufacturers will gladly design it in....total B.S.) 3. At the end of this document is mention of using the civil forfeiture laws to enforce the new system. Not state, but implicit (I believe) is that the threat of civil forfeiture will be used to scare users into compliance. Very disturbing. Read it and weep! Then start planning. -Tim May, who hopes the Cypherpunks will adopt my suggestion that we use the Bulletin of Atomic Scientists-style "clock"...I call it 10 minutes before midnight ***Begin forwarded message from sci.crypt and other groups*** From: clipper@csrc.ncsl.nist.gov (Clipper Chip Announcement) Subject: White House Public Encryption Management Fact Sheet Organization: National Institute of Standards & Technology Date: Fri, 16 Apr 1993 20:44:58 GMT Note: The following was released by the White House today in conjunction with the announcement of the Clipper Chip encryption technology. FACT SHEET PUBLIC ENCRYPTION MANAGEMENT The President has approved a directive on "Public Encryption Management." The directive provides for the following: Advanced telecommunications and commercially available encryption are part of a wave of new computer and communications technology. Encryption products scramble information to protect the privacy of communications and data by preventing unauthorized access. Advanced telecommunications systems use digital technology to rapidly and precisely handle a high volume of communications. These advanced telecommunications systems are integral to the infrastructure needed to ensure economic competitiveness in the information age. Despite its benefits, new communications technology can also frustrate lawful government electronic surveillance. Sophisticated encryption can have this effect in the United States. When exported abroad, it can be used to thwart foreign intelligence activities critical to our national interests. In the past, it has been possible to preserve a government capability to conduct electronic surveillance in furtherance of legitimate law enforcement and national security interests, while at the same time protecting the privacy and civil liberties of all citizens. As encryption technology improves, doing so will require new, innovative approaches. In the area of communications encryption, the U. S. Government has developed a microcircuit that not only provides privacy through encryption that is substantially more robust than the current government standard, but also permits escrowing of the keys needed to unlock the encryption. The system for the escrowing of keys will allow the government to gain access to encrypted information only with appropriate legal authorization. To assist law enforcement and other government agencies to collect and decrypt, under legal authority, electronically transmitted information, I hereby direct the following action to be taken: INSTALLATION OF GOVERNMENT-DEVELOPED MICROCIRCUITS The Attorney General of the United States, or her representative, shall request manufacturers of communications hardware which incorporates encryption to install the U.S. government-developed key-escrow microcircuits in their products. The fact of law enforcement access to the escrowed keys will not be concealed from the American public. All appropriate steps shall be taken to ensure that any existing or future versions of the key-escrow microcircuit are made widely available to U.S. communications hardware manufacturers, consistent with the need to ensure the security of the key-escrow system. In making this decision, I do not intend to prevent the private sector from developing, or the government from approving, other microcircuits or algorithms that are equally effective in assuring both privacy and a secure key- escrow system. KEY-ESCROW The Attorney General shall make all arrangements with appropriate entities to hold the keys for the key-escrow microcircuits installed in communications equipment. In each case, the key holder must agree to strict security procedures to prevent unauthorized release of the keys. The keys shall be released only to government agencies that have established their authority to acquire the content of those communications that have been encrypted by devices containing the microcircuits. The Attorney General shall review for legal sufficiency the procedures by which an agency establishes its authority to acquire the content of such communications. PROCUREMENT AND USE OF ENCRYPTION DEVICES The Secretary of Commerce, in consultation with other appropriate U.S. agencies, shall initiate a process to write standards to facilitate the procurement and use of encryption devices fitted with key-escrow microcircuits in federal communications systems that process sensitive but unclassified information. I expect this process to proceed on a schedule that will permit promulgation of a final standard within six months of this directive. The Attorney General will procure and utilize encryption devices to the extent needed to preserve the government's ability to conduct lawful electronic surveillance and to fulfill the need for secure law enforcement communications. Further, the Attorney General shall utilize funds from the Department of Justice Asset Forfeiture Super Surplus Fund to effect this purchase. -- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Joseph Truitt Date: Fri, 16 Apr 93 18:30:50 PDT To: cypherpunks@toad.com Subject: [fwd] Initial EFF analysis of Clinton Privacy and Security Proposal Message-ID: <9304170040.AA21888@valis.biocad.com> MIME-Version: 1.0 Content-Type: text/plain I don't recall having posted to this list before, but I am a truly supportive lurker as it were, doing my bit to sow seeds of crypto-anarchy at the layperson level to many friends. Anyway, in light of today's foreboding announcement from the White House, I thought you might be interested in this blurb from the EFF. ------- Forwarded Message Date: Fri, 16 Apr 1993 15:17:02 -0400 From: Cliff Figallo Subject: EFFector Online 5.06 To: eff-news@eff.org (eff-news mailing list) ****************************************************************** ////////////// ////////////// ////////////// /// /// /// /////// /////// /////// /// /// /// ////////////// /// /// ****************************************************************** EFFector Online Volume 5 No. 6 4/16/1993 editors@eff.org A Publication of the Electronic Frontier Foundation ISSN 1062-9424 ... April 16, 1993 INITIAL EFF ANALYSIS OF CLINTON PRIVACY AND SECURITY PROPOSAL The Clinton Administration today made a major announcement on cryptography policy which will effect the privacy and security of millions of Americans. The first part of the plan is to begin a comprehensive inquiry into major communications privacy issues such as export controls which have effectively denied most people easy access to robust encryption as well as law enforcement issues posed by new technology. However, EFF is very concerned that the Administration has already reached a conclusion on one critical part of the inquiry, before any public comment or discussion has been allowed. Apparently, the Administration is going to use its leverage to get all telephone equipment vendors to adopt a voice encryption standard developed by the National Security Agency. The so-called "Clipper Chip" is an 80-bit, split key escrowed encryption scheme which will be built into chips manufactured by a military contractor. Two separate escrow agents would store users' keys, and be required to turn them over law enforcement upon presentation of a valid warrant. The encryption scheme used is to be classified, but they chips will be available to any manufacturer for incorporation into their communications products. This proposal raises a number of serious concerns . First, the Administration appears to be adopting a solution before conducting an inquiry. The NSA-developed Clipper chip may not be the most secure product. Other vendors or developers may have better schemes. Furthermore, we should not rely on the government as the sole source for Clipper or any other chips. Rather, independent chip manufacturers should be able to produce chipsets based on open standards. Second, an algorithm can not be trusted unless it can be tested. Yet the Administration proposes to keep the chip algorithm classified. EFF believes that any standard adopted ought to be public and open. The public will only have confidence in the security of a standard that is open to independent, expert scrutiny. Third, while the use of the split-key, dual-escrowed system may prove to be a reasonable balance between privacy and law enforcement needs, the details of this scheme must be explored publicly before it is adopted. What will give people confidence in the safety of their keys? Does disclosure of keys to a third party waive individual's fifth amendment rights in subsequent criminal inquiries? In sum, the Administration has shown great sensitivity to the importance of these issues by planning a comprehensive inquiry into digital privacy and security. However, the "Clipper chip" solution ought to be considered as part of the inquiry, not be adopted before the discussion even begins. DETAILS OF THE PROPOSAL: ESCROW The 80-bit key will be divided between two escrow agents, each of whom hold 40 bits of each key. Upon presentation of a valid warrant, the two escrow agents would have to turn the key parts over to law enforcement agents. Most likely the Attorney General will be asked to identify appropriate escrow agents. Some in the Administration have suggested one non-law enforcement federal agency, perhaps the Federal Reserve, and one non-governmental organization. But, there is no agreement on the identity of the agents yet. Key registration would be done by the manufacturer of the communications device. A key is tied to the device, not to the person using it. CLASSIFIED ALGORITHM AND THE POSSIBILITY OF BACK DOORS The Administration claims that there are no back door means by which the government or others could break the code without securing keys from the escrow agents and that the President will be told there are no back doors to this classified algorithm. In order to prove this, Administration sources are interested in arranging for an all-star crypto cracker team to come in, under a security arrangement, and examine the algorithm for trap doors. The results of the investigation would then be made public. GOVERNMENT AS MARKET DRIVER In order to get a market moving, and to show that the government believes in the security of this system, the feds will be the first big customers for this product. Users will include the FBI, Secret Service, VP Al Gore, and maybe even the President. FROM MORE INFORMATION CONTACT: Jerry Berman, Executive Director Daniel J. Weitzner, Senior Staff Counsel ... ============================================================= EFFector Online is published by The Electronic Frontier Foundation 666 Pennsylvania Ave., Washington, DC 20003 Phone: +1 202 544-9237 FAX: +1 202 547 5481 Internet Address: eff@eff.org Coordination, production and shipping by Cliff Figallo, EFF Online Communications Coordinator (fig@eff.org) Reproduction of this publication in electronic media is encouraged. Signed articles do not necessarily represent the view of the EFF. To reproduce signed articles individually, please contact the authors for their express permission. *This newsletter is printed on 100% recycled electrons* ------- End of Forwarded Message -- Joseph Truitt * BioCAD Corporation * joseph@biocad.com * voice 415/903-3923 fax 415/961-0584 * "The hardest thing in the world to understand is the income tax." --Albert Einstein From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Fri, 16 Apr 93 15:40:24 PDT To: Peter Wayner Subject: The Big Brother Proposal In-Reply-To: <199304161954.AA20309@access.digex.com> Message-ID: <9304162238.AA28087@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain Peter Wayner says: > What's to prevent me from swapping phones with a friend or > buying a used phone at a garage sale? Whooa. The secret registered > keys just became unsynchronized. When the government comes > to listen in, they only receive gobbledly-gook because the > secret key registered under my name isn't the right one. Perhaps you can deduce which chip is doing the encryption by identification data transmitted by the chip down the line -- they might identify themselves, making it impossible for you to avoid having them figure out which pair of keys registered with the Ministry of Truth and the Ministry of Love are to be used to listen in on your conversation. After all, they keys are registered by the manufacturer... Perry PS We all remember the Ministry of Love and the Ministry of Truth, don't we? This proposal was, of course, created by a group spun off from the Ministry of Peace, a.k.a. No Such Agency. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jet@nas.nasa.gov (J. Eric Townsend) Date: Fri, 16 Apr 93 18:51:43 PDT To: cypherpunks@toad.com Subject: ietf-telnet-encryption.01.txt In-Reply-To: <9304170126.AA08500@nyx.cs.du.edu> Message-ID: <9304170151.AA00130@boxer.nas.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain Robert W. F. Clark writes: > It sounds a little suspicious to me, though. Snag those copies > of PGP while you can. Expect trouble in coming months. While we're on the subject of "things that might go away", the Icom IC-R1 is getting hard to find locally. I bought the last one at Quantel electronics for $450 or so. (The R1 is a handheld scanner/receiver that has continuous coverage from 100Khz-1.3Ghz.) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: George A. Gleason Date: Fri, 16 Apr 93 19:11:44 PDT To: tcmay@netcom.com Subject: Re: (fwd) White House Public Encryption Management Fact Sheet Message-ID: <199304170211.AA01739@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Re Big Brother proposal. The "asset forfeiture" mention isn't quite so ominous as suggested: what it seems to say is that the Atty General will procure (i.e. buy) encryption devices for use by law enforcement in their own secure communications (i.e. police radio and computer links), and "the funding to effect this purchase" will come from the "superfund" of money derived from existing asset forfeitures. In other words, smoke a joint, lose your house, and Uncle Sam sells the house to get money to buy more crypto gear for cops. I don't see an implication that crypto gear makers will be facing forfeiture for failing to comply with the "request" to incorporate key escrow. It appears that this is directed at first to establish the use of key escrow in government-related communications: "federal communications systems that process sensitive but unclassified information." So for instance, Ollie North's memos would be recoverable, and so on. But the real risk is that it will spread out to encompass any facility receiving government funding or contracts, i.e. the universities; and from there, widen so as to restrict other types of crypto from being used at those sites. So far it doesn't seem to restrict crypto on private microcomputers, though a widely accepted standard could eventually be written into law. The proposal specifically says it will allow other manufacturers to develop other approaches to key escrow systems. I think what the long-term plan might be, is to win acceptance for the idea of key escrow, and then require it. This isn't exactly a backdoor into your hardware; what it would allow would be for instance NSA to get your key and then read your communications as they occur. So your local hardware isn't storing anything in a different way or being remotely accessed or triggered, but your key is available elsewhere, at some approved facility. Now I'm guessing here, but what I think the way the crypto part of this has to work, is with a "device-specific" key and a "session"-type of key; where the first is what is escrowed, and the second is user-variable. Both are required to decrypt messages, and recovery of the second key would be relatively straightforward. Now you buy a modem or whatever, and it has a crypto chip in it, with a device-specific key that is registered along with the serial number of the device. So your purchase record has that serial number on it, and that's used to track the device key, which of course has been escrowed by the manufacturer before shipping the modem out. This would suggest that device keys would be relatively hard to crack, and therefore that some improvement in privacy would be possible by simply swapping the key chip in the device; and this would be easy enough with a black market in key escrow chips. In the mean time, from our end of it, someone oughta start working on steganography FAST. Spread spectrum designs are feasible. Slow is okay; the goal being to do anything that will render key escrow obsolete by making it impossible to tell when ciphertext (or for that matter any kind of data) is being sent. -gg From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peb@PROCASE.COM Date: Fri, 16 Apr 93 19:21:54 PDT To: cypherpunks@toad.com Subject: Re: (fwd) White House Public Encryption Management Fact Sheet Message-ID: <9304170220.AA02462@banff> MIME-Version: 1.0 Content-Type: text/plain >From: Peter Wayner >2) The system is vulnerable to simple phone swapping attacks Yes, that's when the it becomes necessary to register your phone and phone license with the government every year. Remember, "using a telephone is a privilage, not a right!" 8^) Nice way to charge license fees too! >From: gnu@toad.com (John Gilmore) >Subject: EFF crypto statement and press release > Does disclosure of keys to a third party waive an individual's Fifth Amendment > rights in subsequent criminal inquiries? This is a very important question and it gets to the heart of the matter. Paul E. Baclace peb@procase.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: George A. Gleason Date: Fri, 16 Apr 93 19:30:03 PDT To: tcmay@netcom.com Subject: Re: Key Registration and Big Brother--Time to Fight! Message-ID: <199304170224.AA04394@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Instead of a conference call in clear voice, how about doing it online from the various meetings, and encrypted? What would it take to set up a broadcast encryption system that will work in chat mode...? A conference call in clear voice is almost certain to be monitored, and I would bet that it would yield a whole lot more high-grade intelligence than we would usually expect: first of all, voices of all participants (for later use in voiceprint recognition surveillance), second, all the background discussions, and third, a lot of the kind of deliberation and working-through-things that ordinarily gets filtered out by the process of posting things to this list. Yes, they can theoretically send visitors to our meetings. But realistically this is more labor intensive and potentially risky than recording a conference call which has all the meetings on line. Let's not go leaving any huge holes, please...! -gg From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: rclark@nyx.cs.du.edu (Robert W. F. Clark) Date: Fri, 16 Apr 93 18:25:07 PDT To: cypherpunks@toad.com Subject: ietf-telnet-encryption.01.txt Message-ID: <9304170126.AA08500@nyx.cs.du.edu> MIME-Version: 1.0 Content-Type: text/plain Does anyone know why this Internet draft was deleted? I've sent a quick message to Internet-drafts@nri.reston.va.us to determine the reason. Will report. It sounds a little suspicious to me, though. Snag those copies of PGP while you can. Expect trouble in coming months. ---- Robert W. Clark rclark@nyx.cs.du.edu PGP signature available by mail or finger From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Fri, 16 Apr 93 16:58:08 PDT To: extropians@gnu.ai.mit.edu Subject: "Big Brother" Proposal Message-ID: <9304162357.AA28273@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain It has been suggested that we start refering to the latest Encryption Initiative by the feds as the "Big Brother" proposal. I think this is an excellent idea. If we can get the media to adopt the term, it means that every time someone refers to the proposal they have already given our propaganda slant to it. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Fri, 16 Apr 93 20:05:41 PDT To: cypherpunks@toad.com Subject: a cypherpunk's clipper reaction Message-ID: <9304170302.AA10041@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Fellows: I will, in the coming weeks have much more to say on the matter of this Clipper chip proposal. For now, however, I have only one thing to say. No compromises. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@pmantis.berkeley.edu Date: Fri, 16 Apr 93 20:09:56 PDT To: cypherpunks@toad.com Subject: No Subject Message-ID: <9304170312.AA19797@pmantis.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain With regard to the White House's attempt to force the "Clipper" on you: I guess the time has come for the Cypherpunks to break their 'political teeth'. This issue is squarely on point with the purpose of the cpunks and needs to be addressed. The best thinkers on these topics are on this list (as are many libertarian thinkers). The Cypherpunks have gotten a fair amount of media play as of late and I think those interested in privacy and security are frothing at the mouth. I know in general cpunks dont believe in the necessity for leaders, but leader'ship' is a different matter. I believe that there are people here with the knowledge to fight against this proposal. So, Cypherpunks, step to the political plate. > In the past, it has >been possible to preserve a government capability to conduct >electronic surveillance in furtherance of legitimate law >enforcement and national security interests, while at the same time >protecting the privacy and civil liberties of all citizens. Just some levity to start off with :-) >The Attorney General of the United States, or her representative, >shall request manufacturers ... I read this differently than does Tim. "shall" coupled with "request" actually equals ambiguity and seems not to compel anyone. Im sure that the language was meant to confuse though. >In making this decision, I do >not intend to prevent the private sector from developing, or the >government from approving, other microcircuits or algorithms that >are equally effective in assuring both privacy and a secure key- >escrow system. Well, the door does still appear to be open for private circuit development and a better escrow system (better?). This does lend credence to the opinion that this may just be a very forceful suggestion and not an order per se. >The Attorney General shall make all arrangements with appropriate >entities to hold the keys for the key-escrow microcircuits >installed in communications equipment. Gotta agree with Tim that this appears to be an incredibly obvious backdoor to all telecommunications equipment. This should be made clear in any public statements about this document. > The Attorney >General shall review for legal sufficiency the procedures by which >an agency establishes its authority to acquire the content of such >communications. OK. This might be the key to the downfall of this proposal. The Govt appears to be showing its weak hand here. They have either not thouroughly addressed the legal concerns or they are standing on shaky legal ground. I believe there could be a number of problems (legally speaking) with the proposal. Seperation of Powers, Commerce concerns, penumbra Right to Privacy, etc just to name a few. Well, I guess Im off to the library to research another interesting, yet inapplicable directly to my legal studies, topic. (As if I dont spend enough time in the library) I guess if she's gonna review the legal sufficiency there should be no problem with me 'parallel processing' that same information. > Further, the Attorney General >shall utilize funds from the Department of Justice Asset Forfeiture >Super Surplus Fund to effect this purchase. Surplus...what happened to the defecit? :^) In general I believe that this event calls for a public expression of intellectual disagreement. An assertion of the power of the ideas expressed on this list will put the Cypherpunks in the discourse of public policy. Obviously, it should be well thought out and expressed in the most positive way. Calm, cool, calculated response will gain the cpunks respect, a knee jerk, emotional response will only get our ideas ignored. If politics doesn't work there also appears to be an economic out. Creating REAL encryptive circuits whose keys are not held by the government but rather by the owner. Private enterprise and a result to our concerns for liberty appear amenable. So any hardware cypherpunk hacks, get out your tools. Finally, a simple analogy. The current state of the law does not require me to register the key to my home with a government agency so that they can gain access to my home in a more efficient way if they feel the need. I keep the key and the control (until they break down my door). In that case, the value is placed on my freedom, not the efficiency with which the police could access my private communications. There are reasons that search warrents were 'initially' difficult to acquire and reasons why it should be difficult to access my home (i.e. they must break down my door.) Those reasons dealt with the severity of encroachment upon my privacy and rights thereto. In fact, that is the reason given for the remaining formalistic requirements of the necessity of prior judicial consent for warrents. No, the judge does not ponder long and hard about whether to give the warrent. Rather, the purpose is to give the officers pause. The ritual is designed to make the parties involved at least ponder the severity of their actions. This proposal would only make invasions of our privacy easier to achieve and eliminate obstacles in the way of officers, giving them even less time to ponder the severity of their encroachment. //////////////////////////////////////////////////////////////////////////////// VOLTAIRE Studying the law, Finding the flaws, Creating a light, Out of the night! //////////////////////////////////////////////////////////////////////////////// Tim- Aren't we closer than 10 mins. to midnight??????? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Arthur Abraham Date: Fri, 16 Apr 93 20:21:03 PDT To: cypherpunks@toad.com Subject: 1984 deja vu Message-ID: <199304170320.AA14330@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain If you haven't heard about John Markoff's article yet, it' cause you've been spending all your time reading Cypherpunks instead of the front page of the Friday NY Times... read it now. There's an awful lot to be said about this article, mostly we know what it is, and mostly we agree about it. This a major social issue that must be corrected, so here's my proposal: ==> DON'T POST ANYTHING ABOUT THE MARFKOFF ARTICLE. <== We shouldn't waste time writing each other letters that we'll learn nothing by reading. We should spend that same time writing to newspapers, congress people, phone companies, Clinton, Gore, and anybody else who thinks they can get away with this because they feel the citizenry either doesn't care about or doesn't understand the issues. What I want to see in re this issue on this list is something I don't already know, like the name and address of AT&T's president's secretary -- s/he'll complain to the prez if enough privacy mail arrives. Be imaginative, be active, rattle cages, but telling me how pissed you are won't change a thing, except to decrease the time we're both spending on doing something effective. Be effective. Please. -a2. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eli Brandt Date: Fri, 16 Apr 93 20:26:05 PDT To: cypherpunks@toad.com Subject: Re: ANON: Chaining suggestions In-Reply-To: <930416165143_74076.1041_FHD34-1@CompuServe.COM> Message-ID: <9304170325.AA25696@toad.com> MIME-Version: 1.0 Content-Type: text/plain > From: Hal <74076.1041@CompuServe.COM> > I don't think the idea quite works in this form, since I don't see how > messages to Julf get translated to an12345. Presumably only messages > from one specific user should get posted under this ID (the user whose > address is buried in the encrypted return address to which Julf's > remailer will forward replies). Perhaps another set of commands is > needed to tell the remailer what ID to use to post under. I don't know what Eric was thinking, but I was thinking as follows: * I send a message to the nymserver, telling it to create a nym entry. The body of the message is a public key. All further commands to the server must be signed by this key. * I then send a message to the nymserver, telling it to add a return block to the nym's list of return addresses. (signed) * Another (signed) command sets up a human-readable name, if I wish. Now we're in business. * Joe User sends a message to eli-alias@nymserver. The server looks up eli-alias, picks the preferred return path, and richochets the message out. * or, I tell the nymserver to post vitriol to alt.fan.clinton under the name "eli-alias". Again, the command must be correctly signed. (Can PGP let me rename my eli-alias private key to something innocuous -- like "test3"? This would provide some deniability if they seize my secring.pgp -- they need no passphrase to see the names of the keys on it. Denied this information, can `they' associate private and public keys in some way?) Hopefully, all commands to the nymserver would be encrypted with its public key. They might well be bounced to it through anonymous remailers, or sent with whatever other anonymity tech -- such as DC-nets -- is available. Yanek, were you setting up an experimental DC-net? How's it look? Any holes here? The requirement of a signature on all commands is parallel to the present use of a password, but far more secure. It provides continuity of identity, rather than the present use of return address. Attack this protocol, folks. Now, this does look like a lot of hair to add to penet. Maybe I should learn perl and write a remailer. Heh. (Aside: anybody here running linux? Do you know of a non-destructive repartitioner?) > Hal Finney Eli ebrandt@jarthur.claremont.edu (with a big disk and a small flaky tape drive) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Meyer Date: Fri, 16 Apr 93 19:16:21 PDT To: cypherpunks@toad.com Subject: The New Mykotronix phones... In-Reply-To: <199304161954.AA20309@access.digex.com> Message-ID: <19930417021528.5.MEYER@OGHMA.MCC.COM> MIME-Version: 1.0 Content-Type: text/plain Date: Fri, 16 Apr 1993 14:54 CDT From: Peter Wayner Okay, let's suppose that the NSA/NIST/Mykotronix Registered Key system becomes standard and I'm able to buy such a system from my local radio shack. Every phone comes with a built in chip and the government has the key to every phone call. I go and buy a phone and dutifully register the key. What's to prevent me from swapping phones with a friend or buying a used phone at a garage sale? Whooa. The secret registered keys just became unsynchronized. When the government comes to listen in, they only receive gobbledly-gook because the secret key registered under my name isn't the right one. Knowing nothing except what I've read on the net today, I suppose that while scrambling the phone conversation the chip inserts in the data stream some ID (perhaps once per second) to tell the govt. which chip is doing the scrambling. This would allow multiple trapdoor keys (as claimed) and also there would be no need for phone users to register. The chip might also insert the number of the phone originating and/or receiving the call, though presumably the wiretappers would already know this. -- Peter Meyer From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Fri, 16 Apr 93 21:19:43 PDT To: cypherpunks@toad.com Subject: IMPORTANT--WE WON......NOT! Message-ID: <9304170419.AA26923@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Sandy Sandfort looks on the bright side. Unfortunately, I can't agree with him. He writes: >FIRST, THE BAD NEWS--The government wants to control encryption. >Though they are playing coy about it, it's clear that eventually >they will try to ban "the good stuff." It's clear Zimmermann, >and others, have gotten their attention. > >NOW, THE GOOD NEWS--I t d o e s n o t m a t t e r. The game >is over. We won. The government may engage in holding actions, >but it still doesn't matter. What we have here, is the State's >pitiful attempt to make the best of a bad situation. This >amazing "policy" announcement is a tacit admission of defeat. > >HOW CAN I BE SO SURE?--The cat is out of the bag. Free, mil spec >data encryption is readily available to all. Within a year, >equivalent voice encryption freeware will join it. There is no >way the government can stuff the encryption cat back in the bag. >They can pass their laws. We will do as we please--and they will >help us. ...rest of post elided.... Drugs are freely available on nearly every inner city street corner. The "cat is out of the bag," as you say. And yet.... - the War on (Some) Drugs.... - mandatory hard time for first offenses (ask the Santa Cruz kid doing 10 years without parole for possession of some amount of acid...the weight of the blotter paper kicked it up to the 10-year level) - civil forfeiture... "We find a roach, we get your yacht." - midnight raids, often killing innocent citizens (ask the Malibu retired guy who got zapped by the Feds...turns out they'd already greedily started to divvy up his land to various parks...and of course he was totally innocent--and now dead) - "D.A.R.E."-type brainwashing of children, encouraging them to turn in their parents ...and so on. You should all know about these things, on this of all days (16 April 1943, 50 years ago, was the discovery of LSD). Restricting crypto means the government has a big club they use to threaten, intimidate, force cooperation, etc. Just like with taxes, drugs, and everything else they control. Under the civil forfeiture laws, my assets (which I depend on to live out the rest of my life on!!) could be seized if the government suspects I'm using "illegal crypto." Not under current laws, but certainly under the laws that follow from the "Clinton Clipper." Anyone with assets to seize--a house, a business, a stock account--becomes a fair target. > > But never doubt it, W E H A V E W O N. > No, but we haven't lost yet. -Tim -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Meyer Date: Fri, 16 Apr 93 19:42:56 PDT To: cypherpunks@toad.com Subject: White House Encryption idea In-Reply-To: <9304162014.AA05785@spiff.gnu.ai.mit.edu> Message-ID: <19930417024202.6.MEYER@OGHMA.MCC.COM> MIME-Version: 1.0 Content-Type: text/plain Date: Fri, 16 Apr 1993 15:13 CDT From: treason@gnu.ai.mit.edu Well, this all sounds fine and dandy, but... 1) They are not passing out the algorithym, and I dont trust ANYONE to tell me its secure. ... 4) No explanation of what the 'key' contents are composed of (numbers, letters, alphanum, characters, some odd cyphercode???) is even implied. 5) No explanation of how the key is propegated or if it will even be needed for the remote site is mentioned. How are the remote sites going to decypher your cyphersounds(text)? There was no mention of further releases in information...is this all we get? treason@gnu Question (5) is particularly acute. Offhand I can think of two ways the remote site might decrypt the message: 1. If the two phones can talk to each other then the originator phone might ask the receiver phone for its public key (as in public key cryptography) and then use this to encrypt the message. (The receiver phone then decrypts with its private key.) But since the encryption is occurring in real time, this is probably not feasible unless short keys are used. 2. The originator phone might simply send the encryption key down the line, perhaps itself encrypted or disguised in some way. If so then it might not be too hard to discover the key. In this case all security lies in ignorance of the encryption algorithm used (violating crypto- logical principles). It probably wouldn't be too long (at most a year or so) before someone figures out what the algorithm is, in which case all security is compromised. However, security in particular cases is relative to the expertise of the attacker, so it might still be the case that one's neighbors and business competitors could not decrypt the message, even if XYZ Security Consultants could. -- Peter Meyer From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Meyer Date: Fri, 16 Apr 93 20:20:59 PDT To: cypherpunks@toad.com Subject: New versions of encryption software released Message-ID: <19930417032006.8.MEYER@OGHMA.MCC.COM> MIME-Version: 1.0 Content-Type: text/plain I suppose I could use a fig leaf to cover the price of this software so that this posting might seem less "commercial", but - what the hell - this isn't sci.crypt and we're not concerned with maintaining academic purity. This encryption software is available *now*. You might consider shelling out a few bucks (which allows you to make use of the result of a few years' work) before the govt. makes it illegal to buy, sell or use encryption software. New Version Release Announcement Dolphin Software releases three new versions of MS-DOS encryption software Dolphin Software's data encryption software has been released in two new versions, Dolphin Encrypt (V. 2.11) and Dolphin Encrypt Advanced Version (V. 2.10). The encryption routines are also available as a C function library. Both Dolphin Encrypt and the Advanced Version use a symmetric key encryption process to encrypt data on MS-DOS computers, and can encrypt multiple files with a single command. File pathnames are supported and there is extensive error checking. If you wish to transmit encrypted data as email then Dolphin Encrypt can be told to output the encrypted data as text. There is no limit on the size, the type or the number of files. Files are normally compressed during encryption. Screen output can be sent to a file or to a printer for a record of operations. The encryption process, described in detail in the documentation, relies partly on the RSA Data Security, Inc., MD5 Message Digest Algorithm. The Advanced Version has all of the features described above, and also encrypts whole floppy disks. All common disk sizes are supported and are automatically recognized. Additional command line options are supported, including the options of echoing or not echoing the encryption key during entry. There is a decrypt-and-display-only option (with no plaintext written to disk). The Advanced Version can be run silently from another application program to encrypt or decrypt files. It has a script language (with if-else-endif) which allows automation of frequently-performed, complex or conditional operations. The Advanced Version comes with utility programs to read multiple text files, compare files, purge files and wipe a disk clean of data; these can be called from scripts. The Dolphin Encryption Library is a C function library containing functions for encrypting and decrypting blocks of data in memory (from 1 byte to about 10K in size). Complete source code is included. Dolphin Encrypt is priced at $64.00 and the Advanced Version at $128.00. The function library is available for licensing to developers. For more information contact Dolphin Software at 4815 W. Braker Ln. #502, Austin, TX 78759 (phone 512-479-9208). From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Fri, 16 Apr 93 22:26:39 PDT To: cypherpunks@toad.com Subject: Q&A DataBase In-Reply-To: <01GX1S55DSEA0005UJ@ksuvxb.kent.edu> Message-ID: <9304170523.AA17229@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Re: Q&A (a DOS database program) > Hello All, does anyone know much about the this program? >I would like to be able to pick the passwords out of the database file. One of the purposes of cypherpunks is to figure out stuff like this and to help others learn how to do it. In short, you figure it out, and tell us. To begin with, make a database with some permissions. Make a complete copy of that database in another directory. Now change exactly one password by exactly one letter. Use a differencing tool to find the differences. Save this copy as well. Change the same password again. Check to see if the differences are in the same place. Do the same with different passwords. Correlate this information with the database structures. Write some software to generate plaintext/ciphertext pairs. Get at least a thousand, preferably lots more. You'll use these later to verify that your reconstruction of the algorithm is correct. If the encryption isn't obvious by now (yes, some of this stuff is extremely weak) hook up a debugger to the executable and start looking for the routine which does password encryption. When you find it, reverse engineer it and write a C routine that matches the functionality. Now you'll be considered having done your homework. If you still don't know how to crack passwords after knowing the algorithm, post the algorithm here and we'll look at it. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Sandy <72114.1712@CompuServe.COM> Date: Fri, 16 Apr 93 20:12:35 PDT To: Subject: IMPORTANT--WE WON Message-ID: <930417030350_72114.1712_FHF52-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain _________________________________________________________________ FROM THE VIRTUAL DESK OF SANDY SANDFORT ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ FIRST, THE BAD NEWS--The government wants to control encryption. Though they are playing coy about it, it's clear that eventually they will try to ban "the good stuff." It's clear Zimmermann, and others, have gotten their attention. NOW, THE GOOD NEWS--I t d o e s n o t m a t t e r. The game is over. We won. The government may engage in holding actions, but it still doesn't matter. What we have here, is the State's pitiful attempt to make the best of a bad situation. This amazing "policy" announcement is a tacit admission of defeat. HOW CAN I BE SO SURE?--The cat is out of the bag. Free, mil spec data encryption is readily available to all. Within a year, equivalent voice encryption freeware will join it. There is no way the government can stuff the encryption cat back in the bag. They can pass their laws. We will do as we please--and they will help us. THEY WILL *HELP* US?--The Administration's plan will have one, unintended, result. It will give legitimacy to privacy through encryption. Legitimacy will beget usage. And usage will mean TRAFFIC. Our securely encrypted messages will be hidden in plain sight. Whispers in a wind tunnel. One digitally encrypted phone call sound just like another--no matter what algorithm is used. A PLOY FOR THE PARANOID--Still think the Secret Service is going to get you? No problem. Just *PRE-encrypt* your phone or data communications with your home-made encryption unit, before you re-encrypt it using the government approved model. ("Hey, I don't know why you couldn't use your back door key to eavesdrop on my secure phone. Sounds like a personal problem to me.") THE ELECTRONIC FRONTIER FOUNDATION IS RIGHT, TOO--Yes, we can rejoice because we won. But it is still important to continue the fight against the State's last gasps. Even when the government is in random-walk mode, it's still possible to get stepped on. They have lost, but they can still do us plenty of damage. We should continue to press them on all fronts to secure our victory. But never doubt it, W E H A V E W O N. S a n d y _________________________________________________________________ PLEASE RESPOND TO: ssandfort@attmail.com (except from CompuServe) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Fri, 16 Apr 93 23:10:57 PDT To: cypherpunks@toad.com Subject: (fwd) Re: Once tapped, your code is no good any more. Message-ID: <9304170611.AA29961@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Cypherpunks, I agree with Arthur Abraham that we ought to first make our arguments in public and not preach to the converted here on this list. Unless the ideas presented are Cypherpunks-related. In this spirit, here's something I wrote about the consequences of key escrow. Newsgroups: sci.crypt,alt.security,comp.org.eff.talk,comp.security.misc,comp.org.acm,comp.org.ieee From: tcmay@netcom.com (Timothy C. May) Subject: Re: Once tapped, your code is no good any more. Date: Sat, 17 Apr 1993 04:53:55 GMT Brad Templeton (brad@clarinet.com) wrote: : It occurs to me that if they get a wiretap order on you, and the escrow : houses release your code to the cops, your code is now no longer secure. : : It's in the hands of cops, and while I am sure most of the time they are : good, their security will not be as good as the escrow houses. : : : What this effectively means is that if they perform a wiretap on you, : at the end of the wiretap, they should be obligated to inform you that : a tap was performed, and replace (for free) the clipper chip in your : cellular phone so that it is once again a code known only to the : escrow houses. Getting the court order to reveal the key *also* makes decipherable all *past* conversations (which may be on tape, or disk, or whatver), as I understand the proposal. I could be wrong, but I've seen no mention of "session keys" being the escrowed entities. As the EFF noted, this raises further issues about the fruits of one bust leading to incrimination in other areas. But is it any worse than the current unsecure system? It becomes much worse, of course, if the government then uses this "Clinton Clipper" to argue for restrictions on unapproved encryption. (This is the main concern of most of us, I think. The camel's nose in the tent, etc.) And it may also become much worse if the ostensible security is increased, thus allowing greater access to "central office" records by the government (the conversations being encrypted, who will object to letting the government have access to them, perhaps even automatically archiving large fractions...). This was one of the main objections to the S.266 proposal, that it would force telecom suppliers to provide easy access for the government. One the government has had access to months or years of your encrypted conversations, now all it takes is one misstep, one violation that gets them the paperwork needed to decrypt *all* of them! Do we want anyone to have this kind of power? -Tim May, whose sig block may get him busted in the New Regime -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: x62727g2@usma8.USMA.EDU (Gatlin Anthony CDT) Date: Fri, 16 Apr 93 23:33:04 PDT To: cypherpunks@toad.com Subject: Data Encryption Algorithm Message-ID: <9304170633.AA27514@toad.com> MIME-Version: 1.0 Content-Type: text/plain Fellow Cypherpunks, I am a cadet at West Point and have been involved in developing a new encryption algorithm which I believe is stronger than DES. I realize that many of you enjoy the challenge of breaking encryption schemes and I wondered if you might be interested in trying to break mine. I would be very interested in any analysis that you could give of my system. Please contact me if you are interested. Anthony J. Gatlin |-------------------------------------| CDT PVT, G-2 |PGP Public Key available on request. | |-------------------------------------| From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: greg@ideath.goldenbear.com (Greg Broiles) Date: Sat, 17 Apr 93 01:30:08 PDT To: cypherpunks@toad.com Subject: Re: Clinton Administration crypto proposal/policy Message-ID: MIME-Version: 1.0 Content-Type: text/plain The Clinton Administration's recent proposal, and responses to same from the net community, have left several questions in my mind: o Are these devices intended to be used as isolated pairs - such that two phones/modems/whatever will only speak with each other .. or will any such device speak with any other such device? If any device can communicate with any other device, how is the key(s) for en/decryption for any particular session determined? .. and what prevents an eavesdropper who is present from the beginning of the session from using that data to decrypt the conversation? o According to the EFF response to the proposal, there aren't really two keys, but two 40-bit halves of one 80-bit key. Doesn't this imply that were a "bad guy" able to get just one of those halves, the computing power required to do a brute-force attack is considerably lessened? (I'm asking a question here, not making a statement. I read about this because I think it's interesting but it's not really my field.) o Presumably, these devices will insert into the data stream some sort of "sender ID" which will allow eavesdroppers to know which key(s) they need a warrant for - doesn't this seem to make it pretty easy to keep track of data along the lines of "Station 12345 sent 500 packets to station 31415, who sent 7734 packets in return" .. which would seem to present privacy questions separate from (but dwarfed by :) the security of the encryption itself? Also, cypherpunks readers may find these two snippets from two articles re the proposal interesting (and chilling): --- _NY Times_, 4/16/93, p. A1 (National edition) "The Clinton Administration plans a new system of encoding electronic communications that is intended to preserve the Government's ability ^^^^^^^ to eavesdrop for law enforcement and national security reasons .." --- Eugene, Oregon's _Register-Guard_, 4/16/93, p. 3A "The Clinton Administration is about to announce a plan to preserve privacy in electronic communications, including telephone calls and electronic mail, while also insuring [sic] the government's right ^^^^^ to eavesdrop for law enforcement and national security reasons." --- Emphasis, of course, added by me. The Register-Guard article is taken from the NY Times' article (presumably from a wire service) and consists of paragraphs 2,3,4,5,6,8, and 9 of the NY Times article, with changes to the first paragraph noted above. Grr. -- Greg Broiles greg@goldenbear.com Golden Bear Consulting +1 503 465 0325 Box 12005 Eugene OR 97440 BBS: +1 503 687 7764 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com Date: Fri, 16 Apr 93 22:52:28 PDT To: cypherpunks@toad.com Subject: Big Bubba's Wiretapping Directive Message-ID: <9304170552.AA16461@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text While I don't share Sandy Sandfort's wild optimism, at least steganography becomes a bit easier - the default assumption is about encrypted material becomes "Oh, it's just encrypted with the Tapper Chip, we can break it later" rather than "Oh, boy, it's encrypted, we can confiscate his computer!", and if it gets taken to court, and the wiretap approved by the Rubber Stamp Agency and then isn't able to be decrypted, the average person can say "I don't understand how the Secret Government Wiretapping Chip works, so I can't tell you what's wrong here!" On the more technical side, what precisely does the Mykotoxin chip *do*? Does it generate random keys for DES/etc., saving a copy for later? Or does it actually *do* the encryption with some classified algorithm? If it's the former, the user could presumably replace it with a pin-compatible non-wiretapping random number generator, unless there's some requirement that export-approved systems have soldered-in chips, and a foreign-made version might be compatible with US phones while not being tappable. On the other hand, if the MicroToker chip actually *does* encryption, whether secret-key or RSA or other public-key, or some other essential part of the encryption process, then you *have* to use it to be compatible. Assuming the US approves it for widespread use in phones, etc., it provides an incentive for everybody in the world to use it, especially if the Feds agree to share keys with their fellow governments who can wiretap their own citizens, and gives a boost to the balance of trade by being one product that you've got to buy from the US. Some questions that Clinton's Q&A blatantly stepped around are "When the Two Agencies approve the wiretap, *what* conversations become tappable? Everything they've recorded? The last N conversations? Future conversations only?" "Once one government group has YOUR phone wiretap key from the Two Agencies, can they pass it around to the IRS, FBI, local cops, and everyone else? "What if they make a mistake on a tap - do you have to buy a new phone now that they've spread YOUR phone wiretap key around?" We *do* have to try to control the language here - the Clintonistas are referring to the subjects of a hypothetical wiretap as "the drug smugglers" but we ought to redirect it to "YOUR phone's wiretap key" so people remember we're talking about them and their privacy. It might also be good for us to give examples like "The IRS suspects you're cheating on your income tax so they want to wiretap your phone calls to your accountant, so they do XXXXX." because it feels like something that might happen to THEM. Sigh. Bill Stewart From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: grady@netcom.com (1016/2EF221) Date: Sat, 17 Apr 93 08:18:53 PDT To: cypherpunks@toad.com Subject: fuzzy grep available Message-ID: <9304171519.AA27926@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain "agrep" version 2.0.4 available via anonymous FTP from sunsite.unc.edu (including source) has a feature of cryptographic interest: fuzzy searches. For example, agrep -2 cypherpunks newsgroupspooldirectory would find all occurrence of"cypherpunks" or any such pattern with up to two errors of substitution, addition or deletion. cpyherpunks, cyphernks cipherapunks would all be found, fer instance. And the thing is Boyer-Moore sublinear FAST. Also has egrep features looking for up to 30,000 (yes, thirty thousand) patterns simultaneously with Boyer-Moore speed. For the NSA the applications are obvious: look for a bounch of keys words like revolution Timothy May NSA quickly. For us a good initial use might be to screen out "bad" passwords that are to simply a variant of a normal word. For example, if agrep -3 usr/dict/words or the lyric library, or the star trek location list or whatever, if anything were found then that password FAILS. This is a lot easier to use than other available tools. Like, MacPGP2.2 source, I will mail this on request IF you cannot do anonymous FTP from where you are. Grady Ward From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sat, 17 Apr 93 08:36:36 PDT To: cypherpunks@toad.com Subject: History of Gov. Telecom Interception In-Reply-To: <199304171327.AA03871@sun.Panix.Com> Message-ID: <9304171533.AA04312@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Harry Shapiro mentions what sounds like an excellent little book, titled "The Invisible Weapon" I've made a directory called clipper/ in the ftp site. I'm looking for information to fill it up with. Harry, I'd like to publicly ask you to write an annotated bibliography entry for this book so that I could put it up. Full reference details, of course, two or three sentences describing the contents of each chapter, and a small summary. Thanks in advance. If anyone has an electronic copy of the New York Times article, please send it in. Please send all your submissions via email, as I don't have the necessary permissions to use the incoming directory on soda. Send submissions to hughes@soda.berkeley.edu. Download stuff from soda.berkeley.edu:pub/cypherpunks via anon ftp. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: grady@netcom.com (1016/2EF221) Date: Sat, 17 Apr 93 08:57:57 PDT To: cypherpunks@toad.com Subject: REAL ftp address of agrep tool Message-ID: <9304171558.AA29574@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain The real address is: cs.arizona.edu in the directory "agrep". The incorrect ftp site I mentioned before, sunsite.unc.edu, has some interesting poly sci papers, but not much code. Too many archives. Too little time. Grady Ward From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Harry Shapiro Date: Sat, 17 Apr 93 06:27:41 PDT To: cypherpunks@toad.com Subject: History of Gov. Telecom Interception Message-ID: <199304171327.AA03871@sun.Panix.Com> MIME-Version: 1.0 Content-Type: text/plain Last year Oxford press published a book called The Invisible Weapon - it details, from 1851 - 1945, how governments, esp. the British have used "backdoors" into coded messages to watch/listen/read messages. At one time the British has a strangle hold on world wide telegram service. They made very strong claims that they would never read their clients (often other governments) mail, but instead went to detailed and expensive measures to insure that in fact they could/did. The IBSN # is :0-19-506273-6 We should read this book (I have) so in the up coming debate on the Clipper, we can frame the Clipper in the rich historical context it deserves to be placed in. -- Harry Shapiro habs@panix.com List Administrator of the Extropy Institute Mailing List Private Communication for the Extropian Community since 1991 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Harry Shapiro Date: Sat, 17 Apr 93 06:32:53 PDT To: cypherpunks@toad.com Subject: Big Brother: Post Filtering the Clipper Message-ID: <199304171332.AA03999@sun.Panix.Com> MIME-Version: 1.0 Content-Type: text/plain Some posters have speculated that it might be possible to get a phone, swap it with someone else, and then the feds would not be able to get the correct key-pair. An other poster assumed that each clipper chip would send out some sort of Clipper-ID in plain-text before and/or during and/or after a session. Which causes me to further speculate that it may be possible to filter out these plain text messages. (They are probally built in to the exchange of keys ritual and so can't be filtered out without preventing the Clipper to do it thing...). If they can be filter, filtering them may either be an out right criminal act or be considered probally cause for a warrent to determine why you are filtering them out, etc. -- Harry Shapiro habs@panix.com List Administrator of the Extropy Institute Mailing List Private Communication for the Extropian Community since 1991 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Harry Shapiro Date: Sat, 17 Apr 93 06:40:08 PDT To: cypherpunks@toad.com Subject: Big Brother: Easy to Break Message-ID: <199304171339.AA04237@sun.Panix.Com> MIME-Version: 1.0 Content-Type: text/plain I recall having a conversation at the Boston ExI meeting, talking about super computers and how fast they could break small keys (like 80 bits). I think it was carlf, and I don't recall the exact estimate given, it I think it was on the order of several hours to several days for a fast connection machine class super computer to break such a key by brute force. The NSA certainly has plenty of fast machines, and I assume they will be able to break any clipper based encryption routinely. Certainly as 64-bit, high speed multiprocessors come on line in the next few years it will be easier and easier for even us plain folks to break such keys (although I sure not a simple task). With NSA having the algorithim and access to perhaps at least half the key or perhaps some little bit of "known text" that clippper puts into each message to make it easier to do a known text attack on someone's clipper encoded message, we can assume that the escrowed keys are at best a ruse... -- Harry Shapiro habs@panix.com List Administrator of the Extropy Institute Mailing List Private Communication for the Extropian Community since 1991 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Harry Shapiro Date: Sat, 17 Apr 93 06:47:32 PDT To: cypherpunks@toad.com Subject: Big Brother: Public Escrow is Needed Message-ID: <199304171347.AA04366@sun.Panix.Com> MIME-Version: 1.0 Content-Type: text/plain All the talk about Escrowing of keys by sepeerate agencies is all well and good. However, to be really secure, the computer system they reside on, and all access to it, must be in some way very public and very very limited. The public needs to know that at least one of the key-pairs, can in no we be retrieved except through some very public process. That law enforcement or some cracker doesn't have some back order into teh Escrowed Key Server... As as somebody else pointed out, once my key is know ALL my communication is now "OPEN." Not just what they got a warrent for. Thus, the actual opening of my "mail/voice/etc" should be done in more, again very public place, so they my key-pair (and the cost of replacing it if the warrent is unfounded) is kept secure and never in the hands of any person or agency. In other words, I don't want my key-pair sitting in a non-secured database, to re-used latter (with or without a warrent.) If the key-pair is turned over to someone/agency and I am not found quilty or indicted, etc. I need to be told so I can change my keys, or even have the government pay me for this cost as they have un lawfully taken the value of my Clipper based device away from me. /harry -- Harry Shapiro habs@panix.com List Administrator of the Extropy Institute Mailing List Private Communication for the Extropian Community since 1991 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Harry Shapiro Date: Sat, 17 Apr 93 06:49:42 PDT To: cypherpunks@toad.com Subject: Big Brother: Unlawful Taking Message-ID: <199304171349.AA04451@sun.Panix.Com> MIME-Version: 1.0 Content-Type: text/plain I think the gov. involvement in the Clipper is an unlawful taking against anyone else who has made an investment in selling encryption. RSA, for example. These people should sue the government to talking this multi-billion dollar business away from them. /harry -- Harry Shapiro habs@panix.com List Administrator of the Extropy Institute Mailing List Private Communication for the Extropian Community since 1991 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Dave Banisar Date: Sat, 17 Apr 93 06:52:52 PDT To: CYPHERPUNKS@toad.com Subject: CPSR Statement on White House Plan Message-ID: <9304170958.AA39915@hacker2.eff.org> MIME-Version: 1.0 Content-Type: text/plain CPSR Crypto Statement ----------------------------------------------- April 16, 1993 Washington, DC COMPUTER PROFESSIONALS CALL FOR PUBLIC DEBATE ON NEW GOVERNMENT ENCRYPTION INITIATIVE Computer Professionals for Social Responsibility (CPSR) today called for the public disclosure of technical data underlying the government's newly-announced "Public Encryption Management" initiative. The new cryptography scheme was announced today by the White House and the National Institute for Standards and Technology (NIST), which will implement the technical specifications of the plan. A NIST spokesman acknowledged that the National Security Agency (NSA), the super- secret military intelligence agency, had actually developed the encryption technology around which the new initiative is built. According to NIST, the technical specifications and the Presidential directive establishing the plan are classified. To open the initiative to public review and debate, CPSR today filed a series of Freedom of Information Act (FOIA) requests with key agencies, including NSA, NIST, the National Security Council and the FBI for information relating to the encryption plan. The CPSR requests are in keeping with the spirit of the Computer Security Act, which Congress passed in 1987 in order to open the development of non-military computer security standards to public scrutiny and to limit NSA's role in the creation of such standards. CPSR previously has questioned the role of NSA in developing the so-called "digital signature standard" (DSS), a communications authentication technology that NIST proposed for government-wide use in 1991. After CPSR sued NIST in a FOIA lawsuit last year, the civilian agency disclosed for the first time that NSA had, in fact, developed that security standard. NSA is due to file papers in federal court next week justifying the classification of records concerning its creation of the DSS. David Sobel, CPSR Legal Counsel, called the administration's apparent commitment to the privacy of electronic communications, as reflected in today's official statement, "a step in the right direction." But he questioned the propriety of NSA's role in the process and the apparent secrecy that has thus far shielded the development process from public scrutiny. "At a time when we are moving towards the development of a new information infrastructure, it is vital that standards designed to protect personal privacy be established openly and with full public participation. It is not appropriate for NSA -- an agency with a long tradition of secrecy and opposition to effective civilian cryptography -- to play a leading role in the development process." CPSR is a national public-interest alliance of computer industry professionals dedicated to examining the impact of technology on society. CPSR has 21 chapters in the U.S. and maintains offices in Palo Alto, California, Cambridge, Massachusetts and Washington, DC. For additional information on CPSR, call (415) 322-3778 or e-mail . ====================================== From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Dave Banisar Date: Sat, 17 Apr 93 07:09:13 PDT To: CYPHERPUNKS@toad.com Subject: More info on Clipper Chip Message-ID: <9304171015.AA20088@hacker2.eff.org> MIME-Version: 1.0 Content-Type: text/plain Comments on White House Clipper Plan I attended the "interesting" NIST press conference yesterday on the "Clipper Chip" and may be able to clear up a few quaestions. According to NIST: The Chip has 4 functions, including Key Encryption Serial Number Escrow functionality Thus, it sounds like a key management system may have to be built into the devices that will be sold with the chip. However this means that they will also be able to determine which key to get becuase they will know the serial number. It also seems likely that once your key is compromised, its gone forever. This is a serious problem The Attorney General will determine next week who will be the escrow agents for this. I am willing to bet $ that NIST/Commerce will be one of them (not a lot, after all, I do work for a non-profit). Everything about this proposal is classified. The chip is classified but even more disturbing, the president directing ordering a review into crypto policy is also classified. CPSR has already filed 11 FOIA requests for all information, including the directive. You can expect that we will be filing suit shortly to get those documents and force this out into the open. When I questioned them about why the review was happening after the proposal, they did not answer me. This is not 1984 all over again-its '86. The NSA tried this exact same "black box" proposal (minus the escrow) in 1986. Industry laughed them out of the park. NIST also stated that the proposal has been implimented for 14 months and they (NSA actually) have been working on it for at least 4 years. AT&T announced yesterday that will will begin selling devices with these Clippers in them immediatly. We've been sold down the river by ma bell again. Dave Banisar CPSR Washington Office From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: KINNEY WILLIAM H Date: Sat, 17 Apr 93 09:55:59 PDT To: ebrandt@jarthur.Claremont.EDU (Eli Brandt) Subject: Re: Proposal for anon chaining In-Reply-To: <9304161717.AA15797@toad.com> Message-ID: <199304171655.AA24267@spot.Colorado.EDU> MIME-Version: 1.0 Content-Type: text/plain I write: > > This seems to me to be a very robust pseudonymous mail system which > > could be implemented by relatively minor changes to the existing Cypherpunk > > remailer structure. Eli writes: > This appears to be the ARA system that was previously suggested, > which I was speaking of using with penet. Your comment that changes > would be needed implies that it is different; if so, could you > clarify the difference? No, evidently I wasn't reading carefully enough. These do appear to be the same. > The reason Eric suggested hanging this off the side of a pseudonym > server is that it is rather inconvenient in its pure form, Although I would suggest making the raw data available to those who wish to bypass the nym server for some reason. Say, a "Request-Routing-Header ", command. Although I imagine you guys have your hands full getting even a basically functional version up. -- Will From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Sat, 17 Apr 93 11:31:11 PDT To: dmandl@shearson.com (David Mandl) Subject: Re: Phil Zimmerman on the Radio In-Reply-To: <9304161840.AA17929@tardis.shearson.com> Message-ID: <9304171830.AA25558@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain > FYI, for those of you in the NYC area, I'm going to be conducting a > brief interview with Phil Zimmerman (author of PGP) on my radio show > tomorrow to discuss the recent NSA/Big Brother crypto developments > (see the front page of today's New York Times). Anyone get a tape, or transcript of this. I'd really like to hear it. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | | But, I was mistaken. |available| | +-----------------------------+---------+ | mdiehl@triton.unm.edu | "I'm just looking for the opportunity | | mike.diehl@fido.org | to be Politically Incorrect! | | (505) 299-2282 | | +-----------------------+---------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Bill Sommerfeld Date: Sat, 17 Apr 93 10:36:45 PDT To: cypherpunks@toad.com Subject: Boston Globe article 4/17/93 Message-ID: <9304171657.AA00125@orchard.medford.ma.us> MIME-Version: 1.0 Content-Type: text/plain [I've called the Globe to complain about their swallowing the government's story, hook, line, and sinker; I suggest others do likewise...] US reveals computer chip for scrambling telephones By John Mintz Washington Post WASHINGTON -- The White House yesterday announced its new plan to prevent criminals, terrorists, and industrial spies from decoding communications over telephones, fax machines, and computers while ensuring the government's ability to eavesdrop. The plan features a $1200 government-developed computer chip embedded in a scrambling device the size of a small notebook, which the government hopes will be adopted as the universal means of encryption. The Clinton administration said the technology will balance the interests of civil libertarians, corporations, and individuals on the one hand against law enforcement and intelligence agencies on the other. The official White House announcement yesterday was the endorsement of the Clipper Chip, developed by NSA, as the government standard for encryption devices. Industry and US officials said that means the Clipper Chip also will become widely accepted in corporate America, because companies and individuals desiring to do business with federal agencies that encode their information would have to use the government's standard. The success of the government's initiative depends on the willingness of companies to accept encryption that the government can crack. AT&T announced yesterday it would use the new chip in all its secure nongovernment telephones. The NSA has licensed two California firms to manufacture and market the Clipper Chip, officials said. The price is expected to drop to about $25 each, they said. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mail Delivery Subsystem Date: Sat, 17 Apr 93 20:29:11 PDT To: habs@Panix.Com Subject: Returned mail: User unknown Message-ID: <199304172211.AA00916@sun.Panix.Com> MIME-Version: 1.0 Content-Type: text/plain ----- Transcript of session follows ----- While talking to toad.com: >>> RCPT To: <<< 550 ... User unknown 550 cyhperpunks@toad.com... User unknown ----- Unsent message follows ----- Received: by sun.Panix.Com id AA00914 (5.65c/IDA-1.4.4 for cyhperpunks@toad.com); Sat, 17 Apr 1993 18:11:23 -0400 Received: by sun.Panix.Com id AA29602 (5.65c/IDA-1.4.4 for habs); Sat, 17 Apr 1993 17:42:12 -0400 Date: Sat, 17 Apr 1993 17:42:12 -0400 From: Mail Delivery Subsystem Message-Id: <199304172142.AA29602@sun.Panix.Com> To: habs Subject: Returned mail: User unknown Sender: habs ----- Transcript of session follows ----- While talking to toad.com: >>> RCPT To: <<< 550 ... User unknown 550 cypherpunk@toad.com... User unknown ----- Unsent message follows ----- Received: by sun.Panix.Com id AA29600 (5.65c/IDA-1.4.4 for extropians@gnu.ai.mit.edu); Sat, 17 Apr 1993 17:42:12 -0400 From: Harry Shapiro Message-Id: <199304172142.AA29600@sun.Panix.Com> Subject: PGP & RSA -> Legal To: cypherpunk@toad.com, extropians@gnu.ai.mit.edu (Harry Shapiro) Date: Sat, 17 Apr 1993 17:42:11 -0400 (EDT) Reply-To: habs Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Content-Length: 698 I recall at some point that RSA put something out on the net which allowed anyone to use the "patents or source code" for non-commercial use. Do I remember correctly? (I replied to the announcement) If I am remembering correctly, would that give me a defacto licensing of PGP for con-commercial use? The reason I bring this up is that if the feds crack down, they many decide to "help" RSA by legally fighting PGP users. Which why it would be in our interest to legally (patent-wise, despite how you feel about RSA, etc.) use PGP. -- Harry Shapiro habs@panix.com List Administrator of the Extropy Institute Mailing List Private Communication for the Extropian Community since 1991 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Sat, 17 Apr 93 14:25:46 PDT To: cypherpunks@toad.com Subject: An Alliance with RSA? Message-ID: <9304172125.AA28195@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Fellow Cypherpunks, In this message I am urging we all consider an alliance with RSA Data Security, the only company or group able to actually provide an alternative to the "weak crypto" of the Clinton Clipper. I have no idea if RSA is interested, or if in fact they're already in league with the NSA and other privacy clippers. I chose a public forum because I'm in no position to negotiate for anybody in private. I also mailed a copy to Jim Bidzos, in case he's not reading sci.cryt right now. -Tim Newsgroups: sci.crypt,alt.security,comp.org.eff.talk,comp.security.misc,comp.org.acm,comp.org.ieee From: tcmay@netcom.com (Timothy C. May) Subject: Re: Don't fight Clipper Chip, subvert or replace it ! Date: Sat, 17 Apr 1993 21:09:13 GMT Robert Lewis Glendenning (rlglende@netcom.com) wrote: : Clipper Chip is a response to the fact that there is no business : or professional body in a position to establish a standard and : provide chipsets to implement it for analog or digial transmission : systems. : : RSA might be in position to do it, if they had active cooperation of : a couple of manufacturers of cellular phones or desktop phones. ....... : Is RSA independt of the gov enough to spearhead this? I, for one, : would *gladly* pay royalties via purchasing secure phones. Hear hear! I completely agree that we need to work quickly to establish alternatives to the government's Clinton Clipper. As Brad Templeton and others have noted, once the Clipper becomes ensconced in enough phones there will be enormous pressure to make it the *legal* standard, and it will become the "market* standard as well. (There is a lot of confusion in the proposal about whether the use of Clipper is mandated, about whether non-escrow alternatives will be allowed, etc.) (There are also unclear issues about how hard, or how illegal, it will be to make "workalikes" which meet the standard but which generate phony or untappable keys...I'm sure the next several weeks will see these issues thrashed out in this and other groups.) Meanwhile, I'd be interested to hear RSA Data Security's reaction. Often criticized in this group for their licensing policies (the usual complaints about MailSafe costing too much, at $125 or so, and the general issue of software patents...), we may find that *allying* ourselves with RSA is the best thing we can do. What's a mere licensing fee when our liberty may be at stake? (If everyone who wanted true security paid, say, $100 for a lifetime use of all of RSA's patents--which expire in the period 1998-2002, or so--then RSA would make tons of money and be happy, I'm sure. A small price to pay. For those to whom $100 sounds like too much, I'm sure the actual terms could be different, spread out over several years, whatever. To me, it's a small price to pay.) Strong crypto means strong privacy. Escrowing keys, sending copies of keys to large databases, and splitting keys into two 40-bit pieces, all done with secret and non-analyzable protocols and algorithms, is *NOT* strong crypto! Whatever some of us may think about the abstract principles of patenting number theory applications, this minor issue pales in comparison with the potential dangers of the Clipper proposal (note that I said "potential"...we'll presumably learn more in the coming months). The RSA algorithms are at least public, have been analyzed and attacked for years, and source code is available (to better ensure no deliberate weakenesses or trapdoors). I know of a number of groups putting together voice encryption systems using off-the-shelf hardware (like Soundblaster boards for the PC) and CELP-type software. The new generations of PCs, using fast 486s and Pentiums are fast enough to do real-time voice encryption. Combined with Diffie-Hellman key exchange, this should provide an alternative to the Clipper system. Of course, we don't really know if the Administration proposes to outlaw competing systems. (It seems to me that their goal of tapping terrorists, child pornographers, and Hilary bashers would be thwarted if low-cost alternatives to Clipper proliferated. Not to defend child pornographers or terrorists, but limiting basic freedoms to catch a few criminals is not the American way of doing things. End of soapbox mode.) I suggest we in these groups set aside any differences we may have had with RSA (and don't look at me....I have both MacPGP *and* a fully legal copy of "MailSafe"!) and instead work with them as quickly as we can. RSA?, Jim?, are you listening? -Tim May P.S. I reserve the right to retract these opinions if it should turn out that RSA Data Security was involved in the Clipper proposal. -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Sat, 17 Apr 93 14:00:59 PDT To: cypherpunks@toad.com Subject: Automation package. Message-ID: <9304172100.AA00859@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain Since I've been using encrypted mail for about a month, now, I've developed a few usefull batch files and telix script files. Would anyone be interested in having them. For the most part, they're pretty simple, but I use them, and they work. ;^) I don't use the perl scripts that came with pgp since I don't trust the phone connection. I xfer encrypted messages and read them at home. BTW, I use 4dos version 4.02 as opposed to command.com as my command interpreter; some of my batch files require features that 4dos has that msdos does not. Anyway, 4dos is a much better package than straight pms-dos. I think we need to develope methods to make encryption as simple to use as possible. Is this something that you all are interested in or am I just blowing smoke? ;^) +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | | But, I was mistaken. |available| | +-----------------------------+---------+ | mdiehl@triton.unm.edu | "I'm just looking for the opportunity | | mike.diehl@fido.org | to be Politically Incorrect! | | (505) 299-2282 | | +-----------------------+---------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Harry Shapiro Date: Sat, 17 Apr 93 12:41:41 PDT To: hughes@soda.berkeley.edu (Eric Hughes) Subject: Brief review of "The Invisible Weapon." In-Reply-To: <9304171533.AA04312@soda.berkeley.edu> Message-ID: <199304171941.AA23905@sun.Panix.Com> MIME-Version: 1.0 Content-Type: text/plain a conscious being, Eric Hughes wrote: > > Harry Shapiro mentions what sounds like an excellent little book, > titled "The Invisible Weapon" > > I've made a directory called clipper/ in the ftp site. I'm looking > for information to fill it up with. > > Harry, I'd like to publicly ask you to write an annotated bibliography > entry for this book so that I could put it up. Full reference > details, of course, two or three sentences describing the contents of > each chapter, and a small summary. Thanks in advance. Hope this is close enough: The Invisible Weapon. Telecommunications and International Politics (1851-1945) By Daniel R. Headrick, Prof. of History and Social Sciences at Roosevelt University, author of "The Tools of the Empire" and "The Tentacles of Progress." Copyright 1991 Oxford University Press, Inc. ISBN: 0-19-506273-6 1. Telecommunications - History 2. Telecommunications - Political aspects - History 3. Telecommunications - Military aspects - History 4. World Politics -- 1900 - 1945 5. World Politics -- 19th century From the book jacket - "A vital instrument of power, telecommunications is and always has been a profoundly political technology. In "The Invisible Weapon," Headrick examines the political history of telecommunications from the mid-nineteenth century to the end of world war II, and illustrates how this technology gave nations a new instrument for international relations. Headrick's discusses the political aspects of information technology in modern history. He shows how telegraphy created conflicts in far-flung empires which hastened the deterioration of diplomacy on the brink of the first world war; increased the political interest in controlling news; and how the security of telecommunications made communications strategy, communications intelligence, and cryptography decisive tools during the two world wars." This book is of interest to be because it details all of the positive accepts of why a government "needs" to know everything that is telecommunicated everywhere it can. Even more importantly is shows how the British government routinely intercepted communications sent through British owned telecommunications infrastructure despite publicly claiming they would never do such a thing. It also shows how interception "hastened the deterioration of diplomacy." The Chapters: 1. Telecommunications and International relations 2. The New Technology 3. The Expansion of the World Cable Network, 1866-1895 4. Telegraphy and Imperialism in the Late Nineteenth Century 5. Crisis at the Turn of the Century, 1895-1901 6. The Great Powers and the Cable Crisis, 1900-1913 7. The Beginnings of Radio, 1895 - 1914 8. Cables and Radio in World war I 9. Communications Intelligence in World War I 10. Conflicts and Settlements, 1919 - 1923 11. Technological Upheavals and Commercial Rivalries, 1924 - 1939 12. Communications Intelligence in World War II 13. The War at Sea 14. The Changing of the Guard 15. Telecommunications, Information, and Security /harry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Clark Reynard Date: Sat, 17 Apr 93 17:59:31 PDT To: cypherpunks@toad.com Subject: How to Block the Big Brother Proposal--Petition, fax, mail? Message-ID: <9304180148.AA00469@metal.psu.edu> MIME-Version: 1.0 Content-Type: text/plain I've looked into the issue a little more. I think it's probably the most important cypherpunk issue. Perhaps it _is_ time to write the White House. But I think individual emailed letters to the White House ought to be combined with some sort of petition, carefully drafted, and sent by (telegram/fax/snailmail) and signed by everyone we can get, copied as one of those mailer files like shareware uses for registration, so that anyone can print it out, sign it and stamp it. Though individually-written letters would have a greater impact, the sheer volume of mail achievable by a large crosspost (I don't like massive crossposts, but one is necessary.) of the mailer, even if only .1% of the readership considers it worth doing. In addition, individual letters to government officials of note, in particular Representative Rohrbacker (anyone have an email/ snailmail address?), Lloyd Bentsen and anyone else who potentially could have an interest. Does anyone have any specific input about what ONE person could do to fulfill his part of the obligation to block this lame Nazi bullshit? Again, I think a petition would be a good idea, but getting it signed by everyone would be difficult, and signing it electronically via PGP might be considered just a _mite_ provocative, like making a peace offering to William Bennett by offering him a toke off a J. Any input? ---- Robert W. Clark rclark@nyx.cs.du.edu PGP signature available by mail or finger From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ld231782@longs.lance.colostate.edu Date: Sat, 17 Apr 93 19:55:51 PDT To: cypherpunks@toad.com Subject: BIGBROTHER: a public attack plan in 14 points Message-ID: <9304180255.AA22660@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain Someone please wake me from this nightmare. OK, I'll try to be pragmatic and cut the fiery rhetoric here and avoid choir-preaching. This thing is out. Let's man the battlestations. Here's a nice little summary sheet of things that we should emphasize in public on the proposal, for the tip-of-the-tongue comments to friends, coworkers, and your grandmother. The public stance should be as straightforward and nontechnical as possible. We should attempt to derail the plan on as many nontechnical points as possible, because to attack technical points lends an aura of legitimacy to it, making it sound like `they had good intentions, but it's not going to work.' The truth (of course) is that this proposal is an illegitimate child, this time borne of grotesque bedfellows (e.g. Denning, Clinton and the NSA) but a monster no matter WHO the parents... Without further ado, the 14 Points... 1. Look how the proposal was `handed down' like a unilateral decree. It smacks of a government making decisions for us and excluding us from the process. The whole proposal sounds kind of sinister when viewed in the light of its tone of ``we know what's best for you'' and ``if you don't cooperate, we may have to roll out more nasty things.'' This unilateral handing-down is really obnoxious, because the administration has wholly bypassed the congress and the public at large! It has all the noxious smell of something a dictator (or a naive president prodded by the sheer force of a massively funded secret federal agency) would do. 2. Clearly there has been a huge amount of secret development on this and taxpayer money funding it. Why is it that this process has been wholly shielded from public view until now? Why is so much money being spent on depriving Americans of their rights? Why are we spending so much money to eavesdrop on our neighbors (esp. when they seem like such *nice* people)? It's all so horrifyingly undemocratic and authoritarian and impolite. Does our government have something to hide? Do they think we are too stupid to understand the details? Or are they afraid we would become more disgusted the more we hear? 3. AT&T has already committed, say the rumors, to building phones with the chip. There must be some sleazy backroom collusion between executives of this company and the government. Why were others excluded? Is this part Clinton's vision of free enterprise? Does the government play favorites among companies? Isn't there something blatantly illegal about this? 4. The announcement is outright obfuscatory. It specifically excludes any mention of the NSA when its noninvolvement is a total fantasy. In fact, the sheet in stating that other agencies are behind it is something of a lie in this regard. We should attack the proposal as being absurdly vague on extremely important, *central* points (such as which two agencies carry the keys), but that even if the swiss-cheese-quality holes were diminished, the proposal would *still* be unacceptable; it is fundamentally flawed, a wrong idea that has no merit whatsoever. 5. Here is a neat analogy. Notice how Joe Policeman has to buy his cars at any regular car dealer. We don't get excited when we hear that hoodlums and terrorists and drug dealers can buy cars at the same place. In other words, law enforcement agencies are not entitled to special perks or privileges from private industry. And we don't tolerate extreme obstructions in our ability to buy cars when we have the money, the car is there, and we like it. And the government doesn't restrict us from having cars that can drive faster than policecars. We don't let the government install special boxes in our cars that can cripple them by remote control when a cop is chasing us! (note that analogies have to be perfect or they turn into minutae bogs) 6. More on the free enterprise issue. Why was this single company that created the Clipper Chip favored by the government? What gives them the right to have a monopoly? Why is the government deliberately *creating* a monopoly? It is thumbing its nose at all those other poor hardworking cryptography companies who worked so hard, coming up with better schemes, and were rejected (a little melodrama for grandma there) 7. The chip was developed by `government engineers'. Who? Why is the government in the realm of something that is the role of private industry? What is our government doing creating `state of the art' stuff *at*all*? And why, of all the things they could be improving, are they coming up with a device to invade people's privacy? 8. We have to attack the ``state-of-the-art'' thing ad infinitum. Has the government *ever* come up with something state of the art? Do we Americans want to be state-of-the-art in the field of privacy deprivation? How do we know it is `state-of-the-art' when we can't *look* at it for ourselves, and only hear it from people who are involved in the project saying `trust us, it's way cool'? Even if it was as sophisticated as a Cray Supercomputer, are there just some machines that shouldn't be built? Are there some devices, that, while technically feasible, shouldn't be built? 9. One of the most important claims is that ``this chip provides no new authority to wiretap''. We've got to focus on this one. We can say the constitution specifically prohibits illegal search and seizure, and that we don't really remember who it was that decided that the government had free reign on wiretapping. We can say that it has always been the right of the government to obtain warrents, but it has always been the right of people to speak in codes, and now new technology is *helping* people to exercise a right that has always existed but lay undiscovered because of complexity. 10. In fact, we have to make it sound like new technology like encryption and cyberspace is going to help us rediscover our rights, and that vast government agencies that have been built up because we simply were ignorant of these dormant rights, and are based on our lack of exercising them, are going to gradually dissolve away, like the way those associated with the Cold War have, because they are superfluous. Sure, people will get displaced, and be noisy in their complaints, but their jobs are no longer necessary or even *possible* in the 21st century (allusions to breakup of NSA). In fact, maybe we should get a Privacy Dividend like the much-heralded Peace Dividend when our government agencies no longer have the capability to intercept private communication. How about that--tell the public that we all get a Privacy Dividend if they embrace unbreakable encryption! 11. Notice that the problem with surveillance and wiretapping is that it has always been a catch-22---the government needs the data to prove you are a criminal, but shouldn't have access to that data unless it can prove you are a criminal. Notice that the proposal talks about The solution lay in not wiretapping, of course! And now we have technology to *enforce* this choice. And the proposal talks about `criminals and terrorists' as if we know exactly who they are---but (as I understand it, and last I checked!) that is the point of a court to decide. 12. The plan makes it sound like we can somehow boost technological competitiveness (a real button-pushing hot topic among the public) by protecting the private communications of companies etc. We have to attack this and say that these companies only benefit if they have control over the scheme and it is not `imposed from above' and that when it is `imposed from above' it actually has the effect of *weakening* their technological competiveness, because it restricts their choices into buying something that may not be right for their needs. We should point out that privacy is complex and the ability for the government to foresee all needs is ridiculous, and furthermore even if it had such a capability it would not be its proper role. We have to really drive this one home: privacy choices (i.e. encryption) is an issue that has to be decided by the individual. That's the American Way (tm) -- insert at this point the National Anthem, flag waving, smiling kid eating apple pie. 13. ``The government must develop consistent, comprehensive policies'' regarding the use of the new infrastructure of data highways. Well, yes and no. We should talk about data highways as not like real ones in that people can't have accidents, they are virtually impossible to damage with mere data, they can withstand tremendous strains in traffic, regulating mechanisms are *built in* to the software and hardware, hence the need for government `regulations' is a bit misguided and inapplicable. Also, the government has no business telling you that you can only drive one kind of car, or that your car has to be crippled so it can't go faster than 55 MPH, or that you have to tell them where you're going every time you get in it, etc. 14. The proposal makes it sound like if the government is just shrewd enough, they will always be able to intercept and decrypt traffic. We have to drive home the point that no amount of ingenuity whatsoever can plug the dike of advancing technology, and that it is not the case that we warp or befuddle the technology to support our government--increasingly we will be adapting our government to harness new and powerful technology! I.e. we require a fundamental change in our governing systems, to `access' our newfound rights that have lain dormant for too long via novel technology, and this proposal can be viewed as a `last gasp' of a dying system... Finally, the bright side (really?). We can point out that this proposal, while intrinsically flawed and nauseatingly abhorrent, is bringing into public view important issues of cryptography, that much more sophisticated cryptography will be discovered and widely utilized, that it reveals the true aims of and weaknesses in our government process that we can alter, fix, or remove, that people are starting to realize how much wiretapping is going on and that the sensible and patriotic goal is to not encourage but limit or abolish it (by making it impossible), that it reveals the need for trully strong encryption easily accessable by all the unwashed masses, that it is just a tiny thread starting the weaving of an entirely new colorful tapestry in our nation and our government's history (oops, here comes the blaring music and the flapping flag and the bright-eyed kid again...) I insert my patriotic and emotional salute to us Cypherpunks here... p.s. we should point out that Thomas Jefferson actually came up with a highly sophisticated cryptographic rotor code that was so secure it was used even for a long time at the beginning of this century, and that clearly a Founding Father has a strong commitment to strong cryptography! (see The Codebreakers by Kahn for more info on Jefferson's code) ``If it were necessary to choose between the Government and Privacy, I should not hesitate to prefer the latter...'' ``Give me Privacy, or give me Death...'' p.s. we should point out that Thomas Jefferson actually came up with a highly sophisticated cryptographic rotor code that was so secure it was used even for a long time at the beginning of this century, and that clearly a Founding Father has a strong commitment to strong cryptography! From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Sat, 17 Apr 93 18:52:23 PDT To: cypherpunks@toad.com Subject: repost from sci.crypt Message-ID: <9304180152.AA34123@oliver.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain I just posted this to sci.crypt. You conspiracy theorists out there are probably going to start getting ulcers soon. Marc From: marc@mit.edu (Marc Horowitz N1NZU) Newsgroups: sci.crypt Subject: The source of that announcement Date: 18 Apr 1993 01:19:38 GMT Organization: Massachusetts Institute of Technology Lines: 38 Distribution: world Message-ID: NNTP-Posting-Host: oliver.mit.edu The message from the NIST about the clipper chip comes from the following address: clipper@csrc.ncsl.nist.gov (Clipper Chip Announcement) Just who is that, I asked myself, or rather, I asked the computer. % telnet csrc.ncsl.nist.gov 25 Trying... Connected to csrc.ncsl.nist.gov. Escape character is '^]'. 220 first.org sendmail 4.1/NIST ready at Sat, 17 Apr 93 20:42:56 EDT expn clipper 250- 250- 250- 250- 250- 250- 250- 250- 250- 250- 250- 250 quit 221 first.org closing connection Connection closed. Well, isn't that interesting. Dorothy Denning, Mitch Kapor, Marc Rotenberg, Ron Rivest, Jim Bidzos, and others. The Government, RSA, TIS, CPSR, and the EFF are all represented. I don't suppose anybody within any of these organizations would care to comment? Or is this just the White House's idea of a cruel joke on these peoples' inboxes? Marc -- Marc Horowitz N1NZU 617-253-7788 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Clark Reynard Date: Sat, 17 Apr 93 19:08:56 PDT To: cypherpunks@toad.com Subject: Re: PGP & RSA -> Legal Message-ID: <9304180257.AA00395@metal.psu.edu> MIME-Version: 1.0 Content-Type: text/plain If RSA wished to make it extremely difficult to get its patent revoked, it could raise its regular price to something on the order of $50,000. Then, it could offer a $49,900.00 discount to those who would be willing to perform for them the 'service' of writing to the government to complain about any possible outlawing of cryptographic technology. Then, if the government wished to illegalize this software, since the software was legal at the time of purchase, it could not be confiscated without due payment of value. If thousands of people were to say, "Hey, this software's worth fifty thousand dollars, you have to pay that." It would throw at least something of a legal obstacle in the path of this obscene government menace. Does anyone know of any legal precedent which might be binding to a case of this nature? I know that eminent domain laws are usually _very_ generous in compensation for property seized for public works, if there is even the slightest _trace_ of impropriety in their actions. ---- Robert W. Clark rclark@nyx.cs.du.edu PGP signature available by mail or finger From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: TO1SITTLER@APSICC.APS.EDU Date: Sat, 17 Apr 93 21:53:11 PDT To: cypherpunks@toad.com Subject: Fear Message-ID: <930417225056.12c3@APSICC.APS.EDU> MIME-Version: 1.0 Content-Type: text/plain I just thought I should add that I agree with the last poster. Cryptography will be increasingly hard to learn in the future, if this kind of thing goes on. But it will be ten or fifteen years before anyone has computers which can crack an 128-bit version of DES. I am cryptologically naive, but I think that people can always find privacy when they want it. An underground cypherpunk movement may be the only way to bring up new cryptographers. More important is the issue of equipment. Is a computer communications equipment? If so, we might have clipper chips on our motherboards. Reading input from the keyboard. This is a crisis for privacy. Can someone, preferably the people who run the cypherpunk list, set up a Privacy Advertising Fund? I would be willing to donate money, and hopefully many other cypherpunks would too. We might win that way. Urge people to protest with full-page ads in newspapers. With 30- second TV spots. With demonstrations. I will donate, if it is formed, but I can not form it except under the most extreme conditions. I have no experience in advertising or management. Be afraid. Be very afraid. Kragen Sittler From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Harry Shapiro Date: Sat, 17 Apr 93 20:06:37 PDT To: ji@cs.columbia.edu Subject: Even more Message-ID: <199304180306.AA14149@sun.Panix.Com> MIME-Version: 1.0 Content-Type: text/plain csspab is the first name on the clipper list it expands as follows: Trying 129.6.48.199 ... Connected to mail-gw.ncsl.nist.gov. Escape character is '^]'. 220 mail-gw.ncsl.nist.gov sendmail 4.1/rbj/jck-3 ready at Sat, 17 Apr 93 23:04:29 EDT 250- 250-Bill Colvin 250- 250-John Kuyers 250- 250- 250- 250- 250- 250- 250-Eddie Zeitler 250-Cris Castro 250 -- Harry Shapiro habs@panix.com List Administrator of the Extropy Institute Mailing List Private Communication for the Extropian Community since 1991 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Sat, 17 Apr 93 23:23:43 PDT To: cypherpunks@toad.com Subject: Re: 1st Amendment Clipped? Message-ID: <9304180623.AA28101@servo> MIME-Version: 1.0 Content-Type: text/plain >I then transmit the following and am arrested -- >-----BEGIN PGP MESSAGE----- [cipher text deleted] >Won't the prosecution be embarrassed when I decrypt it in court and present >the plaintext: > 1st Amendment > Congress shall make no law respecting an establishment of [remaining text deleted] No, they won't. Possession of such an OBVIOUSLY subversive document will prove conclusively that you're a dangerous enemy of the state, and must be severely dealt with. You'll be lucky to have a swift and painless execution. Thought for the day: "All I want is peace on earth, good will toward men." "We're the United States Government. We don't do that sort of thing!" --Sneakers (great flick, just saw it. Seemed appropriate.) Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Duncan Frissell <76630.3577@CompuServe.COM> Date: Sat, 17 Apr 93 20:55:09 PDT To: Subject: 1st Amendment Clipped? Message-ID: <930418035104_76630.3577_EHK38-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain Potential First Amendment problems with an encryption ban -- Let's assume that the Clinton administration bans non-Clipper encryption technology. I then transmit the following and am arrested -- -----BEGIN PGP MESSAGE----- Version: 2.2 hIwChU7iviyBI+EBA/sFwcGJ3KIanoLN5d+oFYCeyhIL9m+8GAF/xTQMIoQGX16i zfsnJ8IdgquMDlPBce5fmt/Pz+IzL+Y9H7k+mSchAVv/HiTHUaCusmc5qzFJtis0 z4AiKyOnZT+BuIhs04B2nbUJnyZOTCLVmGiMTi04ZEcftdYz3FxMzUG2SyG++6YA AAGxsWH/fc9TOe4v4RmKtOl713URBrhsBImhcMVwsfWkLcUAHuXiV28K/e0dBX4e UqY73zGWxX8wC3Xd6ccc2cE9oUQHimHLerM5tX70CyyIF8mwOrY9gl+MmUXlrmQu p0KTmphFTltBuw5yRzQ0m8jjU1KR2t4lr8GbpQ+bvFyyLZNKRgfDATPTDNNB5g1F OiFI/Nxjl0ZjkP98rKjOqKpx3iPCSQnZ/LZ9eRKOAHlicrZmIgKHJuqk0XdYB+kr g2X0UVjBWW+xaBNpMbdUtT0HnKDCcOcjFPVP3sKqDCUQaK90PCd9cy18RHnpWiVo /Ri68Kx/s1UKBCK+wO3qQrKmz5vdgu8Mmh5mUXuO9Wzr7VLGqmsOTNdih7flQRvx QNGlSiXnxES2tyTxmSFxcDLXl5aXEbOVbY7BoenxhN0vn/dsHyK3dylcH7ybB1Fh UrroXxB8mLOEyuG84OZm3/zCjL5cuwdDPRBM+UIeFzfla2TXHa+nm7sCzOFA3zF2 Yry5VbmKFV8OrmbX5W0cl0uSNHKBzV+JhVrkccoeZAJfF4tkVb/sS9iv2b+f5Fxz B5u2jQ== =i5Mq -----END PGP MESSAGE----- Won't the prosecution be embarrassed when I decrypt it in court and present the plaintext: 1st Amendment Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the government for a redress of grievances. I don't see how the mere fact of encryption itself fits a message into one of the 1st amendment exceptions -- pornography, national security, libel, etc. Since it is easy to establish in information theory that a cyphertext is a form of *information* itself and not just a *means* of transmitting the information contained in the plaintext, outlawing the encryption of plaintext because the algorithm is unapproved is classic censorship of a writing *because* of its content. Additionally, there are several types of communications that cannot legally be wiretapped. These would include lawyer-client and husband-wife as well as certain others. Since the privacy of these communications requires that you make an effort to keep them private, you could argue that in these cases the use of secure encryption is legally required. The crypto-fascists have used these sorts bluffs ever since the late 1920s when someone was discouraged from publishing a history of the State Department's code office. The NSA also threatened to lock up the developers of the RSA encryption system if they published "A Proposal for a Public Key Encyption System" in the Proceedings of the IEEE in 1977. They published anyway and are still walking around. Don't let them bluff anyone again. It is neither legally nor technically possible to ban secure cryptography. Duncan Frissell From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Harry Shapiro Date: Sat, 17 Apr 93 20:52:37 PDT To: extropians@gnu.ai.mit.edu (Harry Shapiro) Subject: Big Brother: True Names Message-ID: <199304180352.AA16131@sun.Panix.Com> MIME-Version: 1.0 Content-Type: text/plain Here are some background I was able to gather about those people on the csspab@mail-gw.ncsl.nist.gov, who had accounts directly on that machine. Eddie Zeitler is vice president of information security for Fidelity Investment Corp. He used to work for Pacific National Bank, Glendale, Calif., Cris Castro is director of information security programs at SRI International. Bill Colvin is NASA Inspector General John Kuyers is Ernst & Young's Dallas-based regional director of information systems auditing -- Harry Shapiro habs@panix.com List Administrator of the Extropy Institute Mailing List Private Communication for the Extropian Community since 1991 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phil Karn Date: Sun, 18 Apr 93 00:20:07 PDT To: cypherpunks@toad.com Subject: Thoughts on the proposal Message-ID: <9304180722.AA01178@unix.ka9q.ampr.org> MIME-Version: 1.0 Content-Type: text/plain Some points to add, some of which I don't think have been made yet. It is entirely possible that Clinton, if he understands anything at all about this proposal, sincerely thinks that he's helping the cause of personal privacy. Consider that his entire education on the subject of cryptography probably consisted of a 5 minute briefing that probably went something like this: The US government is making available, for widespread public use, encryption technology developed by the greatest cryptographers in the world - NSA's. Civilian cryptographers are simply not capable of producing anything as good, so what does it matter if the keys are registered with the government? Users will still be better off than they are now, so what do they have to lose? And I bet that this would sound perfectly reasonable to the average man on the street, too. Well...I'd say we know better. And we have a big educational job to do. We need to let the public know that civilian cryptography is already quite good. Good enough that the communications industry doesn't need any "help" in the form of new chips from the government to secure its communications, thank you very much. And simple and cheap enough that it would have already have been made widely available in products such as digital cellular telephones if the government hadn't considered it "too good" and done everything they could behind the scenes to stop it. Clinton needs to learn that if he *really* wants to help the cause of civilian cryptography, he only needs to call off the goons over in NSA. We don't need their "help". We just want them to get the hell out of our private conversations and our private lives. Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Harry Shapiro Date: Sat, 17 Apr 93 21:25:38 PDT To: cypherpunks@toad.com Subject: More True Names: The NIST Security Board Message-ID: <199304180425.AA17780@sun.Panix.Com> MIME-Version: 1.0 Content-Type: text/plain The csspub mailing list: csspab@mail-gw.ncsl.nist.gov, and address on the clipper mailing list, seems to contain basically the members of the NIST security board. In addition to the names already posted, their true names are as follows: burrows@ecf = James Burrows a director of NIST's National Computer Systems Laboratory mcnulty@ecf = F. Lynn McNulty an associate director for computer security at the National Institute of Standards and Technology's Computer Systems Laboratory Gangemi@dockmaster.ncsc.mil = Gaetano Gangemi is director of the secure systems program at Wang Laboratories Inc. He wrote: Computer Security Basics by Deborah Russell and G. T. Gangemi, Sr. -1991, O'Reilly and Associates slambert@cgin.cto.citicorp.com = Sandra Lambert is vice-president of information security at Citibank, N.A. lipner@mitre.org = Lipner is Mitre Corp.'s director of information systems. gallagher@dockmaster.ncsc.mil = Patrick Gallagher, director of the National Security Agency's National Computer Security Center and a security board member walker@tis.com = Stephen Walker a computer security expert and president of Trusted Information Systems, Inc. in Glenwood, Md willis@rand.org = Willis H. Ware a the Rand Corp. executive who chairs the security board. whitehurst@vnet.ibm.com = William Whitehurst is a security board member and director of IBM Corp.'s data security programs. -- Harry Shapiro habs@panix.com List Administrator of the Extropy Institute Mailing List Private Communication for the Extropian Community since 1991 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Matthew J Miszewski Date: Sat, 17 Apr 93 22:27:53 PDT To: cypherpunks@toad.com Subject: CLIP: Legal Aspects Message-ID: <23041800272877@vms2.macc.wisc.edu> MIME-Version: 1.0 Content-Type: text/plain Clinton Clipper Legal Stuff: With regard to the fear that the issuance of your 'Klinton Key' will allow your favorite TLA to decrypt all conversations taped previous to the issuance of the warrant granting the key, there is precedence that disallows it. In US v. Plamondon 407 US 297, the Supreme Ct. held that *prior* judicial approval is a must for any evidence sought to be admitted. Therefore, while the precedence does not prevent them from actually decyphering your previous conversations, there is support that states it can not be used against you. In US v. Donovan (sorry lost the cite), the court held that the actual application must Identify *all* parties to be surveilled. Thus, the CIA cannot simply run a tape on you and expect to use it in court. It is important that everyone understand that none of these cases *prevent* any agency from *doing* the surveillance, and that probable cause is still an easy standard to meet in order to get the warrant. These cases merely tell you what would be admissable against anyone in court (i.e. this does not affect TLA (three letter acronyms) from blackmailing you or scaring the hell out of you. There is an enormous body of law out there on this topic and could use some guidance from the Cypherpunk elders for search topics. What's needed out there. Email me privately. TOTALLY aside from the Clipper topic: Just got the new WIRED. Excellent article. Groovy pix. Which one is Murdering Thug? 8^) mjmiski@macc.wisc.edu CyberLaw, etc. Matt From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: TO1SITTLER@APSICC.APS.EDU Date: Sat, 17 Apr 93 23:32:34 PDT To: cypherpunks@toad.com Subject: RE: CLIP: Media Blitz Message-ID: <930418003021.13c0@APSICC.APS.EDU> MIME-Version: 1.0 Content-Type: text/plain Sorry I can't quote, but Giant media blitz sounds like a great idea to me. Post the media list and put it on the FTP site too. Roots-up sounds much more cypherpunk than funds- and TV- and newspaper-down. Thank you, Matt. Kragen From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Matthew J Miszewski Date: Sat, 17 Apr 93 22:37:03 PDT To: cypherpunks@toad.com Subject: CLIP: Media Blitz Message-ID: <23041800363830@vms2.macc.wisc.edu> MIME-Version: 1.0 Content-Type: text/plain Cypherpunks, I know Ive got a huge list of fax/phone numbers and addresses of all of the MAJOR media sources in this country. Im going to find it now. The idea is a major blitz on the media's editorial boards from plain old outraged readers (OK cypherpunks aren't plain or old), the media shows like Larry King, et al would love a point counterpoint on this topic and this could create a cypher phenomenon from the roots up. If this sounds like a good idea to others out there let me know. I believe that a groundswell (or apparent one) will catch the eye of those in Congress and in WAShington much more than will petitions or letters from an ambiguous and generally anonymous email list (although everyones thoughts are in the right place). People in Washington react to what appears to be public sentiment. So lets create it :-) Ill post the media list unless many people would rather me not do so. Matt From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uni@acs.bu.edu (Shaen Bernhardt) Date: Sat, 17 Apr 93 21:36:28 PDT To: cypherpunks@toad.com Subject: Reaction time and Crypto Message-ID: <9304180436.AA49530@acs.bu.edu> MIME-Version: 1.0 Content-Type: text/plain I must complement the group on the speed and vigor with which they have pursued the Clinton proposal. It is my hope that we can somehow make it apparent to the public that they are losing, not winning here. It seems to me that the following technologies are going to be of increasing import despite the outcome of the Clinton proposal. 1. Raw headerless output from packages like PGP. It seems obvious that if crypto is regulated, it must be easier to disguise the type of crypto one is using, or indeed if one is using crypto. 2. Methodology for the disguising of cyphertext in more innocous data. 3. The proliferation and consistant use of Crypto for even everyday communications. 1> The harder it is to find, the less potential there is for regulation. 2> The harder it is to look for, the less potential there is for regulation. 3> The harder it is to abolish, the less potential there is for regulation. More than the specific plan here, I am stunned by the emerging MOVEMENT that seems to be at work here. I can only ask, what's next? I don't think any proposal to regulate crypto will focus on the users, but rather the development and distrubution of said crypto. This is what frightens me the most. The precedent for regulation of private software and hardware applications is painfully visable on the horizion. Someone said before: Be afraid, be very afraid. uni (Dark) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Sun, 18 Apr 93 00:59:23 PDT To: Extropians@gnu.ai.mit.edu Subject: Comments from Jim Bidzos, Pres. of RSA Data Security Message-ID: <9304180759.AA05469@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Jim Bidzos, Pres. of RSA Data Security, sent me a nice note this evening in response to my posting on sci.crypt. In that post, I suggested that only RSA has the algorithms and protocols ready to go for an alternative to Clipper, and that perhaps we should set aside our differences with RSA (over patents on software, etc.) and instead seek an alliance. Basically, Jim said he knew *nothing* of Clipper until he read about it in the Friday morning papers!! If true, this is astounding. (And having met Jim several times, I believe him.) He's also preparing a FAQ entitled "RSA/PKP/Clipper Flap FAQ" to deal with the many questions raised. Jim has some interesting theories about the motivations for Clipper, and why AT&T was so quick to jump on the bandwagon. Please don't quote my comments in public discussions of this issue (Jim asked me not to, which is why I'm being vaguely elliptic here.) This is all I can say for now, but I remain convinced that RSA was not involved (I suspect the presence of "jim@rsa.com" on the NIST mailing list, as reported in this group by a couple of folks, is not necessarily the cabal that put Clipper together). Interesting times indeed! -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: baumbach@atmel.com (Peter Baumbach) Date: Sun, 18 Apr 93 06:14:20 PDT To: cypherpunks@toad.com Subject: The gov't makes sense ;-) Message-ID: <9304180514.AA25169@sole.chp.atmel.com> MIME-Version: 1.0 Content-Type: text/plain My eyes have been opened, after reading the White House press release. Privacy can only be allowed if the users don't break any laws. If through accident or other means we find that someone who is using privacy has broken the law, we need to be able to discover what has been hidden by privacy in the past to see if other laws were broken. It is for the greater good! Let's have the gov't set a good example for us too follow. I want all government employees and anyone they have spoken to, to be recorded always. The tapes will be encrypted and stored safely in the hands of all losing presidential candidates. If a citizen has probable cause to believe that a person in gov't has broken the law, then, with proper safeguards, he will be given copies of the appropriate tapes and the keys, to get to the bottom of this. If through accident or other means we find that someone who is using privacy has broken the law, we need to be able to discover what has been hidden by privacy in the past to see if other laws were broken. It is for the greater good. Peter Baumbach baumbach@atmel.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: zane@genesis.mcs.com (Sameer) Date: Sat, 17 Apr 93 23:30:31 PDT To: Clark Reynard Subject: Re: PGP & RSA -> Legal In-Reply-To: <9304180257.AA00395@metal.psu.edu> Message-ID: MIME-Version: 1.0 Content-Type: text/plain In message <9304180257.AA00395@metal.psu.edu>, Clark Reynard writes: > since the software was legal at the time of purchase, it could > not be confiscated without due payment of value. If thousands Ha. (Sorry, but I'm feeling cynical.) -- | Sameer Parekh-zane@genesis.MCS.COM-PFA related mail to pfa@genesis.MCS.COM | | Apprentice Philosopher, Writer, Physicist, Healer, Programmer, Lover, more | | "Be God" - Me __ "Specialization is for Insects" - Robert A. Heinlein ____/ \_____________/ \____________________________________________________/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: George A. Gleason Date: Sun, 18 Apr 93 01:20:05 PDT To: karn@unix.ka9q.ampr.org Subject: Re: Thoughts on the proposal Message-ID: <199304180819.AA14555@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Agreed with Phil here. Clipper can't have been developed since Inauguration Day; it has to be a hand-me-down from the Bush administration, and I'm willing to bet that Clinton has been sold a bill of goods to get his support. Now a lot of folks on this list are ideologically committed to positions which are opposite to those of the Clinton amdministration, but please let's not let that blur our perception here. Clinton has shown a decent commitment to civil liberties (particularly concerning sexual freedom and reproductive rights, a very hard place to take a stand because there's such strong rightwing opposition); he's also shown an interest in telecom issues; I suspect what we're facing here isn't malice but lack of information on his part. Crypto is an elite area in math and computer science; for most people outside of this circle it's something they assume that they could never possibly understand and so they tend to accept the word of experts at hand. And the experts who are closest to the White House are at Fort Meade. The task we face is to bring the expertise of the best minds on our side, to the attention of the White House. -gg From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: szabo@techbook.com (Nick Szabo) Date: Sun, 18 Apr 93 02:07:06 PDT To: extropians@gnu.ai.mit.edu Subject: Wiretapping chip Message-ID: MIME-Version: 1.0 Content-Type: text/plain I agree we should write letters, but not (or not just) to government officials. Consider targetting the big phone makers -- both domestic and overseas. Let them know our privacy needs as customers -- that we want secure encryption, that means encryption with _published algorithms_ and without having the key available to _any_ third party, be it the U.S. or any other government, or any nontrustworthy private organization. I almost agree with Sandy that "we've won", but an important part of the market process that brings such victory is giving good customer feedback to communications suppliers. Also for consideration: boycott AT&T and all other companies making phones with the wiretap chip, and let the phone makers know about the boycott early and often. Also I am curious specifically how (a) encrypted international phone calls and (b) foreign-made phones will fair under this proposal (or possible follow-on proposals when they see the weak points in this one). Can the U.S. government dictate key registration to the world? I agree with Perry that "cypherpunks" is a bad label when these kinds of issues get raised in public, and would also add "crypto-anarchy" to that. Our main "talking point" is privacy, and other less popular stuff is best kept -- private. Nick Szabo szabo@techbook.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Sun, 18 Apr 93 02:11:07 PDT To: cypherpunks@toad.com Subject: A Long History for Clipper... Message-ID: <9304180909.AA07839@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain George Gleason writes: >Agreed with Phil here. Clipper can't have been developed since Inauguration >Day; it has to be a hand-me-down from the Bush administration, and I'm >willing to bet that Clinton has been sold a bill of goods to get his >support. Now a lot of folks on this list are ideologically committed to It's clearly stated that the program is at least 4 years old and that, for example, the contracts with VLSI Tech and Mxxxxtronix (I keep forgetting the name of the previously obscure So. Cal. defense contractor) were let 14 months ago, that production of the chips has begun, blah blah. No argument that the program started under Bush, and perhaps under Reagan (recall his various NSDDs and the Computer Security Act...). This doesn't mean the proposal will be casually tossed aside by Clinton as some objections are raised. Most policies of this sort percolate up through the entrenched bureacracies in Justice, State, Defense, NSA, etc. In this case, the AG, Janet Reno, was a well-known drug warrior in the Miami/Dade area....undoubtedly she made use of wiretaps, seizures, etc. She also probably understands the issues of law enforcement pretty well and fully understands what the proposal means. So, I don't think Clinton will easily change this policy. A firestorm of proposed civil disobedience, scoffing at the Clipper, etc., *might* have some effect. But I don't favor concentrating on legislative fixes. Give me technology any day. -Tim P.S. However, I'm trying to find the net address to send ersatz "protest" letters to Intergraph Corp about "Clipper." Clipper is the name of their 32-bit RISC chip--my thought is that enough indignant letters to Intergraph, deliberately confusing the Clinton Clipper with their product, will get Intergraph's lawyers to file a protest with the Administration! Perhaps even a name change will be ordered....a minor embarrassment, to be sure, but a stick in their eye nonetheless. -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: szabo@techbook.com (Nick Szabo) Date: Sun, 18 Apr 93 02:42:38 PDT To: extropians@gnu.ai.mit.edu Subject: Wiretapping chip: vid clips & sound bites Message-ID: MIME-Version: 1.0 Content-Type: text/plain I was on a Portland-area TV forum this evening and was able to raise the wiretap chip issue to a lay audience (in addition to being in some ways a lay person myself on this issue, but quite concerned). Here are some talking points and phrases I found helpful: * Compared and contrasted a "wiretap chip", which gives government agencies the keys to your private conversations, and a "privacy chip" where you keep the keys (come to think of it, I'm not sure that second point is technically correct -- how would a truly private phone handle the keys?) * Compared giving government agencies crypto keys to giving the IRS the keys to your house and filing cabinet. * As examples I used lawyer/client, psychiatrist/patient, priest/confessor and political campaign work done over the phone. * Showed New York Times front page story (Fri. 4/16) to the camera, to demonstrate that this is important, not a fringe issue and that the wiretap chip is real. Quoted Stephen Bryen of Secured Communications Technologies Inc., "I think the government is creating a monster." * Emphasized importance of learning about telephone and e-mail technology, and how they can be made private with open cryptography. (As opposed to top-secret chip designs which I called "closed cryptography"). * Stated that I was switching from AT&T to another provider in protest of their selling phones containing wiretap chips. I wanted to use a see-thru telephone as a prop to point at computer chips inside the phone, but wasn't able to locate one in time. Some of this may sound corny and less accurate than a technical presentation, but I needed to make the lay audience at least mildly informed, sympathetic and perhaps even motivated to write their phone company or their Congresscritters within about the three minutes of air time. Further suggestions for sound bites, vid clips etc. to use in a media campaign greatly appreciated. Nick Szabo szabo@techbook.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: rjc@gnu.ai.mit.edu Date: Sun, 18 Apr 93 03:58:15 PDT To: Extropians@gnu.ai.mit.edu Subject: Re: Wiretapping chip: vid clips & sound bites In-Reply-To: <9304180942.AA03151@churchy.gnu.ai.mit.edu> Message-ID: <9304181058.AA75057@hal.gnu.ai.mit.edu> MIME-Version: 1.0 Content-Type: text/plain The best innovation you came up with is calling it the "wiretap chip." I propose that we stop referring to this chip as the "clipper chip" and always refer to it as "the wiretap chip." Also, when using analogies, don't bring up drug smugglers or terrorists. One key to winning this battle is to wage an information war. We have to manipulate the image of this proposal so it looks more like a menace instead of a "protection." -- Ray Cromwell | Engineering is the implementation of science; -- -- EE/Math Student | politics is the implementation of faith. -- -- rjc@gnu.ai.mit.edu | - Zetetic Commentaries -- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: smb@research.att.com Date: id AA02705sendmail 5.67/QC-subsidiary-2.1 via SMTPSun, 18 Apr 93 05:17:07 -0700 for karn To: mischu, matt, reeds, lacy, don, gong@csl.sri.com, karn Subject: technical information on Clipper Message-ID: <9304181217.AA17562@qualcomm.com> MIME-Version: 1.0 Content-Type: text/plain ------- Forwarded Message Return-Path: ISL.Stanford.EDU!hellman Received: by research.att.com; Sun Apr 18 02:06 EDT 1993 Received: by inet.att.com; Sun Apr 18 02:06 EDT 1993 Received: by ISL.Stanford.EDU (4.1/25-eef) id AA22827; Sat, 17 Apr 93 23:05:23 PDT Date: Sat, 17 Apr 93 23:05:23 PDT From: "Martin Hellman" Message-Id: <9304180605.AA22827@ISL.Stanford.EDU> To: DAVIDNEWMANPC@mcimail.com, NORMILE.J@applelink.apple.com, adw@research.att.com, amo@research.att.com, bach@cs.wisc.edu, berson@sri.com, biham@cs.technion.ac.il, branstad@st1.ncsl.nist.gov, brassard@iro.umontreal.ca, burt@rsa.com, carl@joe.math.uga.edu, caronni@nessie.cs.id.ethz.ch, clipper@csrc.ncsl.nist.gov, denning@cs.cosc.georgetown.edu, diffie@eng.sun.com, eor@ISL.Stanford.EDU, erdmann@leland, fahn@cs, gfung%ccm.UManitoba.CA@cornellc.cit.cornell.edu, gill@ISL.Stanford.EDU, gormish@ISL.Stanford.EDU, infort%czheth5a.BITNET@forsythe.stanford.edu, jeffr@sco.com, jhwang@ISL.Stanford.EDU, jim@rsa.com, jwarren@well.sf.ca.us, jwolf@ucsd.edu, kurlberg@leland, langford@ISL.Stanford.EDU, lenstra@flash.bellcore.com, markoff@nyt.com, matt@rsa.com, merkle@xerox.com, minnieho@ISL.Stanford.EDU, mitran@asic.sc.ti.com, ovseev@ippi.msk.su, rivest@theory.lcs.mit.edu, roche@ISL.Stanford.EDU, rotenberg@washofc.cpsr.org, scholtz@jimmie.usc.edu, shamir%wisdom.bitnet@forsythe, smb@research.att.com, taher@rsa.com, voois@ISL.Stanford.EDU, welch@irving.usc.edu, wesel@ISL.Stanford.EDU Subject: Clipper Chip Most of you have seen the announcement in Friday's NY Times, etc. about NIST (National Institute of Standards & Technology) announcing the "Clipper Chip" crypto device. Several messges on the net have asked for more technical details, and some have been laboring under understandable misunderstandings given the lack of details in the news articles. So here to help out is your friendly NSA link: me. I was somewhat surprised Friday to get a call from the Agency which supplied many of the missing details. I was told the info was public, so here it is (the cc of this to Dennis Branstad at NIST is mostly as a double check on my facts since I assume he is aware of all this; please let me know if I have anything wrong): The Clipper Chip will have a secret crypto algorithm embedded in Silicon. Each chip will have two secret, 80-bit keys. One will be the same for all chips (ie a system-wide key) and the other will be unit specific. I don't know what NIST and NSA will call them, but I will call them the system key SK and unit key UK in this message. The IC will be designed to be extremely difficult to reverse so that the system key can be kept secret. (Aside: It is clear that they also want to keep the algorithm secret and, in my opinion, it may be as much for that as this stated purpose.) The unit key will be generated as the XOR of two 80-bit random numbers K1 and K2 (UK=K1+K2) which will be kept by the two escrow authorities. Who these escrow authorities will be is still to be decided by the Attorney General, but it was stressed to me that they will NOT be NSA or law enforcement agencies, that they must be parties acceptable to the users of the system as unbiased. When a law enforcement agency gets a court order, they will present it to these two escrow authorities and receive K1 and K2, thereby allowing access to the unit key UK. In addition to the system key, each user will get to choose his or her own key and change it as often as desired. Call this key plain old K. When a message is to be sent it will first be encrypted under K, then K will be encrypted under the unit key UK, and the serial number of the unit added to produce a three part message which will then be encrypted under the system key SK producing E{ E[M; K], E[K; UK], serial number; SK} When a court order obtains K1 and K2, and thence K, the law enforcement agency will use SK to decrypt all information flowing on the suspected link [Aside: It is my guess that they may do this constantly on all links, with or without a court order, since it is almost impossible to tell which links over which a message will flow.] This gives the agency access to E[M; K], E[K; UK], serial number in the above message. They then check the serial number of the unit and see if it is on the "watch list" for which they have a court order. If so, they will decrypt E[K; UK] to obtain K, and then decrypt E[M; K] to obtain M. I am still in the process of assessing this scheme, so please do not take the above as any kind of endorsement of the proposed scheme. All I am trying to do is help all of us assess the scheme more knowledgably. But I will say that the need for just one court order worries me. I would feel more comfortable (though not necessarily comfortable!) if two separate court orders were needed, one per escrow authority. While no explanation is needed, the following story adds some color: In researching some ideas that Silvio Micali and I have been kicking around, I spoke with Gerald Gunther, the constitutional law expert here at Stanford and he related the following story: When Edward Levi became Pres. Ford's attorney general (right after Watergate), he was visited by an FBI agent asking for "the wiretap authorizations." When Levy asked for the details so he could review the cases as required by law, the agent told him that his predecessors just turned over 40-50 blank, signed forms every time. Levi did not comply and changed the system, but the lesson is clear: No single person or authority should have the power to authorize wiretaps (or worse yet, divulging of personal keys). Sometimes he or she will be an Edward Levi and sometimes a John Mitchell. Martin Hellman ------- End of Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Harry Shapiro Date: Sun, 18 Apr 93 05:29:13 PDT To: cypherpunks@toad.com Subject: Media Blitz: May ourselves available Message-ID: <199304181229.AA27858@sun.Panix.Com> MIME-Version: 1.0 Content-Type: text/plain If there is going to me some kind of media blitz then we have to put some of ourselves forward as "experts" for the media to interview. Tim May, John Gilmore, come to mind. Any of us that are clean shaven and wear suits, etc. would also make good spoke-folks /harry -- Harry Shapiro habs@panix.com List Administrator of the Extropy Institute Mailing List Private Communication for the Extropian Community since 1991 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mail Delivery Subsystem Date: Sun, 18 Apr 93 06:30:37 PDT To: habs@Panix.Com Subject: Returned mail: Deferred: Connection reset by peer during greeting wait with churchy.gnu.ai.mit.edu Message-ID: <199304181241.AA28611@sun.Panix.Com> MIME-Version: 1.0 Content-Type: text/plain ----- Transcript of session follows ----- While talking to toad.com: >>> RCPT To: <<< 550 ... User unknown 550 cyhperpunks@toad.com... User unknown 451 extropians@gnu.ai.mit.edu... timeout waiting for input 421 churchy.gnu.ai.mit.edu (TCP)... Deferred: Connection reset by peer during greeting wait with churchy.gnu.ai.mit.edu ----- Unsent message follows ----- Received: by sun.Panix.Com id AA28608 (5.65c/IDA-1.4.4 for extropians@gnu.ai.mit.edu); Sun, 18 Apr 1993 08:41:03 -0400 From: Harry Shapiro Message-Id: <199304181241.AA28608@sun.Panix.Com> Subject: Re: More True Names: The NIST Security Board (fwd) To: cyhperpunks@toad.com, extropians@gnu.ai.mit.edu (Harry Shapiro) Date: Sun, 18 Apr 1993 08:41:03 -0400 (EDT) Reply-To: habs Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Content-Length: 1199 a conscious being, David Farber wrote: From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Harry Shapiro Date: Sun, 18 Apr 93 05:50:09 PDT To: future@nyx.cs.du.edu (FutureCulture) Subject: The mysterious mailing list (fwd) Message-ID: <199304181248.AA28813@sun.Panix.Com> MIME-Version: 1.0 Content-Type: text/plain There have been reports about a mailing list set-up at NIST that had a number of people on it including Mitch Kapor. The list is named "clipper" and it was through that list that part of the Wire Tap Chip announcement came. I asked Mitch directly, what is involvement with that list was; I asked him if he was involved with the development of the Wire Tap Chip. Below is is reply. I believe him. /harry a conscious being, Mitchell Kapor wrote: > From mkapor@eff.org Wed Apr 17 23:11:38 1993 > Message-Id: <199304181111.AA05559@eff.org> > Date: Sun, 18 Apr 1993 07:11:38 -0800 > To: habs@Panix.Com > From: Mitchell Kapor > Subject: The mysterious mailing list > > I believe the list in the question is an informational list set up at NIST. > My name was placed on it. I did not ask to be put on such a list. We > were (obviously) not involved in the development of Clipper. > I was sent the Clipper announcement fact sheet, for instance. > There has been a small amount of traffic on it, none of it consequential. > I would appreciate it if you would make these facts known. I have told Mitch I will put this info out and have asked that he make clipper list mail public at some FTP site. I have also asked him when he started getting traffic from this list. /harry -- Harry Shapiro habs@panix.com List Administrator of the Extropy Institute Mailing List Private Communication for the Extropian Community since 1991 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Harry Shapiro Date: Sun, 18 Apr 93 06:22:00 PDT To: cypherpunks@toad.com Subject: Mitch on the Clipper Mailing list Message-ID: <199304181319.AA29552@sun.Panix.Com> MIME-Version: 1.0 Content-Type: text/plain I had asked Mitch to repost any communications that have gone over this list. He has. I appreciate his willing to clear up this issue. As I have stated before, I believe him, that NIST simply created this list of people they wanted to be in direct contact with. /harry a conscious being, Mitchell Kapor wrote: > From mkapor@eff.org Sun Apr 18 00:58:00 1993 > Message-Id: <199304181257.AA06031@eff.org> > Date: Sun, 18 Apr 1993 08:58:00 -0800 > To: habs@Panix.Com > From: Mitchell Kapor > Subject: Re: The mysterious mailing list > > I received the statement of the Press Secretary and the public fact sheet > from Ed Roback. I have not repoduced the full text as it is readily > available elsewhere. > > Following this is a thread between Gerano Cannoni and Martin Hellman. I > have deleted the text of Marty's longest response, as it is being > circulated elsewhere. > Last, there is a single message from A. Pagett Patterson. > And that's it (assuming I haven't missed something in reviewing my mail stream). > Feel free to re-post this, put in on an FTP, whatever. I don't have any > more time to deal with this issue. > > Date: Fri, 16 Apr 93 11:02:59 EDT > From: Ed Roback > Organization: FIRST, The Forum of Incident Response & Security Teams > Posted-Date: Fri, 16 Apr 93 11:02:59 EDT > To: clipper@csrc.ncsl.nist.gov > Subject: text of White House announcement and Q&As on clipper chip encryption > > Note: This file will also be available via anonymous file > transfer from csrc.ncsl.nist.gov in directory /pub/nistnews and > via the NIST Computer Security BBS at 301-948-5717. > --------------------------------------------------- > > THE WHITE HOUSE > > Office of the Press Secretary > > _________________________________________________________________ > > For Immediate Release April 16, 1993 > > > STATEMENT BY THE PRESS SECRETARY > > > The President today announced a new initiative that will bring > the Federal Government together with industry in a voluntary > program to improve the security and privacy of telephone > communications while meeting the legitimate needs of law > enforcement. > ... > > Date: Fri, 16 Apr 93 16:44:10 EDT > From: Ed Roback > Organization: FIRST, The Forum of Incident Response & Security Teams > Posted-Date: Fri, 16 Apr 93 16:44:10 EDT > To: clipper@csrc.ncsl.nist.gov > Subject: White House Public Encryption Management Fact Sheet > > > > Note: The following was released by the White House today in > conjunction with the announcement of the Clipper Chip > encryption technology. > > FACT SHEET > > PUBLIC ENCRYPTION MANAGEMENT > > The President has approved a directive on "Public Encryption > Management." The directive provides for the following: > ... > > Posted-Date: Sat, 17 Apr 93 01:26:06 +0200 > From: caronni@nessie.cs.id.ethz.ch (Germano Caronni) > Date: Sat, 17 Apr 93 01:26:06 +0200 > To: clipper@csrc.ncsl.nist.gov > Subject: Clipper-Chip Escrow-System Flaws > Newsgroups: > alt.privacy,sci.crypt,alt.security,comp.security.misc,comp.org.eff.talk > Organization: Swiss Federal Institute of Technology (ETH), Zurich, CH > Cc: > > > Good day, > as a non-citizien of USA I have read your announcment of the > 'Clipper-Chip' with great interest, and am happy to see a increase > in lawful privacy in the USA. I hope this policy will extend to > other countries too. > In the meantime I suspect two flaws in the 'Clipper-Chip' as it was > announced today via NIST/electronic media. > > 1) Keeping secret the algorithm which performs encryption is in my > humble opinion a bad idea. It hinders 'Clipper' to get publicly > accepted, and hinders the minute examination of the Clipper- > Algorithm by other then a few experts. > But I am sure this was well considered. > > Now the important suggestion :=) > > 2) By splitting the 80-Bit-Key of clipper in two parts, and give > them to different organizations, you add an uneeded WEAKNESS > to the escrow-system. This way, corruption of one escrow will > allow an easier attack on the Key than might be possible. > (e.g. if I obtain 40 bits of possible 80 bits keys, exhaustive > keysearch is definitively no problem.) > You might instead generate 2 (or even more, if this ist not > politically indesired) 80-Bit-Sequences which, when XOR-ed > together will provide the original, needed key, but alone they > are worthless. I am sure persons with knowledge in this area, which > surely can be found at NIST (or wherever) will agree. > > I hope that this remark is of interest for you. > > Friendly greetings, > > Germano Caronni > > > P.S. > I am sure you have remarked, that the current policy is interpretable > to tend toward an abolition of 'unbreakable' secure communication > via electronic Media, and hope that this will _not_ come true. > > Disclaimer: This mail is in now way whatsoever connected to the Swiss > Federal Inst. of Technology, but expresses my personal thoughts. > > > > > Organization: FIRST, The Forum of Incident Response & Security Teams > Posted-Date: Fri, 16 Apr 93 22:32:14 PDT > Date: Fri, 16 Apr 93 22:32:14 PDT > From: "Martin Hellman" > To: caronni@nessie.cs.id.ethz.ch, clipper@csrc.ncsl.nist.gov > Subject: Re: Clipper-Chip Escrow-System Flaws > > I received your message suggesting: > > 2) By splitting the 80-Bit-Key of clipper in two parts, and give > them to different organizations, you add an uneeded WEAKNESS > to the escrow-system. This way, corruption of one escrow will > allow an easier attack on the Key than might be possible. > (e.g. if I obtain 40 bits of possible 80 bits keys, exhaustive > keysearch is definitively no problem.) > You might instead generate 2 (or even more, if this ist not > politically indesired) 80-Bit-Sequences which, when XOR-ed > together will provide the original, needed key, but alone they > are worthless. > > In a conversation with NSA today, I was told > that two random 80-bit numbers will be XORed to produce > the 80-bit key and the two individual numbers kept by > two separate escrow authorities -- who they are is > to be decided. So your suggestion is, in fact, how it > will be handled. > > martin hellman > > Disclaimer: this in no way should be interpreted to mean > that I approve of the Clipper Chip. While I am still in the > process of learning more about it, my immediate reaction > was not positive. More later. > > Organization: FIRST, The Forum of Incident Response & Security Teams > Posted-Date: Sat, 17 Apr 93 23:05:23 PDT > Date: Sat, 17 Apr 93 23:05:23 PDT > From: "Martin Hellman" > To: ...clipper@csrc.ncsl.nist.gov... > Subject: Clipper Chip > > > Most of you have seen the announcement in Friday's NY Times, > etc. about NIST (National Institute of Standards & Technology) > announcing the "Clipper Chip" crypto device. Several messges > on the net have asked for more technical details, and some have > been laboring under understandable misunderstandings given > the lack of details in the news articles. So here to help out > is your friendly NSA link: me. I was somewhat surprised Friday > to get a call from the Agency which supplied many of the missing > details. I was told the info was public, so here it is (the cc of this > to Dennis Branstad at NIST is mostly as a double check on my > facts since I assume he is aware of all this; please let me know > if I have anything wrong): > > ... > > > Organization: FIRST, The Forum of Incident Response & Security Teams > Posted-Date: Sat, 17 Apr 93 08:55:31 -0400 > Date: Sat, 17 Apr 93 08:55:31 -0400 > From: padgett@tccslr.dnet.mmc.com (A. Padgett Peterson) > To: "clipper@csrc.ncsl.nist.gov"@uvs1.dnet.mmc.com > Subject: Panel > > I would like to be considered for the "outside panel" assessing the > Clipper Technology. > A. Padgett Peterson, P.E. > > > -- Harry Shapiro habs@panix.com List Administrator of the Extropy Institute Mailing List Private Communication for the Extropian Community since 1991 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Harry Shapiro Date: Sun, 18 Apr 93 06:24:16 PDT To: cypherpunks@toad.com Subject: It is two 80-bit "halfs" Message-ID: <199304181322.AA29623@sun.Panix.Com> MIME-Version: 1.0 Content-Type: text/plain From Mail sent via the Clipper Mailing list, forwarded to me: > In a conversation with NSA today, I was told that two random 80-bit > numbers will be XORed to produce the 80-bit key and the two individual > numbers kept by two separate escrow authorities -- who they are is to > be decided. So your suggestion is, in fact, how it will be handled. > martin hellman /HARRY -- Harry Shapiro habs@panix.com List Administrator of the Extropy Institute Mailing List Private Communication for the Extropian Community since 1991 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Timothy Newsham Date: Sun, 18 Apr 93 12:47:23 PDT To: cypherpunks@toad.com Subject: clipper Message-ID: <9304181947.AA03035@toad.com> MIME-Version: 1.0 Content-Type: text/plain smb@att.com has created a newsgroup for clipper conversation. alt.privacy.clipper I believe. I think it would be best (in keeping traffic here down and in getting everybody interested in clipper together) if everyone uses that newsgroup for clipper topics if possible. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Dave Banisar Date: Sun, 18 Apr 93 06:43:31 PDT To: CYPHERPUNKS@toad.com Subject: AT&T Press Release on Clipper Message-ID: <9304180949.AA35839@hacker2.eff.org> MIME-Version: 1.0 Content-Type: text/plain Here's AT&T's announcement on the Clipper. AT&T TO INCORPORATE NEW 'CLIPPER' CHIP INTO SECURE COMMUNICATIONS PRODUCT LINE GREENSBORO, N.C., April 16 AT&T (NYSE: T) said today it is moving to improve the security and privacy of telephone communications by incorporating a just-announced new U.S. government technology for voice encryption into its secure communications product line. AT&T will use the Clipper chip, announced today by President Clinton as a new technology for voice encryption, in all of its secure telephone products except those specially designed for government classified customers. The Commerce Department has announced a six-month timetable for the final certification of Clipper. "AT&T is pleased to be the first company to publicly commit to adoption of the Clipper chip," said Ed Hickey, AT&T vice president, Secure Communications Systems. "We believe it will give our customers far greater protection in defeating hackers or eavesdroppers attempting to intercept a call. "And now all commercially available AT&T voice encryption products will be compatible with each other, a major step forward in bringing secure communications capabilities to the business community." In standardizing AT&T voice encryption products on the Clipper chip, AT&T will include the algorithm in the Telephone Security Device as well as in the Secure Voice/Data Terminal. The AT&T Telephone Security Device is a compact, lightweight unit that brings advance encryption technology to conventional land-line and cellular telephones. It provides a powerful, convenient and reliable way to protect the most sensitive telephone conversations. The device works with a conventional land-line or transportable/mobile cellular phone. It turns the phone's signal into a digital stream of encrypted information that is decrypted by a Telephone Security Device attached to the phone at the receiving end of the call. The AT&T Telephone Security Device connects easily to desk telephones or tranportable or mobile phones. It weighs 1.5 pounds and is 7 inches long, 4.5 inches wide and 1.5 inches high. And it's as easy to use as it is portable. The AT&T Secure Voice/Data Terminals are desktop telephones that provide encryption for both telephone calls and data transmissions. These AT&T secure communications products use an enhanced voice encryption technique that provides very high voice quality. This technology allows calls placed with these products to approach the voice quality of normal calls. To further enhance interoperability, AT&T will consider licensing to other manufacturers its enabling technologies for interoperability. Interoperability of encryption devices requires common technology beyond the use of a common encryption algorithm, specifically common methods of digital voice encoding and signaling. AT&T has already performed integration tests with Clipper chips manufactured by the government's supplier, Mykotronx Inc., of Torrence, Calif., and is preparing to integrate the chip into the manufacturing of its secure products. AT&T's Clipper-equipped telephone security devices will be available to customers by the end of the second quarter. The federal government intends to adopt the Clipper chip as the standard for voice encryption to help protect proprietary information, protect the privacy of personal phone conversations and prevent unauthorized release of data transmitted electonically. At the same time, use of the Clipper chip will preserve the ability of federal, state and local law enforcement agencies to intercept lawfully the phone conversations of criminals. "Adoption of Clipper will support both the government's efforts to protect the public and the public's right to privacy," Hickey said. AT&T Secure Communication Systems provides products to protect voice, data, fax, cellular and video communications. It also engineers and integrates secure communications applications. Its customers include the governments of the United States and other nations as well as major corporations around the world. AT&T Secure Communications Systems is headquartered in Greensboro. For more information about the AT&T Telephone Security Device 3600 and other AT&T Secure Communications Products, call David Arneke at 919-279-7680. CONTACT: David Arneke of AT&T Secure Communications Systems, 919-279- 7680,or after hours, 919-273-5687, or Herb Linnen of AT&T Media Relations, 202-457-3933, or after hours, 202-333-9162 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Dave Banisar Date: Sun, 18 Apr 93 07:10:18 PDT To: CYPHERPUNKS@toad.com Subject: Media Sugestions, History of Clipper and Conspiracy theories Message-ID: <9304181016.AA32068@hacker2.eff.org> MIME-Version: 1.0 Content-Type: text/plain RE: Press Blitz I have found from experience, with some success, that the best way to handle press if you to contact local press and present yourself as a local expert on the subject. This gives them a local connection for their stories. You should have apack ready to send them, including copies of the White House documents, and a 1 page fact sheet of your own pointing out the problems with the proposal. Present yourself as a local computer scientist who sees the deeper issues behind this proposal and wants to air them. The major national newspapers are already covering this but its the smaller local papers that most people read. Only a few million people total read the NY Times, Washinging Post etc. Thinks of the millions that read their local papers and get to them. If they respond, this will be killed. History of Clipper: As I mentioned before, Iwas at the NIST press Conference on Fri. They responded to a question by saying that they had been working on this for 4 years and had been implimenting it for 14 months. Suggestion for campaign name: Clip the Clipper! Mailing List: No CPSR, etc. were not involved as a cabal supporting this dingbat proposal. If you beliueve that then go back to reading your endless JFK/CIA/Mafia/aliens conspiracy theory books and let the rest of us go on living in the real world. They have put together a very slick electronic media blitz here, sending the proposal to every applicable newsgroup etc. Dave Banisar CPSR Washington Office From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Harry Shapiro Date: Sun, 18 Apr 93 07:35:37 PDT To: cypherpunks@toad.com (Good Guys) Subject: Test, please ignore Message-ID: <199304181435.AA10152@sun.Panix.Com> MIME-Version: 1.0 Content-Type: text/plain Just a alias test - please ignore /harry -- Harry Shapiro habs@panix.com List Administrator of the Extropy Institute Mailing List Private Communication for the Extropian Community since 1991 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Pat Farrell" Date: Sun, 18 Apr 93 08:15:32 PDT To: tcmay@netcom.com Subject: RE: A Long History for Clipper... Message-ID: <40466.pfarrell@cs.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain Timothy C. May) writes: >George Gleason writes: >> Clipper can't have been developed since Inauguration >>Day; ... >It's clearly stated that the program is at least 4 years old and that, >[supporting stuff deleted] >This doesn't mean the proposal will be casually tossed aside by Clinton as >some objections are raised. Most policies of this sort percolate up through >the entrenched bureacracies in Justice, State, Defense, NSA, etc. I was listening to a lecture by Dr. Denning (Peter J) about a week ago. He was referencing NREN, not his wife's key registration idea, but in light of Clipper, the comments are germane. He said that some of his left-coast collegues were all concerned about NREN providing equal access so it won't be a "yuppie-only" communication medium. Prof. Denning said that these well meaning folks are too late. Gore's data superhighways were announced as a big deal for political reasons by the Clinton Administration, but it was actually the result of nearly 10 years of work. He said these things take years to create, and that the consensus is in place before it announced so acceptance is assured. Clearly CLIPPER has been percolating thru the TLAs for quite some time. I think the self selection process (see The New Republic's Clincest article) has allowed those who have been sending up trial balloons to think they've reached an acceptable position. It was clear at last Fall's National Computer Security Conference (sponsored by NSA) that the TLAs were going to keep pushing to get this thru. BTW, I live "inside the Beltway" and have been trying to figure out a way to use my ability to easily popover the DC for face to face meetings to help stop this madness. I tried working with EFF last Fall, but they couldn't figure out how to use volunteer help. If any crypo-privacy list readers have ideas, please let me know. Pat (My pgp key is on the utmb and mit servers.) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Pat Farrell" Date: Sun, 18 Apr 93 08:14:28 PDT To: cypherpunks@toad.com Subject: RE: Media Blitz: Make ourselves available Message-ID: <40480.pfarrell@cs.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain Harry Shapiro writes: >Any of us that are clean shaven and wear suits, etc. would >also make good spoke-folks I can't claim expert status, but I do live "inside the Beltway" wear suits, have gray hair, have appeared on CNN during the Morse worm discussions, presented a paper on security at the National Computer Security Conference last Fall, work for a high-tech software firm, think the big brother chip is a crock, and am willing. How do I make myself more available? My 24-hour voicemail number is (703) 267-2986. Pat From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Pat Farrell" Date: Sun, 18 Apr 93 08:14:40 PDT To: cypherpunks@toad.com Subject: Knowledge of cryptography, Was: RE: More True Names: The NIST Security Board Message-ID: <40485.pfarrell@cs.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain Harry identified several names on the CLIPPER list, including: >mcnulty@ecf = F. Lynn McNulty an associate director for computer >security at the National Institute of Standards and Technology's >Computer Systems Laboratory At this Fall's National Computer Security Conference, Mr. McNulty was a speaker on the NIST's digital signature session. They talked about both the non-RSA DSS, and use of Certifying Authorities with a RSA-based scheme. At that same conference, I gave a paper on security that described a fishnet of trust between systems. This was written in February 92, well before I read Phil's "web of trust" from the PGP docs, which I read sometime over the summer. During the Q&A, I asked Mr NcNulty to compare the advantages and disadvantages of a heirarchical CA approach to an interlocking fishnet/web of trust. I hoped he would at least recognize that any heirarchy has problems from the top down if an upper level is compromised. Instead, he could not address any differences. I believe that working in the government has made the hierarchy seem to be the only implementation that he envisioned. He fobbed the question off to one of his technical underlings, but he, too, was unable to answer it (or even coherently address it). I believed then (and still do) that the closed loop process used by NIST and the TLAs has caused them to overlook a number of promissing alternatives. This means that we crypto-provacy advocates must start an education effort. Pat From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Matthew J Miszewski Date: Sun, 18 Apr 93 10:09:08 PDT To: cypherpunks@toad.com Subject: MEDIA: Partial List Message-ID: <23041812084521@vms2.macc.wisc.edu> MIME-Version: 1.0 Content-Type: text/plain Cypherpunks, OK a couple of things. First, this is a partial list as should be obvious by the truncation of the first entry. If and when I can find the whole and complete list I will post it. Second, I post this grudgingly realizing that some might abuse it. I do feel however that the tone of discussion on the list has been positive and intellectual enough to positively affect the cause. I realize this list is not exhaustive but it is a start. Ill work on expansion. I suggest, as have others, that we utilize one simple technology extensively - fax/fax-modems. Also remember that Washington responds to perceived PUBLIC opinion. Most people dont understand crypto much less know our names. It should appear that these comments are coming from a good cross section of the country. Finally, I agree with the poster that suggested that we put forth some spokespeople of sorts. Media types love point people rather than the horizontal structure of cypherpunks. I know we will never get total agreement on whom they should be, but I think that Tim May, John Gilmore, Eric Hughes, etc. are pretty much acceptable (They represented us eloquently in WIRED) Use the list with good intent. -------------------8<---------------8<----------------- Lane Vernardos Fax: 212 7652724 Associated Press 50 Rockefeller Plaza New York NY 10020 Phone: 212 6211600 This Week With David Brinkley 1717 De Sales St., NW Washington DC 20036 David Glodt Phone: 202 8877777 Fax: 202 8877977 CBS Evening News 524 W. 57th St. New York NY 10019 Tom Bettag Phone: 212 9753693 Fax: 212 9751519 CBS This Morning 524 W. 57th St. New York NY 10019 Eric Sorenson Phone: 212 9752824 Fax: 212 9752115 CSM Publishing Society One Norway St. Boston MA 02115 Phone: 800 2257090 One CNN Center Box 105366 Atlanta GA 30348 Phone: 404 8271500 CNN, Washington Bureau 111 Massachusetts Ave., NW Washington DC 20001 Phone: 202 8987900 Face the Nation, CBS News 2020 M St., NW Washington DC 20036 Marianne Brooks Phone: 202 4574321 Fax: 202 4666237 Good Morning America, ABC News 1965 Broadway New York NY 10023 Jack Riley Phone: 212 4961800 Fax: 212 8874724 Larry King Show, Mutual Radio 1755 S. Jefferson Davis Hwy. Arlington VA 22202 Pat Piper Phone: 703 6852175 Fax: 703 6852142 Larry King Live TV, CNN 111 Massachusetts Ave., NW Washington DC 20001 Thomas Haddad Phone: 202 8987900 Fax: 202 8987617 Los Angeles Times Times-Mirror Square Los Angeles CA 90053 Phone: 800 5281637 Fax: 213 2377679 MacNeil/Lehrer News Hour P.O. Box 2626 Washington DC 20013 Phone: 703 9982870 MacNeill/Lehrer News Hour WNET 356 W. 58th St. New York NY 10019 Les Crystal Phone: 212 5603113 Fax: 212 5817353 Meet the Press, NBC News 4001 Nebraska Ave., NW Washington DC 20016 Christie Basham Phone: 202 8854200 Fax: 202 3622009 Morning Edition, NPR 2025 M St., NW Washington DC 20036 Phone: 202 8222000 N B C Nightly News 30 Rockefeller Plaza New York NY 10112 Steven Freidman Phone: 212 6644971 Fax: 212 6646045 New York Times, DC Bureau 1627 Eye St., NW, 7th Floor Washington DC 20006 Phone: 202 8620300 New York Times 229 W. 43rd St. New York NY 10036 Phone: 212 5561234 Newsweek 444 Madison Ave. New York NY 10022 Phone: 212 3504000 Nightline, ABC News 47 W. 66th St. New York NY 10023 Dorrance Smith Phone: 212 8874995 Fax: 212 4563335 ABC News 1717 DeSales, NW Washington DC 20036 Ted Koppel Phone: 202 8877364 Public Broadcasting Service 1320 Braddock Pl. Alexandria VA 22314 Phone: 704 7395000 Time Magazine, DC Bureau Washington DC 20001 Mr. Cloud, Bureau Chief Phone: 202 8614000 Time Warner, Inc. Time Life Bldg. Rockefeller Center New York NY 10020 Phone: 212 5221212 The Today Show 30 Rockefeller Plaza New York NY 10112 Tom Capra Phone: 212 6644249 USA Today 1000 Wilson Blvd. Arlington VA 22229 Phone: 703 2763400 U S News & World Report 2400 N St., NW Washington DC 20037 Phone: 202 9552000 United Press International 1400 Eye St., NW Washington DC 20006 Phone: 202 8988000 WETA-TV P.O. Box 2626 Washington DC 20013 Phone: 703 9982626 Wall Street Journal 200 Liberty St. New York NY 10281 Phone: 212 4162000 Washington Post 1150 15th St., NW Washington DC 20071 Phone: 202 3346000 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Sun, 18 Apr 93 12:11:02 PDT To: extropians@gnu.ai.mit.edu Subject: Fighting the Wiretap Chip Plan Message-ID: <9304181911.AA04196@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain (I'm using the "Wiretap Chip" name instead of "Clipper," as someone has suggested. It _does_ carry a better message.) This essay is bit rambling, as I'm in my lousy editor and don't have time to rearrange things into a more formal essay. Instead, I'll just make a number of points. I've seen a lot of discussion here about who to talk to, how to phrase the issues, and so forth. Fax numbers (good!), phone numbers, etc. But let me point out that the public discussion is not likely to do very much, for several reasons. 1. A very tiny universe of listeners. Crypto is too abstract for most people. I doubt anything we say can change this. And "privacy" is a complicated theme....the anti- and pro-abortion sides have been bandying it about for over a decade, to little avail. The key is to reach the relatively small fraction of policy shapers, both outside government and inside. 2. Journalists want the pithy quote, the sound bite, the attention grabber. They don't really care if 37 faxes have been received in support of some position--that just isn't news. I often shake my head in despair at the demands for "good quotes," but I still try to spew them out. Ironically, my .sig block, with all the comments about "crypto anarchy," "information markets," "zero knowledge," etc., often were the triggers that got me in touch with journalists. For example, Julian Dibell of the "Village Voice" saw my stuff in sci.crypt last fall and called me...only then did he learn of the existence of the Cypherpunks group. Likewise, Kevin Kelly, of "Whole Earth Review" fame, and now editor of "Wired," contacted me to ask about the terms in my cryptically cryptic sig. (Some people have already put good stuff about "Stop the Big Brother Chip" and "Say No to the Wiretap Chip" in their sigs...this is great advertising!) 3. I've been interviewed on crypto matters by several journalists, all of whom I respect. (They were, for the record: Steven Levy, for the "Wired" piece, Kevin Kelly, as editor of "Wired" and for a possible story in "Whole Earth Review," Julian Dibell, for "The Village Voice" (forthcoming, he tells me), Dave Mandl, for a radio station in New Jersey, and a couple of minor quotes here and there. (I can't begin to compete of course with John Gilmore or Eric Hughes, in terms of numbers of interviews.) 4. My conclusion is that the very term "Cypherpunks" was useful--even though I had little to do with choosing the name and sometimes find it distasteful (I prefer Miles Davis to Nine Inch Nails, for example). Consider that there are already several well-publicized groups devoted to various aspects of computer privacy: the EFF, the CPSR, the ACLU, etc. (these groups should be well-known to all of you). Before we came along, complete with our semi-outlaw, trendy name, the standard process when a crypto or privacy issue came up would be to get obligatory interviews with John Perry Barlow (I like him, but if I read one more account of his experiences as a lyricist for the Grateful Dead I'm going to puke...this is overexposure with a capital "O"), Mitch Kapor, and various folks from the ACLU and CPSR. The Cypherpunks provide a useful contrast, in my opinion. 5. And the Cypherpunks turn out to have a lot of very bright and interesting people, including many from the phone phreaker community, the PGP development community, and various other subcultures (like FidoNet, modem makers, wireless communications, and so on). This automatically makes us more diverse than groups like the CPSR and ACLU. 6. In a sense, we occupy an ecological niche that meets certain journalistic needs. 7. In summary, I wouldn't place a lot of emphasis on standard political actions...it just doesn't go very far. Talking to our friends and family will have a miniscule effect, both in raw numbers and because the next election is a long way off. Need I say more? Subversive actions that generate media attention, that trigger other people to begin to do things (such as homebrew voice encryption with SoundBlaster boards and CELP compression, as just one example), and that create new communities (Cypherpunks, Extropians, etc.), are much more effective. By the way, in a more standard way of doing things, I've been in touch with Jim Bidzos, President of RSA Data Security. I sent out a note on this recently. And I'll be meeting this evening with Eric Hughes, who's visiting the Monterey Bay area. We may be calling an emergency meeting of the Cypherpunks soon. Stay tuned. Don't get me wrong, folks. These are crucial times. A "War on Crypto" that mimics the "War on Drugs" is a distinct possibility. Any actions we take, from writing letters to calling t.v. stations to boycotting vendors of the "Wiretap Chip," will be useful. -Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Sun, 18 Apr 93 12:14:32 PDT To: cypherpunks@toad.com Subject: Clipper details via Hellman Message-ID: <9304181914.AA03014@servo> MIME-Version: 1.0 Content-Type: text/plain From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jwarren@autodesk.com (Jim Warren) Date: Sun, 18 Apr 93 12:23:27 PDT To: cypherpunks@toad.com Subject: illustrating govt's preoccupation with terrorism Message-ID: <9304181915.AA01239@megalon.YP.acad> MIME-Version: 1.0 Content-Type: text/plain This is an excerpt from a LONG msg echoed to me by Dave Farber. Though it's from USIA -- not a police/enforcement agency -- it is nonetheless heavily concerned with "terrorism", the theme repeatedly referenced in the White House's Clipper Chip announcement. I've included the first part down through the first article as an example, and gave only the headlines of the remaining articles -- but you get the idea. Just FYI. [And, no, I don't know where/how Dave got it electronically in the first place. :-) ] --jim =============== Posted-Date: Sat, 17 Apr 1993 11:15:04 -0500 From: David Farber X-Sender: farber@linc.cis.upenn.edu Subject: I hope this continues to be distributed To: interesting-people@eff.org (interesting-people mailing list) >UNITED STATES INFORMATION AGENCY >FOREIGN MEDIA REACTION--DAILY DIGEST > >For further information: Anne Chermak, Chief >Media Reaction Staff (P/M), Tele. No. (202) 619-6511 > >Monday, April 12, 1993 > > TERRORISM AND WORLD INSECURITY > >In recent editorials, Iran was universally recognized as the source >of the double threat of state-sponsored terrorism and Islamic >extremism. But beyond this fear and condemnation, journalists found >little common ground that would compel both North and South, and Arab >and non-Arab nations to work together to combat the global threat of >terrorism. For example, Egyptian and Algerian papers were in the >forefront in charging U.S. complicity in the current instability in >the Middle East. Those commentators asserted that the United States >had promoted Islamic fundamentalism during the Afghanistan War and >had further added to regional instability by alternately encouraging >Iraq and Iran. > >India's papers weighed the pros and cons of helping the West to >identify Pakistan's role in promoting terrorism, noting on the one >hand that doing so could "bring ruination to Islamabad's Kashmir >cause" but, on the other, could also bring India's security apparatus >uncomfortably close to the CIA and the Mossad. Arab papers continued >to portray Iraq and Libya as being unfairly treated by the UN while >Israel remains unpunished for resolutions which it has violated. > >Concerning Northern Ireland, President Clinton's message of >consolation to the victims of the Warrington bombing was seen in >British tabloids as signalling a tougher stance by the American >government against violence by the IRA. > > > >This survey is based on 32 reports from 10 countries, April 1-12. > >EDITOR: Gail H. Burke > > ===== This goes on for many pages with a range of article summaries including: > MIDDLE EAST >ALGERIA: "Middle East Equation Has Changed" >"Injustice Will Not Defeat Dignity" >"After the Neglect...Wake Up, Washington!" >"U.S. Did Not Make the Best Choice" >"Change of Tone" >EGYPT: "West Will Not Let Go Of Libya" >"Can Anybody Explain U.S. Contradictory Posture Regarding Iran?" >"Who Will Anti-Terrorism Front Target?" >"Puzzling Approach To Abdel Rahman's Stay In U.S." >"An Insult To Egyptian People, Leadership" >"Islamic Extremism Threat Has Links To Afghanistan War" >JORDAN: "Call For Arab Unity" >"Clinton Administration Should Start A New Page with Iraq" >"Arabs Should Not Support The U.S. Against Iran" >MOROCCO: "Something New In Lockerbie Issue?" >"The West Has To Understand Libya's Flexibility" >TUNISIA: "Why The War On Muslims?" > SOUTH ASIA >INDIA: "Time To Be Worldly-Wise" >"War By Other Means" >"Perils Of Intelligence Links With The CIA And Mossad" >"Embittering Ties With Pakistan" >PAKISTAN: "Another Step Closer" >"Terrorism In Kashmir" > EUROPE >BRITAIN: "Northern Ireland--Significant Gesture By Clinton" >"Clinton's Blown To IRA Killers" >ITALY: "Enter Iran" >"The Ayatollah's Latest Threat" >"Silence Over Israel" >"Warning to Iran, Islamic Fundamentalism" > > LATIN AMERICA >CHILE: "Iran's Objectives" From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: hal@alumni.cco.caltech.edu (Hal Finney) Date: Sun, 18 Apr 93 12:55:09 PDT To: extropians@gnu.ai.mit.edu Subject: IMPORTANT! Message-ID: <9304181952.AA16918@alumni.cco.caltech.edu> MIME-Version: 1.0 Content-Type: text/plain Based on some of the suggestions I've seen here and on the net, I am inclined more to believe that there is no threat to make non Clipper cryptography illegal. The plan instead is to make it a de facto standard for all encrypted voice communications. You will notice in the AT&T press release posted here that AT&T is offering to release its technical information in order to allow this standardization to proceed. (As the release said, you need more than just a common encryption standard, you also need standardization on the voice encoding.) AT&T is obviously in bed with the government on this, and it doesn't really matter at this point why. It's a big company and the government can do a lot for it. AT&T is apparently determined to take whatever steps are necessary for this standardization to come about. As far as non-clipper encryption, I imagine the government will initially exert as much influence as it can to prevent any competing standard from getting a toehold. They have apparently waited until the chips were ready to deliver in quantity. AT&T is promising to release clipper phones later this year. It's doubtful that anyone else could even come up with a standard that soon, let alone get it into hardware (or firmware). If the standard does become established, it could be tough to defeat it. How easy is it going to be to sell a phone which is incompatible with everybody else's for secure communication? You'd have to buy one for everybody in your company or group who wanted to communicate. Then if they wanted to make a secure call to someone outside (say, a supplier or distributor) they wouldn't be able to do it. It would be a similar problem to the video phones. Why buy one when almost no one else has one and so you can hardly ever use it? Who will buy a Beta VCR today? An RCA non-laser video disk? Non-clipper encrypted phones may experience similar lack of success. I think this is their main strategy. If it doesn't work, they have a fallback before they would have to forbid encryption in the way we have feared. That is to forbid the sale of commercial devices with non-clipper encryption. You don't stop private individuals from making their own devices, you just make it illegal to sell them. There is precedent for this, I think, in the scanner business. You can't sell scanners capable of eavesdropping on cellular calls. But nothing stops you from building your own if you are an electronics whiz. (I am not expert on the legalities of scanner law. Someone please correct me if I am wrong here.) Notice that in their document they said that U.S. citizens do not have the right to unlimited-strength commercial encryption. I didn't pay much attention to the word "commercial" before, but now I think it is important. This would imply that their next step would be to ban only commercial implementations of cryptography. This way they can counter our civil-liberties arguments by saying that nothing stops anyone from encrypting his messages if he really wants to; he's doing it in the privacy of his own home, after all. But when he gets out in the commercial arena the government has many precedents for limiting what is bought and sold, the scanner laws being just one of many. I'm not sure how ominous such a world would be - clipper chips dominating the (small) encrypted phone market, no commercial competition, and only a few hobbyists with PC's and modems able to set up clumsy untappable conversations via modem-to-modem links. I might be able to talk to Tim May securely, but not to Mom and Dad. In a way, I can still have privacy, if I really want it. But it won't be available to most people. I wouldn't be surprised if something similar to this vision were the goal of those behind the clipper. Hal From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Doctor Zaphod" Date: Sun, 18 Apr 93 13:06:37 PDT To: CypherPunks@toad.com Subject: CLIP: Chip -- Modification? Message-ID: <46995.drzaphod@ncselxsi> MIME-Version: 1.0 Content-Type: text/plain I havn't waded thru the entire stream of CypherPunks mail yet... but I thought I'd make a suggestion. If the clipper chip DOES in fact become widespread, in telephones, modems, whatever.. why don't we make an alternative chip [say.. based off the IDEA cypher and PGP keys] that uses the same pinouts as the Clipper chip. We, on the list, have been waiting for devices with the capability for encryption.. and it sounds as if ATT will be making it easier for us! Of course there might be some legal conflict with modifiying the devices.. and I think that's where our battle begins. --------------------------------------------------------------------- | DrZaphod | Stop, or I'll Encrypt! | | [AC/DC] / [DnA][HP] | Xcitement is Technology and Creativity | | [drzaphod@ncselxsi.uucp] | [Mind Police Censored] | --------------------------------------------------------------------- DrZaphod [AC/DC] / [DnA][HP] [drzaphod@ncselxsi.uucp] Technicolorized From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: zane@genesis.mcs.com (Sameer) Date: Sun, 18 Apr 93 15:03:02 PDT To: Dave Banisar Subject: Re: Media Sugestions, History of Clipper and Conspiracy theories In-Reply-To: <9304181016.AA32068@hacker2.eff.org> Message-ID: MIME-Version: 1.0 Content-Type: text/plain In message <9304181016.AA32068@hacker2.eff.org>, Dave Banisar writes: > > RE: Press Blitz > > I have found from experience, with some success, that the best way to > handle press if you to contact local press and present yourself > as a local expert on the subject. This gives them a local connection This seems to be an EXCELLENT idea. I wholeheartedly think that every cypherpunk with a strong knowledge of crypto (I haven't a strong knowledge yet-- still a newbie) contact the local press and offer your services as a local crypto-expert. I think that I probably know 10-15 times more than the general public about crypto, and it also seems that most of the people on this list know about 10-15 times more about crypto than myself. Thus there's a HUGE gulf of knowledge which must be remedied. -- | Sameer Parekh-zane@genesis.MCS.COM-PFA related mail to pfa@genesis.MCS.COM | | Apprentice Philosopher, Writer, Physicist, Healer, Programmer, Lover, more | | "Be God" - Me __ "Specialization is for Insects" - Robert A. Heinlein ____/ \_____________/ \____________________________________________________/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jwarren@autodesk.com (Jim Warren) Date: Sun, 18 Apr 93 13:39:06 PDT To: cypherpunks@toad.com Subject: Hellman cogitates on the Clipper Chip Message-ID: <9304182028.AA01470@megalon.YP.acad> MIME-Version: 1.0 Content-Type: text/plain Received this on Saturday and got Marty's permission to repost it to 'punks. --jim ====== From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Martin Hellman" Date: Tue Sep 07 12:37:57 1999 To: ... Subject: No Subject Message-ID: MIME-Version: 1.0 Content-Type: text/plain Subject: Clipper Chip Most of you have seen the announcement in Friday's NY Times, etc. about NIST (National Institute of Standards & Technology) announcing the "Clipper Chip" crypto device. Several messges on the net have asked for more technical details, and some have been laboring under understandable misunderstandings given the lack of details in the news articles. So here to help out is your friendly NSA link: me. I was somewhat surprised Friday to get a call from the Agency which supplied many of the missing details. I was told the info was public, so here it is (the cc of this to Dennis Branstad at NIST is mostly as a double check on my facts since I assume he is aware of all this; please let me know if I have anything wrong): The Clipper Chip will have a secret crypto algorithm embedded in Silicon. Each chip will have two secret, 80-bit keys. One will be the same for all chips (ie a system-wide key) and the other will be unit specific. I don't know what NIST and NSA will call them, but I will call them the system key SK and unit key UK in this message. The IC will be designed to be extremely difficult to reverse so that the system key can be kept secret. (Aside: It is clear that they also want to keep the algorithm secret and, in my opinion, it may be as much for that as this stated purpose.) The unit key will be generated as the XOR of two 80-bit random numbers K1 and K2 (UK=K1+K2) which will be kept by the two escrow authorities. Who these escrow authorities will be is still to be decided by the Attorney General, but it was stressed to me that they will NOT be NSA or law enforcement agencies, that they must be parties acceptable to the users of the system as unbiased. When a law enforcement agency gets a court order, they will present it to these two escrow authorities and receive K1 and K2, thereby allowing access to the unit key UK. In addition to the system key, each user will get to choose his or her own key and change it as often as desired. Call this key plain old K. When a message is to be sent it will first be encrypted under K, then K will be encrypted under the unit key UK, and the serial number of the unit added to produce a three part message which will then be encrypted under the system key SK producing E{ E[M; K], E[K; UK], serial number; SK} When a court order obtains K1 and K2, and thence K, the law enforcement agency will use SK to decrypt all information flowing on the suspected link [Aside: It is my guess that they may do this constantly on all links, with or without a court order, since it is almost impossible to tell which links over which a message will flow.] This gives the agency access to E[M; K], E[K; UK], serial number in the above message. They then check the serial number of the unit and see if it is on the "watch list" for which they have a court order. If so, they will decrypt E[K; UK] to obtain K, and then decrypt E[M; K] to obtain M. I am still in the process of assessing this scheme, so please do not take the above as any kind of endorsement of the proposed scheme. All I am trying to do is help all of us assess the scheme more knowledgably. But I will say that the need for just one court order worries me. I would feel more comfortable (though not necessarily comfortable!) if two separate court orders were needed, one per escrow authority. While no explanation is needed, the following story adds some color: In researching some ideas that Silvio Micali and I have been kicking around, I spoke with Gerald Gunther, the constitutional law expert here at Stanford and he related the following story: When Edward Levi became Pres. Ford's attorney general (right after Watergate), he was visited by an FBI agent asking for "the wiretap authorizations." When Levy asked for the details so he could review the cases as required by law, the agent told him that his predecessors just turned over 40-50 blank, signed forms every time. Levi did not comply and changed the system, but the lesson is clear: No single person or authority should have the power to authorize wiretaps (or worse yet, divulging of personal keys). Sometimes he or she will be an Edward Levi and sometimes a John Mitchell. Martin Hellman ======== And, his permission to repost. PLEASE NOTE HIS "RESTRICTION." --jim ======= From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Martin Hellman" Date: Tue Sep 07 12:37:57 1999 To: jwarren@autodesk.com Subject: Re: Marty's 4/17 Clipper Chip post-to-many ... Message-ID: <8adae482c22dbd963ba836e92e0723e2@NO-ID-FOUND.mhonarc.org> MIME-Version: 1.0 Content-Type: text/plain Jim, It is fine to post my previous message to cypherpunks if you also post this message with it in which: I ask recipients to be very sparse in their requesting further info from me or asking for comments on specific questions. By this posting I apologize for any messages I am unable to respond to. (I already spend too much time answering too much e-mail and am particularly overloaded this week with other responsibilities.) martin ========= Finally, there has been a significant reponse to this by a cryptoid well-known to all of us. Am seeking permission to repost it, also. --jim Incidentally, Marty sez he had no forewarning that Clipper was about to sail. The NY Times article blind-sided him about 11:30 Thursday night. Sounds like the government is really doing an outstanding job of careful, collaborative policy-making. [Danger! Novice gunslinger is shooting from the hip!] --jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "James A. Donald" Date: Sun, 18 Apr 93 23:27:00 PDT To: cypherpunks@toad.com Subject: subscribe In-Reply-To: Message-ID: <2bd1c9a7.jamesdon@infoserv.com> MIME-Version: 1.0 Content-Type: text/plain subscribe James A. Donald In case a human is reading this, I wish to subscribe to the cypherpunks mailing list. --------------------------------------------------------------------- | James A. Donald | Joseph Stalin said: "Ideas are more powerful | than guns. We would not let our enemies have jamesdon@infoserv.com | guns, why should we let them have ideas." From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uni@acs.bu.edu (Shaen Bernhardt) Date: Sun, 18 Apr 93 10:43:58 PDT To: cypherpunks@toad.com Subject: Media Blitz Message-ID: <9304181743.AA38488@acs.bu.edu> MIME-Version: 1.0 Content-Type: text/plain Having sent faxes to all the targets on my media list, I'm looking for the following: 1> A Fax number for AT&T public relations so I can explain to them that they can count my business out if they don't wise up. 2> A Fax number for Intergraph Corp 3> Internet addresses for same. I sent the following text to several media contacts: April 18, 1993 Sir or Madam, I am sending this text to call your attention to what I and others believe to be a grievous attack on privacy for the private sector and the public at large. On April 16, 1993 the White House Office of the Press Secretary issued a statement regarding the administration's emerging policy on encryption hardware and technology. In short this policy is a ruse. With the increasing reliance on data links and E-Mail to communicate, cryptography has evolved to protect the otherwise vulnerable data traffic in this country. E-Mail and data transfers are not as secure from tampering and compromise as is the postal service. Messages sent through mail nets have no "envelopes" and are unprotected from the prying eyes of system administrators on any of the many nodes a message may pass through. Indeed those using electronic mediums for mail services are entitled to some reasonable assurance of privacy. As a result, cryptography and encryption have become fruitful industries in this country. The Clinton administration seems well on the way to destroying this industry and stomping on the rights of citizens to secure their communications from surveillance. The "Clipper Chip Proposal," which is becoming known in the academic community as the "Big Brother Proposal," bills itself as a solution to the conflict between law enforcement and "crypto industry." It is not. By enforcing the Clipper technology as a standard, the Clinton administration has taken the first step in regulating all encryption technology and selling short the American people. The Clipper technology, by the administration's own admission, is compromised from the beginning. Cipher keys for Clipper hardware are to be segmented and stored in depositories maintained by two agencies, (which remain yet unnamed) and released with "the proper authorization." No one educated in the nuances of encryption would take such a system seriously. Willingness to accept a system that comes already compromised is simply unimaginable, at least while other systems are still around. The administration insists that the algorithm for the Clipper technology is secret, and will not be released to the academic sector or the public at large. A vital part of the development process of any new algorithm is its' ability to withstand the scrutiny of the academic and private sectors. The current encryption standard (DES) is a prime example. The algorithm for DES was made available to the academic and private sectors at no loss of security to those using DES based systems. Indeed the weaknesses of DES were eventually revealed by the academic sector as a direct result of this scrutiny. Part of the mark of a well designed system is in the ability to remain secure despite disclosure of the algorithm. No entity can be expected to trust such a system without being able to review it for additional "backdoors" written into the system. I cannot fathom that the administration has not realized these points. They must know that such a system as the Clipper Chip is unmarketable and doomed to failure in its' current state. As long as other technology remains available, who would buy the Clipper Chip? And how does the introduction of the Clipper Chip aid law enforcement in protecting American citizens? Alone it does not. Any organization, criminal or otherwise, would be quite content to patronize other vendors not employing the Clipper Chip, many of which currently exist. I can only assume then that the administration's next step is to place heavy regulations on other hardware and software products not utilizing Clipper Chip technology, using the availability of Clipper systems to justify their move. The increasingly authoritarian methods the administration continues to adopt deserve careful scrutiny. The precedents established by this move, namely the regulation of the software industry, denial of reasonable freedom from government intrusion in personal affairs, and government created technology monopolies, are more than alarming, but dangerous. When confronted with the possibility of facing fines or criminal penalties for which computer program we use, the phrase I hear more and more often is, "I can't believe it's happening here." Most Concerned, [Signature] Shaen Logan Bernhardt I (uni@acs.bu.edu) Are my letters annyoing anyone yet? uni (Dark) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Sun, 18 Apr 93 13:47:37 PDT To: cypherpunks@toad.com Subject: Followup message from Hellman Message-ID: <9304182047.AA03182@servo> MIME-Version: 1.0 Content-Type: text/plain From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: David Reeve Sward Date: Sun, 18 Apr 93 11:02:18 PDT To: cypherpunks@toad.com Subject: MEDIA: Adam Smith Message-ID: <4foNRYG00Uh_E2XtYF@andrew.cmu.edu> MIME-Version: 1.0 Content-Type: text/plain One person I didn't see listed is Adam Smith. Sometime during the last week of March he aired a piece about privacy - use of SSN, the information you can get via computer & modem and others. He may be receptive to wiretap chip debate. -- David Sward sward+@cmu.edu Finger or email for PGP public key 3D567F fingerprint = E5 16 82 B0 3C 96 DB 6F B2 FB DC 8F 82 CB E9 45 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Timothy Newsham Date: Sun, 18 Apr 93 17:03:28 PDT To: psionic@wam.umd.edu (Haywood J. Blowme) Subject: Re: Amiga programmers. In-Reply-To: <199304182317.AA18599@rac3.wam.umd.edu> Message-ID: <9304190003.AA06605@toad.com> MIME-Version: 1.0 Content-Type: text/plain > The basic idea I think would need the following: > > - A sound digitizer > - High speed modem > - 68020 or above processor (for speed purposes) > - Good encryption algorithm (IDEA for example) > > Implementing the system would involve using the digitizer to digitize the > voice. Then processing the sample (in real time) through the encryption > algorithm and sending the output to the modem for transmission. The process > would be repeated on the other end. > > The problems I see occurring are the following > > - Speed of the computer affecting real time encryption > - Synchronizing the data packets for accurate decryption on the other side. > - simultaneous I/O on the serial and parallel ports(for modem and digitizer) > - outputing to speakers on receiving end. > - having the whole process operate in a full duplex mode (ie. both people > can talk at the same time). > > > I think the majority of functions can be handled by the system libraries and > outside sources (such as xpkidea.library for encryption). > > Does this sound feasible?? From what I gather CELP takes about 10 to 15 MIPS and LPC takes somewhere under 5 MIPS on DSP chips. Instructions including fixed point multiplies and accumulations (not counting divisions). Thats quite a load for a 68020 to bear and still do encryption and communications isnt it? I have been working on an encrypted link protocol, I have written a unix end (w/ sockets for debugging) as well as some prototype amiga ends (nothing nice yet). It is basically a term program with an encrypted mode built in. I have released the unfinished but operational unix end so far (link.tar.Z) but have been too pressed for time to work on it lately. I am also working with a DSP chip and plan to implement LPC at bandwidths of about 2000 bps. This will be low quality (less than toll quality, but "good enough" for.. well for me :) I hope the end product will be reproduceable for under $50. (I am using the ADSP 2105 DSP microcontroller which offers 10 MIPS for about $12) Someone has mentioned that there is a ZYXEL chip that has CELP built in to it, this might be a faster way to go, does anyone have more details? I plan to incorporate the two when I am finished to allow encrypted voice between two endpoints, and hopefully also over some networks (were delay time doesnt cause too much problems, long distances over packet switching might not work so nicely). progress: I have developed and implemented the protocol engine of the link protocol and written a unix end. I have started assembling (but not programming) the DSP board, I plan later to add on-board d/a and a/d but for the time being I will be importing samples from the amiga, and retrieving LPC coded data. I am encouraging other people to use my protocol engine and incorporate it into terminal programs. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: zane@genesis.mcs.com (Sameer) Date: Sun, 18 Apr 93 15:04:12 PDT To: cypherpunks@toad.com Subject: Putting out a paper-magazine Message-ID: MIME-Version: 1.0 Content-Type: text/plain I HIGHLY suggest that publishing-inclined cypherpunks start publishing cypherpunk-oriented PAPER newsletters to: A) Get out the word about how Clipper sucks B) Educate people about strong crypto, in layman's terms (tough one) C) Raise public support for strong crypto. There are probably other reasons why we want to do this as well. (When the discussion here was about technical details, I was greatly interested, but I had nothing to say-- now that the time has come for activism.. I feel that I can help..) The idea for full-page ads is nice. I'd advertise for raising funds for such a venture in my libertarian-leaning newsletter. -- | Sameer Parekh-zane@genesis.MCS.COM-PFA related mail to pfa@genesis.MCS.COM | | Apprentice Philosopher, Writer, Physicist, Healer, Programmer, Lover, more | | "Be God" - Me __ "Specialization is for Insects" - Robert A. Heinlein ____/ \_____________/ \____________________________________________________/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phil Karn Date: Sun, 18 Apr 93 15:31:38 PDT To: cypherpunks@toad.com Subject: voice privacy for the masses Message-ID: <9304182233.AA01522@unix.ka9q.ampr.org> MIME-Version: 1.0 Content-Type: text/plain I think Hal Finney's analysis is not far from the mark. Saner elements in the government probably do realize the utter impossibility of a complete ban on uncrackable crypto given the existence of talented, knowledgeable and highly motivated (especially now!) "cypherpunks". But the government has also found that with very little effort, they can still have an enormous practical effect on the non-cypherpunk masses. Heck, look at what the NSA did to the digital cellular standards by standing in the shadows and quietly threatening to withhold export approval to phones with meaningful technology. The NSA barely had to whisper its objections, because the industry simply doesn't care very much about customer privacy. Certainly not enough to risk not only their non-US markets, but also the ability to have phones manufactured overseas for the US market. And then NSA rubs salt in the wound by brazenly claiming that they're only concerned about encryption getting into the hands of unfriendly foreign governments. As far as they're concerned, they say with a perfectly straight face, Americans are free to use any encryption scheme they want. I wonder how people like that can sleep at night. Well, the implications are obvious. If the public is ever to benefit on a large scale from strong encryption technology, it cannot depend on a normal market to sell it to them in turnkey packages. As soon as you go into business overtly selling such packages, the government pressure will begin. They will make sure that you do not become too successful, either by banning exports or by flooding the market with inferior technology that they can break (like Clipper). So we need to create a rather nonconventional "market". More specifically, we need to find a way to bring the efforts of the cypherpunks to the public with minimal cost and in a way that the government cannot control. By far the best way to do this is to write and distribute free crypto software that requires only readily available general purpose hardware to run. As we know, duplicating and distributing software is so trivial that controlling it is virtually impossible. And while it's theoretically somewhat easier for the government to ban or regulate, say, modems faster than 2400 bps or CPUs faster than 10 MHz 286s, general purpose computer hardware like this has so many other "legitimate" uses that in practice a ban would again be impossible. I've contributed a little to this effort myself with my public domain DES code, but it's the PGP effort that has really made this a reality. PGP is now unstoppable, and it's well on the way toward providing large scale privacy for email and other textual information. But voice is still a problem. What we really need now is "PGVP" ("Pretty Good Voice Privacy"), i.e., a package of public domain software that, when again combined with readily available general purpose computer hardware, produces a highly secure telephone. We already have two of the three hardware components of a digital secure telephone well in hand: CPUs capable of encrypting digital voice in real time, and reasonably fast telephone modems. The one remaining piece to the puzzle is the vocoder, as conventional waveform sampling of speech produces a data rate too high for telephone modems. (Faster modems might alleviate the need for a low bit rate vocoder, but current generation modems are already running very close to theoretical limits, and there won't be too many more improvements.) Ready-made vocoders are available. In fact, my company (Qualcomm) just announced one (the Q4400) as a spinoff of our CDMA digital cellular system. It's a mask-programmed AT&T DSP-16A DSP chip. Unfortunately, like many leading-edge products, it's not cheap: $69/ea in quantity 1000, and reportedly nearly $200 in small quantities. A second alternative is to run your own vocoder software. But vocoders are notoriously compute-intensive, and they're traditionally run on DSPs. And DSPs do not yet qualify as "widely available general purpose computer hardware". That leaves a third possibility: tuning vocoder software to run in real time on a fast general purpose processor like a 486. John Gilmore has already obtained and distributed public domain code that implements the Federal standard CELP vocoder algorithm (used in government secure telephones, a nice twist) but my understanding is that it's too slow to run in real time on popular computers. Van Jacobson at LBL has reportedly tuned it to run in better than real time on a Sparc 1+, but he hasn't released it yet and he's a notoriously hard guy to get ahold of. So the request of the day is this: who's willing to take that CELP code, bum enough instructions out of it so it will run in real time on a 486, and place his or her work back out into the public domain? Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: zane@genesis.mcs.com (Sameer) Date: Sun, 18 Apr 93 15:06:34 PDT To: cypherpunks@toad.com Subject: Address of major telecom decision makers (AT&T, etc.) In-Reply-To: <9304170414.AA23048@churchy.gnu.ai.mit.edu> Message-ID: MIME-Version: 1.0 Content-Type: text/plain If someone has the addresses of these people it would be a very good idea to post these addresses (addresses of the NIST, Denning, etc. folk would be good as well.. I don't know those but those are probably more well-known than head-AT&T folk) here so that we can inundate them with mail and use these addresses in the full-page ads we buy in the newspapers. -- | Sameer Parekh-zane@genesis.MCS.COM-PFA related mail to pfa@genesis.MCS.COM | | Apprentice Philosopher, Writer, Physicist, Healer, Programmer, Lover, more | | "Be God" - Me __ "Specialization is for Insects" - Robert A. Heinlein ____/ \_____________/ \____________________________________________________/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: R.Tait@bnr.co.uk Date: Sun, 18 Apr 93 07:46:56 PDT To: cypherpunks@toad.com Subject: What Clinton's proposal will mean to the Rest of the World Message-ID: <199304181446.7907@bnsgs200.bnr.co.uk> MIME-Version: 1.0 Content-Type: text/plain Cypherpunkers, Having just digested the press release, and the subsequent followups on sci.crypt and on here, I am beginning to wonder what ramifications this might have in other countries, specifically the "Superpowers". Surely setting such a precedent in his own country will spark off a flurry of activity in places such as the UK, Germany, France et al, so that they are not "left behind", so-to-speak? To be quite honest, I can't see the English government taking such radical steps about secure telecommunications, quite simply, because BT have such a lacsidasical [sp?] approach to new and emerging technologies. Take for instance, IDSN. Their philosophy of marketing and "selling" ISDN is laughable - I once read a newspaper article which related a tale of a Corporation who wanted to learn if ISDN could be useful to it's business practices, and it seems that BT just kept jostling them between department (Dept X: "Phone Dept Y", Dept Y: "Phone Dept X" etc). Can anyone really see that the US government (or whoever) will completely outlaw all strong data encryption? This violates the basic human right of free communications/privacy. What a world we live in, huh? -- Rick M. Tait Bell Northern Research Europe Tel: +44-81-945-3352, Fax: +44-81-945-3352 Network Management Systems New Southgate, London. UK email: ricktait@bnr.co.uk || rt@cix.compulink.co.uk || ricktait@bnr.ca From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: smb@research.att.com Date: id AA03087sendmail 5.67/QC-subsidiary-2.1 via SMTPSun, 18 Apr 93 13:14:19 -0700 for karn To: gong@csl.sri.com, karn Subject: correction from Hellman Message-ID: <9304182014.AA01706@qualcomm.com> MIME-Version: 1.0 Content-Type: text/plain Here's a follow-up note from Hellman, in response to a question I sent (and also in response to my request to post his original note to netnews). ------- Forwarded Message Date: Sun, 18 Apr 93 11:41:42 PDT From: "Martin Hellman" To: smb@research.att.com Subject: Re: Clipper Chip It is fine to post my previous message to sci.crypt if you also post this message with it in which: 1. I ask recipients to be sparse in their requesting further info from me or asking for comments on specific questions. By this posting I apologize for any messages I am unable to respond to. (I already spend too much time answering too much e-mail and am particularly overloaded this week with other responsibilities.) 2. I note a probably correction sent to me by Dorothy Denning. She met with the person from NSA that I talked with by phone, so her understanding is likely to better than mine on this point: Where I said the transmitted info is E{ E[M; K], E[K; UK], serial number; SK} she says the message is not double encrypted. The system key (or family key as she was told it is called) only encrypts the serial number or the serial number and the encrypted unit key. This is not a major difference, but I thought it should be mentioned and thank her for bringing it to my attention. It makes more sense since it cuts down on encryption computation overhead. ------- End of Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: AJ Janschewitz <0005037030@mcimail.com> Date: Sun, 18 Apr 93 09:36:17 PDT To: cypherpunks Subject: Another one-way street Message-ID: <51930418163515/0005037030ND3EM@mcimail.com> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Well, the Clintoon Administration has opened up yet another electronic channel besides the one on CI$. The White House can also be reached at 5895485@mcimail.com. Their usual rules apply: Give a snail return address if you want a response. Looks like the "data highway" is, for the time being, a one-way street ... ==a.j.== -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK9F98xk4MFKFFwHhAQH42AP/ZRh7WRDqdP2LpkDiO2/IGzEbaVr9UR7y AeqRQAAjSCmC5o1ApJ5oAd22GIqyeaRfnpXy0WuRsJRkxdEpDLbzYnGLSCaT4DOh o4Hj4EHTFIy7exN9vRkAFaXA1E7E9dl7D1xajbv7F4L6Y26TivvhMP5WRtKuHIxW re2YpapLOuY= =amKI -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: zane@genesis.mcs.com (Sameer) Date: Sun, 18 Apr 93 16:23:16 PDT To: extropians@gnu.ai.mit.edu Subject: CLIP: Sample/Draft letter to the editor Message-ID: MIME-Version: 1.0 Content-Type: text/plain I wrote up a letter to the editor on the issue, which I will send to the local newspapers and the major newspapers. I'd like comments, and criticisms so that I may make the letter more effective. I also plan on writing an article in my newsletter _The Free Journal_ on this big brother plan. (I plan on including excerpts from _From Crossbows to Cryptography_ in this "Crypto" issue as well.) Editor: The Clinton administration on Friday unveiled their plan for establishing a standard data encryption system for voice communications. This plan is abhorrent and reeks of Big Brother. President Clinton says that he wants to bring the United States into the twenty-first century. This proposal is bringing us to 1984. First I will mention technical reasons why the system is inadequate. The encryption algorithim is classified. Only a select group of people will be allowed to examine the algorithim for flaws. The members of the cryptographic community emphasize that the only way to make sure that a cryptographic system is secure is to have as many people as possible analyze and try to break it for as long as possible. A system which has been examined by a small segment of the population will not be trusted to be secure. The key used in this algorithim is very small-- it is easily attacked by brute-force. The encryption key is only eighty bits long. Such a small key lends itself to easy decryption by an unauthorized party. It would lend a false sense of security to laypersons in the field who do not realize that a key of such simplicity could be cracked easily by any talented criminal. Apart from the technical flaws in the system, there are many political problems with the recent big brother proposal. First, there is the assumption that the government has a right to spy on its own citizens. The proposal for this wiretap chip includes the registration of keys with two escrow agencies. This is purported to allow law enforcement to keep track of "terrorists" and "drug-dealers." The first flaw in this key-escrow system is that no self-respecting criminal will use a cryptography system which can be easily tapped by law enforcement officials-- they will use strong cryptography. Thus the only people who may end up using the wiretap encryption system will be law-abiding laypeople who don't fully understand cryptography. (Law-abiding citizens who do understand cryptography will use strong cryptography to preserve their privacy from a talented criminal.) The proposal says that in order to obtain the key of a wiretap chip user a law enforcement agency must first establish that they have a valid interest in the key. Translated out of legalese, that means that all a government agency will have to do to get access to all of the private communications between, for example, a lawyer and her client will be to fill out the necessary forms. Registering cryptographic keys with the government is similar to giving the IRS the keys to your house and filing cabinet. The chip is being manufactured exclusively by one company. The release stated that the Attorney shall request (i.e. coerce) telecommunication product manufacturers to use this product. This aspect of the system is a government-mandated monopoly. Such monopolies result in high prices and the elimination of market forces which drive the improvement of technology. (One needs only look at the state of the Soviet Union to see how the lack of market forces affects consumer technology.) What is feared the most from the proposal is that if the wiretap chip becomes the standard, strong cryptography will be declared illegal. If such is the case, then only criminals will have access to strong cryptography. As I have stated above-- the wiretap chip will not be used by criminals because of the obvious flaws in the crypto-system-- criminals will use strong crypto, while law-abiding citizens will have to use a system which can be easily defeated by any criminal. Strong cryptography already exists for data communications, for -free-. Strong cryptography for voice communications for -free- is only a few months away for people who own a personal computer. There is no way that making strong cryptography illegal will stop it-- it will only turn otherwise law-abiding citizens into criminals. Sincerely, Sameer Parekh -- | Sameer Parekh-zane@genesis.MCS.COM-PFA related mail to pfa@genesis.MCS.COM | | Apprentice Philosopher, Writer, Physicist, Healer, Programmer, Lover, more | | "Be God" - Me __ "Specialization is for Insects" - Robert A. Heinlein ____/ \_____________/ \____________________________________________________/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Clark Reynard Date: Sun, 18 Apr 93 15:04:20 PDT To: cypherpunks@toad.com Subject: Cypherpunks--Mission Statement Needed Message-ID: <9304182253.AA01388@metal.psu.edu> MIME-Version: 1.0 Content-Type: text/plain CP is for Crypto Privacy, because we feel that privacy and cryptography are now more inextricably linked than ever. We shall likely have to use crypto to hide our crypto. CP is for Changing Policy, both CP policy and existing government policy. CP is for Conscious Paranoia. We know and understand the issues involved, both the political and the scientific. We _are_ paranoid, but we know _why_ we're paranoid, and justify it as a _rational_ response. [The use of 'paranoia' is loose, of course, since the strict meaning and popular meaning differ widely.] CP is for Cypher Punks. Cypher because not only do we use cyphers, but in a certain sense we _are_ cyphers. Punks? A contemptuous term created by those contemptuous of those who fail to pay allegiance to the Almighty Government. Should it be a badge of pride, or a shameful term used for a shameful purpose? I believe that if we are to be effective, we ought to decide on a number of tenets which just aren't in the FAQ now. Tim May's .signature seems as good a place to start as any. Methods of implentation, boat-rocking and some form of plan will likely be necessary. Send mail to me or to the list, preferably to my mail address at nyx.cs.du.edu; and I will summarize and post, stripping headers if requested and eliminating redundant entries. The FAQ needs to be revised, I believe, to reflect the current crisis, and I am more than willing to help re-write it if anyone finds it agreeable. Thank you. [Aside: I appear to be getting two copies of many letters-- if anyone makes a snide comment about multiple postings of articles, I'll, I'll, I'll, uh, grin and look sheepish-- and I wonder if others have this problem; it's not a double sub, per se, as some letters _aren't_ doubled. Ah, well, it's probably nothing, just the side effects of the surveillance software.] ---- Robert W. Clark rclark@nyx.cs.du.edu PGP signature available by mail or finger From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uni@acs.bu.edu (Shaen Bernhardt) Date: Sun, 18 Apr 93 15:17:31 PDT To: cypherpunks@toad.com Subject: Status of Voice Encryption with PC/Mac? Message-ID: <9304182217.AA114200@acs.bu.edu> MIME-Version: 1.0 Content-Type: text/plain I keep hearing about voice scrambling technology in conjunction with high speed modems and soundblaster cards.... Anyone care to comment on the availability of said devices? The Supra people mentioned something, I'll check into it. how about the potential for RAW cyphertext from PGP? Hiding cyphertext in other mediums...? Is any of this available today? uni (Dark) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: hkhenson@cup.portal.com Date: Sun, 18 Apr 93 19:21:06 PDT To: cypherpunks@toad.com Subject: Re: AT&T Press Release on Clipper Message-ID: <9304181828.2.10206@cup.portal.com> MIME-Version: 1.0 Content-Type: text/plain On Sun, 18 Apr 1993 09:49:35 -0500 Dave Banisar posted: >Subject: AT&T Press Release on Clipper > >Here's AT&T's announcement on the Clipper. > > > AT&T TO INCORPORATE NEW 'CLIPPER' CHIP INTO SECURE COMMUNICATIONS >PRODUCT LINE > >GREENSBORO, N.C., April 16 > > AT&T (NYSE: T) said today it is moving to improve the security and privacy >of telephone communications by incorporating a just-announced new U.S. >government technology for voice encryption into its secure communications >product line. > > AT&T will use the Clipper chip, announced today by President Clinton as a [mucho deleted] > AT&T Secure Communications Systems is headquartered in Greensboro. > For more information about the AT&T Telephone Security Device 3600 >and other AT&T Secure Communications Products, call David Arneke at >919-279-7680. > CONTACT: David Arneke of AT&T Secure Communications Systems, 919-279- >7680,or after hours, 919-273-5687, or Herb Linnen of AT&T Media Relations, >202-457-3933, or after hours, 202-333-9162 Expecting to get a recording or something of the like, I called the last of these numbers, and got a considerably agitated Herb Lennen--at home--who had already been the recipient of a call or two. He was not happy, to put it mildly! I kindly informed him that his home phone number had been posted all over the computer nets by someone posting an official ATT press release, and that the government's universal wiretap chip, er Clipper chip, was fast becoming a controversial topic. He accused me of being with an "organized hacker group," and stated that he only talks to people from news organizations of the NYT and Wall Street Journal size. I offered to send him a sample of the comments, but he declined to give me his email address. (Though I suspect that Herb_Lennen@att.com might work.) Most interesting though, he told me that John Markoff had written the definitive (and he implied positive) story on the chip. Yo John! If you are not reading the cypherpunks list for the "other side" of this story, you might want to. Keith Henson From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uni@acs.bu.edu (Shaen Bernhardt) Date: Sun, 18 Apr 93 15:43:22 PDT To: cypherpunks@toad.com Subject: FAQ's Message-ID: <9304182243.AA107262@acs.bu.edu> MIME-Version: 1.0 Content-Type: text/plain Perhaps someone should cook up a frequently asked questions sheet with regard to our position on the Wiretap chip proposal? Something bent a little more in the direction of consequences and not promises? Q: What will the Clipper Chip really mean for Privacy? A: The Clipper chip bills itself as the answer to a nations right for privacy, when indeed it is less secure than many of the algorithms in circulation today. Buying a Clipper Chip device is the same as handing the government your login password and accepting the promise, "We'll only use it with proper authorization..." Admittedly my example is less than eloquent, perhaps someone can come up with better? Given this format, and if the questions and answers are kept in layman's terms, it could reasonably be distrubuted to some of the less technical news groups and things like comp.mac.comm and such.... uni (Dark) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Haywood J. Blowme" Date: Sun, 18 Apr 93 16:18:11 PDT To: cypherpunks@toad.com Subject: Amiga programmers. Message-ID: <199304182317.AA18599@rac3.wam.umd.edu> MIME-Version: 1.0 Content-Type: text/plain A curious thought occurred to me several months ago, and it was recently brought up again when someone mentioned doing it on IBM's with soundblasters. This idea has been sitting basically on the back burner for a while now. But now with the current climate (Wiretap chip proposed) I think it is relevant. This idea basically applies to Commodore Amiga computers. So if you are a programmer and would like to help me with this please E-Mail me about it. The basic idea I think would need the following: - A sound digitizer - High speed modem - 68020 or above processor (for speed purposes) - Good encryption algorithm (IDEA for example) Implementing the system would involve using the digitizer to digitize the voice. Then processing the sample (in real time) through the encryption algorithm and sending the output to the modem for transmission. The process would be repeated on the other end. The problems I see occurring are the following - Speed of the computer affecting real time encryption - Synchronizing the data packets for accurate decryption on the other side. - simultaneous I/O on the serial and parallel ports(for modem and digitizer) - outputing to speakers on receiving end. - having the whole process operate in a full duplex mode (ie. both people can talk at the same time). I think the majority of functions can be handled by the system libraries and outside sources (such as xpkidea.library for encryption). Does this sound feasible?? ============================================================================= /// | psionic@wam.umd.edu | Q: How did the govt. decide to use an 80 __ /// C= | Craig H. Rowland | bit key for the new clipper chip? \\\/// Amiga| PGP Key Available | A: They combined Bill and Hillary \/// 1200 | by finger. | Clintons' IQ's. ============================================================================= From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: vanam@phazer.ksu.ksu.edu (Stephen Lee(Second son of Caine)) Date: Sun, 18 Apr 93 18:04:43 PDT To: cypherpunks@toad.com Subject: unsub Message-ID: <9304190104.AA16243@phazer.ksu.ksu.edu> MIME-Version: 1.0 Content-Type: text/plain unsubscribe me please thanx.... Stephen From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Bill Sommerfeld Date: Sun, 18 Apr 93 17:37:05 PDT To: karn@qualcomm.com Subject: Followup message from Hellman In-Reply-To: <9304182047.AA03182@servo> Message-ID: <9304190011.AA00158@orchard.medford.ma.us> MIME-Version: 1.0 Content-Type: text/plain Quoting Martin Helmann as forwarded by Steve Belloving and Phil Karn: she [Denning -sommerfeld] says the message is not double encrypted. The system key (or family key as she was told it is called) only encrypts the serial number or the serial number and the encrypted unit key. This is not a major difference, but I thought it should be mentioned and thank her for bringing it to my attention. This sounds pretty unlikely to me -- if the message isn't double-encrypted, the "tags" could be separated from the ciphertext without too much effort. Of course, it's not clear whether the receiving system checks the serial number, or whether the serial number is factored into E[M;K]; conceivably, those things could be reconstituted on the other end if the receiving wiretap chip needed them.. - Bill From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Matthew J Miszewski Date: Sun, 18 Apr 93 18:14:20 PDT To: cypherpunks@toad.com Subject: MEDIA: Calm Message-ID: <23041820135802@vms2.macc.wisc.edu> MIME-Version: 1.0 Content-Type: text/plain Everyone, Im glad to see so many insightful letters being sent/broadcast to media types. I think that our cause would be better served with a toning down of the rhetoric and techno-talk. I understand what your saying but Joe Byline may not. Keep it simple. On that note, I think one more effective strategy is for some cypherpunks to write thoughtful letters which appear (or do) come from strict lay people scared at the thought of the "Wiretap Chip". If it appears that only techno- types care about this issue, then no one else will. I know non-crypto experts read this list, so this is a call to you to express your opinions publically as john/jane doe on the street. You dont have to speak to the technical side of things at all. Simply let the world know your afraid and so should everyone else. Leave the cryptoanalysis to the experts (Tim, Eric, et al) Keep up the good work everyone. Matt From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: D Anton Sherwood Date: Sun, 18 Apr 93 22:48:08 PDT To: cypherpunks@toad.com Subject: gentlemen Message-ID: <199304190547.AA19600@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Who was the statesman who said, two generations ago, "Gentlemen do not read each other's mail"? By the way, the San Francisco Chronicle's business section's Saturday headline was Secret Phone Plan Under Fire or maybe it was Secure Phone Scheme Draws Fire *\\* Anton Ubi scriptum? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Haywood J. Blowme" Date: Sun, 18 Apr 93 19:50:39 PDT To: cypherpunks@toad.com Subject: Amiga Crypto Message-ID: <199304190250.AA12313@rac3.wam.umd.edu> MIME-Version: 1.0 Content-Type: text/plain Return-Path: >> The basic idea I think would need the following: >> >> - A sound digitizer >> - High speed modem >> - 68020 or above processor (for speed purposes) >> - Good encryption algorithm (IDEA for example) >> >> Implementing the system would involve using the digitizer to digitize the >> voice. Then processing the sample (in real time) through the encryption >> algorithm and sending the output to the modem for transmission. The process >> would be repeated on the other end. >> >> The problems I see occurring are the following >> >> - Speed of the computer affecting real time encryption >> - Synchronizing the data packets for accurate decryption on the other side. >> - simultaneous I/O on the serial and parallel ports(for modem and digitizer) >> - outputing to speakers on receiving end. >> - having the whole process operate in a full duplex mode (ie. both people >> can talk at the same time). >> >> >> I think the majority of functions can be handled by the system libraries and >> outside sources (such as xpkidea.library for encryption). >> >> Does this sound feasible?? newsham@wiliki.eng.hawaii.edu Writes: >From what I gather CELP takes about 10 to 15 MIPS and LPC takes >somewhere under 5 MIPS on DSP chips. Instructions including >fixed point multiplies and accumulations (not counting divisions). >Thats quite a load for a 68020 to bear and still do encryption >and communications isnt it? [Stuff deleted] This is true. But if a sampling rate of about 9000-10,000 samples per second are used this will allow for good voice quality and the encryption algorithm should be able to handle it. The IDEA implementations I have seen for the Amiga run about 30-50K per second on my Amiga 1200 with 68020. This should be fast enough. If you then can send that data directly to the serial port with a fast modem 14.4K it should work. But it might sound choppy (haven't done the figures yet on how much data would be going to the modem while the person speaks, but it may be substantial enough to make the use of a high speed modem not feasible. Also I have to consider that data compression in the form of LAP/M or MNP will be ineffective against the encrypted data as it will appear as white noise and will be largely uncompressable.. ============================================================================= /// | psionic@wam.umd.edu | Q: How did the govt. decide to use an 80 __ /// C= | Craig H. Rowland | bit key for the new clipper chip? \\\/// Amiga| PGP Key Available | A: They combined Bill and Hillary \/// 1200 | by finger. | Clintons' IQ's. ============================================================================= From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ld231782@longs.lance.colostate.edu Date: Sun, 18 Apr 93 22:06:28 PDT To: cypherpunks@toad.com Subject: musings from a madman Message-ID: <9304190506.AA09069@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain Hellman's Hints --------------- [Hellman] >When a message is to be sent it will first be >encrypted under K, then K will be encrypted under the unit key UK, >and the serial number of the unit added to produce a three part >message which will then be encrypted under the system key SK >producing > > E{ E[M; K], E[K; UK], serial number; SK} > >When a court order obtains K1 and K2, and thence K Just a quibble, Mr. Hellman says earlier that K1 and K2 lead to unit key UK, not family code K. And given the above, how do they ever decrypt the message if they don't have K, unless the scheme is insecure under the `family code'? (>barf<, leave it for the Ministry of Truth to come up with some user-friendly term for something inherently nauseating like `friendly fire', I wonder if Dingaling is behind this one too...) Do you get it? -------------- This little formula is not obvious to me. It seems to me two basic questions have to be answered, could someone spell these out given what's known? 1. How the phones interact prior/during a call 2. How the sinister TLAs wiretap 3. How casual eavesdropping by other than billion-dollary agencies is prevented (if at all) The Flimsy Code --------------- The family code is clearly a propaganda wrench in the works. `They' now have some pretty powerful ammunition--it must be secure if you get to change your code whenever you want, right? It's so simple anyone can use it! I'm a bit surprised it wasn't mentioned in the announcement. I guess all the hoopla and slick and vapid AT&T ads about `wow, you get to *choose* your combination!' will come a bit later, it'll fit in quite nicely with their `I' plan, as in Illegal... (I hope Sprint and MCI sue the pants off AT&T and the government for this outrageous collusion, unless of course they are in the collusion too...) Conspiracy Theories ------------------- how is it that CPSR and EFF came out with responses to the initial announcement virtually instantaneously after its release? Are they just really swift? I want to know what >every< single person on those mailing lists has to say about how their name got there and how long they knew about this abomination (and before they have a chance to agree on stories!). I don't appreciate Mr. Banisar's little slash suggesting that the issue is already closed and that anyone who thinks something just a tad unusual is going on is a deranged conspiracy monger... I think its kind of cute how he says that `nothing significant' appeared in the traffic... Who Has the Keys? ----------------- The evasion of `who stores the keys' makes me wonder. It suggests that the proposal was poorly crafted (which is true in any case), but, more likely, IMHO, the scheme is weak enough for the NSA (but maybe not cops) to break regardless, and hence their casual disregard for this seemingly monumentally crucial point. Also, they can make it sound like they are `compromising' by giving the appearance of public debate on the agencies, because it won't really matter, while diverting attention from the *real* issues (look here! see your rights? now you see 'em, now you don't... pick a key, any key---was it this one? >wow< how'd you *do* that?). What IS Acceptable ------------------ We should be prepared to say what >is< acceptable for the government to do; don't get caught off guard with a question like ``well, what are you people proposing as an alternative?'' Here are a few ideas... 1) Get the hell out of the cryptography and hardware development business, and leave private industry alone to do what it does best when not harrassed by extortionists and terrorists who shall remain nameless but have the initials N.S.A. ... 2) Let the NIST pick a phone encryption scheme after totally open debates and total noninvolvement by the NSA, who is obviously biased. We can note that this has been attempted to be followed for other encryption schemes (e.g. digital signature, DES, etc.) why not here? what's so special? 3) Let communications companies loose on it, stay out of the way or get trampled by the stampede, and we'll all be happy. Ministry of Truth (1993-?) -------------------------- Finally, drive home the point: the government may have always had the `precedent' (don't ever use `right' here) to *listen*, there has never been any assurance that they must *understand* what is being said, and we are assured by our Noble Constitution that we can say what we please, and if by exercising this fundamental and inalienable right we upset the fragile status quo, then so be it, because the monument of freedom of speech will always overshadow the weak and tenuous `precedent to listen'. Cryptography simply alters their *understanding* of what is on a line from the meaningful to the meaningless, and only the Ministry of Truth is allowed to regulate *meaning* (hm, maybe that will be the next government agency created under the New Regime...) Mea Culpa --------- sorry for the rough editing on the last message, that's what happens in the heat of the moment from one of those impatient and extremely agitated cypherpunks... For those of you keeping score at home, the ``Notice how the proposal talks about'' non sequitur should read ``Notice how the proposal talks about criminals and terrorists without any qualifications such as `alleged' and `suspected' ''. as my penance you have this little beauty in front of you... How Does Cypherpunk Sound? -------------------------- `cypherpunk' actually has some pretty endearing qualities as a name, and I'd be a bit horrified to give it up, just when I was waiting for the T shirt ``Cypherpunks do it stealthily'' (secretly? sneakily?). The public seems to have a bit of fascination for `cyberpunk' right now and we are just riding on it (stealthily? secretly? sneakily?). OK, so we don't publicize that term, but it could actually increase the glamor and mystery of the cause; we shouldn't pretend that we're not seriously pissed off... Quote Corner ------------ ``the TURNCOATS ARE COMING!'' ``REMEMBER THE LIBERTY!'' ``They're HEEEERE...'' ``Keys? I thought YOU had the keys! Do you have a crypt hanger? We better call the cryptsmith...'' From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wbe@bbn.com (Winston Edmond) Date: 18 Apr 93 23:29:17 Subject: Figuring out ZyXEL's CELP specs In-Reply-To: <116416f1@ofa123.fidonet.org> Message-ID: MIME-Version: 1.0 Content-Type: text/plain After various people expressed interest in the ZyXEL modem CELP specs... Tyrone.Horton@p101.f701.n202.z1.fidonet.org replied: > As far as CELP, ZyXEL will not be releasing the specs. OK. In that case, it's up to us to figure it out. :-) I saw the following post about 4800 CELP on another newsgroup and thought it might help someone here get closer to figuring out how ZyXEL's 9600 CELP works. PLEASE: the following message mentions a source of CELP source code that's free. Rather than everyone calling all at once, I suggest: (1) If you live in the D.C. area, maybe go ahead and call anyway and then post the results in this newsgroup. Otherwise (2) If you have a high interest and it's likely you'll actually do something with the information, POST A NOTE TO THIS NEWSGROUP saying so and wait a couple of days so we can all see who else is interested. (3) When the dust settles, the most interested, and/or those nearest Washington, D.C., call to get the source code and then post it to the newsgroup (if permitted). (Unfortunately, you may have to consider U.S. export restrictions, but since the author says the code "is available for worldwide distribution", I don't expect this to be a problem.) -WBE --------------------------------------------------------------------------- From: jpcampb@afterlife.ncsc.mil (Joe Campbell) Newsgroups: comp.compression.research Subject: Re: CELP vocoder refs Date: 17 Jan 93 21:38:07 GMT Organization: The Great Beyond Hi, I hope that the following information answers your questions. Joe The U.S. DoD's Federal-Standard-1016 based 4800 bps code excited linear prediction voice coder version 3.2 (CELP 3.2) Fortran and C simulation source codes are available for worldwide distribution at no charge (on DOS diskettes, but configured to compile on Sun SPARC stations) from: Bob Fenichel National Communications System Washington, D.C. 20305 1-703-692-2124 1-703-746-4960 (fax) Example input and processed speech files, a technical information bulletin, and the official standard "Federal Standard 1016, Telecommunications: Analog to Digital Conversion of Radio Voice by 4,800 bit/second Code Excited Linear Prediction (CELP)" are included at no charge. The following articles describe the Federal-Standard-1016 4.8-kbps CELP coder (it's unnecessary to read more than one): Campbell, Joseph P. Jr., Thomas E. Tremain and Vanoy C. Welch, "The Federal Standard 1016 4800 bps CELP Voice Coder," Digital Signal Processing, Academic Press, 1991, Vol. 1, No. 3, p. 145-155. Campbell, Joseph P. Jr., Thomas E. Tremain and Vanoy C. Welch, "The DoD 4.8 kbps Standard (Proposed Federal Standard 1016)," in Advances in Speech Coding, ed. Atal, Cuperman and Gersho, Kluwer Academic Publishers, 1991, Chapter 12, p. 121-133. Campbell, Joseph P. Jr., Thomas E. Tremain and Vanoy C. Welch, "The Proposed Federal Standard 1016 4800 bps Voice Coder: CELP," Speech Technology Magazine, April/May 1990, p. 58-64. The U.S. DoD's Federal-Standard-1015/NATO-STANAG-4198 based 2400 bps linear prediction coder version 53 (LPC-10e v53) Fortran or C simulation source codes are available on a limited basis upon written request to: Tom Tremain Department of Defense Ft. Meade, MD 20755-6000 USA The U.S. Federal Standard 1015 (NATO STANAG 4198) is described in: Thomas E. Tremain, "The Government Standard Linear Predictive Coding Algorithm: LPC-10," Speech Technology Magazine, April 1982, p. 40-49. There is also a section about FS-1015 in the book: Panos E. Papamichalis, Practical Approaches to Speech Coding, Prentice-Hall, 1987. The voicing classifier used in the enhanced LPC-10 (LPC-10e) is described in: Campbell, Joseph P., Jr. and T. E. Tremain, "Voiced/Unvoiced Classification of Speech with Applications to the U.S. Government LPC-10E Algorithm," Proceedings of the IEEE International Conference on Acoustics, Speech, and Signal Processing, 1986, p. 473-6. Copies of the official standards "Federal Standard 1015, ...", and "Federal Standard 1016, Telecommunications: Analog to Digital Conversion of Radio Voice by 4,800 bit/second Code Excited Linear Prediction (CELP)" are available for US$ 2.50 each from: GSA Rm 6654 7th & D St SW Washington, D.C. 20407 1-202-708-9205 Realtime DSP code for FS-1015 and FS-1016 is sold by: John DellaMorte DSP Software Engineering 165 Middlesex Tpk, Suite 206 Bedford, MA 01730 1-617-275-3733 1-617-275-4323 (fax) dspse.bedford@channel1.com DSP Software Engineering's FS-1016 code can run on a DSP Research's Tiger 30 (a PC board with a TMS320C3x and analog interface suited to development work) or on Intellibit's AE2000 TMS320C31 based 3" by 2.5" card. DSP Research Intellibit 1095 E. Duane Ave. P.O. Box 9785 Sunnyvale, CA 94086 McLean, VA 22102-0785 (408)773-1042 (703)442-4781 (408)736-3451 (fax) (703)442-4784 (fax) -- ............................................................................. ; Dr. Campbell N3JBC jpcampb@afterlife.ncsc.mil 74040.305@compuserve.com ; ; My opinions are mine! Happiness = Reality - Expectations, Click & Clack ; ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: crunch@netcom.com (John Draper) Date: Mon, 19 Apr 93 00:11:33 PDT To: cypherpunks@toad.com Subject: My comments on the Clipper or Tapper chip, Message-ID: <9304190711.AA12484@netcom4.netcom.com> MIME-Version: 1.0 Content-Type: text/plain I don't know wheter or not I should post this in alt.security.pgp, or other newsgroups, but here's my official comments on what I think of the Clinton Adm "Clipper" or "Tapper" chip. Any press people are welcome to use it, and feel free to send it out wherever it will help. My official statement and comments on the "Tapper chip" ======================================================= I believe that the Clintom Admin is trying to push this idea through without giving much thought on the ramifications of this rather intreguing idea of "registering" your keys with some government agency. This overwhelming urge to "tap into" our private conversations is just going to promote private encryption and voice scrambling. It is not going to make law enforcement's job any easier to catch criminals, because they will also encrypt their voice and data. It reminds me of that popular bumper sticker "If guns are outlawed, then only outlaws will have guns". It is clear that the government considers encryption as a "weapon", used by the enemy to keep nosey people away. Look at the current export laws to convince yourself of that. I guess I can think of it as a weapon to preserve my privacy. This is not only going to get a bad reception in the industry, but it will cost the government more money by adding huge administration costs. Talk about government "FAT"? I thought our goals are to cut government spending, not add to it. Lets see!! You need two agencys (Hopefully ones that people can trust). Gee!! I cannot even think of just ONE agency that I can trust!! can you? Then, these agencys have to keep track of one half of an 80 bit key. I guess there is one key for each "clipper" chip, so there has to be the capability of millions of keys, each one has to perfectly match the other half. Then there will be people needed to "register" these "tapper" phones. Lets not even think about what happens when one decides to sell it!! MORE government FAT!!. I guess thats why they're called FAT CATS. Now, if I were a criminal, do you think I would be dumb enough to "register" my phone with the government. Of course not. I would probably get mine on the black market, or though some other illicit means!! If I were a law abiding citizen, would I trust some government agency with my encryption key? Would you?? Then, there is this classified algorithm used in the clipper chip itself. I'm sure its pretty good, and it is probably hard to attack and crack. But can you really be absolutely sure that there isn't some sort of "back door" in it?? It is clear that the industry hasn't been consulted, or ideas were not put forth in some public forum. So, where is this democratic process?? We ARE still a democracy, aren't we? How was this company that sells the "Clipper chip" selected?? Was RSA data security people contacted?? It is clear that a lot of questions have to be answered before something like this can be accepted. I just hope the right people make the right decision, and that PRIVATE encryption be the responsibility of the user, and NOT the carriers. It is important that more and more private encryption programs, equipment, etc, can be made available on the market. If RSA is two tight with their licensing fees and policys, then there should be more math whiz types making better algorithms than RSA's. The field is wide open, so lets exploit them!! John D. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: hkhenson@cup.portal.com Date: Mon, 19 Apr 93 00:21:09 PDT To: cypherpunks@toad.com Subject: Re: Fighting the Wiretap Chip Plan Message-ID: <9304190012.2.12250@cup.portal.com> MIME-Version: 1.0 Content-Type: text/plain When this "Clipper chip" story broke, I was off on an extropian (if not cypherpunk) activity--helping freeze Alcor's 27 patient (another HIV+ case.) I doubt I am the strongest hardware person on these groups, but nobody else has commented on this aspect. You just *can't* make chips entirely resistant to reverse engineering. I know, I have spent close to 10% of my engineering career reverse engineering things. Given time and a few samples, *any* chip can be reverse engineered. This is especially true with tools such as SEM stimulator/state readers and Focused Ion Beam chip slicers and dicers widely available. *Somebody* will dig out every gate in their spare time. Thus the following statement looks very odd: >Q: How strong is the security in the device? How can I be sure > how strong the security is? > >A: This system is more secure than many other voice encryption > systems readily available today. While the algorithm will > remain classified to protect the security of the key escrow > system, Say what? Does this mean that if somebody slices up a chip and publishes the algorithm the "security of the key escrow system" is broken? Can a representative of the government say why, or if, this is the case? If it is not the case, why not publish the algorithm and be done with it? Because, soon as the chip can be bought over the counter or stolen, the algorithm will be deduced. > we are willing to invite an independent panel of > cryptography experts to evaluate the algorithm to assure all > potential users that there are no unrecognized > vulnerabilities. Well, unless the "independent panel" includes people who can follow the algorithm all the way through to silicon, I would not trust their report even if I trusted the experts, and that goes double for the next set of masks. Keith Henson From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: norm@netcom.com (Norman Hardy) Date: Mon, 19 Apr 93 01:31:45 PDT To: cypherpunks@toad.com Subject: Hellman's Hints Message-ID: <9304190831.AA17466@netcom4.netcom.com> MIME-Version: 1.0 Content-Type: text/plain I presume that Hellman meant to say "K1 and K2, and thence UK" in place of "K1 and K2, and thence K" at least it makes sense that way. A later posting from Hellman (I think) emmended the description of the transmitted message from E{ E[M; K], E[K; UK], serial number; SK} to E[M; K], E{ E[K; UK], serial number; SK} If you know SK then you can compute (E[K; UK], serial number) Then knowing UK (= K1+K2) you can compute K from which you get M via E[M; K]. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: denning@cs.cosc.georgetown.edu (Dorothy Denning) Date: Tue Sep 07 12:37:57 1999 To: <> Subject: Re: Clipper Chip Message-ID: <1a306eb9a79382308c1cabac1e90bbba@NO-ID-FOUND.mhonarc.org> MIME-Version: 1.0 Content-Type: text/plain I just had another conversation with NSA to clarify some of the features of Clipper. Please feel free to distribute this and my other messages on Clipper. The name of the encryption algorithm is "Skipjack." Martin Hellman had written and the serial number of the unit added to produce a three part message which will then be encrypted under the system key SK producing E{ E[M; K], E[K; UK], serial number; SK} To which I responded: My understanding is that E[M; K] is not encrypted under SK (called the "family key") and that the decrypt key corresponding to SK is held by law enforcement. Does anyone have first hand knowledge on this? I was correct in that E[M; K] is not encrypted under SK. However, Skipjack being a single-key system, there is, of course, not a separate decrypt key for the family key SK. The unit key, also called the "chip key," is generated from the serial number N as follows. Let N1, N2, and N3 be 64 bit blocks derived from N, and let S1 and S2 be two 80-bit seeds used as keys. Compute the 64-bit block R1 = E[D[E[N1; S1]; S2]; S1] (Note that this is like using the DES in triple encryption mode with two keys.) Similarly compute blocks R2 and R3 starting with N2 and N3. (I'm unlear about whether the keys S1 and S2 change. The fact that they're called seeds suggests they might.) Then R1, R2, and R3 are concatenated together giving 192 bits. The first 80 bits form K1 and the next 80 bits form K2. The remaining bits are discarded. The seeds S1 and S2 do not change. The whole process is performed on a laptop computer, and S1 and S2 are supplied by two independent people so that no one person knows both. The same S1 and S2 are used during an entire "programming session" to generate keys for a stream of serial numbers. Everything is discarded at the end (the computer could be thrown out if desired). The serial number is 30 bits and the values N1, N2, and N3 are formed by padding the serial number with fixed 34-bit blocks (separate padding for each value). The resulting keys K1 and K2 are output onto separate floppy disks, paired up with their serial number. Each pair is stored in a separate file. The floppy disks are taken away by two separate people on behalf of the two escrow agencies. Dorothy Denning denning@cs.georgetown.edu ====== From eff.org!interesting-people-request@netcomsv.netcom.com Mon Apr 19 20:07:50 1993 Posted-Date: Mon, 19 Apr 1993 21:17:27 -0500 From: David Farber X-Sender: farber@linc.cis.upenn.edu Subject: More technical details -- Chipper To: interesting-people@eff.org (interesting-people mailing list) Personal note. Denning suggests such firms as " SRI, Rand, Mitre, the national labs (Sandia, LANL, Los Alamos), Treasury, GAO" as possible escrow organizations. I personally believe that firms which get their funding from the government are just too susceptible to pressure which we have seen historically. It would be best to use organizations that have a more arms length relationship with the government so everyone believes the escrows task is being performed properly. Dave From: smb@research.att.com (Steven Bellovin) Subject: More technical details Date: 19 Apr 93 13:43:46 GMT Here are some corrections and additions to Hellman's note, courtesy of Dorothy Denning. Again, this is reposted with permission. Two requests -- first, note the roles of S1 and S2. It appears to me and others that anyone who knows those values can construct the unit key. And the nature of the generation process for K1 and K2 is such that neither can be produced alone. Thus, the scheme cannot be implemented such that one repository generates the first half-key, and another generates the second. *That* is ominous. Second -- these postings are not revealed scripture, nor are they carefully-crafted spook postings. Don't attempt to draw out hidden meanings (as opposed to, say, the official announcements of Clipper). Leave Denning out of this; given Hellman's record of opposition to DES, which goes back before some folks on this newsgroup knew how to read, I don't think you can impugn his integrity. Oh yeah -- the folks who invented Clipper aren't stupid. If you think something doesn't make sense, it's almost certainly because you don't understand their goals. --Steve Bellovin ----- Date: Sun, 18 Apr 93 07:56:39 EDT From: denning@cs.georgetown.edu (Dorothy Denning) Subject: Re: Clipper Chip To: (a long list of folks) I was also briefed by the NSA and FBI, so let me add a few comments to Marty's message: The Clipper Chip will have a secret crypto algorithm embedded in The algorithm operates on 64-bit blocks (like DES) and the chip supports all 4 DES modes of operation. The algorithm uses 32 rounds of scrambling compared with 16 in DES. In addition to the system key, each user will get to choose his or her own key and change it as often as desired. Call this key plain old K. When a message is to be sent it will first be K is the session key shared by the sender and receiver. Any method (e.g., public key) can be used to establish the session key. In the AT&T telephone security devices, which will have the new chip, the key is negotiated using a public-key protocol. encrypted under K, then K will be encrypted under the unit key UK, and the serial number of the unit added to produce a three part message which will then be encrypted under the system key SK producing E{ E[M; K], E[K; UK], serial number; SK} My understanding is that E[M; K] is not encrypted under SK (called the "family key") and that the decrypt key corresponding to SK is held by law enforcement. Does anyone have first hand knowledge on this? I will also check it out, but this is 7am Sunday so I did not want to wait. The unit key will be generated as the XOR of two 80-bit random numbers K1 and K2 (UK=K1+K2) which will be kept by the two escrow The unit key, also called the "chip key," is generated from the serial number N as follows. Let N1, N2, and N3 be 64 bit blocks derived from N, and let S1 and S2 be two 80-bit seeds used as keys. Compute the 64-bit block R1 = E[D[E[N1; S1]; S2]; S1] (Note that this is like using the DES in triple encryption mode with two keys.) Similarly compute blocks R2 and R3 starting with N2 and N3. (I'm unlear about whether the keys S1 and S2 change. The fact that they're called seeds suggests they might.) Then R1, R2, and R3 are concatenated together giving 192 bits. The first 80 bits form K1 and the next 80 bits form K2. The remaining bits are discarded. authorities. Who these escrow authorities will be is still to be decided by the Attorney General, but it was stressed to me that they will NOT be NSA or law enforcement agencies, that they must be parties acceptable to the users of the system as unbiased. Marty is right on this and the FBI has asked me for suggestions. Please pass them to me along with your reasons. In addition to Marty's criteria, I would add that the agencies must have an established record of being able to safeguard highly sensitive information. Some suggestions I've received so far include SRI, Rand, Mitre, the national labs (Sandia, LANL, Los Alamos), Treasury, GAO. When a court order obtains K1 and K2, and thence K, the law enforcement agency will use SK to decrypt all information flowing on the suspected link [Aside: It is my guess that they may do this constantly on all links, with or without a court order, since it is almost impossible to tell which links over which a message will flow.] My understanding is that there will be only one decode box and that it will be operated by the FBI. The service provider will isolate the communications stream and pass it to the FBI where it will pass through the decode box, which will have been keyed with K. for "the wiretap authorizations." When Levy asked for the details so he could review the cases as required by law, the agent told him that his predecessors just turned over 40-50 blank, signed forms every time. Levi did not comply and changed the system, but the lesson is clear: No single person or authority should have the power to authorize wiretaps No single person does, at least for FBI taps. After completing a mound of paperwork, an agent must get the approval of several people on a chain that includes FBI legal counsel before the request is even taken to the Attorney General for final approval. Dorothy Denning From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: grady@netcom.com (1016/2EF221) Date: Mon, 19 Apr 93 07:38:12 PDT To: cypherpunks@toad.com Subject: more specific address for 'agrep' Message-ID: <9304191438.AA13031@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain I've been asked to supply more specific directions for automated fetching of the source and documentation for "agrep," the powerful similarity pattern matching tool. It is at cs.arizona.edu 192.12.69.5 in directory /agrep/README /agrep/agrep-2.04.tar.Z /agrep/agrep.ps.1.Z /agrep/agrep.ps.2.Z (The .ps suffixed files are the optional postscript docs; a reasonably good research report with benchmarks is included.) Note for Macintosh MPW users: after a few hours of drudgery, I ported the tool to MPW 3.2.3 running under System 7.1. If you would like me to e-mail a binhexed copy of the tool suitable for dropping in to your MPW/tools folder, please write... I've been having lots of fun picking up the "lost" references to things I'm interested in. For example, starting a search like: agrep -1 -i 'Burning Chrome' cyberpunkspool immediately finds references like 'burning crome' that I have always missed before. See how many times John Gilmore's name is mentioned in the CUD archives (and how often misspelled). How about _your_ name? As usual, I will e-mail the uuencoded tar.Z upon request if you cannot do anonymous FTP. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: grady@netcom.com (1016/2EF221) Date: Mon, 19 Apr 93 07:56:43 PDT To: cypherpunks@toad.com Subject: Do it yourself voice encryption CELP Message-ID: <9304191456.AA14568@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain For those interested in off-the-shelf vocoders that implement the high-compression CELP algorithms, you might be interested in the ZyXEL model U1496E+ modem (about $400) that offers 19.8(and maybe v.fast when specified)/14.4 kbps fax/ CELP (subscribe to comp.dcom.modems for more info). For those interested in the CELP algorithm directly here is some specific directions on getting your own copy: From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Lestat" Date: Mon, 19 Apr 93 05:47:20 PDT To: cypherpunks@toad.com Subject: Request Message-ID: <2bd298b2.arms@arms.uucp> MIME-Version: 1.0 Content-Type: text/plain Please add me to your mailing list; as a passionate support of freedom of speech and expression of all kinds in all mediums, I'm concerned about the ClipperChip and interested in what you have to offer. Thanks, Lestat, aka Howard S. Jones 72@arms.uucp From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Bill Sommerfeld Date: Mon, 19 Apr 93 06:37:00 PDT To: psionic@wam.umd.edu Subject: Amiga Crypto In-Reply-To: <199304190250.AA12313@rac3.wam.umd.edu> Message-ID: <9304191229.AA00116@orchard.medford.ma.us> MIME-Version: 1.0 Content-Type: text/plain I think you're off by a factor of 8.. 8K samples/sec is 8K bytes/second, not 8Kbits/sec If we had universal ISDN at 56kb/s or 64kb/s, encrypted voice using PC-class machines would be trivial. Instead, we have to compress down to a data rate comparable to ~1800 8-bit samples/second (V.32bis speed; modem compression won't do very much -- unless nobody's talking -- as voice samples do *not* compress effectively using compression algorithms optimized for ASCII text). While fiddling with my SoundBlaster and some dialogue sampled from a T.V. program last night, it became clear to me that cutting back to ~4K 4-bit samples/second isn't quite good enough, and the compression in either UNIX compress or PGP isn't really tuned for audio samples. It's not the crypto that's the limiting factor, it's the compression. That's why the CELP technology that Phil Karn and John Gilmore are talking about is so important.. - Bill From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dmandl@shearson.com (David Mandl) Date: Mon, 19 Apr 93 07:12:24 PDT To: cypherpunks@toad.com Subject: Re: Mailing list name Message-ID: <9304191232.AA17766@tardis.shearson.com> MIME-Version: 1.0 Content-Type: text/plain > In the light of recent developments concerning government cryptography > initiatives, we might soon find ourselves innundated by working press. > > Given this, I think that the name "cypherpunks" produces the wrong > connotations -- it makes us sound like criminals when we are in fact > people who are interested in expanding personal privacy with > technology. Often, little things like this end up being of tremendous > importance in the long haul. > > I would propose changing the name of the mailing list to > "cryptoprivacy" or something similar. It denotes what we are about in > a way that mundane people understand better, and it portrays us in the > proper light -- as people struggling to improve the prospects for > personal freedom, not a bunch of "punks". > > Perry Perry, I'm absolutely stunned. What next: should we all make sure we shave every day (women: don't forget those legs and armpits!)? Or make tcmay remove the word "anarchy" and other ungood words from his .sig? Anyone who feels like talking to the press or lobbying her representatives (and I'm not claiming that those tactics are either good or bad) can wear a suit, makeup, a respectable haircut, or whatever--that's their decision. I can understand the need to confront this issue as a large and united group, and I suspect that other groups like the EFF, CPSR, etc., are better for that purpose anyway. You don't need to mention that you're a "cypherpunk" when dealing with media or government officials if you think that'll diminish your credibility or legitimacy. It's easy to be idealistic when things are good. At the _very first hint_ of trouble, we shouldn't immediately cower and go straight (this may seem like an exaggeration, but the name-change proposal strikes me as a dangerous first step). Shit, we're not even doing anything _illegal_. Relax. Love and Kisses, --Dave. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Bill Sommerfeld Date: Mon, 19 Apr 93 06:37:27 PDT To: norm@netcom.com Subject: Hellman's Hints In-Reply-To: <9304190831.AA17466@netcom4.netcom.com> Message-ID: <9304191241.AA00129@orchard.medford.ma.us> MIME-Version: 1.0 Content-Type: text/plain It occurred to me that the "clipper chip" makes it easier for the government to tap voice telephone trunks & do traffic analysis. Current long-haul phone technology uses out-of-band signalling on different, reportedly encrypted, trunks, so to make any sense out of the data trunks you also have to listen in on the signalling trunks and correllate what you record there with what you record off the data trunks. With the wiretap chip in place, all they need to do is to "surf" the data trunks looking for the encrypted serial number of the devices they're interested in. Depending on what the encryption tag blocks *really* look like, you might not even need SK in order to do traffic analysis. Even if the tag blocks are built with confounders and similar randomness included to discourage ciphertext matching, the SK can be found in *every single chip* and it's only a matter of time before someone gets it, either by electron microscope or by bribing some of the hundreds of people likely to have access to the key. - Bill From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Kaya Bekiroglu Date: Mon, 19 Apr 93 06:00:58 PDT To: cypherpunks@toad.com Subject: subscribe Message-ID: <9304191300.AA05048@Early-Bird.Think.COM> MIME-Version: 1.0 Content-Type: text subscribe me. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: david@staff.udc.upenn.edu (R. David Murray) Date: Mon, 19 Apr 93 05:58:09 PDT To: cypherpunks@toad.com Subject: Re: Hellman's Hints In-Reply-To: <9304190831.AA17466@netcom4.netcom.com> Message-ID: <9304191256.AA17713@staff.udc.upenn.edu> MIME-Version: 1.0 Content-Type: text/plain Please excuse some questions from a somewhat crypto-naive person, but I'd like to try to understand this thing a little better so I don't make any stupid goofs if I talk about it. I presume that we can simply consider this 'universal' key as if it didn't exist? Well, actually, I suppose it prevents 'joe average' from getting the serial number, but certainly not foreign agents or any criminal who has motivation to get it(*). After all, a secret known by more than one person will not remain a secret long, and this one is going to be known by thousands. Why even bother with it? It seems like it just adds compute overhead that could be better used for other things. (* I assume the TLAs get it legally) The fact that the serial number is effectively in the clear then means that traffic analysis attacks can glean information for anyone who can get at the phone lines, yes? Even if the states were to outlaw caller id, these tapper phones would reintroduce that level of traceability. Even worse, in some ways, since your tapper 'identity' goes with you if you change phone numbers as long as you keep your old phone. Finally, can anyone explain to me how this thing /works/, at the simple 'this is what you do with this key' level of description of how RSA works? I can't figure out how two phones can communicate with each other without compromising one key or another, since RSA does /not/ seem to be involved in this (there is no public key registry, right?) Sorry if this is a dumb question . . . -- david david@staff.udc.upenn.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "ERIC \"Thin 'n Crispy\" SPAULDING" Date: Mon, 19 Apr 93 07:57:31 PDT To: cypherpunks@toad.com Subject: Subscription request Message-ID: <01GX6YAQC7EQ90NU0W@CENTER.COLGATE.EDU> MIME-Version: 1.0 Content-Type: text/plain I wish to subscribe to the mailing list. Thank you. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Douglas Barnes Date: Mon, 19 Apr 93 09:44:57 PDT To: cypherpunks@toad.com Subject: Wiretap Chip Questions Message-ID: <9304191559.AA19235@wixer> MIME-Version: 1.0 Content-Type: text/plain I am working on articles and article proposals for some local media outlets. I need to get some specific information regarding the Clipper Chip (aka Wiretap Chip) proposal: Questions: 1) What is a rough estimate of how long it would take a brute-force attack on an 80-bit key using a parallel architecture system costing less than, say, $25,000 two to three years from now. 2) How, in your opinion, would this affect the creation of international standards for encryption? Would this help or hinder development of the global economy? 3) I understand that the scheme relies on the secrecy of the encryption algorithm to protect the transmission of keys at the beginning of a session. (It uses a system key to encyrpt the keys for the two devices). If the algorithm is successfully reverse-engineered, does this compromise the entire system? 4) I am assuming that this system would be just as vulnerable to a "known plaintext attack" as other schemes. Is this correct? Please identify yourself and your credentials, and indicate whether or not you wish to be quoted in any articles on this subject. Thanks, Douglas Barnes gumby@wixer.bga.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: matt@oc.com (Matthew Lyle) Date: Mon, 19 Apr 93 09:02:56 PDT To: cypherpunks@toad.com Subject: Article from Knight/Ridder Wire Message-ID: <199304191602.AA04097@ra.oc.com> MIME-Version: 1.0 Content-Type: text/plain I hadn't seen this article fly by yet, so... ----- New Scrambler Designed to Protect Privacy, But Allow Police Monitoring By Christopher Drew, Chicago Tribune Knight-Ridder/Tribune Business News WASHINGTON--Apr. 19--As a step toward the development of vast new data "superhighways," the federal government has designed a powerful device that would protect the privacy of electronic communications by encoding them but still allow police to eavesdrop. Critics say the project, announced Friday by the Clinton administration, raises serious questions about the protection of civil liberties as more people use cellular and cordless phones and computer-based communications. They also warned that the device is not likely to help law-enforcement agents foil high-tech criminals unless it becomes the most widely used commercial encryption system - and drives private competitors out of the business. "'A.k.a. Big Brother,' that's what I call it," said Stephen Bryen, a former Pentagon official who runs a company developing a rival encryption system. Bryen said it was "very disturbing" that the government has gone so far with the previously classified project "without consulting with experts in the industry" whose investments could be wiped out. One high-ranking federal official, Raymond Kammer, acknowledged that such concerns are part of an "appropriate debate" that needs to be held over the project. "Maybe it turns out that society, as it debates this, finds it unacceptable," said Kammer, acting director of the National Institute for Standards and Technology. "I'm not sure. This is the start of that debate." Millions of people who exchange information via computers and make calls from cordless and cellular phones, which are especially vulnerable to interception, could be affected. Experts say an era is dawning in which traveling executives exchange electronic memos and negotiate sensitive deals via hand-held communicators using vulnerable wireless transmitters. In endorsing the plan, the White House described it Friday as an outgrowth of federal efforts to capitalize on advances in telephone and computer technology while preventing drug dealers and terrorists from finding new ways to mask their misdeeds. In last year's campaign, President Clinton pledged to invest billions of dollars in faster and more secure data links to enhance the standing of U.S. firms in the global economy. But as the computer industry has developed systems to enable businesses to scramble data transfers and telephone conversations as a safeguard against industrial espionage, a growing number of criminals also have begun using them to foil court-authorized wiretaps. Under the new plan, engineers at the National Security Agency invented a new coding device, called the "Clipper Chip," which is said to be much harder to crack than encoding systems now on the market. The government licensed two California companies - Mykotronx and VLSI Technology - to make the computer chips. The chips will form the "brains" inside small scrambling devices that can be attached to individual telephones. To spur the venture, the Justice Department will soon purchase several thousand of the devices. Military and spy agencies also are expected to use them. Private businesses would not be required to use the technology. But federal officials hope their sponsorship will establish the Clipper chips as the new industry standard and crowd out competing systems. Indeed, AT&T announced Friday that it will use the new chips in a desktop device for encrypting telephone conversations that it expects to sell for $1,195. But in return for gaining the extra encoding power built into the new system, users would have to accept the fact that government code-breakers would always hold the keys to tap into the information. In an effort to prevent abuses of civil liberties, federal officials said, they will set up a system in which they would have to match two coding keys held by different officials to unscramble any communications. National-security and law-enforcement officials could bring the keys together only under court- authorized operations. But Bryen said it is hard to see how the Clipper chips project will provide much help to the FBI. Even if the new coding devices drove others off the U.S. market, Bryen said, sophisticated criminals would simply buy encoding devices overseas, as many already do. Multinational and foreign-based companies also could prove leery of a system that has a built-in point of entry for U.S. authorities. The FBI separately is seeking legislation that would force telephone companies to modify their equipment to keep other advances in technology from hampering its ability to perform wiretaps. AT&T and other phone companies have opposed this idea. END!B&?TB-SCRAMBLER Transmitted: 93-04-18 23:12:00 EDT From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: matt@oc.com (Matthew Lyle) Date: Mon, 19 Apr 93 09:02:59 PDT To: cypherpunks@toad.com Subject: Article 2 from Knight/Ridder Message-ID: <199304191602.AA04101@ra.oc.com> MIME-Version: 1.0 Content-Type: text/plain -- Matthew Lyle (214) 888-0474 OpenConnect Systems matt@oc.com Dallas, TX "...and once you have tasted flight, you will walk the earth with your eyes turned skyward, for there you have been, and there you long to return..." Computer Group, Libertarians Question Clinton Phone Privacy Stance By Rory J. O'Connor, San Jose Mercury News, Calif. Knight-Ridder/Tribune Business News SAN JOSE, Calif.--Apr. 17--Civil libertarians and a major computer industry group raised concerns Friday about how much protection a Clinton administration plan would afford private electronic communications, from cellular telephone calls to computer data. The administration Friday said it would begin using technology developed by the government's National Institute of Standards and Technology to balance two competing interests: the desire of citizens to keep their conversations private and the need for law enforcement agencies to monitor those conversations after getting a court order. The technology that enables this is a computer chip called the Clipper Chip that scrambles a telephone call or computer message using a secret algorithm, or formula. But each chip also comes with a pair of electronic "keys" that could be used by law enforcement agencies to decipher the secret messages generated by the chip. The Clinton proposal calls for one key to be held by each of two separate "trusted" third parties, who would release them to law enforcement agencies that obtained legal authority to intercept the communications. Both keys would be needed to decipher a message. The Electronic Frontier Foundation, a not-for-profit civil liberties group, praised the administration for considering the issue. But it criticized the lack of public input into the plan. "They've announced a big inquiry with public input, but they've reached a conclusion before they started," said Daniel J. Weitzner, staff counsel for the Washington-based foundation. Although the administration's plan calls only for equipping government telephones with the security devices, some groups are concerned the plan might become a standard for all manner of electronic communication before the public has a chance to debate its merits. "I don't want to sound too stridently opposed to this," said Ken Wasch, executive director of the Software Publishers Association (SPA) in Washington. "But...we feel blindsided." The SPA was discussing data security issues with Clinton administration officials but had not expected any White House action until August, said Ilene Rosenthal, general counsel. Besides the lack of initial hearings, both groups said they had two major concerns about the Clinton plan: - Because the algorithm itself is secret, the groups say it is impossible for the public to discern if it is truly secure. Users can't be certain government spy agencies have not hidden a "back door" in the software that will allow them to read anything they want. "So far there hasn't been a credible explanation about why the algorithm has to be secret," Weitzner said. - The administration hasn't decided who will be the escrow agents, and it seems unlikely any government agency, corporate entity or other organization would be deemed trustworthy by every user. Even assuming all concerned can agree on who will hold them, civil libertarians are concerned that the keys, by giving law enforcement agencies access to individuals' private communications, might pose a threat to constitutional protections against self-incrimination. Washington sources who requested anonymity suggested the White House might have drafted its plan quickly because of concern over sales of an AT&T device that encrypts phone calls using an older standard, Data Encryption Standard. The sources said law enforcement officials feared the device would create an explosion in secured telephone traffic that would severely hamper their efforts to wiretap calls. American Telephone & Telegraph Co. announced Friday it would adapt the $1,200 product, called the Telephone Security Device, to use the Clipper Chip by the end of this fiscal quarter. AT&T makes a related device, which encrypts voice and computer data transmissions, that could be converted to the Clipper technology, said spokesman Bill Jones. Jones said he wasn't aware of any concern by the government over the current model of the Telephone Security Device, which has been sold to government and business customers. At least one company was quite pleased with the plan: San Jose chip maker VLSI Technology, which will manufacture the Clipper chips for a Torrance company that is selling them to the government and to AT&T. VLSI, which invented a manufacturing method the company said makes it difficult to "reverse engineer" the chip or discern the encryption scheme, expects to make $50 million in the next three years selling the device, said Jeff Hendy, director of new product marketing for the company. END!A?SJ-SECURITY Transmitted: 93-04-18 21:06:00 EDT From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dstalder@gmuvax2.gmu.edu (Darren/Torin/Who ever...) Date: Mon, 19 Apr 93 09:01:51 PDT To: cypherpunks@toad.com (CypherPunks) Subject: AT & T Contact Point Message-ID: <9304191602.AA20825@gmuvax2.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain I talked to Herb Linnen at AT & T. He talked to me some but kept harping on the point of how ATT is devoted to customer privacy and that the ATT Vice-President of Information Systems (I forget his name) is an expert on cryptography and he obviously can't be wrong when he says that the wiretap chip is robust. He asked that I call David Arneke or Bill Jones at 919-279-7680 to discuss this since his department wasn't involved in the wiretap chip. The ATT operators dealing with calling cards and residential phone service have had other people cancelling their accounts because of this... Think free, -- Defeat the Torin/Darren Stalder/Wolf __ Big Brother Internet: dstalder@gmuvax2.gmu.edu \/ PGP2.x key available. Proposal! Bitnet: dstalder@gmuvax Finger me. Write me for Sprintnet: 1-703-845-1000 details. Snail: 10310 Main St., Suite 110/Fairfax, VA/22030/USA DISCLAIMER: A society where such disclaimers are needed is saddening. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jthomas@coconut.MITRE.ORG (Joe Thomas) Date: Mon, 19 Apr 93 10:07:52 PDT To: cypherpunks@toad.com Subject: CLIPPER: Network World article Message-ID: <9304191612.AA04115@coconut> MIME-Version: 1.0 Content-Type: text/plain From Network World, April 19, 1993, quoted without permission: --- Clinton security plan hints of Big Brother Clipper Chip would let governemnt eavesdrop on encrypted voice and data communications. By Ellen Messmer Senior Correspondent WASHINGTON, D.C. -- President Clinton last week announced a policy review of encryption while endorsing a new encryption technology called Clipper Chip that would give law enforcement agencies a key to unlock users' encrypted communications. [rehash of various press releases deleted] But government officials had a difficult time last week rebutting the question why any criminal would use a Clipper Chip-based product when the person knows the government could listen in, particularly since there are a host of other encryption products available on the market that are, in theory, unbreakable codes. "A criminal probably wouldn't use it," said Mike Agee, marketing manager for secure products at AT&T, adding that the Clipper Chip is for the rest of the world. [familiar Kapor quote deleted] --- Nice quote, that. I like the headline, too. Joe From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: TO1SITTLER@APSICC.APS.EDU Date: Mon, 19 Apr 93 12:10:27 PDT To: cypherpunks@toad.com Subject: ÿûalt.privacy.clipper Message-ID: <930419130811.1b3e@APSICC.APS.EDU> MIME-Version: 1.0 Content-Type: text/plain NOT all of us have usenet! Please keep convercation on cypherpunks! Kragen Sittler From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jthomas@coconut.mitre.org (Joe Thomas) Date: Mon, 19 Apr 93 10:09:58 PDT To: cypherpunks@toad.com Subject: Re: Article from Knight/Ridder Wire Message-ID: <9304191709.AA04224@coconut> MIME-Version: 1.0 Content-Type: text/plain matt@oc.com (Matthew Lyle) writes: > New Scrambler Designed to Protect Privacy, But Allow Police Monitoring By > Christopher Drew, Chicago Tribune Oh, well, if only Chris can do it, I guess it's okay. I trust him with my keys... ;^) Joe From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: greg@amex-trs.com (Greg Thompson) Date: Mon, 19 Apr 93 17:25:05 PDT To: cypherpunks@toad.com Subject: Subscribing Message-ID: <9304192016.AA39795@tonga.cs90-dev.amex-trs.com> MIME-Version: 1.0 Content-Type: text/plain Hello, Please add me to your list of subscribers. Thanks. Greg Thompson greg@amex-trs.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Mon, 19 Apr 93 10:25:07 PDT To: dmandl@shearson.com (David Mandl) Subject: Re: Mailing list name In-Reply-To: <9304191232.AA17766@tardis.shearson.com> Message-ID: <9304191724.AA16244@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain David Mandl says: > > In the light of recent developments concerning government cryptography > > initiatives, we might soon find ourselves innundated by working press. > > > > Given this, I think that the name "cypherpunks" produces the wrong > > connotations -- it makes us sound like criminals when we are in fact > > people who are interested in expanding personal privacy with > > technology. Often, little things like this end up being of tremendous > > importance in the long haul. > > > > I would propose changing the name of the mailing list to > > "cryptoprivacy" or something similar. It denotes what we are about in > > a way that mundane people understand better, and it portrays us in the > > proper light -- as people struggling to improve the prospects for > > personal freedom, not a bunch of "punks". > > > > Perry > > Perry, I'm absolutely stunned. What next: should we all make sure we shave > every day (women: don't forget those legs and armpits!)? Or make tcmay remove > the word "anarchy" and other ungood words from his .sig? I notice, David, that you wear a tie when you come in to work in the morning. (I happen to work with Dave.) Why do you do this, in spite of your general dislike for imposed standards? Because you want something out of your employer and feel its better to put up with the minor inconvenience of wearing a tie. Look, we can give people cryptography, or we can change their notions of what "punk" means. Its not necessarily possible to do both at the same time. I vote for keeping the world free, and putting up with minor inconveniences in the meantime. I never liked "cypherpunks" in the first place. I'm not a punk. I'm a reasonable person. Reasonable people want the world to be free -- its not just a "punk" viewpoint. We want people to have privacy via cryptography. Something like "cryptoprivacy" seems like a better reflection of who we are. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: deltorto@aol.com Date: Mon, 19 Apr 93 10:31:30 PDT To: cypherpunks@toad.com Subject: FWEE!: Silence is Golden, already Message-ID: <9304191332.tn35237@aol.com> MIME-Version: 1.0 Content-Type: text/plain Gang, Lance Detweiler wrote a rather stinging (and somewhat rude, IMHO) rebuttal of Will Kinney's posting: >>Mr. Kinney's comments annoy me tremendously. They bespeak a lukewarm, >>lackadaisical, and wishwashy view of something of extreme importance. >>Frankly, it bothers me that it has taken this long just to get the >>whistleblower group going. I don't think anything is being accomplished >>by delaying newsgroup creation. It just gives people who are enemies >>more time to mount a concerted attack against this new blip in the status >>quo. Mr. Detweiler's (who is otherwise pretty sensible and intelligent on this list) comments annoy me tremendously. To imagine that Mr. Kinney is without passion just because he doesn't run across the ice without listening for cracks first is to vastly underestimate his intelligence. That sort of thinking gets your tail wet every time, Lance. Better to proceed cautiously and stay dry. Who says a measured, patient build doesn't result in solid software (to be metaphorical)? Using Lance's logic, we'd all throw together code "real fast" and not worry about it crashing on everyone's systems. I like my 1.0's more stable than that, and I just don't understand this need that some folks have to rush the WB into the public light. In fact, I can't imagine why it should be public at all! I think Lance and others have no clue about how Whistleblowing works! However, I think I might have an idea why Lance et. al. are so confused: There are TWO DIFFERENT WB systems being discussed here! That's right! TWO! DIFFERENT! [1] Lance is talking about a USENET newsgroup. [2] I'm talking about a service that uses the Internet, but NOT a NEWSGROUP! Why does WB info need to be placed in public view? Since when does someone with sensitive information blow it all over the front pages? Never. They call a reporter first and let him do the legwork with proof they provide: THEN the reporter blows it all over the front page. I believe that Lance and the USENET folks want to get their jollies and read all about it in public on their own personal USENET front page newsgroup (doomed to be a "narc fest" as someone sagely termed it), whereas MY idea is to have the Cypherpunks pool technology and assistance to set up something that is used by others outside the inbred USENET community for the common good and taking advantage of the inherent advantages of anon/encrypted email technology. My original concept was not intended to glorify anyone, least of all the Cypherpunks. In fact it shoould be as QUIET AS POSSIBLE to be of any good at all. Why is it necessary to get all this glory if the WB system provides REAL WORLD BENEFITS to the people? Hmmm? Think about it: whose good are we in it for: our own or everybody's? Let me be a bit more specific about my vision, lest Lance or anyone jump all over Will Kinney or anyone else with sound ideas (and decent Sun Tzu quotes) any further: [1] The WB System is a stand-alone email system using anonymous mixes and encryption to provide secure, safe communications between two primary groups: - Whistleblowers: People in Government and Industry who have first-hand information about abuse of human rights, public funds and/or the Constitution, etc. by members of Corporate and Government entities. - Users: Members of the Press, members of Congress and representatives of public-interest activist groups (eg. Ralph Nader, James Love, Greenpeace, Amnesty Int'l, Worldwatch, Consumer Reports, NORML, etc.) who can INVESTIGATE the reports and TAKE ACTION on them against the abusers in the public eye and in the Courts. Many of these people are clueless about email, much less the Internet, anonymous remailers or encryption - but they know what they need and they know we've got it. [2] The system consists of a network of anonymous mixes laid over the Internet and reaching in and out of the borders of the US wherever applicable. It is not a USENET newsgroup for public digest, although occasional digests would be posted to USENET by interested Cypherpunks. Anyone who insists on discussing these sensitive plans in public is IMHO working against the interests of the WB Team and should be considered one of the Enemy. Anyone who wants to test the technology should be encouraged to do so on the Cypherpunks list and NOT on USENET, thus maintaining a certain amount of "radio silence." Broadcasting the D-Day invasion was considered Treason: broadcasting the WB launch is the same kind of betrayal of the Cypherpunk Ethos, IMHO. THose who would betray us should be asked to go away in the interest of all those people who would be hurt by a crippled WB system. What we need is cunning and stealth, not big-mouthed dweebs (present readership excluded, natch) who can't keep something quiet. >>If you think that you are the whistleblower moderator, fine. Be one. >>But we need a completely unmoderated group. If you think you have any >>right to hold up an unmoderated group to squeeze through your own >>bottleneck, please go elsewhere. I don't think any such thing. If nominated, I will not run, if elected, I will not serve. However, I think your idea that WB should be a group, moderated or otherwise, is completely off-kilter. All I'm asking is that you let go of the glory and let it do its work quietly and effectively, without me, even. >>I just don't get it. This is a group like any other. >>Why do you think the whole international public has >>to be prepared for its creation by you personally? I'm not even sure if I should bother to answer such a completely misguided question, but I will: I do not think this, and have never even implied anything of the sort. Furthermore, IMHO, it ain't a group: it's a new kind of beast and you're trying to apply old paradigms to it. Shift, man. I am only trying to help something be born properly. >>You are talking to many people (i.e. bureacrats and legislators) who >>may be totally displaced and bypassed (i.e. lose illegitimate power) by >>this service. There are a great many people you are talking to, I >>think, whose every interest is to totally castrate the project of any >>`offensiveness'. I think you are trying to operate on a much more >>respectable level than is possible currently. That level can only be >>attained by a gradual evolution of the medium, starting with something >>rather crude, kludgy, and unsophisticated. Call your local Congressperson's office and tell them there is a possibility that they could receive whistleblowing info on Govt abuses from reliable sources reporting via direct anon/encrypted email and see if they think it's offensive. My experience is that they rub their hands with glee - it might be dirt on their opponents. Try the same thing with ANY member of the Press or any Activist Org (I suggest your local Amnesty Int'l office). If they complain it's "offensive," and you can prove that, I will personally buy you a car. If you can get them to label it as "respectable" I'll throw in a boat. Since I'm poor, you can gather that I feel pretty certain it won't happen. >>Your efforts amount to singlehandedly educating the public about the >>Internet. Nope, just email. How to get it and send it anonymously and encrypt it with PGP, but that's enough for most people. They could use CompuServe, I don't care. Whatever's easy. No messy Newsgroups, no Internet user's guides, nothing fancy: I leave stuff like that to Ed Krol. This is WB-ing for the common person. Lowcommondenominatorsville. I can't IMAGINE where you read this stuff into my postings - it must be YOUR agenda laid over mine... >>>- We haven't figured out who'll be polled to send in msgs and exactly HOW >>>we'll offer them some sort of anonymity and what they need to do >>afterward. >> >>polled? sounds like an election, like something democratic, like >>something that can be twisted by a misguided majority. Again, you sound >>like you are looking for a group with high quality control. >>Unfortunately, I think this goal is largely antithetical the essential >>spirit of the whistleblower idea. The whistleblower is alone and >>isolated, almost by definition. Somehow, the word has to be passed across the Internet and other media (print, TV) to potential WBers. I invite your ideas as to how to do this. >>Your ideas on filtering incoming >>messages, gained from those you've talked to, sound rather naive and >>dangerous to me. Filtering? Did I say that? I think I said that the Users would have to filter out the useful WB messages from the bogus, as they would with any volume of WB info coming in. This is their job, not mine and is the natural thing to do. Call if "verification" if you like, it's still a LOT of work for them, not for us (or me). There's nothing naive about this: if someone calls you and says "the DOD spent $80K on a toothbrush," you would have to make sure it was true before you went to Congress or to a Court or the front page. Simple as that. >>The [US Constitution] is not perfect. There are flaws and cracks >>that have poked through after 200 years. Do you think our judicial >>system is as effective as possible? Do you think our legislative system >>is the most representative of people's expectations of and directives >>to their subservient government? Do you think our government today >>truly represents, in all ways, the intentions of its founders? Do you >>think they considered all possible scenarios? Do you think they would >>not want to make some minor adjustments or major changes after seeing >>200 years pass from their noble experiment? Do you think that anything >>that is dynamic can be static? Do you think I would be working so hard on a friggin' Whistleblower project if I could answer 'yes' to _any_ of those questions? What are you THINKing? >>Look at everything that is efficient in the world, and you will see >>that it is so because of *independently operating* components, with >>minimized centralized control. >>[...] >>Message transmission on the internet is so >>reliable because virtually an infinite number of routing pathways exist >>that a message can take, avoiding any obstacles, each component >>performing its job *independently*. Exactly why Wb should be a non-USENET-oriented phenomenon, not associated with any attackable entity, totally in the hands of individual WB's and their corresponding Users. >>Now, let me hear again how you want >>us to submit all our public keys to you, submit the group guidelines >>for your personal perusal (and presumably veto), and wait for all your >>congressional friends to understand the concept? And how this will >>ultimately lead to an ideal and robust system? Man, you really don't read me very carefully, do you? I don't want all your Public keys so I can control anything, I want them so I can discuss elements of the technology with each of you who volunteer to add a brick to the structure of the system. Period. If you want to discuss things in the clear, that's your right, I just might not want to send you sensitive info that might compromise others, so it's your loss. Besides, why are you guarding your PUBLIC key like I'm some sort of enemy? And I have NO INTEREST and have never espoused any interest in becoming a veto power over the Guidelines, only the collector of everyone's ideas, a position i would GLADLY vacate at the drop of a SprintPin if someone else was doofus enough to volunteer. As for waiting for all my "congressional friends:" I have no friends in Congress, in fact, I have very little respect for anyone holding public office. The only reason I called any of them was [1] because they might impart a bit of respectability to our efforts if they sign on early, and [2] congressional committees and their investigators routinely raise hell with other branches of Govt (eg. the Military) and the prospect of supplying them with ammunition to shoot at each other pleases me immensely. >>You simply don't understand. This idea is bigger than you, it is bigger >>than me. Anyone who tries to wrap themselves completely around it will >>explode from the pressure. Thanks for your advice. Sheesh. FYI, the only thing I wrap myself completely around is a burritto. Bang! :) >>Let's' start a mailing group for `nambypambypunks'. This sort of ad hominem puerility doesn't even deserve a response. I'm tired of discussing this here: If anyone is still too dense to understand what I'm saying about patience, silence and persistence at this point, they have no business using anything as complicated as a computer. If those people continue to insist on trashing all the leg and phonework I have put in contacting Users by blorting the WB concept all over USENET with half-assed, ill-conceived newsgroups and Votes on Vaporware, I may just go elsewhere to do my good works and see if there are any people who have good invisible ink technology and can make up physical envelopes without leaving fingerprints. I imagine that those Cypherpunks who've put significant time into coding the anon and crypto technology can empathize. I don't feel like repeating myself any more. Let's be Golden, shall We? dave (slow and steady but getting pretty fed up by now) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: deltorto@aol.com Date: Mon, 19 Apr 93 10:40:50 PDT To: cypherpunks@toad.com Subject: FWEE!: Silence is Golden, already Message-ID: <9304191339.tn35251@aol.com> MIME-Version: 1.0 Content-Type: text/plain Gang, Lance Detweiler wrote a rather stinging (and somewhat rude, IMHO) rebuttal of Will Kinney's posting: >>Mr. Kinney's comments annoy me tremendously. They bespeak a lukewarm, >>lackadaisical, and wishwashy view of something of extreme importance. >>Frankly, it bothers me that it has taken this long just to get the >>whistleblower group going. I don't think anything is being accomplished >>by delaying newsgroup creation. It just gives people who are enemies >>more time to mount a concerted attack against this new blip in the status >>quo. Mr. Detweiler's (who is otherwise pretty sensible and intelligent on this list) comments annoy me tremendously. To imagine that Mr. Kinney is without passion just because he doesn't run across the ice without listening for cracks first is to vastly underestimate his intelligence. That sort of thinking gets your tail wet every time, Lance. Better to proceed cautiously and stay dry. Who says a measured, patient build doesn't result in solid software (to be metaphorical)? Using Lance's logic, we'd all throw together code "real fast" and not worry about it crashing on everyone's systems. I like my 1.0's more stable than that, and I just don't understand this need that some folks have to rush the WB into the public light. In fact, I can't imagine why it should be public at all! I think Lance and others have no clue about how Whistleblowing works! However, I think I might have an idea why Lance et. al. are so confused: There are TWO DIFFERENT WB systems being discussed here! That's right! TWO! DIFFERENT! [1] Lance is talking about a USENET newsgroup. [2] I'm talking about a service that uses the Internet, but NOT a NEWSGROUP! Why does WB info need to be placed in public view? Since when does someone with sensitive information blow it all over the front pages? Never. They call a reporter first and let him do the legwork with proof they provide: THEN the reporter blows it all over the front page. I believe that Lance and the USENET folks want to get their jollies and read all about it in public on their own personal USENET front page newsgroup (doomed to be a "narc fest" as someone sagely termed it), whereas MY idea is to have the Cypherpunks pool technology and assistance to set up something that is used by others outside the inbred USENET community for the common good and taking advantage of the inherent advantages of anon/encrypted email technology. My original concept was not intended to glorify anyone, least of all the Cypherpunks. In fact it shoould be as QUIET AS POSSIBLE to be of any good at all. Why is it necessary to get all this glory if the WB system provides REAL WORLD BENEFITS to the people? Hmmm? Think about it: whose good are we in it for: our own or everybody's? Let me be a bit more specific about my vision, lest Lance or anyone jump all over Will Kinney or anyone else with sound ideas (and decent Sun Tzu quotes) any further: [1] The WB System is a stand-alone email system using anonymous mixes and encryption to provide secure, safe communications between two primary groups: - Whistleblowers: People in Government and Industry who have first-hand information about abuse of human rights, public funds and/or the Constitution, etc. by members of Corporate and Government entities. - Users: Members of the Press, members of Congress and representatives of public-interest activist groups (eg. Ralph Nader, James Love, Greenpeace, Amnesty Int'l, Worldwatch, Consumer Reports, NORML, etc.) who can INVESTIGATE the reports and TAKE ACTION on them against the abusers in the public eye and in the Courts. Many of these people are clueless about email, much less the Internet, anonymous remailers or encryption - but they know what they need and they know we've got it. [2] The system consists of a network of anonymous mixes laid over the Internet and reaching in and out of the borders of the US wherever applicable. It is not a USENET newsgroup for public digest, although occasional digests would be posted to USENET by interested Cypherpunks. Anyone who insists on discussing these sensitive plans in public is IMHO working against the interests of the WB Team and should be considered one of the Enemy. Anyone who wants to test the technology should be encouraged to do so on the Cypherpunks list and NOT on USENET, thus maintaining a certain amount of "radio silence." Broadcasting the D-Day invasion was considered Treason: broadcasting the WB launch is the same kind of betrayal of the Cypherpunk Ethos, IMHO. THose who would betray us should be asked to go away in the interest of all those people who would be hurt by a crippled WB system. What we need is cunning and stealth, not big-mouthed dweebs (present readership excluded, natch) who can't keep something quiet. >>If you think that you are the whistleblower moderator, fine. Be one. >>But we need a completely unmoderated group. If you think you have any >>right to hold up an unmoderated group to squeeze through your own >>bottleneck, please go elsewhere. I don't think any such thing. If nominated, I will not run, if elected, I will not serve. However, I think your idea that WB should be a group, moderated or otherwise, is completely off-kilter. All I'm asking is that you let go of the glory and let it do its work quietly and effectively, without me, even. >>I just don't get it. This is a group like any other. >>Why do you think the whole international public has >>to be prepared for its creation by you personally? I'm not even sure if I should bother to answer such a completely misguided question, but I will: I do not think this, and have never even implied anything of the sort. Furthermore, IMHO, it ain't a group: it's a new kind of beast and you're trying to apply old paradigms to it. Shift, man. I am only trying to help something be born properly. >>You are talking to many people (i.e. bureacrats and legislators) who >>may be totally displaced and bypassed (i.e. lose illegitimate power) by >>this service. There are a great many people you are talking to, I >>think, whose every interest is to totally castrate the project of any >>`offensiveness'. I think you are trying to operate on a much more >>respectable level than is possible currently. That level can only be >>attained by a gradual evolution of the medium, starting with something >>rather crude, kludgy, and unsophisticated. Call your local Congressperson's office and tell them there is a possibility that they could receive whistleblowing info on Govt abuses from reliable sources reporting via direct anon/encrypted email and see if they think it's offensive. My experience is that they rub their hands with glee - it might be dirt on their opponents. Try the same thing with ANY member of the Press or any Activist Org (I suggest your local Amnesty Int'l office). If they complain it's "offensive," and you can prove that, I will personally buy you a car. If you can get them to label it as "respectable" I'll throw in a boat. Since I'm poor, you can gather that I feel pretty certain it won't happen. >>Your efforts amount to singlehandedly educating the public about the >>Internet. Nope, just email. How to get it and send it anonymously and encrypt it with PGP, but that's enough for most people. They could use CompuServe, I don't care. Whatever's easy. No messy Newsgroups, no Internet user's guides, nothing fancy: I leave stuff like that to Ed Krol. This is WB-ing for the common person. Lowcommondenominatorsville. I can't IMAGINE where you read this stuff into my postings - it must be YOUR agenda laid over mine... >>>- We haven't figured out who'll be polled to send in msgs and exactly HOW >>>we'll offer them some sort of anonymity and what they need to do >>afterward. >> >>polled? sounds like an election, like something democratic, like >>something that can be twisted by a misguided majority. Again, you sound >>like you are looking for a group with high quality control. >>Unfortunately, I think this goal is largely antithetical the essential >>spirit of the whistleblower idea. The whistleblower is alone and >>isolated, almost by definition. Somehow, the word has to be passed across the Internet and other media (print, TV) to potential WBers. I invite your ideas as to how to do this. >>Your ideas on filtering incoming >>messages, gained from those you've talked to, sound rather naive and >>dangerous to me. Filtering? Did I say that? I think I said that the Users would have to filter out the useful WB messages from the bogus, as they would with any volume of WB info coming in. This is their job, not mine and is the natural thing to do. Call if "verification" if you like, it's still a LOT of work for them, not for us (or me). There's nothing naive about this: if someone calls you and says "the DOD spent $80K on a toothbrush," you would have to make sure it was true before you went to Congress or to a Court or the front page. Simple as that. >>The [US Constitution] is not perfect. There are flaws and cracks >>that have poked through after 200 years. Do you think our judicial >>system is as effective as possible? Do you think our legislative system >>is the most representative of people's expectations of and directives >>to their subservient government? Do you think our government today >>truly represents, in all ways, the intentions of its founders? Do you >>think they considered all possible scenarios? Do you think they would >>not want to make some minor adjustments or major changes after seeing >>200 years pass from their noble experiment? Do you think that anything >>that is dynamic can be static? Do you think I would be working so hard on a friggin' Whistleblower project if I could answer 'yes' to _any_ of those questions? What are you THINKing? >>Look at everything that is efficient in the world, and you will see >>that it is so because of *independently operating* components, with >>minimized centralized control. >>[...] >>Message transmission on the internet is so >>reliable because virtually an infinite number of routing pathways exist >>that a message can take, avoiding any obstacles, each component >>performing its job *independently*. Exactly why Wb should be a non-USENET-oriented phenomenon, not associated with any attackable entity, totally in the hands of individual WB's and their corresponding Users. >>Now, let me hear again how you want >>us to submit all our public keys to you, submit the group guidelines >>for your personal perusal (and presumably veto), and wait for all your >>congressional friends to understand the concept? And how this will >>ultimately lead to an ideal and robust system? Man, you really don't read me very carefully, do you? I don't want all your Public keys so I can control anything, I want them so I can discuss elements of the technology with each of you who volunteer to add a brick to the structure of the system. Period. If you want to discuss things in the clear, that's your right, I just might not want to send you sensitive info that might compromise others, so it's your loss. Besides, why are you guarding your PUBLIC key like I'm some sort of enemy? And I have NO INTEREST and have never espoused any interest in becoming a veto power over the Guidelines, only the collector of everyone's ideas, a position i would GLADLY vacate at the drop of a SprintPin if someone else was doofus enough to volunteer. As for waiting for all my "congressional friends:" I have no friends in Congress, in fact, I have very little respect for anyone holding public office. The only reason I called any of them was [1] because they might impart a bit of respectability to our efforts if they sign on early, and [2] congressional committees and their investigators routinely raise hell with other branches of Govt (eg. the Military) and the prospect of supplying them with ammunition to shoot at each other pleases me immensely. >>You simply don't understand. This idea is bigger than you, it is bigger >>than me. Anyone who tries to wrap themselves completely around it will >>explode from the pressure. Thanks for your advice. Sheesh. FYI, the only thing I wrap myself completely around is a burritto. Bang! :) >>Let's' start a mailing group for `nambypambypunks'. This sort of ad hominem puerility doesn't even deserve a response. I'm tired of discussing this here: If anyone is still too dense to understand what I'm saying about patience, silence and persistence at this point, they have no business using anything as complicated as a computer. If those people continue to insist on trashing all the leg and phonework I have put in contacting Users by blorting the WB concept all over USENET with half-assed, ill-conceived newsgroups and Votes on Vaporware, I may just go elsewhere to do my good works and see if there are any people who have good invisible ink technology and can make up physical envelopes without leaving fingerprints. I imagine that those Cypherpunks who've put significant time into coding the anon and crypto technology can empathize. I don't feel like repeating myself any more. Let's be Golden, shall We? dave (slow and steady but getting pretty fed up by now) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: deltorto@aol.com Date: Mon, 19 Apr 93 10:40:50 PDT To: cypherpunks@toad.com Subject: BIZ: Mailing list name Message-ID: <9304191340.tn35254@aol.com> MIME-Version: 1.0 Content-Type: text/plain > In the light of recent developments concerning government cryptography > initiatives, we might soon find ourselves innundated by working press. > > Given this, I think that the name "cypherpunks" produces the wrong > connotations -- it makes us sound like criminals when we are in fact > people who are interested in expanding personal privacy with > technology. Often, little things like this end up being of tremendous > importance in the long haul. > > I would propose changing the name of the mailing list to > "cryptoprivacy" or something similar. How about Cypherfolks? Cryptoids? PrivacyWarriors? :) dave From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: deltorto@aol.com Date: Mon, 19 Apr 93 10:43:57 PDT To: cypherpunks@toad.com Subject: FWEE!: more on kiosks Message-ID: <9304191342.tn35269@aol.com> MIME-Version: 1.0 Content-Type: text/plain Yo Peoples, Eric responded to my "Three Strikes" against public kiosks: >>>[1] Strike One: Installation and maintenance costs (economics again). >>>[They are too high.] >> >>I'm not talking about building a network of machines just for the >>purpose of whistleblowing. I'm talking about making interfaces to >>existing systems. In particular, the public machines at sfnet would >>_also_ be interfaces to any whistleblowing system. The incremental >>cost is minimal; it's a small bit of software at the server. >> >>>[2] Strike Two: Lack of Privacy while using the kiosks. >> >>There is a different kind of privacy in a public space than in private >>space. In a private space, everyone may know where you live, but >>nobody knows what goes on inside. In a public space, everyone may see >>what happens, but no one knows who you are. Please consider these >>approximations to reality. In theory, I think it's not a dead idea, ie. there are possibilities here to be explored, and yes it's basically a simple software addition to SF Net by a remailer coder such as Eric. HOWEVER, having used the SF Net tables, I am a bit dubious about their Privacy viability in their current state. I have had bozos lean over my shoulder buggin me when I am having a "private" conversation with someone, and I have even seen people _photograph_ someone at the screen without their permission (amazing, huh?). IF there was a sort of Passport PhotoBooth approach, it might mitigate such physical problems: THEN the software end would become more feasible. Also, unless there is encryption built into SF Net (made unlikely by the overhead?), I probably wouldn't drive over from the Federal Building to log on and blow the whistle on some blue-suited government weasel. I still think that this is several stages away from being a useful idea UNTIL we have a working model with anonymity and encryption working on USENET first. >>In particular, since it is anonymity which is desired, a public place >>is sufficient. >> >>>I think Eric Hughes' argument (with due respects to Eric) about the >>>expensive economics of monitoring the kiosks falls down just a tad >>>when you consider that these would not even be _moving targets_! >> >>The cost of placing a video camera to monitor a computer inside a >>coffeehouse must also include the possibility of negative publicity >>and lawsuit when such an emplacement is discovered. Monitoring a >>public place in advance of any "crime" being committed is _very_ bad >>for job security and department funding. Well, your point is taken Eric, but I still stress that video monitoring would be trivial. First of all, if I was a three-letter agency, i SURE as hell wouldn't go to the operators of say, Brainwash Cafe and ASK to put a video cam up on the ceiling! I'd sneak in late one night and place a more sophisticated (and extremely tiny) unit over the table where it couldn't easily be found. Secondly, since when does the FBI worry about job security? I think they could easily convince a federal judge that they had reason to believe that government secrets might be leaked in public and get permission to monitor "that subversive group known as the 'Whistleblowers' and _every public terminal_ they've placed around SF." Maybe it's unlikely, but then so was the notion that CREEP would break into the Watergate Towers and stick bugs on McGovern's phones... >>>[...] but any such defenses would pale in comparison with the Privacy >>>inherent in the WB input from a single user's personal system. >> >>I am also not talking about replacing the ability to post from home. >>I am talking about expanding the number of entry points into the >>distribution system. I do understand this point, I'm just not totally convinced that public kiosks are the best solution to this problem. I am open to suggestions along this line, and I do think that it would at least be worth a test on SF Net. >>The largest benefit for public-space access is that you can use this >>if you don't have a computer at home. You can also use it if you >>don't have a computer at work. Agree 100%. I don't intend to discriminate against people just because they don't have a computer. >>>have the feeling that they would be a PRIMARY contributor to the overall >>>bullshit noise that would clutter up a decent WB systems and exponentially >>>increase the difficulty of filtering out the "good" stuff for proper use. >> >>A whistleblower system, by default, must be free of judgements about >>what is "good" to be on it and what is "bad". If someone thinks that >>something ought to be brought to light, then I say let them speak, no >>matter how trivial or inappropriate it might be. Forgive my semantics. When I say "good" (note the quotes), I refer to useful material that eventually produces the desired results. As far as the apparent triviality of an item, that is entirely up to the users (ie. the Press, Activist, or other operatives who "process" the information). As I have stated, it is not up to us to preview anything, only to help make it more likely that useful information from determined WB's with strategic info gets to the right people who can do something about it. This is a tough one, I admit. I believe that the key to this problem is part technology and part psychology: make the system easy enough to use that as many potential whistleblowers as possible will look at it, and just difficult enough so that only the most determined will actually send in their information. >>It is easy to ignore messages you don't want to consider. It is much, >>much harder to read messages that the author hesistates to write for >>fear of reprisal. A whistleblower system can tolerate more noise than >>usenet, since the core content of it can be so extremely valuable. A valid proposition. Keep in mind that part of the initial acceptance of the system among the users will be a high signal-to-noise ratio (at least during the early phases). >>If there is only access to a whistleblowing system for those who own >>computers or are provided access to them, then any such system will >>remain only a tool of the wealthy. You do not hear of abuses in labor >>law from anybody but the employees; these employees do not have >>computers. Agree 95%. >>Anybody who has NATIONAL SECRETS to tell is, I would guess, a fool to >>post twice from a particular location. Anybody who has anything >>lengthy or digitally copied to say cannot easily use this system. >>It's not conducive to digital signatures. "Level 10 WB" (with serious national secrets to divulge, such as unmentioned abuses at nuclear waste disposal plants, etc.) MUST be able to post from ANY location using a key established through preliminary contact with a WB Central User Registry. Ie., once a WB has established credentials by providing verifiable info, s/he must be given a key to a "WB PO Box" wherein s/he can leave msgs from any terminal with anonymity and encryption. FYI, a TV reporter mentioned that the most useful information usually crops up in the third or fourth contact with a WB - after all, there's a lot of preliminary "getting-to-know-each-other" formality to get past (the Trust Factor goes both ways, especially if the WB is placing him/herself in Jepoardy). Such capabilities should be built into any kiosk calling itself "fully WB-enabled." Perhaps SF Net tables could be considered "Introducing Stations" and not full-blown (pun intended) WB Stations, used only for a preliminaries. >>Public kiosks are not a panacea. To argue that they should therefore >>not exist is nonsense. I'm certainly glad I didn't say that in any way, as I hate being nonsensical. Phil Karn's excellent (and adventurous) suggestion that kiosk(s) be thought of more as a public mailbox than a public phone, strikes at the crux of the issue, though it presupposes that SF Net tables have floppy drives (of the correct type eg. Mac- or DOS-compatible drives?) and other technological amenities that they do not (yet?) have. The idea that a WB could prepare material in the privacy of his/her own home is very, very appealing. I genuinely apreciate all thoughful comments on the project. dave From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: internaut@aol.com Date: Mon, 19 Apr 93 11:08:57 PDT To: cypherpunks@toad.com Subject: FWEE!: the importance of being patient Message-ID: <9304191408.tn35454@aol.com> MIME-Version: 1.0 Content-Type: text/plain Yo, Apropos of my earlier posting calling for a delay in the establishment of the WB remailer, I herein repost portions of Marc Ringuette's excellent comments from March 26th on Remailer strategies: >>We must address a strategy question before it jumps on us. >>Do we want to be yet another "this remailer exists, let's >>stomp on it" whipping boy, or will another tactic be more >>effective? >> >>I have the following suggestion. Do not announce our >>cypherpunks remailers right away. This is not the right time. >>Instead, announce that we intend, at a later date, to install >>remailers which are "friendly" in the sense that they use a >>special header line, but which will be not be able to be shut >>down. Essentially, Marc and I agree on this issue (if I read him correctly). Marc's point seems to be that prematurely establishing anon remailers such as the WB system before the World is really ready for them will make us vulnerable to attack on a policy level and will significantly dimish the viability of such systems in general, by opening debate on whether or not this is a good idea before most potential users even understand WHAT it is we're trying to do. >>[ My suggestion for how to do this: encourage thousands of >>users who support anonymity to run the software, and make it >>easy for them to do so. Then, thousands of users must be >>kicked out in order to prevent remailers being available! ] This gets back to what I was saying about educating WB users, providing them with friendly software and getting lots of support before going public. >>But, here's the important part, DELAY RELEASE until after a >>waiting period. The delayed release is intended to allow >>concerned network sites and individuals to install filters for >>these messages, and to allow users the time to discuss this >>(and, for instance, to voice their objections to catch-all >>anonymity filters at the news-relay level). It also prevents >>our opponents from achieving a sense of "something must be >>done" urgency. [...] I couldn't have put it better. Opponents are looking for a chink in the theoretical anon armor, and at this point there are many. Calling all remailer specialists... dave ----- ASIDE: I'm not sure how many of you saw the posting about Port Watson in the Bahamas "An Island in the Net...", but it got me to thinking about how many Cypherpunks, Extropians and Libertarians would actually be interested in collaborating on setting up a physical location for the preservation of a secure, encrypted, anon remailing site on an island not legally bound by any nation (ie. no more problems like Julf has). I suppose it's a bit fantastic to consider, but I'm looking into the viability of selling/renting my SF house and moving down there. Anyone want to join me for a meeting on this subject? Would it be appropriate for discussion at the next physical meeting? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: internaut@aol.com Date: Mon, 19 Apr 93 11:08:57 PDT To: cypherpunks@toad.com Subject: ANON: accountability Message-ID: <9304191408.tn35455@aol.com> MIME-Version: 1.0 Content-Type: text/plain greg@ideath.goldenbear.com contributed: >>It's this slippery notion of 'accountability' that is perhaps >>at the root of this 'anonymity' problem - the idea that there's >>gonna be some hell to pay if somebody writes to >>'postmaster@leviathan.com', and complains about Chris Jones. >>The fact is, you can mail to 'postmaster@goldenbear.com' and >>whine all you like, it's just another alias for the same damn >>person (me). I think there are going to be more & more people >>like me in the future - I *am* my boss, the postmaster, and the >>sysadmin - and if people don't like what I do or say on the >>net, that's just too damn bad. I think Greg is right on the money here. The first time someone complained to my sysadmin (me), I'd send that person a sorrowful note apologizing for the nasty-icky behaviour prompting the complaint and assuring the complainer that the offending user on my system (also me) would have his account cancelled immediately. Then, I'd go back to living my life as I please. :) Seems to me that this approach would guarantee accountability on my system and keep everyone happy. dave Level Seven Design From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: TO1SITTLER@APSICC.APS.EDU Date: Mon, 19 Apr 93 13:26:38 PDT To: cypherpunks@toad.com Subject: Another forwarded message Message-ID: <930419142408.1d39@APSICC.APS.EDU> MIME-Version: 1.0 Content-Type: text/plain From: APSICC::GR2KITTRELL "TOO MANY SECRETS" 18-APR-1993 21:52:10.16 To: TO1SITTLER CC: Subj: Process From: SMTP%"igor@e5.ijs.si" 18-APR-1993 18:05:57.69 To: gr2kittrell@apsicc.aps.edu CC: Subj: (fwd) Re: Secret algorithm [Re: Clipper Chip and crypto key-escrow] Date: Mon, 19 Apr 1993 01:34:02 +0200 From: Igor Petrovski Message-Id: <199304182334.AA00721@kekec.e5.ijs.si> To: gr2kittrell@apsicc.aps.edu Subject: (fwd) Re: Secret algorithm [Re: Clipper Chip and crypto key-escrow] Newsgroups: sci.crypt Organization: Open Systems & Networks, ijs, Slovenia Relay-Version: VMS News - V6.1 30/1/93 VAX/VMS V5.5-1; site cathy.ijs.si Path: cathy.ijs.si!arnes.si!scsing.switch.ch!ira.uka.de!sol.ctr.columbia.edu!zaphod.mps.ohio-state.edu!darwin.sura.net!haven.umd.edu!uunet!looking!brad Newsgroups: sci.crypt Subject: Re: Secret algorithm [Re: Clipper Chip and crypto key-escrow] Message-ID: <1993Apr17.204850.26711@clarinet.com> From: brad@clarinet.com (Brad Templeton) Date: Sat, 17 Apr 1993 20:48:50 GMT References: Organization: ClariNet Communications Corp. Keywords: encryption, wiretap, clipper, key-escrow, Mykotronx Lines: 24 One presumes the system could work as follows: a) Blank clips are manufactured by Mykotronx and VLSI. The number produced is carefully audited and they are shipped to the first escrow house. It programs the chips with its half the key, and prints out a paper slip with the key half and non-secret chip serial number. The reams of paper are filed in locked boxes in the vault, a fuse is burnt in the chip so that the key is now unreadable. The chip then goes to the next escrow house, where the same thing is done. This continues through N escrow houses, perhaps, could be more than 2. The last one provides the chip to the cellular phone maker. And yes, this has to be a public key system or it would be almost impossible to handle. It might not be RSA, but that does not mean that PKP doesn't get paid. Until 1997, PKP has the patent on the general concept of public key encryption, as well as the particular implementation known as RSA. -- Brad Templeton, ClariNet Communications Corp. -- Sunnyvale, CA 408/296-0366 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Andrew Loewenstern Date: Mon, 19 Apr 93 15:41:05 PDT To: cypherpunks@toad.com Subject: comments on the clipper Message-ID: <9304191939.AA11767@valinor.cubetech.com> MIME-Version: 1.0 Content-Type: text/plain Going through all the messages on the Clipper, I noticed what may be a flaw that wasn't quite addressed... The family key, which is the same for all devices, is hardwired onto the chip with the algorithm. However, the device serial number and the unit key must be burned into a ROM. This is somewhat like the EIN/MIN burned into the ROM of a cellular phone. Just ask anyone who is familiar with cellular fraud how difficult it is to change the EIN/MIN of the phone. So it should be more than possible for anyone to throw a wrench into the system by using hacked phones that have a random device serial number. In this way it would not be possible for authorities to obtain the proper unit key since the device serial number would not exist in the escrow authority's database or would have the incorrect unit key associated with it. Of course, it is possible that the scheme (i.e. the algorithm and the handshaking) is not secure. Assuming it is not truly secure, I would think that only such agencies as the NSA and FBI would have not only the resources to decrypt Clipper generated communications without the session key, but the resources to keep such equipment from public knowledge (i.e. there is a companion device that breaks such communications). It would most likely be too difficult to keep such equipment secret if it were available to local and state authorities. Furthermore, the whole idea of escrow agents is hogwash to me. How difficult is it to get someone's credit report? How difficult is it to get social security records on a person? Apparently no information held by a government or even private agency like TRW is impossible or even exceedingly difficult to obtain, and anyone wishing to intercept your communications will simply have to buy off the appropriate persons at each escrow authority. To sum up, I think the whole idea stinks. andrew From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fnerd@smds.com (FutureNerd Steve Witham) Date: Mon, 19 Apr 93 12:14:30 PDT To: cypherpunks@toad.com Subject: Mad Musings/Sneath Message-ID: <9304191859.AA25735@smds.com> MIME-Version: 1.0 Content-Type: text/plain ld231782@longs.lance.colostate.edu sez> > > `cypherpunk' actually has some pretty endearing qualities as a name, > and I'd be a bit horrified to give it up, just when I was waiting for > the T shirt ``Cypherpunks do it stealthily'' (secretly? sneakily?). Cypherpunks do it with Sneath. (Sneath is a road near San Francisco.) Hey, did anybody think to just mail the people on that Clipper chip announcements list and ask them how they got on it? -fnerd quote me From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jet@nas.nasa.gov (J. Eric Townsend) Date: Mon, 19 Apr 93 15:34:26 PDT To: cypherpunks@toad.com Subject: non-cypher related question on audio analysis Message-ID: <9304192234.AA26763@boxer.nas.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain This is only the tiniest bit related to crypto, but that doesn't seem to be much outside the criteria for submissions to this list.. :-) Anyone got pointers to decoding audio tones? An intro book, source code, newsgroup, mailing list, somebody I can take to lunch? I'd like to sample audio with my SGI, and suck out various simple tones and combinations of tones. (DTMF, single pitch variant tones, etc.) thx. -- J. Eric Townsend jet@nas.nasa.gov 415.604.4311 NASA Ames Numerical Aerodynamic Simulation | play: jet@well.sf.ca.us Parallel Systems Support, CM-5 POC | '92 R100R / DoD# 0378 PGP2.1 public key available upon request or finger jet@simeon.nas.nasa.gov From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: david@staff.udc.upenn.edu (R. David Murray) Date: Mon, 19 Apr 93 13:03:35 PDT To: cypherpunks@toad.com Subject: How tapper works: see alt.privacy.clipper Message-ID: <9304192001.AA18866@staff.udc.upenn.edu> MIME-Version: 1.0 Content-Type: text/plain If it is not too late, please ignore my previous request for an explanation of how tapper works. I found the answer in alt.privacy.clipper. The missing piece of info was that the session key must be negotiated separately. -- david david@staff.udc.upenn.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fnerd@smds.com (FutureNerd Steve Witham) Date: Mon, 19 Apr 93 13:18:00 PDT To: cypherpunks@toad.com Subject: AT&T Announcement? Message-ID: <9304192015.AA26036@smds.com> MIME-Version: 1.0 Content-Type: text/plain > AT&T announced yesterday that will will begin selling devices with these > Clippers in them immediatly. We've been sold down the river by ma bell again. > > Dave Banisar > CPSR Washington Office Does someone know how to get an official-looking printed form of this announcement? I want something to xerox and send in when I switch long distance service. -fnerd quote me From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: robichau@lambda.msfc.nasa.gov (Paul Robichaux) Date: Mon, 19 Apr 93 14:20:56 PDT To: cypherpunks@toad.com Subject: Intergraph speaks! (sort of) Message-ID: <9304192120.AA00819@lambda.msfc.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain I just had a nice phonecon with Jim Ruester of Intergraph's public relations department. For those of you who don't follow CAD, Intergraph produces a line of workstations based on the Clipper CPU, a private-label RISC chip that Intergraph acquired from Fairchild some years ago. He hadn't seen the press release, or heard of the wiretap chip. His (predictable) reaction was to say that he'd forward it to their legal department. I asked that he pass any comments back to me for reposting here. A plea: please *don't* call Intergraph and bother them about this. Putting pressure on AT&T (which has announced products based on the wiretap chip) is one thing. Harrassing a company with a similarly named (and trademarked!) product, in the hope that they'll put pressure on the gov't, is nothing more than bothersome. -Paul -- Paul Robichaux, KD4JZG | HELP STOP THE BIG BROTHER CHIP! NTI Mission Software Development Div. | RIPEM key on request. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: sneal@muskwa.ucs.ualberta.ca (Sneal) Date: Mon, 19 Apr 93 16:03:21 PDT To: cypherpunks@toad.com Subject: The first casualty of war Message-ID: <9304192302.AA10374@muskwa.ucs.ualberta.ca> MIME-Version: 1.0 Content-Type: text/plain ld231782@longs.lance.colostate.edu writes: >Who Has the Keys? >----------------- > >The evasion of `who stores the keys' makes me wonder. It suggests that >the proposal was poorly crafted (which is true in any case), but, more >likely, IMHO, the scheme is weak enough for the NSA (but maybe not >cops) to break regardless, and hence their casual disregard for this >seemingly monumentally crucial point. It appears that the opposition is using the old rhetorical trick of "begging the question." Rather than stating the important question (which is "Should there be a key registration scheme?"), they jump right over it to "Who will register the keys?". The purpose is to focus debate on the latter issue without anyone stopping to examine the former. However, two can play at that game, as in: "Nobody seems to have thought about what will happen when Clipper is broken." "Developing a system that is "impervious" (to anyone but its developers) required at least four years." Sleazy? Yeah. Not that I'm advocating fighting fire with fire or anything. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: KINNEY WILLIAM H Date: Mon, 19 Apr 93 16:09:38 PDT To: cypherpunks@toad.com Subject: True Randoms Message-ID: <9304192309.AA11889@pprince.colorado.edu> MIME-Version: 1.0 Content-Type: text/plain A little nuclear physics anyone? Seems like one real bitch with roll-your-own cryptography is the scarcity of good random numbers to work with. I've read about various schemes using I/O buffers, or keystroke timing like PGP does (even there, true randoms are referred to as "precious"). So I thought a bit about how one could construct a true random generating box. Went out to Sears and bought a $7 smoke detector, a "Family Gard" model FG888D, and took it apart. What's inside is a 1.0 microCurie chunk of Americium 241 (I checked other models, and they seem to all be AM241, right around the 1 uCi activity range, although I have an older one at home with 5.0 uCi). I did a little research on the isotope in the CRC Handbook and the Brookhaven National Lab's online database, and what I found was pretty interesting: About AM241: Half-Life: 458 years Decay: AM241 ---> (Neptunium 237) + (5.5 MeV alpha particle) 1.0 uCi = 37,000 decays/second average NP237 has a half-life of around 2 million years This is very good design. AM241 has only one basic decay mode, and it decays to an essentially inert daughter product without any intermediate daughters to worry about. Very simple and safe. In addition, the 1.0 uCi activity of the sample makes the decay rate just right for counting alphas with electronic devices -- a 100 KHz sample rate would be overkill for resolving individual alphas. And the half-life is long enough to make the source relatively stable over a reasonable period of use. I took my sample into the lab and it barely registered on the geiger counter, but when I set it up on a scintillating detector, I got about 1200 counts/sec above a background of 25 count/sec. A nice clear signal. Seems to me it would be pretty easy to buy a small solid-state detector and a couple of chips and wire it up to toggle a pin on an RS232 cable, giving a nice true random source -- for instance, assuming the 1200 counts/sec rate I saw in the lab, you could count alphas for 10 milliseconds and send a 1 down the cable if you saw an odd number, a 0 if you saw an even number. Could probably do better than 1200 /sec, too, I bet. Does anyone see a real need for something like this? Any hardware jocks out there who could lend some expertise? Radiological safety data (permissible quarterly intake): AM241 (oral): 7.6 uCi AM241 (inhalation): 3.8E-03 uCi NP237 (oral): 6.2 uCi NP 237 (inhalation): 2.5E-03 uCi In other words, whatever you do, don't smoke it... -- Will From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jet@nas.nasa.gov (J. Eric Townsend) Date: Mon, 19 Apr 93 18:14:40 PDT To: cypherpunks@toad.com Subject: NSA and all this (was Let's see here ... In-Reply-To: Message-ID: <9304200114.AA02335@boxer.nas.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain Paul Ferguson writes: > - The Clinton administration was presented with a golly-gee proposal > from either the NSA or the NIST (probably both) on a way to "offer" > public encryption. ('Nuf said.) Actually, according to an ex-NSA'er I know, probably not the NSA. They claim that this sort of thing gets attributed to them quite often when they in fact have little, if anything, to do with "minor stuff like that". They went on to say "anybody who really *needs* to have crypto cellular calls will already buys stuff from other countries and modifies it for use here." Think about the resources *that* implies. Also, if the clipper thing is "minor", I'm not sure I want to know what major is. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peb@PROCASE.COM Date: Mon, 19 Apr 93 18:17:10 PDT To: pmetzger@lehman.com Subject: Re: Mailing list name Message-ID: <9304200115.AA03350@banff> MIME-Version: 1.0 Content-Type: text/plain I vote for cryptoprivacy because it is more appropriate, and due to recent events, it helps to be clear about these things when the media gets involved. Examples: 1. The infamous CBS coverage of the Hacker's Conference that turned "Cracker" Conference in the nightly news regardless of what the reporters were told. 2. Notice how the NIST press release said ``This system is more secure than many other voice encryption systems readily available today. [^^^^^^^^^^^^^^^^^^^^^^ not claiming the best] While the algorithm will remain classified to protect the security of the key escrow.'' but the Knight-Ridder translated this into: ``...National Security Agency invented a new coding device, called the "Clipper Chip," which is said to be much harder to crack than encoding systems now on the market. Now the wiretap chip sounds better than any equipment on the market rather than "better than many" which is a very weak claim. Happens all the time. Information must be very clear. Punk isn't the right word. Paul E. Baclace peb@procase.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peb@PROCASE.COM Date: Mon, 19 Apr 93 18:42:50 PDT To: cypherpunks@toad.com Subject: Sound bite time Message-ID: <9304200141.AA03355@banff> MIME-Version: 1.0 Content-Type: text/plain Okay, here are my sound bytes: 1. The long one (needed when they try to outlaw encryption): As we move into the electronic frontier, the freedom to use crypto-privacy technology is becoming the equivalent to the right to bear arms: it is the last line of defense against a tyrannic government. The good news is that privacy is a defensive technology, not an offensive one. Giving up this un-enumerated right could be disasterous to future generations. 2. The short one (simple-minded Clipper is no good): Crypto Privacy is like a bullet proof vest for your transmitted speech; the Clipper chip is a paper jacket with extra zippers in the back. Paul E. Baclace peb@procase.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: (Chris Burian) Date: Mon, 19 Apr 93 17:20:17 PDT To: cypherpunks@toad.com Subject: send info Message-ID: <199304200020.AA11361@ux4.cso.uiuc.edu> MIME-Version: 1.0 Content-Type: text/plain send info #or, if you're human, _please_ send info on how to subscribe & send the FAQ. #Thanks, Chris Burian -------------------------------------------------------------------------- | Chris Burian | PGP public key available on a server near you | -------------------------------------------------------------------------- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Nathan Rorvig Date: Mon, 19 Apr 93 17:32:22 PDT To: cypherpunks@toad.com Subject: Unsubscribe Message-ID: MIME-Version: 1.0 Content-Type: text/plain Please, unsubsribe me now. Thanks. The mail volume is way to much. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: grady@netcom.com (1016/2EF221) Date: Mon, 19 Apr 93 19:37:39 PDT To: cypherpunks@toad.com Subject: Waco, crypto, and unbreakable links Message-ID: <9304200237.AA14578@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain We can only speculate that the loss of life might have been much fewer if the Branch Davidian cult had a copy of PGP as well as a 2m packet radio. They could have maintained private links with journalists who could have given us their side of the story, which now, tragically will never be told. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Mon, 19 Apr 93 19:42:36 PDT To: KINNEY WILLIAM H Subject: Re: True Randoms Message-ID: <9304200242.AA15040@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain William Kinney writes: >A little nuclear physics anyone? > >Seems like one real bitch with roll-your-own cryptography is the >scarcity of good random numbers to work with. I've read about various >schemes using I/O buffers, or keystroke timing like PGP does (even >there, true randoms are referred to as "precious"). > >So I thought a bit about how one could construct a true random generating >box. Went out to Sears and bought a $7 smoke detector, a "Family Gard" > >Does anyone see a real need for something like this? >Any hardware jocks out there who could lend some expertise? What follows is my standard "alpha particles as sources of random numbers" posting, which I have forwarded to the list a couple of times. (I'm not being at all critical of William Kinney for raising the issue again.) Quick summary: thermal noise in a back-biased diode is easier to get, has more bandwidth, doesn't have safety concerns, and is readily buildable. From: tcmay (Timothy C. May) Message-Id: <9210260530.AA00679@netcom2.netcom.com> Subject: Alpha Particles and One Time Pads To: cypherpunks@toad.com Date: Sun, 25 Oct 92 22:30:54 PDT Cc: tcmay (Timothy C. May) X-Mailer: ELM [version 2.3 PL11] Fellow Cypherpunks, Here's a posting I just sent to sci.crypt, dealing with using alpha particle sources as noise sources for generating one-time pads. Ordinarily I wouldn't bother you folks with this, especially since you're all reading sci.crypt (aren't you? Only the FidoNetters have a good excuse not to.). But this thread ties together two aspects of my life, cryptography and alpha particle errors in chips. --Tim Newsgroups: sci.crypt Path: netcom.com!tcmay From: tcmay@netcom.com (Timothy C. May) Subject: Re: Hardware random number generators compatible with PCs? Message-ID: <1992Oct26.051612.29869@netcom.com> Organization: Netcom - Online Communication Services (408 241-9760 guest) X-Newsreader: Tin 1.1 PL5 References: <1992Oct25.224554.1853@fasttech.com> Date: Mon, 26 Oct 1992 05:16:12 GMT Bohdan Tashchuk (zeke@fasttech.com) wrote: : The recent post on building a random number generator using a zener diode got : me to thinking once again about commercial alternatives. : : I haven't seen any commercial alternatives discussed here recently. And since : the market is so specialized, they may well exist but I'm simply not aware of : them. : : The ideal product would have the following features: : : * cost less than $100 : * use a radioactive Alpha ray emitter as the source It's a small world! In my earlier incarnation as a physicist for Intel, I discovered the alpha particle "soft error" effect in memory chips. By 1976 chips, especially dynamic RAMs, were storing less than half a million electrons as the difference between a "1" and a "0". A several MeV alpha could generate more than a million electron-hole pairs, thus flipping some bits. (Obviously the effect of alphas on particle detectors was known, and smoke detectors were in wide use, but nobody prior to 1977 knew that memory bits could be flipped by alphas, coming from uranium and thorium in the package materials. It's a long story, so I won't say any more about it here.) : * connect to an IBM PC serial or parallel port : * be "dongle" sized, ie be able to plug directly onto the port, and : not have a cable from an external box to the port : * be powered directly from the port : * generate at least 1000 "highly random" bits per second This should be feasible by placing a small (sub-microcurie) amount of Americium-241 on a small DRAM chip that is known to be alpha-sensitive (and not all of them are, due to processing tricks). Errors would occur at random intervals, depending on which bits got hit. Getting 1000 errors a second would be tough, though, as such high intensities would also tend to eventually destroy the chip (through longterm damage to the silicon, threshold voltage shifts, etc.). If you really want to pursue this seriously, I can help with the calculations, etc. : Details: : : Certainly in high volume these things can be made cheaply. Smoke detectors : often sell for under $10, and have a radioactive source, an IC, a case, etc. Yes, but smoke detectors use ionization in a chamber (the smoke from a fire makes ionization easier). That is, no real ICs. But ICs, and even RAM chips, are cheap, so your $10 figure is almost certainly in the ballpark. A bigger concern is safety, or the _perceived_ safety. Smoke detectors have, I understand, moved away from alpha particle-based detectors to photoelectric detectors (smoke obscures beam of light). Don't underestimate the public's fear of radioactivity, even at low levels. : Using a well-designed circuit based on Alpha decay should mean that the : randomness is pretty darn good. But not necessarily any better than noise from a Zener. With the higher bit rate from diode noise, more statistical tricks can be done. The relatively low bit rate from alpha decay gives less flexibility. On the other hand, alpha hits are undeniably quite random, with essentially no way to skew the odds (unlike with diode noise). : Everyone these days has either a serial or parallel port available, either : directly or thru a switch box. : : The tiny "dongle" size is a convenience. If it is small and powered directly : from the port, there are no cables to get in the way. There is enough power : available from the signal lines on these ports to power simple devices. E.g. : most mice don't require an external power supply. : : For most applications 1000 bits per second should be adequate. For example, : it would be quite adequate for session keys. For generating pseudo : one-time-pads, an overnight run should generate plenty of values. Continuously : generating values for a month would produce about 300 MB, which should be : enough to exchange new CD-ROM key disks once a month. One time pads are complicated to use. Only very high security applications that can also afford them use them. For example, some diplomatic traffic. I can't conceive of a case where 300 MB a month could be used. And _theft_ (or copying) of the CD-ROM one time pads has got to be a much bigger issue that whether alpha particle noise sources are better than diode noise sources! By about 10 orders of magnitude I would say. Black bag jobs on the sites holding the keys will be the likeliest attack, not trying to analyze how random the noise is (even a fairly crummy noise source will not yield enough information to a cryptanalyst trying to break a one-time pad). Having said all this, I'm glad you gave some thought to alphas. For a time in the late 1970s this was the chip industry's number one headache...it was definitely the most exciting time of my life. --Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | PGP 2.0 and MailSafe keys by arrangement. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Mon, 19 Apr 93 17:54:10 PDT To: cypherpunks@toad.com Subject: Let's see here ... Message-ID: MIME-Version: 1.0 Content-Type: text/plain Once again, I pull together my collective thoughts (that _was_ rather difficult) and send them along for the remainder of the cypherpunks to ponder. It would appear that several things have happened; let's see if I can summarize - - The Clinton administration was presented with a golly-gee proposal from either the NSA or the NIST (probably both) on a way to "offer" public encryption. ('Nuf said.) - From what we have surmised (researched, hypothesized and down-right taken for face value), the government (whether it be the NIST or whomever) has obviously been working on this "technology" for a few years. Albeit, their negligence to inform anyone. - Mr. Clinton and crew obligingly acknowledge this new, technological wonder, and think that they're doing us all a favor. - Enter the "Clipper Chip", and all it's fanfare. Okay. I took The Dark One's advice (not that I needed the prodding, mind you) and faxed every one of the contacts on the list that he posted earlier (a couple of which were voice numbers, BTW). The big three (ABC, NBC and CBS + CNN) got my fax and my thoughts on the subject. I'm mad as hell, too -- yet I'm more prone to bringing this highly volatile subject (it would seem that it's only an explosive situation to those of us who understand it's implications) into the public eye. Let's put this topic into proper prospective -- for the layman, for the "man in the streets." Let me try to put this into prospective for some of our less politically inclined participants. For those of you who live within earshot of the "Beltway", you are probably familiar with the G. Gordon Liddy radio show. Well, to make a long story short, one afternoon the topic was computer crime. A young man called in to express his concern with the topic of "underground" computer virus distribution and all that rot. He was talking on a deaf ear, folks. The program was dominated by yuppies, calling in worried about their precious credit records and how they could possibly be disclosed or damaged by the computer criminals. I turned off the show in disgust at that point, but the point is this: No matter how hard you attempt to bring matters into the light that the _computer_ public should be concerned about, they revert into their own realm of protected computerdom. This is an observation, not a conviction. What we need to do, is to make folks understand that this is not just a computer issue -- it's privacy issue, for cryin' out loud! If the techno-fascists within certain levels of government service think that they can _impose_ their will on the computer community at large, they are most definately ill-informed. Most would probably think that they could fluff this little tidbit of "legislation" into reality. Bottom line: I stand by the ideals that we have every right, as common citizens, to encrypt and cipher as we see fit. Legality be damned. (This is not a legality issue, for christ's sake!) This is an issue where the government is playing bully and we find ourselves on the receiving end of their quest for superiority. I urge each and every one of you to take the time to write your congressman, fax the closest televison or radio station and make this topic as public as possible! I refuse to be treated like a criminal because I desire electronic privacy. Say "No". Cheers. Oh. By the way, I'm looking for some kind sort to offer an avenue to place Legal Net News on an archive site on a regular basis. I find it extremely difficult to meet subscription requests and would prefer to offer this compilation as an anon FTP'able newsletter. Any takers? Issue 2 has bee released, which covers our recent travails .... Paul Ferguson | Uncle Sam wants to read Network Integration Consultant | your e-mail... Alexandria, Virginia USA | Just say "NO" to the Clipper fergp@sytex.com | Chip... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Mon, 19 Apr 93 21:02:58 PDT To: extropians@gnu.ai.mit.edu Subject: (fwd) THE CLIPPER CHIP: A TECHNICAL SUMMARY Message-ID: <9304200403.AA18854@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Cypherpunks, Here's the most complete and readable summary of the Wiretap Chip I've seen. Ironically, it comes from none other than Dorothy, the Wicked Witch of the East, who claims she knew nothing of it until Thursday night, just before the announcement. Curiouser and curiouser. -Tim May From: denning@guvax.acc.georgetown.edu Newsgroups: sci.crypt Subject: THE CLIPPER CHIP: A TECHNICAL SUMMARY Date: 19 Apr 93 18:23:27 -0400 Distribution: world Organization: Georgetown University The following document summarizes the Clipper Chip, how it is used, how programming of the chip is coupled to key generation and the escrow process, and how law enforcement decrypts communications. Since there has been some speculation on this news group about my own involvement in this project, I'd like to add that I was not in any way involved. I found out about it when the FBI briefed me on Thursday evening, April 15. Since then I have spent considerable time talking with the NSA and FBI to learn more about this, and I attended the NIST briefing at the Department of Commerce on April 16. The document below is the result of that effort. Dorothy Denning --------------- THE CLIPPER CHIP: A TECHNICAL SUMMARY Dorothy Denning April 19, 1993 INTRODUCTION On April 16, the President announced a new initiative that will bring together the Federal Government and industry in a voluntary program to provide secure communications while meeting the legitimate needs of law enforcement. At the heart of the plan is a new tamper-proof encryption chip called the "Clipper Chip" together with a split-key approach to escrowing keys. Two escrow agencies are used, and the key parts from both are needed to reconstruct a key. CHIP STRUCTURE The Clipper Chip contains a classified 64-bit block encryption algorithm called "Skipjack." The algorithm uses 80 bit keys (compared with 56 for the DES) and has 32 rounds of scrambling (compared with 16 for the DES). It supports all 4 DES modes of operation. Throughput is 16 Mbits a second. Each chip includes the following components: the Skipjack encryption algorithm F, an 80-bit family key that is common to all chips N, a 30-bit serial number U, an 80-bit secret key that unlocks all messages encrypted with the chip ENCRYPTING WITH THE CHIP To see how the chip is used, imagine that it is embedded in the AT&T telephone security device (as it will be). Suppose I call someone and we both have such a device. After pushing a button to start a secure conversation, my security device will negotiate a session key K with the device at the other end (in general, any method of key exchange can be used). The key K and message stream M (i.e., digitized voice) are then fed into the Clipper Chip to produce two values: E[M; K], the encrypted message stream, and E[E[K; U] + N; F], a law enforcement block. The law enforcement block thus contains the session key K encrypted under the unit key U concatenated with the serial number N, all encrypted under the family key F. CHIP PROGRAMMING AND ESCROW All Clipper Chips are programmed inside a SCIF (secure computer information facility), which is essentially a vault. The SCIF contains a laptop computer and equipment to program the chips. About 300 chips are programmed during a single session. The SCIF is located at Mikotronx. At the beginning of a session, a trusted agent from each of the two key escrow agencies enters the vault. Agent 1 enters an 80-bit value S1 into the laptop and agent 2 enters an 80-bit value S2. These values serve as seeds to generate keys for a sequence of serial numbers. To generate the unit key for a serial number N, the 30-bit value N is first padded with a fixed 34-bit block to produce a 64-bit block N1. S1 and S2 are then used as keys to triple-encrypt N1, producing a 64-bit block R1: R1 = E[D[E[N1; S1]; S2]; S1] . Similarly, N is padded with two other 34-bit blocks to produce N2 and N3, and two additional 64-bit blocks R2 and R3 are computed: R2 = E[D[E[N2; S1]; S2]; S1] R3 = E[D[E[N3; S1]; S2]; S1] . R1, R2, and R3 are then concatenated together, giving 192 bits. The first 80 bits are assigned to U1 and the second 80 bits to U2. The rest are discarded. The unit key U is the XOR of U1 and U2. U1 and U2 are the key parts that are separately escrowed with the two escrow agencies. As a sequence of values for U1, U2, and U are generated, they are written onto three separate floppy disks. The first disk contains a file for each serial number that contains the corresponding key part U1. The second disk is similar but contains the U2 values. The third disk contains the unit keys U. Agent 1 takes the first disk and agent 2 takes the second disk. The third disk is used to program the chips. After the chips are programmed, all information is discarded from the vault and the agents leave. The laptop may be destroyed for additional assurance that no information is left behind. The protocol may be changed slightly so that four people are in the room instead of two. The first two would provide the seeds S1 and S2, and the second two (the escrow agents) would take the disks back to the escrow agencies. The escrow agencies have as yet to be determined, but they will not be the NSA, CIA, FBI, or any other law enforcement agency. One or both may be independent from the government. LAW ENFORCEMENT USE When law enforcement has been authorized to tap an encrypted line, they will first take the warrant to the service provider in order to get access to the communications line. Let us assume that the tap is in place and that they have determined that the line is encrypted with Clipper. They will first decrypt the law enforcement block with the family key F. This gives them E[K; U] + N. They will then take a warrant identifying the chip serial number N to each of the key escrow agents and get back U1 and U2. U1 and U2 are XORed together to produce the unit key U, and E[K; U] is decrypted to get the session key K. Finally the message stream is decrypted. All this will be accomplished through a special black box decoder operated by the FBI. ACKNOWLEDGMENT AND DISTRIBUTION NOTICE. All information is based on information provided by NSA, NIST, and the FBI. Permission to distribute this document is granted. -- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fnerd@smds.com (FutureNerd Steve Witham) Date: Mon, 19 Apr 93 19:01:07 PDT To: cypherpunks@toad.com Subject: The Wing-Clipper Message-ID: <9304200142.AA27709@smds.com> MIME-Version: 1.0 Content-Type: text/plain > Matthew Lyle (214) 888-0474 > OpenConnect Systems matt@oc.com > Dallas, TX > > "...and once you have tasted flight, you will walk the earth with your > eyes turned skyward, for there you have been, and there you long > to return..." It's the Wing-Clipper chip. Great emblem: a bald eagle with its wings clipped. -fnerd quote me From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Mon, 19 Apr 93 19:04:36 PDT To: peb@PROCASE.COM Subject: Re: Sound bite time In-Reply-To: <9304200141.AA03355@banff> Message-ID: <9304200203.AA15663@mu-hsu-chicken.aktis.com> MIME-Version: 1.0 Content-Type: text/plain Neither of those is aimed at Joe Average Citizen. The first isn't any good, because most people don't see any need to protect against a tyranny. The second is no good because although people might be afraid of getting shot, most people don't go around wearing bulletproof vests all the time. I'd be for something applicable and simple like "Giving the government keys to your encrypted messages is like giving them keys to the front door of your house." People can relate to that. Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Mon, 19 Apr 93 21:35:40 PDT To: sasha@cs.umb.edu (Alexander Chislenko) Subject: Re: Is 40 bits too little? In-Reply-To: <199304200401.AA26166@ra.cs.umb.edu> Message-ID: <9304200423.AA04402@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain > Yes, in just a trillion iterations you can test all possible keys. > But if for testing *each* key you will have to figure out whether a text > /signal you produced represents sensible speech... - it may be prohibitively > expensive. > Well, what if you're "close?" Will it sound "kinda sensible?" Perhapse it would sound like long distance.... ;^) Just a thought. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | | But, I was mistaken. |available| | +-----------------------------+---------+ | mdiehl@triton.unm.edu | "I'm just looking for the opportunity | | mike.diehl@fido.org | to be Politically Incorrect! | | (505) 299-2282 | | +-----------------------+---------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uni@acs.bu.edu (Shaen Bernhardt) Date: Mon, 19 Apr 93 20:13:41 PDT To: cypherpunks@toad.com Subject: Sound Bite Message-ID: <9304200313.AA107798@acs.bu.edu> MIME-Version: 1.0 Content-Type: text/plain "Giving the government keys to your encrypted messages is like giving them keys to the front door of your house." + "and accepting the promise, we'll only use them with proper authority." From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Douglas Barnes Date: Mon, 19 Apr 93 23:43:34 PDT To: cypherpunks@toad.com Subject: Sound bite (a bit crude) Message-ID: <9304200447.AA28123@wixer> MIME-Version: 1.0 Content-Type: text/plain Came up during brainstorm session for article: "Clipper Chip Encryption: A leaky condom for the masses?" -- Doug (gumby@wixer.bga.com) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: David Reeve Sward Date: Mon, 19 Apr 93 20:52:04 PDT To: cypherpunks@toad.com Subject: Re: Sound Bite In-Reply-To: <9304200313.AA107798@acs.bu.edu> Message-ID: MIME-Version: 1.0 Content-Type: text/plain > "Giving the government keys to your encrypted messages is like giving > them keys to the front door of your house." > > + "and accepting the promise, we'll only use them with proper authority." "*wink* *wink*" -- David Sward sward+@cmu.edu Finger or email for PGP public key: 3D567F Fingerprint = E5 16 82 B0 3C 96 DB 6F B2 FB DC 8F 82 CB E9 45 Stop the Big Brother Chip - Just say NO to the Clipper "Wiretap" Chip! From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Mon, 19 Apr 93 23:53:42 PDT To: peb@PROCASE.COM Subject: Re: Sound bite time Message-ID: <9304200653.AA10987@servo> MIME-Version: 1.0 Content-Type: text/plain Paul E. Baclace: >As we move into the electronic frontier, the freedom to use crypto-privacy >technology is becoming the equivalent to the right to bear arms: >it is the last line of defense against a tyrannic government. The good >news is that privacy is a defensive technology, not an offensive one. >Giving up this un-enumerated right could be disasterous to future >generations. I really, *REALLY* hope that this argument doesn't catch on. Regardless of your opinions on gun control, you have to admit that linking crypto to weapons saddles it with an enormous amount of political baggage that we simply doesn't need. And it plays right into the hands of those in the government who consider it as a "munition" for export control purposes. I think we already have plenty of strong arguments in defense of the right to encrypt without opening up this can of worms. It can only turn off a lot of people who would otherwise support us. Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Alexander Chislenko Date: Mon, 19 Apr 93 21:01:14 PDT To: cypherpunks@toad.com Subject: Is 40 bits too little? Message-ID: <199304200401.AA26166@ra.cs.umb.edu> MIME-Version: 1.0 Content-Type: text/plain Yes, in just a trillion iterations you can test all possible keys. But if for testing *each* key you will have to figure out whether a text /signal you produced represents sensible speech... - it may be prohibitively expensive. Alex Chislenko. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com Date: Mon, 19 Apr 93 21:35:53 PDT To: cypherpunks@toad.com Subject: Re: Is 40 bits too little? Message-ID: <9304200435.AA00977@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text h Yes, 40 bits would be too little, especially since you can probably tell if you've got the correct key by the form of the data, but they're actually generating your 80-bit key as the XOR of two other 80-bit numbers, and searching 2**80 still takes reasonably long. Unfortunately, the method of generating the two 80-bit numbers is disturbingly suspect; see articles in sci.crypt and alt.privacy.clipper posted by Steve Bellovin and somebody with email from Martin Hellman and Dorothy Denning. Bill Stewart From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Tue, 20 Apr 93 01:08:21 PDT To: cypherpunks@toad.com Subject: Re: Sound bite time Message-ID: <9304200808.AA15339@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Phil Karn, referring to some parallels with gun control, writes: >I really, *REALLY* hope that this argument doesn't catch on. >Regardless of your opinions on gun control, you have to admit that >linking crypto to weapons saddles it with an enormous amount of >political baggage that we simply doesn't need. And it plays right into >the hands of those in the government who consider it as a "munition" >for export control purposes. > >I think we already have plenty of strong arguments in defense of the >right to encrypt without opening up this can of worms. It can only >turn off a lot of people who would otherwise support us. I agree. Mentioning guns raises too many confusing issues, including emotional reactions, talk of private vs. public ownership, etc. Several decades ago it might have been better received. The compelling "sound bites" revolve around these kinds of examples: - having to deposit copies of all your private letters with the authorities, "in case" they need to later read them... - not being allowed to use locks--on anything--that the government can't bypass - recording all private conversations and escrowing the tapes, just in case the government later wants to hear them - video cameras in all bedrooms to allow the police to check for illegal activities (even with proper "court orders," most people will react with shock at this suggestion) These are things that everyone can understand. And be shocked by. When they realize just how similar the "key escrow" idea is to these examples, they may get more indignant. -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, smashing of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. Waco Massacre + Big Brother Wiretap Chip = A Nazi Regime From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Mon, 19 Apr 93 22:38:04 PDT To: Cypherpunks Subject: Is 40 bits too little? Message-ID: <930420053136_74076.1041_FHD37-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain Just to remind everyone, the clipper key is not 40 bits. It is 80 bits. It is not divided up into two 40-bit halves. It is the result of xor'ing two 80-bit numbers, each of which would be held separately. Knowing one of the numbers would not improve your chances of guessing the key. Hal From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Tue, 20 Apr 93 03:09:46 PDT To: tcmay@netcom.com (Timothy C. May) Subject: Another Clipper Weakness In-Reply-To: <9304200403.AA18854@netcom3.netcom.com> Message-ID: <9304201009.AA21829@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain Another clipper weakness. The unit key is derived directly from the serial number for the chip. We are supposed to feel comfy that the unit key is 80 bits long -- but the unit serial numbers are only 30 bits long! Am I crazy, or could you could systematically generate all possible unit keys! Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: robichau@lambda.msfc.nasa.gov (Paul Robichaux) Date: Tue, 20 Apr 93 06:03:37 PDT To: cypherpunks@toad.com Subject: NPR piece on "Clipper Chip" this morning Message-ID: <9304201303.AA23547@lambda.msfc.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain NPR did a (for them, anyway) well-balanced piece on the wiretap chip this morning. Per their standard, the reporter (Dan Charles) had sound bites from both sides: Whit Diffie, representing the strong-privacy-through-crypto crowd, and the (acting?) director of NIST, Raymond whose-last-name-I-forget. Highlights: Diffie compared Clipper to a real estate lockbox. The feds don't have to have the key to the house (=phone), just the key to the lockbox. If you change your Clipper key, the chip keeps a copy. NIST guy said that he strongly supports individual privacy, but law enforcement needs have to be counted, too. Diffie (rough quote): "Technology makes policy. If the gov't spends hundreds of millions of dollars on a chip which allows them to tap phones, they will do so because the technology's there." Good for NPR. A balanced piece. -Paul -- Paul Robichaux, KD4JZG | HELP STOP THE BIG BROTHER CHIP! NTI Mission Software Development Div. | RIPEM key on request. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Wayner Date: Tue, 20 Apr 93 05:21:01 PDT To: cypherpunks@toad.com Subject: Objections... Message-ID: <199304201220.AA27725@access.digex.com> MIME-Version: 1.0 Content-Type: text/plain I think one very serious objection to the SkipJack system is that the secrecy prevents us from coming up with Software implementations of the system. Naturally, they don't want that to happen because people start finding easy ways to screw up the encrypted block of key information needed by the government. But regardless of that, software implementations of DES have been extremely useful for everyone. There is probably 10 times as much encryption done using software DES than hardware. Maybe 1000 times as much. The fact is that software protection is much easier for the public to use. They don't need to buy an extra chip for their computer. They just run some software. It's cheaper. More populist. I think this is the most practical and non-inflamatory argument for public access to the algorithm. -Peter Wayner From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: zane@genesis.mcs.com (Sameer Parekh) Date: Tue, 20 Apr 93 06:35:33 PDT To: cypherpunks@toad.com Subject: CLIP: Revised sample letter Message-ID: MIME-Version: 1.0 Content-Type: text I finished my letter about the wiretap chip. (I still need to proof for grammar, but the content I have set.) I'm posting it here so others may see it and their efforts could be aided. Feel free to distribute this AS MUCH as possible. If you want to comment on the letter, so so publicly, because I am sending this tomorrow morning and sending to me privately will do no good-- I will have sent it by the time I read your comments. Comments *will* be helpful though for other people. I will keep the lists informed as to what response I get from my letter if people wish. -- | Sameer Parekh-zane@genesis.MCS.COM-PFA related mail to pfa@genesis.MCS.COM | | Apprentice Philosopher, Writer, Physicist, Healer, Programmer, Lover, more | | "Be God" - Me __ "Specialization is for Insects" - Robert A. Heinlein ____/ Editor: The Clinton administration on Friday unveiled their plan for establishing a standard data encryption system for voice communications. President Clinton says that he wants to bring the United States into the twenty-first century. This proposal is bringing us to 1984. I will mention first the technical reasons why the system is inadequate. The encryption algorithim is classified; only a select group of people will be allowed to examine the algorithim for flaws. The members of the cryptographic community continually and persistently emphasize that the only way to ensure security in a cryptographic system is to have as many people as possible analyze and try to break it for as long as possible. A system which has been examined by a small segment of the population should not be trusted. Release of the algorithim is crucial to verification of a good encryption method. The earlier Data Encryption Standard (DES) for data storage encryption was a very strong standard; the academic world examined it and after a number of months found weaknesses, spawning the now-standard "triple-DES" system which is more secure. From what little is known about the encryption system, it appears to be a weak system. Such a weak system lends itself to easy decryption by an unauthorized party. It would lend a false sense of security to laypersons in the field who do not realize that a key of such simplicity could be cracked easily by any talented criminal. The necessarily secure communications between a doctor and his patient could be thus breached. If the system were strong, the government would use it for internal use, but according to the AT&T release, the government will not be using the same chip which is marketed to consumers. Apart from the technical flaws in the system, there are many political problems with this big brother proposal. First, there is the assumption that the government has a right to spy on its own citizens. The proposal for this wiretap chip includes the registration of keys with two escrow agencies. This proposal is purported to allow law enforcement to keep track of "terrorists" and "drug-dealers." The first flaw in this key-escrow system is that no self-respecting criminal will use a cryptography system which can be easily tapped by law enforcement officials-- they will use strong cryptography. The only people who may end up using the wiretap encryption system will be law-abiding laypeople who don't fully understand cryptography. (Law-abiding citizens who do understand cryptography will use strong cryptography to preserve their privacy from a talented criminal.) The proposal states that in order to obtain the key of a wiretap chip user a law enforcement agency must first establish that they have a valid interest in the key. Translated out of legalese, that means that all a government agency will have to do to get access to all of the private communications, for example, between a lawyer and her client will be to fill out the necessary forms. Registering cryptographic keys with the government is similar to giving the IRS the keys to your house and filing cabinet. A criminal who wants access to the communications between a priest and confessor needs only to find a corrupt judge. The chip is being manufactured exclusively by one company. The release stated that the Attorney shall request (i.e. coerce) telecommunication product manufacturers to use this product. This aspect of the system is a government-mandated monopoly. Such monopolies result in high prices and the elimination of market forces which drive the improvement of technology. (One needs only look at the state of the Soviet Union to see how the lack of market forces affects consumer technology.) The system exposes our President's hypocrasy because of his campaign promise to protect womens' rights to privacy and that he will see a Supreme Court nominee who believes that the Bill of Rights guarantees a right to privacy. By mandating a weak cryptosystem he is reneging on his promise to provide privacy rights to the nation's citizenry. If Clinton supported a right to privacy to limit government interference with regards to abortions, he must limit government interference with regards to communication. Another element of Clinton's hypocrasy lies in his promise to reduce the budget deficit. By introducing additional responsibilities for government agencies (keeping track of the millions of keys registered in escrow) he is only using our tax dollars to invade our privacy, tax dollars which are better spent lowering the budget deficit. What I fear most from the proposal is that if the wiretap chip becomes the standard, strong cryptography will be declared illegal. If such is the case, then only criminals will have access to strong cryptography. As I have stated above-- the wiretap chip will not be used by criminals because of the obvious flaws in the crypto-system-- criminals will use strong crypto, while law-abiding citizens will have to use a system which can be easily defeated by any criminal. Strong cryptography already exists for data communications, for -free-. Strong cryptography for voice communications for -free- is only a few months away for people who own a personal computer. There is no way that making strong cryptography illegal will stop it-- it will only turn otherwise law-abiding citizens into criminals. Sincerely, Sameer Parekh 829 Paddock Lane Libertyville, IL 60048-3743 zane@genesis.mcs.com 708-362-9659 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pat@tstc.edu (Patrick E. Hykkonen) Date: Tue, 20 Apr 93 06:43:02 PDT To: cypherpunks@toad.com Subject: Waco, crypto, and unbreakable links Message-ID: <9304201342.AA08444@tstc.edu> MIME-Version: 1.0 Content-Type: text/plain > We can only speculate that the loss of life > might have been much fewer if the Branch Davidian > cult had a copy of PGP as well as a 2m packet > radio. > > They could have maintained private links with journalists > who could have given us their side of the story, which > now, tragically will never be told. I thought about this yesterday at lunch, at about the time the fire started in the Davidian compound. Only as it applies to the overthrow of a government or such. Agree on the initial frequency and time, then send the next frequency and time encoded in the message text to avoid jamming. "A rebellion is not a few men huddled around a candle talking in whispers. But a large, well funded, organization with an intricate communications network." - Unknown -- Pat Hykkonen, N5NPL Texas State Technical College at Waco {pat,postmaster}@tstc.edu Instructional Network Services PGP Key available by finger. 3801 Campus Dr. Waco, Tx 76705 V:(817) 867-4830 F:(817) 799-2843 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Kang Meng Chow Date: Mon, 19 Apr 93 19:03:57 PDT To: cypherpunks@toad.com Subject: Subscribe me Message-ID: MIME-Version: 1.0 Content-Type: text/plain SUBSCRIBE ME From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peb@PROCASE.COM Date: Tue, 20 Apr 93 10:31:28 PDT To: cypherpunks@toad.com Subject: Re: Sound bite time Message-ID: <9304201727.AA03474@banff> MIME-Version: 1.0 Content-Type: text/plain I like the newer sound bites. ``Having to deposit copies of all your private letters with the authorities, "in case" they need to later read them...'' and ``Giving the government keys to your encrypted messages is like giving them keys to the front door of your house.'' seem best. Phil, About the right to bear arms and crypto-privacy...you are right--it is not a good sound bite for J. Q. Public, but could be a good angle for *understanding* (uhg, I hate this sound bite stuff.) Paul E. Baclace peb@procase.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jet@nas.nasa.gov (J. Eric Townsend) Date: Tue, 20 Apr 93 10:40:23 PDT To: cypherpunks@toad.com Subject: Waco, crypto, and unbreakable links In-Reply-To: <9304200237.AA14578@netcom.netcom.com> Message-ID: <9304201740.AA18148@boxer.nas.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain 1016/2EF221 writes: > We can only speculate that the loss of life > might have been much fewer if the Branch Davidian > cult had a copy of PGP as well as a 2m packet > radio. Yes, we can only speculate. We can only speculate what would have happened if the members who had left had told what they knew -- they had/have many chances, including one member who called media from prison. Maybe the BD's didn't have anything to say in the first place? Koresh et al got plenty of radio time, and had even more time offered. His lawyers negotiated with media for film rights... I don't think PGP/packet would have helped him a bit. Having all his neurons operating in a reality the rest of us live in might have helped a bit more. (I used to live in Texas, and have long known of the "Wackos in Waco", so my sympathy level is a bit low...) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jim@tadpole.com (Jim Thompson) Date: Tue, 20 Apr 93 08:41:58 PDT To: extropians@gnu.ai.mit.edu Subject: Re: (fwd) THE CLIPPER CHIP: A TECHNICAL SUMMARY In-Reply-To: <9304200403.AA18854@netcom3.netcom.com> Message-ID: <9304201041.ZM1104@chiba> MIME-Version: 1.0 Content-Type: text/plain Note that SCIF is not Secure Computer Information Facility, its Secure Compartment(alized) Information Facility. One can only wonder what else Dottie Denning got wrong. What happens to the disk that has 'U' on it? :-) Jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 20 Apr 93 11:01:07 PDT To: cypherpunks-announce@toad.com Subject: Ad hoc Cypherpunks meeting April 24 Message-ID: <9304201754.AA23465@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain ANNOUNCEMENT ============ Ad Hoc Cypherpunks Meeting on the recent Wiretap Chip proposal. Where: Cygnus Support, Mt. View (directions follow) When: 12:00 noon sharp - 6:00 p.m. I'm mad as hell. I know that a lot of other folks are too. So I'm calling an ad hoc meeting to vent some spleen, to calm our heads, and to plan a counterattack. If you have any interest in this whatsoever, please attend. As with all cypherpunks meetings, this meeting is open. Tell anyone you want to tell. Show up. Encourage your friends to show up. I'm going to try to get some of the folks from RSA Data Security to show up, as well as some others who would normally not attend. Eric Hughes cypherpunks list and ftp maintainer AGENDA ====== 12:00 - 6:00 Wiretap chip discussions. There will be a break. DIRECTIONS ========== Cygnus Support 1937 Landings Drive Mt. View, CA 94043 +1 415 903 1400 switchboard +1 415 903 1418 John Gilmore Take US 101 toward Mt. View. From San Francisco, it's about a 40-minute drive. Get off at the Rengstorff Ave/Amphitheatre Parkway exit. If you were heading south on 101, you curve around to the right, cross over the freeway, and get to a stoplight. If you were heading north on 101, you just come right off the exit to the stoplight. The light is the intersection of Amphitheatre and Charleston Rd. Take a right on Charleston; there's a right-turn-only lane. Follow Charleston for a short distance. You'll pass the Metaphor/Kaleida buildings on the right. At a clump of palm trees and a "Landmark Deli" sign, take a right into Landings Drive. At the end of the road, turn left into the complex with the big concrete "Landmark" sign. Follow the road past the deli til you are in front of the clock tower that rises out of one of the buildings, facing you. Enter through the doors immediately under the clock tower. They'll be open between noon and 1PM at least. (See below if you're late.) Once inside, take the stairs up, immediately to your right. At the top of the stairs, turn right past the treetops, and we'll be in 1937 on your left. The door is marked "Cygnus". If you are late and the door under the clock tower is locked, you can walk to the deli (which will be around the building on your left, as you face the door). Go through the gate in the fence to the right of the deli, and into the back lawns between the complex and the farm behind it. Walk forward and right around the buildings until you see a satellite dish in the lawn. Go up the stairs next to the dish, which are the back stairs into the Cygnus office space. We'll prop the door (or you can bang on it if we forget). Or, you can find the guard who's wandering around the complex, who knows there's a meeting happening and will let you in. They can be beeped at 965 5250, though you'll have trouble finding a phone. Don't forget to eat first, or bring food at noon! I recommend hitting the burrito place on Rengstorff (La Costen~a) at about 11:45. To get there, when you get off 101, take Rengstorff (toward the hills) rather than Amphitheatre (toward the bay). Follow it about ten blocks until the major intersection at Middlefield Road. La Costen~a is the store on your left at the corner. You can turn left into the narrow lane behind the store, which leads to a parking lot, and enter by the front door, which faces the intersection. To get to the meeting from there, just retrace your route on Rengstorff, go straight over the freeway, and turn right at the stoplight onto Charleston; see above. See you there! John Gilmore From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jrk@information-systems.east-anglia.ac.uk (Richard Kennaway) Date: Tue, 20 Apr 93 03:21:00 PDT To: cypherpunks@toad.com Subject: Re: True Randoms Message-ID: <23693.9304201020@sys.uea.ac.uk> MIME-Version: 1.0 Content-Type: text/plain I have seen mentioned in sci.electronics (not recently) that true random number generator chips are available off-the-shelf. Texas Instruments was mentioned as one source, but I don't remember details. -- ____ Richard Kennaway \ _/__ School of Information Systems Internet: jrk@sys.uea.ac.uk \X / University of East Anglia uucp: ...mcsun!ukc!uea-sys!jrk \/ Norwich NR4 7TJ, U.K. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Tue, 20 Apr 93 08:56:46 PDT To: Cypherpunks Subject: Another Clipper weakness Message-ID: <930420155129_74076.1041_FHD54-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain Perry asks about the 30-bit serial number. Actually, it appears that the unit key UK is a function of the serial number plus the two 80-bit random numbers input by the escrow agents when the chips are programmed. This would prevent an easy guessing attack as long as these random numbers S1 and S2 are unknown. The one problem is that S1 and S2 are not changed for each chip, but are rather kept the same in programming a batch of about 300 chips. Then they are supposed to be destroyed. The potential weakness is that if someone managed to keep a copy of the S1 and S2 values which were used to program all clipper chips (only about 3000 such values for a million chips), then Perry's suggested attack could work. This would be few enough bits that the unit key could be guessed. Those who are asked to judge the safety of the system will presumably pay careful attention to the measures used to insure that S1 and S2 are not saved. I don't know how they'll check for NSA micro-cameras in the vault ceiling, though... Hal From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dstalder@gmuvax2.gmu.edu (Darren/Torin/Who ever...) Date: Tue, 20 Apr 93 09:10:21 PDT To: cypherpunks@toad.com (CypherPunks) Subject: WIRETAP: Non-technical statement Message-ID: <9304201606.AA10704@gmuvax2.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain I've had some people ask me about a non-technical synopsis of the Wiretap Chip proposal. What follows is it. Can you please look over it for errors? I am still very much the amateur when it comes to cryptography. The WIRE-TAP Proposal: Problems with it. The White House sent out a press release on Friday 16 April about a voice encryption chip called the Clipper chip. This has come to be known as the Wiretap chip since it allows any Law Enforcement agency to automatically decrypt any conversations made with it with a search warrant. The LE presents said search warrant to two different escrow agencies to obtain the keys (80 bits long) that automatically decrypts your conversation. The Electronic Freedom Foundation (EFF) and the Computer Professionals for Social Responsibility (CPSR) have both criticized the proposal. There was even a negative article already in Network World (19 Apr 93). The paragraphs that follow are facts and problems I have collected by listening to other discuss the Wiretap chip. Say you wanted to encrypt your talk with someone over a phone. Well, since you and the person you want to talk to both have the Wiretap (Clipper) chip in your phones, you can automatically encrypt your conversation. All fine and good encryption for the consumer. Now, what if you come under investigation by the local constabulary? The get a court order and ask the escrow agencies (non-law enforcement types) for your key. They already have the family key since that is the same in each chip. They now have your specific key. With these two keys, they can decrypt all conversations that you have. This includes conversations that are not legal to wiretap such as attorney-client, doctor-patient and so on. They also have that key for any all future sessions that you use that phone for. Start to see the problem? This part is all legal... Search warrants are even exceedingly easy to get at times. There have been reports of the FBI get groups of 50 signed and blank search warrants from the DoJ. Now, there are other problems. Would you give the IRS keys to your house and filing cabinet as long as they promised that they would only use it under proper authorization? The key length of 80 bits is still considered cryptographically weak. It would take determined effort by an agency with a supercomputer but your key could be broken. The cryptographic algorithm is also being kept classified. This is not the usual practice. In the cryptographic community, algorithms are public. This way people can be assured there aren't any back doors and that the algorithm can stand on its own strengths, not that of secrecy. It has also been hinted at by NIST (the agency behind the technical implementation of the chip.) that the chip could be compromised if the algorithm was made public. It is not that difficult to reverse engineer a chip these days. Finally, some of the implications behind this announcements are dire. The Wiretap chip could become the market or legislative standard. This could mean that other implementations of cryptographic voice transactions would be very difficult to obtain or would be illegal to obtain. Why would a criminal use the Wiretap chip when they knew it wouldn't encrypt their conversations against the LE agencies? They wouldn't, they would use other encryption technologies. Would this mean that using something other than the Wiretap chip is probable cause and puts you under suspicion? One last fishy thing is that AT&T has already (on the same day) announced phones with this chip. This implies (means?) that AT&T has known about this chip for a while. They seem to be more concerned about getting a jump on the competition than producing a product that will actually give their users real security. 'Course, there is the question of collusion between the governement and industry. Only two companies will be allowed to manufacture the chip, VLSI and Mykotronix. Jeff Hendy, director of new product marketing for VLSI, says his company expects to make $50 million of the chip in the next 3 years. (This from the San Jose Mercury News.) Hopefully, I haven't left stuff out. I am going to forward this to cypherpunks for the experts there to check it out. Think free, -- Defeat the Torin/Darren Stalder/Wolf __ Wiretap Chip Internet: dstalder@gmuvax2.gmu.edu \/ PGP2.x key available. Proposal! Bitnet: dstalder@gmuvax Finger me. Write me for Sprintnet: 1-703-845-1000 details. Snail: 10310 Main St., Suite 110/Fairfax, VA/22030/USA DISCLAIMER: A society where such disclaimers are needed is saddening. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: TO1SITTLER@APSICC.APS.EDU Date: Tue, 20 Apr 93 12:23:58 PDT To: cypherpunks@toad.com Subject: cypherpunks vs. cryptoprivacy Message-ID: <930420132135.2132@APSICC.APS.EDU> MIME-Version: 1.0 Content-Type: text/plain I agree with those who think that "CypherPunks" is a bad name for the list. It brings up negative associations in the minds of outsiders, who are, after all, the people who we want to influence against the Big Brother wiretap chip. Kragen From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com Date: Tue, 20 Apr 93 10:35:05 PDT To: cypherpunks@toad.com Subject: Re: Wiretapping chip: vid clips & sound bites Message-ID: <9304201734.AA09381@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text I strongly agree with Ray Cromwell's suggestions that we consistently refer to "the wiretap chip", and avoid "drug dealer" examples. One that might be closer to home when you need an example is "Suppose the IRS thinks you may have cheated on your income tax and decides they want to wiretap your phone ..." It's within the range of things people imagine could happen to them, and it makes the point that it's *their* phone that's being trapped, not some public enemy bogeyman. Making it personal is important... Bill # Bill Stewart wcs@anchor.ho.att.com +1-908-949-0705 Fax-4876 # AT&T Bell Labs, Room 4M-312, Crawfords Corner Rd, Holmdel, NJ 07733-3030 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: szabo@techbook.com (Nick Szabo) Date: Tue, 20 Apr 93 13:33:45 PDT To: cypherpunks@toad.com Subject: Re: WIRETAP: Non-technical statement In-Reply-To: <9304201609.AA20256@churchy.gnu.ai.mit.edu> Message-ID: MIME-Version: 1.0 Content-Type: text/plain > [proposed press statement] > .... > This has come to be known as the > Wiretap chip since it allows any Law Enforcement agency to automatically > decrypt any conversations made with it with a search warrant. > ... I understand there are some situations where law enforcement agencies can gain access to keys _without_ a search warrant, and furthermore access to the keys allows wiretapping of conversations that go well beyond the scope of the search warrant. This might be better phrased "with, or in many cases even without, a search warrant". Does anybody know of specific examples of wiretapping without a search warrant, or beyond the scope of the search warrant that we can cite? Especially famous ones (didn't Nixon wiretap somebody?) Question: does there need to be a warrant to search *both* parties in a conversation, or just one? What if one of the parties is a foreign citizen calling from their homeland? What about conference calls? In addition to lawyer-client and doctor-patient conversations, ubiquity of the wiretap chip allows the U.S. government exclusive access to recording the following calls under the rubric of a "secure" system: * husband-wife * psychologist-client * priest-confessor * foreign tourists, businessmen, and diplomats * international phone calls * phone calls outside the U.S. involving Clipper phones (last I heard AT&T was planning to export the wiretap chip phone, can that be verified?) * etc. We might design a special press release to be sent to the *international* press and foreign companies. We might especially target electronics giants like Matsushita, Phillips, Siemens, Fujitsu, NEC, etc. that can make alternative chips if they feel there is market demand for privacy from U.S. spooks who speak of using the wiretap chip to "enhance U.S. economic competitiveness". This might be a joint venture with U.S. companies like Security Technologies Inc. that AT&T and the U.S. government have screwed with their collusion. The vast majority of consumer-product chips are manufactured outside the U.S. It is doubtful that VLSI can compete, much less corner the market if international concern is raised over the potential U.S. wiretapping monopoly. However, we do need to do this in such a way that we do not encourage foreign government escrow-key schemes. Let's use the term "wiretap chip" for the entire class of escrow-key hardware schemes. I think we have a shot at giving the entire class of Denning-style schemes a bad reputation in the international community. One desirable foreign government action would be to ban the import of phone equipment containing escrow-key chips from the U.S.; a very undesirable outcome is for foreign governments to set up their own escrow-key systems. Primarily, we want to give wiretap chips a bad reputation in the market. We also need to dig up information on the phone call archives being kept by the NSA and other agencies. How extensive are they? Is there any guarantee phone calls will be deleted after some period, or are phone calls once tapped stored forever on some CD-ROM? Can foreign companies operating in the U.S. have any confidence that the U.S. government is not wiretapping their phones, gleaning trade secrets and distributing them to favored U.S. megacorps like AT&T? If we don't have answers to these questions we need to ask them, in public and often. Nick Szabo szabo@techbook.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "L. Detweiler" Date: Tue, 20 Apr 93 14:01:03 PDT To: cypherpunks@toad.com Subject: Denning Unmasked Message-ID: <9304202034.AA24791@crestone> MIME-Version: 1.0 Content-Type: text/plain Denning, April 19 >I'd like to add that I was not in >any way involved. I found out about it when the FBI briefed me on >Thursday evening, April 15. Mr. May calls Mrs. Denning's claims that she was ``not in any way involved'' with this project ``curious''. I'm a bit amazed at everyone's tiptoeing around Mrs. Denning and reluctance to challenge her outright given overwhelming evidence as to her two-facedness. Maybe it is her established reputation in the field, maybe it is her cryptography book, maybe it is her participation at conferences like CFP. Nevertheless, I cannot let lies stand. Mrs. Denning wants to have her cake and eat it too. She wants to be perceived as an unbiased academic and taken seriously for her participation in scientific forums. She also wants to mask her involvement in this proposal, which for me, appears unequivocal, and only the *degree* and *extent* is unclear. I cannot comprehend how she cannot be involved. It would not be so outrageous if she stated that ``I cannot comment on my involvement for obvious reasons''. But her denial to me has all the signs of a desperate fabrication. Lets look at what she's done: 1. She was the *first*, if I'm not mistaken, to bring up the idea of splitting keys among impartial agencies many months ago on sci.crypt after the firestorm and barrage of protests on the initial balloon on key registration. 2. She has shown ``prescient insight'' (as another tiptoer noted on sci.crypt) into anticipating major aspects of the proposal. Key registration itself was largely unheard-of until she began advocating the idea. She posts a massive technical description to sci.crypt less than a week after her initial ``briefing''. 3. The rhetoric (more aptly called propaganda) of the public announcement closely mirrors words and arguments she used in the initial debate on sci.crypt, esp. the ``need to balance legitimate law enforcement goals with privacy.'' 4. Since she persists in her sheer, ugly chutzpuh, and people here and on sci.crypt are still pussyfooting around her, I must offer my new evidence. In early April I became extremely concerned about her continuing advocation of key registration in the recent further CACM articles in the face of such vocal opposition and defiance on sci.crypt. I was astonished with the claims in her latest posting to sci.crypt when I read it on 28 March, and replied to it. I expressed my appreciation for her postings, because ``you're definitely one of the most highly regard personalities in this area posting publicly,'' (I was disenchanted enough then not to say `authority') and I wrote of my extreme concern with her seeming evasion of addressing critical aspects of the key-registration idea from a scientific standpoint. I advised her to ``abandon the idea to salvage the remainder of your reputation''. I will be quoting only some critical parts of her letter now (there is only one, but it speaks volumes), and I ask that I not be assaulted for this, because in my opinion the extreme circumstances merit it, and her hypocrisies cannot go unchallenged! Her comments follow her pattern of revealing a few more details of the overall plan after being violently assaulted on the revealed ones. (I remind the reader that this all transpired before any knowledge on my part whatsoever of the Clipper proposal, but apparently not before her own...) - - - L.D.: (Sun, 28 Mar 93 22:13:06 -0700) >The issue is not that "the government is corrupt QED" but that such a >system would be such a tremendous temptation to a government only bordering >on moral rectitude, as ours generally is... Part of the idea of >democracy is not even INTRODUCING mechanisms that have a potential for >extremely insideous and treacherous abuse. D.D.: (Tue, 30 Mar 93 17:23:14 EST) >I am convinced that with the new technologies and crypto, we can make it >extremely difficult -- much more difficult than now -- for the government >to perform illegal taps. L.D.: (Sun, 28 Mar 93 22:13:06 -0700) >I like those new technologies for the same revolutionary reasons. >hehe, we can make it IMPOSSIBLE right now for the government to tap AT >ALL. I guess you can imagine how appealing your proposal is in the face >of this. We're doing just fine, thank you very much. The best thing >the government can do on this issue is STAY OUT OF IT. Given it's >unweildy and intrusive history, this is quite an optimistic expectation. - - - L.D.: (Sun, 28 Mar 93 22:13:06 -0700) >There are just no good assurances that these kind of systems won't >be radically abused, and until you describe precisely how to do this >most reasonable people will not touch your proposals with a 20ft >pole, even in cyberspace... D.D.: (Tue, 30 Mar 93 17:23:14 EST) >Obviously a much more detailed proposal would be needed in >order to answer all the questions people have asked. L.D.: (Tue, 30 Mar 93 17:03:04 -0700) >We eagerly await such a proposal from you or others, to show how none >of the specifics can possibly be implemented without a totalitarian >state, bizarre and unrealistic assumptions, unbearable and >anti-competitive commercial restrictions, or new grotesque government >bureacracies. - - - L.D.: (Sun, 28 Mar 93 22:13:06 -0700) >The issue is not that "criminals won't comply QED" >but that "enforcement is impossible except in a totalitarian state". D.D.: (Tue, 30 Mar 93 17:23:14 EST) >Not necessarily if you don't try to demand 100% compliance. Everyone is >required to register their car, and this has not required a totalitarian state. >Compliance might be enforced only when there is already probably cause and >a warrant issued. Compliance might be promoted by putting requirements on >products that are sold. L.D.: (Tue, 30 Mar 93 17:03:04 -0700) >I object to this vehemently. I consider this somewhat of a subterfuge. >The public then may not be aware how much they are spending to promote >an agenda of the anointed government officials' plans detrimental to >privacy. It would weaken technological competiveness, for companies to >be burdened by these artificial and warped restrictions. > >Unfortunately, I find it one of your most dangerously insidious ideas, >because it has the most likelihood of influencing some naive, >uninformed, and misguided policymaker... > >These policies you have in mind are exactly the kind that sound good on >paper and intent, but when implemented come nothing close to the >intentions of the purveyors, who on hint of failure would then >disassociate themselves, saying that ``it wasn't implemented according >to my suggestions.'' That's the problem, its an inherently flawed idea >to begin with, and NO implementation would have the desired effect... - - - D.D.: (Tue, 30 Mar 93 17:23:14 EST) >I do not find >sci.crypt a constructive environment to explore the issues or try to develop >a more concrete proposal, so I will use other forums for this. L.D.: (Tue, 30 Mar 93 17:03:04 -0700) >definitely, Usenet has all the delicacy, subtlety and finesse of a >melee. On the other hand, it also has a low tolerance for pretentious >and impractical ideas ... > >I'm serious. I think you ought to stop promoting the idea. Otherwise, >the label "Denning Proposal" will have all the valiant credibility that >the label "Chamberlain Treaty" had after WWII.... Don't say I didn't warn >you! > >Do you know how much trouble the NSA has caused for the development and >proliferation of cryptography? Do you think they have harmed American >interests in the international market? Weakened their ability to >compete? I guarantee that all this would PALE TOTALLY in comparison to >any kind of key-registration scheme, and would earn its advocates, in >historical hindsight, the utmost black discredit imaginable. - - - Mrs. Denning did not respond to my letter of Tue, 30 Mar 93 17:03:04 -0700, for obvious reasons... Let me add that of all the things she wrote about, the `commercial compliance by requirements on products sold' alarmed me the most, and I thought she might be hinting at Telephony-style bill. I considered sending a warning to the cypherpunk list, but decided that it would be premature and I intended to watch and wait for more signs first... Perhaps I am condemning aspects of my own future in academic circles for attacking Denning. Perhaps I am the subject of zealous blacklisting at this moment for my public comments on the Clipper chip. But I cannot be silent in the face of repulsive and outrageous hypocrisy. Because of her denial, I have no alternative but to recognize Mrs. Denning as the intellectual and moral equivalent of a double-agent. She is a traitor to at least *one* cause. I hope her friends involved in the Clipper proposal appreciate her work in that area, because, for me, she no longer has any credibility whatsoever as an unbiased cryptographic authority or an honest and ethical scientist. Like a compromised code, the integrity has been lost... NOTE! this letter is a *warning* for the private cypherpunks list only! I do not grant, and specifically prohibit, redistribution. If Mrs. Denning publicly addresses the points I have raised in this letter, I will consider my sincere trust misguided and violated. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: norm@netcom.com (Norman Hardy) Date: Tue, 20 Apr 93 14:45:48 PDT To: cypherpunks@toad.com Subject: Webs of Trust vs Trees of Trust Message-ID: <9304202145.AA19546@netcom2.netcom.com> MIME-Version: 1.0 Content-Type: text/plain I have worked with the NCSC (National Computer Security Center) on certifying operating systems according to the "Orange Book". As I understand RIPEM there is a tree of agencies such that everyone must trust all elements of the tree between him and the root. This is much ingrained in all of the legally mandated security systems that I am aware of. It assumes, at first glance, that there is a root, an inner sanctum, which is totally trusted by all. The Orange Book for operating system security has such assumptions embedded deeply. We had to essentially weeken our security features by disableing our "mutually supicious user" logic to meet their requirements. >In <40485.pfarrell@cs.gmu.edu> Pat Farrell says: >At this Fall's National Computer Security Conference, Mr. McNulty >was a speaker on the NIST's digital signature session. They talked about >both the non-RSA DSS, and use of Certifying Authorities with a RSA-based >scheme. >>At that same conference, I gave a paper on security that described >a fishnet of trust between systems. This was written in February 92, >well before I read Phil's "web of trust" from the PGP docs, which I >read sometime over the summer. >During the Q&A, I asked Mr NcNulty to compare the advantages and >disadvantages of a heirarchical CA approach to an interlocking fishnet/web >of trust. I hoped he would at least recognize that any heirarchy has >problems from the top down if an upper level is compromised. Instead, >he could not address any differences. I believe that working in the >government has made the hierarchy seem to be the only implementation that >he envisioned. He fobbed the question off to one of his technical >underlings, but he, too, was unable to answer it (or even coherently >address it). It is a pervasive mind-set in military security. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: norm@netcom.com (Norman Hardy) Date: Tue, 20 Apr 93 15:46:00 PDT To: cypherpunks@toad.com Subject: Webs of Trust vs Trees of Trust Message-ID: <9304202246.AA26311@netcom2.netcom.com> MIME-Version: 1.0 Content-Type: text/plain I have worked with the NCSC (National Computer Security Center) on certifying operating systems according to the "Orange Book". As I understand RIPEM there is a tree of agencies such that everyone must trust all elements of the tree between him and the root. This is much ingrained in all of the legally mandated security systems that I am aware of. It assumes, at first glance, that there is a root, an inner sanctum, which is totally trusted by all. The Orange Book for operating system security has such assumptions embedded deeply. We had to essentially weeken our security features by disableing our "mutually supicious user" logic to meet their requirements. >In <40485.pfarrell@cs.gmu.edu> Pat Farrell says: >At this Fall's National Computer Security Conference, Mr. McNulty >was a speaker on the NIST's digital signature session. They talked about >both the non-RSA DSS, and use of Certifying Authorities with a RSA-based >scheme. >>At that same conference, I gave a paper on security that described >a fishnet of trust between systems. This was written in February 92, >well before I read Phil's "web of trust" from the PGP docs, which I >read sometime over the summer. >During the Q&A, I asked Mr NcNulty to compare the advantages and >disadvantages of a heirarchical CA approach to an interlocking fishnet/web >of trust. I hoped he would at least recognize that any heirarchy has >problems from the top down if an upper level is compromised. Instead, >he could not address any differences. I believe that working in the >government has made the hierarchy seem to be the only implementation that >he envisioned. He fobbed the question off to one of his technical >underlings, but he, too, was unable to answer it (or even coherently >address it). It is a pervasive mind-set in military security. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Tue, 20 Apr 93 13:13:48 PDT To: CYPHERPUNKS Subject: Re: Another Clipper weakness Message-ID: <930420195747_74076.1041_FHD36-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- From: "Perry E. Metzger" > I've just looked over the proposal again, and I've seen no mention of > random inputs -- only that the 30 bit key would get a "fixed 34 bit > padding" added to it. Here is what Denning's writeup says: At the beginning of a session, a trusted agent from each of the two key escrow agencies enters the vault. Agent 1 enters an 80-bit value S1 into the laptop and agent 2 enters an 80-bit value S2. These values serve as seeds to generate keys for a sequence of serial numbers. To generate the unit key for a serial number N, the 30-bit value N is first padded with a fixed 34-bit block to produce a 64-bit block N1. S1 and S2 are then used as keys to triple-encrypt N1, producing a 64-bit block R1: R1 = E[D[E[N1; S1]; S2]; S1] . Similarly, N is padded with two other 34-bit blocks to produce N2 and N3, and two additional 64-bit blocks R2 and R3 are computed: R2 = E[D[E[N2; S1]; S2]; S1] R3 = E[D[E[N3; S1]; S2]; S1] . R1, R2, and R3 are then concatenated together, giving 192 bits. The first 80 bits are assigned to U1 and the second 80 bits to U2. The rest are discarded. The unit key U is the XOR of U1 and U2. U1 and U2 are the key parts that are separately escrowed with the two escrow agencies. Here, the notiation E[X; Y] means to encrypt 64-bit number X using 80-bit key Y with the Skipjack algorithm. U1 and U2 come from concatenating R1, R2, and R3. Each of R1, R2, and R3 is a function not only of N, the serial number, along with the 3 fixed 34-bit blocks, but also S1 and S2, the two random numbers entered by agents from the escrow organizations. > > The one problem is that S1 and S2 are not changed for each chip, but are > > rather kept the same in programming a batch of about 300 chips. Then > > they are supposed to be destroyed. > > This was not clearly implied, either. Furthermore, no clear reason has > been stated why all this complexity is needed and U1 and U2 can't just > be randomly generated. All Clipper Chips are programmed inside a SCIF (secure computer information facility), which is essentially a vault. The SCIF contains a laptop computer and equipment to program the chips. About 300 chips are programmed during a single session. The SCIF is located at Mikotronx. I agree that the process seems complex. Why should the keys U1 and U2 be correlated with the serial number in this way? Here is one thought: The most straightforward approach would be to get two random seeds, S1 and S2, and use them to run a PRNG that produces U1 and U2, the two key-halves, and N, the serial number. But the problem with this is that you are depending on the security of your PRNG to ensure that there is no correlation between N and U1/U2. Ordinary PRNG's might allow some correlation to exist. This would be weak because then just knowing the N of your chip might allow a good organization like NSA to crunch out U1 and U2 without going through the escrow agencies, by exploiting weaknesses in the PRNG. Instead, they go through a roundabout process which appears to show that the relationship between N and U1/U2 is as strong as the Skipjack algorithm itself, in fact when run in a triple-encryption mode. If NSA had a way, given N, to produce U1/U2, then it would appear that they must be able to break Skipjack, in which case they wouldn't need U1/U2. So this key generation process can be argued not to introduce any new vulnerability in the system. Hal -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK9QrV6gTA69YIUw3AQGGrAP/Rmx0H603b1EdBIsiGuc637wptW133IFU /irxw+aCPrL3yOzuBTQbUW+LeMIwpC+Y8DARkAohxnIjhuu/aQXVnIvJPPiUSPr0 fz2PLxhA5tgjVAH0e5xvl9K+CgWnRXazd9Tp+Zbi/xAiWz0PI6kff4QtNG13p1xw /V0dGDb4tec= =XgfH -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Tue, 20 Apr 93 13:32:50 PDT To: Hal <74076.1041@compuserve.com> Subject: Re: Another Clipper weakness In-Reply-To: <930420195747_74076.1041_FHD36-1@CompuServe.COM> Message-ID: <9304202032.AA23137@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain Hal says: > Here is what Denning's writeup says: > > At the beginning of a session, a trusted agent from each of the two key > escrow agencies enters the vault. Agent 1 enters an 80-bit value S1 > into the laptop and agent 2 enters an 80-bit value S2. These values > serve as seeds to generate keys for a sequence of serial numbers. > > To generate the unit key for a serial number N, the 30-bit value N is > first padded with a fixed 34-bit block to produce a 64-bit block N1. > S1 and S2 are then used as keys to triple-encrypt N1, producing a > 64-bit block R1: [...] I've reread the text again. There seems to be no assurance at all that S1 and S2 are random or that they are not the same for all chips. There also seems to be no rational explanation of why N is only thirty bits long -- its a strange number in the modern world of computing. > I agree that the process seems complex. Why should the keys > U1 and U2 be correlated with the serial number in this way? Here is > one thought: > > The most straightforward approach would be to get two random seeds, > S1 and S2, and use them to run a PRNG that produces U1 and U2, the > two key-halves, and N, the serial number. The number N is not secret and is not random -- it is therefore not necessary that the PRNG generate N, and indeed N is not generated, it is given. Its presumably just an ordinary serial number. > But the problem with this is that you are depending on the security > of your PRNG to ensure that there is no correlation between N and > U1/U2. Ordinary PRNG's might allow some correlation to exist. This > would be weak because then just knowing the N of your chip might allow > a good organization like NSA to crunch out U1 and U2 without going > through the escrow agencies, by exploiting weaknesses in the PRNG. > > Instead, they go through a roundabout process which appears to show that > the relationship between N and U1/U2 is as strong as the Skipjack > algorithm itself, in fact when run in a triple-encryption mode. > If NSA had a way, given N, to produce U1/U2, then it would appear > that they must be able to break Skipjack, in which case they wouldn't > need U1/U2. So this key generation process can be argued not to > introduce any new vulnerability in the system. Why not just generate U1 and U2 by a more straighforward approach that doesn't involve strange padding and odd randomly selected constants? Indeed, why not just use true random numbers? Surely a radioactive source isn't unavailable to Mykotronix. Furthermore, Denning says about 300 chips are programmed in a batch using baroque methods in a vault. Well, folks, that just won't do if twenty or thirty million of these babys are being sold a year -- or even if just five million are sold a year. Seems to me that the processing is going to have to get more efficient, and likely thus much more sloppy. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: norm@netcom.com (Norman Hardy) Date: Tue, 20 Apr 93 17:08:25 PDT To: cypherpunks@toad.com Subject: Anonymous Remailers, WB etc. Message-ID: <9304210008.AA25503@netcom4.netcom.com> MIME-Version: 1.0 Content-Type: text/plain If I were chartered to be prepared to find the source of anonymous mail, and had the money, attitude and resources that skeptics among us assume are available for such efforts, here is how I would proceed. This plan is due, in part, to my experience in building secure operating systems. I would catalog the various weaknesses of Unix and perhaps other systems where the remailers live. I would make a list of remailers and suspected remailers. I would design programs that would inhabit the remailer machines benignly except for gathering information that I need. Such efforts are a natural by product of the public NCSC charter to know OS weaknesses. I would further examine the IP protocols for weaknesses. Those protocols trust not only the machines thru which the data flows but also trusts other machines on the net not to introduce phony datagrams that at least bolix legitimate traffic and may well spoof it. This is aided by a real time passive tap on the links carrying the legitimate traffic. It is not the style of this group to study OS security and I don't propose to change the style. OS security and protocol security may, however, be an Achilles heel to anonymity. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Tue, 20 Apr 93 14:26:00 PDT To: CYPHERPUNKS Subject: Re: Another Clipper weakness Message-ID: <930420210931_74076.1041_FHD64-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- From: "Perry E. Metzger" > The number N is not secret and is not random -- it is therefore not > necessary that the PRNG generate N, and indeed N is not generated, it > is given. Its presumably just an ordinary serial number. Yes, sorry, I was confused about that. N is indeed an ordinary serial number. > Why not just generate U1 and U2 by a more straighforward approach that > doesn't involve strange padding and odd randomly selected constants? > Indeed, why not just use true random numbers? Surely a radioactive > source isn't unavailable to Mykotronix. Again, I think the fact that the S1 and S2 are introduced by agents of the escrow organizations is supposed to make the process appear more trustworthy. Since the escrow organizations must be trusted, it does not add any weaknesses to have them creating the random seeds for the keys. Getting numbers from a true random source would be better in some ways, but it would be hard to know whether the source was truly random and was not subtly hacked by the NSA to reduce the randomness. Verifying the randomness of a black box could not be done easily on site. With the S1/S2 approach, theoretically an escrow agent could stop the process at some point and issue a challenge, making S1 and S2 public and verifying that the keys were in fact generated by the specified algorithm. However, there has been no discussion of such a challenge in the key-creation protocol. > Furthermore, Denning says about 300 chips are programmed in a batch > using baroque methods in a vault. Well, folks, that just won't do if > twenty or thirty million of these babys are being sold a year -- or > even if just five million are sold a year. Seems to me that the > processing is going to have to get more efficient, and likely thus > much more sloppy. Yes, this is a good point, although it depends on the specific numbers of chips being produced and how long it takes to go through this process for a batch of 300 chips. I gather that the chips are actually programmed in this vault, under control of the laptop computer which holds the keys (and is then destroyed? Ha!). If they had a batch programmer which actually did 300 chips in a tray, then several batches could be done in a sitting. There are probably a few hundred million phones in the U.S., but I doubt that more than a few percent of them would be secure phones in the next three or four years. This might correspond to a production level of a few hundred thousand chips per year, which would be a couple of dozen batches per week. This sounds doable. Beyond this point there would be problems, though. Probably other manufacturers would be involved by then. Hal -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK9Q8HKgTA69YIUw3AQEYkwP/USkSY0pWeJEBXT+A8guzc+pVXJzNXExk alGJoOLo3E9ZvJEW/e1sbO9TM1AjGnXdHrPMACqIdPUHdn+wnKE3jLBH/026ncQw POeYBIaKuqvkV0HMkf3ebu4YXr06D9o3sapl0DnpZDm5RNUkoGpUvKpWa6EEJUDt yBuCGiW5qsk= =tpn9 -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Timothy Newsham Date: Tue, 20 Apr 93 20:30:16 PDT To: psionic@wam.umd.edu (Haywood J. Blowme) Subject: Re: Artilce In-Reply-To: <199304210237.AA27464@rac3.wam.umd.edu> Message-ID: <9304210329.AA07440@relay2.UU.NET> MIME-Version: 1.0 Content-Type: text/plain this is exactly like the vhs vs. beta issue. Beta is technically superior, yet it isnt used because its non-standard, its just too good for our public :) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: zane@genesis.mcs.com (Sameer) Date: Tue, 20 Apr 93 17:28:52 PDT To: cypherpunks@toad.com Subject: Petition to Clinton, digisigned Message-ID: MIME-Version: 1.0 Content-Type: text/plain I noticed someone post about writing up a petition and emailing it to Pres. Clinton, signing it with digital signatures, but that was in a joking manner. To me it seems like a good idea. What do others think? Good/bad? (I'm not too PGP-experienced-- The petition would be circulated and people would create "signature certificates" and forward those to the person sending the petition-- once all the signatures are collected then the petition and all the certificates would be sent together? I'd imagine that the signatures certs could be sent in a different package than the petition, but I don't think Clinton's aides would be able to recognize that all the certificates belong with the petition.) -- | Sameer Parekh-zane@genesis.MCS.COM-PFA related mail to pfa@genesis.MCS.COM | | Apprentice Philosopher, Writer, Physicist, Healer, Programmer, Lover, more | | "Be God" - Me __ "Specialization is for Insects" - Robert A. Heinlein ____/ \_____________/ \____________________________________________________/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Douglas Barnes Date: Tue, 20 Apr 93 21:11:35 PDT To: cypherpunks@toad.com Subject: Re: Objections... In-Reply-To: <199304201220.AA27725@access.digex.com> Message-ID: <9304210108.AA07845@wixer> MIME-Version: 1.0 Content-Type: text/plain Peter Wayner writes: > I think this is the most practical and non-inflamatory argument > for public access to the algorithm. Along the same lines, I am left scratching my head about the "baroque activities in the vault." Surely this is going to add substantially to the cost of these chips over a system that uses a known algorithm and non-escrowed keys. Given that such a system would be cheaper to produce and would offer stronger security, I think it is not especially inflamatory to suggest that the government is contemplating either an outright ban or the strong discouragement of alternative systems. -- Doug Barnes (gumby@wixer.bga.com) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uni@acs.bu.edu (Shaen Bernhardt) Date: Tue, 20 Apr 93 17:23:27 PDT To: cypherpunks@toad.com Subject: No Subject Message-ID: <9304210023.AA194636@acs.bu.edu> MIME-Version: 1.0 Content-Type: text/plain Does anybody know of specific examples of wiretapping without a search warrant, or beyond the scope of the search warrant that we can cite? Especially famous ones (didn't Nixon wiretap somebody?) ----- By exec. order (12333 is it?) those suspected of espionage for a foreign may be wiretaped, searched without warrant. (foreign = foreign power) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mark C. Henderson Date: Tue, 20 Apr 93 20:43:40 PDT To: norm@netcom.com (Norman Hardy) Subject: Re: Webs of Trust vs Trees of Trust Message-ID: MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Subject: Re: Webs of Trust vs Trees of Trust On Apr 20, 14:45, Norman Hardy wrote: } Subject: Webs of Trust vs Trees of Trust } As I understand RIPEM there is a tree of agencies such that everyone } must trust all elements of the tree between him and the root. I just want to point out (as has been pointed out before) that it is a mistake to confuse RIPEM with PEM. RIPEM is an implementation of a subset of PEM. At this moment, RIPEM has absolutely no support for certificates or signed public keys. PEM on the other hand, is a draft internet standard which requires certificates and a hierarchy that can be described as a "Tree of Trust". There are at least a couple of full PEM implementations. Probably the best known at this point is the one from T.I.S. which is currently in beta test. Apologies in advance for cluttering the mailboxes of the majority of cypherpunks who already know this. Mark - -- Mark Henderson mch@squirrel.wimsey.bc.ca markh@wimsey.bc.ca -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK9S+T+I11LPFgBXjAQF9EwP+J69peq9ccWAvKIlzVRI88QbD5ZN4RIwA GmVw8FzOCAu0tK3MQqoeBu+//gQfD6MoEBeGXvBzXJffNGVc2UvPk8vr/uB1y9Je K5y7mlQNrGoil9wxv6kR9IgVgHzkOsXBSo3Uv/ldpVQL82jR4Ms0qccF8fAcjpHB wDtNiEZkPc4= =Yo4O -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eli Brandt Date: Tue, 20 Apr 93 21:07:30 PDT To: cypherpunks@toad.com Subject: Re: Article In-Reply-To: <199304210237.AA27464@rac3.wam.umd.edu> Message-ID: <9304210407.AA29203@toad.com> MIME-Version: 1.0 Content-Type: text/plain > From: "Haywood J. Blowme" [ quoting an article ] > President Clinton gave a major boost yesterday to one telephone- > scrambler technology in a decision its delighted manufacture likens to the > choice of VHS over Beta for videotape machines. Interesting that they picked that particular analogy. It's quite close, in that it's an inferior technology winning over a superior one. It's different, of course, in that the Federales had nothing to do with videotape standards (afaik), and certainly didn't outlaw Beta. > An administration official said the consideration will be given to > BANNING more sophisticated systems investigators cannot crack, thereby > creating a balance between banning private encryption and declaring a public > right to unbreakably coded coversations. Right on schedule. "Consideration will be given", will it? This looks like a good time to load up on source code and photocopy relevant journal articles. While it won't sway Joe Public much, it's worth remembering that the suppression of strong communications privacy will also make it difficult or impossible to get good digicash (or other systems relying on cryptographic techniques) deployed before our government proposes its "just one little loophole" scheme, HarmoniousBalanceCash. Don't worry, transaction records will only be released upon formal request from the IRS or a major marketing division, and only suspected drug users and potential terrorists will have their assets annulled. And statute strictly prohibits intelligence agencies from padding their assassination budgets by using the loophole to forge cash. PGP 2 key by finger or e-mail (offer void when prohibited) Eli ebrandt@jarthur.claremont.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: szabo@techbook.com (Nick Szabo) Date: Tue, 20 Apr 93 21:08:38 PDT To: cypherpunks@toad.com Subject: European front: wiretapping vs. GSM Message-ID: MIME-Version: 1.0 Content-Type: text/plain Forwarded from comp.dcom.telecom: Subject: Re: Truly Amazing, Truly Amazing ... Feds Reply-To: Michael_Lyman@sat.mot.com Message-ID: Organization: Motorola Inc. - Satellite Communications Sender: Telecom@eecs.nwu.edu In article 1@eecs.nwu.edu, naddy@mips.ruessel.sub.org (Christian Weisgerber) writes: > I wonder, is the signal only digitally encoded or digitally encoded > and *additionally* encrypted? Yes on both counts. On the air interface between the base station ( BSS ) and mobile station ( MS ) the signals are digitally encoded. Traffic channel rate is 13 Kb/s. In addition to this, ciphering is done to protect the signalling channel such that user data privacy is provided then, encryption is provided for all voice traffic. As an aside, the GSM system also assigns "alias" subscriber numbers which are changed automatically with ( usually ) every call -- the subscribers real phone number is never ( well, almost never ) used over the air. > I'm getting a little paranoid over this, but in Germany when you buy > an approved wireless phone you are told that it is impossible to > listen in to it. Bullsh*t. In fact it's only impossible to listen in > with another (unmodified) wireless phone -- just get a scanner and > you're in. For GSM, the level of privacy for both signalling and voice is considerable. Just to give you an idea, encryption keys change for each call made by the subscriber and the encryption algorithms use the changing physical properties of the radio channel. As a matter of fact, GSM is SO secure that several European governments including Britain are insisting that the scrambling algorithm ( called A5 in GSM ) be modified to allow at least government operatives ( read "undercover eavesdroppers" ) to listen in on suspected criminal activities. Agencies such as GCHQ, the British government's listening post near Cheltenham and the FBI in America are concerned that the A5 scrambling algorithm provided with the GSM Mobile Stations is equivalent to many military systems and in fact when exported may be adapted for military applications. Vendors of GSM equipment are starting to run into export problems due to the nature of the encryption / ciphering. Although there are some industrious "scanners" out there, I dare say that listening in on a GSM conversation will be a bit of a job. Michael Lyman Motorola - Iridium Phoenix, Arizona From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: eab@msc.edu (Edward Bertsch) Date: Tue, 20 Apr 93 20:20:57 PDT To: hughes@soda.berkeley.edu (Eric Hughes) Subject: Re: Ad hoc Cypherpunks meeting April 24 In-Reply-To: <9304201754.AA23465@soda.berkeley.edu> Message-ID: <9304210320.AA01800@uh.msc.edu> MIME-Version: 1.0 Content-Type: text As I wasn't able to attend this meeting (for obvious geographic reasons) I did the next best thing (and urge every concerned list member to do the same): I gave my elected goons^h^h^h^h^hpoliticians a barrage of fax messages on the subject. If you don't have a fax modem, it's about time you get one, it really is the best way to make your views heard by your elected thugs (and to have them heard in your words, not summarized like will happen when you call and give your message to their staff by voice). I write one leter, then select multiple (local) fax phone #'s to send it to. The program takes care of the rest. (I use a multitech modem with a beta version of the windows print capture fax software) Get PGP22 before it becomes illegal! Edward A. Bertsch (eab@msc.edu) Minnesota Supercomputer Center, Inc. Operations/User Services 1200 Washington Avenue South (612) 626-1888 work Minneapolis, Minnesota 55415 (612) 645-0168 voice mail FAX: (612) 624-6550 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Haywood J. Blowme" Date: Tue, 20 Apr 93 19:37:26 PDT To: cypherpunks@toad.com Subject: Artilce Message-ID: <199304210237.AA27464@rac3.wam.umd.edu> MIME-Version: 1.0 Content-Type: text/plain The Washington Times April 17, 1993 Saturday, Final Edition Government picks affordable chip to scramble phone calls. By Frank J. Murray [Nasty sarcastic comments inserted by psionic@wam.umd.edu ] [Typing errors by me. ] President Clinton gave a major boost yesterday to one telephone- scrambler technology in a decision its delighted manufacture likens to the choice of VHS over Beta for videotape machines. Mr. Clinton's action could allow the use of relatively cheap scramblers on almost every cellular, business and government phone and make scramblers common even on ordinary home telephones. An administration official said the consideration will be given to BANNING more sophisticated systems investigators cannot crack, thereby creating a balance between banning private encryption and declaring a public right to unbreakably coded coversations. ^^^^^ [Does this assert that the government has an inherent right to ] [hear everything its citizens say? Or does it mean that only ] [the government has a right to good encryption systems?? ] "We've got a balance we've got to strike between the public's important need for privacy and the public's need to be assured it's save from crime," ^^^^^ [What crime? Please cite an example where an encrypted message was later] [proven to be connected with a criminal activity. (Messages intercepted ] [from the CIA don't count because they never do anything illegal.) ] [Also what are the chances that a criminal that doesn't want to get ] [caught will actually use this crippled chip? ] said Raymond G. Kammer, acting director of the National Institute of Standards and Technology, which developed the system with the National Security Agency. [And of course the NSA would never think of listening to every sattelite ] [communication coming into and out of this country would they? ] In an unusual decision he said was examined by the National Security Council, Mr. Clinton directed the Commerce and Justice departments to encourage the development of the high-tech system, which inludes electronic master keys to enable law enforcement officials to decode transmissions if they obtain court orders. "This technology preserves the ability of federal, state and local law enforcement agencies to intercept lawfully the phone conversations of criminals." Mr. Clinton said, citing the fear that encryptoed phones could aid terrorists and drug dealers. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ [If you want to spook americans, just say the word terrorist or drug ] [dealer. Realistically, they have the money to buy good, secure crypto] [gear. Again, is this system to realy catch "Drug dealers" and ] ["terrorists", or is it to spy on citizens and businesses?? ] The system is designed to protect from unauthorized interception the electronic transmission of conversations, computer data and video images at a cost per telephone that could be under $30, said Ted Bettwy, executive vice president of the manufactureer, Mykotronx Inc. of Torrance, Calif. He said the chip announced yesterday, internally referred to as MYK-78, costs about $40 and uses an algorithm 16 million times more complex than that used by chips now on the market. Computer hackers have penetrated the current chips. ^^^^^^^^^^^^^^ [This is incorrect. If they have penetrated the "Current Chips" this is ] [news to me. If they could break the current technology so easily then ] [there would be no need for the clipper chip would there? ] The new chip uses an 80-bit code instead of the 56-bit code that is the digital encryption standard (DES). [Yeah, well IDEA uses a 128 bit key. My RSA Public key is 1024 bits. ] [If I were to use an 80 bit public key that would be considered weak. ] [So I don't care how many bits it has, I want to see the algorithm and ] [then decide. Too bad it's classified... ] The new chip eventually could sell in lots of 10,000 for about $25 each, Mr. Kammer said, with later versions priced around $10 each. Government engineers at NSA and the Commerce Department's NIST designed and developed the chip, which was then produced by privately owned Mykotronx and a publicly traded subcontractor, VLSI Technology. A Silver Spring [Maryland] competitor cried foul, particularly because the commercial device was developed without notice or competitive bids in a classified laboratory that does work for the National Security Agency. "If the purpose of this chip is to catch bad guys, then no bad guy will use it." said Stephen Bryen of Secure Communications Technology in Silver Spring, which produces a competitive chip he said could sell for $10. "The answer is to invest more money intor breaking codes," Mr. Bryen said in an interview after yesterday's announcement. "They're trying to put us out of business." Mr. Kammer said the secrecy was justified. "The technology we're using was actually developed in a classified environment in the first place and then transferred to a sole-source supplier. I don't know that there was any way around it," he said in an interview. The Justice Department will buy several thousand of the Mykotronx devices, which use a "Clipper Chip." They are being incorporated into other systems by Mororola and American Telegraph & Telephone Co., Mr Bettwy said. [So this means that secret agencies will still have access to secure ] [communications devices. While the ordinary person will not. Sounds ] [fair enough for me! ] Other sophisticated encryption systems do not allow ready access for authorized law enforcement purposes, said Mr. Bryen, who predicted that an ^^^^^^^^^^ [Also don't allow access for unauthorized law enforcement either] elaborate security plan for the electronic master key would not prevent misuse. Mike Newman, a spokesman for the National Institute of Standards and Technology, said "The key is split into two parts and stored separately to ensure security of the key system." ^^^^^^^^^^^^^^^ [If the key is stored in a computer database, then unauthorized access] [is possible no matter what precautions are taken to ensure security. ] Access would be provided to the two parts for an agency that produced legitimate authority or a court order, he said. The Justice Department will determine whether the two parts will be held by separate federal agencies or a federal agency and a private agency. "This chip is going to do something that we, the citizens, really need, and that is to allow us the privacy we want as common citizens," Mr. Bettwy said in a telephone interview from California yesterday. [Translation: "This chip is going to do something that we, the NSA, ] [really need, and that is to allow us to listen to whoever we want ] [whenever we want to, whether they are private citizens, or commercial] [organizations." ] He said the vital part of yesterday's decision is the government's declaration that it intends to use the device. Mr. Bettwy says that use will establish his device as the new standard and will require private facilities to use the same system to communicate with the govenment. He said the decision's impact is "exactly" like the adoption of VHS standards, making most private use of Beta video systems obsolete. [But that doesn't mean that VHS is better just because it is the standard] "I hope that's true," he said of the business implications for Mykotronx. "We're hoping this will become the new standard." [Translation: "I hope that's true," he said of the business implications] [for Mykotronx. "Because were going to reap a lot of cash out of this ] [bloated hoax of a system. ] Only compatible phones can receive secure communications from a phone using a clipper chip. "To me the real siginificance is if everybody uses this, everybody can talk to anyone else," Mr. Bettwy said. [And only the govt. can listen. That makes me feel safe.] "It creates false hope," Mr. Bryen said. "The secret key could fall into other people's hands. When you create a system that has a back door, other people will find the back door." [Amen. ] ------------ end of article ----------------- The government is making this chip out as a great gift to humanity. This is really too bad because people are losing quite a bit of privacy with this new farce the government is trying to pull. I'm writing my congressman tommorrow to voice my concerns. Also I'll try to contact the company mentioned in there (in Silver Spring, MD) to find out information about their chip. I'll post the information here.. ============================================================================= /// | psionic@wam.umd.edu | Fight the WIRETAP CHIP!! Ask me how! __ /// C= | | \\\/// Amiga| PGP Key Available | "Those who would give up liberty for \/// 1200 | by request. | security deserve neither." ============================================================================= From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Tue, 20 Apr 93 23:26:27 PDT To: cypherpunks@toad.com Subject: Proliferating Cypherpunks Groups! In-Reply-To: <3Tcc3B1w165w@sytex.com> Message-ID: <9304210626.AA22823@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Paul Ferguson writes: > You're right, Eric -- we are mad as hell, too. But I'm not about to > jump on a flight to the west coast to simply share strategies. The > fact that I would even consider it negates the functions which we are > working towards, no? I propose that us east coasters organize and > meet as well. Pat and I are DC bourne, for those interested, I'd like > to propose a DC local meeting. Suggestions? Keep in mind that I'm in > NYC during the week, so my only available meeting times aare on the > weekends. (By the way, lets get our shit together DC'ers. We need > technologists, not lacidaisical idealisms.) > > Your DC based Cypherpunk group is hereby established. BTW, if anyone Hear, hear! We need more such groups! I get occasional messages from folks bemoaning the fact that the Silicon Valley seems to be where it's all happening. Well, it's easier for *you folks* in other areas to pull together a local meeting than it was for Eric Hughes and others of us to set up the first such meeting last September. A list now exists and that helps a lot. (I'll grant you that some of your communities may be more scattered and out-of-touch with each other than our community was...it seems we in the Bay Area mostly all know each other through frequent parties, Hackers Conferences, science fiction groups and parties, high-tech startups, Xanadu, VR, "Mondo 2000," "Wired," and so on. In other less-interconnected areas, you may have to advertise well in advance on this list and perhaps even elsewhere to reach enough like-minded people. But not to sound snotty or anything, that's how your "backwater" regions like Washington can become "happening" places like our area....actually, this is a gross exaggeration, as D.C. has had a very active "2600" group, as has NYC, so neither is a backwater.) There are currently 3 groups holding physical meetings, that I know of: * Silicon Valley/San Francisco Bay Area, meeting since September. * UK Cypherpunks, meeting in London since around December/January. * Boston Cypherpunks, just had its first meeting recently. There are several very active Cypherpunks in the Southern California area, covering San Diego, LA, and as far north as Santa Barbara. Some of them have asked us to have a Cypherpunks meeting down there, which we may still do (personally, I favor some kind of "West Coast Cypherpunks" meeting just before or just after the Crypto Conference this summer, held as always in Santa Barbara. Santa Barbara is about halfway between the two extremes, and is a nice place to meet.). But a better idea is for the SoCal Cypherpunks to form their own group. Likewise, the Washington, D.C. area seems a natural spot, as there are several Cypherpunks that I know of off-hand who're in the area. New York, too. Well, you get the point. No permission is needed! Good luck in these dark days. -Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: szabo@techbook.com (Nick Szabo) Date: Tue, 20 Apr 93 23:26:42 PDT To: cypherpunks@toad.com Subject: FAQ: Overview of crypto Message-ID: MIME-Version: 1.0 Content-Type: text/plain The wiretap chip has generated quite a bit of new interest in learning how to protect our electronic privacy. We need to bring folks up to speed quickly on practical use of crypto, so I'm going to write up some mini-FAQs. Experts, please send me succinct descriptions of PGP, anonymous remailers, the Clipper wiretap chip, GMS, or anything else you feel is an important basic. Alternatively, write up and post your own FAQ, and we'll sort it out later. Here is an overview of computer-based crypto that Bill Stewart posted a few weeks ago. Nick Szabo szabo@echbook.com ----------------------------------------------------------------- You can get a proper faq by ftp from rsa.com, in the directory pub/faq. Cryptography = writing stuff only authorized people can read. Real crypto depends on algorithms that are secure as long as the Bad Guys don't know the keys, even if they know everything else. Most of the interesting stuff depends on mathematical processes that take exponential amounts of time, so a 56-bit key would take 2**56 attempts to guess - you can't guess it a bit at a time in 56 steps. Factoring large numbers is believed to take roughly expontential time. M = plaintext message Cyphertext C = E(k, M), E = encryption function, k = key. Plaintext M = D(k, C) ITAR - International Traffic In Armaments Regulations - the US has a bunch of laws about exporting munitions, and crypto hardware and software count as munitions - algorithms are OK, but our Benevolent Govt KNOWS that foreigners aren't bright enough to turn algorithms into code. Lots of flamewars discuss exactly the boundaries, and the laws are contradictory about which bureaucrats are really in control, but nobody's wanted to get thrown in jail for arms dealing badly enough to force a court case .... Appears to apply to importing crypto also, though that hasn't been something anybody's made a big deal about. Other countries besides the US may have major restrictions as well. Alice and Bob - the people sending messages to each other. Eve may be eavesdropping, and Charlie may be around also, Secret-Key Cryptosystem, also called Symmetric-key or private-key - the same key k is used for E and D, or at least a closely related key that's easy to derive if you know the other one. DES = Data Encryption Standard = IBM/NSA-designed secret-key system, very widely used, keys 56 bits long which may be a bit short, some people worry there may be an trapdoor put there by NSA, but if I told you I'd have to kill you :-) Banks use it, for instance. IDEA - a Swiss-written secret-key system, maybe more secure than DES, newer anyway. Patented in Switz but not US, easy licensing. Public-Key CryptoSystem - Encryption key ke and Decryption key kd are related, but in a way that you can't determine kd knowing only ke. ke is called the public key and kd the private key - you can publish ke where everyone can see it and encrypt stuff to mail to you, you can decrypt with private key kd. (If you want to reply, you've got to get their public key.) Public-key algorithms are pretty slow, so generally people use create a random secret key, encrypt their message with a secret-key algorithm like DES, and encrypt the secret key with the recipient's public key; recipient decrypts the secret key with his private key, then uses it to decrypt the message. Digital Signatures - if you can do public-key crypto, then you can do the reverse as well to sign a message - you *decrypt* the message with your private key, and the recipient encrypts it with your public key - if it restores the original message, she knows it's good and knows that *you* sent it, because only you have your private key. For speed, you normally make a "hash" checksum of the message, and sign the hash instead of the whole thing. Some public-key algorithms can only be used for encryption, some only for signatures, some for both but you need different keys. MD-4 and MD-5 - Message Digest hashing algorithms from (?) Rivest, which are thought to be unforgeable, unlike the CRC checksums used by many programs which are easily forged. RSA - A public-key algorithm developed by Rivest, Shamir, and Adelman. It's the only well-known public-key algorithm that does everything everybody wants, including signatures and public-key, that's secure enough that you can't crack it as long as you use reasonably long keys. Unfortunately, it's patented in the US, by Public Key Partners, a company R, S, A, and friends started that owns most of the interesting patents related to public-key. On the other hand, to avoid having the NSA classify their patent right when they applied (the NSA can do that), they published the algorithm before applying, which means that it's public-knowledge in most of the world and you can't patent it there, even in places that do allow algorithm patents. Their claims about what techniques their patents cover are *very* broad; if you want to do anything public-key related in the US, you've got to deal with them or carry a BIG lawyer, and so far everybody's chosen to deal with them rather than risk a long expensive difficult court case, or else chosen to ignore or infringe their patent but not sell their products for cash, and hoped to get away with it. RSAREF - an RSA implementation from PKP, which you may use free for personal non-commercial use as long as you agree to follow a set of rules that are much less restrictive than they used to be; you can't export it outside the US and Canada, and can't change the interface without their permission, and a few other terms. Better implementations of RSA's algorithms have been done, but you can use this one free, with their permission. Or you can pay them money and get support for incorporating their techniques into your products. Key certification - Public Keys are usually long - RSA keys are often 1024 bytes. Public keys crypto is only secure if you can be SURE you have the public key for the person you're trying to send a message to, like Bob, and that Eve hasn't handed you HER public key instead - she could be intercepting all your mail to Bob, decrypting it, and re-encrypting with Bob's key. So you need to find a secure way to transmit public keys, where "secure" means it can't be forged without you knowing about it (though anybody can read them.) Publishing in the New York Times classified ads is one approach, as is any other broadcast method you can be SURE everyone gets correctly. Another method is to use digital signatures - somebody you trust, whose public key you can be sure you know accurately, gets Bob's public key from Bob, and signs it with their public-key. Since not everybody knows somebody who knows Bob, the problem can be handled by a chain or hierarchy of key certifications - Charlie signs Bob's, Dave signs Charlie's ... and You know Xerxes yourself. Or George Bush signs all the general's keys, the generals all sign the keys for the colonels under them, the colonels sign for the majors under them, .... and you can check some sergeant's key because it's got a certificate from his lieutenant on up to Bush, and Bush's key is in the Phone Book. PGP - Phil's Pretty Good Privacy program - a nice packaging of this technology that can be used easily to prepare secure email. The original version used RSA and a choice of DES or a home-brew secret-crypto system; the current version uses RSA and IDEA. For certification, the method is non-hierarchical - you have a "keyring" containing public keys you know, maybe with certificates, and you can sign the ones *you* trust and give your signed keyring to your friends. Hierarchies imply the potential for control; this is cooperative anarchy, and there's no chain of people you HAVE to obey to exchange keys. When PGP version 1 first came out, RSA yelled at Phil Zimmerman, the author, and told him he was risking patent infringement lawsuits and such if he didn't cease and desist, so he's no longer distributing it. But some of those SNEAKY FOREIGNERS *somehow* got a copy, and so ongoing development of PGP is taking place outside the US, unhindered by patent problems. Version 2.1 is out, 2.2 real soon. Parts of PGP are probably not covered by PKP's patents, and parts are clearly not covered by ITAR, but some parts are a problem. RIPEM - Mark Riordan's public-key email system, which uses RSAREF to do RSA, so it's legally kosher but not exportable, and is related to the internet Privacy Enhanced Mail stuff that was being developed for a while. Still real new, but probably Pretty Good also; I seem to remember its key certification was more hierarchical. ---- More PGP info - PGP was originally written for a DOS environment (there are problems trusting any system you don't totally control, and it's tough to say you totally control a multi-user system), but it's been ported to lots of things by now, including UNIX and some early Mac ports (work is in progress to make the Mac port feel like Mac-stuff rather than Unix-stuff.) You can get the source, compile it, play with it, and do anything you want that doesn't infringe PKP's patent, so remember not to use it to exchange keys with anyone or send them mail unless you've got a licensing agreement..... Once it's compiled, type pgp -h to get help, and/or read the documentation. Where to get things: The fun place to shop is nic.funet.fi, by anonymous ftp, but if you telnet to an archie server like archie.rutgers.edu (login as archie) you can ask it wher to find anything. Using a US site would be potentially better legally, and also cuts down on the bandwidth used between here and Finland.... Bill Stewart From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: szabo@techbook.com (Nick Szabo) Date: Tue, 20 Apr 93 23:39:37 PDT To: cypherpunks@toad.com Subject: FAQ: where to get PGP Message-ID: MIME-Version: 1.0 Content-Type: text/plain Here is a list of PGP sites generated by "archie". I have checked sony.com which has PGP 2.2 but have not checked the other sites. If you know any of these sites to be down, out of date, etc. please let me know and I'll update the list. Also let me know of sites archie did not catch. Strong crypto is available worldwide, but the Clinton Adminstration has threatened to ban it in the U.S. In the age of digitial telecom and fascist governments, strong crypto is your only guarantee of electronic privacy. Get it, learn it, and use it while it's still legal! Nick Szabo szabo@techbook.com ----------------------------------------------- /usr2/users/szabo> archie pgp Host sony.com Location: /pub DIRECTORY drwxr-xr-x 512 Apr 9 20:26 pgp Host quepasa.cs.tu-berlin.de Location: /pub/os/386BSD/386bsd-0.1/unofficial/doc/software FILE -rw-rw-r-- 12121 Feb 2 00:01 pgp Host reseq.regent.e-technik.tu-muenchen.de Location: /informatik.public/comp/usenet/alt.sources DIRECTORY drwxrwxr-x 512 Dec 9 01:24 pgp Host ftp.uni-kl.de Location: /pub1/unix/security DIRECTORY drwxrwxr-x 512 Feb 24 19:24 pgp Host cwdynm.echem.cwru.edu Location: /scriptures/ALL.plain FILE -r--r--r-- 167535 Sep 11 1991 pgp Host goya.dit.upm.es Location: /tmp DIRECTORY drwxr-xr-x 512 Aug 22 1992 pgp Host walton.maths.tcd.ie Location: /src/misc/pgp-2.0/src FILE -rwxr-xr-x 316640 Oct 18 00:00 pgp Host ftp.uu.net Location: /pub/security DIRECTORY drwxrwxr-x 512 Mar 9 15:13 pgp Host isy.liu.se Location: /pub/misc DIRECTORY drwxr-xr-x 512 Mar 11 23:54 pgp Host ftp.luth.se Location: /pub/infosystems DIRECTORY drwxr-xr-x 512 Jan 27 12:59 pgp Host unix.hensa.ac.uk Location: /pub/uunet/pub/security DIRECTORY drwxr-xr-x 512 Mar 19 07:35 pgp From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcorcora@sunlab.cit.cornell.edu (Travis Corcoran) Date: Tue, 20 Apr 93 21:36:07 PDT To: cypherpunks@toad.com Subject: Radical politics Message-ID: <9304210435.AA11296@vinca.cit.cornell.edu> MIME-Version: 1.0 Content-Type: text/plain Sheesh, it's enough to make one turn into a radical libertarian/anarchist (if one wasn't already...). I firmly suggest that we all call ou [ unauthorized communication, re: Sec 12-2, .2-12.6; channel closed under Anti-Terrorist-Communications Act on 00:30 21 MAR 93. Authorization 4ff0 -NIST] From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Tue, 20 Apr 93 22:41:15 PDT To: cypherpunks@toad.com Subject: A few notes on the WIRED article (kudos) Message-ID: <61ac3B1w165w@sytex.com> MIME-Version: 1.0 Content-Type: text/plain I hope this goes over well. I found this article to be just what we need --- publicity. The kind that opens eyes. Tim, Eric and John -- I sat to thee, "How come this only happens in California?" ;-) - Snip, Snip ----- 8< ------ From the "For What It's Worth Department"... A totally biased review of Steven Levey's "Crypto Rebels" article in WIRED, Volume 1, Issue 2, May/June 1993 I was a bit interested when a fellow cypherpunk mentioned that there was a "decent" write-up in WIRED on the cypherpunk issues. Somehow, I envisioned some sidebar mention. In these interesting times, any mention of our efforts on the computer privacy frontier gets A-1 attention in my book. However, I was startled (and pleasantly surprised) when I took a jaunt down to my local magazine-ary on Broadway and found that my internaut campadres were on the cover, no less. Golly gee, imagine that. The cover itself conjures images of computer cultist symbolism. Tim May, Eric Hughes and John Gilmore strike an interesting pose wearing plain white, plastic carnival masks. The American flag held in their hands is even more striking considering the topic at hand. (What the hell does the Russian inscription mean?) I remember reading the post announcement in the cypherpunks mail area about that meeting in Mountain View. (If I had known that you western cypherpunks would get all the press attention, I would've hopped a red-eye and met you guys at Cygnus.) It's ironic that this topic built steam and attention _before_ the "Clipper Chip" fiasco and still provides the computer community with viable (perhaps not altogether proper) alternatives. I knew it would. Ha. Steven Levey has long since established himself as a solid, factual and sometimes thought-provoking writer. His book "Hackers" is considered by many professionals in the field to be the authoritative work on the progression of computer hackers. Levey earns himself one more brownie badge by bringing attention to the cypherpunk dilemma. The article is thought provoking (read: it is not designed for disinterested parties), accurate and for the most part, right on the mark. Key statements are sprinkled on the page margins, including "In the Cypherpunk mind, cryptography is too important to leave to government or even well-meaning companies. To insure that the tools of privacy are available to all, individual acts of heroism are required." That piece alone is enough to invoke thoughts of ... A key profile is included about John Gilmore and his headaches with the NSA, the Cypherpunk subscription mail group and several other side-bar notes that lend some valuable credibility to the otherwise incredulous auspices of the cypherpunk image. Not only is this article well written, as far as information blurbs go, this is good stuff, even for us neanderthals on the east coast. In a broader aspect, WIRED is a magazine that deserves your attention. Pick up this rag and give it the once-over. Somehow, I classify this 'zine as a combination of INFO World, The New Yorker and Mondo 2000. Isn't that a draw? Humor and seriousness implied... Paul Ferguson, Editor, Legal Net News - Snip, Snip --- 8< ----- I loved the feel of the magazine, too. All recycled. Ain't that great? Cheers. Paul Ferguson | Uncle Sam wants to read Network Integration Consultant | your e-mail... Alexandria, Virginia USA | Just say "NO" to the Clipper fergp@sytex.com | Chip... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Tue, 20 Apr 93 22:41:11 PDT To: cypherpunks@toad.com Subject: Meets 'n Greets Message-ID: <3Tcc3B1w165w@sytex.com> MIME-Version: 1.0 Content-Type: text/plain On Tue, 20 Apr 93 10:54:00 -0700, Eric Hughes wrote - EH> ANNOUNCEMENT EH> ============ EH> Ad Hoc Cypherpunks Meeting on the recent Wiretap Chip proposal. EH> Where: Cygnus Support, Mt. View (directions follow) EH> When: 12:00 noon sharp - 6:00 p.m. EH> I'm mad as hell. I know that a lot of other folks are too. You're right, Eric -- we are mad as hell, too. But I'm not about to jump on a flight to the west coast to simply share strategies. The fact that I would even consider it negates the functions which we are working towards, no? I propose that us east coasters organize and meet as well. Pat and I are DC bourne, for those interested, I'd like to propose a DC local meeting. Suggestions? Keep in mind that I'm in NYC during the week, so my only available meeting times aare on the weekends. (By the way, lets get our shit together DC'ers. We need technologists, not lacidaisical idealisms.) Your DC based Cypherpunk group is hereby established. BTW, if anyone noticed, the EFF is drawing some serious fire by the public press. "Sold out to commercialism", one headline reads. Cheers. Paul Ferguson | Uncle Sam wants to read Network Integration Consultant | your e-mail... Alexandria, Virginia USA | Just say "NO" to the Clipper fergp@sytex.com | Chip... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jhart@agora.rain.com (Jim Hart) Date: Wed, 21 Apr 93 01:31:06 PDT To: cypherpunks@toad.com Subject: GSM vs. wiretapping: Australia Message-ID: MIME-Version: 1.0 Content-Type: text/plain Forwarded from comp.org.eff.talk In article <1993Apr12.081136.1@cc.curtin.edu.au>, zrepachol@cc.curtin.edu.au (Paul Repacholi) writes: > In article <1993Apr11.175007.10136@news.acns.nwu.edu>, jlacour@merle.acns.nwu.edu (John LaCour) writes: > Have not seen a proposal like the FBI one yet, doesn't mean it isn't out there > though. One thing that has happened is the delaying of the new GSM digital > mobile phones. It seems that ASIO and friends have been told by GCHQ about > the dificulty of breaking MD5. Info is still a bit thin. You could try posting > to aus.comms. > Please note, I have added aus.comms and aus.politics to this one. I enquired of Austel ( the Australian telecoms regulatory body), and the Federal Atourny Generals Office today. The Telecom GSM trail marketing that started in Brisbane in March has been canceled. GSM will *NOT* be legal in Australia till the use of MD% encryption is changed, or the system is altered to allow monitoring of calls. This is a requirement of the 'Telecomunications Interception Act'( AG perth.) There are also prohibitions on using codes and cyphers in the 'Crimes Act' various state police acts and criminal codes ( thought these would not affect Telecomms, as that is federal jusistiction. I will try to find the acts, and quote the relevent sections on this. There has also been posts on 'pen-recorders' I notice. The .au situation on this is that a commisioned officer of the federal police can give the telco a written notice requiring the supplying of cal info for the date range in the notice. I saw this some monthes ago, and had the impression that this included info *PRIOR* to the notice, info Telecom claims not to have if mear chattels inquire! Strange, wonder where it matterializes from. Note the absence of words like 'warrant', 'judge', 'court' or other such! I think there is a requirement for the commisioner of the FP to include in his anual report to parlament the number of notices issued. All this has been in place in one form or another for decades. I first saw this sort of stuff when I worked in the post office ( ob history: the post offie used to run the phon system in australia years ago ) As I worked both as a night shift telephonist and in the office itself, I had to sign a stack of secrecy stuff, and a copy of the 'Posts and Telegraphs Act' was standard issue. This had a prohibition on "unlawfull codes, cyphers and secret writings" The Comercial Telex Code was the *ONE* allowed code. Any other code used in a telegram *HAD* to be stated on the logment form. Don't know what happened after that. Small country town, never saw one. Only the banks used codes. This would have been Dec '67 or '68 I think. Will try to fill in the gaps, and post a full account later. Note that I will be probably away next week, ( school hols ) so it may be a while. I will also try to get some extra info on use etc. ~Paul From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "$HOME/.sig" Date: Wed, 21 Apr 93 02:55:38 PDT To: sytex.com!fergp@netcom.com (Paul Ferguson) Subject: Re: Meets 'n Greets In-Reply-To: <3Tcc3B1w165w@sytex.com> Message-ID: <9304210955.AA04369@netcomsv.netcom.com> MIME-Version: 1.0 Content-Type: text/x-pgp -----BEGIN PGP MESSAGE----- Version: 2.2 hIwCfcTW1h74rscBBACgoXqxxsGqZeW16tmf7LppwJkxwGTHrfYItif/Yj50GdiH gevW5vahjjhLzPMoQOk3NeoP2P1KN1wgCoYk7hU0EVS1jh6rDHIx4+9X9PFE9H7V U9AoRLNXA1ymg0eZnfZSfQcX1Xx1cDKY7tDmW44AQKXlO5Dm/OV9TDFFzu4U56YA AARl7WCaTKUz7FlM9zuQ3TO9UbgtXfsonEmC8AYgnMSEHasAWBTpJQ5g8/5T2trC DQgWqrAzH8cSb5nIsKMq0Aiys64d/cu55BacruwuvVJ1jxubuv3Yjbjjf9K03tXm cIzkBWkYx5R+Wslm4DhjpPVlr8dQs3f1nXTGN8s99S6D7WPhrgXimwSVbjtVv4N2 aauMY7LkfhzQiBtOW7HQXhTC5NXpuFbydE2vEZQlfDeHgSM+CT4s3HTV0g0Srokk Nl+XLE/XvRsjdCLmASQwzCuMzwhP6oyCd6xFl7/6oSzVka8nRlTEsRRmbHlzhXda uTYAAa8J44XMiomB6mM+N6zp7NIU2HzmidMrgzCSIkW5LRL/N7I4HC6N002jdA+L 0/ltkWV8MMAXmZAqeiIwfHTTLsT7LIu+WuxxM0ORjQxcdD3hRG3H9ou7udT22fsn gmykY62J++jREQOltqzC9NM7/b5DBhvCu8WNOfP6Dz39cx06ItxEMS1bRegsQD1N BO6z7kZxPXVXGneG+gAh8PjT4Z+6EjExUa4QS8SjTvNvuEJGQZgailz4yQyciI4G NJjLvqHO/N6qeImb1xf2dSxylyAGAiFbKdevDWezK/HKxyV/xyvcbhnwUdtdXP/Y etbxyM4hHz5J//pkTTS9tSW/HdD1u/OeT2FiSOcvn1l3O9nBe0llw7zUMWM1MRqy 1BoaT0lM4EWevbIhdRBFp6R6VyYmqfcQbxMykSpgq3VfxkmMSoM3fS1Sh5y70oUU zZzCRvCgA1N2BgtJOGZJYWZltZILUqI6SoGgi7ZTbZKOajQmwhPnA068wal7hcHd OFTX2IkpIMv9iUp3ZqfRZpw3XC0RyiYHAe86RQXYx1ghEr4r6uIrZPxk8EomPPfN 7Ydy6lvQVt0U8Z2PLI2hrphUjsY8MsaISZh553PQGvQKueVRZ155ALw4OyHelFot Rm5xr8oXeH2J8wrpK2F7k/nb5Y4Zv+ZbZkF0usRUwFmv+A3nKpNQthTRcdSXp56U sUXg+ajS+IpBbNMzeCyk9igypmmnVS9HOWkDa34++aR8QaTEohj1vydKK1jzzxrz 50hxjwkacOojGBllV4UwXzIbVUInbia4YR9Fiwl/5v+vyYzEgy8hTIJcofGp8Yra 5NYEQ+tpYdsTM7eGBP+RSWIZ6geTcCcyUO66aDiirqm++SIbNATKihbHqEUAjlxV 5fTVIQfJH5SU8Tx8Wslz5k3EXgnwU7vkEROU9TA+v3pkbAt32vvS7Snym3XsO2py il21jWWTG5DGG64RO5X0nnccMSoEayiaaWAq9R66988B9q3zj0+c0DNAlqV+D6b4 MOOaDOA/ev2mRz9rJKekpaJo95Vv+x9vFHZPvwFGpAT/5Ri5MVQwgAR8Hth+L+xt R0m6U82/mRZrIBFVruAUq/tIiWKPnIcHI0vC8S92SHB9icN3Y8GAV4k1Q5rcfkQ6 /YOkm4TZiCvYN4C4/9gyQwg6RZpX4erk =W8Y+ -----END PGP MESSAGE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Craig Nottingham Date: Tue, 20 Apr 93 23:12:26 PDT To: fergp@sytex.com (Paul Ferguson) (Paul Ferguson) Subject: Re: Meets 'n Greets In-Reply-To: <3Tcc3B1w165w@sytex.com> Message-ID: <9304210612.AA02469@toad.com> MIME-Version: 1.0 Content-Type: text/plain > You're right, Eric -- we are mad as hell, too. But I'm not about to > jump on a flight to the west coast to simply share strategies. The > fact that I would even consider it negates the functions which we are > working towards, no? I propose that us east coasters organize and > meet as well. Pat and I are DC bourne, for those interested, I'd like > to propose a DC local meeting. Suggestions? Keep in mind that I'm in > NYC during the week, so my only available meeting times aare on the > weekends. (By the way, lets get our shit together DC'ers. We need > technologists, not lacidaisical idealisms.) > > Your DC based Cypherpunk group is hereby established. BTW, if anyone > noticed, the EFF is drawing some serious fire by the public press. > "Sold out to commercialism", one headline reads. > > Cheers. > > Paul Ferguson | Uncle Sam wants to read > Network Integration Consultant | your e-mail... > Alexandria, Virginia USA | Just say "NO" to the Clipper > fergp@sytex.com | Chip... > There is plenty of DC area support fr such a group. The only problem that presents it self is where to hold a meeting where there will be no hassles. In addition a thought that many people are overlooking- the wiretap chip transmissions of encrypted data would make a perfect envelope for the transfer of more secure information encrypted with powerful encryption schemes. There would be no easy way to tell the diffence between pre-encypted transmissions and wiretap chip encrypted conversation. ~~~~~ Craig Nottingham -Reality is for people who lack imagination NeXTmail -I hate to advocate drugs, alcohol, violence or insanity to anyone, but they've always worked for me. <=> Hunter S Thompson -A good cap of acid costs five dollars and for that you can hear the Universal Symphony with God singing solo and the Holy Ghost on drums. <=> H.S Thompson ~~~~~ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Wed, 21 Apr 93 02:51:51 PDT To: szabo@techbook.com (Nick Szabo) Subject: Re: FAQ: Overview of crypto In-Reply-To: Message-ID: <9304210951.AA05964@toad.com> MIME-Version: 1.0 Content-Type: text/plain > You can get a proper faq by ftp from rsa.com, in the directory pub/faq. Last time I looked, it was something like 75 pages. Those questions aren't all asked *that* frequently. > ITAR - International Traffic In Armaments Regulations - the US has a bunch ... > Appears to apply to importing crypto also, though that hasn't been > something anybody's made a big deal about. This part is false. The ITAR does *not* apply to importing crypto. I have read the regs and found no evidence of import regulations on cryptography. If anyone tells you that they exist, ask for a copy of the regulations, or a citation of the regulations, or a citation of a court case that was based on the regulations. Any of these will let me (or you) determine what is actually happening. [Nobody who I've asked for this stuff has ever been able to produce it.] > as archie) you can ask it wher to find anything. Using a US site would > be potentially better legally, and also cuts down on the bandwidth > used between here and Finland.... Ditto -- no legal problem, just bandwidth. Though the posting appears to assume that the reader is in the U.S., a bad assumption. `Using a local site...`? John Gilmore From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: crunch@netcom.com (John Draper) Date: Wed, 21 Apr 93 03:00:20 PDT To: cypherpunks@toad.com Subject: Lets connect the meetings together Message-ID: <9304211000.AA09748@netcom4.netcom.com> MIME-Version: 1.0 Content-Type: text/plain I propose that the E. Coaster Cypherpunks connect via computer to the one on the West Coast on the 24th. Perhaps on a private IRC channel, but doing it via encryption would be the best. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Robert Luscombe Date: Wed, 21 Apr 93 00:54:03 PDT To: Cypherpunks Subject: PGP help? Message-ID: MIME-Version: 1.0 Content-Type: text/plain I am in search of any MSDos (or Windows, but not preferred) offline mail readers, text editors, etc. that work well with PGP-- anything to help me use PGP for everyday email. I use a dial-up internet connection, so i have no choice but to use the remote system's PINE mail reader... if anyone knows of anything that will let me compose and encrypt email locally and format the messages into a .QWK packet for upload, that would be IDEAL, but anything else could still help. (BTW-- i have already posted on alt.security.pgp and nothing ever came of it. So it goes.) --Robert Luscombe Internet: ral@telerama.pgh.pa.us Voice:412/488-0941 robert@well.sf.ca.us (Finger for PGP Pub Key) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pat@tstc.edu (Patrick E. Hykkonen) Date: Wed, 21 Apr 93 06:19:37 PDT To: cypherpunks@toad.com Subject: Meets 'n Greets (IRC Meetings Maybe?) Message-ID: <9304211319.AA12656@tstc.edu> MIME-Version: 1.0 Content-Type: text/plain > You're right, Eric -- we are mad as hell, too. But I'm not about to > jump on a flight to the west coast to simply share strategies. The > fact that I would even consider it negates the functions which we are > working towards, no? I propose that us east coasters organize and > meet as well. Pat and I are DC bourne, for those interested, I'd like > to propose a DC local meeting. Suggestions? Yeah. Does anybody have the resources to setup an IRC at a known cypherpunk site? -- Pat Hykkonen, N5NPL Texas State Technical College at Waco {pat,postmaster}@tstc.edu Instructional Network Services PGP Key available by finger. 3801 Campus Dr. Waco, Tx 76705 V:(817) 867-4830 F:(817) 799-2843 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Harry Shapiro Date: Wed, 21 Apr 93 05:29:39 PDT To: cypherpunks@toad.com (Good Guys) Subject: The Family Key Message-ID: <199304211229.AA28337@sun.Panix.Com> MIME-Version: 1.0 Content-Type: text/plain I think the largest weakness in the whole Clipper scheme, and I am not sure If I am right about this is,.... The NSA knows the family key (the key that is built into each chip; or perhaps large meta batch of chips). The family key encrypts the Law Enforcement Block [LEB] of the message, which contains the serial number for the chip in the device being used to communicate. This key is known to NSA. Thus, the NSA will be able to maintain an active traffic pattern analysis of ALL communications sent via the Clipper chiped devices. I think in many ways that traffic watching can and does often reveal more information about someone than at time listening in to what is actually being said. The big point here is the the press release claims that the Clipper chip doesn't provide anything more than what Law Enforcement already has. That is not true. What they get is a complete serialized, accurate method of traffic analysis. Note: Denning claims that a proper order to wire tap an encrypted communication will be "gotten" prior to decoding the LEB. Then a second batch of paper work will be processed once the serial number is revealed to get the encrypted/escrowed keys. -- Harry Shapiro habs@panix.com List Administrator of the Extropy Institute Mailing List Private Communication for the Extropian Community since 1991 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: grady@netcom.com (1016/2EF221) Date: Wed, 21 Apr 93 08:33:40 PDT To: cypherpunks@toad.com Subject: alt.encrypted Message-ID: <9304211533.AA16188@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain I guess the cryptowranglers read this group too. But of course I knew that because it is so easy to do. There is not a single doubt in my mind that every byte that passes every significant gateway or 'bone is captured for the colligation of data about __________? (Maybe your name is here). Maybe we should start a newsgroup for the distribution of encrypted posts intended of members of affinity groups with a shared private key. For example at the coming up Cypherpunks meeting, a private key corresponding to that particular meeting could be passed out by a moderator. Minutes, followup comments to other participants, and so on could be posted to the alt.encrypted group for the use of the people who attended. Communiques intended by the group for non-attendees could of course just be signed using the private key but otherwises not encrypted. Starting a alt.encrypted newsgroup rather than just maintaining mailing lists is better for several reasons. First, it would be easier to archive for people who might join a group "late" and who might like to easily read earlier posts; second, traffic analysis to know exactly to whom an affinity message is directed would be foiled; three, a newsgroup is much more public and would serve to publicize available privacy measures on the internet. And it would be fun to accumulate a secret keyring full of such keys -- it beats giving out t-shirts as a door prize. We could send a copy of alt.encrypted directly to Judge William Sessions or Admiral Studeman to save them the time of having it collected for them. -- grady@netcom.com 2EF221 / 15 E2 AD D3 D1 C6 F3 FC 58 AC F7 3D 4F 01 1E 2F From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Communism is like MS-DOS: It doesn't work, and you wouldn't want to use it even if it did. 21-Apr-1993 1120" Date: Wed, 21 Apr 93 08:48:35 PDT To: cypherpunks@toad.com Subject: Making Clippers More Secure Message-ID: <9304211548.AA29737@enet-gw.pa.dec.com> MIME-Version: 1.0 Content-Type: text/plain Agreeing with all the previous problems and issues put forth; key-escrow, secret algorithms that can't be formally tested, etc... So, let's *assume* that the US Gummint makes all other encryption illegal, except those that use this chip, and they intend to check all messages that look encrypted to verify that they have the correct system key: Well, we can use more than one chip, or use it in ways that were "unanticipated". F'rinstance: Use PGP (or SROT, or some other p.d. crypto package) to encrypt once, and then use a Clipper to put a legal-looking wrapper on the message. The problem with this is that *if* there is a law making all other cryptosystems illegal, then you still do time. Then the gummint says "You can use chips, but ONLY chips. No other encryptation.". Well, how 'bout this: Use three chips. The first two are BOTH fed the message, and the resulting bitstreams are XORed together and then fed to the third chip (to provide a legal-looking "wrapper") The XORing should obscure the serial numbers of the first two chips, meaning that the NSA can not go to a key-escrow authority with a blanket court order and obtain the keys. Rather, assuming the "secret algorithm" is good, the worst-case scenario is either a full search of the keyspace (if the secret algorithm forms a mathematical "group", or an exhaustive search of [issued-keyspace]^2. Yes, the above does not address the issue of decoding (as stated above, you can't recover the plaintext.) But that's soluble, by inserting a known (but secret) string into the start of the bitstream for both the encoding and decoding second chips; the result is that by the time the second decoding chip needs to start knowing what was XORed into the incoming stream, the first decoding chip has already decoded that part of the message, which can be re-encoded using the first encoding chip's keys to provide the continuing bitstream needed for the XOR. Now, the BIG issue is this: is it possible to obtain the serial numbers of a pair of Clipper chips from the XOR of two output streams? How about three? How about N, where N is large? Without knowing the algorithm, this will be difficult to answer... -Bill % ====== Internet headers and postmarks (see DECWRL::GATEWAY.DOC) ====== % Received: by enet-gw.pa.dec.com; id AA02474; Wed, 21 Apr 93 05:13:14 -0700 % Received: from mc by mc.lcs.mit.edu id ak02907; 20 Apr 93 11:15 EDT % Received: from enet-gw.pa.dec.com by mc.lcs.mit.edu id aa02377; 20 Apr 93 10:20 ED % Received: by enet-gw.pa.dec.com; id AA27388; Tue, 20 Apr 93 07:19:42 -0700 % Message-Id: <9304201419.AA27388@enet-gw.pa.dec.com> % Received: from aidev.enet; by decwrl.enet; Tue, 20 Apr 93 07:19:43 PDT % Date: Tue, 20 Apr 93 07:19:43 PDT % From: "Dulce et decorum est pro patria mori. 20-Apr-1993 0950" % To: elbows@mc.lcs.mit.edu % Cc: aidev::yerazunis % Apparently-To: elbows@mc.lcs.mit.edu % Subject: Clipper Chip From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jwarren@autodesk.com (Jim Warren) Date: Wed, 21 Apr 93 13:38:10 PDT To: cypherpunks@toad.com Subject: more details from Denning Message-ID: <9304211652.AA24148@megalon.YP.acad> MIME-Version: 1.0 Content-Type: text/plain I've been collecting this flow over the last few days, and finally have a chance to upload it to 'punks. I think all of it is new, but part of it might have already appeared in the last several daze [sic] deluge. If so, apologies for repetition. And, a coupla tidbits about Dorothy: I have known her for several years, worked closely with her on creating the first Computers, Freedom & Privacy conference in 1991, have absolutely the *highest* regard for her integrity, honesty and candor -- and absolutely trust what she says ... even when it's about a subject on which we may disagree. Dorothy Denning is an honorable person with great personal integrity, and I urge that she be treated as such -- even in disagreement. --jim Jim Warren, MicroTimes futures columnist; InfoWorld founder; DataCast founder; founder & chair, First Conf. on Computers, Freedom & Privacy, blah blah blah :-) ============echoing the messages of significance========== From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: denning@cs.georgetown.edu (Dorothy Denning) Date: Tue Sep 07 12:37:58 1999 To: jwarren@autodesk.com Subject: Re: Marty's 4/17 Clipper Chip post-to-many & Dorothy's 4/8 response Message-ID: <5f4f1a395e5d370f678c533a1fafa331@NO-ID-FOUND.mhonarc.org> MIME-Version: 1.0 Content-Type: text/plain Fine with me. Post anywhere. Dorothy ===== From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Pat Farrell" Date: Wed, 21 Apr 93 07:09:25 PDT To: cypherpunks@toad.com Subject: RE: Webs of Trust vs Trees of Trust Message-ID: <36516.pfarrell@cs.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain In norm@netcom.com (Norman Hardy) writes: >This is much ingrained in all of the legally mandated security >systems that I am aware of. It assumes, at first glance, that there >is a root, an inner sanctum, which is totally trusted by all. > >It is a pervasive mind-set in military security. While I can't claim to understand the military mind set, I can believe that it is pervasive. It is also at best simplistic. Under the "new world order" we must forge aliances according the the needs of the situation, so that the trusted aliance's members vary over time. Economic aliances have similar dynamics, with trust and allegiance changing. The government's view seems to be that trust is transitive. I believe that it can't be, because the world is not a simplistic heirarchy that starts with Billery and flows down. The tree of trust also ignores international exchanges, as Billery's signature means far less to an European than to a US citizen. There was a recent article about a ring of college students in Texas selling forged driver's licenses. They used Montana and Idaho as samples, with the expectation that a bouncer in a Texas bar wouldn't know a real Idaho license if he saw one. Seems like the value of a US-based signature would be lowered in Sydney or Delhi in a similar manner. More importantly, I expect that digital signatures will be used for commercial transactions accross the net. This means that there is money involved, and with a tree of trust, the higher level trees are _worth_ bribing, forging, and perhaps killing for. Once a high level node is compromised, all lower nodes are worthless. This is why we need a serious education effort for the "decision makers" in the government. Pat Pat Farrell Grad Student pfarrell@cs.gmu.edu Department of Computer Science George Mason University, Fairfax, VA Public key availble via finger #include From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Wed, 21 Apr 93 11:17:43 PDT To: pat@tstc.edu (Patrick E. Hykkonen) Subject: Re: Meets 'n Greets (IRC Meetings Maybe?) -- Internet audio? In-Reply-To: <9304211319.AA12656@tstc.edu> Message-ID: <9304211816.AA14002@toad.com> MIME-Version: 1.0 Content-Type: text/plain We could set up an encrypted `vat' audio session between the locations. Cygnus has T1 connectivity to the Internet. Someone would need to provide a good self-powered speaker to plug into the Sun audio port (a standard mini phono plug). We have a microphone that will possibly work, though we should run some tests before the meeting. Cygnus does not have multicast support, so we can't feed the `mbone' (multicast backbone) with it, but we can attempt one or several point-to-point links. `vat' runs on Suns and is available from ftp.ee.lbl.gov or ftp.cygnus.com:/pub/vat.1.56.tar.Z. It's `Van's Audio Tool', unfortunately available only in binary. Its encryption option requires that the participants agree on a key in advance, and type it into each workstation at the time of the conference. John Gilmore From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ggoebel@sun1.ruf.uni-freiburg.de (Garrett Goebel) Date: Wed, 21 Apr 93 02:21:35 PDT To: cypherpunks@toad.com Subject: cypherpunks vs. cryptoprivacy Message-ID: <9304210921.AA17398@sun1.ruf.uni-freiburg.de> MIME-Version: 1.0 Content-Type: text All, Kragen writes: } I agree with those who think that "CypherPunks" is a bad name for the list. } It brings up negative associations in the minds of outsiders, who are, after } all, the people who we want to influence against the Big Brother wiretap chip Is anyone against changing the name from cypherpunks to cryptoprivacy? Seems to be the general consensus... that cryptoprivacy would be more PC. Unoriginal Thought: couldn't the list/group name be changed to "CP"? o For outsiders, and formally, it could stand for CryptoPrivacy o To insiders... it could still stand for CypherPunks o CP is the opposite of PC (I like that). back to lurking, Garrett -- C. Garrett Goebel From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Wed, 21 Apr 93 09:44:18 PDT To: cypherpunks@toad.com Subject: DC Cypherpunks Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Wed, 21 Apr 93 2:07:49 EDT, Craig Nottingham wrote - CN> There is plenty of DC area support fr such a group. The only CN> problem that presents it self is where to hold a meeting where CN> here will be no hassles. I'm putting together of interested parties who would like to get together for physical meetings on a "psuedo-random" basis. As Pat mentioned earlier, my free time is non-existant at least until mid-May (getting re-married May 1), but I'm eager to meet, unite and build a DC chapter. Solidarity and determination, my brothers and sisters! Also, send your pubkey. Little things mean alot. Paul Ferguson | Uncle Sam wants to read Network Integration Consultant | your e-mail... Centreville, Virginia USA | Just say "NO" to the Clipper fergp@sytex.com | Chip... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Wed, 21 Apr 93 09:43:51 PDT To: cypherpunks@toad.com Subject: DC Cypherpunks Message-ID: MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- On Wed, 21 Apr 93 09:15:25 EST, Pat Farrell writes - PF> Craig, there is no problem having a meeting, you just have to have PF> more sense than the kids who think Pentagon City Mall is public PF> space. A small meeting can be in my house, or at Maggie's bar over PF> beer and pizza. You've got my vote for beer and pizza. ;-) Pat, let's plan accordingly. I'd like to be there for the first meeting, so I'll give you a call and we can discuss this at length. In the meantime, I'm keeping a list and building a kering of interested parties. Cheers. -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK9VurZRLcZSdHMBNAQG6GQP/aWlhwgaBwLU2QFUsjdoauIuPYrVRiu5f 87z4s8YhRj/dNX/alIO6LTGIT0Q4V5UW7w9gu2EChok618KJly3zgqg1slDBhg0x F6ZIJjbdiPmkeNGjlswfm/x/yGF2NWLu+F2YsMfbXEjnmdOaZaooiOQFA1tiMN2x AysEJYTBnJs= =q/Pf -----END PGP SIGNATURE----- Paul Ferguson | Uncle Sam wants to read Network Integration Consultant | your e-mail... Centreville, Virginia USA | Just say "NO" to the Clipper fergp@sytex.com | Chip... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: szabo@techbook.com (Nick Szabo) Date: Wed, 21 Apr 93 12:32:20 PDT To: cypherpunks@toad.com Subject: Intergraph employee claims trademark violation Message-ID: MIME-Version: 1.0 Content-Type: text/plain Forwarded from Libernet: Date: Tue, 20 Apr 93 10:30:47 PDT From: ald@clipper.clipper.ingr.com (Al Date) Subject: "Clipper Chip" --NOT! To: libernet@Dartmouth.EDU Clipper TM chip is a registered trademark of Intergraph Corp. The so-called Clipper chip which was recently mentioned here and in other media with respect to encryption is being used in violation of that trademark. The Intergraph Clipper chip is a Unix microprocessor, originally developed by Fairchild Semiconductors, and has no relationship to the encryption chip whatsoever. I mention this here with the hope that someone reading this will intercede before the group alt.privacy."clipper" is established. --Al Date From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Bob Stratton Date: Wed, 21 Apr 93 10:55:58 PDT To: cypherpunks@toad.com Subject: Re: DC Cypherpunks Message-ID: <9304211239.AA53513@horton.intercon.com> MIME-Version: 1.0 Content-Type: text/plain > Subject: DC Cypherpunks > From: fergp@sytex.com (Paul Ferguson) > Date: Wed, 21 Apr 93 12:16:22 EDT > > -----BEGIN PGP SIGNED MESSAGE----- > > On Wed, 21 Apr 93 09:15:25 EST, > Pat Farrell writes - > > PF> Craig, there is no problem having a meeting, you just have to have > PF> more sense than the kids who think Pentagon City Mall is public > PF> space. A small meeting can be in my house, or at Maggie's bar over > PF> beer and pizza. > > You've got my vote for beer and pizza. ;-) > > Pat, let's plan accordingly. I'd like to be there for the first > meeting, so I'll give you a call and we can discuss this at length. In > the meantime, I'm keeping a list and building a kering of > interested parties. Hear, hear. I think I can also swing permission to have it at my office in Herndon, if having a T1 to the Net is at all helpful. I'll ask, if anyone's interested. --Strat, whose company actually took a position on the Clipper chip! (It's the right one, BTW) Help stop the wiretap chip! (a.k.a "Clipper") RIPEM and PGP keys available on request. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peb@PROCASE.COM Date: Wed, 21 Apr 93 13:09:45 PDT To: cypherpunks@toad.com Subject: Free Speech Message-ID: <9304211949.AA03767@banff> MIME-Version: 1.0 Content-Type: text/plain What do people think about crypto being considered Free Speech? This might be the most powerful angle. Freedom of expression would be a great way to protest a ban on hard crypto; detecting the use of crypto on the Internet would be like Prodigy monitoring all news groups for non-family (and non-Prodigy) material. Not only that, but if the proported crypto material wasn't actually crypto but random bits, then no laws would be broken. The next step for the tyrant in this arms race is to send messages that merely appear to contain crypto illegal. By analogy, the FCC can fine people for joking about the metal detector and xray equipment security check points. I don't know if this is a law, but the FCC could enforce its fine by not allowing you to fly again on a commercial airline. (Monopolies, they work just great. ;^) A further step in this scenario is for the pro-free-speech people to start using various data compression techniques--a proliferation of non-standards for various reasons (well, C++ compression could be specialized--no dictionary need be sent if the reciever knows it is C++; same for English used on particular news groups, poetry, etc.). This would cause massive false positives of packets that appear to be encrypted. Obviously, fairly enforcing a law against such usage would be impossible. I can see two outcomes at this stage: (1) the laws are eliminated, or (2) they are enforced only selectively. Considering the way things usually work, (2) seems more likely, however the fact that the merger of phones and computers is already happening (e.g., Sun ss10 with ISDN has a complete phone answering system written by Jeff Peck at Sun), the volume of resistance can easily be *large* and *convenient*. Few protests are convenient; with this, people don't even have to leave work! (The downside is, however, that it would be difficult to get media attention for doing it...TV camera pointed at the workstation, OK, I'm pressing the Send button now. Hah! Take that!) If the powers-that-be then come up with a law that crypto is illegal only if used for illegal activity, I wouldn't complain so much. Changing your name is legal as long as you don't commit fraud, so there are tolerable examples of this type of law now. Paul E. Baclace peb@procase.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Wed, 21 Apr 93 13:53:57 PDT To: Cypherpunks@toad.com Subject: Crypto Activism and Respectability Message-ID: <9304212053.AA23743@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Crypto Activism and Respectability, or, Should We Become "Suits"? Several Cyperpunks, er, "Privacy Advocates," have called for the name "Cypherpunks" to be changed to something more serious, more respectable, less likely to scare the horses. Something like "Cryptography Privacy" or "Cryptologic Research Association." Some even want a parallel to the NRA, such as the "National Cryptography Association." Further, there have been comments that referring to "crypto anarchy," as I've been doing for several years (my "Crypto Anarchist Manifesto" was first distributed in 1988) is, to put it bluntly, "not helpful to the cause." Talk of libertarian ideas, "If crypto is outlawed, only outlaws will have crypto," and other such "crypto radicalism" is seen as unrespectable, as counterproductive. We're not speaking the language of the "suits," it's said. Middle America will be turned off by the hippie radicals in t-shirts, leather jackets, sandals, and beards. (Some readers of this list have volunteered that they'd make better spokespersons for the Cause because they are clean-shaven, they look like good corporate citizens, and they know how to make the right soothing noises to interviewers. I say, "Great! We need more publicity." Just don't tell the rest of us California types, where sandals, beards, and jeans remain common, that we need to "go corporate." Picture a "smiley" here, if that's your style.) I want to respond by making several comments: * Radicals like ourselves have always been under pressure to conform to societal norms, whether to dress in the "gray flannel suit" in the 1950s or to eschew long hair and beads in the 60s. * Guess what? The message is almost more important than the messenger. People have a pretty clear idea of what people are saying, despite their appearance. And, frankly, my guess is that even most of Middle America will feel somewhat more comfortable listening to a John Gilmore, for example, than a Bill Gates-type nerd clone. People know honesty and sincerity when they see it, and they know lawyers when they see them. It's been 25 years since the hippie heyday, and most Americans have adjusted to varying outward appearances. (Actually, they've internalized and accepted long hair and beards....shaved heads, nose piercings, and body adornments they probably haven't yet accepted. But most of the "crypto anarchist cypherpunks" are of the more conventional kind of "disreputable" appearance, so the point is moot.) * The more serious message of toning down our calls for complete and total access to whatever crypto tools we can get is potentially more divisive to this group. We don't all have the same politics...some of us are anarcho-capitalists, some are socialists (I hear), some are nonpolitical (as near as I can tell), some decline to state, and some may off in their own uncharted territory. But what we all seem to believe in common is that no government has the right to force us to make tape recordings of all of our conversations (to be placed in escrow, in case the government someday needs to listen to them!), to tap our phones, to insist we speak in government-approved non-coded language, and to use their "Wiretap Chips." I said "potentially" more divisive. In practice, nobody on this list is really disagreeing in a major way with our general goals of privacy and access to tools (to borrow the "Whole Earth" phrase). A few people disagreed with the way remailers, like our home-grown remailers and like Johan Helsingius' (he's also on this list, of course), were being handled. But that's the kind of debate we want. * To some, like David Sternlight, Dorothy Denning, and Andrew Molitor, these are radical, unreasonable, and subversive views. "Remember, children, the policeman is your *friend*." seems to sum up their view of crypto. It's hard to imagine just what we have to "be reasonable" about with such people. A basic ideological divide separates us. * I fully agree with many of you that the name "Cypherpunks" has some, shall we say, _unusual_ connotations. Some will assume we're skateboarding geeks, others will assume we're "crypto primitives" who pierce our bodies and spend all our time at raves. But the name has undeniable appeal to many, and certainly grabs a lot of attention. It seems improbable that some staid name like "Northern California Cryptography Hobbyists Association" would've gotten much attention, let alone a write-up in "Wired" (and upcoming pieces in "Whole Earth Review," "The Village Voice," etc.). (Perhaps you out there who first heard about us via an article in "Mondo 2000," or "Wired," or a reference someplace, like MindVox or sci.crypt, can tell us what grabbed your attention, what you liked and disliked about the name, etc. Just as feedback.) In any case, it's much too late to change the name now. Publicity of "Cypherpunks" has spread the name, lots of journalists are intrigued by it, and it basically *does* capture the spirit of our group. After all, for basic civil liberties and cyberspace issues, the ACLU, CPSR, and EFF already exist and do a fair job at presenting lawyer-like faces to the press. And for conventional "phreaking," the group "2600" is having their own meetings. We don't have to be the group with the subdued and staid image. And note tha the "Hackers Conference" has not changed _their_ name, either, despite the negative publicity given the name. (A meta-rule: There is no such thing as negative publicity. All they have to do is spell your name right. Ironically, in a recent "MacWorld" column, Steven Levy misspelled our name as "Cipherpunks." He got it right in his "Wired" piece, though.) * As for respectablity, is our goal to be "co-opted" into the Establishment? (Geez. these words I'm writing could've been written in 1968!) Is it to be a respectable voice for moderation and the gentle process of negotiating? I think not. (Note that the Wiretap Chip was *not* presented for discussion and for industry comment. Neither the Bush nor Clinton camps presented this for public debate--unless you consider Dorothy Denning's comments to be the "trial balloon" I suggested it was last fall in sci.crypt...Denning has made the curious claim that she knew "nothing" of the Clipper plan until the night before it was publicly announced. This plan is a fait accompli, production of the chips is underway, and AT&T has already announced their Clipper-tapped phone. The best we can do is undermine the proposal, deploy strong crypto as widely as possible before it's outlawed completely (Clipper will fail if strong crypto alternatives are available...what do you think Big Brother plans to do about this?), and continue to make as much noise as we can about the evils of invading privacy in this way. I see little indication that reasonable negotiation is being invited.) * There are already several groups, as I've mentioned, made up of lawyers and "respectable spokesmen" like Mitch Kapor and Mike Godwin (wherever he is now). In a sense, Cypherpunks fill an important ecological niche by being the outrageous side, the radical side...perhaps a bit like the role the Black Panthers, Yippies, and Weather Underground played a generation ago. (By the way, "The Crypto Underground" was one of my favorite name proposals....aren't you glad now we settled on Jude Milhon's "Cypherpunks" suggestion?) * Cypherpunks write code, as Eric put it. They write code, they build remailers, they test systems to see how they break, they share their findings, they ignore restrictions on crypto, they look at the consequences of strong crypto, and they write articles like this. * Now I'm all for respectability in certain ways, ways that come naturally to each of us. When I talk to journalists, I speak in complete sentences, I explain things in the most straightforward way possible, etc. I don't roll in on my skateboard and say "Dewd! Yo bro, let's skank this Clipper shit!" But I don't plan to shave off my beard, cut my hair, start wearing suits, or be "moderate and reasonable" in my arguments. Nor do I intend to water down my messages about digital money, anonymous systems, and crypto anarchy. "Let a thousand flowers bloom." --Mao (not one of my heroes) "Live dangerously." --Nietzsche (one of my heroes) -Tim May, Cypherpunk -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, smashing of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. Waco Massacre + Big Brother Wiretap Chip = A Nazi Regime From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uni@acs.bu.edu (Shaen Bernhardt) Date: Wed, 21 Apr 93 11:37:47 PDT To: sytex.com!fergp@netcom.com Subject: Re: Meets 'n Greets Message-ID: <9304211837.AA240185@acs.bu.edu> MIME-Version: 1.0 Content-Type: text/plain de_armor_file: infile = AppDisk:fm ?, outfile = AppDisk:fm ?.$00, curline = 0 ERROR: Badly formed ASCII armor checksum, line 28. Error: Transport armor stripping failed for file AppDisk:fm ? Please resend From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Wed, 21 Apr 93 14:47:02 PDT To: Cypherpunks@toad.com Subject: Crypto Activism and Respectability Message-ID: <9304212146.AA01218@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Crypto Activism and Respectability, or, Should We Become "Suits"? Several Cyperpunks, er, "Privacy Advocates," have called for the name "Cypherpunks" to be changed to something more serious, more respectable, less likely to scare the horses. Something like "Cryptography Privacy" or "Cryptologic Research Association." Some even want a parallel to the NRA, such as the "National Cryptography Association." Further, there have been comments that referring to "crypto anarchy," as I've been doing for several years (my "Crypto Anarchist Manifesto" was first distributed in 1988) is, to put it bluntly, "not helpful to the cause." Talk of libertarian ideas, "If crypto is outlawed, only outlaws will have crypto," and other such "crypto radicalism" is seen as unrespectable, as counterproductive. We're not speaking the language of the "suits," it's said. Middle America will be turned off by the hippie radicals in t-shirts, leather jackets, sandals, and beards. (Some readers of this list have volunteered that they'd make better spokespersons for the Cause because they are clean-shaven, they look like good corporate citizens, and they know how to make the right soothing noises to interviewers. I say, "Great! We need more publicity." Just don't tell the rest of us California types, where sandals, beards, and jeans remain common, that we need to "go corporate." Picture a "smiley" here, if that's your style.) I want to respond by making several comments: * Radicals like ourselves have always been under pressure to conform to societal norms, whether to dress in the "gray flannel suit" in the 1950s or to eschew long hair and beads in the 60s. * Guess what? The message is almost more important than the messenger. People have a pretty clear idea of what people are saying, despite their appearance. And, frankly, my guess is that even most of Middle America will feel somewhat more comfortable listening to a John Gilmore, for example, than a Bill Gates-type nerd clone. People know honesty and sincerity when they see it, and they know lawyers when they see them. It's been 25 years since the hippie heyday, and most Americans have adjusted to varying outward appearances. (Actually, they've internalized and accepted long hair and beards....shaved heads, nose piercings, and body adornments they probably haven't yet accepted. But most of the "crypto anarchist cypherpunks" are of the more conventional kind of "disreputable" appearance, so the point is moot.) * The more serious message of toning down our calls for complete and total access to whatever crypto tools we can get is potentially more divisive to this group. We don't all have the same politics...some of us are anarcho-capitalists, some are socialists (I hear), some are nonpolitical (as near as I can tell), some decline to state, and some may off in their own uncharted territory. But what we all seem to believe in common is that no government has the right to force us to make tape recordings of all of our conversations (to be placed in escrow, in case the government someday needs to listen to them!), to tap our phones, to insist we speak in government-approved non-coded language, and to use their "Wiretap Chips." I said "potentially" more divisive. In practice, nobody on this list is really disagreeing in a major way with our general goals of privacy and access to tools (to borrow the "Whole Earth" phrase). A few people disagreed with the way remailers, like our home-grown remailers and like Johan Helsingius' (he's also on this list, of course), were being handled. But that's the kind of debate we want. * To some, like David Sternlight, Dorothy Denning, and Andrew Molitor, these are radical, unreasonable, and subversive views. "Remember, children, the policeman is your *friend*." seems to sum up their view of crypto. It's hard to imagine just what we have to "be reasonable" about with such people. A basic ideological divide separates us. * I fully agree with many of you that the name "Cypherpunks" has some, shall we say, _unusual_ connotations. Some will assume we're skateboarding geeks, others will assume we're "crypto primitives" who pierce our bodies and spend all our time at raves. But the name has undeniable appeal to many, and certainly grabs a lot of attention. It seems improbable that some staid name like "Northern California Cryptography Hobbyists Association" would've gotten much attention, let alone a write-up in "Wired" (and upcoming pieces in "Whole Earth Review," "The Village Voice," etc.). (Perhaps you out there who first heard about us via an article in "Mondo," or "Wired," or a reference someplace, like MindVox or sci.crypt, can tell us what grabbed your attention, what you liked and disliked about the name, etc. Just as feedback.) In any case, it's much too late to change the name now. Publicity of "Cypherpunks" has spread the name, lots of journalists are intrigued by it, and it basically *does* capture the spirit of our group. After all, for basic civil liberties and cyberspace issues, the ACLU, CPSR, and EFF already exist and do a fair job at presenting lawyer-like faces to the press. And for conventional "phreaking," the group "2600" is having their own meetings. We don't have to be the group with the subdued and staid image. And note tha the "Hackers Conference" has not changed _their_ name, either, despite the negative publicity given the name. (A meta-rule: There is no such thing as negative publicity. All they have to do is spell your name right. Ironically, in a recent "MacWorld" column, Steven Levy misspelled our name as "Cipherpunks." He got it right in his "Wired" piece, though.) * As for respectablity, is our goal to be "co-opted" into the Establishment? (Geez. these words I'm writing could've been written in 1968!) Is it to be a respectable voice for moderation and the gentle process of negotiating? I think not. (Note that the Wiretap Chip was *not* presented for discussion and for industry comment. Neither the Bush nor Clinton camps presented this for public debate--unless you consider Dorothy Denning's comments to be the "trial balloon" I suggested it was last fall in sci.crypt...Denning has made the curious claim that she knew "nothing" of the Clipper plan until the night before it was publicly announced. This plan is a fait accompli, production of the chips is underway, and AT&T has already announced their Clipper-tapped phone. The best we can do is undermine the proposal, deploy strong crypto as widely as possible before it's outlawed completely (Clipper will fail if strong crypto alternatives are available...what do you think Big Brother plans to do about this?), and continue to make as much noise as we can about the evils of invading privacy in this way. I see little indication that reasonable negotiation is being invited.) * There are already several groups, as I've mentioned, made up of lawyers and "respectable spokesmen" like Mitch Kapor and Mike Godwin (wherever he is now). In a sense, Cypherpunks fill an important ecological niche by being the outrageous side, the radical side...perhaps a bit like the role the Black Panthers, Yippies, and Weather Underground played a generation ago. (By the way, "The Crypto Underground" was one of my favorite name proposals....aren't you glad now we settled on Jude Milhon's "Cypherpunks" suggestion?) * Cypherpunks write code, as Eric put it. They write code, they build remailers, they test systems to see how they break, they share their findings, they ignore restrictions on crypto, they look at the consequences of strong crypto, and they write articles like this. * Now I'm all for respectability in certain ways, ways that come naturally to each of us. When I talk to journalists, I speak in complete sentences, I explain things in the most straightforward way possible, etc. I don't roll in on my skateboard and say "Dewd! Yo bro, let's skank this Clipper shit!" But I don't plan to shave off my beard, cut my hair, start wearing suits, or be "moderate and reasonable" in my arguments. Nor do I intend to water down my messages about digital money, anonymous systems, and crypto anarchy. "Let a thousand flowers bloom." --Mao (not one of my heroes) "Live dangerously." --Nietzsche (one of my heroes) -Tim May, Cypherpunk -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, smashing of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. Waco Massacre + Big Brother Wiretap Chip = A Nazi Regime From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stanton McCandlish Date: Wed, 21 Apr 93 13:51:24 PDT To: cypherpunks@toad.com Subject: FAQ: PGP where? Message-ID: <9304212051.AA14092@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain For those with modems but not full Internet access, you can obtain PGP2.2 from the BBS listed in the .sib below. Full access first call. I stock the DOS, Mac, and Unix versions, the source code/utils package (in .ZIP format), and the DOS menu/shell program. Look in the LOGIN and NON- IBM file areas. All are direct from wel established FTP sites (garbo, oak, etc.), NOT from uploads or from other BBSs. Clean as whistle! If you wish anonymity, you can get the DOS ver, source and shell from the LOGIN file area, if you login as GUEST password GUEST. Don't futz about though, the GUEST acct. is quite time-restricted. Best bet is login normally. If you never plan to call again, just enter x and 0000 for all the question- naire fields, and leave a "delete me" omment to sysop, if you would. -- Testes saxi solidi! ********************** Podex opacus gravedinosus est! Stanton McCandlish, SysOp: Noise in the Void Data Center BBS IndraNet: 369:1/1 FidoNet: 1:301/2 Internet: anton@hydra.unm.edu Snail: 8020 Central SE #405, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: morrison@tantalus.scl.ameslab.gov (Andrew Morrison) Date: Wed, 21 Apr 93 12:55:29 PDT To: cypherpunks@toad.com Subject: Cancellation Message-ID: <9304211951.AA19740@tantalus.scl.ameslab.gov> MIME-Version: 1.0 Content-Type: text/plain Please remove me from the list. I have limited access to my e-mail, and can't keep up. Thank you, Andrew Morrison From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ah@uknet.ac.uk Date: Wed, 21 Apr 93 07:07:09 PDT To: cypherpunks@toad.com Subject: No Subject Message-ID: <9304211406.AA10509@toad.com> MIME-Version: 1.0 Content-Type: text/plain To: cypherpunks@toad.com Subject: Re: The Family Key Newsgroups: ml.cypherpunks In-Reply-To: <199304211229.AA28337@sun.Panix.Com> Organization: Dunathad Cc: In article <199304211229Y.AA28337@sun.Panix.Com> wrote: >I think the largest weakness in the whole Clipper scheme, and >I am not sure If I am right about this is,.... >... >Thus, the NSA will be able to maintain an active traffic pattern >analysis of ALL communications sent via the Clipper chiped devices. > >I think in many ways that traffic watching can and does often reveal >more information about someone than at time listening in to what >is actually being said. > I can't help feeling that they'll be looking for a little more, an edge; not enough that their promises to the executive are broken, but enough to get an edge if they need to decrypt without the key. No offense against the NSA of course, but that's how I'd expect the British to work "in the National Interest". Rgds Alan --- Alan Hunter Johnson Hunter Ltd Isle of Islay, Scotland A.Hunter@dunaad.co.uk fax: +44-496-2336 voice: +44-496-2286 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Danny.Swerdloff@f246.n107.z1.ieee.org (Danny Swerdloff) Date: Wed, 21 Apr 93 19:05:15 PDT To: Cypherpunks@toad.com Subject: John Draper Message-ID: <28187.2BD5FC66@nisc.ieee.org> MIME-Version: 1.0 Content-Type: text/plain Anyone know how I can contact John Draper ("Cap'n Crunch") Thanx... Danny -- =*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*= Danny Swerdloff - Internet: Danny.Swerdloff@f246.n107.z1.ieee.org From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Wed, 21 Apr 93 15:09:54 PDT To: cypherpunks@toad.com Subject: Crypto Activism and Respectability Message-ID: <9304212209.AA03876@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Crypto Activism and Respectability, or, Should We Become "Suits"? Several Cyperpunks, er, "Privacy Advocates," have called for the name "Cypherpunks" to be changed to something more serious, more respectable, less likely to scare the horses. Something like "Cryptography Privacy" or "Cryptologic Research Association." Some even want a parallel to the NRA, such as the "National Cryptography Association." Further, there have been comments that referring to "crypto anarchy," as I've been doing for several years (my "Crypto Anarchist Manifesto" was first distributed in 1988) is, to put it bluntly, "not helpful to the cause." Talk of libertarian ideas, "If crypto is outlawed, only outlaws will have crypto," and other such "crypto radicalism" is seen as unrespectable, as counterproductive. We're not speaking the language of the "suits," it's said. Middle America will be turned off by the hippie radicals in t-shirts, leather jackets, sandals, and beards. (Some readers of this list have volunteered that they'd make better spokespersons for the Cause because they are clean-shaven, they look like good corporate citizens, and they know how to make the right soothing noises to interviewers. I say, "Great! We need more publicity." Just don't tell the rest of us California types, where sandals, beards, and jeans remain common, that we need to "go corporate." Picture a "smiley" here, if that's your style.) I want to respond by making several comments: * Radicals like ourselves have always been under pressure to conform to societal norms, whether to dress in the "gray flannel suit" in the 1950s or to eschew long hair and beads in the 60s. * Guess what? The message is almost more important than the messenger. People have a pretty clear idea of what people are saying, despite their appearance. And, frankly, my guess is that even most of Middle America will feel somewhat more comfortable listening to a John Gilmore, for example, than a Bill Gates-type nerd clone. People know honesty and sincerity when they see it, and they know lawyers when they see them. It's been 25 years since the hippie heyday, and most Americans have adjusted to varying outward appearances. (Actually, they've internalized and accepted long hair and beards....shaved heads, nose piercings, and body adornments they probably haven't yet accepted. But most of the "crypto anarchist cypherpunks" are of the more conventional kind of "disreputable" appearance, so the point is moot.) * The more serious message of toning down our calls for complete and total access to whatever crypto tools we can get is potentially more divisive to this group. We don't all have the same politics...some of us are anarcho-capitalists, some are socialists (I hear), some are nonpolitical (as near as I can tell), some decline to state, and some may off in their own uncharted territory. But what we all seem to believe in common is that no government has the right to force us to make tape recordings of all of our conversations (to be placed in escrow, in case the government someday needs to listen to them!), to tap our phones, to insist we speak in government-approved non-coded language, and to use their "Wiretap Chips." I said "potentially" more divisive. In practice, nobody on this list is really disagreeing in a major way with our general goals of privacy and access to tools (to borrow the "Whole Earth" phrase). A few people disagreed with the way remailers, like our home-grown remailers and like Johan Helsingius' (he's also on this list, of course), were being handled. But that's the kind of debate we want. * To some, like David Sternlight, Dorothy Denning, and Andrew Molitor, these are radical, unreasonable, and subversive views. "Remember, children, the policeman is your *friend*." seems to sum up their view of crypto. It's hard to imagine just what we have to "be reasonable" about with such people. A basic ideological divide separates us. * I fully agree with many of you that the name "Cypherpunks" has some, shall we say, _unusual_ connotations. Some will assume we're skateboarding geeks, others will assume we're "crypto primitives" who pierce our bodies and spend all our time at raves. But the name has undeniable appeal to many, and certainly grabs a lot of attention. It seems improbable that some staid name like "Northern California Cryptography Hobbyists Association" would've gotten much attention, let alone a write-up in "Wired" (and upcoming pieces in "Whole Earth Review," "The Village Voice," etc.). (Perhaps you out there who first heard about us via an article in "Mondo," or "Wired," or a reference someplace, like MindVox or sci.crypt, can tell us what grabbed your attention, what you liked and disliked about the name, etc. Just as feedback.) In any case, it's much too late to change the name now. Publicity of "Cypherpunks" has spread the name, lots of journalists are intrigued by it, and it basically *does* capture the spirit of our group. After all, for basic civil liberties and cyberspace issues, the ACLU, CPSR, and EFF already exist and do a fair job at presenting lawyer-like faces to the press. And for conventional "phreaking," the group "2600" is having their own meetings. We don't have to be the group with the subdued and staid image. And note tha the "Hackers Conference" has not changed _their_ name, either, despite the negative publicity given the name. (A meta-rule: There is no such thing as negative publicity. All they have to do is spell your name right. Ironically, in a recent "MacWorld" column, Steven Levy misspelled our name as "Cipherpunks." He got it right in his "Wired" piece, though.) * As for respectablity, is our goal to be "co-opted" into the Establishment? (Geez. these words I'm writing could've been written in 1968!) Is it to be a respectable voice for moderation and the gentle process of negotiating? I think not. (Note that the Wiretap Chip was *not* presented for discussion and for industry comment. Neither the Bush nor Clinton camps presented this for public debate--unless you consider Dorothy Denning's comments to be the "trial balloon" I suggested it was last fall in sci.crypt...Denning has made the curious claim that she knew "nothing" of the Clipper plan until the night before it was publicly announced. This plan is a fait accompli, production of the chips is underway, and AT&T has already announced their Clipper-tapped phone. The best we can do is undermine the proposal, deploy strong crypto as widely as possible before it's outlawed completely (Clipper will fail if strong crypto alternatives are available...what do you think Big Brother plans to do about this?), and continue to make as much noise as we can about the evils of invading privacy in this way. I see little indication that reasonable negotiation is being invited.) * There are already several groups, as I've mentioned, made up of lawyers and "respectable spokesmen" like Mitch Kapor and Mike Godwin (wherever he is now). In a sense, Cypherpunks fill an important ecological niche by being the outrageous side, the radical side...perhaps a bit like the role the Black Panthers, Yippies, and Weather Underground played a generation ago. (By the way, "The Crypto Underground" was one of my favorite name proposals....aren't you glad now we settled on Jude Milhon's "Cypherpunks" suggestion?) * Cypherpunks write code, as Eric put it. They write code, they build remailers, they test systems to see how they break, they share their findings, they ignore restrictions on crypto, they look at the consequences of strong crypto, and they write articles like this. * Now I'm all for respectability in certain ways, ways that come naturally to each of us. When I talk to journalists, I speak in complete sentences, I explain things in the most straightforward way possible, etc. I don't roll in on my skateboard and say "Dewd! Yo bro, let's skank this Clipper shit!" But I don't plan to shave off my beard, cut my hair, start wearing suits, or be "moderate and reasonable" in my arguments. Nor do I intend to water down my messages about digital money, anonymous systems, and crypto anarchy. "Let a thousand flowers bloom." --Mao (not one of my heroes) "Live dangerously." --Nietzsche (one of my heroes) -Tim May, Cypherpunk -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, smashing of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. Waco Massacre + Big Brother Wiretap Chip = A Nazi Regime From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: The Phantom Date: Wed, 21 Apr 93 15:29:58 PDT To: cypherpunks@toad.com Subject: JOBS: Cypherpunks employing Cypherpunks Message-ID: MIME-Version: 1.0 Content-Type: text/plain Clipper: If anyone wants it, I can send you the text to the letter I just sent President Clinton and the local papers. I think it is a decent, fairly non-technical letter that might point out some of the parallels between this crypto chip and invasion of privacy to the common person. In my local area, I have now been responsible for 'educating' over 30 people to my interpretation of the meaning of this chip offering. I think it is important that the public knows a little about what is going on so that they can make a conscious decision about the usefulness of it. I don't however, wish to waste list bandwidth with the text of it, as I don't personally think it is a masterpeice. :) Cypherpunks employing Cypherpunks: On another note, I hate it when people use the list for purely personal reasons, but I really need a summer job / internship. If you own your own business [ :) ] or know of a _possible_ opening in a company you work for, please, please contact me and run it by me. I am an Electrical Engineering student at the University of Washington (I hold a 3.2 in my EE classes) and have very few qualms about relocating over the summer (it might even be nice if it were in the bay area, as then I could make it to a Cypherpunk meeting!) It'd be really nice to finally meet some of the people I've been talking to for all of these months. Any leads or ideas would be appreciated. Matt Thomlinson University of Washington, Seattle, Washington. Internet: phantom@u.washington.edu phone: (206) 528-5732 PGP 2.2 key available via email or finger phantom@hardy.u.washington.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mark@coombs.anu.edu.au (Mark) Date: Tue, 20 Apr 93 22:30:50 PDT To: cypherpunks@toad.com Subject: Just a thought... Message-ID: <9304210524.AA11273@coombs.anu.edu.au> MIME-Version: 1.0 Content-Type: text/plain Whilst being heavily opposed to the chip although less affected by it since I dont reside on US soil, one useful purpose of it would to exploit the functions of it to send your pre-encrypted data through it and have it come out the other end in the same form, thus using it's protocols of retransmission and error correction. Using the encryption part of it isnt worth considering due to the real lack of data integrity if (as?) the TLA's have backdoors. Basically mooch it's good points and ignore the bad points as your data wont be channeled to the phone in cleartext anyway. (This isnt an advocacy of the damn thing, just a note that it has SOME functionality for those that wont use the encryption functions). Mark mark@coombs.anu.edu.au From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peb@PROCASE.COM Date: Wed, 21 Apr 93 16:07:41 PDT To: habs@Panix.Com Subject: Re: The Family Key Message-ID: <9304212235.AA03841@banff> MIME-Version: 1.0 Content-Type: text/plain >From: Harry Shapiro >press release claims that the Clipper >chip doesn't provide anything more than what Law Enforcement already >has. That is not true. I was about to say this myself too, but Hellman already pointed it out. However, it is worth mentioning for emphasis. The Family key is known not only to the NSA, but to the FBI with their black box units. No special protection is given to this key and it allows the equivalent of Caller-ID *and* Callee-ID over all transmissions using Clipper regardless of how the calls are routed. This is *much* cheaper than speaker recognition used in roving wiretaps! Roving wire taps are given out sparingly, but it seems that Clipper would make the scanning of huge numbers of calls and saving traffic info the normal mode of operation. In my letter to Casa Blanca I mentioned that I noticed this deception in the NIST press release. Another feature of the F key is that it could be changed in new runs of chip making, but evidently, protecting F is not a great concern by NIST/FBI, et al. The 3, 34 bit pads, if/when the entire system is entirely compromised, could be changed--in fact they could do it regularly anyway--they can keep a list of Serial number to pad mappings. This would prevent the system from entirely being compromised by an outside [NSA] entity, so it is somewhat robust to that possibility. Paul E. Baclace peb@procase.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Robert Luscombe Date: Wed, 21 Apr 93 12:46:46 PDT To: Cypherpunks Subject: Re:PGP again. Message-ID: MIME-Version: 1.0 Content-Type: text/plain I apologize for this, but... If anyone sent me a response re:pgp help, i just lost my incoming mailbox before i read my mail. I did see a few responses listed in my new mail, but they were gone when i tried to read them. Sorry for the hassle, but could anyone who did send me something re-send it? I am not too happy about all my lost mail. --Robert Luscombe Internet: ral@telerama.pgh.pa.us Voice:412/488-0941 robert@well.sf.ca.us (Finger for PGP Pub Key) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Arthur Abraham Date: Wed, 21 Apr 93 16:09:53 PDT To: cypherpunks@toad.com Subject: The (very) next Saturday Meeting Message-ID: <199304212309.AA12908@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain I will be presenting a short talk entitled: Clipper (Nail* | *Ship): External Functionality based on the hardware specs of this topical device. p.s. I tried to get samples, but the price was $300,000 for 10,000 units, and I didn't think that many pe From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Arthur Abraham Date: Wed, 21 Apr 93 16:09:55 PDT To: cypherpunks@toad.com Subject: The (very) next Saturday Meeting Message-ID: <199304212309.AA12929@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain I will be presenting a short talk entitled: Clipper (Nail* | *Ship): External Functionality based on the hardware specs of this topical device. p.s. I tried to get samples, but the price was $300,000 for 10,000 units, From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stanton McCandlish Date: Wed, 21 Apr 93 15:31:36 PDT To: Extropians@gnu.ai.mit.edu Subject: Re: Crypto Activism and Respectability In-Reply-To: <9304212055.AA04324@churchy.gnu.ai.mit.edu> Message-ID: <9304212230.AA21644@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain RE: becoming suits. No. Cypherpunks is a unique group, don't cheapen it. Get the suits sympathetic to you (and among you) to do the suit thing. RE: change the name. Why? It is not as if cypherpunks is a cable network. It is a mailing list. Most people will never know it exists. If you send out missives for the masses, just sign them with you name, and don't put "cypherpunks" on it, if you fear it will be misinterpreted. I know how it feels. My BBS sounds like a hackers' den, but it is a clean, legal online library, and has not that much in common with the typical BBS. Sometimes I think of changing the name and then I think, "No, no Noise in the Void was the name, is the name, will be the name." If people want a Nat'l. Cryptography Assoc., let them go make one. Re: why I joined, and if it has anything to do with the name. I signed on the list, because I needed info on crypto, and sci.crypt is in- convenient (I hardly use UseNet anymore, it becomes more worthless by the second it seems.) However I did grin punkishly at the name. I like it. If the list had been Nat'l. Crypto. Assoc., I would likely have avoided it, simple because it sounds suit, and I have no patience with suits, and do not trust them. -- Testes saxi solidi! ********************** Podex opacus gravedinosus est! Stanton McCandlish, SysOp: Noise in the Void Data Center BBS IndraNet: 369:1/1 FidoNet: 1:301/2 Internet: anton@hydra.unm.edu Snail: 8020 Central SE #405, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Wed, 21 Apr 93 14:42:24 PDT To: cypherpunks@toad.com Subject: WIRED snippet Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Wed, 21 Apr 93 11:30:24 -0600, L. Detweiler LD> EFF is drawing fire on the proposal or EFF is drawing fire on LD> itself? I read this elsewhere, but I just can't remember where, off the top of my head. Anyway, here is a snippet from WIRED (Vol 1, Issue 2, May/June 1993, page 97) that also mentions it - 8<------- Cut Here ------------ HYPE LIST Current Position Months Position Last Month on List -------- ---------- ------- Cryptography 1 4 3 Wireless Everything 2 - 2 Wired 3 - 1 EFF Sells Out 4 - 1 Piercing 5 - 2 1. Cryptography Cryptography continues to rise in popularity as the solution for all digital ills. The use of the software encryption package Pretty Good Privacy (PGP) for e-mail is now tres hip among the network elites, and public keys are being traded like baseball cards. Of course, encryption is just a way to hide the same boring messages, but it does add that element of intrigue. Crypto-philes are a '90s version of the NRA gun nuts: paranoid of the government's attempts to legislate, and coonvinced that their guns (codes) are necessary for freedom. "If encryption is outlawed, only outlaws will have encryption," is already splattered around the Net. 2. Wireless Everything There seems to be an unwritten rule nowadays that every product announcement must trumpet the fact that the new gizmo is, even if only in some minor way, wireless. We now have wireless mice, keyboards, modems, printers, and networks. The once-esoteric deliberations concerninng radio bandwidth auctioning have become front page news in the Wall Street Journal. What's strange is that there is no corresponding consumer clamor for wireless products. In fact, wireless keyboards and printers have flopped every time thay have been introduced. But don't expect this to stop Buck Rogers-obsessed electronics companies anytime soon. 3. Wired The glut of recent media hype surrounding this new rag is proof the WIRED staff has read and understood its Marshall McLuhan. Through deliberate manipulation of broadcasters, spin-doctored press releases, and billboards everywhere, WIRED has achieved near total ubiquity, including spots on everything from Good Morning America to NPR. While the mainstream media looks on in disbelief, the reaction on the Net has been more divided. Some on alt.cyberpunk see it as the unholy offspring of M2 and the Economist, while others see it as a rehash of the Same Old Stuff, down to the obligatory article on virtual sex. Like VR, it's a viewpoint-dependent medium. 4. EFF Sells Out The Electronic Frontier Foundation's announcement of their reorganization and the closure of their Cambridge office was greeted with cries of betrayal and the ripping of membership cards. Many people on the Net saw the reorganization as a move by the EFF towards a more slick-corporate-Washington D.C.-Clinton-ass-kicking type of organization. The critics have grossly exaggerated the charges, but there is a kernel of truth to them: The EFF gets most of its financial support from large corporations such as AT&T and Apple, and John Perry Barlow has admitted that this has influenced the EFF's actions. (Heck, how many times hhave you seen John Sculley standing next to Clinton in the past four months?) But a well-endowed EFF is sure to be more effective than a politically correct one -- we just need to hope that what is best for Apple is also best for us. 5. Piercing Body piercing has been hyped for the last five years, but only recently has it really caught on in the computer community. Now it seems as though every programmer in San Jose has a pierced nipple and is eagerto tell you about it. As Jaron Lanier said, piercing is the only thing left that can still get a rise from a teenager's ex-hippy parent. Cyberpunk lit has always emphasized body malfunctions, from fake eyes to knives implanted under yourr finger nails, and piercing is a cheap and easy way to be like your heros -- and it;s oh so rebellious. I just hope that liposuction becomes the next big trend with this group. - Steve Steinberg 8<----- Cut Here --------- Cheers. Paul Ferguson | Uncle Sam wants to read Network Integration Consultant | your e-mail... Centreville, Virginia USA | Just say "NO" to the Clipper fergp@sytex.com | Chip... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Haywood J. Blowme" Date: Wed, 21 Apr 93 14:55:01 PDT To: cypherpunks@toad.com Subject: New Algorithm... Message-ID: <199304212154.AA15610@rac3.wam.umd.edu> MIME-Version: 1.0 Content-Type: text/plain As promised, I spoke today with the company mentioned in a Washington Times article about the Clipper chip announcement. The name of the company is Secure Communicatiions Technology (Information will be given at the end of this message on how to contact them). Basically they are disturbed about the announcement for many reasons that we are. More specifically however, Mr. Bryen of Secure Communications brought to light many points that might interest most of the readers. His belief is that AT&T was made known of the clipper well before the rest of the industry. This is for several reasons, several of which are: - A company of AT&T's size could never be able to make a decision to use the new chip on the SAME DAY it was announced. - Months ago they proposed using their own chip for AT&T's secure telephone devices. AT&T basically blew them off as being not interested at all. This stuck them as strange, until now... Also I spoke with Art Melnick, their cryptographer, he expressed several concerns over the new Clipper Chip: - The obvious backdoor will be able to let many people decrypt the code. - Once the key is released to authorities the security of the crypto system is lost forever. These keys can end up in the hands of any agency of the government. - The fact that the escrowed keys never change means that the algorithm is vulnerable over time to an attacker. - The classified algorithm may hide another backdoor. But he feels that it is probably to keep people from forging fake serial numbers, or changing the keys themselves. - Additionally he feels that the NSA has probably spent enough time and money in working on a way to keep this chip from being reversed engineered, that he feels that reverse engineering it will be very difficult to do. He feels that they have developed a suitable technique to protect the chip from this attack. Also he feels that the chip is hardware encoded with the algorithm and not microcoded onto the chip. Additonally I spoke with Mr. Melnick about their algorithm. He couldn't tell me much about their new agorithm because it hasn't been patented yet. However he told me a little: - The algorithm will be released for public review after patents have been granted for it. This is so the crypto community can see that it is secure. - The algorithm is called NEA for New Encryption Algorithm. The details were sketchy because now it is held as a trade secret until the patent was issued, but I was told that it will incorporate the following: - It will have fast encryption of data (Exact specs not given, but Mr. Melnick stated "Much faster than what an RS-232 can put out.") - It is a symmetric cipher, just like IDEA and DES. - It will use 64 bit data blocks for encryption (like DES and IDEA). - The key length was not given to me, but Mr. Melnick states that it is _adujustable_ and is "More than adequate for security." - The algorithm is written in C and Assembler in software form, and can be ported to many platforms (Unlike the the Clipper Chip which is hardware ONLY and cannot be made into software) This I consider a definite plus for the NEA for widespread use. - The algorithm will accomodate public key distribution techniques such as RSA or Diffie-Hellman. This will also be supported in the hardware chip. - Right now the projected cost of the NEA chip will be about 10 dollars for each!! (Clipper will run 25 each chip [that is if it is produced enough, which probably won't happen]). - They currently sell a program called C-COM that uses the algorithm and a special streaming protocol that does not divide the encrypted data into "blocks." This could prevent plaintext attacks if you know what the block header is. This program operates at all supported RS-232 speeds and uses the software implementation of the algorithm. - Most importantly: IT DOES NOT HAVE A BACKDOOR!! Right now the company is afraid that the new clipper chip will put them out of business. This is a very real possibility. So they really need help in stopping the clipper chip from becoming a standard. If you want to contact them, they can be reached at.. Secure Communications Technology 8700 Georgia Ave. Suite 302 Silver Spring, MD (301) 588-2200 I talked to Mr. Bryen who represents the company. He can answer any questions you have. ============================================================================= /// | psionic@wam.umd.edu | Fight the WIRETAP CHIP!! Ask me how! __ /// C= | -Craig H. Rowland- | \\\/// Amiga| PGP Key Available | "Those who would give up liberty for \/// 1200 | by request. | security deserve neither." ============================================================================= From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: derek@cs.wisc.edu (Derek Zahn) Date: Wed, 21 Apr 93 15:57:49 PDT To: cypherpunks@toad.com Subject: "Cypherpunks Write Code" Message-ID: <9304212257.AA15529@lynx.cs.wisc.edu> MIME-Version: 1.0 Content-Type: text/plain Hmm, I write code -- but so far no cyphercode. Since I'd like to be part of the cypherdelic revolution, what code needs writing? I agree that the PC/modem scrambled telephone is a good idea, but others are already bashing that out; there must be other neat projects that want doing. Any thoughts? derek psypherdelic psypherdewd (in training) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Wed, 21 Apr 93 19:58:00 PDT To: cypherpunks@toad.com (Good Guys) Subject: Re: The Family Key Message-ID: <9304220257.AA22606@servo> MIME-Version: 1.0 Content-Type: text/plain At 08:29 AM 4/21/93, Harry Shapiro wrote: >Thus, the NSA will be able to maintain an active traffic pattern >analysis of ALL communications sent via the Clipper chiped devices. > >I think in many ways that traffic watching can and does often reveal >more information about someone than at time listening in to what >is actually being said. I think this is an extremely important point. The US precedents regarding traffic analysis (e.g., telephone "pen registers") are very anti-privacy. I would not be at all surprised to see decisions saying that law enforcement could use the Chipper ID anyway they liked, without a warrant. Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Wed, 21 Apr 93 19:35:26 PDT To: cypherpunks@toad.com Subject: Wired `Cypherpunk' issues will be available at the meeting Message-ID: <9304220235.AA23434@toad.com> MIME-Version: 1.0 Content-Type: text/plain I got a box of magazines and will be selling them at the cover price ($5) at the meeting. It's the May/June issue. The cover features three masked cypherpunks behind a flag; the whole crew appears on page 54. People who aren't coming to the meeting can get copies at their local bookstore, or call George Clark at Wired at +1 415 904 0660. If you want to subscribe (6 issues/year, $20), you can call +1 800 SO WIRED or send a check to Wired, 544 2nd St, SF, CA 94107. John From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: baumbach@atmel.com (Peter Baumbach) Date: Wed, 21 Apr 93 17:00:53 PDT To: cypherpunks@toad.com Subject: The Wiretap Chip and the reaction so far Message-ID: <9304212342.AA00841@minnow.chp.atmel.com> MIME-Version: 1.0 Content-Type: text/plain I have been suprised at how wide the knowledge of the Wiretap Chip has spread. (and how quickly!) My mom even heard about it before I could tell her. Most of the people I've talked to don't like the idea of the gov't having the keys. These people came to this conlusion on their own. The sources of their information might be biasing their view. :-) I heard a commentary on National Public Radio that was against it! Keep up the fight. It's not a loosing battle. There is also a bright side to this battle. Look at all the free publicity that privacy has gotten. Our gov't has given ground in the early rounds of the negotiation by stating there is a right to encryption. They want to completely control that right to encryption, and this we will fight and win. -----tactic I recommend telling people about the freedom and privacy gained in other countries by their use of PGP. Tell them that the secret police can no longer spy on their citizens as effectively. privacy == freedom no privacy == tyranny Peter Baumbach baumbach@atmel.com Boycott the KGB chip Boycott the IRS chip From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pmetzger@lehman.com (Perry E. Metzger) Date: Wed, 21 Apr 93 16:43:45 PDT To: cypherpunks@toad.com Subject: Should we become "suits"? Message-ID: <9304212343.AA29698@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain No one said anything about becoming "suits", Tim. The problem is this: the name "Cypherpunks" makes us sound like people who break into computers for fun or other such stuff. I was on the phone with John Markoff of the New York Times a couple of days ago, and I was unhappy that no one had yet changed the name of the group because I frankly felt that I could not encourage him to subscribe -- the results would be unpredictable. I encouraged him to read more sci.crypt instead, which he has already been doing. I've been associated with radical political causes for a while. I've found that in general, the radicals are their own worst enemy. People are NOT happy about being lectured to by strange-acting people. Bill Winter of the Libertarian Party of New Hampshire was their chairman over the period in which the LPNH went from four members of the state party to actually becoming a force in New Hampshire politics. New Hampshire is the *only* LP outpost to make any significant electoral inroads, *anywhere*. He once told me this: you can get people to accept strange sounding ideas when promulgated by normal looking people. You can get them to accept normal-sounding ideas when promulgated by strange looking people. You can't get them to accept strange ideas when promulgated by strange people. No, I'm not saying you should wear a suit. I'm not saying John Gilmore should cut his hair and start wearing Armani. I'm just saying that our name is a stumbling block. Why shoot ourselves in the foot for something worthless? The simple change in our name from something confrontational that makes us sound like machine crackers to something that expresses what this group is about would make a radical positive change in our image. Now, what are the benefits of keeping the current name "cypherpunks"? Well, lets see Tim's list. >In a sense, Cypherpunks fill an important ecological niche by >being the outrageous side, the radical side...perhaps a bit like the role >the Black Panthers, Yippies, and Weather Underground played a generation >ago. None of whom accomplished any of their goals. You REALLY want to emulate them? I've been an occassional visitor to #9 Bleeker Street, where Dana Beal, last of the Yippies, holds court. He doesn't wash regularly, and he wonders occassionaly why no one takes his drug legalization crusade seriously. Hint: they are connected. We can't afford to lose this fight. This is a matter of life and death. Playing out fantasy games about being 1960s radicals is fine and well -- when you don't care about the outcome. We can't afford to lose, so we can't afford to emulate losing strategies. > And, frankly, my guess is that even most of Middle America will >feel somewhat more comfortable listening to a John Gilmore, for example, >than a Bill Gates-type nerd clone. People know honesty and sincerity when >they see it, and they know lawyers when they see them. It's been 25 years >since the hippie heyday, and most Americans have adjusted to varying >outward appearances. Well, I'm not proposing that John not be a spokesman -- most of our interaction with the media is happening electronically and not in person, and John is eloquent. But you are fooling yourself if you think people listen to Hippies over Suits. I'm speaking as a person who used to have long hair and worked exclusively in Tee-shirt and shorts. I feel more comfortable dressed that way -- but these days I wear a suit because thats what gets me paid. I'm also speaking as a person who's extensively looked at this question in connection with my activism in the Libertarian Party. The fact is this: over and over again, every scientific study thats been done (by lots of people), every anecdotal comparison I can make in things like why one LP candidate did well and another did poorly or why one local group soared while another failed, each one of them point to the same conclusion: that conclusion is, sadly, that you are completely wrong Tim, and that people judge by appearances, and that even the most down and out people in our society will take the word of a person who looks respectable over a person who doesn't. This includes hackers -- hackers will trust grungy looking people as soon as they have verified that they are fellow hackers, but watch what they do sometime when they drive by a hitchhiker as casually dressed as themselves. Take a sample of hackers, put them in a sociology lab, show them videotapes of people making statements who are dressed like hippies and dressed like bankers, and five will get you ten that they react just like the rest of the population. Influencing the public is not a guessing game any more -- its a science. People have done honest to god studies on this. I'll happily forward you references if you want. >We don't all have the same politics...some of us are >anarcho-capitalists, some are socialists (I hear), some are nonpolitical >(as near as I can tell), some decline to state, and some may off in their >own uncharted territory. But what we all seem to believe in common is that >no government has the right to force us to make tape recordings of all of >our conversations (to be placed in escrow, in case the government someday >needs to listen to them!), to tap our phones, to insist we speak in >government-approved non-coded language, and to use their "Wiretap Chips." Fine and dandy, but how does changing our name to "cryptoprivacy" harm any of this? >In any case, it's much too late to change the name now. No its not. Its perfectly easy. >And note tha the "Hackers Conference" has not changed _their_ name, >either, despite the negative publicity given the name. They aren't doing any lobbying. Their name doesn't matter. Their image makes no difference at all. Ours does. >As for respectablity, is our goal to be "co-opted" into the >Establishment? Tim, I'm an anarchist. Do you REALLY think I'm about to become co-opted by the establishment? Is it REALLY your belief that changing the name of the group to "cryptoprivacy" would turn me into a raving statist, foaming at the mouth about imposing regulatory control structures? >There are already several groups, as I've mentioned, made up of lawyers >and "respectable spokesmen" like Mitch Kapor and Mike Godwin (wherever he >is now). No one can log in to their groups -- we provide an essential service. I WANT the New York Times reporter reading this group, but I don't want him to think we are crackers or nuts. >But I don't plan to shave off my beard, cut my hair, start wearing suits, >or be "moderate and reasonable" in my arguments. Who asked you to? You aren't going on television, and moderating your ARGUMENTS is useless. I'm talking about appearances, nothing more. Our name is cheap and easy to change. It costs us little, and I'm not proposing we change anything else. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: TO1SITTLER@APSICC.APS.EDU Date: Wed, 21 Apr 93 19:49:43 PDT To: cypherpunks@toad.com Subject: Is this list still operational? Message-ID: <930421204720.302b@APSICC.APS.EDU> MIME-Version: 1.0 Content-Type: text/plain Ive been wondering if the list still exists. Ive seen very little traffic in the last few hours, and Im wondering if this mailing list is still around. Kragen From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Wed, 21 Apr 93 20:52:03 PDT To: extropians@gnu.ai.mit.edu Subject: Duplicate messages--Sorry! Message-ID: <9304220352.AA07384@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Multiple copies of my "Suits?" posting went out earlier today. I apologize profusely, as this was caused by my mailer software (and me), not by anything in the list software. Basically, my mailer program (Eudora, for the Mac) would choke part way through uploading a message...sometime numbers in the message, as in "Mondo xxxx" cause it to think data is about to be sent and it chokes. (Why it does it on some files and not others is a mystery to me. I'm investigating it further.) I fiddled with the files and tried again...I didn't think any of the files had actually gotten through until I sent a modified file through that just had "Mondo" instead of "Mondo xxxx" in it. (When the file transfer choked with an "SMTP Error," it left the file marked as unsent.) Anyway, very sorry! Deep apologies. -Tim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: zane@genesis.mcs.com (Sameer) Date: Thu, 22 Apr 93 14:55:15 PDT To: cypherpunks@toad.com Subject: PGPHELP: Digisigning that petition Message-ID: MIME-Version: 1.0 Content-Type: text/plain I was looking over PGP in order to figure out how digisigning a petition could work, and I couldn't figure out how to get PGP to do it properly. (It was frustrating, because I remembered doing it before.) What I *want* PGP to output is: -- Begin PGP Signed Message -- We hate the clipper -- End PGP Signed Message -- -- Begin PGP Sig --- dsfDSCSA43523csdcsad235s -- End PGP Sig --- In the same form as many post to this list. How about the format which makes a seperate file out of the PGP -sig, and STILL brackets the PGP signed message. (The PGP sig file would be in ascii armor following a message saying: "This is a PGP-sig cert." I *do* remember doing this before.. I can't figure out HOW I did it though.) -- | Sameer Parekh-zane@genesis.MCS.COM-PFA related mail to pfa@genesis.MCS.COM | | Apprentice Philosopher, Writer, Physicist, Healer, Programmer, Lover, more | | ----STOP THE WIRETAP CHIP/BIG BROTHER PROPOSAL!---MAIL ME FOR DETAILS! __/ | "Be God" - Me __ "Specialization is for Insects" - Robert A. Heinlein__/ \_____________/ \___________________________________________________/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Giuseppe Cimmino <0005533039@mcimail.com> Date: Wed, 21 Apr 93 16:25:05 PDT To: Craig Nottingham Subject: Re: Meets 'n Greets Message-ID: <42930421215924/0005533039ND1EM@mcimail.com> MIME-Version: 1.0 Content-Type: text/plain DC's 26oo meetings are held in the food court of a local mall. The location doesn't require scheduling, can be gotten to via Metro and while private property, usually doesn't run into problems with peaceful gathering. A National Park would solve (for the time being) the later problem (perhaps the park in front of the White House?). Any other DC folks interested? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Wed, 21 Apr 93 22:26:12 PDT To: cypherpunks@toad.com Subject: Re: Should we become "suits"? Message-ID: <9304220526.AA14476@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Perry Metzger has written a clear summary of his position, which differs from mine. I won't restate my points, as both our positions are clear. (As disputes go, it's quite minor...if a good enough alternative to the name "Cypherpunks" were to be invented, one that still captured our "no-compromises" position, I would certainly listen with interest. But if something ain't provably broke....) I will answer a couple of Perry's specific points: >The problem is this: the name "Cypherpunks" makes us sound like people >who break into computers for fun or other such stuff. I was on the >phone with John Markoff of the New York Times a couple of days ago, >and I was unhappy that no one had yet changed the name of the group >because I frankly felt that I could not encourage him to subscribe -- >the results would be unpredictable. I encouraged him to read more >sci.crypt instead, which he has already been doing. I talked to Markoff at the Hackers Conference in October...he is already aware of Cypherpunks. He placed a call to me last week, before the Clippershit hit the fan, but I was out. His message to me in e-mail was that he wanted to check up on what the Cypherpunks were doing....so clearly he knows all about it. As it turned out, he talked to others. I can only assume Eric Hughes, who talked to him on Friday, filled him in on Cypherpunks doings...though by Friday the focus had of course shifted dramatically. I think Perry is overly worried about the reaction to our name. Neither Markoff, nor Levy, nor Kelly, nor Dibbell, nor Mandl has seemed disturbed by the name. And like I said, the name is interesting and acts as a kind of "Schelling point" (a natural gathering place) for the subculture of crypto rebels and privacy advocates. >I've been associated with radical political causes for a while. I've >found that in general, the radicals are their own worst enemy. People >are NOT happy about being lectured to by strange-acting people. I can only hope Perry is not referring to *me*! Perry comments on my mention of radical groups in the 60s: >None of whom accomplished any of their goals. You REALLY want to >emulate them? I've been an occassional visitor to #9 Bleeker Street, >where Dana Beal, last of the Yippies, holds court. He doesn't wash >regularly, and he wonders occassionaly why no one takes his drug >legalization crusade seriously. Hint: they are connected. I wasn't holding them up as moral beacons, just noting that various "niches" exist, in kind of a good cop/bad cop sort of way. Journalists like some "color" and will seek out those who'll provide it. Readers, too, seek some excitement. The "Crypto Rebels" title of Steven Levy's piece bespeaks volumes. (Frankly, I really like the name "Crypto Rebels"...I should note that some of the names we debated last fall were of this flavor, including "Crypto Liberation Front," "The Crypto Underground," and "Crypto Radicals." Even a whimsical "Cryptoids." I guess it's clear that the West Coast camp is somewhat more radical than Perry might like.) >We can't afford to lose this fight. This is a matter of life and >death. Playing out fantasy games about being 1960s radicals is fine >and well -- when you don't care about the outcome. We can't afford to >lose, so we can't afford to emulate losing strategies. Well, I think referring to our activities as "playing out fantasy games" is somewhat intemperate and misleading. Sounds like rhetorical excess to me. And implying that I, or the others in our group, don't care about the outcome is also misleading and, I think, unfair. I won't list our achievements as a group or as individuals, but I'll remind Perry that I was the one who correctly picked up on Denning's tone in her Computer Security Conference paper and posted the original alert to sci.crypt, the "A Trial Balloon to Ban Encryption?" posting. Last time I counted, there were more than a thousand replies--some good, some crap, some repetitive--to this thread. In my opinion, this helped prepare the readers of sci.crypt, comp.org.eff, Cypherpunks, and Extropians in the current situation. I'm hoping you were merely carried away by the exuberance of your rhetoric and do not really believe these charges. >..... But you are fooling yourself if you >think people listen to Hippies over Suits. I didn't argue this. I was arguing that Gilmore, Hughes, and others, are perfectly acceptable messengers to the journalists I know. If "suits" are available and are as articulate, fine. I don't see any around here, though! Sidenote: I hold to one other fairly debatable view: I don't think reaching Middle America, Mom and Pop, our neighbors, the Silent Majority, etc., is really all that important. The battle, such as it is happening, is taking place amongst a fairly small elite. Others believe that Joe Average needs to be sold on the virtues of crypto and privacy. Maybe so, but that's not a battle I see Cypherpunks fighting and winning. If this is really your point, that the Crypto Rebels/Cypherpunks approach will not be convincing to the folks in Peoria, then I basically *agree* with you. To reach them, you'll need Madison Avenue ad campaigns, Perot-style populism, and legions of smooth talkers hitting the talk shows and airwaves. Not something Cypherpunks have any intentions of doing, so far as I've heard. As I said in my first message, perhaps a large lobbying group is needed. The NRA is a useful model, but recall how long it had to get rolling before the assault on the Second Amendment started in earnest. In this battle, there are few lobbying groups, few sources of NRA-style publicity and funding, and the government has *already* struck. Remember, this is not a proposal, it's a done deal...our only hope now is to demolish it with withering criticism, with sabotage of trust in it, and with the rapid deployment of strong crypto alternatives. (I don't want to belabor the parallels with the NRA, for various reasons. Suffice it to say that with gun-owners, Americans had long owned and used guns and the right was included as the Second Amendment. The NRA thus had a running head start and had lots of sources of funding. The crypto situation is much newer, much more abstract, and only has a tiny handful of active users. Ironically, most of them are balking at paying *anything* to RSA Data Security to use convincingly strong crypto, so I don't see many folks shelling out even $25 a year for a subscription to "American Cryptographer" or whatever. However, I wish anyone who forms such a group the best luck. I'll certainly support them.) Back to Perry's points: >The fact is this: over and over again, every scientific study thats >been done (by lots of people), every anecdotal comparison I can make >in things like why one LP candidate did well and another did poorly or >why one local group soared while another failed, each one of them >point to the same conclusion: that conclusion is, sadly, that you are >completely wrong Tim, and that people judge by appearances, and that >even the most down and out people in our society will take the word of >a person who looks respectable over a person who doesn't. Yes, you've made this point clear a couple of times. Speaking about the existing groups I mentioned, Perry writes: >No one can log in to their groups -- we provide an essential service. >I WANT the New York Times reporter reading this group, but I don't >want him to think we are crackers or nuts. Well, while the list is open to all subscribers, it has never been intended, so far as I know, as a *resource service* for reporters! Perhaps it *should* be, but that's a much different sort of list than we now have. (For the Extropians who are reading this, it would be like making the Extropians list a resource for those trying to learn about the basics of libertarianism or whatnot, rather than a list for those "already clued in.") Several reporters have, at times, subscribed to the list, for brief periods of time. They were mostly "lurkers." A couple of times I got e-mail, as I suspect others did, asking me to clarify some point or send more information. This I did whenever possible. And with an open list, nothing can be done to censor or stop postings that make us seem "crackers or nuts," to use Perry's terms. That's just the way it is. The list is for crypto rebels and people fed up with crypto laws and regulations, not as an educational arena for outsiders. And not for sanitized discussions. People on the list want to talk about digital money, data havens, anonymous mail services, ways to subvert governments, and so on. They don't want to just have some unified front that is palatable to reporters. (If I'm wrong in this judgement, I hope others will give their views as well.) Your ideas may make sense, Perry, for *some* group. EFF and CPSR operate roughly in this way, with a paid staff of "reasonable" lawyers and spokespersons (the newsgroups, like comp.org.eff.talk, are another thing altogether...as wild and crazy as our list can be). But Cypherpunks does not seem to fit the bill. We're an anarchy, with no formal rules, no formal political agenda, and just a bunch of spontaneously ordered crypto rebels. (Personally, I hope EFF takes a leading role in the fight. They have recently been sidetracked into stuff about ISDN and away from core issues like privacy in the electronic frontier. They have the resources, lawyers, speakers, etc.) As always, I appreciated Perry's comments. Some are reasonable, some I disagree with strongly. Two hundred other Cypherpunks will probably have their own views. Enough for now. -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, smashing of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. Waco Massacre + Big Brother Wiretap Chip = A Nazi Regime From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dstalder@gmuvax2.gmu.edu (Darren/Torin/Who ever...) Date: Wed, 21 Apr 93 21:23:00 PDT To: cypherpunks@toad.com (CypherPunks) Subject: family key Message-ID: <9304220255.AA23546@gmuvax2.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain Is it true that all LE agencies will have the family key to the wiretap chip? If not, can any LE angency obtain the family key with a search warrant/court order? I am putting the statements about traffic monitoring into my non-technical description of the problems with the wiretap chip proposal. Thanks, -- Defeat the Torin/Darren Stalder/Wolf __ Wiretap Chip Internet: dstalder@gmuvax2.gmu.edu \/ PGP2.x key available. Proposal! Bitnet: dstalder@gmuvax Finger me. Write me for Sprintnet: 1-703-845-1000 details. Snail: 10310 Main St., Suite 110/Fairfax, VA/22030/USA DISCLAIMER: A society where such disclaimers are needed is saddening. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Wed, 21 Apr 93 22:05:29 PDT To: cypherpunks@toad.com Subject: Problems Message-ID: MIME-Version: 1.0 Content-Type: text/plain I relaize that this is a bit off-topic, but I'm experiencing a problem that may be just a case of either user stupidity or Stacker. (Okay, hold the leers and jeers, my laptop has Stacker installed for a reason.) Trying to (-e) encrypt a textfile with someone's pubkey produces both "DOS general read errors" and "device not ready" errors. I suspect that PGP is using some direct BIOS calls for this, which bypass Stacker, however I haven't looked at the source code yet. (Silly me.) Every other function of PGP that I have utilized seems to work okay. After invoking PGP with the following parameters - PGP -e text.txt userid I get these errors. Also, after being bumped back out to the system prompt, any further requests to access the file system is greeted with the same errors. (Lucky me.) Anyway, after rebooting the system and fixing the file allocations errors (yes, usually two to three files created by PGP named filename.$01, filename.$02, etc. are classified by DOS as mis-allocated), everything is just peachy. Like I said before, all othere PGP functions (adding and validating keys, etc) work okay. I point the finger at Stacker, but I figured it might be worth my time to toss a message into the group for advice... Cheers. For what it's worth, I don't normally use Stacker for the same reasons that Steve Gibson forbids his employees to use any disk compression software -- the problems and possibilty for irreversible data loss greatly outweigh the silly need to compress. Paul Ferguson | Uncle Sam wants to read Network Integration Consultant | your e-mail... Centreville, Virginia USA | Just say "NO" to the Clipper fergp@sytex.com | Chip... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Wed, 21 Apr 93 23:14:12 PDT To: fergp@sytex.com (Paul Ferguson) Subject: Re: Problems In-Reply-To: Message-ID: <9304220606.AA27912@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain > I relaize that this is a bit off-topic, but I'm experiencing a problem > that may be just a case of either user stupidity or Stacker. (Okay, > hold the leers and jeers, my laptop has Stacker installed for a > reason.) I don't think this is off-topic. If it affects the way we use pgp, it is on topic. > Trying to (-e) encrypt a textfile with someone's pubkey produces both > "DOS general read errors" and "device not ready" errors. I suspect > that PGP is using some direct BIOS calls for this, which bypass > Stacker, however I haven't looked at the source code yet. (Silly me.) > Every other function of PGP that I have utilized seems to work okay. > After invoking PGP with the following parameters - I don't get an error when I do this, but when I do it from a batch file, I sometimes get a 0-length encrypted file. Seems related to your problem. > PGP -e text.txt userid Only I use pgp -we text.txt uid. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | | But, I was mistaken. |available| | +-----------------------------+---------+ | mdiehl@triton.unm.edu | "I'm just looking for the opportunity | | mike.diehl@fido.org | to be Politically Incorrect! | | (505) 299-2282 | | +-----------------------+---------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Thu, 22 Apr 93 00:48:28 PDT To: cypherpunks@toad.com Subject: Explanation of Clipper Chip Name Message-ID: <9304220748.AA00962@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain In the days before Xerox machines, one provided copies of correspondence to others by using sheets of carbon paper to make duplicates when typing. This is the origin of "cc" or "cc:" on memos and correspondence. Henceforth, "cc" refers to the automatic carbon copy provided by the "cc" chip, the Clipper Chip. BB (Big Brother) gets a CC of everything. (I know, it's a voice encryption standard, and it's voluntary, but a quick look at the "Capstone" chip reveals it's a complete crypto package, containing the DSS government signature standard, and lots of other stuff. The Wiretap Chip will be used for more than just voice, I'll be willing to bet.) -Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: George A. Gleason Date: Thu, 22 Apr 93 01:04:35 PDT To: szabo@techbook.com Subject: Re: Intergraph employee claims trademark violation Message-ID: <199304220802.AA20104@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Most interesting about Intergraph! Someone look into this one QUICK and if there are any attorneys reading this, could you help Intergraph go after whoever might be violating their trademark... in particular AT&T...? -gg From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Thu, 22 Apr 93 01:31:16 PDT To: Cypherpunks@toad.com Subject: A Volunteer in a Suit Has Appeared! Message-ID: <9304220831.AA26386@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain I am pleased to announce that the Search Committee has found an Executive Director for the newly renamed "Privacy Institute." He will serve as both manager and as external spokesman for the Institute. We searched for a respectable person, preferably middle-aged, who knew how to communicate with bureaucrats and was prepared to relocate to the Washington, D.C. area to act as our official lobbyist (the matter of his compensation will be dealt with in a later memo, one which also explains our dues structure. membership grades, and official bylaws). Our candidate is an active poster in sci.crypt, is well-known to the Net, and yet has strong connections with the Washington bureaucracy. We feel he will do much to project a more proper, even anal, image of our group. We hope his appointment as Executive Director, The Privacy Institute, will go a long way toward improving the image we developed during our first phase of existence when we were known by the c-word name. Our new Director intends to immediately correct many of the wrongs he sees. Without further ado, here is his name: David Sternlight I hope you'll all join me in welcoming Sternie, or Sterno, as his friends call him, to the Privacy Institute. -Tim May, Recording Secretary, The Privacy Institute ("Don't call us Cypherpunks!") (The preceeding spoof was brought to you as a public service.) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: George A. Gleason Date: Thu, 22 Apr 93 02:07:59 PDT To: yerazunis@aidev.enet.dec.com Subject: Re: Making Clippers More Secure Message-ID: <199304220907.AA26844@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain As for me, I still think software-based steganography is the answer. If you can't detect it, you can't prosecute. For instance, how many people do you think are fired from their jobs for LSD on their drug tests...? Far fewer than do LSD, according to people I know in Silicon Valley who say that certain mil subcontractors are infested with acid-taking Deadheads; because LSD dissapears from the bloodstream a couple of days after you take it. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dstalder@gmuvax2.gmu.edu (Darren/Torin/Who ever...) Date: Thu, 22 Apr 93 00:54:38 PDT To: ggoebel@sun1.ruf.uni-freiburg.de (Garrett Goebel) Subject: Non-Technical description of problems with wiretap chip Message-ID: <9304220755.AA00743@gmuvax2.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain The WIRE-TAP Proposal: Problems with it. The White House sent out a press release on Friday 16 April about a voice encryption chip called the Clipper chip. This has come to be known as the Wiretap chip since it allows any Law Enforcement agency to automatically decrypt any conversations made with it with a search warrant. The LE presents said search warrant to two different escrow agencies to obtain the keys (80 bits long) that automatically decrypts your conversation. The Electronic Frontier Foundation (EFF) and the Computer Professionals for Social Responsibility (CPSR) have both criticized the proposal. There was even a negative article already in Network World (19 Apr 93). The paragraphs that follow are facts and problems I have collected by listening to other discuss the Wiretap chip. Say you wanted to encrypt your talk with someone over a phone. Well, since you and the person you want to talk to both have the Wiretap (Clipper) chip in your phones, you can automatically encrypt your conversation. All fine and good encryption for the consumer. Now, what if you come under investigation by the local constabulary? The get a court order and ask the escrow agencies (non-law enforcement types) for your key. They already have the family key since that is the same in each chip. They now have your specific key. With these two keys, they can decrypt all conversations that you have. This includes conversations that are not legal to wiretap such as attorney-client, doctor-patient and so on. They also have that key for any all future sessions that you use that phone for. Start to see the problem? This part is all legal... Search warrants are even exceedingly easy to get at times. There have been reports of the FBI get groups of 50 signed and blank search warrants from the DoJ. Now, there are other problems. Would you give the IRS keys to your house and filing cabinet as long as they promised that they would only use it under proper authorization? The key length of 80 bits is still considered cryptographically weak. The cryptographic algorithm is also being kept classified. This is not the usual practice. In the cryptographic community, algorithms are public. This way people can be assured there aren't any back doors and that the algorithm can stand on its own strengths, not that of secrecy. It is clear from the description that the plan for key registration would be compromised if the algorithm was made public; anyone could make chips or software that implemented it, using their own keys. These keys, of course, would not be registered. It is not that difficult to reverse engineer a chip these days. It may also be true that the algorithm itself is too weak to be shown to the public. This was true of a digital cellular encryption standard (IS-54B). It is not available to the public and is incredibly weak. Finally, some of the implications behind this announcements are dire. The Wiretap chip could become the market or legislative standard. This could mean that other implementations of cryptographic voice transactions would be very difficult to obtain or would be illegal to obtain. Why would a criminal use the Wiretap chip when they knew it wouldn't encrypt their conversations against the LE agencies? They wouldn't, they would use other encryption technologies. Would this mean that using something other than the Wiretap chip is probable cause and puts you under suspicion? The way the encryption works also allows for ludicrously easy call-tracing. Each chip has a serial number that is transmitted with each message. That serial number is encrypted with the "Family" key. This key is the *same* for every chip. You gain that key and you can track when and for how long any person or groups of people calls *anyone* else. (Easy to do, since any LE agency can gain the 'family' key with a search warrant. It would leak easily into other hands.) One last fishy thing is that AT&T has already (on the same day) announced phones with this chip. This implies (means?) that AT&T has known about this chip for a while. They seem to be more concerned about getting a jump on the competition than producing a product that will actually give their users real security. 'Course, there is the question of collusion between the governement and industry. Only two companies will be allowed to manufacture the chip, VLSI and Mykotronix. Jeff Hendy, director of new product marketing for VLSI, says his company expects to make $50 million of the chip in the next 3 years. (This from the San Jose Mercury News.) Permission is granted to distribute this document to whomsoever you should desire. You may change it only if you send me the changes. Think Free, -- Defeat the Torin/Darren Stalder/Wolf __ Wiretap Chip Internet: dstalder@gmuvax2.gmu.edu \/ PGP2.x key available. Proposal! Bitnet: dstalder@gmuvax Finger me. Write me for Sprintnet: details. Snail: 10310 Main St., Suite 110/Fairfax, VA/22030/USA DISCLAIMER: A society where such disclaimers are needed is saddening. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: grady@netcom.com (1016/2EF221) Date: Thu, 22 Apr 93 07:21:37 PDT To: cypherpunks@toad.com Subject: name change? Message-ID: <9304221421.AA10279@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain I vote we change our name to the "CryptOrchids." Many people like flowers and lots of people don't care for dangling gobbets of flesh. ObCrypt: Leonard Rosenthal of Aladdin Systems, Inc. confirms that the previously strong DES family encryption option has been replaced in Stuffit 3.0 with a system that has been 'approved' for export. However, Leonard asks me not to call it a 'weak XOR' system because he says no one has broken it yet. ObCrypt Prime: I am testing the IDEA block cipher implementations and needs some golden test vectors. I've looked through the postscript IDEA chapter but the single example gives me zero degrees of freedom. I'll contact the inventor if necessary but since we are paying him money for use of his invention, I'd like to offload this from him. Anybody got vectors? (No disease vectors, please). From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 22 Apr 93 07:36:31 PDT To: cypherpunks@toad.com Subject: ADMIN: delayed mail yesterday Message-ID: <9304221433.AA19686@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Some of you may have worried that the list was down to due government interference yesterday. The truth is much more prosaic. toad.com, where the mailing list resides, is on the commercial side of the Appropriate use barrier. In order to send to NSFNET hosts, all the traffic must pass through uunet. The default mail router that toad uses, relay2.uu.net, was munged for mail yesterday. All the queue has been flushed out at this point. Thanks to Hugh Daniel and John Gilmore for figuring this out. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 22 Apr 93 08:00:04 PDT To: mdiehl@triton.unm.edu Subject: Automation package. In-Reply-To: <9304172100.AA00859@triton.unm.edu> Message-ID: <9304221456.AA21041@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain I may have already answered your letter about telix scripts, etc., so pardon me if this is a duplicate. The pgp developers maintain a collection of utilities that integrate pgp into various other pieces of software. You should send your stuff to Phil Z. and he'll forward it to the right people. It may be added to the contrib directory of the next release. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 22 Apr 93 08:14:26 PDT To: cypherpunks@toad.com Subject: CLIP: Legal Aspects In-Reply-To: <23041800272877@vms2.macc.wisc.edu> Message-ID: <9304221511.AA21674@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain > With regard to the fear that the issuance of your 'Klinton Key' >will allow your favorite TLA to decrypt all conversations taped >previous to the issuance of the warrant granting the key, there >is precedence that disallows it. [citations deleted] It is true that evidence from an illegal wiretap cannot be used as evidence in court; this is called the Exclusionary Rule. While the ER has been weakened in the last decade, it still basically holds. Unfortunately, that is not where the main threat lies. Exploratory wiretaps, illegally made and whose evidence is not directly admissible, provide information that may lead investigators to other information. This secondary information _is_ admissible. It would be a wonderful if the ER were strengthened so that all evidence which resulted from an illegal search _and all of its subsidiaries_ were conidered tainted. That battle, however, is a much longer one to fight. Even in that situation, though, the defense would have to prove that an unauthorized wiretap took place. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 22 Apr 93 08:26:31 PDT To: cypherpunks@toad.com Subject: Thoughts on the proposal In-Reply-To: <9304180722.AA01178@unix.ka9q.ampr.org> Message-ID: <9304221523.AA22213@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >It is entirely possible that Clinton, if he understands anything at >all about this proposal, sincerely thinks that he's helping the cause >of personal privacy. Consider that his entire education on the >subject of cryptography probably consisted of a 5 minute briefing [rest elided] Phil points out indirectly in this post one of the very clever tactics used by the PR people on the wiretap side: They presented strong hardware cryptography and the backdoor as inextricably linked. I've gone through some of the press coverage on the chip from last weekend and their argument basically goes like this: "This is stronger than most cryptography currently existing. And it also lets us spy on the BAD people!" Now the first claim is true and irrelevant, since most stuff is not encrypted. And the second claim is presented without mentioning that you can make strong crypto without backdoors. Therefore, one educational goal must be that strong cryptography is possible in hardware which doesn't have backdoors. For press coverage, the announcement of a new hardware device with longer keys and no backdoor could point out this difference and could get press coverage by explicitly denying the gov't claims. I would suggest a triple-keyed DES chip would satisfy this nicely and be very quick to engineer. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 22 Apr 93 08:44:29 PDT To: cypherpunks@toad.com Subject: WIRETAP: boycotts In-Reply-To: Message-ID: <9304221541.AA23538@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >Also for consideration: boycott AT&T and all other companies making >phones with the wiretap chip, and let the phone makers know about >the boycott early and often. Boycotting AT&T overall isn't going to do much economic harm, since the number of anti-wiretap chips is small in comparison to the number of long-distance companies. If you want to hurt them, get them where it counts. 1. The AT&T wiretap phone is designed by a division in Greensboro. Find out everything that this specific division makes. 2. Take this list and in the second column write down all the products which directly compete with those in the first column; these are the alternatives. 3. Get Communication Week to give (or sell) you a mailing list of their subscribers; these folks are already qualified purchasers of telecom equipment. 4. Send and educational mailing to this list, explaining that if they support AT&T in wiretapping, that soon they'll be screwed themselves. Include the list of AT&T products and alternatives and urge people to voice their frustration by buying from someone else. They might also want to send in the sample protest letter you've included. Now this strategy has a few characteristics I'd like to point out. First, if no one buys wiretap chips, the wiretap chip doesn't gain market share, a very important point where compatibility creates positive feedback loops in the market. Second, it's selective in it's targets; the model here is to target one division. When sales actually suffer, there is the possibility of getting the division manager fired for taking an action not in the best interest of the company. A shareholder lawsuit might also help here. If you can bring down wrath on one manager's head, you will deter others from following the same strategy. Third, since this is such a charged issue, you might be able to get donated mailing lists, ad agency consults (Jerry Mander comes to mind), etc. free or cheap. At the very least, such a campaign doesn't cost a lot (on corporate terms) to do entirely commercially; CPSR and/or EFF could mount it. As a second round, target the PBX division of AT&T, since that's where the next round of chip deployments are. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Timothy Newsham Date: Thu, 22 Apr 93 11:42:26 PDT To: hughes@soda.berkeley.edu (Eric Hughes) Subject: Re: non-cypher related question on audio analysis In-Reply-To: <9304221700.AA00422@soda.berkeley.edu> Message-ID: <9304221842.AA08140@toad.com> MIME-Version: 1.0 Content-Type: text/plain > > After you know something, remember this: The FIR filter is the same > mathematically as a FFT, multiplication by a filter window function, > and an inverse FFT. As I recall, you can process multiple FIR's in > parallel. you can do two FFT's by using the fact that: FFT( x(t) + j y(t) ) = Z(w) then X(l) = 1/2 ( Z(l) + Z*(N-l)) and Y(l) = 1/2j (Zl) - Z*(N-l)) Where x(t) <-> X(w) y(t) <-> Y(w) N is the length of both arrays j is sqrt(-1) Z* is the conjugate of Z (a+jb <-> a-jb ) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 22 Apr 93 09:38:52 PDT To: cypherpunks@toad.com Subject: Status of Voice Encryption with PC/Mac? In-Reply-To: <9304182217.AA114200@acs.bu.edu> Message-ID: <9304221635.AA28138@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >I keep hearing about voice scrambling technology in conjunction >with high speed modems and soundblaster cards.... Paul Rubin is going to demonstrate some of the voice coders he's been working on at the meeting Saturday, hardware willing. As far as soundblaster cards, I would recommend instead something like a bigmouth board, which already has the phone line access and handset on it. Secure phones will be a large topic Saturday, since that's where the first deployment of the wiretap chip will be. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: falcor@agora.rain.com (Andy Burt) Date: Thu, 22 Apr 93 09:43:28 PDT To: cypherpunks@toad.com Subject: ADD falcor@agora.rain.com Message-ID: MIME-Version: 1.0 Content-Type: text/plain Or, if this is human-maintained, please add falcor@agora.rain.com to your mailing list! (cypherpunks) Thanks! -- ------------------------------------------------------------------------------ // Falcor, aka // InterNet: falcor@agora.rain.com // If you're bored, // // Andy Burt // FidoNet: 1:105/354.0 // you must not be // // // // paying attention // ------------------------------------------------------------------------------ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Thu, 22 Apr 93 07:18:55 PDT To: cypherpunks@toad.com Subject: RE: Crypto Activism and Respectability Message-ID: MIME-Version: 1.0 Content-Type: text/plain Let'em all eat cake. On Wed, 21 Apr 93 14:46:55 -0700, Timothy C. May wrote - TM> Crypto Activism and Respectability, or, Should We Become TM> "Suits"? In a word: No. The name is fine (Cypherpunks), and the attitude is great. There are plenty of us who do wear ties on a daily basis and have our hearts in the right place. ;-) Thanks for the sanity check. You've got my support. Now if we can "Win the hearts and minds" of the public and change the venue of our own Stalinistic government... BTW, who (off-hand) knows the fax number of the G. Gordon Liddy show at WJFK in Washington? I have this fax I need for him to see .... Cheers. -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.2 mQCNAiuk0/8AAAEEALqlLc+x9lmgiJCRSpu/aPhQdi0hMjwiGlN2B/GJQqgZPhTb pR+u5/blGogqT+WwcXZ2XfEdIV19FrJY4BXGGn4+4TjdVN3XuuCHuueoygBAmOQD IloU6SJuDqJa0kFA5X/i/1ELn86I5+8A4Hx88FiYJIVUBR6SApRLcZSdHMBNAAUR tB9QYXVsIEZlcmd1c29uIDxmZXJncEBzeXRleC5jb20+ =0Kua -----END PGP PUBLIC KEY BLOCK----- Paul Ferguson | Uncle Sam wants to read Network Integration Consultant | your e-mail... Centreville, Virginia USA | Just say "NO" to the Clipper fergp@sytex.com | Chip... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 22 Apr 93 10:04:16 PDT To: jet@nas.nasa.gov Subject: non-cypher related question on audio analysis In-Reply-To: <9304192234.AA26763@boxer.nas.nasa.gov> Message-ID: <9304221700.AA00422@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >Anyone got pointers to decoding audio tones? An intro book, source >code, newsgroup, mailing list, somebody I can take to lunch? I'd like >to sample audio with my SGI, and suck out various simple tones and >combinations of tones. (DTMF, single pitch variant tones, etc.) I've got a good book on DSP by Rabiner and Gold. There are a few DSP newsgroups where the local experts hang out. Also the modem design groups. After you know something, remember this: The FIR filter is the same mathematically as a FFT, multiplication by a filter window function, and an inverse FFT. As I recall, you can process multiple FIR's in parallel. All the DSP manufacturers come with lots of example source code for standard filters (FFT, FIR, IIR, etc.). Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "$HOME/.sig" Date: Thu, 22 Apr 93 11:29:32 PDT To: cypherpunks@toad.com Subject: ANON SITES: Message-ID: <9304221829.AA05811@netcomsv.netcom.com> MIME-Version: 1.0 Content-Type: text The present plan prosed by John Gilmore is good 3-4 U.S. Sites willing to risk litigation and counter-litigation. And I have a another sort of plan that still really requires an out of country A-server(anonymous posting server). A number of PGP-related services may be set up behind such a screen. Having PGP encryption in the style of PAX would be crucial to maintain the anonymity of such services. #1. Michael Grafs PGP Key-Server #2. Anonymous Digital "face" banks(ala Chaum) #3. Gray Market Exchange #4. Encrypted Anonymous Mailing Lists(Example: Dark Technology) #5. Data Havens. #6. alt.whistleblowers(really "hearing aid" see Brunner, J. "Shockwave Rider" A vast network of anonymous servers may be maintained behind the screen of a single foreign site A-server ready to come on line at a single command if suppression attempts are experienced. However AARM type scripts will continue to be a threat,I also think we should look at the possibility of both port 25 and port 119 manipulation with auto-search and random selection of NNTP and SMTP open servers as well as header addition to confuse path analysis... I know this is normally regarded as unprofitable but considering what we are up against... Addition dialup slip and ppp hosts could use a variety of 9.6-56kb dialup sites to provide rotating xntp synchronized anonymous posting and mail services.Uucp sites could play as well on email-based services via uucp. Are any foreign sites up for running David Clunies PAX Code??? cheers kelly - -------- - -- To add the following key block to your PGP2.0 Public Key Ring save this entire message to a file and enter the following command: pgp -ka [name_of_file_saved] The above key block is included on every message I send from - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.2 mQCNAiqua1sAAAEEAMhfx9J4HPDUZReVFsxS1EZh1jArbIKYtFsL8qit1xCDU8xk Sg/MyOVg37CXv/zKGhjrYt1/F4zntHewIDMm3LkH/G/do74zq1R1NrukD5PUbU8/ aeOvsFmjI3HGJGQNpPXXd8eegxHeggOpQPqLNbsl+VSFY5qka/gXinP2G6VzAAUR tB9rZWxseSA8cGxlaWt1IWtlbGx5QG5ldGNvbS5jb20+tBFzbmFrZUBjYWRlbmNl LmNvbbQdS2VsbHkgR29lbiA8a2VsbHlAbmV0Y29tLmNvbT6JAJUCBRAq0+Yk4nXe Dv9n9wsBAUbXA/9nPYjlRcak+JHZzrU8IHwqvSi/eA8IxKfviB0aaOgEkJOgoSrD FzGl0wq9usgqywl1cG05pHhy9dE5YisPrhQUq7Vo3piOxsrhAxdX3OP14wEfqpIU g23lgq55DKKHVf5ea+/F84mdTO7l3Ef4BzfwdKa7YfsFzLOcjWthwnQa84kAlQIF ECq1XovhoOw8SgKpbwEB8bgD/RkyuGei5GZFmXACvF5tBJ2UsCOmmv1c4y4gFQ6U /YO+lO22kVbW497tKJYZyJIMqCj9AnlhqPePiYrj76n951tF3R5AkmTaBIC1SAB6 2oB7xgOSnrt0LxZJml6cLROM6ZpFYIvOVp5GHGlVWu9vxP7BKo+z4LnzFlQzu83O Et4U =PfOI - -----END PGP PUBLIC KEY BLOCK----- pleiku!kelly@netcom.com.... ------- End of Unsent Draft From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "$HOME/.sig" Date: Thu, 22 Apr 93 19:35:59 PDT To: cypherpunks@toad.com Subject: ANON: Anonymized Mailing Lists Message-ID: <9304230236.AA06951@netcomsv.netcom.com> MIME-Version: 1.0 Content-Type: text Hi There, Has any one combined PGP2.2 and one of the mailing lists servers such as MajorDomo to produce an Anonymous multiple recipient Mailing List? I know David Clunie was working on this for PAX at one point but he didnt finish it I believe. Any one got anything like this? cheers kelly - -------- - -- To add the following key block to your PGP2.0 Public Key Ring save this entire message to a file and enter the following command: pgp -ka [name_of_file_saved] The above key block is included on every message I send from - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.2 mQCNAiqua1sAAAEEAMhfx9J4HPDUZReVFsxS1EZh1jArbIKYtFsL8qit1xCDU8xk Sg/MyOVg37CXv/zKGhjrYt1/F4zntHewIDMm3LkH/G/do74zq1R1NrukD5PUbU8/ aeOvsFmjI3HGJGQNpPXXd8eegxHeggOpQPqLNbsl+VSFY5qka/gXinP2G6VzAAUR tB9rZWxseSA8cGxlaWt1IWtlbGx5QG5ldGNvbS5jb20+tBFzbmFrZUBjYWRlbmNl LmNvbbQdS2VsbHkgR29lbiA8a2VsbHlAbmV0Y29tLmNvbT6JAJUCBRAq0+Yk4nXe Dv9n9wsBAUbXA/9nPYjlRcak+JHZzrU8IHwqvSi/eA8IxKfviB0aaOgEkJOgoSrD FzGl0wq9usgqywl1cG05pHhy9dE5YisPrhQUq7Vo3piOxsrhAxdX3OP14wEfqpIU g23lgq55DKKHVf5ea+/F84mdTO7l3Ef4BzfwdKa7YfsFzLOcjWthwnQa84kAlQIF ECq1XovhoOw8SgKpbwEB8bgD/RkyuGei5GZFmXACvF5tBJ2UsCOmmv1c4y4gFQ6U /YO+lO22kVbW497tKJYZyJIMqCj9AnlhqPePiYrj76n951tF3R5AkmTaBIC1SAB6 2oB7xgOSnrt0LxZJml6cLROM6ZpFYIvOVp5GHGlVWu9vxP7BKo+z4LnzFlQzu83O Et4U =PfOI - -----END PGP PUBLIC KEY BLOCK----- pleiku!kelly@netcom.com.... ------- End of Unsent Draft From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "$HOME/.sig" Date: Thu, 22 Apr 93 12:00:41 PDT To: cypherpunks@toad.com Subject: REMAIL: The other shoe drops Message-ID: <9304221833.AA06368@netcomsv.netcom.com> MIME-Version: 1.0 Content-Type: text And John Gilmore Spake: (Much Deleted) > To permanently restore at least last month's level of service, we need > a couple of dedicated, firewalled, buttressed sites. You want a few > geographically separated people who own their own systems (or who own > or run the company that owns them), who have solid network links > (possibly redundant), and who are fully committed to the idea -- as > committed as funet.fi to persist past the vilification and harassment > and threats. > > And those people need backup from the rest of us -- legal help if they > need or want it, money to pay the networking bill if things get tight, > loans of backup equipment during failures under load, system > administration when folks try to break in and trash their machines, > software creation and maintenance, advocacy, policy work, advice, and > a bunch of shoulders to cry on and warm words of encouragement. > > Three to five people providing such setups, in collaboration, would > wedge a steel-toed boot so firmly in the door that it couldn't be > slammed by any dyspeptic "net god". > > Are we up to this job? If not, let's scale back what we're trying to > do. I'd rather succeed at raising consciousness on the issue for a > later try, than try now to set up such a beachhead and fail at it. John I am forced to agree with you here..... I dont think we have the "juice" to carry off a maximum effort at this point... I would gladly volunteer to setup such a site AND I would need a peacenet feed instead of the "gratis" connections I obtain from netcom.... I AM already uncoercible... as you well know and I would need you as well as others in backing on this effort...OK kids... Here we have one volunteer if we can get at least 3 other sites(my mininum buyin is 4 US sites).... Hey John... what about you??? cheers kelly p.s. I would be willing to maintain a PAX type anon operation as well as an anon-remailer.....and a KEY server... would also offer the PGP archives via mail server... note that I am uucp connected and would need to upgrade to 56 kb leased or V-FAST technology... - ------- End of Forwarded Message ------- End of Unsent Draft From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "$HOME/.sig" Date: Thu, 22 Apr 93 12:02:13 PDT To: cypherpunks@toad.com Subject: POLITICAL DISPERSION: Contact with Christic Institute Message-ID: <9304221837.AA06911@netcomsv.netcom.com> MIME-Version: 1.0 Content-Type: text Hi All, Due to a recent posting in alt.conspiracy I was finally able to make contact with the Christic Institute. These are the people who were continually suing the CIQA during the 80's for violations of intelligence laws. They were almost completely wiped out by questionable decisions in a federal lawsuit and loss of their non-profit tax status during the last days of the bush administration. Their present status is as follows, 286/AT class machines 20-30 mb hard disks, 1200 baud connectivity only. and have said they will attempt to acquire a 9600 baud modem...(maybe someone on the list has a spare that they could donate). they have only 1 person who knows about "software" and he sounds like he doesnt have a whole lot of time on his hands I was either thinking about obtaining a pubnix account on their behalf..( or cheap commercial shell account(netcom). or installing waffle along with pgp2.2 and praying. Any suggestions from the group would be welcome. BTW I have worked at expressing the power and connectivity of the internet to him. I dont know how much sunk in at the time.The person I talked to was Dave Reed Christic Institute, 310-287-1556 310-287-1559 FAX 8773 Venice Blvd Los Angeles, Ca 90034 In addition I have been attempting to make contact with the Santa Cruz Action Team to get them connected. I will be making contact with many human rights/eco/etc groups over the next month...(I feel like a crypto-anarchist Johnny Appleseed) - -------- - -- To add the following key block to your PGP2.0 Public Key Ring save this entire message to a file and enter the following command: pgp -ka [name_of_file_saved] The above key block is included on every message I send from - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.2 mQCNAiqua1sAAAEEAMhfx9J4HPDUZReVFsxS1EZh1jArbIKYtFsL8qit1xCDU8xk Sg/MyOVg37CXv/zKGhjrYt1/F4zntHewIDMm3LkH/G/do74zq1R1NrukD5PUbU8/ aeOvsFmjI3HGJGQNpPXXd8eegxHeggOpQPqLNbsl+VSFY5qka/gXinP2G6VzAAUR tB9rZWxseSA8cGxlaWt1IWtlbGx5QG5ldGNvbS5jb20+tBFzbmFrZUBjYWRlbmNl LmNvbbQdS2VsbHkgR29lbiA8a2VsbHlAbmV0Y29tLmNvbT6JAJUCBRAq0+Yk4nXe Dv9n9wsBAUbXA/9nPYjlRcak+JHZzrU8IHwqvSi/eA8IxKfviB0aaOgEkJOgoSrD FzGl0wq9usgqywl1cG05pHhy9dE5YisPrhQUq7Vo3piOxsrhAxdX3OP14wEfqpIU g23lgq55DKKHVf5ea+/F84mdTO7l3Ef4BzfwdKa7YfsFzLOcjWthwnQa84kAlQIF ECq1XovhoOw8SgKpbwEB8bgD/RkyuGei5GZFmXACvF5tBJ2UsCOmmv1c4y4gFQ6U /YO+lO22kVbW497tKJYZyJIMqCj9AnlhqPePiYrj76n951tF3R5AkmTaBIC1SAB6 2oB7xgOSnrt0LxZJml6cLROM6ZpFYIvOVp5GHGlVWu9vxP7BKo+z4LnzFlQzu83O Et4U =PfOI - -----END PGP PUBLIC KEY BLOCK----- pleiku!kelly@netcom.com.... ------- End of Unsent Draft From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 22 Apr 93 10:30:37 PDT To: cypherpunks@toad.com Subject: ADMIN: Should we become "suits"? In-Reply-To: <9304221546.AA17697@tardis.shearson.com> Message-ID: <9304221727.AA03341@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain David Mandl writes: >2) The time I can devote here at work to this sort of thing is very limited. This is true for all of us right now. This topic is a time waster. As list maintainer and thus occasional bringer of order, I declare this topic off limits for two weeks. Don't talk about it on the list; if you've got a gripe about this, mail me directly. As for John Markoff, the New York Times reporter, he was put on the list last September or October and was on until last month. A special note for Perry: If you don't like the name, you are free to do whatever you want, as you have said yourself in other forums. You are in particular free to start your own mailing list called cryptoprivacy. _Verbum sapienti satis est_. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Thu, 22 Apr 93 10:18:26 PDT To: cypherpunks@toad.com Subject: Fowarded messages from RISKS Message-ID: MIME-Version: 1.0 Content-Type: text/plain Greets. These two forwarded message are from the RISKS Forum (14.51). I thought some of you folks might be interested. (Padgett Peterson is a fellow assembler buff who is better known on comp.virus.) ---- Forwded Messages -------------------------- Date: Mon, 19 Apr 93 9:21:53 EDT [RISKS-14.51] From: Clipper Chip Announcement Organization: FIRST, The Forum of Incident Response & Security Teams Subject: Slide presented at White House briefing on Clipper Chip Note: The following material was handed out a press briefing on the Clipper Chip on 4/16. Chip Operation Microchip User's Message +----------------------+ ------------------> | | 1. Message encrypted | Encryption Algorithm | with user's key | | | Serial # | 2. User's key encrypted | |--> with chip unique key | Chip Unique Key | User's Encryption | | 3. Serial # encrypted Key | Chip Family Key | with chip family key ------------------> | | | | +----------------------+ For Law Enforcement to Read a Suspect's Message 1. Need to obtain court authorized warrant to tap the suspect's telephone. 2. Record encrypted message 3. Use chip family key to decrypt chip serial number 4. Take this serial number *and* court order to custodians of disks A and B 5. Add the A and B components for that serial number = the chip unique key for the suspect user 6. Use this key to decrypt the user's message key for this recorded message 7. Finally, use this message key to decrypt the recorded message. - ------------------------------ Date: Sat, 17 Apr 93 09:12:57 -0400 [RISKS-14.51] From: padgett@tccslr.dnet.mmc.com (A. Padgett Peterson) Subject: "Clipper Chip" I suppose we should have expected something after all of the sound and fury of the last few years. The announcement does not really give enough information though. My first thought involves conventional compromise: what happens if the keys are captured through theft *and you know about it* - how difficult is it to change the keys ? What do you do between the time the loss is detected and the time a new key set is approved. How difficult is it to program the chip or do you need a new one ? (and if the chip can be reprogrammed, how do you prevent covert changes that will not be discovered until authorization to tap is received and the agency finds out that it cannot ?). Potentially this must occur every time a trusted employee leaves. For some time, I have been playing with dynamic access cards ("tokens") as seeds for full session encryption rather than just for password devices. Since the encryption requires three parts (PIN, challenge, and token) which are only physically together at the secure system, and since only the challenge passes on the net, and since once encryption starts you have not only provided protection to the session, you have also authenticated both ends simultaneously (by the fact that you can communicate), it seems ideal. *And everything necessary already exists*. From several US companies. It just has not been put together as a commercial product (FUD at work 8*(. Since key generation is on-the-fly at the onset of the session, obviously what the gov needs is not the key but the "key to the key" (of course computers, even a PC, are really good at this. The real question is "Why a new chip ?" The technology to do this has been around for years and several DES chips are available commercially today. The BCC laptop (I like Beaver better 8*) 007 provides this internally today with (I believe) the LSI-Logic chip and Enigma-Logic's PC-SAFE (plugs) does the same with software alone. As indicated in the announcement, financial institutions have been using encrypted transmissions for years without any great outcry. IMHO the real hold-up has been $$$ - cheap error-correcting modem technology to prevent synch losses rather than a lack of good crypto algorithms. Today this is a done deal (actually we have known how to keep in synch since the sixties but you couldn't buy 56kb for under $300.00 at BizMart - now part of K-Mart ! - then). True, there are a lot of questions yet to be answered, but again IMHO most center on the exception cases and not the encryption technology itself. Padgett ---- End Forwarded Messages -------------------------- Cheers. Paul Ferguson | Uncle Sam wants to read Network Integration Consultant | your e-mail... Centreville, Virginia USA | Just say "NO" to the Clipper fergp@sytex.com | Chip... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Thu, 22 Apr 93 10:20:54 PDT To: cypherpunks@toad.com Subject: Answers revealed! Film at Eleven! Message-ID: MIME-Version: 1.0 Content-Type: text/plain To make a long story short, don't try to (-e) encrypt anything with PGP on a STACKERed drive -- it ain't gonna work. When I got in this morning, I proved this point by encrypting without nary a problem on a non-compressed drive. The proof is in the pudding, so to speak. Cheers. (BTW, Kelly -- the second message that you sent is still crippled. What are you doing? Software (PGP) development? ;-) Paul Ferguson | Uncle Sam wants to read Network Integration Consultant | your e-mail... Centreville, Virginia USA | Just say "NO" to the Clipper fergp@sytex.com | Chip... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Douglas Barnes Date: Thu, 22 Apr 93 12:11:33 PDT To: cypherpunks@toad.com Subject: Mass producing chips In-Reply-To: <199304212309.AA12929@well.sf.ca.us> Message-ID: <9304221619.AA19426@wixer> MIME-Version: 1.0 Content-Type: text/plain Arthur wrote: > > p.s. I tried to get samples, but the price was $300,000 for 10,000 units, > How are they going to produce them at these prices and in that quantity given the "baroque activities in the vault" described by Denning? (Not to mention the destruction of the laptop computer... :-) Doug (gumby@wixer.bga.com) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peb@PROCASE.COM Date: Thu, 22 Apr 93 12:35:28 PDT To: tcmay@netcom.com Subject: Re: Crypto Activism and Respectability Message-ID: <9304221824.AA05177@banff> MIME-Version: 1.0 Content-Type: text/plain >From: tcmay@netcom.com (Timothy C. May) >And note tha the "Hackers Conference" has not changed _their_ name, Yes, but they are not trying to gain any media attention. If the CPSR or EFF is the main media presence, then fine; the role of cypherpunks is to write code and spread memes. The only downside I see to this approach is that EFF and CPSR are afraid of being critical about wiretapping in general--that's how their press releases read. If they have a deeper agenda, it doesn't show. The attention getting name *could* be used for certain kinds of media and then branching off with pointers to EFF and CPSR would be a good strategy. Paul E. Baclace peb@procase.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: crunch@netcom.com (John Draper) Date: Thu, 22 Apr 93 11:39:14 PDT To: cypherpunks@toad.com Subject: A question... Message-ID: <9304221839.AA00612@netcom4.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Excuse the high bozo factor, but... I have a question... Does the Clipper Er: Wiretap chip provide a means of authentification? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dmandl@lehman.com (David Mandl) Date: Thu, 22 Apr 93 08:46:54 PDT To: cypherpunks@toad.com Subject: Re: Should we become "suits"? Message-ID: <9304221546.AA17697@tardis.shearson.com> MIME-Version: 1.0 Content-Type: text/plain 1) God bless Tim May. I am in complete agreement with his response to Perry Metzger re his name change proposal (shouldn't be a surprise, as I believe I was the first one to express my horror at it). 2) The time I can devote here at work to this sort of thing is very limited. If I had more time, I'd send a much more in-depth response to Perry's proposal; I don't, so this will have to be shorter and pithier than I'd like. Perry says: > No one said anything about becoming "suits", Tim. I think you did, even if it was indirectly. > The problem is this: the name "Cypherpunks" makes us sound like people > who break into computers for fun or other such stuff. I was on the > phone with John Markoff of the New York Times a couple of days ago, > and I was unhappy that no one had yet changed the name of the group > because I frankly felt that I could not encourage him to subscribe -- > the results would be unpredictable. I encouraged him to read more > sci.crypt instead, which he has already been doing. I don't have the same problem you do with people who "break into computers," though I wouldn't do it. Nevertheless, the cypherpunks as a group never advocate, and rarely even discuss, cracking. I couldn't care less what journalists think, especially journalists from the New York Times. If someone makes an inference like that (the sort of distortion or basic cluelessness I wouldn't be surprised to see in the NYT), he's a bad journalist, and that's his problem. And what does our name have to do with "the results" of subscribing to the group? I take it you're referring to the content of our discussions, which wouldn't change along with our name--unless you're also suggesting that we should tone down our more inflammatory rhetoric (and I think it's a short step from the name change to that anyway). > I've been associated with radical political causes for a while. I've > found that in general, the radicals are their own worst enemy. People > are NOT happy about being lectured to by strange-acting people. So don't lecture them. I don't lecture people. I think people are open- minded about reasonable-sounding ideas if they make sense and are explained in a reasonable way. > Bill Winter of the Libertarian Party of New Hampshire was their > chairman over the period in which the LPNH went from four members of > the state party to actually becoming a force in New Hampshire > politics. New Hampshire is the *only* LP outpost to make any > significant electoral inroads, *anywhere*. He once told me this: you > can get people to accept strange sounding ideas when promulgated by > normal looking people. You can get them to accept normal-sounding > ideas when promulgated by strange looking people. You can't get them > to accept strange ideas when promulgated by strange people. Big deal. If they became a wing of the Democratic Party they'd have even more supporters. The electoral system is a scam, and the LP is deluding itself by getting involved in it. (Ancient anarchist wisdom: "If voting could change anything, it would be illegal.") I won't get any deeper into this, because it's getting way off the subject. > The simple change in our name from something confrontational that > makes us sound like machine crackers to something that expresses what > this group is about would make a radical positive change in our image. > > Now, what are the benefits of keeping the current name "cypherpunks"? > > Well, lets see Tim's list. > > >In a sense, Cypherpunks fill an important ecological niche by > >being the outrageous side, the radical side...perhaps a bit like the role > >the Black Panthers, Yippies, and Weather Underground played a generation > >ago. > > None of whom accomplished any of their goals. You REALLY want to Do you really think the Black Panthers would have accomplished more if they wore suits? Ever hear of Cointelpro? The murder of Fred Hampton? In fact, the Panthers were much more reasonable than John Q. Public thought they were. There was a massive propaganda campaign from the government and the straight press to appeal to white America's basic racism and make the Panthers look like some crazed niggers who wanted to kill whitey and rape his daughter. It would have been the same thing no matter what. I've got news for you: if we do change our name, and the FBI is pissed enough, they'll call us crackers and cypherpunks anyway. There are millions of precedents for this. > emulate them? I've been an occassional visitor to #9 Bleeker Street, > where Dana Beal, last of the Yippies, holds court. He doesn't wash > regularly, and he wonders occassionaly why no one takes his drug > legalization crusade seriously. Hint: they are connected. I know Dana. People don't take him seriously because he's a jerk. > I WANT the New York Times reporter reading this group, but I don't > want him to think we are crackers or nuts. How can the name we use influence his opinion of us more than the 50 messages a day posted to the group? I don't have time to respond to the rest of Perry's message; there's just too much to say. But I repeat: there are more "respectable" groups involved, like the EFF and CPSR, so you're free to work with them when talking to the media. Perry, I have very strong differences with your views of how the media and the "spectacle" work, and I can't do justice to the subject given this limited space and time; it's also not directly relevant to cypherpunks business. For anyone wanting a more modern take on how the media works today, I humbly suggest you read the situationists, who addressed all these issues twenty-five years ago, or Jerry Mander's great book "Four Arguments for the Elimination of Television." --Dave. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "L. Detweiler" Date: Thu, 22 Apr 93 11:21:52 PDT To: cypherpunks@toad.com Subject: cypherpunks vs. nambypambypunks and cyphercranks In-Reply-To: <9304212343.AA29698@snark.shearson.com> Message-ID: <9304221821.AA12903@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain (For this I move out of my vitriol vein, to dish out something non-overly-`stinging' even though it *could* be deadly.) P. Metzger: >We can't afford to lose this fight. This is a matter of life and >death. Playing out fantasy games about being 1960s radicals is fine >and well -- when you don't care about the outcome. We can't afford to >lose, so we can't afford to emulate losing strategies. Mr. Metzger, surely you realize you can call yourself anything you like in the mainstream media. However, I was attracted to this list precisely because of the name, find it highly descriptive and apropos, and I think trying to change it is counterproductive, superfluous, and highly disillusioning, and am becoming increasingly annoyed with attempts to do so. I will proudly wear the banner of `cypherpunk' even if it becomes an epithet. You seem to take it as given that `punk' has negative connotations, but I assure you that it has a distinct ingredient of allure in the public consciousness. Less colorful terms would only provoke blandness and sabotage the vigor of our cause. Young leaders of the American Revolution would aptly be deemed ``punks'' by the robe-cladded wig-wearing British establishment, had the term been around... Nathan ``Give Me Liberty or Give Me Death'' Hale was quite a punk... The list is private. People can choose to present themselves in public any way they like. If they prefer to say that they belong to the "cryptoprivacy group," fine. But I believe you are deliberately ignoring the fundamental underlying personalities of people who are members of the list in your irritating, noisy, and desperate advocation to change the name. In fact, this agenda seems to me very much like someone trying to impose leadership on anarchy. Join EFF or CPSR; they seem to think like you do. ``Obviously, to partake in a revolution, one must, by definitition, at the very minimum, be nonconforming with and disrespectful of the status quo.'' From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uri@watson.ibm.com Date: Thu, 22 Apr 93 09:30:02 PDT To: jwarren@autodesk.com (Jim Warren) Subject: Re: more details from Denning In-Reply-To: <9304211652.AA24148@megalon.YP.acad> Message-ID: <9304221629.AA14269@buoy.watson.ibm.com> MIME-Version: 1.0 Content-Type: text/plain Jim Warren says: > And, a coupla tidbits about Dorothy: I have known her for several years, > worked closely with her on creating the first Computers, Freedom & Privacy > conference in 1991, have absolutely the *highest* regard for her integrity, > honesty and candor -- and absolutely trust what she says ... > about a subject on which we may disagree. > Dorothy Denning is an honorable person with great personal integrity, and ^^^^^^^^^^^^^^^^ ^^^^^ ^^^^^^^^^ I don't see it from her actions. > I urge that she be treated as such -- even in disagreement. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ no objective reasons, your words only. I disagree with your conclusions and believe, that your high esteem of her is rather subjective. But this is way off the topic of this list. Now: > No single person or authority should have the power to > authorize wiretaps > No single person does, at least for FBI taps. After completing a mound > of paperwork, an agent must get the approval of several people on a chain > that includes FBI legal counsel before the request is even taken to the > Attorney General for final approval. > Dorothy Denning Don't you just love that "must get approval"... Fine, but what if that agent just happens to have a key or two left over from previous tap? And another one is willing to trade him the key he wants now, for one of those other ones? How on Earth is this going to be detected? Once the key (Unit Key) is released - there's no force in the Universe to make it un-released again! From now on, everything encrypted with this chip is essentially clear - AND THIS WILL ENDANGER EVERYBODY TALKING TO THIS CHIP, no matter whether YOU have YOUR key "released" or not... Besides, isn't the described "authorized" tapping procedure the same good old one in use today? How come it doesn't stop illegal wiretaps? [I guess, people break laws?! :-] -- Regards, Uri uri@watson.ibm.com scifi!angmar!uri N2RIU ----------- From cypherpunks-request Thu Apr 22 11:57:15 1993 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stanton McCandlish Date: Thu, 22 Apr 93 11:49:26 PDT To: cypherpunks@toad.com Subject: MAIL: threaded mail reader? In-Reply-To: <199304221826.AA25404@Menudo.UH.EDU> Message-ID: <9304221849.AA13917@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain Anyone know of a mail reader a la elm that works on a threaded basis like trn, so I can kill entire threads at once (or, gods forbid, READ them in some sort of meaningful order?) SOrry if this is dreadfully off topic, but you folks seem to know a LOT about mail tech, so... -- Testes saxi solidi! ********************** Podex opacus gravedinosus est! Stanton McCandlish, SysOp: Noise in the Void Data Center BBS IndraNet: 369:1/1 FidoNet: 1:301/2 Internet: anton@hydra.unm.edu Snail: 8020 Central SE #405, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: William Lee Nussbaum Date: Thu, 22 Apr 93 10:10:45 PDT To: cypherpunks@toad.com Subject: DC Meeting this weekend? Message-ID: <199304221710.AA14284@ground.cs.columbia.edu> MIME-Version: 1.0 Content-Type: text/plain Hello, all... If there is going to be a DC meeting this weekend, please try to determine by this evening what it will be... I won't have mail access after about 9am tomorrow until the end of the weekend, and I will be in DC (Although, since I'm traveling with others, I don't know whether I'll be able to make it even if I do know, but if I have some sort of contact information, that can be worked out in other ways.) Please excuse the pushiness, just trying to get a hectic couple of weeks organized... - Lee From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: elee9sf@Menudo.UH.EDU Date: Thu, 22 Apr 93 11:26:30 PDT To: cypherpunks@toad.com Subject: Re: "Cypherpunks Write Code" Message-ID: <199304221826.AA25404@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain Derek writes: > > Since I'd like to be part of the cypherdelic revolution, > what code needs writing? I agree that the PC/modem Heh, lots of stuff could be done: 1) Hack around with the anonymous remailers. Eric mentioned he is working on a "second generation" remailer which allows users to specify cut marks, etc. I've been fooling with one that caches all incoming messages in a directory, and then at midnight (by using the at command) mails/routes each messages on its way. Still got problems with it, though... 2) DC Nets. Yanek Martinson is working on a DC Net implementation using email. A TCP/IP version would be nice! 3) CELP. Don't know much about this other that porting it and hand coding parts in assembly for speed would be welcome. Then, we could have our own encrypted conversations. 4) Digital Bank. A full-blown implementation (RSA encryption and decryption, blinded messages, etc). I have written a scaled down digital bank which provides privacy and security by using random cash and random account numbers, and does not correlate account numbers with usernames. It's written in the Korn shell, and I plan many improvements once the semester is over (rewrite in PERL for one...) But my bank does not implement Chaum's digicash scheme, and that would be best. 5) Once that is done, we can experiment with a "cash accepting" remailer - one that will only remail if valid digicash is included in the header, or whatever. Then, such a system may be expanded to do anonymous or pseudonymous usenet posting, which may be an acceptible (to folks who are vehemently against anonymous posting, etc.) solution to helping prevent abuse by such services. 6) Steganography, hiding code in other documents. For example, hiding each bit of a message (encrypted or not) in the low order bits of an image, gif, tiff, whatever. I've played around with the tiff format and will try to use Sam Lieffler's (sp?) tiff package to help out. Writing a program that will automatically embed a message in a picture and read a message out will be useful. ("hey everyone, be sure to get the denning.gif from alt.binaries.pictures.misc and read my comments about the clipper chip!") 7) Misc stuff. Check out the scripts which help in the use of the anonymous remailers - they are for UNIX and DOS. Amiga, Mac, etc. versions needed. 8) Take your favorite unix utility (mail for example) or whatever and add encryption automatically. Sure, using it on a multi-user systems may not be the best thing to do, but the code, techniques, and solutions would be of value and would aid others. 9) probably lots of other stuff that would be nice... /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Thu, 22 Apr 93 15:21:45 PDT To: Eric Hughes MIME-Version: 1.0 Content-Type: text/plain Boycotts seldom do much by direct economic pressure. If they accomplish anything, they generally do so by the publicity they generate. Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Thu, 22 Apr 93 15:21:48 PDT To: Eric Hughes MIME-Version: 1.0 Content-Type: text/plain At 08:11 AM 4/22/93 -0700, Eric Hughes wrote: >Exploratory wiretaps, illegally made and whose evidence is not >directly admissible, provide information that may lead investigators >to other information. This secondary information _is_ admissible. > >It would be a wonderful if the ER were strengthened so that all >evidence which resulted from an illegal search _and all of its >subsidiaries_ were conidered tainted. That battle, however, is a much >longer one to fight. I thought this was already true, at least in theory. It's known as the "fruit of the poisoned tree" doctrine. Evidence gathered as a consequence of illegally gathered evidence is in itself inadmissable. Of course, this is probably what has been weakened the most by the Reagan/Bush Supreme Court. >Even in that situation, though, the defense would have to prove that >an unauthorized wiretap took place. *This* is the fundamental problem. There are many possible ways that illegal wiretaps can further the collection of other evidence, without the existence of the illegal wiretap ever having to be revealed. Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Sandy <72114.1712@CompuServe.COM> Date: Thu, 22 Apr 93 11:47:22 PDT To: Subject: AT&T/SUITS Message-ID: <930422182755_72114.1712_FHF70-2@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain _________________________________________________________________ FROM THE VIRTUAL DESK OF SANDY SANDFORT ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Punksters, AT&T: CO-CONSPIRATORS At the last physical San Francisco meeting, I mentioned a curious conversation I had with an AT&T representative. I had called him for info about the ATT Secure Phone 3600. What I reported to the meeting was that while the representative would not "confirm or deny" that the 3600 had a backdoor, his demeanor suggested to me that it did. Now in reviewing the conversation in my memory, I realize that what I was hearing from him was a SMUGNESS. It had the flavor of the cat that swallowed the canary. He obviously knew about the upcoming announcement. In retrospect, I see that he was playing with me by dropping hints such as: "If the NSA were to ask us to put a backdoor in the 3600, of course we would have to cooperate." Talk about your "secret government." Where are Slick Willie's "town hall meetings" when you need them? SUITS ME Let a hundred flowers blossom. Those of us who wish to fight the good fight in suits, should do so. Likewise, those who wish to remain long-haired, maggot-infested, dope-smoking hippies, should follow their hearts. I have no problem with the "Cypherpunks" moniker. It hasn't hurt us, and it has brought us some favorable publicity. I think Perry is being an alarmist. In one point, though, Perry is right. He said people will listen to unconventional folks who present reasonable ideas. But it appears that Perry thinks our support of freedom and privacy is somehow unreasonable in the eyes of Joe Lunchbucket. I respectfully disagree. I think we represent the essence of American values. All we have to do is put it in terms the are immediate and personally relevant to the average American. For the record though, as Tim May can attest, I am bi-cultural. I have gotten in touch with the Suit inside me. If Cypherpunks ever needs a spokesperson in a "dress for success" suit, I'll be glad to volunteer. There is one condition, however. I will only do it if I'm teamed with someone not in a suit; preferably with long hair and wearing tie-dyed. Think of the photo op! S a n d y _________________________________________________________________ PLEASE RESPOND TO: ssandfort@attmail.com (except from CompuServe) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Harry Shapiro Date: Thu, 22 Apr 93 11:54:31 PDT To: cypherpunks@toad.com (Good Guys) Subject: AT&T in Greensboro Message-ID: <199304221854.AA24393@sun.Panix.Com> MIME-Version: 1.0 Content-Type: text/plain Eric mentioned boycotting AT&T products produced at facilities in Greensboro. I did a quick search of AT&T Greensboor for the last years, looking through trade and tech pubs. Basically their is mention of their Federal Systems group and there Federal systems advanced technologies group. They have a AT&T Proposal center there and a business called AT&T Technical Service Co. Bell Labs/Federal Systems group runs the Guilford Center complex there. They annouced they are building a 5 Million dollar plant for building telecommunications products for the US Gov. and for the International Commerical Markets. (This was within this years, and may or may not have been, at that time, a cover to hide what ever facilities were being built for the WireTap Chip project. It should be noted that Public Key Partners is located in Greensboro. That the AT&T deal with them at the time, was probally completed so that the WireTap phone systems AT&T will sell will not violate RSA/PKP patents. /harry -- Harry Shapiro habs@panix.com List Administrator of the Extropy Institute Mailing List Private Communication for the Extropian Community since 1991 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Harry Shapiro Date: Thu, 22 Apr 93 12:05:35 PDT To: extropians@gnu.ai.mit.edu (Harry Shapiro) Subject: Info on Mykotronx Message-ID: <199304221905.AA25268@sun.Panix.Com> MIME-Version: 1.0 Content-Type: text/plain Please forward this message far and wide. - Harry I am looking for Info on Mykotronx the company that designed the WireTap chip for the NSA/NIST/FBI. They are said to be a contractor to NSA. Thus we can assume that most if not all of what they do is "hidden from view." I was shocked when I did a database search using the name Mykotronx and Mycotronx (both spellings have been used), in publications that report on these areas: trade, technical, business and financial markets. I also searched press wires and some newspapers. Prior to April 16/17 I have found NO References to this company. Clearly this company takes it security seriously; but such a lack of coverage seems strange. It leads me to wonder if they really existed much prior to April 16/17 - they could be a division of the NSA, for example. Of course the data bases I searched don't have everything in them and they could have been scrubbed... Can anyone find references to this company prior to April 16 1993? Can anyone provide alternative spellings for their name? Thanks, /harry -- Harry Shapiro habs@panix.com List Administrator of the Extropy Institute Mailing List Private Communication for the Extropian Community since 1991 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Arthur Abraham Date: Thu, 22 Apr 93 15:06:57 PDT To: Cypherpunks@toad.com Subject: the WireTap Chip sobriquet Message-ID: <199304222206.AA14436@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Actually, this is the worst named product since GM decided to name an electric car the "Impact" (they've since announced that they're not going to make it.) This device is very simply the "Privacy Clipper" chip .... "nuf said" -- Stan Lee -a2. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Thu, 22 Apr 93 15:36:14 PDT To: pmetzger@lehman.com Subject: Re: A Volunteer in a Suit Has Appeared! In-Reply-To: <9304222118.AA05266@snark.shearson.com> Message-ID: <9304222236.AA27147@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Lighten up, Perry! My comments in my lighthearted "A Volunteer Suit Has Appeared" were not directed at you or your position. After all, I was the one who first mentioned "suits," so my comments were not targeted at you use of the term. > In fact, why not just go to the top of a giant tower and get publicity > for us by shooting random passers by? After all, as you've noted, > there is no such thing as "bad publicity". I assure you that you will > be covered by thousands of times more TV and radio stations for such > an act. Perry, Perry, Perry! Please, you're taking my comments and extrapolating them to absurd levels. Is this what you call being reasonable? I haven't said that *anything* goes, rather, I've said that the slightly outre image of our group is not ipso facto a bad thing. But I don't want your time or my time or the list's time this way. > Tim agreed in his reply to my message with virtually every substantive > point that I made. None the less, he makes fun of my comments. He > agrees that people do judge on appearances. He agrees that the radical > protest movements of the 1960s were largely failures. Yet he wants us > to appear unreasonable, and he wants us to emulate these failures. Again, not true. > Tim has reacted with extreme vehemence to the minor question of our > name. Its a small thing to us personally -- but it could help advance > our goals. I can only conclude that since Tim more or less admits that > he's wrong but still insists on his position that he is not acting on > the basis of rational motivations. ?????? All I can say is that I hope Perry cools off a bit. While the Clipper Chip is indeed a serious and dismal matter, I see no call for such anger and charges that I've admitted I'm wrong, that I want our efforts to fail, that I want us to appear unreasonable, and that I am "not acting on the basis of rational motivations." It's clear Perry doesn't like the name of our group. Repeating this over and over again does not seem to be all that produtive. And the issues go beyond that of the mere name, which is a relatively minor issue. My post about "respectability" yesterday had much more to do with addressing the calls by some that our agenda be changed (e.g., reducing discussion of crypto anarchy, of guerilla distribution of software, of offshore remailers, of digital money, of money laundering, and the like), that we deemphasize the "crypto rebel" aspects and instead adopt a more mainstream line. It's clear that some are uncomfortable with these crypto rebel issues, these discussions on the list, and the possible repercussions. Well, these are the topics that got us started, and the latest Clipper Chip is no reason for us to turn into a carbon copy of the CPSR, EFF, and ACLU. Nor is it a reason to lose our sense of humor about things. -Tim May P.S. I'm quite serious that my little joke about Sternlight was not directed at Perry personally. I had already responded at length, and quite reasonably (I thought) to his comments. The Sternlight point came as I was reading Sternie's posts in sci.crypt and realized that what he (Sternlight) seems to want more than anything else is to be the "voice of reason" in the crypto debate. Hence my satire. If I'd wanted to satirize Perry, which I can't honestly say I've wanted to do, I'd've used some kind of material from him, or his kind of words. Cheers. -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Meyer Date: Thu, 22 Apr 93 13:47:20 PDT To: cypherpunks@toad.com Subject: Re: New Algorithm... In-Reply-To: <9304222007.AA05127@snark.shearson.com> Message-ID: <19930422204625.1.MEYER@OGHMA.MCC.COM> MIME-Version: 1.0 Content-Type: text/plain Date: Thu, 22 Apr 1993 15:07 CDT From: "Perry E. Metzger" "Haywood J. Blowme" says: [Lots about some J. Random Companies encryption chip] All fine and well, but since we have IDEA already, why should we want it? For virtually all applicatons these days other than fully encrypting network traffic, software is fine. DES implementations in software can handle 1.5 Mbit/s on reasonable machines. Beyond that, if we need hardware, why not use one of the currently publically known algorithms like DES or IDEA, or a combination of them? Why use some other companies algorithm? Perry Even when using encryption software there may be reasons to use something other than DES. One possible reason (apart from doubts about whether NSA can break DES in one or more of its modes) is that, although the security and speed of an encryption algorithm is of central importance, the quality of the user-interface is also important. For example, if you want to encrypt/decrypt thirty files in five different subdirectories twice a day, and do it in an office with your colleagues looking over your shoulder, you won't want to be using software that encrypts only one file at a time and also displays the encryption key as you type it in (though you might like to have the key echoed when no-one else is about). There are lots of other things to be considered besides the algorithm itself when designing good encryption software, e.g. if someone accidentally yanks out the power cord to the computer during decryption do you kiss goodbye to the data? -- Peter Meyer From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pete@cirrus.com (Pete Carpenter) Date: Thu, 22 Apr 93 16:46:01 PDT To: cypherpunks@toad.com Subject: Re: Mass producing chips Message-ID: <9304222251.AA25007@ss2138.cirrus.com> MIME-Version: 1.0 Content-Type: text/plain >tried to get samples, but the price was $300,000 for 10,000 units, How are they going to produce them at these prices and in that quantity given the "baroque activities in the vault" described by Denning? Doug (gumby@wixer.bga.com) Assuming that there is some EEPROM, or bipolar fuse PROM (like PALs) they can easily be programmed during the final (packaged) test stage. After the device passes its tests, give it a number. There are already some PALs that have a "silicon signature", a lot number embedded on the chip, which allows process or lot tracing of devices that don't work up to spec. Testing on peripheral controllers is well below 5 seconds each (gross ballpark - not giving away any secrets here) CPUs may be more, but a "wire-tap" chip should be much easier to test than a CPU. Testers can run close to 24 hours a day, and 24*3600/5 is 17,000 chips a day from one test head. QFP trays have 50 chips/tray, and since the tester knows when the trays are full, it can easily use this to form lot/tray/batch,etc numbers, as well as individual device numbers. I don't like what they're doing, but it all sounds technically feasible to me. Pete Carpenter IC Design Engineer Cirrus Logic Inc. pete@cirrus.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Thu, 22 Apr 93 15:58:13 PDT To: cypherpunks@toad.com Subject: Being Reasonable to Reporters In-Reply-To: <9304222118.AA05266@snark.shearson.com> Message-ID: <9304222258.AA28208@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Sorry, gang, but I just can't let this one pass without commenting: Perry Metzger writes: > I've watched the Libertarian Party self destruct because many > activists are such fools that they can't make a distinction between > whats important and random rebellion for the sake of rebellion. People > will refuse to be polite, refuse to phrase their arguments > comprehensably, refuse to be nice to reporters, and refuse to appear > to be reasonable or even rational, and then later on they wonder why > it is that everyone makes fun of them and no one listens. Speaking for myself, I've been *very* polite to reporters. I can only hope Perry is speculating about some Cypherpunks I haven't heard about. John Gilmore, Eric Hughes, myself, and many other members of the list have been quite reasonable, quite articulate, and quite "nice" in our comments to reporters. I hosted Kevin Kelly, Steven Levy, and Julian Dibbell each for several hours, at their request, at my home in Aptos. These were for the various pieces coming out in their publications. I answered their questions, outlined the issues of privacy and crypto as I saw them, explained the workings of new protocols, and so on. Some of them showed up at our meetings, where they were well-treated. The Levy piece is already out, in "Wired," and I've seen the draft of Kelly's piece coming out soon in "Whole Earth Review." Neither paint us as Texas Tower whackos nor as blue-sky dreamers. These journalists are very well-versed in the issues. Julian Dibbell's forthcoming piece I haven't seen, but I doubt it will be a hatchet job or otherwise treat us as crazies. I think this qualifies as being nice and reasonable to reporters. Note: I did not talk to John Markoff this time around, but I have in the past. My understanding is that others talked to him. Cheers. -Tim May From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Thu, 22 Apr 93 13:08:12 PDT To: "Haywood J. Blowme" Subject: Re: New Algorithm... In-Reply-To: <199304212154.AA15610@rac3.wam.umd.edu> Message-ID: <9304222007.AA05127@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain "Haywood J. Blowme" says: [Lots about some J. Random Companies encryption chip] All fine and well, but since we have IDEA already, why should we want it? For virtually all applicatons these days other than fully encrypting network traffic, software is fine. DES implementations in software can handle 1.5 Mbit/s on reasonable machines. Beyond that, if we need hardware, why not use one of the currently publically known algorithms like DES or IDEA, or a combination of them? Why use some other companies algorithm? Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dstalder@gmuvax2.gmu.edu (Darren/Torin/Who ever...) Date: Thu, 22 Apr 93 13:19:28 PDT To: cypherpunks@toad.com (CypherPunks) Subject: DC meeting Message-ID: <9304222020.AA29093@gmuvax2.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain This is to announce a DC area cypherpunks meeting on Monday 26 April at 1800 (or so) until whenever at my office. Call me or write me for info on how to get here... Think free, -- Defeat the Torin/Darren Stalder/Wolf __ Wiretap Chip Internet: dstalder@gmuvax2.gmu.edu \/ PGP2.x key available. Proposal! Bitnet: dstalder@gmuvax Finger me. Write me for Sprintnet: 1-703-845-1000 details. Snail: 10310 Main St., Suite 110/Fairfax, VA/22030/USA DISCLAIMER: A society where such disclaimers are needed is saddening. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 22 Apr 93 16:25:11 PDT To: cypherpunks@toad.com Subject: Info on Mykotronx In-Reply-To: <9304222236.AA15100@anchor.ho.att.com> Message-ID: <9304222321.AA02657@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain the vp from mycotoxin spoke, and some reporter said: "He said the chip announced yesterday, internally referred to as MYK-78, costs about $40 and uses an algorithm 16 million times more complex than that used by chips now on the market. Computer hackers have penetrated the current chips." 16 M is approx 2^24 80 bit wiretap chip key - 56 bit DES key = 24 Just because the key is 24 bits longer doesn't mean the chips are that much more complex. Biham and Shamir have reduced the security of DES down to 2^47 (maybe down a few more in the exponent), but that does not mean that it has been broken. 2^47 chosen plaintexts is not a feasible attack in a reasonably deployed system. This is the best known attack. Biham and Shamir are not computer hackers, either. So assuming the reporter was basically accurate, what's the score for our VP? One deceit and one outright lie combined with a gratuitous slander. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 22 Apr 93 16:30:05 PDT To: cypherpunks@toad.com Subject: WIRETAP: press articles wanted. Message-ID: <9304222326.AA03395@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Speaking as the ftp site maintainer, I'm looking for all the press coverage there is on this wiretap chip, both national and local coverage. I've seen quotes from several other sources, but not whole articles. So type in what's at hand and send it to me. I'll put it up for ftp. I've got Saturday's article from the SF Chronicle here, which I haven't yet typed in, but I should warn you that this piece is one of the most slanted things I've seen in that paper. (Those of you who've read the Chron know this is a real insult.) I'll get it typed in myself unless someone can send me a copy. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: szabo@techbook.com (Nick Szabo) Date: Thu, 22 Apr 93 16:27:48 PDT To: karn@qualcomm.com (Phil Karn) Subject: Re: WIRETAP: boycotts In-Reply-To: <9304222221.AA01871@servo> Message-ID: MIME-Version: 1.0 Content-Type: text/plain Agreed, not much economic pressure would come from directly boycotting Clipper phones, or for that matter from people boycotting AT&T for ideological reasons. Rather, it would come from AT&T getting a reputation as putting the U.S. government's needs before the needs of their customers; and not caring very much about the privacy of their customers' phone calls. What international business, law firm, etc. wants to trust their communications to a company that puts NSA wiretap chips in their phones and touts them as "secure"? A good outcome here is for this fiasco to get wide publicity, and for Sprint, MCI, etc. to subtly use doubts about AT&T's concern for privacy in their ad campaigns. A recent cypherpunks post refferred to a conversation with an AT&T marketing type, who kept insisting that AT&T is very concerned about customer privacy, it's a high priority, etc. AT&T knows they need a good reputation for privacy. Keep up the pressure! Nick Szabo szabo@techbook.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 22 Apr 93 16:42:50 PDT To: cypherpunks@toad.com Subject: Reaction time and Crypto In-Reply-To: <9304180436.AA49530@acs.bu.edu> Message-ID: <9304222339.AA05222@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >It seems to me that the following technologies are going to be of increasing >import despite the outcome of the Clinton proposal. >1. Raw headerless output from packages like PGP. It seems obvious that >if crypto is regulated, it must be easier to disguise the type of crypto >one is using, or indeed if one is using crypto. Removing the headers from PGP will accomplish only the most cursory security. The PGP packet structure is recognizable out of a random byte stream even without the headers. More generally, just because _you_ don't know how to recognize something doesn't mean your opponent is similarly lacking. In order to really know it can't be done, you need a proof, that is, an argument that covers all possible ways of looking for something. This principle applies to all forms of steganography. >2. Methodology for the disguising of cyphertext in more innocous data. See my comment above for my opinion on this. >3. The proliferation and consistant use of Crypto for even everyday >communications. I think work done to get PGP, for example, in mail readers is something that should be done with a bit more zeal. I, personally, don't use it much because of my computing environment (receiving mail on a widely-known-to-be-insecure Unix box, dialed in from MSDOS). The integration problems are pressing. >1> The harder it is to find, the less potential there is for regulation. >2> The harder it is to look for, the less potential there is for regulation. >3> The harder it is to abolish, the less potential there is for regulation. True up to a point. Remember, internet users are still a small percentage of the whole. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Date: Thu, 22 Apr 93 17:02:36 PDT To: Subject: subscribe Message-ID: <2BD7301A@CN.LAAFB.AF.MIL> MIME-Version: 1.0 Content-Type: text/plain subscribe, schmittec@mj.laafb.af.mil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Steve Greenberg Date: Thu, 22 Apr 93 08:24:01 PDT To: cypherpunks@toad.com Subject: SUBSCRIBE steve@oc3s-emh1.army.mil Message-ID: <9304221523.AA04591@toad.com> MIME-Version: 1.0 Content-Type: text/plain SUBSCRIBE steve@oc3s-emh1.army.mil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pg3448@csc.albany.edu (Harbinger ) Date: Thu, 22 Apr 93 14:17:49 PDT To: cypherpunks@toad.com Subject: unsubscribe me Message-ID: <9304222117.AA16771@sarah.albany.edu> MIME-Version: 1.0 Content-Type: text/plain I cannot keep up with all the mail.. 50+ per day is just too much.. can I please be taken off the subscribed list? thank you.. PG _______________________________________________________________________________ _ @__ ############ ## /\ /\ /\ | \\ ######### ########## ###### _ || || || | \\ ###### ########## / \ || || || _|\ \\ ## ________________ ` / || || || \ \ ++ ___--- / \ \ ---___ | \\||// \ l || _-- / /\ \ \ --_ * ~||~ T\\ || _____/ / / /\ \ \ \_____ || | \\ || \_ / / /__\_\ \ _/ || | \\ ++ -__ / / /________\ __- __ || | \// .-. _ ---___\/___________/___--- _ || || | //\ . | | | ` --___ ___-- / \--+|============--_ | // .\\| t-' | _ ---------------- \_/--+|======||====-- @~~ `.| | t_| The Harbinger is watching! ||__ || ~ ` -- _______________________________________________________________________________ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Thu, 22 Apr 93 14:18:57 PDT To: tcmay@netcom.com (Timothy C. May) Subject: Re: A Volunteer in a Suit Has Appeared! In-Reply-To: <9304220831.AA26386@netcom.netcom.com> Message-ID: <9304222118.AA05266@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain I wonder, Tim, why you bother to wear clothes at all. After all, they are merely attempts by conservative people to make you fit into a conventional mold. Indeed, why speak in english? Why not invent your own language that no one else understands? After all, using the same language that other people do is a callow and conformist act. In fact, why not just go to the top of a giant tower and get publicity for us by shooting random passers by? After all, as you've noted, there is no such thing as "bad publicity". I assure you that you will be covered by thousands of times more TV and radio stations for such an act. I've watched the Libertarian Party self destruct because many activists are such fools that they can't make a distinction between whats important and random rebellion for the sake of rebellion. People will refuse to be polite, refuse to phrase their arguments comprehensably, refuse to be nice to reporters, and refuse to appear to be reasonable or even rational, and then later on they wonder why it is that everyone makes fun of them and no one listens. Our goal is not to maintain use of the word "cypherpunks". Nor is our goal to change the fashion industry. Our goal is privacy. Tim agreed in his reply to my message with virtually every substantive point that I made. None the less, he makes fun of my comments. He agrees that people do judge on appearances. He agrees that the radical protest movements of the 1960s were largely failures. Yet he wants us to appear unreasonable, and he wants us to emulate these failures. Tim has reacted with extreme vehemence to the minor question of our name. Its a small thing to us personally -- but it could help advance our goals. I can only conclude that since Tim more or less admits that he's wrong but still insists on his position that he is not acting on the basis of rational motivations. I'll repeat -- this is not a fight that we can afford to lose. Why machine gun ourselves in the feet? Perry Timothy C. May says: > > I am pleased to announce that the Search Committee has found an Executive > Director for the newly renamed "Privacy Institute." He will serve as both > manager and as external spokesman for the Institute. > > We searched for a respectable person, preferably middle-aged, who knew how > to communicate with bureaucrats and was prepared to relocate to the > Washington, D.C. area to act as our official lobbyist (the matter of his > compensation will be dealt with in a later memo, one which also explains > our dues structure. membership grades, and official bylaws). > > Our candidate is an active poster in sci.crypt, is well-known to the Net, > and yet has strong connections with the Washington bureaucracy. > > We feel he will do much to project a more proper, even anal, image of our > group. We hope his appointment as Executive Director, The Privacy > Institute, will go a long way toward improving the image we developed > during our first phase of existence when we were known by the c-word name. > > Our new Director intends to immediately correct many of the wrongs he sees. > > > Without further ado, here is his name: > > > David Sternlight > > > I hope you'll all join me in welcoming Sternie, or Sterno, as his friends > call him, to the Privacy Institute. > > > -Tim May, Recording Secretary, The Privacy Institute ("Don't call us > Cypherpunks!") > > > > (The preceeding spoof was brought to you as a public service.) > From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ghoast@gnu.ai.mit.edu Date: Thu, 22 Apr 93 14:49:35 PDT To: cypherpunks@toad.com Subject: tapping method unmentioned Message-ID: <9304222149.AA47908@hal.gnu.ai.mit.edu> MIME-Version: 1.0 Content-Type: text/plain In all the articles that I've seen posted, and in the grumbling done about the advancement of government regulated cryptography, I haven't seen much mentioned on *how* the government would go about collecting a certain exchange. Pardon me if I'm missing something key here, but wasn't there some bill circulating in the legislature that proposed that phone co's build tappability into the newer non-copper phone system? Is the phone co's cooperation on this issue part of a bargain to exclude such capability from the system (yeah, right) or is the government focusing on this issue now because it has already accomplished what it wants in other areas of privacy (read: tapping) ~ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: treason@gnu.ai.mit.edu Date: Thu, 22 Apr 93 14:52:14 PDT To: cypherpunks@toad.com Subject: What should be done. Message-ID: <9304222151.AA12576@spiff.gnu.ai.mit.edu> MIME-Version: 1.0 Content-Type: text/plain I agree as well that this mail is horrendous. 50+ mailings a day is a troublesome thing. I would like to suggest a method of mailing that would be less pain to the mailer, and more useful for storing purposes. I suggest we start an archive. All mail sent to the list in one day is put within this archive, and mailed ONCE per day. Sure this mailing would be rather large, and you may have to wade though alot of stuff that may be uninteresting to you to get to what you want to see, but you could store it in temp, and use vi on it or something...it would be a minor inconvienience. Much more livable than what we have now. I have seen a great list done in this same way. It has the mail header for the list, an index of all articles subjects within at the start, and then basically each article stored linearly with mail headers intact. For those who have seen the archive for the Ultrasound Digest, you know what Im talking about. I suspect that the individual running the list has an automation program generating this Digest each day, and mailing it when the time is appropriate. There are examples of this digest on archive.epas.utoronto.ca in /pub/pc/ultrasound/digest for those of you who want to see what it looks like. I would be happy to consult the list moderator and beg for the software in the lists best interest if we get a good number of wants. treason From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: AOLCHTNN@vax1.tcd.ie Date: Thu, 22 Apr 93 11:23:15 PDT To: cypherpunks@toad.com Subject: life, universe, everything Message-ID: <01GXBKLI1Q1C000HXH@vax1.tcd.ie> MIME-Version: 1.0 Content-Type: text/plain I got your address in mondo8. I need information on encryption software. Unfortunately, external telnets have been impossible for some time now, so I can't look for it through the usual channels. Thanks in advance. AOL From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: GR2KITTRELL@APSICC.APS.EDU (TOO MANY SECRETS) Date: Thu, 22 Apr 93 17:18:32 PDT To: cypherpunks@toad.com Subject: IRC setup Message-ID: <930422181609.329c@APSICC.APS.EDU> MIME-Version: 1.0 Content-Type: text/plain I really don't know if it can be accomplished in time, but TO1SITTLER is working on setting up a client here for IRC. If this can be used for any meetings, just write. GR2KITTRELL@APSICC.APS.EDU Albuquerque, New Mexico (Land of Enchantment) "Right" From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com Date: Thu, 22 Apr 93 15:37:31 PDT To: extropians@gnu.ai.mit.edu Subject: Re: Info on Mykotronx Message-ID: <9304222236.AA15100@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text Harry Shapiro said he wasn't able to find much information on Mykotronx. The San Francisco Chronicle says it's a "little-known company in Torrance, CA"; "Mykotronx Inc., founded in 1979 by two former engineers from TRW Inc., already sells classified encryption chips to protect satellite communications." "San Jose-based VLSI Research Inc. will manufacture the chip, called the Clipper. VLSI was chosen largely because it has a unique manufacturing process that makes it nearly impossible to take the chip apart and decode it." The Washington Times says that "Government engineers at NSA and [...] NIST designed and developed the chip, which was then produced by privately owned Mykotronx and a publicly traded subcontractor, VLSI Technology." In their discussion of comments by Ted Bettwy, exec VP of Mykotronx, "He said the chip announced yesterday, internally referred to as MYK-78, costs about $40 and uses an algorithm 16 million times more complex than that used by chips now on the market. Computer hackers have penetrated the current chips." Bill Stewart From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com Date: Thu, 22 Apr 93 16:00:36 PDT To: smb@ulysses.att.com Subject: Verbosity by Mail from NIST Message-ID: <9304222257.AA15315@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text I called the phone number for NIST given in one of the announcements, and was routed to Sherry Hankey 1-301-975-2820, who faxed me their package of information they're sending out. There's no new technical information (Dorothy Denning's article and some non-technical viewgraphs), but there's a lot of newspaper clippings, pro and con, the announcements we've seen on the net from Clinton, Q&A, etc., and what look like viewgraphs from a couple of talks. Overall, it looks like they don't know much more than we do :-). One talk is "U.S. Technology Initiative for Secure Telecommunications" Raymond G. Kammer, Acting Director, NIST, 4/16/93 which is basically the announcements turned into viewgraphs (if I've sucessfully decoded the tangle of fax paper :-). Another part of the package looks like another talk, which covers Wiretap cases by the FBI and other agencies, including a summary table for 1982-1991 of State and Federal wiretap authorizations, arrests, and convictions (there's a footnote that reporting of convictions seems to substantially lag actual convictions, though the ration of arrests to convictions has decreased, averaging 2:1 over 10 years, 3:1 recently.) Most wiretaps are State and local, not FBI. Cases they cited included the usual drug dealing and money laundering, a judge taking bribes, a Chicago street gang El Rukn proposing to shoot down an airliner for the Libyans, some Mafiosi, a RICO case against the Concrete and Cement Workers Union "Prevented economic loss $585Mil", some fraud in defense contracting and health care contracting, and the Masters of Disaster "computer hackers" case. Bill Stewart wcs@anchor.att.com # Bill Stewart wcs@anchor.ho.att.com +1-908-949-0705 Fax-4876 # AT&T Bell Labs, Room 4M-312, Crawfords Corner Rd, Holmdel, NJ 07733-3030 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Bob Stratton Date: Thu, 22 Apr 93 17:27:14 PDT To: cypherpunks@toad.com (CypherPunks) Subject: Re: DC meeting Message-ID: <9304221926.AA59903@horton.intercon.com> MIME-Version: 1.0 Content-Type: text/plain [Note: in the interests of hitting everyone interested, this message might be duplicated for several of you. Please accept my apologies in advance --Strat] > Subject: DC meeting > Date: Thu, 22 Apr 93 16:20:50 EDT > From: dstalder@gmuvax2.gmu.edu (Darren/Torin/Who ever...) > > This is to announce a DC area cypherpunks meeting on Monday 26 April at > 1800 (or so) until whenever at my office. Call me or write me for info > on how to get here... A couple of things: - I was reading mail to post my announcement, when I read yours :-) - I'm more than willing to defer to the majority, though I think there's something to be said for networking the meetings, especially if we have good tools. I've also already received a great deal of response to the idea of a Saturday meeting, even from out-of-towners. To that end, I'm going to post an announcement for a Saturday meeting, and see what happens. Several of us have been planning it for a couple of days now, so don't take it personally or anything. - Paul Ferguson and a couple of others and I have been cobbling together a list of people we thought would be interested in meeting in the DC area, so as to do preliminary planning without polluting Cypherpunks too much. I can see that there are more DC area people than I had originally envisioned, which makes me happy. Sorry if we missed you originally. - Eric and I have discussed the idea of audio teleconferencing the various meetings, either via the Internet or by phone. I've got both a Sun IPC equipped to do the former, and a Western Electric conference telephone (and 6- way on my switch) for the latter. Well readers, which do you prefer? --Strat Help stop the wiretap chip! (a.k.a "Clipper") RIPEM and PGP keys available on request. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: GR2KITTRELL@APSICC.APS.EDU (TOO MANY SECRETS) Date: Thu, 22 Apr 93 18:32:39 PDT To: cypherpunks@toad.com Subject: OOPS Message-ID: <930422193017.3b98@APSICC.APS.EDU> MIME-Version: 1.0 Content-Type: text/plain Sorry, To1sittler was trying to set up an IRC HOST, not client.. My apologizes.. If anyone knows massive amounts about IRC, PLEASE, help! gr2kittrell@apsicc.aps.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Bob Stratton Date: Thu, 22 Apr 93 17:43:28 PDT To: cypherpunks@toad.com Subject: MEET: Ad Hoc Washington meeting Saturday 4/24/93 Message-ID: <9304221943.AA13465@horton.intercon.com> MIME-Version: 1.0 Content-Type: text/plain Washington, DC area ad hoc Cypherpunks meeting. Saturday, April 24, 1993 2:00 PM EDT -> not later than 8:00 PM EDT LOCATION: Unless I hear resounding acclaim for the Monday night meeting, I'm going to hold out our original offer of a Saturday meeting, April 24th, from 2:00PM until sometime not later than 8:00PM, at the offices of: InterCon Systems Corporation 950 Herndon Parkway Suite 420 Herndon, Virginia 22070 DIRECTIONS: InterCon is two blocks north of exit 2 on the Dulles Toll Road (Route 267). From the Beltway, take 267 West to exit 2 (Herndon), and make a right onto Eldon Street. Go through the traffic light at Herndon Parkway (there'll be a shopping center with a big Giant Food on your left), and make an immediate right into the office building on the corner of Eldon and Herndon Parkway labelled "Ford Center". Meet at the front entrance of the building where the Riggs Bank ATM is, and I'll come down and let you in. If you find a way, in, take the elevator to the 4th floor, and walk straight out of it to our office door, which you'll be looking at when the elevator doors open. NOTE: The building locks at 1PM. There is a security phone at the rear entrance, but you'll have to get them to find me, and I don't know what extension we'll be at, so the operative word is "punctuality". I'll make periodic sweeps to the FRONT entrance to look for people, but I can't canvass every door looking for people coming by later. If you come by, and don't see an easy way in, wait by the Riggs Bank ATM entrance, and someone will let you in. (I'll need volunteers to occasionally do that, BTW) COMMUNICATIONS: If you need to reach me, you can try the following: Office phone: +1 703 709 5525 Pager(VA): +1 703 826 5238 (Use an area code!) -or- if you're terribly confused or stranded, call: 800 225 0256, Pager ID: 209267 (This is an operator service, try to make it fit within 80 chars) Help stop the wiretap chip! (a.k.a "Clipper") RIPEM and PGP keys available on request. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: TO1SITTLER@APSICC.APS.EDU Date: Thu, 22 Apr 93 18:55:49 PDT To: Cryptoprivacy Subject: IRC Message-ID: <930422195325.3929@APSICC.APS.EDU> MIME-Version: 1.0 Content-Type: text/plain NO! I was NOT trying to set up a host, I was trying to set up a CLIENT! I don't have source for a host, nor do I have room in my disk quota for it! I do, however, have source for two IRC clients, neither of which works yet. But really Chris, I think the Clipper is more important. Not only to the people who read the list, but to me too. This is the biggest reason why my time online does not get spent hacking the IRC client into shape. Please stop posting these messages to THIS list. Kragen From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Arthur Abraham Date: Thu, 22 Apr 93 19:55:12 PDT To: cypherpunks@toad.com Subject: Don't Piss on Me Message-ID: <199304230254.AA23563@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain I refer you to my earlier posting requesting people to direct thier fire at something that needs to be ignighted -- like your local newspaper or local congress person or local president -- but it's definately not the Cypherpunks mailing list. We MUST NOT waste time writing each other letters that we'll learn nothing by reading. We should spend that same time writing to newspapers, congress people, phone companies, Clinton, Gore, and anybody else who thinks they can get away with this because they feel the citizenry either doesn't care about or doesn't understand the issues. What I'd like to see about the Privacy Clipper on this list is something I don't already know, like the name and address of AT&T's president's secretary -- s/he'll complain to the prez if enough privacy mail arrives. Better yet, how about more copies of the letters to the uninformed that you have already sent. Be imaginative, be active, rattle cages, but telling me how pissed you are won't change a thing, except to decrease the time we're both spending on doing something effective. Be effective. Please. -a2. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stanton McCandlish Date: Thu, 22 Apr 93 19:56:39 PDT To: a2@well.sf.ca.us (Arthur Abraham) Subject: HUMOUR: re: Wiretap chip sobriquet In-Reply-To: <199304222206.AA14436@well.sf.ca.us> Message-ID: <9304230256.AA06274@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain > Actually, this is the worst named product since GM decided to name an > electric car the "Impact" (they've since announced that they're not > going to make it.) > > This device is very simply the "Privacy Clipper" chip .... Heh. Snip snip... But lets not forget a certain Finnish household cleaning product (similar to DiDi Seven), that failed DISMALLY in the English speaking world: Super Piss. No, really that was what it was called I do not lie. ANYWAY: I now have the OS/2 version of PGP available on NitV BBS (see .sig) -- Testes saxi solidi! ********************** Podex opacus gravedinosus est! Stanton McCandlish, SysOp: Noise in the Void Data Center BBS IndraNet: 369:1/1 FidoNet: 1:301/2 Internet: anton@hydra.unm.edu Snail: 8020 Central SE #405, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: norm@netcom.com (Norman Hardy) Date: Thu, 22 Apr 93 21:40:43 PDT To: cypherpunks@toad.com Subject: If strong crypto were illegal Message-ID: <9304230440.AA23805@netcom2.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Curriously the chip ostensibly makes it nearly impossible for the government to prove that you are using strong crypto on top of skipjack (Clipper). From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: norm@netcom.com (Norman Hardy) Date: Thu, 22 Apr 93 21:40:55 PDT To: cypherpunks@toad.com Subject: If strong crypto were illegal Message-ID: <9304230441.AA23828@netcom2.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Curriously the chip ostensibly makes it nearly impossible for the government to prove that you are using strong crypto on top of skipjack (Clipper). I suppose that the a govenrment agency could use a trap-door to discover that plain text was not plain, then get a warrant, then present evidence that you were using strong crypto. Such might eventually lend credence to the belief that there was a trap-door. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stanton McCandlish Date: Thu, 22 Apr 93 20:53:48 PDT To: cypherpunks@toad.com Subject: PGP for Amiga Message-ID: <9304230353.AA08274@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain As I posted before, I have PGP for DOS, Unix and Mac available on my BBS. I just added the OS/2 version. Does anyone know of an Amiga version? Or any other version? I need site names and/or filenames (xarchie is a Good Thing!) Thanks in advance. -- Testes saxi solidi! ********************** Podex opacus gravedinosus est! Stanton McCandlish, SysOp: Noise in the Void Data Center BBS IndraNet: 369:1/1 FidoNet: 1:301/2 Internet: anton@hydra.unm.edu Snail: 8020 Central SE #405, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Douglas Barnes Date: Thu, 22 Apr 93 23:44:09 PDT To: cirrus.com!pete@cactus.org (Pete Carpenter) Subject: Re: Mass producing chips In-Reply-To: <9304222251.AA25007@ss2138.cirrus.com> Message-ID: <9304230302.AA15092@wixer> MIME-Version: 1.0 Content-Type: text/plain I wrote: > How are they going to produce them at these prices and in that quantity > given the "baroque activities in the vault" described by Denning? > > Doug (gumby@wixer.bga.com) > My point was that given the additional escrow security measures described by D. Denning, I don't see how these prices or volumes will be possible. It is possible that: 1) Denning is describing the process incorrectly, or was merely outlining how the chips would be produced in the best of all possible worlds. 2) The manufacturer actually has many such vaults, and the escrow agencies will provide sufficient staff and disposable laptop computers at no charge to the manufacturer. 3) The chips will not, in fact, be produced in substantial volume (e.g. >1M / year would require over 3,000 "sessions" per working day) You responded: > Assuming that there is some EEPROM, or bipolar fuse PROM (like PALs) they can > easily be programmed during the final (packaged) test stage. After the device > passes its tests, give it a number. There are already some PALs that have a > "silicon signature", a lot number embedded on the chip, which allows process > or lot tracing of devices that don't work up to spec. > > Testing on peripheral controllers is well below 5 seconds each (gross ballpark - > not giving away any secrets here) CPUs may be more, but a "wire-tap" chip > should be much easier to test than a CPU. Testers can run close to 24 hours > a day, and 24*3600/5 is 17,000 chips a day from one test head. QFP trays have > 50 chips/tray, and since the tester knows when the trays are full, it can easily > use this to form lot/tray/batch,etc numbers, as well as individual device numbers. > (all of which I am familiar with) I was referring to: [... from D. Denning's sci.crypt posting ...] All Clipper Chips are programmed inside a SCIF (secure computer information facility), which is essentially a vault. The SCIF contains a laptop computer and equipment to program the chips. About 300 chips ^^^^^^^^^^^ are programmed during a single session. The SCIF is located at ^^^^ suggests only one vault Mikotronx. At the beginning of a session, a trusted agent from each of the two key escrow agencies enters the vault. Agent 1 enters an 80-bit value S1 into the laptop and agent 2 enters an 80-bit value S2. These values serve as seeds to generate keys for a sequence of serial numbers. [... technical info on key generation deleted ...] As a sequence of values for U1, U2, and U are generated, they are written onto three separate floppy disks. The first disk contains a file for each serial number that contains the corresponding key part U1. The second disk is similar but contains the U2 values. The third disk contains the unit keys U. Agent 1 takes the first disk and agent 2 takes the second disk. The third disk is used to program the chips. After the chips are programmed, all information is discarded from the vault and the agents leave. The laptop may be destroyed for additional ^^^^^^^^^^^^^^^ assurance that no information is left behind. The protocol may be changed slightly so that four people are in the room instead of two. The first two would provide the seeds S1 and S2, and the second two (the escrow agents) would take the disks back to the escrow agencies. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Bill Sommerfeld Date: Thu, 22 Apr 93 19:38:04 PDT To: cypherpunks@toad.com Subject: crypto export controls. Message-ID: <9304230203.AA00114@orchard.medford.ma.us> MIME-Version: 1.0 Content-Type: text/plain I got an announcement last week of a presentation early this week at my place of work on the subject of cryptographic export controls, shortly before the cripple chip announcement was made. This struck me as at least suspicious. Well, turns that the timing was something of a coincidence; it was just a generic presentation on the current sorry state of the export regulations, by one who had to deal with them day in and day out. He seemed to have the right attitude towards "working the regulations" and what they should be, and had been involved in a few meetings with NSA-types. He commented that things have been getting better -- it used to be that they'd refuse to meet with you over the subject of exporting DES; now, they'll meet with you and just refuse to talk about it. The justification for ignoring the current wide availability of strong crypto outside the U.S. was that if they prevent strong crypto from falling into the hands of *one* bad guy, they will have accomplished something... He mentioned that the Software Publishers Association deal (where companies can now export software using crippled versions of RC2 and RC4 on short notice) was a surprise to him and much of the non-PC software industry and represented an almost complete capitulation on the SPA's part. It was also uninteresting to my employer as we aren't interested in using trivially breakable crypto in our products, and the quick turnaround is pretty much meaningless given the amount of lead time needed to get a product out the door. He also mentioned an upcoming amendment to the next version of the law which authorizes the ITAR and the commerce equivalent which would specifically allow the export of generally available encryption software; he didn't hold out much hope for it passing but considered it worth fighting for. He was also taken by surprise by the cripple chip announcement, and also considered it a bad and ominous thing... - Bill From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Matthew J Miszewski Date: Thu, 22 Apr 93 20:29:01 PDT To: cypherpunks@toad.com Subject: CLIP: Congress works with the Cypherpunks! Message-ID: <23042222282634@vms2.macc.wisc.edu> MIME-Version: 1.0 Content-Type: text/plain Cypherpunks (or cryptoprivacy professionals) :-), Hey, some good news. I just got some good information that the winds in Congress are blowing our way. In the latest "Communications Daily", the House of Reps. Telecommunications Subcommittee Chair Markey (D-Mass) has come out actively opposing the Wiretap Chip. He gave several reasons, most of them not technical but commercial. I think he could use some technical talking points too. This could be important guys. A chairman has mucho power (albeit he is only a subcom chair, but he may be well connected). I will digest the article and post it for Eric to put it on the ftp site. I will also get the vital info on this charming privacy advocate (Ill bet he wears a suit too! ;^) This is an incredible window of opportunity. Think, type, send but don't overdo it. This may be our only advocate. But he may have Senator Kennedy's ear. I guess this will test the cypherpunk effectiveness quotient. Progress. Matt mjmiski@macc.wisc.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Harry Shapiro Date: Thu, 22 Apr 93 19:59:56 PDT To: cypherpunks@toad.com (Good Guys) Subject: Suit vs Non-Suits Message-ID: <199304230259.AA12758@sun.Panix.Com> MIME-Version: 1.0 Content-Type: text/plain I feel that perhaps I started this whole mess that is getting, imho, quite out of hand. I said in a post of several days ago, we need Tim M. and John G. to get out there and speak and we also need some people who wear suits. I think we need both. I agree with Perry about the desire to change things and the perception of a person gives off, etc. Still I think we need both, and since we have both people on this list, I don't see what has to really change. It would be nice to get Tim and John and a few suis to make a lobbying trip to washington. But lets stop the debate. /harry -- Harry Shapiro habs@panix.com List Administrator of the Extropy Institute Mailing List Private Communication for the Extropian Community since 1991 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Matthew J Miszewski Date: Thu, 22 Apr 93 21:01:08 PDT To: cypherpunks@toad.com Subject: HOUSE: Wiretap Support from Markey (D-Mass) Message-ID: <23042223002970@vms2.macc.wisc.edu> MIME-Version: 1.0 Content-Type: text/plain Here it is: Couldn't remember if the first two articles had been posted but I figured Eric could ftp them even if they were. The 3rd article is the one about Rep. Markey. Ill find his vital info ASAP. -----------------8<---------------------8<---------------- Communications Daily April 19, 1993, Monday Vol. 13, No. 74; Pg. 2 Clinton Sets Policy Review GOVT. WEIGHS IN ON PRIVACY-VS.-ENCRYPTION DEBATE, WITH ITS OWN TECHNOLOGY Clinton Administration Fri. announced sweeping policy directive designed to protect privacy of voice and data transmissions using govt.-developed encryption technology that ensures law enforcement agencies will have ability to eavesdrop. Encyrption is achieved through use of " Clipper Chip" that will be built into telephones, computers, fax machines. Although govt. will adopt new chip as its standard, use in private sector will be on voluntary basis. AT&T Fri. became first company to announce publicly support of Clipper Chip. "We believe it will give our customers far greater protection in defeating hackers or eavesdroppers in attempting to intercept a call," said AT&T Vp Secure Communications Systems Edward Hickey. Govt. already has purchased some evaluation units from AT&T with Clipper Chip installed, said Raymond Kramer, acting dir. of National Institute of Standards & Technology (NIST). Govt. expects to purchase "well over the thousands" of such Clipper Chip units, he said, but he couldn't give figures for how many it might buy from AT&T. AT&T spokesman said products with Clipper Chip included will be available commercially in 2nd quarter. President Clinton Thurs. signed Top Secret National Security Directive outlining details of privacy and encryption policy review. Review will bring together industry and govt. experts under direction of National Security Council in attempt to resolve long-running controversy on right of businesses and citizens to protect all forms of communication and govt. right to conduct lawful investigations. Review will take 3-4 months, NIST's Kramer said. Law enforcement agencies are concerned about rising popularity of digital encryption methods. Multinational businesses, worried about economic espionage, increasingly are incorporating encryption technology for all communications. Law enforcement agencies have voiced growing concern that if they don't move quickly to enact laws assuring them access to encrypted and digital communications, they will be at decided disadvantage in attempting to thwart criminal acts. FBI spokesman James Kallstrom acknowledged that "not many" criminals today are using encryption to skirt law, but putting methods in place now to assure means of intercepting such communications "is vital" to law enforcement's mission. Encryption program will be available to any vendor that wants to manufacture chips, Kramer said. However, company that developed and designed chip under sole-source contract from National Security Agency (NSA) -- Mykotronx, Torrance, Cal. -- has solid lead on market. Kramer acknowledged job was handed to it with NSA's full approval of noncompetitive bid contract. He defended noncompetition aspect: "We went out and found the only company capable of delivering this technology." He said govt. has been using Clipper Chip technology for "a while now in classified applications," but declined to say how long it had been in use before White House announcement. Each chip will have 3 unique "keys" issued to it. When manufactured, 2 of those keys will be sent to govt. and will be held by "escrow agents." For law enforcement agency to be able descramble transmissions, it first must get court order that allows keys held in escrow to be released. Only when those keys are used in tandem can law enforcement agencies unscramble codes and listen in on conversations. Attorney Gen.'s office will "make all arrangements with appropriate entities to hold keys," White House said. Those escrow keys could be held by private organizations, govt. agencies or others, Kramer said. But only 2 entities will be chosen and will be responsible for administering data base that will store keys. Attorney Gen.'s office is expected to select escrow key holders "within a couple of weeks," Kramer said. Plan already is drawing fire from civil liberties groups and privacy advocates. Electronic Frontier Foundation (EFF) said White House acted "before any public comment or discussion has been allowed." It said Administration will use "its leverage to get all telephone equipment vendors to adopt" technology. EFF criticized govt.'s sole-source contract, saying there may be other companies that have better encryption technology, and because encryption algorithm is classified, it can't be tested. "The public will only have confidence in the security of a standard that is open to independent, expert scrutiny," EFF said. Privacy experts are concerned that because Clipper Chip was developed under NSA contract, it might have "backdoor" known only to NSA that would allow agency to crack code and bypass court order. Kramer disagreed: "There is positively no backdoor to this technology." Because use of Clipper Chip is entirely voluntary, businesses and private users -- including criminals -- are free to choose other means of encryption, leaving govt. and law enforcement agencies with dilemma they now face. FBI's Kallstrom acknowledged criminals still could thwart investigations if they used non- Clipper Chip products, "but most criminals aren't so smart." Ability of govt. to eavesdrop on Clipper Chip -equipped devices still doesn't solve broader problem: Ability to wiretap conversations moving across digital telecommunications lines. That problem is being addressed separately by FBI's controversial digital wiretap legislation that has failed to find congressional sponsor and is languishing in Justice Dept., waiting for support of Attorney Gen. InformationWeek April 19, 1993 PHONE CHIP BLOCKS UNWARRANTED TAPS The Clinton administration is attempting to balance privacy concerns with law enforcement agencies' ability to eavesdrop on phone conversations and data transmissions. Last week, government engineers revealed they have developed a " Clipper Chip" that can be placed in ordinary phones to encrypt phone communications. Each device containing the chip will have two unique "key" devices that together can decode those communications. One key will be held by a government agency and one by a private organization. Law enforcement officials would need warrants to obtain the keys. The Justice Department plans to purchase several thousand chips, and AT&T immediately announced it will use Clipper in all of its secure communications products. Communications Daily April 20, 1993, Tuesday Vol. 13, No. 75; Pg. 7 [...] House Telecom Subcommittee Chmn. Markey (D-Mass.) has expressed reservations about govt. use of Clipper Chip, encrypted technology that secures transmissions (CD April 19 p2). Markey wrote to Commerce Secy. Ronald Brown asking whether use of technology could lead to "inadvertently increase[d] costs to those U.S. companies hoping to serve both" govt. and private markets. Chip would be mandatory for govt. use, but optional for private sector, although companies might find greater proprietary need to protect data than govt. Markey asked Brown response to 6 questions: (1) Has algorithm been tested by any entity besides National Security Agency, National Institute of Standards & Technology or vendor supplying chip? (2) Who would hold "key" to descrambling data? (3) Does algorithm have "trap door" or "back door" that could allow someone to crack code? (4) How well would encryption devices adapt to rapidly changing telecommunications technology? (5) What would chip cost federal govt.? (6) What is Commerce Dept. assessment on cost to U.S. exporters of computer and telecommunications hardware and software. Markey said he wanted answers by April 28. [...] National Assn. of State Utility Consumer Advocates opens 2-day conference April 22 on "Telecommunications 2000: What's at Stake for Consumers in the Next Century?" at Rayburn House Office Bldg., Rm. 2168. Rep. Markey (D-Mass.) will speak. Vice President Gore is invited luncheon speaker. Three-member panels Thurs. include: 9:30 a.m. -- National Telecommunications Infrastructure, with former Rep. Tauke (R-Ia.), now Nynex govt. affairs vp. 11 a.m. -- Funding Advanced Networks, with Bell Atlantic Federal Relations Exec. Dir. Edward Lowery. 3:30 p.m. -- New Technologies, with Bell Atlantic Information Services Exec. Dir. Steven Craddock. [I know we missed Thursday but can some suits make it tomorrow?] MultiLink has developed software quality assurance package for its audioconferencing bridge known as System 70. Equipment assures multipoint teleconferences will work through simulator that generates Dual Tone MultiFrequency signals to test 2-way digitized messages over telephone lines, company said. [For those interested in DTMF stuff (I know its an aside)] Ill. Bell has begun offering Call Trace for $4 per successful trace to 56 Chicago area communities. Customers would dial *57, preserving number for Bell's Annoyance Call Bureau or police authorities, although users wouldn't see it directly. Unlike Caller ID, offer is available only on per-call basis. [UUUGGGGHHHH!!!!] Matt mjmiski@macc.wisc.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Arthur Abraham Date: Thu, 22 Apr 93 23:06:32 PDT To: cypherpunks@toad.com Subject: Re: Meets 'n Greets Message-ID: <199304230606.AA07005@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Craig Nottingham wrote: >In addition a thought that many people are overlooking- the wiretap chip >transmissions of encrypted data would make a perfect envelope for the >transfer of more secure information encrypted with powerful encryption >schemes. There would be no easy way to tell the diffence between >pre-encypted transmissions and wiretap chip encrypted conversation. If I was the LE and unwrapped a Privacy Clipper wrapper and found further encryption, I'd know I had found "probable cause" to... -a2. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: whitaker@eternity.demon.co.uk (Russell E. Whitaker) Date: Sun, 25 Apr 93 05:00:40 PDT To: cypherpunks@toad.com Subject: MEETING: UK Cryptoprivacy Association Message-ID: <4398@eternity.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Meeting of the UK Cryptoprivacy Association - ------------------------------------------- Saturday, 8 May 1993, 1500 To be held at the offices of: FOREST 4th floor 2 Grosvenor Gardens London SW1W 0DH This is located at the corner of Hobart Place, a couple of blocks west of Victoria Station, and almost directly across from the dark green cabbie shelter. If you have trouble finding the place, please call the office on 071-823-6550. Or, call me (Russell Whitaker) on my pager, 081-812-2661, and leave an informative message with the telephone number where you can be reached; I will return the call almost immediately. Discussion will range from the usual general topics, such as the use of secure public key cryptosystems to protect message data, to specific topics, such as recent moves by the U.S. government to restrict choice in data privacy (reference recent discussion on Usenet groups, e.g. sci.crypt and alt.security.pgp). All are invited. Particularly welcome are members of the newly-formed UK CommUnity group ... the local EFF-in-spirit-if-not-in-name folks. Those who plan to attend should email me and let me know. Please. All attendees are requested to bring diskettes - preferably MS-DOS - with their PGP 2.+ public keys. As is usual at these gatherings, several of us will bring our laptops, and will sign public keys, subject to the usual caveats (reference the documentation for PGP 2.2, specifically files PGPDOC1.DOC and PGPDOC2.DOC). If you do not already have a copy of PGP 2.2 (MS-DOS), and would like to have a copy of this public domain program, please bring a formatted, medium or high density 3.5 inch floppy PC diskette; you will be provided a copy of the program. Of course, you might prefer to ftp a version of the program from one of the various archive sites. I suggest trying Demon Internet Systems, which carries the full range of PGP (Phil Zimmerman's "Pretty Good Privacy") implementations: directory /pub/pgp at gate.demon.co.uk. Meetings are of indeterminate time. Those who are interested are invited to join the rest of us at a pseudorandomly determined pub afterwards. Please note: - ------------ In the past few months, interested people have emailed me, requesting FAQs and special information mailings. I regret that, except in very unusual cases (e.g. working press), I cannot, in a timely manner, respond to these requests. I will, however - and for the first time - do a writeup of this meeting, which I will post in various places. What I *am* willing to supply is general information on our activities for the maintainers of existing FAQs, such as that for alt.privacy. FAQ maintainers can contact me at whitaker@eternity.demon.co.uk Russell Earl Whitaker whitaker@eternity.demon.co.uk Communications Editor AMiX: RWhitaker EXTROPY: The Journal of Transhumanist Thought Board member, Extropy Institute (ExI) ================ PGP 2.2 public key available ======================= -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK9bG/ITj7/vxxWtPAQG0/AQAmPQKQl7KNB43DyniRyuDu5tixStXd2F7 k5CiWNwN/u9ExZfptPgajwY91dsafX0H53RV5+lT8OSnvIx35QMmgBmPQOJCGnGj ZUJ2eGiSvfuLtAmgMQtSLtJh5x/VXmUIl8SJHzrffIz3SjnKcENTzrQnGc7UdIQ6 x85InstiJzU= =Y9GS -----END PGP SIGNATURE----- -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Thu, 22 Apr 93 23:50:02 PDT To: cypherpunks@toad.com Subject: CRYPTO '93 - Conference Announcement & Final Call for Papers Message-ID: <9304230649.AA23157@toad.com> MIME-Version: 1.0 Content-Type: text/plain I recommend this conference. It's cheap to attend, you'll meet almost all the world-class cryptographers there are (out in the open, as well as some of the spooks), the food is great, and the campus is a fun place to visit. Everything is in walking distance, and the ocean and cliffs are right there. As well as a lot of interesting people and discussions. I wouldn't submit a paper unless it was a serious academic paper, but you could submit a "rump session" talk about some of the cypherpunk activities you've been doing. You'll get five or ten minutes to explain and handle questions, with overhead slides. The presentations have ranged from how to break DES (Adi Shamir & Eli Biham) to ideas about building MSDOS viruses that would infect millions of PC's to do brute force crypto cracking (Steve White of IBM, I think). I've spoken at two of the last three rump sessions about one or another social or political aspect of cryptography. Whit Diffie chairs the rump session, which is held after dinner with beer and wine, and you can send him proposals for your talk by email (diffie@eng.sun.com). John ............................................................................ CRYPTO '93 - Conference Announcement & Final Call for Papers ............................................................................ The Thirteenth Annual CRYPTO Conference, sponsored by the International Association for Cryptologic Research (IACR), in cooperation with the IEEE Computer Society Technical Committee on Security and Privacy, the Computer Science Department of the University of California, Santa Barbara, and Bell-Northern Research (a subsidiary of Northern Telecom), will be held on the campus of the University of California, Santa Barbara, on August 22-26, 1993. Original research papers and technical expository talks are solicited on all practical and theoretical aspects of cryptology. It is anticipated that some talks may also be presented by special invitation of the Program Committee. - ------------------------- INSTRUCTIONS FOR AUTHORS: Authors are requested to send 12 copies of a detailed abstract (not a full paper) by April 26, 1993, to the Program Chair at the address given below. A limit of 10 pages of 12pt type (not counting the bibliography or the title page) is placed on all submissions. Submissions must arrive on time or be postmarked no later than April 21, 1993 and sent by airmail in order to receive consideration by the Program Committee. It is required that submissions start with a succinct statement of the problem addressed, the solution proposed, and its significance to cryptology, appropriate for a non-specialist reader. Technical development directed to the specialist should follow as needed. - ------------------------- Abstracts that have been submitted to other conferences that have proceedings are NOT eligible for submission. Submissions MUST BE ANONYMOUS. This means that names and affiliations of authors should only appear on the title page of the submission; it should be possible to remove this page and send the papers to Program Committee members. A Latex style file that produces output in this format is available by email from the Program Chair. Authors will be informed of acceptance or rejection in a letter mailed on or before June 21, 1993. A compilation of all accepted abstracts will be available at the conference in the form of pre-proceedings. Authors of accepted abstracts will be allowed to submit revised versions for the pre-proceedings. A revised abstract should contain only minor changes and corrections to the originally submitted abstract. All revised abstracts must be received by the Program Chair by July 16, 1993. THE 10 PAGE LIMIT WILL BE STRICTLY ENFORCED for the pre-proceedings. Complete conference proceedings are expected to be published in Springer- Verlag's Lecture Notes in Computer Science series at a later date, pending negotiation. - ------------------------- The Program Committee consists of D. Stinson (Chair, Nebraska) M. Bellare (IBM T. J. Watson) E. Biham (Technion, Israel) E. Brickell (Sandia National Labs) J. Feigenbaum (AT&T Bell Labs) R. Impagliazzo (UCSD) A. Odlyzko (AT&T Bell Labs) T. Okamoto (NTT, Japan) B. Pfitzmann (Hildesheim, Germany) R. Rueppel (R3, Switzerland) S. Vanstone (Waterloo, Canada) - ------------------------- Send submissions to the Program Chair: Douglas R. Stinson, Crypto '93 Computer Science and Engineering Department 115 Ferguson Hall, University of Nebraska Lincoln, NE 68588-0115 USA Telephone: (402)-472-7791 Fax: (402)-472-7767 Internet: stinson@bibd.unl.edu For other information, contact the General Chair: Paul C. Van Oorschot, Crypto '93 Bell-Northern Research (MAIL STOP 000) 3500 Carling Ave. Nepean, Ontario K2H 8E9 Canada Telephone: (613)-763-4199 Fax: (613)-763-2626 Internet: crypto93@bnr.ca ............................................................................ CRYPTO '93 - General Information (August 22 - 26, 1993) ............................................................................ THE PROGRAM: Crypto'93 is the thirteenth in a series of workshops on cryptology held at Santa Barbara, and is sponsored by the International Association for Cryptologic Research, in cooperation with the IEEE Computer Society Technical Committee on Security and Privacy, the Computer Science Department of the University of California, Santa Barbara, and Bell-Northern Research (a subsidiary of Northern Telecom). The program for the workshop will cover all aspects of cryptology. Extended abstracts of the papers presented at the conference will be distributed to all attendees at the conference, and formal proceedings will be published at a later date. In addition to the regular program of papers selected or invited by the program committee, there will be a rump session on Tuesday evening for informal presentations. Facilities will also be provided for attendees to demonstrate hardware, software and other items of cryptographic interest. If you wish to demonstrate such items, you are urged to contact the General Chair so that your needs will be attended to. The social program will include hosted cocktail parties on Sunday and Monday. In addition, there will be a beach barbecue on Wednesday evening. The price of the barbecue is included in the room and board charge, and extra tickets may be purchased. ABOUT THE CONFERENCE FACILITIES: The workshop will be held on the campus of the University of California, Santa Barbara. The campus is located adjacent to the Santa Barbara airport and the Pacific Ocean. Accommodations are available in the university dormitories at relatively low cost for conference participants. Children under the age of 13 are not allowed to stay in the dormitories, so those bringing small children will need to make separate arrangements in one of several nearby hotels. More information on hotels is enclosed. Parking on campus is available at no cost to the participants. However, participants must indicate on the registration form if they desire a parking permit. TRAVEL INFORMATION: The campus is located approximately 2 miles from the Santa Barbara airport, which is served by several airlines, including American, America West, Delta, United, and US Air. Free shuttle bus service will be provided between the Santa Barbara airport and the campus on Sunday and Thursday afternoons. All major rental car agencies are also represented in Santa Barbara, and AMTRAK has rail connections to San Francisco from the north and Los Angeles from the south. Santa Barbara is approximately 100 miles north of Los Angeles airport, and 350 miles south of San Francisco. REGISTRATION: Participation is invited by interested parties, but attendance at the workshop is limited, and pre-registration is strongly advised. Late registrations, subject to a late registration fee, may be accepted if space is available, but there are NO GUARANTEES. To register, fill out the attached registration form and return to the address on the form along with payment in full before July 9, 1993. Campus accommodations will be available on a first come, first serve basis for attendees who register by July 9, 1993. The conference fees include participation in the program and all social functions, as well as membership to the IACR and a subscription to the Journal of Cryptology. The room and board charges include dormitory lodging and meals >from dinner on Sunday to lunch on Thursday. Technical sessions will run >from Monday morning to Thursday at noon. A very limited number of stipends are available to those unable to obtain funding. Applications for stipends should be sent to the General Chair before June 4, 1993. ............................................................................ CRYPTO '93 - CRYPTO '93 Registration Form ............................................................................ REGISTRATION DEADLINE: July 9, 1993 Last Name: _____________________________________________ First Name: _____________________________________________ Sex: (M)__ (F)__ Affiliation: _______________________________________________________________ Mailing Address: __________________________________________________________ __________________________________________________________ __________________________________________________________ ___________________________________________________________ Phone: __________________________________ FAX: ___________________________ Electronic Mail: __________________________________________________________ Payment of the conference fee entitles you to membership in the International Association for Cryptologic Research for one year at no extra charge, including a subscription to the Journal of Cryptology, published by Springer- Verlag, at no extra charge. Do you wish to be an IACR member? YES__ NO__ The conference fee also includes the conference proceedings when they become available, containing final versions of conference papers. The book of extended abstracts distributed at the conference will contain only shortened preliminary versions of these papers (maximum 10 pages). Conference fee: Regular ($280) US$ _______ Attended Eurocrypt'93, Norway ($230) _______ Full time student ($190) _______ deduct $50 if you do not wish proceedings _______ Total conference fee: US$_______ Room and Board (4 nights): Smoking ___ Non-smoking ___ Single room ($275 per person) _______ Double room ($225 per person) _______ Roommate's name: ____________________________________ Extra barbecue tickets ($20 each; one is included in room and board) _______ $40 late fee for registration after July 9; REGISTRATION NOT GUARANTEED AFTER JULY 9 _______ Total funds enclosed (U.S. dollars): US$ _______ Payment must be by check PAYABLE IN U.S. FUNDS, by money order IN U.S. FUNDS, or by U.S. BANK DRAFT, payable to: CRYPTO'93. Payment should be mailed to the General Chair: Paul C. Van Oorschot, CRYPTO'93 Bell-Northern Research (MAIL STOP 000) 3500 Carling Ave. Nepean, Ontario K2H 8E9 Canada ............................................................................ CRYPTO '93 - Hotel Information ............................................................................ For those who choose not to stay in the dormitories, the following is a partial list of hotels in the area. Those who choose to stay off campus are responsible for making their own reservations, and early reservations are advised since August is a popular season in Santa Barbara. Note that Goleta is closer to UCSB than Santa Barbara, but that a car will probably be required to travel between any hotel and the campus. All prices are subject to change; prices should be confirmed by calling the individual hotels directly. However, mention CRYPTO'93 when you are making your reservation and in several of the hotels listed you will be eligible for the university rate which can be significantly less than the normal rates. We are not able to block rooms in these hotels, so please make reservations as early as possible. The quality of the hotels range from rather expensive beach-front resorts to basic inexpensive accommodations. For further information, try contacting the Santa Barbara Convention and Visitors Center, (805)-966-9222. South Coast Inn: 5620 Calle Real, Goleta, CA 93117. Regular rates: Single $89, Double $94; call for University rates. Contact Murrill Forrester at (805)-967-3200 or toll-free at (800)-350-3614. Cathedral Oaks Lodge: 4770 Calle Real, Santa Barbara, 93110. Single rates not available, Double rates start at $84 including breakfast; no University rates. Call Tom Patton at (805)-964-3511 or toll-free at (800)-654-1965. Motel 6: 5897 Calle Real, Goleta, CA 93117. Single $33.95, Double $39.95, no University rate available. Call (505)-891-6161. The Sandman Inn: 3714 State St., Santa Barbara, CA 93105. Regular rates: Single or Double $84, $94 for king-size, University rate $65. Call Jean Ingerle at (805)-687-2468 or toll-free at (800)-350-8174. Miramar Hotel (Beachfront): 3 miles south of Santa Barbara on U.S. 101 at San Ysidro turnoff. Regular rates: $70-$135. No University rates. Call (805)-969-2203. Pepper Tree Inn: 3850 State St., Santa Barbara, CA 93105. Regular rates: $106-$112 for two people, University rates $96-$102 for two people. Call Christopher Oliphant at (805)-687-5511 or toll-free at (800)-338-0030. Encina Lodge: 220 Bath Street, Santa Barbara, CA 93105. Regular rates $106-$108 for two people, no University rates. Call Carol Wolford at (805)-682-7550 or toll-free at (800)-526-2282. Quality Suites: 5500 Hollister Ave, Santa Barbara, CA 93111 (close to campus). Regular rates: Single $125, Double $145, University rates $99 double (must mention you are attending a UCSB program). Call Michael Ensign at (805)-683-6722. Upham Hotel (bed-and-breakfast): 1404 De La Vina Road, Santa Barbara, CA 93101. University rate $85 (mention you are from Crypto). Call Sheila Donegan at (805)-962-0058.he best ------- End of Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mccoy@ccwf.cc.utexas.edu (Jim McCoy) Date: Thu, 22 Apr 93 21:59:40 PDT To: cypherpunks@toad.com Subject: Re: New Algorithm... In-Reply-To: <19930422204625.1.MEYER@OGHMA.MCC.COM> Message-ID: <9304230459.AA18293@tigger.cc.utexas.edu> MIME-Version: 1.0 Content-Type: text > Date: Thu, 22 Apr 1993 15:46-0500 > From: Peter Meyer > > Date: Thu, 22 Apr 1993 15:07 CDT > From: "Perry E. Metzger" > > "Haywood J. Blowme" says: > [Lots about some J. Random Companies encryption chip] > > All fine and well, but since we have IDEA already, why should we want > it? For virtually all applicatons these days other than fully > encrypting network traffic, software is fine. DES implementations in > software can handle 1.5 Mbit/s on reasonable machines. [...] > [...] > > > There are lots of other things to be considered besides the algorithm > itself when designing good encryption software, e.g. if someone > accidentally yanks out the power cord to the computer during decryption > do you kiss goodbye to the data? Well, what if I need to the capability of doing 5-10 Mbyte/s? I am still haisng out a few design details of a "secure" BSD using encryption of the filesystem before I hit the code and right now this particular issue is one that I have still not worked out. I need it in hardware. Software is just not fast enough and I a not sure how much work it will require to get a DES card to do E(K1,D(K2,E(K1,x))) if I want to use 128 bit keys. Does anyone know if there is a hardware implementation of IDEA or another algorithm of suitable cryptographic strength available in a card or chip? Then again, maybe I could use a clipper chip... (big ;-) jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: David Reeve Sward Date: Thu, 22 Apr 93 21:08:57 PDT To: cypherpunks@toad.com Subject: CLIPPER: Explanation sheet? Message-ID: MIME-Version: 1.0 Content-Type: text/plain I (along with others) have some sort of phrase in our .signature saying "Stop the Clipper Chip" or somesuch. Since adding this, I have had several people ask me about this, and I have fired off an explanation to them. I am wondering if there is a Wiretap Chip Explanation Sheet to send to people instead of trying to make sure I remember everything (and without double-checking everything I say). Has anyone written such a beast? -- David Sward sward+@cmu.edu Finger or email for PGP public key 3D567F Stop the Big Brother Chip - Just say NO to the Clipper "Wiretap" Chip! From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: bobanderson%dlu.dnet@net.Vanderbilt.Edu (boB -- Geekey Student Worker) Date: Thu, 22 Apr 93 22:48:04 PDT To: "%vunsf.dnet@net.Vanderbilt.Edu Subject: Request Message-ID: <9304230547.AA08681@net.Vanderbilt.Edu> MIME-Version: 1.0 Content-Type: text/plain Please put me on the cypherpunks mailing list Bob From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Derek Atkins Date: Thu, 22 Apr 93 22:35:54 PDT To: cypherpunks-east@MIT.EDU Subject: MEET: Boston Area Cypherpunks Message-ID: <9304230535.AA14679@deathtongue> MIME-Version: 1.0 Content-Type: text/plain ANNOUNCEMENT: In lieu of the recent happenings in the cryptography field, and the Bay Area Cypherpunks meeting, I would like to call to order, an ad-hoc Boston Area Cypherpunks meeting. This meeting is to talk about the Wiretap Chip proposal, and to try to coordinate a counter-attack to the proposal. I hope to have an audio link to the west-coasters, encrypted (of course), so we can discuss these issues together. Place: MIT, Room 1-115, Cambridge. When: 3:00 pm - 9ish Please attend if you have any interest in this topic... DIRECTIONS: To get to MIT, room 1-115: via car: have fun! Building 1 is located right on Mass Ave., close to Memorial Drive. You can try to park anywhere around the area, if you can find a spot. via T: get off at kendall sq. (red line), and walk west... cross Ames St., and keep walking west. Enter the infinite corridor when you cannot walk outside any further, and keep walking west. Once you get into Lobby 7 (a big cathedral-like entryway at 77 Mass. Ave) there will be signs directing you to 1-115. See you there. If you need any more assistance, please feel free to send me e-mail, or call me at 868-4469... -derek From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Fri, 23 Apr 93 02:13:24 PDT To: cypherpunks Subject: Spooks like Suns (FYI) Message-ID: <9304230913.AA26730@toad.com> MIME-Version: 1.0 Content-Type: text/plain ---------------------------------------------------------------------------- The Florida SunFlash SunFed Wins Contract With Defense Intelligence Agency SunFLASH Vol 52 #25 April 1993 ---------------------------------------------------------------------------- Contact: Carol Hartzell, SMCC PR at (415) 336-0598 Will Be Exclusive Supplier of Secure, RISC-based Network Servers and Workstations MILPITAS, Calif. -- April 21, 1993 -- Sun Microsystems Federal, Inc. (Sun Federal) has been selected by the Defense Intelligence Agency (DIA) under a requirements contract to supply a secure, RISC-based family of workstations and servers. The one-year (with four option years) SASS (System Acquisition and Support Strategy) multi-vendor acquisition contract anticipates purchasing 5,400 RISC-based Sun(TM) workstations, the majority of which will be used in a secure network environment. Sun Federal will provide workstations and network servers to enhance and leverage the investment of existing equipment as well as move the DIA from a mainframe environment to a secure client-server workgroup environment. Sun Federal will supply Sun SPARCstation(TM) IPX(TM) and SPARCstation 2 workstations, along with a version of the Solaris(R) operating environment that is being evaluated by the DIA for CMW (Compartmented Mode Workstation) operation. Options for file servers and SPARCstation 10 workstations are also included. Sun Microsystems Federal, Inc. is a wholly owned subsidiary of Sun Microsystems, Inc., the world's leading supplier of client-server computing solutions. Sun Federal, founded in 1984, is headquartered in Milpitas, Calif. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ For information send mail to info-sunflash@Sun.COM. Subscription requests should be sent to sunflash-request@Sun.COM. Archives are on solar.nova.edu, ftp.uu.net, sunsite.unc.edu, src.doc.ic.ac.uk and ftp.adelaide.edu.au All prices, availability, and other statements relating to Sun or third party products are valid in the U.S. only. Please contact your local Sales Representative for details of pricing and product availability in your region. Descriptions of, or references to products or publications within SunFlash does not imply an endorsement of that product or publication by Sun Microsystems. Send brief articles (e.g. third party announcements) and include contact information (non-800#, fax #, email, etc) to: John McLaughlin, SunFlash editor, flash@Sun.COM. +1 305 351 4909 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: szabo@techbook.com (Nick Szabo) Date: Fri, 23 Apr 93 02:11:46 PDT To: extropians@gnu.ai.mit.edu Subject: Privacy International (fwd) Message-ID: MIME-Version: 1.0 Content-Type: text/plain The following forwarded from alt.privacy. Anybody have experience with this group? Have they taken a position on the wiretap chip? Subject: Group Info: Privacy International Message-ID: <1993Apr12.184129.11455@mont.cs.missouri.edu> Originator: rich@pencil.cs.missouri.edu Organization: Privacy International PRIVACY INTERNATIONAL A WATCHDOG ON SURVEILLANCE GENERAL INFORMATION PRIVACY INTERNATIONAL - THE BIRTH OF A WORLDWIDE MOVEMENT We are posting this in the hope that you might get involved in a new organization which is actively involved world-wide in the protection of privacy. Privacy International is an independent Non Government Organization (NGO) established in 1990 to protect personal privacy and to monitor surveillance by governments, financial institutions, intelligence agencies, media, political groups, police, and other organizations. At the invitation of its members and member organizations throughout the world, Privacy International has conducted successful campaigns against surveillance in Asia, Europe and North America. Many of these campaigns have raised awareness about the dangers of proposals for identity cards, national numbering systems, computer linking programmes and military surveillance. Others have reinforced the importance of developing laws to protect personal privacy. WHO ARE PRIVACY INTERNATIONAL!S MEMBERS ? Over the past three years Privacy International has established an outstanding and very active member network of legal experts, human rights advocates, information systems experts, academics, data protection experts, social and political scientists , and a whole range of concerned individuals from more than 40 countries. These members, who comprise much of the world!s expertise in privacy protection, form an independent network that can respond fearlessly to problems of all kinds. SOME OF OUR WORK Privacy International has conducted campaigns on a wide variety of issues throughout Europe, North America and Asia Our first campaign was undertaken during 1991 in Thailand, where the government had established a central population registration and ID card system. The system, controlled by the powerful Ministry of the Interior, would link many departments and ministries, and had few legal safeguards. A seven week campaign by Privacy International raised awareness amongst politicians, human rights organizations and the public about the potential dangers of the system. The second campaign, concerning yet another ID card proposal was conducted in Manila during April and May of 1991. The invitation to Privacy International came from the Philippine Alliance of Human Rights Advocates (PAHRA), the peak human rights NGO in the Philippines. Several bills were pending in the Congress and the Senate mandating the establishment of a national identity card and numbering system. PAHRA felt that this proposal could infringe the rights of Filipinos, and create problems for the Philippines fragile democratic process. A comprehensive submission was made to the Senate of the Philippines, pointing out the likely costs, both in economic and civil rights terms, of the proposal. The third campaign involved the establishment by the New Zealand Government of a data matching and government benefits card system known generically as the "Kiwi Card". An invitation was issued to Privacy International by the Auckland Council for Civil Liberties in late August, and I travelled to Auckland in early September. The Council was concerned about the government's plan for a number of reasons. First, the plan to data match amongst government agencies lacked adequate legal protection. Second, the Kiwi Card plan raised issues of discrimination. A more general concern that developed throughout the subsequent campaign was whether the New Zealand legal and political system embraced enough protections and rights to ensure that the system would not be abused. Current Activities THE NORTHERN IRELAND SURVEILLANCE PROJECT This project, the first of its type ever undertaken in Northern Ireland, will investigate the full extent of surveillance throughout the country. It is to be sponsored by the Law Faculty of the Queen!s University of Belfast. Human rights organizations have expressed concern for some years over the loss of basic rights in Northern Ireland. The development of complex and powerful information technology has increased the risk of routine surveillance of citizens, and consequently the loss of personal privacy in Northern Ireland has escalated. The emergency legislation in force there compounds this unfortunate situation. The report will be made publicly available by the end of 1993. THE STASI FILE PROJECT One of the most complex civil and political rights issues for former eastern block countries is the dilemma of how to deal with the files of police and intelligence organizations. The problem is compounded by the absence of any international guidelines which could be used as a benchmark. Privacy International is planning to establish a project which will develop international guidelines for handling police and official files in countries which are in transition to democracy. Privacy International has established an expert group to develop the guidelines. he establishment of an independent The group will work closely closely with members of relevant countries seeking to develop such legislation. THE BIG BROTHER AWARDS Governments, private sector organizations, credit bureaus, police departments and the military in many countries are engaging in programs which have the effect of eroding the rights and privacy of individuals. These practices often breach international human rights conventions, and threaten the balance or evolution of free and open societies. In many cases, information technology is used for the purposes of increasing the power of authorities, while diminishing the rights of individuals. These violations occur in all parts of the world. The Big Brother awards sponsored by Privacy International, will be given to the organization, initiative, government or act which is most invasive of private life, or which is responsible for the most dangerous and intrusive acts of surveillance. Privacy International believes that there should be a more widespread awareness of these practices. We believe people have the right to know when governments or other organizations are engaging in intrusive practices that limit individual rights. We aim to provide an effective context for viewing these invasive practices, by establishing an international benchmark. The establishment of the Big Brother awards aims to provide a world-wide focus on surveillance and privacy. THE INTERNATIONAL PRIVACY BULLETIN Privacy International!s quarterly newsletter, The International Privacy Bulletin, contains reports from around the world on privacy and surveillance, together with articles on a wide spectrum of privacy issues such as telecommunications privacy, encryption, privacy legislation, corrupt disclosure of confidential files and news of Privacy International!s activities. The International Privacy Bulletin is distributed free to all members and supporters. THE INTERNATIONAL INTERNET PRIVACY ARCHIVE Computer Professionals for Social Responsibility (CPSR) has created an electronic library of reports, laws and commentary on privacy. The archive includes discussions of communications privacy, cryptography, texts of international documents on privacy and many other materials. There are several hundred documents in the archive and more are being added every day. There is also a special folder in the library for Privacy International documents including electronic versions of newsletters, updates, country reports and international documents. There are currently several dozen files available. Access is through Internet mail, FTP, Gopher or WAIS. Through mail, send the command: help as the first line of text in a message to listserv@cpsr.org. FTP/Gopher/WAIS to cpsr.org folder /cpsr. All access is free. Users of the archive are encouraged to submit their articles for others to use. People who are interested in submitting articles, please contact David Banisar at 1+202/544-9240 Email: banisar@washofc.cpsr.org If you are interested in getting involved in the work of Privacy International, please contact Simon Davies, Marc Rotenberg, or David Banisar at : Privacy International, 666 Pennsylvania Ave SE Suite 303 Washington, DC 20003 United States of America Phone (+1) 202 544 9240 Fax (+1) 202 547 5481 E.Mail: pi@washofc.cpsr.org PRIVACY INTERNATIONAL MEMBERSHIP FORM Name...................................................... Organisation.............................................. Address................................................... .......................................................... .......................................................... Phone..................................................... Fax....................................................... Email..................................................... Special interests ........................................ .......................................................... $20 (Low income) $50 (full membership) All personal information is strickly confidential and will not be disclosed without the prior consent of the indvidual. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: warlord@MIT.EDU (Derek Atkins) Date: Thu, 22 Apr 93 23:25:24 PDT To: cypherpunks-east@mit.edu Subject: MEET: Boston Area Cypherpunks Message-ID: MIME-Version: 1.0 Content-Type: text/plain Oops.. I forgot to mention a date in my last message... The date of the meeting is THIS SATURDAY, 24 April, 1993. Sorry for any confusion... See you there... -derek From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: George A. Gleason Date: Fri, 23 Apr 93 02:26:35 PDT To: hughes@soda.berkeley.edu Subject: Re: WIRETAP: boycotts Message-ID: <199304230926.AA09240@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Re boycotting AT&T: Eric's proposal is great (cancel your AT&T long distance anyway) but I would suggest a more aggressive approach toward AT&T business telephone systems and consumer phone products. First of all, their equipment is mediocre at best. Their main business phone product, Merlin, is obsolete and truly nasty (details on request); System 75 (mid-sized PBX) is little better; their low-end key system (AT&T Spirit) is cheapy stuff, and although their Partner system is decent there are a number of better alternatives (Panasonic KXT-Hybrid is our favorite though if you want made in USA there's Comdial). AT&T have been pursuing an aggressive policy on initial pricing to try to kill off independent phone contractors, but their service doesn't measure up: expensive rates, delays, etc. So even if they drop their price by half on something to try to edge out a competitor, don't take the bait. Second, you can bet that they'll start introducing Tapper in their cordless phones pretty quickly, to try to win a market advantage based on having any kind of encryption at all. There are some cordless business phones available (one is designed for Merlin) and some new ones coming out soon. These will probably have Tapper in them. Ericsson have a cordless business phone system now, called FreeSet, which is essentially micro-cellular, and it uses a stronger European crypto standard if I'm not mistaken (I can go look up details if anyone wants to know). North Supply Premier is another version of same with some other encryption routine (ANYthing is better than Tapper at the moment) though not as adaptable as the Ericsson FreeSet system. For every AT&T phone set or system, there are plenty of better alternatives, and the time to start shifting your purchasing power is now. (oh BTW to clarify, what I meant by "new ones coming out soon" is that AT&T will probably try to jump on the Ericsson & North Premier bandwagon soon with their own version, with Tapper. "AT&T: phones with Big Brother Built Inside!" -gg From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: George A. Gleason Date: Fri, 23 Apr 93 02:55:40 PDT To: karn@qualcomm.com Subject: Re: CLIP: Legal Aspects Message-ID: <199304230955.AA11325@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Illegal taps: and keep in mind "investigative" taps used to gather deep background information... by the time that information gets to a useable form, its origin is so far obscured as to be impossible to prove... and most importantly, keep in mind the simple matter of political and economic intelligence. The British GCHQ routinely tapped trade unions; NSA went after the civil rights movement, history is full of cases like this. If you don't know COINTELPRO, look it up and get scared. The main thing here is not whether they can use evidence against you in court, but whether they can gather extracurricular info and use it to fuck up careers, runs for elected office, campaigns on public issues, labor negotiations, and all kinds of other things which we expect to be able to do freely in a nominal democracy. Clinton has expressed a commitment to civil rights causes, so I don't worryu about his administration pullling another WAtergate or COINTELPRO, but if we ever got another bunch of zealous authoritarians in there...! -gg From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: George A. Gleason Date: Fri, 23 Apr 93 02:58:28 PDT To: wcs@anchor.ho.att.com Subject: Re: Info on Mykotronx Message-ID: <199304230957.AA11510@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Re MycoToxin: contact the Covert Action Information Bulletin and ask if they have anything on anyone named in connection with MycoToxin. Do the same with other think-tanks that deal in defense-related issues, for example the Center for National Security Studies or some such. TRW is a scary thought indeed; and of course these people don't ever cut their ties for good... consider that TRW is a huge NSA partner and also maintains the Great Big Database of all our credit records & buying habits. Bad combinations, getting worse by the minute. -gg From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: William Stephen Kish Date: Fri, 23 Apr 93 00:00:26 PDT To: cypherpunks@toad.com Subject: encrypted telnet Message-ID: MIME-Version: 1.0 Content-Type: text/plain Hello, I've created this simple little program that allows for encrypted telnet sessions (between unix hosts) without any modification to the system telnetd or telnet programs. The system consists of a pair of programs: 1 running on the target machine (Host B) and 1 running on the machine being telneted from (Host A). (These daemons require no special permissions -- they run as normal user processes. Also, both daemons are really the same program; each is started with a different switch to let it know which hat to wear...) Instead of telneting directly to Host B, the user telnets to a special port on his own machine ("telnet HostA 10000"). This connects him to the encryption daemon. Upon makeing this connection, this Host A encryption deamon opens a TCP connection to the peer encryption daemon on Host B. This Host B deamon then opens a connection to port 23 (the normal telnet port) on it's own machine. Thus, all data from the user is passed to the encryption daemon on its local machine where it is encrypted and sent over the net to the peer daemon on the target machine. There the data is decrypted before being passed to the local telnetd process. Data flowing in the reverse direction undergoes a similar process. All of this is transparent to the user and telnet processes. What I need now is a strong stream cypher to drop into these daemons. Can anyone supply references to apropriate algorithms or code? A good cypher should be resistant to known plaintext attacks, since telnet sessions start out with lots of known plaintext (telnet options, login banner, motd, user id, etc...). If there is interest, I'll look into releasing this when it's complete. Thanks, Bill Kish kish+@cmu.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: George A. Gleason Date: Fri, 23 Apr 93 03:03:29 PDT To: szabo@techbook.com Subject: Re: WIRETAP: boycotts Message-ID: <199304231000.AA11712@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Keep up the pressure: how about mailing to all law firms in the Bay Area to warn them not to buy AT&T phone systems since they might be getting Big Brother in the Box along with, if not now, then in some future upgrade innocently installed by a field tech. -gg From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uni@acs.bu.edu (Shaen Bernhardt) Date: Fri, 23 Apr 93 00:17:18 PDT To: cypherpunks@toad.com Subject: Overreaction..... Message-ID: <9304230717.AA58454@acs.bu.edu> MIME-Version: 1.0 Content-Type: text/plain Begin Forwarded Message Article 9566 (7 more) in alt.security: From: uni@acs.bu.edu (Shaen Bernhardt) Newsgroups: sci.crypt,alt.security,comp.org.eff.talk,comp.security.misc,comp.org.acm, comp.org.ieee Subject: Re: Overreacting (was Re: Once tapped, your code is no good any more) Message-ID: <116530@bu.edu> Date: 23 Apr 93 02:36:14 GMT References: <1993Apr22.134214.18517@rick.dgbt.doc.ca> Sender: news@bu.edu Followup-To: sci.crypt Distribution: na Organization: Boston University, Boston, MA, USA Lines: 82 In article <1993Apr22.134214.18517@rick.dgbt.doc.ca> jhan@debra.dgbt.doc.ca (Jerry Ha n) writes: >In this giant bally-ho over this Clipper chip I noticed a rather >disturbing trend in some of the E-mail and posts I've tossing back and >forth. > >Somebody asked me what was wrong about overreacting in cases such as this. > >The reason is very simple: How many people do you want to die in a riot? >In a new Civil War? > >Everybody is jumping up and down and screaming about it, and I'm worried >that people are going to reach for their hammers and rifles before their pens >and paper. > >Can people work within the system before trying to break it? A circut court judge in Illinois once said "When dealing with a government that seeks continually new and more creative ways to spy on its' citizenry, one cannot discourage the move to empower the common citizen with the means to parry this attack on personal privacy." (Unfortunately the comment was with regard to the banning of radar detectors....) The point remains. More and more I see the government slowly washing away privacy. Even unwittingly. Do you think I will ever live in a soceity that issues smart cards to citizens at birth? Do you think I will live in a soceity that insists I register my crypto keys so they can keep track of what I'm saying? Even if there is no evidence of my guilt? Do you think I will ever live in a soceity that seeks to meddle in the affairs of its' citizenry without recourse of any kind? I'm tired of it. There is (IMHO) no compromise with an administration that seeks to implement these proposals under the guise of enhancing privacy. More than the proposals themselves, I read the language of the press releases, the obvious deception involved in presenting these pieces to the public, and I am sickened. I am revolted. I am repulsed. 90%, perhaps even 95% of this country could care less about the clipper chip, the wiretap bill, the smart card, because they are so entrapped in the rhetoric of the Clinton Administration. This saddens and frightens me. I am a conserveative believe it or not. A law and order conserveative. But the move to a centralized authoratarian regime really scares me, mostly because I know you cant go far wrong underestimating the intelligence of the American people. Tell them it's going to keep them safe from drug dealers and terrorists, and they will let you put cameras in their home. Even in the wake of Waco, you find those who support the increasingly totalatarian moves. >Somebody once said something like: "Armed Violence is meant only to be >used in response to an armed attack. It is not meant to be used in >agression. This is the difference between self-defence and murder." To be quite honest, the way things are going, I'd call it self defense. >Let's try to avoid killing things, eh? There's enough blood shed in the >world, without adding a couple of riots, Civil Wars, etc. > >I'm probably overreacting. But what I've read scared me a lot. I don't >want my children growing up in a War Zone. And I dont want mine growning up in the eyes of a security camera 24 hours a day. >-- >Jerry Han-CRC-DOC-Div. of Behavioural Research-"jhan@debra.dgbt.doc.ca" >///////////// These are my opinions, and my opinions only. \\\\\\\\\\\\\ >\\\\\\\\\ A proud and frozen member of the Mighty Warriors Band //////// >"Memories of those I've left behind, still ringing in my ears."-Genesis- uni -- uni@acs.bu.edu -> Public Keys by finger and/or request Public Key Archives: Sovereignty is the sign of a brutal past.<>Fight Clinton's Wiretap Chip! DF610670F2467B99 97DE2B5C3749148C <> Crypto is not a Crime! Ask me how! Forwarded message ends. I reposted this for the benefit of those who might not be actives on the newsgroups it was distributed to. After I wrote this reply, I went out for a beer with a friend of mine. We didn't talk about crypto or privacy (he's more into the Hartford Whalers) but I couldn't get it out of my mind. More and more I feel violated. We live in an age where direct marketers send mail to my address and I have no idea who gave it to them. We live in an age where you call up the chinese food place for a delivery and after getting your phone number, (with caller ID in some places) they ask you if you'll have "the usual" [no joke]. We live in an age where your credit card might have your digitized picture on it. We live in an age where despite the freedom of information act, your file, should you request it, is more than half inked out. We live in an age where your social security number is a "handle" to your life and habits. We live in an age where anyone can order a copy of your tax return and merely be asked "may I have your social security number please?" Privacy has become a joke. Plastic money, databases, credit reports, whereever you look, there is some entity looking to collect something else on you. I for one, have had it. It's true, I'm conserveative. But where will it end? How many more blows to liberty and privacy will be made before there is little left? I've studied intelligence, political science, international relations, and law here at B.U. Next year I will be at Georgetown working on my J.D. But I doubt I will stay here in the states. I think perhaps Liechtenstein offers a more hands off atmosphere. In retrospect, I really don't think I'm concerned with the pettyness of this or that blow to privacy, but the system that slowly builds. I'm a paranoid at heart. I don't TRUST the system. I never will. It's too bad others do. Someday I hope someone explains to the vast number of people the difference between freedom to, and freedom from. I never thought I'd sound like a revolutionary. uni (Dark) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: George A. Gleason Date: Fri, 23 Apr 93 03:23:08 PDT To: cypherpunks@toad.com Subject: AT&T replacement offer Message-ID: <199304231022.AA13617@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Re the AT&T boycott, I'm going to put my labor where my mouth is, and offer: Replacement of any AT&T business phone system or consumer telephone product, at a discount of 25% off normal retail (essentially a nonprofit rate). On business phone systems, this includes all AT&T key systems (Merlin, Spirit, Partner, etc) and PBX (system 75 and up); and includes one year's service contract. For smaller systems, we'll install anywhere from Santa Cruz to Mendocino; for larger ones, anywhere in California depending on the job; and we'll ship user-intallable ones anywhere you like. (User-installable systems typically involve 32 or fewer phones.) For each AT&T system we remove, we send a letter to AT&T explaining why. Then when we gather up enough of them to make a decent sized pile, do some kind of publicity event with them (any suggestions?). (Or maybe simply sell the old AT&T stuff to a secondary market dealer and donate the proceeds to an appropriate organisation?) -george gleason, Integrated Signal / Switched Networks, 510-644.8085 gg@well.sf.ca.us From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: George A. Gleason Date: Fri, 23 Apr 93 03:50:21 PDT To: cypherpunks@toad.com Subject: AT&T replacement Message-ID: <199304231050.AA15354@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain In case it wasn't clear, the offer is to replace any AT&T hardware *with equivalent or better competing technology* for 25% off. -gg From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Derek Atkins Date: Fri, 23 Apr 93 03:39:31 PDT To: William Stephen Kish Subject: Re: encrypted telnet In-Reply-To: Message-ID: <9304231039.AA08262@snorkelwacker.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain Bill.. There are a couple of problems with your scheme. 1) You have to have this daemon already running on host B. I.e., you still need to have had (at one time) access to run this daemon. Basically, this means that you (or someone) has to have had root access to BOTH hosts A and B to set this up. Unless this becomes supported software, you can't guarantee that.... 2) How do you do key distribution? If you use Kerberos, then you need to have root access on host B. Otherwise, you need some way to securely get the encryption key from A to B.... 3) How do you deal with multiple encryptions? If you have more than one client who wants to use this program, you have to trust a single process (unless you run out of inetd, which requires #1) with all the different keys for all the different users! Basically, you're better off using ktelnet/ktelnetd to do this. In either case you have the same problem with modifying the workstation. Please, don't let this discourage you, but I think you might want to think this through a little more before you jump the gun! Have a Nice Day!!! :-) -derek PGP 2 key available upon request on the key-server: pgp-public-keys@toxicwaste.mit.edu -- Derek Atkins, MIT '93, Electrical Engineering and Computer Science Secretary, MIT Student Information Processing Board (SIPB) MIT Media Laboratory, Speech Research Group warlord@MIT.EDU PP-ASEL N1NWH From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Harry Shapiro Date: Fri, 23 Apr 93 04:08:16 PDT To: cypherpunks@toad.com (Good Guys) Subject: Moving Target: Warning Message-ID: <199304231108.AA08218@sun.Panix.Com> MIME-Version: 1.0 Content-Type: text/plain I have thought that it is a losing strategy to debate the wire tap chip on purely tech terms as I feel the NSA would have more technology up their sleve, changing the MO as we object to specific points and probally making themselves SEEM responsive to the gov/congress/Admin. First we had 40 bit key halves then we got 80-bit XORed and now: CAPSTONE: THE NEXT GENERATION, with DSS, etc... We need to make broad specturm attacks on both spef. technical points and social points. We need to say/talk to How this country was founded. We did to say Ok, NSA/FBI is right and the world has changed. But it will keep on changing... like our Founders, we need to plot a course that will hold true not for a few years but for the next two hundred. This is stuff that shouldn't be debated in private by NSA and Bill C. /harry -- Harry Shapiro habs@panix.com List Administrator of the Extropy Institute Mailing List Private Communication for the Extropian Community since 1991 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: William Stephen Kish Date: Fri, 23 Apr 93 04:30:46 PDT To: Derek Atkins Subject: Re: encrypted telnet In-Reply-To: <9304231039.AA08262@snorkelwacker.MIT.EDU> Message-ID: MIME-Version: 1.0 Content-Type: text/plain Excerpts from mail: 23-Apr-93 Re: encrypted telnet Derek Atkins@Athena.MIT. (1442) > Bill.. There are a couple of problems with your scheme. > 1) You have to have this daemon already running on host B. I.e., you > still need to have had (at one time) access to run this daemon. > Basically, this means that you (or someone) has to have had root > access to BOTH hosts A and B to set this up. Unless this becomes > supported software, you can't guarantee that.... Well, you really don't need root to run this daemon. You can simply telnet (normally) to machine B, start the daemon in the background, log off, start the daemon in the background on machine A, and go from there. There is only a problem if machine B kills off your process when you log out... To be completely safe, you should change your login password once you are on the encrypted link since the initial telnet to set up the daemon was in the clear... 2) How do you do key distribution? One possible solution is to use PGP to encrypt this telnet key and mail it to your account on B. Your private key on B can then decrypt the telnet key. (If B is a multi-user system, you do have the problems associated with root having access to your private key... But if root is evil, he can get around any sort of encrypted telnet scheme if he really wants...) > 3) How do you deal with multiple encryptions? If you have more than > one client who wants to use this program, you have to trust a single > process (unless you run out of inetd, which requires #1) with all the > different keys for all the different users! Currently, everyone would be responsible for their own encryption process. This really isn't meant to be a complete standard, just an ad-hoc solution until telnet's and telnetd's that support encryption become commonplace. > Basically, you're better off using ktelnet/ktelnetd to do this. In > either case you have the same problem with modifying the workstation. Kerberos requires a large amount of support by a site's system admins. Most sites don't yet support kerberos. (Also, kerberos has some problems of its own...) My solution is one that the average person can use without special system software. Thanks for the comments, Bill From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: grady@netcom.com (1016/2EF221) Date: Fri, 23 Apr 93 07:43:10 PDT To: cypherpunks@toad.com Subject: Exchange fingerprints via radio Message-ID: <9304231443.AA25847@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain For other radio amateurs who are readers of this list I'd like to try an experiment in alternative (to the telephone) communication tomorrow, Saturday 4/23/93 at 17:00 UTC (10 am PDT). I'd like to contact as many of you as possible from my modest station in Humboldt County California. For Bay area people, let's try 7265 Mhz; for people elsewhere in the United States and elsewhere in the world, conditons permitting, how about 14.335 at 17:30 UTC. +-for QRM? I will be running 100w into a vertical, call is KN6CP I will be asking for checkins for the "Cypherpunks Net". For those interested, we can do key fingerprint exchanges at this time. Of course non-hams are free to listen on those frequencies (lower SSB for 7265, upper SSB for 14.335). I'd like to explore alternative communications nexi if for example the internet is down for some unforseen reason :-(. 73 de kn6cp Grady grady@netcom.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Arthur Abraham Date: Fri, 23 Apr 93 07:49:51 PDT To: Cypherpunks@toad.com Subject: Family Key Message-ID: <199304231449.AA14480@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain At this time, there is no reason not to assume that every LE agency will have access to the family key. In the future there is every reason to expect that all LE agencies will develope a pressing need for family key(s) and decrypto equiptment. In the past in Nazi Germany, this sort of traffic analysis applied to telephone call records allowed the LE agencies to round up cells of resistance. To this day, such records are not kept in Germany. -a2. .. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Fri, 23 Apr 93 08:17:14 PDT To: cypherpunks@toad.com Subject: encrypted telnet In-Reply-To: Message-ID: <9304231513.AA05622@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >2) How do you do key distribution? Derek asks this, and suggests using Kerberos. WSK responds by saying that you could encrypt a session key with PGP and send it. WSK replies properly that kerberos is a lot of overhead to get running, but his proposed solution is missing forward secrecy. If the PGP key is ever compromised, then all recorded prior traffic will be available to read. The solution is to use Diffie-Hellman key exchange. I'm not going to explain the details of the algorithm right here, right now, but I'll tell you it's salient properties. Each party makes a random number, applies a one-way function with very special properties, and sends it to the other. Then each party takes their secret number, combines it with the number they were sent, and makes a new (arbitrary) number which will be the same on both sides. This number cannot be derived from the publicly transmitted data. (The very special function is exponentiation in a finite field; those with sufficient math background may consider figuring out the details "a problem left to the reader.") Encrypting session keys with PGP is suggested often enough that this qualifies as a legitimate FAQ. I'll write up a description of this protocol next week if no one has one already written. As a design principle, every live end-to-end session should use D-H to make session keys. Only when you don't have interactivity should session keys be encrypted with a public key. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Arthur Abraham Date: Fri, 23 Apr 93 08:18:46 PDT To: cypherpunks@toad.com Subject: re:Suits Message-ID: <199304231518.AA20418@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Though these missives were much longer than I'd like, they were extremely interesting, with good points on each side.... ...I seem to come down more on Tim's since "cypherpunks" is just a mailing list, and I just can't get scared or insulted by ASCII no matter how hard I try. And the name might wakeup an sleepy reader in a print article. In person (Perry's argument) a mailing list doesn't/can't have a reprentative, else Dotty could subscribe and pass herself off as a list member/representative. Actually, people just represent themselves, and have to be aware of how effective a presenter of their message they are no matter what they are doing. -a2. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Welcome to Addendia, Mr. Lee. 23-Apr-1993 1109" Date: Fri, 23 Apr 93 08:20:22 PDT To: cypherpunks@toad.com Subject: fingerprint keys over ham radio: Message-ID: <9304231520.AA17416@enet-gw.pa.dec.com> MIME-Version: 1.0 Content-Type: text/plain One thing to be careful of: Amateur radio must *not* use codes or cyphers to obscure meaning. All information transmission must be in the clear (not necessarily English, but no encryption of data). The one exception is this: codes and cyphers *may* be used to provide checksumming, error correction, and/or authentication. (examples- repeater control codes, autopatch codes, OSCAR control codes, etc. ) The meaning must still be in clear but you are allowed to send a authenticating "signature" in code, as long as the signature contains no information other than authentication itself that was not also transmitted in clear. That's why autopatch protocol requires you to say "I'm turning on the patch" before you transmit the (hopefully secret) autopatch control codes. Please keep this in mind- and be able to prove it to the FCC should they request it. It might even be worth announcing the "authentication only" mode at the start of your net, so both other amateurs and the FCC itself know what to expect. Posting software on a packet BBS for others to download and verify a "no hidden codes" status would probably be a reasonable action and a good protective measure. -Bill, N1KGX From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: grady@netcom.com (1016/2EF221) Date: Fri, 23 Apr 93 09:10:40 PDT To: cypherpunks@toad.com Subject: radio fingerprinting Message-ID: <9304231610.AA03624@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain As N1KGX (William S. Yerazuni of Marloboro MA) points out, echanging PGP fingerprints rather than encrypting messages is completely permitted by FCC regulations (97.113 in particular). Also, amateurs particpating in tomorrow's net are reminded of the callsign server telnet callsign.cs.buffalo.edu 2000 in case their radios are near their net links... you can verify fingerprint, name, call, address, phone, or whatever coevally. Saturday 4/23/93 at 17:00 UTC > (10 am PDT). I'd like to contact as many > of you as possible from my modest station > in Humboldt County California. > > For Bay area people, let's try 7265 Mhz; > for people elsewhere in the United States and > elsewhere in the world, conditons permitting, > how about 14.335 at 17:30 UTC. +-for QRM? 73 de KD6ETH/KN6CP Grady Ward From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jukka Isosaari Date: Fri, 23 Apr 93 00:00:33 PDT To: cypherpunks@toad.com Subject: unsubscribe Message-ID: <199304230700.AA116628@vipunen.hut.fi> MIME-Version: 1.0 Content-Type: text/plain unsubscribe From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: The last Czarnian Date: Fri, 23 Apr 93 00:01:29 PDT To: cypherpunks@toad.com Subject: subscribe Message-ID: <199304230701.AA21825@puukko.hut.fi> MIME-Version: 1.0 Content-Type: text/plain subscribe From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Fri, 23 Apr 93 10:23:17 PDT To: George A. Gleason Subject: Re: WIRETAP: boycotts Message-ID: <9304231723.AA13722@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain George Gleason writes: >"AT&T: phones with Big Brother Built Inside!" > >-gg What a great little slogan! Those stickers that say "Intel Inside" could be modified to say something pithy like "Big Brother Inside." Crypto Yippies (Cryppies?) might even wander into stores like Fry's and paste them onto the AT&T phones on display. Professionally-made labels might even remain for months. Just another seditious thought. -Tim -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, smashing of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. Waco Massacre + Big Brother Wiretap Chip = A Nazi Regime From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "$HOME/.sig" Date: Fri, 23 Apr 93 11:44:39 PDT To: William Stephen Kish Subject: Re: encrypted telnet In-Reply-To: Message-ID: <9304231844.AA24377@netcomsv.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Please check out IDEA contained within PGP2.2 source code... also look at diffie hellman for session key exchange... cheers kelly -- -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.2 mQCNAiqua1sAAAEEAMhfx9J4HPDUZReVFsxS1EZh1jArbIKYtFsL8qit1xCDU8xk Sg/MyOVg37CXv/zKGhjrYt1/F4zntHewIDMm3LkH/G/do74zq1R1NrukD5PUbU8/ aeOvsFmjI3HGJGQNpPXXd8eegxHeggOpQPqLNbsl+VSFY5qka/gXinP2G6VzAAUR tB9rZWxseSA8cGxlaWt1IWtlbGx5QG5ldGNvbS5jb20+tBFzbmFrZUBjYWRlbmNl LmNvbbQdS2VsbHkgR29lbiA8a2VsbHlAbmV0Y29tLmNvbT6JAJUCBRAq0+Yk4nXe Dv9n9wsBAUbXA/9nPYjlRcak+JHZzrU8IHwqvSi/eA8IxKfviB0aaOgEkJOgoSrD FzGl0wq9usgqywl1cG05pHhy9dE5YisPrhQUq7Vo3piOxsrhAxdX3OP14wEfqpIU g23lgq55DKKHVf5ea+/F84mdTO7l3Ef4BzfwdKa7YfsFzLOcjWthwnQa84kAlQIF ECq1XovhoOw8SgKpbwEB8bgD/RkyuGei5GZFmXACvF5tBJ2UsCOmmv1c4y4gFQ6U /YO+lO22kVbW497tKJYZyJIMqCj9AnlhqPePiYrj76n951tF3R5AkmTaBIC1SAB6 2oB7xgOSnrt0LxZJml6cLROM6ZpFYIvOVp5GHGlVWu9vxP7BKo+z4LnzFlQzu83O Et4U =PfOI -----END PGP PUBLIC KEY BLOCK----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: 7025aj@gmuvax2.gmu.edu Date: Fri, 23 Apr 93 07:56:45 PDT To: cypherpunks@toad.com Subject: Is Rush Limbaugh giving Clinton sh*t about wiretap chip? Message-ID: <9304231457.AA22562@gmuvax2.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain I'm under the impression that Rush Limbaugh's address is: 70277.2502@compuserve.com Would a few articulate defenders of (privacy and) AMERICAN COMPETITIVENESS send him some convincing words, please? G. Gordon Liddy would be another good target, but I don't know his address. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "$HOME/.sig" Date: Fri, 23 Apr 93 12:34:35 PDT To: cypherpunks@toad.com Subject: CLIPPER: THe battle continues Message-ID: <9304231934.AA00142@netcomsv.netcom.com> MIME-Version: 1.0 Content-Type: text/plain > Tim spake: >>George Gleason writes: > >>"AT&T: phones with Big Brother Built Inside!" >> >>-gg > >What a great little slogan! Those stickers that say "Intel Inside" could be >modified to say something pithy like "Big Brother Inside." > >Crypto Yippies (Cryppies?) might even wander into stores like Fry's and >paste them onto the AT&T phones on display. Professionally-made labels >might even remain for months. > >Just another seditious thought. > >- -Tim > > > >- -- >Timothy C. May | Crypto Anarchy: encryption, digital money, >tcmay@netcom.com | anonymous networks, digital pseudonyms, zero >408-688-5409 | knowledge, reputations, information markets, >W.A.S.T.E.: Aptos, CA | black markets, smashing of governments. >Higher Power: 2^756839 | Public Key: MailSafe and PGP available. >Waco Massacre + Big Brother Wiretap Chip = A Nazi Regime > > >------- End of Forwarded Message Now this is an idea I like... what about using the antitheft-metal base tags that leave a surface impression when removed... it currently leaves a checkboard pattern but that could be reworked to say INSECURE , or TAPPED... then post then on every ATT instrument around... including payphones the front of the label could make reference to CLIPPER and give a voicemail number to call for further info... yippie indeed... cheers kelly From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Brian D Williams Date: Fri, 23 Apr 93 11:25:15 PDT To: cypherpunks@toad.com Subject: Cypherpunks Message-ID: <199304231824.AA07743@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain I would like to agree with Tim May about the continued use of the term Cypherpunk. More than anything else it accuratly portrays us as people who do things a little differently. Some of my other associates feel similiar about the use of the term Cyberpunk. I am very curious about the physical nature of the so called "wiretap" chip itself. Recent postings about the exotic nature of it's construction have me wondering. Could there be a hardware backdoor into the chip? I was also considering the value of refering to the clipper as a "Sneaker chip" after the movie. This would have the advantage of revealing it's flaws and the organizations involed at the same time, in a format familiar to the general public. One last thing, my e-mail address is at well.sf.ca.us, but I reside in Chicago IL, I reach y'all via a gateway here at Ameritech, but it's strickly telnet, and ftp for now....... Brian D Williams Cyber/Cypherpunk From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: grady@netcom.com (1016/2EF221) Date: Fri, 23 Apr 93 11:47:36 PDT To: cypherpunks@toad.com Subject: transmitting keys and fingerprints Message-ID: <9304231847.AA23525@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain uri@watson.ibm.com sez: >the keys...In plain English...And keys' fingerprints... I can automatically transmit all the data in Japanese or several foreign languages if you'd like, thanks to Macintalk and foreign language CD training discs... Hmmm.. that's an idea.. I could legally start QSTing the entire public key database worldwide in your choice of languages... I bet THAT would drive the NSA/FBI absolutely nuts... I guess I will attempt a test of that tomorrow during the cypherpunks radio net. 73 de kn6cp Grady For you code freaks, I can just as easily set up "code practice" by piping it all through supermorse at 13wpm -- sure beats those guy who send 20hrs of Biblical scripture through. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Fri, 23 Apr 93 09:42:58 PDT To: cypherpunks@toad.com Subject: New disclosures on 2600 case (Forwarded message) Message-ID: MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Although it's not directly related to the cypherpunks agenda, I wanted to forward this message to the list to show the lengths that law enforcement agencies will go to do their bidding. Unfortunately, it would appear that we can expect more of the same shady behaviour in the future. 8<------ Begin forwarded message ---------- Date: Wed, 21 Apr 1993 22:18:18 EST Reply-To: David Sobel Sender: Computer Professionals for Social Responsibility From: David Sobel Organization: CPSR Civil Liberties and Computing Project Subject: New disclosures in 2600 case New disclosures in 2600 case As you may recall, last November at a shopping mall outside of Washington, DC, a group of people affiliated with the computer magazine "2600" was confronted by mall security personnel, local police officers and several unidentified individuals. The group members were ordered to identify themselves and to submit to searches of their personal property. Their names were recorded by mall security personnel and some of their property was confiscated. However, no charges were ever brought against any of the individuals at the meeting. Computer Professionals for Social Responsibility ("CPSR") filed suit under the Freedom of Information Act and today received the Secret Service's response to the FOIA lawsuit, in which we are seeking agency records concerning the break-up of the meeting. I think it's safe to say that our suspicions have now been confirmed -- the Secret Service *did* obtain a list of names from mall security identifying the people in attendance at the meeting. There are three main points contained in the Secret Service's court papers that are significant: 1) The agency states that the information it possesses concerning the incident was obtained "in the course of a criminal investigation that is being conducted pursuant to the Secret Service's authority to investigate access device and computer fraud." 2) The agency possesses two relevant documents and the information in those documents "consists solely of information identifying individuals." 3) The information was obtained from a "confidential source," and the agency emphasizes that the FOIA's definition of such a source includes "any private institution which provided information on a confidential basis." Taken together, these facts seem to prove that the Secret Service wanted names, they had the mall security people collect them, and they came away from the incident with the list they wanted. The agency asserts that "[t]he premature release of the identities of the individual(s) at issue could easily result in interference to the Secret Service's investigation by alerting these individual(s) that they are under investigation and thus allowing the individual(s) to alter their behavior and/or evidence." CPSR, in conjunction with EFF and the ACLU, is planning to challenge the actions of the mall security personnel, the local police and the Secret Service on the ground that the incident amounted to a warrantless search and seizure conducted at the behest of the Secret Service. David Sobel CPSR Legal Counsel dsobel@washofc.cpsr.org 8<------ End of forwarded message ------- Cheers. -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK9gSjpRLcZSdHMBNAQG2EwP/VKX6j0F90NYWyfiyyP5C0gjtBVXG1ed4 AzETLqMOVnG+vjRS6h6cSTwoojJHhKhAmQGmW8gDlp98KLRAiY2ULMmxaMTA/cKW jIuECDaKLdA21lPgcPhvKsAqQEHPBv1AALA6WTSeGQ6IRlugPfXE4LX+TBYH6/Q7 f69b7sJZgZ8= =Ou0Z -----END PGP SIGNATURE----- Paul Ferguson | Uncle Sam wants to read Network Integration Consultant | your e-mail... Centreville, Virginia USA | Just say "NO" to the Clipper fergp@sytex.com | Chip... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Fri, 23 Apr 93 09:42:26 PDT To: strat@intercon.com Subject: DC Digs Message-ID: <6mwg3B3w165w@sytex.com> MIME-Version: 1.0 Content-Type: text/plain On Thu, 22 Apr 1993 19:26:59 -0400, Bob Stratton wrote - BS> I'm more than willing to defer to the majority, though I think BS> there's something to be said for networking the meetings, BS> especially if we have good tools. I've also already received a BS> great deal of response to the idea of a Saturday meeting, even BS> from out-of-towners. To that end, I'm going to post an BS> announcement for a Saturday meeting, and see what happens. BS> Several of us have been planning it for a couple of days now, BS> so don't take it personally or anything. BS> Eric and I have discussed the idea of audio teleconferencing the BS> various meetings, either via the Internet or by phone. I've got BS> both a Sun IPC equipped to do the former, and a Western Electric BS> conference telephone (and 6-way on my switch) for the latter. BS> Well readers, which do you prefer? I'll be there Saturday -- all of you should know by now that (at least for the time being) I'm out-of-town on Mondays (and every other weekday). Also, I just read a message announcing the Boston (Cambridge) area meeting tomorrow as well, along with mention of an electronic conference call to the west coast group. See you there. Cheers. Paul Ferguson | Uncle Sam wants to read Network Integration Consultant | your e-mail... Centreville, Virginia USA | Just say "NO" to the Clipper fergp@sytex.com | Chip... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: crunch@netcom.com (John Draper) Date: Fri, 23 Apr 93 12:25:46 PDT To: cypherpunks@toad.com Subject: Press, and a spokesperson and other things.. Message-ID: <9304231925.AA23225@netcom4.netcom.com> MIME-Version: 1.0 Content-Type: text/plain In regards to the name of the group... I think that we should organize and establish a Public relations group NOT associated directly with the cypherpunks, but with well established people in the industry that can and should put on a professional image to the public and be a spokesperson representing us as a whole. In this sense, the name of "cypherpunks" as our group is totally irrevelant. As far as I'm concerned it's just the name of the mailing list, but I sort of like that name myself, and have on ocassion used it in public interviews etc. It is publically known that I'm involved with the MacPGP effort in the cause to put forth my programming skills to better serve the Cypherpunk community. But I decline to be a spokesperson for several reasons I'll take up privatly with anyone who wants to know. With my bad rap, and somewhat controversial past, I feel that someone else can better serve the cypherpunk community in this PR effort. Just yesterday, I talked with Craig Larson who has offered some PR suggestions, and he says that he might drop by the cypherpunk meeting between 4 and 6 pm. In the meantime, I'll try and elaborate on some of his PR ideas with the group. First off, Craig suggests having 3 or more press briefings seperated by about two weeks, with emphesis on making it very newsworthey, and by professionals attening, such as the cypherpunks spokesperson, perhaps RSA folks, FBI folks, and other people on hand to ask the right questions that should bring out these issues to the public. I've delt with the press before, and all they are interested in is RAW NEWS, and anything else to sell the story. In other words, "money talks and bullshit walks". NEWS!! is the key.... The more controversy we can generate (And important issues) the better we will be able to get the word out to the John Q. Public. There are TV interviews, background stories, and lets not forget recent news of matters not so related to cryptography, such as hacker busts, and other newsworthey things related to the computer industry that CAN be somewhat related and tied to cryptography. The goals of the press meeting would be to get the word out to as many concerned citizens as possible with an emphasis on ANALOGYS such as "Clipper technology is like giving the police the keys to your house" or something like that. JD From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Kang Meng Chow Date: Thu, 22 Apr 93 21:42:05 PDT To: cypherpunks@toad.com Subject: OSF's DCE Message-ID: MIME-Version: 1.0 Content-Type: text/plain Can anyone tell me what is OSF's DCE, pls. And where can I find more information regarding DCE. Any ftp site carrying documentation on the DCE? Thanks. Kang From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Meyer Date: Fri, 23 Apr 93 11:01:10 PDT To: cypherpunks@toad.com Subject: Anyone know where I can get a thesaurus by ftp? Message-ID: <19930423180014.9.MEYER@OGHMA.MCC.COM> MIME-Version: 1.0 Content-Type: text/plain Note that I need a thesaurus, not a dictionary. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: grady@netcom.com (1016/2EF221) Date: Fri, 23 Apr 93 13:05:12 PDT To: cypherpunks@toad.com Subject: fear of the NSA/FBI, etc. Message-ID: <9304232005.AA06149@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Some readers have e-mailed me to warn of the consequences of annoying the NSA by QSTing (not "broadcasting" for you part 97.113 freaks) my cipher fingerprint tomorrow at 17:00 UTC (10 am Pacific Daylight Time) on 7265 Mhz and at 17:30 UTC on 14335 Mhz + or - for QRM. You should copy: pub 1016/2EF221 1993/03/16 Grady Ward (707) 826-7715 Key fingerprint = 15 E2 AD D3 D1 C6 F3 FC 58 AC F7 3D 4F 01 1E 2F spoken by my robot after I call the first Cypherpunks net for check-ins. As long as it's legal, fuck the NSA or any other entity that might try to intimidate. The worst kind of censorship is the mind-numbing self-censorship from fear. Hope to net with all you hams tomorrow! With my modest setup I should be able to cover the west coast from Alaska down to LA as far east, maybe, as Arizona on 40m. 20m should be better for people in the midwest. Easterners -- well, we'll see how the propagation is. 73 de kn6cp From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: crunch@netcom.com (John Draper) Date: Fri, 23 Apr 93 13:05:59 PDT To: cypherpunks@toad.com Subject: On getting local congressional representation for our cause Message-ID: <9304232006.AA26486@netcom4.netcom.com> MIME-Version: 1.0 Content-Type: text/plain I talked with Congressman Starks office today (My district) to discuss what the possibilities are for them to attend a cypherpunks meeting to hear our concerns, and to find out whats possible and the procedures to get them to attend. We would want congresspersons for each of the districts to attend, and people from each district should write them a letter, and include the possible future dates of the Cypherpunks meetings you would want them to attend. Please allow for about 6 weeks for them to schedule in to attend the meetings, as they have lots of other meetings to attend as we all know. After talking to Ron Dellums and Starks office, their procedures are pretty much standardized, and we should have no problem in getting them to attend of we follow their prescribed procedures. They are MOST INTERESTED in hearing our input on this controversial matter, so lets all get together and compose up this letter, and get them off to our local representitives. Before mailing the letter, one should call the local office, and obtain the name of the person who schedules their public appearances to attend such meetings. Once this name is obtained, include it in the letter, Attention Annie Zaitlan (Starks office). We have to do this for every local representitives office in the Bay area. JD From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dstalder@gmuvax2.gmu.edu (Darren/Torin/Who ever...) Date: Fri, 23 Apr 93 10:07:33 PDT To: habs@panix.com (Harry Shapiro) Subject: Re: MEET: Ad Hoc Washington meeting Saturday 4/24/93 In-Reply-To: <9304221943.AA13465@horton.intercon.com> Message-ID: <9304231708.AA03233@gmuvax2.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain Bob Stratton spoke onto the world and said: > > Washington, DC area ad hoc Cypherpunks meeting. > Saturday, April 24, 1993 > 2:00 PM EDT -> not later than 8:00 PM EDT Okay...I'll cancel the Monday night meeting so that we can concentrate on the Saturday meeting. I'll be there too... I'll bring my laptop and pgp keyring and other can bring their keys and we can get more robust in using pgp also. Think free, -- Defeat the Torin/Darren Stalder/Wolf __ Wiretap Chip Internet: dstalder@gmuvax2.gmu.edu \/ PGP2.x key available. Proposal! Bitnet: dstalder@gmuvax Finger me. Write me for Sprintnet: 1-703-845-1000 details. Snail: 10310 Main St., Suite 110/Fairfax, VA/22030/USA DISCLAIMER: A society where such disclaimers are needed is saddening. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jrk@information-systems.east-anglia.ac.uk (Richard Kennaway) Date: Fri, 23 Apr 93 10:28:51 PDT To: cypherpunks@toad.com Subject: Re: CLIP: Legal Aspects Message-ID: <13132.9304231213@sys.uea.ac.uk> MIME-Version: 1.0 Content-Type: text/plain George Gleason writes: >Clinton has expressed a commitment to civil rights causes, so I don't worryu >about his administration pullling another WAtergate or COINTELPRO, but if we >ever got another bunch of zealous authoritarians in there...! Pardon a perhaps clueless question from a foreigner, but how much control does the US president actually have over a potential bunch of zealous authoritarians elsewhere in the administration, especially in super-secret places like the NSA? How much control is it even possible for one person to hold? -- ____ Richard Kennaway \ _/__ School of Information Systems Internet: jrk@sys.uea.ac.uk \X / University of East Anglia uucp: ...mcsun!ukc!uea-sys!jrk \/ Norwich NR4 7TJ, U.K. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Fri, 23 Apr 93 11:11:45 PDT To: cypherpunks@toad.com Subject: Congressional FAX numbers Message-ID: MIME-Version: 1.0 Content-Type: text/plain A friend of mine forwarded this message to me a while back, and I just remembered (Silly me, again) that I had it stockpiled among some of my archives. I suggest that if you are feeling violated by Uncle Sam's sneaky introduction of the Wiretap Chip (Clipper), get off yer duff and make your voice heard. While I'm at home this weekend, I plan on faxing my locally elected Fat Cats on The Hill to let them know that I'm not a happy camper. You should do the same. 8<------- Begin forwarded message -------------- This list supplied by BULLET'N BOARD, 703-971-5565 (voice) or 703-971-4491 (modem). For further information on our lists and software products you can write to BULLET COMMUNICATIONS, 6118 Franconia Rd., Suite 214, Alexandria, VA 22310. ST DIST FIRST LAST PHONE FAX AK 1 Don Young (202)225-5765 AK S Frank H. Murkowski (202)224-6665 (202)224-5301 AK S Ted Stevens (202)224-3004 (202)224-1044 AL 1 Sonny Callahan (202)225-4931 (202)225-0562 AL 2 William L. Dickinson (202)225-2901 AL 3 Glen Browder (202)225-3261 (202)225-9020 AL 4 Tom Bevill (202)225-4876 (202)225-0842 AL 5 Bud Cramer (202)225-4801 AL 6 Ben Erdreich (202)225-4931 AL 7 Claude Harris (202)225-2665 AL S Howell Heflin (202)224-4124 (202)224-3149 AL S Richard Shelby (202)224-5744 (202)224-3416 AR 1 Bill Alexander (202)225-4076 AR 2 Ray Thornton (202)225-2506 (202)225-2506 AR 3 John Paul Hammerschmidt (202)225-4301 (202)225-7492 AR 4 Beryl Anthony (202)225-3772 (202)225-3646 AR S Dale L. Bumpers (202)224-4843 (202)224-6435 AR S David Pryor (202)224-2353 (202)224-8261 AZ 1 John J. Rhodes (202)225-2635 (202)225-0985 AZ 2 (202)225-4065 AZ 3 Bob Stump (202)225-4576 (202)225-6328 AZ 4 Jon L. Kyl (202)225-3361 (202)225-1143 AZ 5 Jim Kolbe (202)225-2542 (202)225-0378 AZ S Dennis DeConcini (202)224-4521 (202)224-8698 AZ S John McCain (202)224-2235 (202)224-8938 CA 1 Frank Riggs (202)225-3311 (202)225-5577 CA 2 Wally Herger (202)225-3076 (202)225-0996 CA 3 Robert T. Matsui (202)225-7163 (202)225-0566 CA 4 Vic Fazio (202)225-5716 (202)225-0354 CA 5 Nancy Pelosi (202)225-4965 (202)225-8259 CA 6 Barbara Boxer (202)225-5161 (202)225-1004 CA 7 George Miller (202)225-2095 (202)225-5609 CA 8 Ronald V. Dellums (202)225-2661 CA 9 Fortney (Pete) Stark (202)225-5065 CA S John Seymour (202)224-3841 (202)224-6031 CA S Alan Cranston (202)224-3553 (202)224-8128 CA 10 Don Edwards (202)225-3072 CA 11 Tom Lantos (202)225-3531 CA 12 Tom J. Campbell (202)225-5411 (202)225-5944 CA 13 Norman Y. Mineta (202)225-2631 CA 14 John T. Doolittle (202)225-2511 (202)225-5444 CA 15 Gary Condit (202)225-6131 (202)225-0819 CA 16 Leon E. Panetta (202)225-2861 CA 17 Calvin Dooley (202)225-3341 (202)225-9308 CA 18 Richard H. Lehman (202)225-4540 CA 19 Robert J. Lagomarsino (202)225-3601 (202)225-3096 CA 20 William M. Thomas (202)225-2915 (202)225-8798 CA 21 Elton Gallegly (202)225-5811 CA 22 Carlos J. Moorhead (202)225-4176 (202)225-1279 CA 23 Anthony Beilenson (202)225-5911 CA 24 Henry A. Waxman (202)225-3976 (202)225-4099 CA 25 Edward Roybal (202)225-6235 (202)225-1251 CA 26 Howard L. Berman (202)225-4695 (202)225-5279 CA 27 Mel Levine (202)225-6451 (202)225-6975 CA 28 Julian C. Dixon (202)225-7084 (202)225-4091 CA 29 Maxine Waters (202)225-2201 (202)225-7854 CA 30 Matthew G. Martinez (202)225-5464 (202)225-5467 CA 31 Mervyn M. Dymally (202)225-5425 (202)225-6847 CA 32 Glenn Anderson (202)225-6676 CA 33 David Dreier (202)225-2305 (202)225-4745 CA 34 Esteban Edward Torres (202)225-5256 (202)225-9711 CA 35 Jerry Lewis (202)225-5861 (202)225-6498 CA 36 George Brown (202)225-6161 (202)225-8671 CA 37 Al McCandless (202)225-5330 CA 38 Robert K. Dornan (202)225-2965 CA 39 William E. Dannemeyer (202)225-4111 (202)225-1755 CA 40 Christopher Cox (202)225-5611 (202)225-9177 CA 41 Bill Lowery (202)225-3201 CA 42 Dana Rohrabacher (202)225-2415 (202)225-0145 CA 43 Ronald C. Packard (202)225-3906 (202)225-0134 CA 44 Randy Cunningham (202)225-5452 (202)225-2558 CA 45 Duncan L. Hunter (202)225-5672 (202)225-0235 CO 1 Patricia Schroeder (202)225-4431 (202)225-5842 CO 2 David E. Skaggs (202)225-2161 CO 3 Ben Nighthorse Campbell (202)225-4761 CO 4 Wayne Allard (202)225-4676 (202)225-8630 CO 5 Joel Hefley (202)225-4422 CO 6 Dan Schaefer (202)225-7882 CO S Hank Brown (202)224-5941 CO S Timothy Wirth (202)224-5852 (202)224-1933 CT 1 Barbara Kennelly (202)225-2265 (202)225-1031 CT 2 Sam Gejdenson (202)225-2076 (202)225-4977 CT 3 Rosa . DeLauro (202)225-3661 CT 4 Christopher Shays (202)225-5541 (202)225-9629 CT 5 Gary Franks (202)225-3822 (202)225-5085 CT 6 Nancy L. Johnson (202)225-4476 (202)225-4488 CT S Joe Lieberman (202)224-4041 (202)224-9750 CT S Christopher J. Dodd (202)224-2823 (202)224- DE 1 Thomas Carper (202)225-4165 (202)225-1912 DE S Joseph Biden (202)224-5042 (202)224-0139 DE S William V. Roth (202)224-2441 (202)224-2805 FL 1 Earl D. Hutto (202)225-4136 (202)225-5785 FL 2 Pete Peterson (202)225-5235 (202)225-1586 FL 3 Charles E. Bennett (202)225-2501 (202)225-9635 FL 4 Craig James (202)225-4035 (202)225-1727 FL 5 Bill McCollum (202)225-2176 (202)225-0999 FL 6 Clifford B. Stearns (202)225-5744 (202)225-3973 FL 7 Sam Gibbons (202)225-3376 FL 8 C. W. Bill Young (202)225-5961 (202)225-9764 FL 9 Michael Bilirakis (202)225-5755 (202)225-4085 FL S Bob Graham (202)224-3041 (202)224-6843 FL S Connie Mack (202)224-5274 (202)224-9365 FL 10 Andy Ireland (202)225-5015 (202)225-6944 FL 11 Jim Bacchus (202)225-3671 (202)225-9039 FL 12 Tom Lewis (202)225-5792 (202)225-1860 FL 13 Porter J. Goss (202)225-2536 (202)225-6820 FL 14 Harry A. Johnston (202)225-3001 (202)225-8791 FL 15 Clay Shaw (202)225-3026 (202)225-8398 FL 16 Lawrence J. Smith (202)225-7931 (202)225-9816 FL 17 William Lehman (202)225-4211 (202)225-6208 FL 18 Ilena Ros-Lehtinen (202)225-3931 (202)225-5620 FL 19 Dante Fascell (202)225-4506 (202)225-0724 GA 1 Lindsay Thomas (202)225-5831 (202)225-6922 GA 2 Charles Hatcher (202)225-3631 (202)225-1117 GA 3 Richard Ray (202)225-5901 GA 4 Ben Jones (202)225-4272 (202)225-8675 GA 5 John Lewis (202)225-3801 (202)225-0351 GA 6 Newt Gingrich (202)225-4501 (202)225-4656 GA 7 George (Buddy) Darden (202)225-2931 GA 8 J. Roy Rowland (202)225-6531 GA 9 Ed Jenkins (202)225-5211 (202)225-0594 GA S Wyche Fowler (202)224-3643 (202)224-8227 GA S Sam Nunn (202)224-3521 (202)224-0072 GA 10 Doug Barnard (202)225-4101 (202)225-1873 HI 1 Neil Abercrombie (202)225-2726 (202)225-4580 HI 2 Patsy Mink (202)225-4906 (202)225-4987 HI S Spark M. Akaka (202)224-6361 (202)224-2126 HI S Daniel K. Inouye (202)224-3934 (202)224-6747 IA 1 Jim Leach (202)225-6576 (202)225-1278 IA 2 Jim Nussle (202)225-2911 (202)225-9129 [ continued next message ] Paul Ferguson | Uncle Sam wants to read Network Integration Consultant | your e-mail... Centreville, Virginia USA | Just say "NO" to the Clipper fergp@sytex.com | Chip... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Fri, 23 Apr 93 11:13:51 PDT To: cypherpunks@toad.com Subject: Congressional FAX numbers 2/4 Message-ID: MIME-Version: 1.0 Content-Type: text/plain [ continued from previous message ] IA 3 David R. Nagle (202)225-3301 (202)225-9104 IA 4 Neal Smith (202)225-4426 IA 5 Jim Lightfoot (202)225-3806 (202)225-6973 IA 6 Fred Grandy (202)225-5476 IA S Charles Grassley (202)224-3744 (202)224-0473 IA S Tom Harkin (202)224-3254 (202)224-7431 ID 1 Larry LaRocco (202)225-6611 (202)225-1213 ID 2 Richard H. Stallings (202)225-5531 (202)225-2393 ID S Steven D. Symms (202)224-6142 (202)224-5893 ID S Larry Craig (202)224-2752 (202)224-2573 IL 1 Charles A. Hayes (202)225-4372 (202)225-7571 IL 2 Gus Savage (202)225-0773 (202)225-8608 IL 3 Marty Russo (202)225-5736 (202)225-0295 IL 4 George Sangmeister (202)225-3635 (202)225-4447 IL 5 William O. Lipinski (202)225-5701 (202)225-1012 IL 6 Henry Hyde (202)225-4561 (202)225-1240 IL 7 Cardiss Collins (202)225-5006 (202)225-8396 IL 8 Dan Rostenkowski (202)225-4061 IL 9 Sidney Yates (202)225-2111 (202)225-3493 IL S Alan J. Dixon (202)224-2854 (202)224-5581 IL S Paul Simon (202)224-2152 (202)224-2223 IL 10 John Edward Porter (202)225-4835 (202)225-0157 IL 11 Frank Annunzio (202)225-6661 IL 12 Philip M. Crane (202)225-3711 IL 13 Harris W. Fawell (202)225-3515 (202)225-9420 IL 14 J. Dennis Hastert (202)225-2976 (202)225-0697 IL 15 Ewing Thomas W. IL 16 John W. Cox (202)225-5676 IL 17 Lane Evans (202)225-5905 (202)225-5396 IL 18 Robert Michel (202)225-6201 (202)225-9249 IL 19 Terry L. Bruce (202)225-5001 IL 20 Richard J. Durbin (202)225-5271 (202)225-0170 IL 21 Jerry F. Costello (202)225-5661 (202)225-0285 IL 22 Glenn Poshard (202)225-5201 (202)225-1541 IN 1 Peter J. Visclosky (202)225-2461 IN 2 Philip R. Sharp (202)225-3021 (202)225-8140 IN 3 Tim Roemer (202)225-3915 (202)225-6798 IN 4 Jill Long (202)225-4436 IN 5 James Jontz (202)225-5037 (202)225-5870 IN 6 Dan Burton (202)225-2276 (202)225-0016 IN 7 John T. Myers (202)225-5805 (202)225-1649 IN 8 Frank McCloskey (202)225-4636 (202)225-4688 IN 9 Lee Hamilton (202)225-5315 IN S Richard G. Lugar (202)224-4814 IN S Dan Coats (202)224-5623 (202)224-8964 IN 10 Andrew Jacobs (202)225-4011 (202)225-4093 KS 1 Pat Roberts (202)225-2715 (202)225-5375 KS 2 Jim Slattery (202)225-6601 (202)225-1445 KS 3 Jan Meyers (202)225-2865 (202)225-0554 KS 4 Dan Glickman (202)225-6216 (202)225-5398 KS 5 Dick Nichols (202)225-3911 (202)225-9415 KS S Robert J. Dole (202)224-6521 (202)224-8952 KS S Nancy L. Kassebaum (202)224-4774 (202)224-3514 KY 1 Carroll Hubbard (202)225-3115 (202)225-1622 KY 2 William Natcher (202)225-3501 KY 3 Romano Mazzoli (202)225-5401 KY 4 Jim Bunning (202)225-3465 (202)225-0003 KY 5 Harold Rogers (202)225-4601 (202)225-0940 KY 6 Larry J. Hopkins (202)225-4706 (202)225-1413 KY 7 Carl C. Perkins (202)225-4935 (202)225-1411 KY S Mitchell McConnell (202)224-2541 (202)224-2499 KY S Wendell H. Ford (202)224-4343 (202)224-1144 LA 1 Bob Livingston (202)225-3015 (202)225-0739 LA 2 William J. Jefferson (202)225-6636 (202)225-1988 LA 3 Billy Tauzin (202)225-4031 (202)225-0563 LA 4 Jim McCrery (202)225-2777 (202)225-8039 LA 5 Jerry Huckaby (202)225-2376 (202)225-2387 LA 6 Richard Hugh Baker (202)225-3901 (202)225-7313 LA 7 James A. Hayes (202)225-2031 (202)225-1175 LA 8 Clyde C. Holloway (202)225-4926 (202)225-6252 LA S J. Bennett Johnston (202)224-5824 LA S John Breaux (202)224-4623 (202)224-9753 MA 1 John Oliver MA 2 Richard E. Neal (202)225-5601 (202)225-8112 MA 3 Joseph D. Early (202)225-6101 (202)225-3181 MA 4 Barney Frank (202)225-5931 MA 5 Chester G. Atkins (202)225-3411 MA 6 Nicholas Mavroules (202)225-8020 (202)225-8023 MA 7 Edward J. Markey (202)225-2836 (202)225-8689 MA 8 Joseph P. Kennedy (202)225-5111 (202)225-9322 MA 9 Joe Moakley (202)225-8273 (202)225-7804 MA S John Kerry (202)224-2742 (202)224-8525 MA S Edward M. Kennedy (202)224-4543 (202)224-2417 MA 10 Gerry Studds (202)225-3111 MA 11 Brian Donnelly (202)225-3215 MD 1 Wayne T. Gilchrest (202)225-5311 (202)225-0254 MD 2 Helen Delich Bentley (202)225-3061 (202)225-4251 MD 3 Benjamin L. Cardin (202)225-4016 (202)225-9219 MD 4 C. Thomas McMillen (202)225-8090 MD 5 Steny H. Hoyer (202)225-4131 (202)225-4300 MD 6 Beverly B. Byron (202)225-2721 (202)225-6159 MD 7 Kweisi Mfume (202)225-4741 (202)225-3178 MD 8 Constance A. Morella (202)225-5341 (202)225-1389 MD S Paul S. Sarbanes (202)224-4524 (202)224-1651 MD S Barbara Mikulski (202)224-4654 (202)224-8858 ME 1 Thomas H. Andrews (202)225-6116 (202)225-9065 ME 2 Olympia J. Snowe (202)225-6306 ME S William S. Cohen (202)224-2523 (202)224-2693 ME S George Mitchell (202)224-5344 MI 1 John Conyers (202)225-5126 (202)225-0072 MI 2 Carl Pursell (202)225-4401 MI 3 Howard Wolpe (202)225-5011 (202)225-8602 MI 4 Frederick S. Upton (202)225-3761 (202)225-4986 MI 5 Paul B. Henry (202)225-3831 MI 6 Bob Carr (202)225-4872 (202)225-1260 MI 7 Dale E. Kildee (202)225-3611 (202)225-6393 MI 8 Bob Traxler (202)225-2806 MI 9 Guy Vander Jagt (202)225-3511 MI S Carl M. Levin (202)224-6221 MI S Donald W. Riegle (202)224-4822 MI 10 Dave Camp (202)225-3561 (202)225-9679 MI 11 Robert W. Davis (202)225-4735 MI 12 David E. Bonior (202)225-2106 (202)225-1169 MI 13 Barbara-Rose Collins (202)225-2261 MI 14 Dennis M. Hertel (202)225-6276 MI 15 William Ford (202)225-6261 MI 16 John D. Dingell (202)225-4071 (202)225-7426 MI 17 Sander M. Levin (202)225-4961 (202)225-1033 MI 18 William Broomfield (202)225-6135 (202)225-1807 MN 1 Timothy J. Penny (202)225-2472 MN 2 Vin Weber (202)225-2331 (202)225-0987 MN 3 Jim Ramstad (202)225-2871 (202)225-6351 MN 4 Bruce F. Vento (202)225-6631 (202)225-1968 MN 5 Martin Olav Sabo (202)225-4755 MN 6 Gerry Sikorski (202)225-2271 (202)225-4347 MN 7 Collin C. Peterson (202)225-2165 (202)225-1593 MN 8 James L. Oberstar (202)225-6211 (202)225-0699 MN S David Durenberger (202)224-3244 (202)224-9846 MN S Paul Wellstone (202)224-5641 (202)224-8438 MO 1 William Clay (202)225-2406 (202)225-1725 MO 2 John Kelly Horn (202)225-2561 MO 3 Richard Gephardt (202)225-2671 (202)225-7452 MO 4 Ike Skelton (202)225-2876 MO 5 Alan Wheat (202)225-4535 (202)225-5990 MO 6 E. Thomas Coleman (202)225-7041 (202)225-4799 MO 7 Mel Hancock (202)225-6536 (202)225-7700 MO 8 Bill Emerson (202)225-4404 (202)225-9621 MO 9 Harold L. Volkmer (202)225-2956 (202)225-7834 MO S John C. Danforth (202)224-6154 MO S Christopher Bond (202)224-5721 (202)224-7491 MS 1 Jamie Whitten (202)225-4306 (202)225-4328 MS 2 Mike Espy (202)225-5876 MS 3 G. V. (Sonny) Montgomery (202)225-5031 (202)225-3375 MS 4 Mike Parker (202)225-5865 (202)225-5886 MS 5 Gene Taylor (202)225-5772 (202)225-7074 MS S Trent Lott (202)224-6253 (202)224-2262 MS S Thad Cochran (202)224-5054 (202)224-9450 MT 1 Pat Williams (202)225-3211 (202)225-1257 MT 2 Ron Marlenee (202)225-1555 (202)225-1558 MT S Conrad Burns (202)224-2644 (202)224-8594 [ continued next message ] Paul Ferguson | Uncle Sam wants to read Network Integration Consultant | your e-mail... Centreville, Virginia USA | Just say "NO" to the Clipper fergp@sytex.com | Chip... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Fri, 23 Apr 93 11:13:45 PDT To: cypherpunks@toad.com Subject: Congressional FAX numbers 3/4 Message-ID: MIME-Version: 1.0 Content-Type: text/plain [ continued from previous message ] MT S Max S. Baucus (202)224-2651 (202)224-4379 NC 1 Walter B. Jones (202)225-3101 (202)225-3354 NC 2 Tim Valentine (202)225-4531 (202)225-1539 NC 3 H. Martin Lancaster (202)225-3415 (202)225-0666 NC 4 David E. Price (202)225-1784 (202)225-6314 NC 5 Stephen L. Neal (202)225-2071 NC 6 Howard Coble (202)225-3065 (202)225-8611 NC 7 Charles Rose (202)225-2731 (202)225-2470 NC 8 W. G. Hefner (202)225-3715 (202)225-4036 NC 9 J. Alex McMillan (202)225-1976 (202)225-8995 NC S Terry Sanford (202)224-3154 (202)224-7406 NC S Jesse A. Helms (202)224-6342 (202)224-1376 NC 10 Cass Ballenger (202)225-2576 (202)225-1316 NC 11 Charles Taylor (202)225-6401 (202)225-0519 ND 1 Byron L. Dorgan (202)225-2611 (202)225-9436 ND S Kent Conrad (202)224-2043 (202)224-7776 ND S Quentin Burdick (202)224-2551 (202)224-1193 NE 1 Douglas Bereuter (202)225-4806 NE 2 Peter Hoagland (202)225-4155 (202)225-4684 NE 3 Bill Barrett (202)225-6435 (202)225-0207 NE S Bob Kerrey (202)224-6551 (202)224-7645 NE S J. James Exon (202)224-4224 (202)225-5213 NH - Smith (202)224-2841 (202)224-1353 NH 1 Bill Zeliff (202)225-5456 (202)225-4370 NH 2 DIck Swett (202)225-5206 (202)225-0046 NH S Warren Rudman (202)224-3324 NJ 1 Robert T. Andrews (202)225-6501 NJ 2 William Hughes (202)225-6572 (202)225-8530 NJ 3 Frank Pallone (202)225-4671 (202)225-9665 NJ 4 Christopher Smith (202)225-3765 (202)225-7768 NJ 5 Marge Roukema (202)225-4465 (202)225-9048 NJ 6 Bernard J. Dwyer (202)225-6301 (202)225-1553 NJ 7 Matthew Rinaldo (202)225-5361 NJ 8 Robert Roe (202)225-5751 (202)225-3071 NJ 9 Robert Torricelli (202)225-5061 (202)225-0843 NJ S Frank Lautenberg (202)224-4744 (202)224-9707 NJ S Bill Bradley (202)224-3224 (202)224-8567 NJ 10 Donald Payne (202)225-3436 (202)225-4160 NJ 11 Dean A. Gallo (202)225-5034 (202)225-0658 NJ 12 Dick Zimmer (202)225-5801 NJ 13 Jim Saxton (202)225-4765 (202)225-0778 NJ 14 Frank J. Guarini (202)225-2765 (202)225-7023 NM 1 Steven H. Schiff (202)225-6316 (202)225-4975 NM 2 Joe Skeen (202)225-2365 (202)225-9599 NM 3 Bill Richardson (202)225-6190 NM S Pete V. Domenici (202)224-6621 (202)224-7371 NM S Jeff Bingaman (202)224-5521 (202)224-1810 NV 1 James H. Bilbray (202)225-5965 (202)225-8808 NV 2 Barbara F. Vucanovich (202)225-6155 (202)225-2319 NV S Richard Bryan (202)224-6244 (202)224-1867 NV S Harry Reid (202)224-3542 (202)224-7327 NY 1 George J. Hochbrueckner (202)225-3826 (202)225-0776 NY 2 Thomas J. Downey (202)225-3335 (202)225-1275 NY 3 Robert J. Mrazek (202)225-5956 (202)225-7215 NY 4 Norman Lent (202)225-7896 (202)225-0357 NY 5 Raymond McGrath (202)225-5516 (202)225-3626 NY 6 Floyd H. Flake (202)225-3461 (202)225-4169 NY 7 Gary Ackerman (202)225-2601 NY 8 James Scheuer (202)225-5471 (202)225-9695 NY 9 Thomas J. Manton (202)225-3965 (202)225-1452 NY S Daniel P. Moynihan (202)224-4451 (202)224-9293 NY S Alfonse D'Amato (202)224-6542 (202)224-5871 NY 10 Charles E. Schumer (202)225-6616 (202)225-4183 NY 11 Edolphus Towns (202)225-5936 (202)225-1018 NY 12 Major R. Owens (202)225-6231 (202)225-0112 NY 13 Stephen Solarz (202)225-2361 (202)225-9469 NY 14 Susan Molinari (202)225-3371 (202)225-1272 NY 15 Bill Green (202)225-2436 (202)225-0840 NY 16 Charles B. Rangel (202)225-4365 (202)225-0816 NY 17 Ted Weiss (202)225-5635 (202)225-6923 NY 18 Jose Serrano (202)225-4361 NY 19 Eliot L. Engel (202)225-2464 NY 20 Nita M. Lowey (202)225-6506 (202)225-0546 NY 21 Hamilton Fish (202)225-5441 (202)225-0962 NY 22 Benjamin Gilman (202)225-3776 NY 23 Micheal McNulty (202)225-5076 (202)225-5077 NY 24 Gerald B. H. Solomon (202)225-5614 (202)225-1168 NY 25 Sherwood L. Boehlert (202)225-3665 (202)225-1891 NY 26 David O'B. Martin (202)225-4611 NY 27 James T. Walsh (202)225-3701 (202)225-4042 NY 28 Matthew F. McHugh (202)225-6335 NY 29 Frank Horton (202)225-4916 (202)225-5909 NY 30 Louise M. Slaughter (202)225-3615 (202)225-7822 NY 31 Bill Paxon (202)225-5265 (202)225-5910 NY 32 John J. LaFalce (202)225-3231 (202)225-8693 NY 33 Henry J. Nowak (202)225-3306 (202)225-3523 NY 34 Amo Houghton (202)225-3161 (202)225-5574 OH 1 Thomas Luken (202)225-2216 (202)225-2293 OH 2 Willis Gradison (202)225-3164 OH 3 Tony Hall (202)225-6465 (202)225-6766 OH 4 Michael Oxley (202)225-2676 OH 5 Paul E. Gillmor (202)225-6405 (202)225-1985 OH 6 Bob McEwen (202)225-5705 (202)225-0224 OH 7 David Hobson (202)225-4324 (202)225-1984 OH 8 John A. Boehner (202)225-6205 (202)225-0704 OH 9 Marcy Kaptur (202)225-4146 (202)225-7711 OH S Howard M. Metzenbaum (202)224-2315 (202)224-8906 OH S John H. Glenn (202)224-3353 (202)224-7983 OH 10 Clarence E. Miller (202)225-5131 (202)225-5132 OH 11 Dennis E. Eckart (202)225-6331 (202)225-6331 OH 12 John R. Kasich (202)225-5355 OH 13 Donald J. Pease (202)225-3401 (202)225-0066 OH 14 Thomas C. Sawyer (202)225-5231 (202)225-5278 OH 15 Chalmers Wylie (202)225-2015 OH 16 Ralph Regula (202)225-3876 (202)225-3059 OH 17 James A. Traficant (202)225-5261 (202)225-3719 OH 18 Douglas Applegate (202)225-6265 OH 19 Edward F. Feighan (202)225-5731 (202)225-1230 OH 20 Mary Rose Oakar (202)225-5871 (202)225-0663 OH 21 Louis Stokes (202)225-7032 OK 1 James M. Inhofe (202)225-2211 (202)225-9187 OK 2 Michael L. Synar (202)225-2701 (202)225-2796 OK 3 Bill Brewster (202)225-4565 (202)225-9029 OK 4 Dave McCurdy (202)225-6165 (202)225-9746 OK 5 Mickey Edwards (202)225-2132 (202)225-1193 OK 6 Glenn English (202)225-5565 (202)225-8698 OK S David L. Boren (202)224-4721 (202)224-0154 OK S Donald L. Nickles (202)224-5754 (202)224-6008 OR 1 Les AuCoin (202)225-0855 (202)225-2707 OR 2 Robert F. Smith (202)225-6730 (202)225-3129 OR 3 Ron Wyden (202)225-4811 OR 4 Peter A. DeFazio (202)225-6416 (202)225-0694 OR 5 Mike Kopetski (202)225-5711 (202)225-9477 OR S Mark O. Hatfield (202)224-3753 (202)224-0276 OR S Bob Packwood (202)224-5244 (202)224-9065 PA 1 Thomas Foglietta (202)225-4731 (202)225-0088 PA 2 William H. Gray (202)225-4001 PA 3 Robert A. Borski (202)225-8251 (202)225-4628 PA 4 Joseph P. Kolter (202)225-2565 (202)225-0526 PA 5 Richard Schulze (202)225-5761 (202)225-8464 PA 6 Gus Yatron (202)225-5546 (202)225-5548 PA 7 Curt Weldon (202)225-2011 (202)225-8137 PA 8 Peter H. Kostmayer (202)225-4276 (202)225-5060 PA 9 Bud Shuster (202)225-2431 PA S Harris Wofford (202)224-6324 (202)225-8187 PA S Arlen Specter (202)224-4254 (202)224-9029 PA 10 Joseph McDade (202)225-3731 (202)225-9594 PA 11 Paul Kanjorski (202)225-6511 PA 12 John P. Murtha (202)225-2065 (202)225-5709 PA 13 Lawrence Coughlin (202)225-6111 (202)225-1238 PA 14 William J. Coyne (202)225-2301 PA 15 Donald L. Ritter (202)225-6411 (202)225-5248 PA 16 Robert S. Walker (202)225-2411 (202)225-2484 PA 17 George Gekas (202)225-4315 (202)225-8440 PA 18 Rick Santorum (202)225-2135 (202)225-7747 PA 19 William Goodling (202)225-5836 (202)225-1000 PA 20 Joseph M. Gaydos (202)225-4631 PA 21 Thomas Ridge (202)225-5406 (202)225-1081 PA 22 Austin J. Murphy (202)225-4665 (202)225-4772 PA 23 William F. Clinger (202)225-5121 (202)225-4681 [ continued next message ] Paul Ferguson | Uncle Sam wants to read Network Integration Consultant | your e-mail... Centreville, Virginia USA | Just say "NO" to the Clipper fergp@sytex.com | Chip... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Fri, 23 Apr 93 11:11:37 PDT To: cypherpunks@toad.com Subject: Congressional FAX numbers 4/4 Message-ID: <41Zg3B4w165w@sytex.com> MIME-Version: 1.0 Content-Type: text/plain [ continued from previous message ] RI 1 Ronald K. Machtley (202)225-4911 (202)225-4417 RI 2 John F. Reed (202)225-2735 (202)225-9580 RI S John H. Chafee (202)224-2921 (202)224-0166 RI S Claiborne Pell (202)224-4642 (202)224-4680 SC 1 Arthur Ravenel (202)225-3176 (202)225-4340 SC 2 Floyd Spence (202)225-2452 (202)225-2455 SC 3 Butler Derrick (202)225-5301 SC 4 Elizabeth J. Patterson (202)225-6030 (202)225-7664 SC 5 John M. Spratt (202)225-5501 (202)225-0464 SC 6 Robin M. Tallon (202)225-3315 (202)225-2857 SC S Ernest F. Hollings (202)224-6121 (202)224-3573 SC S Strom Thurmond (202)224-5972 (202)224-1300 SD 1 Tim Johnson (202)225-2801 (202)225-2427 SD S Thomas Daschle (202)224-2321 (202)224-2047 SD S Larry Pressler (202)224-5842 (202)224-1630 TN 1 James H. Quillen (202)225-6356 (202)225-7812 TN 2 John J. Duncan (202)225-5435 (202)225-6440 TN 3 Marilyn Lloyd (202)225-3271 (202)225-6974 TN 4 Jim Cooper (202)225-6831 (202)225-4520 TN 5 Bob Clement (202)225-4311 (202)225-1035 TN 6 Bart Gordon (202)225-4231 (202)225-6887 TN 7 Don Sundquist (202)225-2811 (202)225-2814 TN 8 John S. Tanner (202)225-4714 (202)225-1765 TN 9 Harold E. Ford (202)225-3265 (202)225-9215 TN S Albert Gore (202)224-4944 (202)224- TN S Jim Sasser (202)224-3344 (202)224-9590 TX 1 Jim Chapman (202)225-3035 (202)225-7265 TX 2 Charles Wilson (202)225-2401 (202)225-1764 TX 3 Sam Johnson (202)225-4201 TX 4 Ralph M. Hall (202)225-6673 (202)225-3332 TX 5 John Bryant (202)225-2231 TX 6 Joe Barton (202)225-2002 (202)225-3052 TX 7 Bill Archer (202)225-2571 (202)225-4381 TX 8 Jack Fields (202)225-4901 (202)225-6899 TX 9 Jack Brooks (202)225-6565 (202)225-1584 TX S Lloyd Bentsen (202)224-5922 TX S Phil Gramm (202)224-2934 TX 10 J. J. Pickle (202)225-4865 (202)225-1103 TX 11 Chet Edwards (202)225-6105 (202)225-0350 TX 12 Pete Geren (202)225-5071 (202)225-2786 TX 13 Bill Sarpalius (202)225-3706 (202)225-6142 TX 14 Greg Laughlin (202)225-2831 (202)225-1108 TX 15 E. (Kika) De la Garza (202)225-2531 (202)225-2534 TX 16 Ronald D. Coleman (202)225-4831 TX 17 Charles W. Stenholm (202)225-6605 (202)225-2234 TX 18 Craig Washington (202)225-3816 TX 19 Larry Combest (202)225-4005 (202)225-9615 TX 20 Henry Gonzalez (202)225-3236 (202)225-1915 TX 21 Lamar S. Smith (202)225-4236 TX 22 Thomas D. DeLay (202)225-5951 TX 23 Albert G. Bustamante (202)225-4511 (202)225-3849 TX 24 Martin Frost (202)225-3605 (202)225-4951 TX 25 Michael Andrews (202)225-7508 (202)225-4210 TX 26 Richard K. Armey (202)225-7772 (202)225-7614 TX 27 Solomon Ortiz (202)225-7742 (202)225-1134 US - George Bush (202)456-2168 UT 1 James V. Hansen (202)225-0453 (202)225-5857 UT 2 Wayne Owens (202)225-3011 (202)225-3524 UT 3 Bill Orton (202)225-7751 (202)225-1223 UT S Edwin (Jake) Garn (202)224-5444 UT S Orrin G. Hatch (202)224-5251 (202)224-6331 VA 1 Herbert Bateman (202)225-4261 (202)225-4382 VA 2 Owen B. Pickett (202)225-4215 (202)225-4218 VA 3 Thomas J. Bliley (202)225-2815 VA 4 Norman D. Sisisky (202)225-6365 (202)225-1170 VA 5 Lewis F. Payne (202)225-4711 (202)225-1147 VA 6 Jim Olin (202)225-5431 (202)225-9623 VA 7 D. French Slaughter (202)225-6561 VA 8 Jim Moran (202)225-4376 (202)225-0017 VA 9 Rick Boucher (202)225-3861 VA S John W. Warner (202)224-2023 (202)224-6295 VA S Charles Robb (202)224-4024 (202)224-8689 VA 10 Frank R. Wolf (202)225-5136 (202)225-0437 VT 1 Bernie Sanders (202)225-4115 (202)225-6790 VT S Patrick Leahy (202)224-4242 VT S Jim Jeffords (202)224-5141 (202)224-1507 WA 1 John R. Miller (202)225-6311 (202)225-0636 WA 2 Al Swift (202)225-2605 WA 3 Jolene Unsoeld (202)225-3536 (202)225-9095 WA 4 Sid Morrison (202)225-5816 (202)225-9293 WA 5 Thomas S. Foley (202)225-2006 WA 6 Norman D. Dicks (202)225-5916 (202)225-1176 WA 7 Jim McDermott (202)225-3106 (202)225-9212 WA S Slade Gorton (202)224-3441 (202)224-9393 WA S Brock Adams (202)224-2621 (202)224-0238 WA 8 Rod Chandler (202)-225-776 WI 1 Les Aspin (202)225-3031 WI 2 Scott Klug 1202)225-2906 (202)225-6942 WI 3 Steve Gunderson (202)225-5506 WI 7 David Obey (202)225-3365 WI 8 Toby Roth (202)225-5665 (202)225-0087 WI 9 F. James Sensenbrenner (202)225-5101 (202)225-3190 WI S Herbert Kohl (202)224-5653 (202)224-9787 WI S Robert Kasten (202)224-5323 (202)224-7700 WV 1 Alan B. Mollohan (202)225-4172 (202)225-7564 WV 2 Harley O. Staggers (202)225-4172 WV 3 Robert Wise (202)225-2711 WV 4 Nick Joe Rahall (202)225-3452 (202)225-9061 WV S John D. Rockefeller (202)224-6472 (202)224-1689 WV S Robert C. Byrd (202)224-3954 (202)224-4025 WY 1 Craig Thomas (202)225-2311 (202)225-0726 WY S Alan K. Simpson (202)224-3424 (202)224-1315 WY S Malcolm Wallop (202)224-6441 (202)224-3230 8<------ End of Forwarded message ----- Cheers. Paul Ferguson | Uncle Sam wants to read Network Integration Consultant | your e-mail... Centreville, Virginia USA | Just say "NO" to the Clipper fergp@sytex.com | Chip... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uri@watson.ibm.com Date: Fri, 23 Apr 93 10:45:39 PDT To: cypherpunks@toad.com Subject: Re: fingerprint keys over ham radio In-Reply-To: <9304231520.AA17416@enet-gw.pa.dec.com> Message-ID: <9304231745.AA15192@buoy.watson.ibm.com> MIME-Version: 1.0 Content-Type: text/plain "Welcome to Addendia, Mr. Lee. 23-Apr-1993 1109" writes: > One thing to be careful of: Amateur radio must *not* use codes or > cyphers to obscure meaning. All information transmission must be in > the clear (not necessarily English, but no encryption of data). That's OK - nobody's going to send encrypted data, just the keys...In plain English...And keys' fingerprints... Regards, Uri. ------------ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Do you know what's in the trunk? 23-Apr-1993 1646 Date: Fri, 23 Apr 93 13:45:17 PDT To: cypherpunks@toad.com Subject: subliminal channels on ham radio Message-ID: <9304232045.AA27921@enet-gw.pa.dec.com> MIME-Version: 1.0 Content-Type: text/plain KLB says: >Hmm... if authenticating signatures can be transmitted, then some >enterprising and patient cryptographers can also transmit messages, >encrypted if desired, back and forth using one of the "subliminal >channel" protocols! [and goes on to explain such steganography] yes, you could _theoretically_ use steganography in the authentication block, but it would be illegal. Very simply, you must not transmit a message over the Amateur bands if that message contains information that is not "in the clear". And I doubt any ham would knowingly transmit such a message... hams would consider it "poor form". Hams and amateur radio has been self- policing since WW 1 and Hiram Maxim's passage of a congressional bill *making* ham radio self-policing to the greatest extent possible. That's why the US hams were not silenced "for security reasons" during WW I, and the tradition of self-policing ham radio has held up ever since. Besides, essentially *all* ham traffic is monitored- usually by other hams, as well as by shortwave listeners, scanner groupies, and even, occasionally, the FCC. Hams will DF (direction-find) in on anybody on their frequencies who break the rules with the ruthless efficiency of Truly and Justly Annoyed Citizens, and the FCC has (at last!) agreed to accept tapes made by hams as legal evidence in seizure proceedings. Thus, the ham radio frequencies are "the wrong pool to piss in", if you get my drift. -Bill, N1KGX From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Sandy <72114.1712@CompuServe.COM> Date: Fri, 23 Apr 93 11:52:49 PDT To: Subject: MYKOTRONX Message-ID: <930423184013_72114.1712_FHF38-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain _________________________________________________________________ FROM THE VIRTUAL DESK OF SANDY SANDFORT ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Following Harry Shapiro's lead, I did some research on Mykotronx by calling up the California Franchise Tax Board. The bureaurats told me Mykotronx is a California corporation (#1403668) in good standing. Incorporated in April of '87, its address is 357 Van Ness Way; Torrence, CA. They could not tell me if Mykotronx were publicly traded. Its filings with the State are not available for public inspection. S a n d y _________________________________________________________________ PLEASE RESPOND TO: ssandfort@attmail.com (except from CompuServe) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Fri, 23 Apr 93 12:11:26 PDT To: cypherpunks@toad.com Subject: Aiding the cause (or, Spreading the word) Message-ID: <953g3B1w165w@sytex.com> MIME-Version: 1.0 Content-Type: text/plain For those of you who do not receive the comp.risks feed, the Wiretap Chip (Clipper) is debate is taking hold on several forefronts. What this tells me is this: People are starting to realize the negative implications of this Big Brother "technology." I say: Great, but there's alot of eyes to open out there and we need to let Joe and Janet Lunchbucket know how this will affect them. 8<------ Begin forwarded message ------------------------ Date: Thu, 22 Apr 93 12:12:44 -0700 From: Mark Seecof Subject: "key escrow" (Clipper Chip; RISKS 14.51) (At the risk of redundancy (with other contributors)): 1. Although gov't press releases and gov't surrogates like Dorothy Denning keep talking about warrants (actually, they say "proper authorization") for Clipper keys, the government has never abandoned (and does not even deny) the practice of conducting warrantless wiretaps for "national security" reasons. How will keys be obtained to decrypt such intercepts? My guess--the security of the "escrow" agencies will be secretly compromised. And then, the time will come when the NSA turns over political or criminal information with little or no "national security/foreign/military intelligence" content to the FBI, etc. My fallback guess is that the Skipjack algorithm will have a back door. 2. The key escrow scheme is a pottery container of fecal matter. Right now in California we are enjoying two scandals involving the release, to unauthorized persons, of "secret" data, by employees of government and private organizations, in violation of: their employers' policies, their own terms of employment, state criminal law, and common (civil) law. These (Anaheim PD employee release of DMV address info to anti-abortion terrorists; various people including police employees giving info to an ADL investigator) are representative, not exhaustive of the problem. Does anybody remember the Walker (U.S. Navy) spy scandal of a few years ago? Walker ring members, despite vetting by the military (perhaps inefficient, but more thorough than likely in civilian agencies), exposure to the most severe legal sanctions, and even the cultural pressures of their military communities, sold out Navy cipher secrets and keys to actual enemies for fairly small amounts of money. N.B.: the Walker ring had no ideological motivations. Anyone who says that the key escrow scheme will protect the privacy of Clipper users is naive, stupid, or wicked. Of course, as someone will point out: "the Walker ring got caught!"--but catching malefactors will not prevent the harm they do before they are detected. 3. The assertion that the government should, by rights, be able to decrypt private communications for "law enforcement" purposes should be challenged. Privacy advocates should not concede this important debate-framing assumption. Advances in digital computing have made it possible for ordinary people to use powerful machine cipher techniques. But such systems will not prevent police agents from eavesdropping directly or by various bugging methods. It may be (I suspect it is so) that depriving the police of convenient wiretapping might have little effect over, say, ten years, on their (police) ability to detect and interfere with criminals. Mark Seecof 8<----- End forwarded message ------------------------- Someone drop this guy a line to get him to join our cause! (Actually, I'v already done that.) We can always use a LA Times cypherpunk, can't we? ;-) Cheers. Paul Ferguson | Uncle Sam wants to read Network Integration Consultant | your e-mail... Centreville, Virginia USA | Just say "NO" to the Clipper fergp@sytex.com | Chip... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: andrew m. boardman Date: Fri, 23 Apr 93 11:55:10 PDT To: meyer@mcc.com Subject: Traffic analysis, anyone? (was: Anyone know where I can get a thesaurus by ftp?) In-Reply-To: <19930423180014.9.MEYER@OGHMA.MCC.COM> Message-ID: <199304231854.AA24203@ground.cs.columbia.edu> MIME-Version: 1.0 Content-Type: text/plain [from a help file] FTP directly to the Project Gutenberg archives: ftp mrcnext.cso.uiuc.edu login: anonymous password: your@login cd etext/etext91 [and get the preferred format of roget*; that's roget's thesaurus.] From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: elee9sf@Menudo.UH.EDU Date: Fri, 23 Apr 93 13:23:15 PDT To: cypherpunks@toad.com Subject: RADIO: keys, ham, and subliminal channels Message-ID: <199304232022.AA29561@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain > The meaning must still be in clear but you are allowed to send a > authenticating "signature" in code, as long as the signature > contains no information other than authentication itself that was > not also transmitted in clear. That's why autopatch Hmm... if authenticating signatures can be transmitted, then some enterprising and patient cryptographers can also transmit messages, encrypted if desired, back and forth using one of the "subliminal channel" protocols! A subliminal channel allows people to communicate by essentially disguising their true message in the digital signature of the message they transmit openly. It would take several exchanges between the two to transmit a real message, since I recall the subliminal channels I've looked at allow the transfer of a few numbers at a time, but it could be done! /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: geoffw@nexsys.net (Geoff White) Date: Fri, 23 Apr 93 16:01:21 PDT To: cypherpunks@toad.com Subject: KPFA at Sat Meeting Message-ID: <9304232255.AA05714@nexsys.nexsys.net> MIME-Version: 1.0 Content-Type: text/plain I took the liberty of calling KPFA's (The Pacifica Affiliate here in the Bay Area and telling them about this saturday's meeting. I figured we could use the help of the "sympathetic pres" and they do have 50,000 watts of power. We could craft a real good statement that would go out to most of the "activist" types in the area. I've take one or two of their phone calls but have been vectoring them over to John (gnu@toad.com) and Tim` to answer more detailed questions. They seem to know about us as they mentioned John and Eric by name. I sent them the dirtections to the meeting and a couple of e-mail messages (press releases and a few comments) to their account on kpfa@well.sf.ca.us. Hope this is a help not a hinderance. ------------------------------------------------------------------------------- NEXUS SYSTEMS/CYBERTRIBE-5 Editor/Instigator/Catalyst : Geoff White Production Crew : Universal Movement Trinity "They might stop the party, but they can't stop the future" --PGP Public key available upon request-- ------------------------------------------------------------------------------- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Valerie Lambert Date: Fri, 23 Apr 93 17:30:39 PDT To: cypherpunks@toad.com Subject: Re: CLIPPER: Explanation sheet? Message-ID: <9304232306.AA27182@valis.biocad.com> MIME-Version: 1.0 Content-Type: text/plain In article , David Reeve Sward writes: >I (along with others) have some sort of phrase in our .signature saying >"Stop the Clipper Chip" or somesuch. Since adding this, I have had >several people ask me about this, and I have fired off an explanation to >them. I am wondering if there is a Wiretap Chip Explanation Sheet to >send to people instead of trying to make sure I remember everything (and >without double-checking everything I say). Has anyone written such a >beast? I have compiled a "layperson's" Clipper-shit I mean sheet containing a very short intro, announcements from the White House, AT&T, the EFF, the CPSR, and various news articles. David, I will mail you a copy. If anyone else wants one, let me know. -- Valerie Lambert * valerie@biocad.com * 415/903-3923 * AT&T: phones with Big Brother Built Inside! Just say "NO" to the Clipper wiretap chip. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Fri, 23 Apr 93 15:36:29 PDT To: Subject: Re: encrypted telnet Message-ID: <930423220355_74076.1041_FHD84-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain I missed the context because my mailbox overflowed, but Eric mentioned Diffie-Hellman key exchange. If the need is for a one-shot quick-n-dirty session key exchange (as for the audio talk program John Gilmore mentioned) an alternative is to do a quick PGP keygen, send the session key across using the PGP key, then destroy the PGP key. The only reason I mention this is that it can be done in a couple of minutes with existing tools tomorrow, if you need it. Eric is right that if you are designing something from scratch DH is often more appropriate (although PK's allow for authentication if you have a trusted signature, preventing spoofing attacks). Hal From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pmetzger@lehman.com (Perry E. Metzger) Date: Fri, 23 Apr 93 15:31:07 PDT To: extropians@gnu.ai.mit.edu Subject: A parable Message-ID: <9304232230.AA11266@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain I just posted this to the net. ---------------------------------------------------------------------- Newsgroups: alt.privacy.clipper,sci.crypt Subject: A Parable. References: <1993Apr20.013747.4122@cs.sfu.ca> <1993Apr21.210353.15305@microsoft.com> Distribution: usa Organization: Partnership for an America Free Drug scottmi@microsoft.com (Scott Miller (TechCom)) writes: >Stikes me that all this concern over the government's ability >to eavesdrop is a little overblown... what can't they do today? >My understanding is that they already can tap, listen, get access >exc. to our phone lines, bank records, etc. etc again. Well, they can't listen in on much of mine, since I already use cryptography for much of my electronic mail, and will start using it for my telephony as soon as practical. However, allow me to tell a parable. There was once a far away land called Ruritania, and in Ruritania there was a strange phenonmenon -- all the trees that grew in Ruritainia were transparent. Now, in the days when people had lived in mud huts, this had not been a problem, but now high-tech wood technology had been developed, and in the new age of wood, everyone in Ruritania found that their homes were all 100% see through. Now, until this point, no one ever thought of allowing the police to spy on someone's home, but the new technology made this tempting. This being a civilized country, however, warrants were required to use binoculars and watch someone in their home. The police, taking advantage of this, would get warrants to use binoculars and peer in to see what was going on. Occassionally, they would use binoculars without a warrant, but everyone pretended that this didn't happen. One day, a smart man invented paint -- and if you painted your house, suddenly the police couldn't watch all your actions at will. Things would go back to the way they were in the old age -- completely private. Indignant, the state decided to try to require that all homes have video cameras installed in every nook and cranny. "After all", they said, "with this new development crime could run rampant. Installing video cameras doesn't mean that the police get any new capability -- they are just keeping the old one." A wise man pointed out that citizens were not obligated to make the lives of the police easy, that the police had survived all through the mud hut age without being able to watch the citizens at will, and that Ruritania was a civilized country where not everything that was expedient was permitted. For instance, in a neighboring country, it had been discovered that torture was an extremely effective way to solve crimes. Ruritania had banned this practice in spite of its expedience. Indeed, "why have warrants at all", he asked, "if we are interested only in expedience?" A famous paint technologist, Dorothy Quisling, intervened however. She noted that people might take photographs of children masturbating should the new paint technology be widely deployed without safeguards, and the law was passed. Soon it was discovered that some citizens would cover their mouths while speaking to each other, thus preventing the police from reading their lips through the video cameras. This had to be prevented, the police said. After all, it was preventing them from conducting their lawful surveilance. The wise man pointed out that the police had never before been allowed to listen in on people's homes, but Dorothy Quisling pointed out that people might use this new invention of covering their mouths with veils to discuss the kidnapping and mutilation of children. No one in the legislature wanted to be accused of being in favor of mutilating children, but then again, no one wanted to interfere in people's rights to wear what they liked, so a compromise was reached whereby all homes were installed with microphones in each room to accompany the video cameras. The wise man lamented few if any child mutilations had ever been solved by the old lip reading technology, but it was too late -- the microphones were installed everwhere. However, it was discovered that this was insufficient to prevent citizens from hiding information from the authorities, because some of them would cleverly speak in languages that the police could not understand. A new law was proposed to force all citizens to speak at all times only in Ruritanian, and, for good measure, to require that they speak clearly and distinctly near the microphones. "After all", Dorothy Quisling pointed out, "they might be using the opportunity to speak in private to mask terrorist activities!" Terrorism struck terror into everyone's hearts, and they rejoiced at the brulliance of this new law. Meanwhile, the wise man talked one evening to his friends on how all of this was making a sham of the constitution of Ruritania, of which all Ruritanians were proud. "Why", he asked, "are we obligated to sacrifice all our freedom and privacy to make the lives of the police easier? There isn't any real evidence that this makes any big dent in crime anyway! All it does is make our privacy forfeit to the state!" However, the wise man made the mistake of saying this, as the law required, in Ruritanian, clearly and distinctly, and near a microphone. Soon, the newly formed Ruritanian Secret Police arrived and took him off, and got him to confess by torturing him. Torture was, after all, far more efficient than the old methods, and had been recently instituted to stop the recent wave of people thinking obscene thoughts about tomatoes, which Dorothy Quisling noted was one of the major problems of the new age of plenty and joy. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fnerd@smds.com (FutureNerd Steve Witham) Date: Fri, 23 Apr 93 18:29:05 PDT To: cypherpunks@toad.com Subject: Family key is symmetric Message-ID: <9304240107.AA18653@smds.com> MIME-Version: 1.0 Content-Type: text/plain As I understand it, the Skipjack system is symmetric, i.e., decrypt key= encrypt key. Also, the unit serial number seems to only get encrypted with the family key. So, once the family key and the algorithm are known, it will be possible to create messages with any unit serial number you want, right? Wouldn't this be enough to foil the casual traffic-analysis feature of the crippler? --fnerd the keyhole chip the wing clipper co-intel inside as seen on whitehouse stationery only open a crack the taped lock cyphergate "Daffy, you quack me up." --Elmer From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Dave Banisar Date: Fri, 23 Apr 93 18:53:38 PDT To: extropians@gnu.ai.mit.edu Subject: Re: Privacy International (fwd) Message-ID: <9304232159.AA20673@hacker2.eff.org> MIME-Version: 1.0 Content-Type: text/plain RE: PI and Clipper Privacy International recently nominated the FBI for its Big Brother Award (see below) for the digital telephony proposal. Need I say more? For more info on PI, check out the CPSR Internet Library at cpsr.org /privacy_international Dave Banisar Director, PI Washington Office (one of my many hats) ------ Forwarded Message The following forwarded from alt.privacy. Anybody have experience with this group? Have they taken a position on the wiretap chip? ... THE BIG BROTHER AWARDS Governments, private sector organizations, credit bureaus, police departments and the military in many countries are engaging in programs which have the effect of eroding the rights and privacy of individuals. These practices often breach international human rights conventions, and threaten the balance or evolution of free and open societies. In many cases, information technology is used for the purposes of increasing the power of authorities, while diminishing the rights of individuals. These violations occur in all parts of the world. The Big Brother awards sponsored by Privacy International, will be given to the organization, initiative, government or act which is most invasive of private life, or which is responsible for the most dangerous and intrusive acts of surveillance. Privacy International believes that there should be a more widespread awareness of these practices. We believe people have the right to know when governments or other organizations are engaging in intrusive practices that limit individual rights. We aim to provide an effective context for viewing these invasive practices, by establishing an international benchmark. The establishment of the Big Brother awards aims to provide a world-wide focus on surveillance and privacy. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peter honeyman Date: Fri, 23 Apr 93 22:10:51 PDT To: cypherpunks@toad.com Subject: saltzer and schroeder on information protection Message-ID: <9304240438.AA11728@relay1.UU.NET> MIME-Version: 1.0 Content-Type: text/plain this is taken from a paper i'm writing with avi rubin. it's not a sound bite, more like a snack. peter =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Experts dismiss systems that hide cryptographic algorithms or protocols (a.k.a. "security through obscurity"). Kahn [1] cites Kerckhoffs' classic treatise on military security [2]. Saltzer and Schroeder [3] reflect the modern view in describing "open design" as one of the basic principles of information protection: The design should not be secret. The mechanisms should not depend on the ignorance of potential attackers, but rather on the possession of specific, more easily protected, keys or passwords. This decoupling of protection mechanisms from protection keys permits the mechanisms to be examined by many reviewers without concern that the review may itself compromise the safeguards. In addition, any skeptical user may be allowed to convince himself that the system he is about to use is adequate for his purpose. Finally, it is simply not realistic to attempt to maintain secrecy for any system which receives wide distribution. 1. D. Kahn, The Codebreakers, Macmillan Publishing Co., New York (1967). 2. A. Kerckhoffs, La Cryptographie Militaire, Libraire Militaire de L. Baudoin & Cie., Paris (1883). 3. J.H. Saltzer and M.D. Schroeder, "The Protection of Information in Computer Systems," Proc. of the IEEE, Vol. 63(9), pp. 1278-1307 (September, 1975). From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mmidboe@uahcs2.cs.uah.edu (Matt Midboe) (Computer Science Dept., Univ. of Alabama-Huntsville) Date: Sat, 24 Apr 93 14:14:19 PDT To: cypherpunks@toad.com Subject: CLIPPER: Intergraph and AT&T Message-ID: <9304240833.AA09866@uahcs2.cs.uah.edu> MIME-Version: 1.0 Content-Type: text Some quick tidbits from a lurker...I had read about Intergraph being unhappy with AT&T. I called up Intergraph and talked to someone in their legal department about the possibility of them going after AT&T for trademark infringements. She said they were looking into that possibility, and asked me to send her what information I could on Clipper. Hopefully this will prove to be fruitful in disarming the Wiretap Chip. I'd post her email address but I don't have it at home with me right now. Also, this doesn't fall in line with the Wiretap chip, but has anyone implemented fossil routines with some type of encryption? I am not completely familiar with the ins and outs of cryptography but I am more than willing to write up all the fossil routines for a dos machine. I guess dos is the only thing that has fossils though. Lastly, I just wanted to see what other Huntsville cypherpunks might be lurking about. If so then I would like to hear from you. mmidboe@uahcs2.uah.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Bill Sommerfeld Date: Sat, 24 Apr 93 11:45:05 PDT To: mckang@solomon.technet.sg Subject: OSF's DCE In-Reply-To: Message-ID: <9304241349.AA00464@orchard.medford.ma.us> MIME-Version: 1.0 Content-Type: text/plain OSF's DCE is a "distributed systems toolkit" which provides tools and infrastructure for building distributed systems. The relevant point to cypherpunks is that it uses cryptographic techniques to provide authentication and (optionally) data privacy using DES and Kerberos V5. Unfortunately, the data privacy features must be disabled in the exportable versions. Contact the OSF or any of the many vendors (HP, IBM, DEC, Transarc, ...) selling ports of the code for more details. - Bill From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Wayner Date: Sat, 24 Apr 93 12:19:05 PDT To: honey@citi.umich.edu Subject: Re: saltzer and schroeder on information protection Message-ID: <199304241352.AA11064@access.digex.com> MIME-Version: 1.0 Content-Type: text/plain Although the "details" are classified at this time, I believe that the secrecy is just part of the plan to prevent software implementations that could easily spoof anyone who was trying to listen in by munging the law enforcement block. I'm sure the algorithm would continue to be secure even after the details are discovered. The secrecy is to control use not to prevent decryption. This is, I believe, the greatest achilles heel of this proposal. There are at least 40 million PC's in this country. They would like this chip to become the "standard" for all encryption. That would mean putting in every machine. The cost of this could range from $25 to $100 per machine. That means this whole plan could cost $1 billion to $4 billion dollars in real money. A new software encryption standard, however, could be promulgated with about one summer's work by an undergraduate handy with C. I believe that people aren't going to be willing to add the additional hardware to their PC boxes. Look how slowly better video standards have evolved in the PC domain. Look how slowly CD-ROMs are becoming standard. Everyone agrees that this technology would be nice, but no one is willing to raise the level of their standard boxes to include this hardware. Raising the price of their standard box puts them at a competitive disadvantage. So the lowest common denominator continues. DES chips have been around for _years_ and no one builds them into their boxes. Why is this chip going to be any different? -Peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: The Phantom Date: Sat, 24 Apr 93 11:35:19 PDT To: cypherpunks@toad.com Subject: Summary sheet? Message-ID: MIME-Version: 1.0 Content-Type: text/plain Does anyone have a summary sheet they have come up with that I could distribute? With some of my mailings (to my congresspeople, mostly) I'd like to inform them to exactly what I am talking about. Anything this weekend I can get my hands on would help -- Matt Matt Thomlinson Say no to the Wiretap Chip! University of Washington, Seattle, Washington. Internet: phantom@u.washington.edu phone: (206) 528-5732 PGP 2.2 key available via email or finger phantom@hardy.u.washington.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Matthew J Miszewski Date: Sat, 24 Apr 93 11:36:50 PDT To: cypherpunks@toad.com Subject: DEAD AIR Message-ID: <23042411582967@vms2.macc.wisc.edu> MIME-Version: 1.0 Content-Type: text/plain Wow, When the cypherpunks have a physical meeting cyberspace fills with an erie silence... Please for those of us who could neither attend the various meetings nor hook up with other transmissions, could ONE person post a good summary. My Mailbox was actually empty thisafternoon!!! Matt From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Tom Keenan Date: Sat, 24 Apr 93 11:32:09 PDT To: cypherpunks@toad.com Subject: hi guys... Message-ID: <9304241830.AA22592@acs3.acs.ucalgary.ca> MIME-Version: 1.0 Content-Type: text/plain sub Thomas P. Keenan -- Dr. Tom Keenan, I.S.P. Associate Dean, R&D, Faculty of Cont. Ed. University of Calgary 2500 University Dr. NW Calgary, AB T2N 1N4 CANADA (403) 220-4715 (voice) (403) 284-5702 (fax) keenan@acs.ucalgary.ca (email) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Tom Keenan Date: Sat, 24 Apr 93 11:32:53 PDT To: cypherpunks@toad.com Subject: hi guys Message-ID: <9304241831.AA89944@acs3.acs.ucalgary.ca> MIME-Version: 1.0 Content-Type: text/plain sub Thomas P. Keenan -- Dr. Tom Keenan, I.S.P. Associate Dean, R&D, Faculty of Cont. Ed. University of Calgary 2500 University Dr. NW Calgary, AB T2N 1N4 CANADA (403) 220-4715 (voice) (403) 284-5702 (fax) keenan@acs.ucalgary.ca (email) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Simona Nass Date: Sat, 24 Apr 93 12:43:07 PDT To: cypherpunks@toad.com Subject: SEA Letter to New York Times Editors re Clipper (fwd) Message-ID: <199304241942.AA14929@sun.Panix.Com> MIME-Version: 1.0 Content-Type: text/plain I faxed this out last night. The press release is our next step. We are looking to put together a more detailed, more technologically savvy version to send to computer mags and stuff. Those who want to help, subscribe to sea-media-request@panix.com. We can use your help on this next version. -S. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Society for Electronic Access Post Office Box 3131 Church Street Station New York, NY 10008-3131 Internet: sea@panix.com Phone Contact: Steve Barber, (212) 787-8421 April 23, 1993 Via Fax: (212) 556-3690 Letters to the Editor The New York Times 229 West 43rd St. New York, NY 10036 Dear Editor: Last week the Clinton Administration proposed a new standard for encrypting telephone messages and other electronic transmissions (see John Markoff's articles in the New York Times, "Electronics Plan Aims to Balance Government Access With Privacy," April 16, 1993, p. A1, and "Communications Plan Draws Mixed Reaction," April 17, 1993, p. 35). The announcement took by surprise many people who are concerned with the security and privacy of digital communications. The Society for Electronic Access, an organization concerned with civil liberties and access issues involving computers, believes that the government is acting with undue speed in its desire to begin widespread use of the "Clipper chip" in six months, before the full implications of its plans have been explored. We strongly believe that more thought and study should be directed to the government's decision. In its haste to mediate between the desire of government agencies to intercept unlawful communications and the right of citizens to privacy, the administration may end up promoting a plan that is responsive to neither side. Among the issues that raise serious concerns: + Other encryption techniques currently in wide use have been subjected to rigorous public scrutiny, but the "Skipjack" algorithm embodied in Clipper is secret. No one knows whether it may contain unforeseen vulnerabilities or even deliberately-inserted backdoors for easy decoding. Examination by a government-picked panel of cryptographic experts is not sufficient to guarantee its security -- and certainly not the abbreviated examination that would be possible under the administration's fast-track plan for putting Clipper into service. At a very minimum, the Administration has an obligation to allow inspection by more independent experts, and to say why this scheme must be kept private, while other encryption standards of the past two decades have been widely published + The proposal to hold user's keys in escrow for wiretapping is inadequately defined. No one knows who will hold the keys, how they will protect the key database from illicit access or how a Clipper phone might be re-secured once its keys have been released for tapping. (Consider, by the way, that a magnetic tape cartridge holding keys for all the telephones in America could fit in a shirt pocket.) Such crucial issues should be settled before Clipper is even considered. + By throwing its weight behind the Clipper chip, the government appears to be unfairly subsidizing a handful of companies at the expense of the rest of the U.S. telecommunications industry. (Indeed, others who have attempted to develop secure communications equipment have as often as not found roadblocks thrown in their way.) The rationale for awarding such an enormous potential windfall is unclear. + Because the Clipper chip is not intended for export, U.S. companies that adopt it could be at a serious disadvantage in international markets. They would have to develop and maintain dual product lines or else cede the global competition for secure telecommunications to other nations. The government should abandon its attempt to rush Clipper-based equipment into the market until these and other issues have been addressed. Although introduction of the Clipper chip does not (at least at the moment) appear intended to foreclose the development and sale of other encryption technologies, the government's preferred solution is likely to have a strong impact. If it turns out to be vulnerable, or if it impedes the entry of U.S. firms into the international market for secure telecommunications, both our constitutional freedoms and our economic competitiveness will be severely damaged. Any technology that bears such risks must be subjected to thorough public scrutiny and open debate before a decision is made on whether to adopt it. Sincerely, Simona Nass President Board of Directors: Stacy Horn Joe King John McMullen Simona Nass Lance Rose, Esq. Alexis Rosen Paul Wallich From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: szabo@techbook.com (Nick Szabo) Date: Sat, 24 Apr 93 18:47:13 PDT To: cypherpunks@toad.com Subject: Consumer phone privacy info sheet Message-ID: MIME-Version: 1.0 Content-Type: text/plain Greetings cypherpunks, I'm preparing this consumer phone privacy info sheet to post to libernet, misc.consumers, etc. Any corrections or further information greatly appreciated. ---------------------------------------------------------------- Instead of developing phones allowing truly private conversations, which are now feasible, AT&T recently put a phone on the market that contains the NSA-designed "Clipper" wiretap chip. All users' encryption keys are registered with the U.S. government, giving it exclusive access to wiretapping this system's phones. The use of an unpublished algorithm and other features also make the system insecure; see the newsgroups sci.crypt and the mailing list "cypherpunks", cypherpunks-request@toad.com for details. AT&T by this action has demonstrated its contempt for its customers' privacy. Here are some other long-distance providers that may have more respect. All U.S. long-distance companies are required to surrender to telephone taps under government "authorization", but some require more "authorization" than others, or otherwise make a greater fuss about it. Companies which use primarily multichannel fiber optic lines are physically more difficult to tap. Allnet Long Distance Services 1-800-783-2020 MCI, commercial 1-800-888-0800 MCI, residential 1-800-950-5555 Metromedia Communications Corp. 1-800-275-2273 One-2-One Communications 1-800-293-4121 Sprint, residential 1-800-877-7746 Sprint, business 1-800-733-5566 True privacy can be obtained with a veil of encryption, by using pairs of phones containing privacy chips, which scramble the signals *and* keep the keys private. Contact your local business telephone dealers for privacy phones from Ericson and other companies. Please e-mail me detailed info on these phones, and also further info on long distance services, and I will post a summary along with my own research findings. Nick Szabo szabo@techbook.com Protect your electronic privacy with PGP -- public key available From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: x62727g2@usma8.USMA.EDU (Gatlin Anthony CDT) Date: Sat, 24 Apr 93 16:56:03 PDT To: cypherpunks@toad.com Subject: Wiretap Chip Message-ID: <9304242352.AA03691@usma8.usma.edu> MIME-Version: 1.0 Content-Type: text/plain Intellectual Marvels and Omniscient Beings, I am looking for some books on advanced bit manipulation techniques, matrix manipulation algorithms, and variant functions. Does anyone have a good bibliography? Also, if you have the source code for any of these things, I would be interested in seeing it. Thank you very much! Anthony J. Gatlin |-------------------------------------| Cadet Private, Co. G-2 |PGP Public Key available on request. | United States Military Academy |-------------------------------------| From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu@cygnus.com Date: Sat, 24 Apr 93 20:01:42 PDT To: lile.elam@eng.sun.com Subject: Brainstorm results from today's meeting Message-ID: <9304250301.AA00503@cacophony.cygnus.com> MIME-Version: 1.0 Content-Type: text/plain We brainstormed questions and issues resulting from Clinton's crypto policy review and `Clipper' proposal. Here's the raw results. Cypherpunks, please read it over; clarify your own questions if they didn't get transcribed correctly, and send me the updates (as Unix diffs or context diffs) at: gnu@toad.com. I'll collate the changes, and repost this document to cypherpunks. When we're happy with it, the group can disseminate it to sci.crypt, news media, or whoever else. John Gilmore Cypherpunks brainstorm question list (copy to tenney@netcom.com) Why is ATT the only one to find out early about this chip? Why was it developed in secret? Why not a competitive bid? How much will it cost the taxpayers and the government to maintain these two escrow agencies? How much will escrow cost? Who will pay for escrow? what's the smallest number of people who could compromise this system (in various configurations)? What are the court, legislative, execute and wartime excuses for the control of crypto? Is emulation of clipper illegal? Is reverse engineering illegal? Is revealing algorithm (reverse engineered etc) illegal? Consequences to the public if the algorithm or family key is revealed? Does key escrow violate ED trade rules (the data protection aspects, too)? What's the protocol for generating keys? How to regain privacy once a wiretap has been done? Does a subpoena reveal earlier, recorded conversations? How many people will know the family key? Why hand out keys during a wiretap rather than give the cyphertext to the escrow agency for decode? What sort of escrow agencies have been considered? Is it constitutional to delegate escrow to a private agency? Is there a "separation of powers" issue? How many people have access to the secret keys during generation? Will smaller groups be able to establish their own escrow agencies? How about privileged conversations (lawyer, doctor, clergy, client)? Will the NSA claim that there is no alternative way to read messages without the key(s)? (How) will U.S. escrow rules have an affect on other crypto systems like DigiCash? Will US take subpoenas from foreign countries? What protects US citizens fro foreign governments with violative laws? What effect occurs for multinational companies? Impact on intelligence gathering? Can traffic analysis be done with serial number? Will traffic analysis be done with serial number? Will keys be shared with foreign intelligence organizations? How many systems will there be to that can be used to decrypt? Who will control them? Would knowing the algorithms compromise security? If not, why not publish them? If yes, what would be the effect of their discovery? What protections do we have against blackmailing by escrow agents? What about steaganography? Will escrowed keys be shared with foreign intelligence organizations? Will the make chips available now for reverse engineering? Will it be illegal to encrypt before using clipper? How to enforce? Will intelligence agencies be able to listen to the conversations they are legally allowed to? Will any decryption devices be made available to foreign intelligence organizations? What's the lifetime flow of keys from manufacturer, to escrow, to wiretap agencies? What protects the keys at each stage? Why the hurry? Why no public evaluation before deployment? Where will all the decryption devices be kept? What was the policy-making procedure that was followed in producing this plan? Who owns/controls Mykotronix? Is the key escrow process online of offline? Where will all the decryption devices be? Since Skipjack was developed with government funds, how much is Mykotronix compensating the government for their monopoly? How are keys generated? Where are keys generated? How many key generation places/devices will there be? Who gave the government the right to listen in? How to citizens supply input to the crypto process? How to find out the status? How much will it cost to get a registered key? Does the government believe citizens have the right to use/sell crypto systems of our own choice? Is the review process classified? Do we have access to the outcome? Why? First and Fifth Amendment issues? Why was the Legislature not involved? Why was industry not involved? What evidence supports the governments claimed need to break into our conversations? What is it worth, breaking into our conversations? How much cost should we bear? What are the costs today of wiretaps? Will we have to register to buy secure devices? Will there be restriction on who can buy or sell them? Are the escrowed keys tied to hardware or people? Can we sell our clipper devices without re-registration? Will Clipper be exportable? Will individuals be able to take them overseas for personal use? How long has this process been underway? Which agencies have been involved? How long each? Is Clipper only for voice, or data and other applications too? Does it make sense to use Clipper for data storage? Is Clipper intended to replace DES in all applications? What scenarios dive the design of crypto policy? What scenarios drive the design of Clipper? What alternatives to Clipper have been considered? How many successfully prosecuted terrorist cases have included wiretap evidence? What is the expected useful lifetime of the Clipper technology? During the useful life what percent of keys is expected to be revealed? What other "family" members will be differentiated by different family keys? Have they filed an EIR on this? Will it be possible to reuse a device which has been compromised? What is the impact on society if the Clipper initiative doesn't succeed? How can a citizen tell if a Clipper-equipped product has been compromised by a prior tap? Can the chips be built overseas? Can they be imported? Have any Clipper chips been introduced to use yet? Where are those keys escrowed now? What challenge process have the Clipper chips survived? What's an appropriate challenge process for crypto systems? Who are the people with access to all the work products to build the chips -- masks, net lists, wafers, half-built wafers, reject wafers? What are the mechanisms for destroying the work products? What is the procedure when the family key is revealed? How can the public be sure keys will only be revealed upon proper warrant? How does a company qualify to manufacture Clipper chips? What does it cost? What environmental conditions will cause the chips programmed data to be lost? How does this (crypto) policy/process impact companies with existing or future business in crypto? How will backups of escrow agents be protected? How many single points of failure are in the system? Have war planners blessed the plan as acceptable risks during wartime? What agencies have approved this plan? What agencies have DISapproved this plan? Given a single point of failure, what are the implications to national security? What about Clipper chip second-source in case of inability to manufacture? What impact on the economy would a temporary or permanent problem in Mykotronix have? Is this system immune to spoofing? Are Clipper-encrypted devices more susceptible to jamming than other systems or plaintext? Does escrow release allow spoofing that user? Does family key allow any user to be spoofed? To hear both sides of a conversation, do you need two keys and two warrants? What kinds of protection is the government trying to encourage? Traffic analysis, Authenticity privacy, anonymity? What is the question for which Clipper is the answer? What was it's design goals? How will leaks in the registration process or escrow process be detected? (viz. leaks by SSA employees?) How long will use remain voluntary? Do citizens have the right to use any encryption system? Do citizens have the right to research any encryption system? Do non-citizens have the right to use/research encryption systems? What agency will be responsible for auditing the escrow process or use of revealed keys? Is there civil or other liability for escrow agents who reveal keys illegally? Will we get specifications of the Clipper interface so that we can build our own encryption chips? Will the chip transmit identifying info in the clear? As part of the standard protocol? As an option? Are users required to use the protocols as specified if they use the chip in their products? What does the government see as it's role in setting standards for domestic cryptography? How to restore security after a wiretap? What is the numerical risk of the system being cracked within a year? 5 years? 10 years? What is the risk of it's being cracked without the knowledge of the public? Will government feel that it is legal to record encrypted conversations without violated the subjects rights? (Because it is secure.) What measures will the government use to promulgate this proposal? Has government offered incentives to companies to encourage them to adopt it? How long will it take from warrant to obtain keys? (Fast response for terrorists?) How will the number of revealed keys be limited? By law? Currently less than 1000 wiretaps/year.) Will Clipper chips be allowed or required in pay phones? Is this proposed to be accompanied by changes to the phone systems as the Digital Telephony proposal suggested? Who bought Dorothy Denning and for how much? Where does Dorothy Denning's funding come from? If wiretappers record conversations how long will the be able to save them? Is Clipper suitable for use in a national health care information system? What are the national security implications of the availability of unavailability of encryption? What is the cost of alternative involving direct interception of voice using microphones? How will the other (non-search-warranted) person involved in a wiretap be protected? How does the government feel about a foreign company doing business in the US and talking to their own governments? How will encrypted cellular phone standards be determined? In a public process? How will end-to-end encryption standards for phones be determined? How will these be made interoperable? What is the legal process required to tap a persons communications? Then what further process is needed to decrypt intercepted communication? How will this scheme prevent criminals from circumventing the system? (Buy a phone, use it only once, etc) Does Clipper reveal the chip phone number it's receiving from, in normal operation, like caller ID? Can law enforcement ask for it's own keys (eg. in a sting operation?) Can citizens query the escrow database for their own keys? Can users determine their own chip number? How does this interface with ISDN? Does a warrant give access to all phones in the house (or other warranted site)? How will this jeopardize citizen's rights to anonymity in voting (and electronic voting)? Does this technology enable the same invasions as caller ID? What is the procedure if a phone is stolen? Why don't we develop a privacy policy rather than a policy on cryptography? What is the governments policy on privacy with respect to cryptography? What is the reaction from Data Protection Boards in other countries? Can an individual ask whether or not that are being wiretapped? What changes are recommended in those laws? What are they going to do about RSA patents on which they are infringing? Will a search warrant cover a phone, a line, a person, or device, or place? What is going to be done about "Clipper" trademark conflict? Can you find the unit key of your own device? What will be done about other patents being infringed? What are the implications of swapping chips between devices? How to government and private need for privacy differ? Is it worth risking the privacy of 240 million citizens for 1000 wiretaps a year? In what other areas can this technology be used (camcorders, FAX, etc) How will clipper keep up with current advances in semiconductor speed, given restrictions on who can build them? Who is Clipper for? Who benefits? Is chip packaging part of security of the device, or is it all in the fab? (eg. can it fit in any desirable package.) How does technology and fab requirements affect yield and price? How will chips and devices be tested? Are there "undocumented" test modes that might reveal properties of the algorithm or programming? How does current Clipper design relate to the designers previous designs? (personal design style, libraries used, etc) Could Clipper be integrated economically with a general purpose CPU? What statistics will the chip main on-board? Who will get specs? What info will Clipper subliminally transmit in messages? How does the strength of Clipper compare to DES, RSA, or IDEA? How does the efficiency compare? Do you plan to monitor peoples movie choices selected via "video dialtone" services? Will there be a mechanism for particular people to keep their IDs out of the database? (judges, law enforcement, etc) Will the NSA or law enforcement use Clipper themselves? Will their keys be escrowed in the same way? If Clipper is not good enough for law enforcement etc why is it good enough for private individuals? What secondary uses (without serial numbers) will be made of the escrow database? (ie. counts of families, where families were sold/shipped, etc) Will chip numbers be correlated with personal ID (soc sec number, etc)? How will they ensure that further uses of the escrow data base be prevented? (see census database misuses) What happens if a (the?) Global Crypto Review policy says Clipper is a bad design? What if it says that the government shouldn't be setting crypto policy? What is the implication of another company/country produces a competing device? Why is DES still not exportable? What is the cost to commerce of export controls on crypto? Cost to privacy? Cost to civil liberties? Cost to trust in government? Cost to programs where crypto is ancillary (Prokey, Aldus Freehand, PKZIP, etc) "Not for export outside US or Canada" How would a non-escrowed-key crypto policy work? How does export control of a work of art or literary work survive a First Amendment challenge? Can crypto source code be exported on paper, in a book, in human readable form? Can the same code be exported as bits? As bar code? Printed? What cryptographic systems can currently be cracked by the NSA? At what cost? How much has been spent on crypto research in the last 50 years? How many fundamental mathematical breakthroughs have been made and revealed? How many are still secret? What is the cost to society of the secrecy? Would disclosure of the Skipjack/Clipper process/method/algorithm compromise it? How will we find reputable independent cryptographers who are willing to live within the limits imposed by getting a security clearance? What tangible results have benefited society from the intelligence community? Were they worth the cost? Has the intelligence community ever prevented a nuclear war? A terrorist attack affecting N (100,000?) people? How does the security of ClipperPhones compare to STU-35's? The cost? How many patent secrecy orders on crypto exist? Communications secrecy? Total number of patent secrecy orders are now in effect? What is the expected incidence of finding encrypted material in wiretaps without Clipper? How many crypto documents been declassified and reclassified? Why? By what authority did the NSA stop the phone encryption standard? What is the proper role in NSA setting domestic cryptography standards? ...policy? How can NIST be made independent of the NSA influence in setting domestic policy? How does secrecy detract from America's global competitiveness? What would be the international equivalent of "Clipper", allowing international business and wiretapping by all the governments? How many Clipper chips does the government expect one person to own? Can a free society be founded upon a societal model that assumes no ability to have truly private conversations? Can strong cryptography be outlawed while keeping freedom of inquiry and expression? How does Clipper interrelate with ISDN? Should the Federal government be allowed to accomplish with it's commercial and publicity activities what is prohibited from doing with it's enumerated powers? Will Clipper allow banks to stop using DES? If stored data can be encrypted with Clipper, can a warrant be obtained to decrypt stored information? What procedural safeguard will exist, like special requirements for wiretap requirements? Under what conditions or protections can a person be forced to reveal your keys? ...an escrow agency...? How can freedom of conscience be preserved when there is no privacy? Can Clipper be used for authentication? Can the government circumvent this if so? Are there different levels of protection for different types of data? Why is Capstone chip just made known to the public? -- THAT'S ALL FOLKS!! From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tburns@gmuvax.gmu.edu (Dave Burns) Date: Sat, 24 Apr 93 18:22:30 PDT To: cypherpunks@toad.com (NO wiretap chip!) Subject: Re: CLIPPER: Explanation sheet? Message-ID: <9304250123.AA02389@gmuvax2.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain >I have compiled a "layperson's" Clipper-shit I mean sheet containing a very >short intro, announcements from the White House, AT&T, td various news articles. David, I will mail you a copy. If anyone >else wants one, let me know. > >-- >Valerie Lambert * valerie@biocad.com * 415/903-3923 * AT&T: phones with Big >Brother Built Inside! Just say "NO" to the Clipper wiretap chip. May I have one? Wouldn't it be easier to just post it? Conside------------------------------------- Dave Burns tburns@gmuvax.gmu.edu 10310 Main St. #116 Fairfax, VA 22030 (703)993-1142 Wiretap Chip:IMPOSSIBLE (was Breakfast) ------------------------------------- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Sun, 25 Apr 93 10:27:52 PDT To: cypherpunks@toad.com Subject: Crypto references Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Sat, 24 Apr 93 19:52:42 EDT, Gatlin Anthony CDT wrote - AG> I am looking for some books on advanced bit manipulation AG> techniques, matrix manipulation algorithms, and variant AG> functions. Does anyone have a good bibliography? The WIRED May/June issue (page 59) listed probably the most relevant books on the topics (including the not-so-relevant) - 8<------ Cut Here --------- The Bedside Crypto Reader Further Readings on Cypherpunk Topics General ------- The Codebreakers Puzzle Palace David Kahn (Macmillan, 1967). James Bamford (Penguin, 1983). The seminal cryptographic history. A classic expose of thr National Security Agency. Books on Cryptographic Systems ------------------------------ Contemporary Cryptography Cryptography and Data Security Edited by Gustavus J. Simmons Dorothy Denning (Addison-Wesley, (IEEE Press, 1991). A fairly 1982). A good primer to the technical volume offering solid workings of crypto systems. background on the subject, including a chapter on the history of public-key cryptography by Whitfield Diffie. Sci-Fi Novels Beloved by Cypherpunks ------------------------------------ Ender's Game Orson Scott Card (Tor, 1985). Some vivid scenarios in which crypto anonymity is crucial. Shock-Wave Rider John Brunner (Balintine, 1976). Chilling representation of an oppresive lack of privacy in a networked society. True Names Werner Vinge (Blue Jay Books, 1984). A novel of cyberspace-style sojourns that outline links between electronic identity and physical identity. Cheers. Paul Ferguson | Uncle Sam wants to read Network Integration Consultant | your e-mail... Centreville, Virginia USA | Just say "NO" to the Clipper fergp@sytex.com | Chip... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Sun, 25 Apr 93 02:30:36 PDT To: cypherpunks@toad.com Subject: garbage files from pgp. Message-ID: <9304250754.AA07568@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain I'm still having problems with pgp. Sometimes when I use the program to encrypt a file, I get an output file full of trash. Other times, it works fine. I don't understand. Is this a bug, or am I just not using it righ, still? Thanx in advance. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | | But, I was mistaken. |available| | +-----------------------------+---------+ | mdiehl@triton.unm.edu | "I'm just looking for the opportunity | | mike.diehl@fido.org | to be Politically Incorrect! | | (505) 299-2282 | | +-----------------------+---------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Timothy Newsham Date: Sun, 25 Apr 93 12:04:37 PDT To: cypherpunks@toad.com Subject: encrypted irc Message-ID: <9304251904.AA09776@toad.com> MIME-Version: 1.0 Content-Type: text/plain I have implemented an encryption scheme with key exchange in an IRC client. It is now in working condition. Here are the details. Mail me if you wish to have a copy sent to you. ---- file: README ---------- this is a tinyirc client (client not written by me) but I added in encryption.. Right now encryption is done in DES for messages and RSA for key exchange. To set it up, unarchive (you probably already did this) then type : make this should make a program called 'sock' now you need to go into the RSA directory and make yourself a keypair. cd RSA make genrsa make genprim genrsa this makes two files 'public' and 'secret'. You need to install these: mv secret .. mv public ../ and give out your public key to everyone you want to talk to. This lets them send their key to you. run sock: cd .. sock join the same channel as your friend you wish to talk to: /join #channel send them your key, this lets them read any message typed by you (note you have to be in the same channel as them) /key (note the public key must be in the current directory) your friend will receive your key, and now everything you type can be read by him. In order to send your key to your friend you must have the file in your directory that is 's public key. He must have the matching secret key in the file 'secret' in his directory. If your friend changes nick's and the filename of his key isnt the same as his nick you can specify the file: /key thats it! Everything you type is encrypted with the same key which is chosen at random when you start up 'sock'. Every time you use sock a new key is used. Every time you want to talk to a new person you have to send them your key. Anyone who has your key can read any of your messages, so if you dont want people reading your messages dont give them your key. Everything you type is encrypted. some public keys are already provided in pubkeys/* copy them into current directory to use them. -------- Weaknesses: (1) serial number and DES key are generated with rand() after seeding with time value. They are generated at the same time, and serial number is a publically known value. This could allow people to brute force search through the pseudo-random numbers and find your key. This *should* be fixed, any ideas/ (2) RSA key as created by 'genrsa' is not very long! It is crackable right now. This could be lengthened easily enough by modifying genrsa.c . The rest of the program doesnt care what length key is used. (3) You can send alot of garbage to someone's screen by sending out wrong key's and/or sending out bad data matching keys already aquired. possible solution: header inside of the encrypted data. 1 character would give a 1/256 chance of this attack working. (4) probably alot more I didnt think about. ---------- Protocol: there are two types of messages, one to send keys across to other people, one to send across encrypted messages, all messages are sent to the current irc channel, not through messages to individual people: SKPJACK:xxxx:yyyy:zzzzz xxxx - the nick name of the intended recipient yyyy - the serial number of the key being transfered zzzz - ascii encoded RSA data messages of this format are used to send private keys (DES keys) to the recipient, ie /key nick. Messages received are ignored if xxxxx isnt our current nick. CLIPPER:xxxx:yyyy xxxx - the serial number of the key used to encrypt yyyy - the ascii encoded crypted data (DES) messages of this format are used to send encrypted chat messages. Messages received are ignored if we dont have the key corresponding to the serial number. ascii coding: each byte is broken into 2 nybbles (4 bits) and sent across as two characters, the first nybble is sent as hi+'a' and the second is sent as lo+'A' so alternate characters are always upper then lower then upper case and so on. (byte = hi<<4 + lo) Keys are generated randomly and each key has a random 32 bit serial number associated with it. The program uses the serial number to decided which key to decrypt with. The program keeps all the keys it receives. All messages you type are sent with your key, all messages you receive are decoded with the key matching the serial number sent with it. ----- CREDITS Alot of this software was not written by me, In fact my part was minimal. I stole code from the following people: The basic IRC client (tinyIRC) by: Nathan Laredo - "Green" gt7080a@prism.gatech.edu The RSA package by: (email address is no longer valid) Martin Nicolay ( martin@trillian.megalon.de ) Fliederstr. 23 4100 Duisburg 1 W-Germany I couldn't reach him via email. I got this package via anon-ftp, I hope he doesnt mind use of it in this program. The DES package (d3des): D3DES (V5.09) - A portable, public domain, version of the Data Encryption Standard. Written with Symantec's THINK (Lightspeed) C by Richard Outerbridge. Thanks to: Dan Hoey for his excellent Initial and Inverse permutation code; Jim Gillogly & Phil Karn for the DES key schedule code; Dennis Ferguson, Eric Young and Dana How for comparing notes; and Ray Lau, for humouring me on. Copyright (c) 1988,1989,1990,1991,1992 by Richard Outerbridge. (GEnie : OUTER; CIS : [71755,204]) Graven Imagery, 1992. He says "public domain" and then later "Copyright". I assume he means "freely distributable, useable". If any of you are out there thanx alot! Your code is much appreciated. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: x62727g2@usma8.USMA.EDU (Gatlin Anthony CDT) Date: Sun, 25 Apr 93 08:44:12 PDT To: cypherpunks@toad.com Subject: WIRED Message-ID: <9304251541.AA13969@usma8.usma.edu> MIME-Version: 1.0 Content-Type: text/plain How can I subscribe to WIRED? Anthony J. Gatlin |-------------------------------------| Cadet Private, Co. G-2 |PGP Public Key available on request. | United States Military Academy |-------------------------------------| From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: rustman@netcom.com (Rusty Hodge) Date: Sun, 25 Apr 93 11:56:34 PDT To: cypherpunks@toad.com Subject: Re: Consumer phone privacy info sheet In-Reply-To: Message-ID: <9304251856.AA12774@netcom2.netcom.com> MIME-Version: 1.0 Content-Type: text/plain > Companies which use primarily multichannel fiber optic lines are > physically more difficult to tap. Don't think so. Unless you have fiber running from your location (your home) to the calling party's location. The tap is placed on the subscriber loop - which for the time being is analog for most voice service. And even if it is digital, it is still copper from the CO. If you are concerned with eavesdropping, then your statement is accurate. It is very easy to eavesdrop on microwave and satellite long distance. I suspect the Clipper chip will be used heavily in digital cellular phones, if it isn't too much of a power hog. -- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Derek Atkins Date: Sun, 25 Apr 93 09:33:02 PDT To: x62727g2@usma8.USMA.EDU (Gatlin Anthony CDT) Subject: Re: WIRED In-Reply-To: <9304251541.AA13969@usma8.usma.edu> Message-ID: <9304251632.AA10525@podge> MIME-Version: 1.0 Content-Type: text/plain I believe the number is +1 800 GO WIRED, but I'm not 100% sure... -derek Derek Atkins, MIT '93, Electrical Engineering and Computer Science Secretary, MIT Student Information Processing Board (SIPB) MIT Media Laboratory, Speech Research Group warlord@MIT.EDU PP-ASEL N1NWH From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter shipley Date: Sun, 25 Apr 93 12:41:55 PDT To: cypherpunks@toad.com Subject: Re: Congressional FAX numbers Message-ID: <9304251939.AA00802@merde.dis.org> MIME-Version: 1.0 Content-Type: text/x-pgp -----BEGIN PGP SIGNED MESSAGE----- >From: rteasdal@polyslo.csc.calpoly.edu (Rusty) > >>CA 19 Robert J. Lagomarsino (202)225-3601 (202)225-3096 > > > Whoops! This one, at least, is dated information. In the 19th >district, Slagomarsino got his ass sent packing home by Michael Huffington >in the Republican primaries, and a good thing, too (Slag was an early >and ardent supporter of the federal "gag rule" on abortion). > > I'm not sure where Huffington would stand on the Clipper issue. >On the one hand, he's a transplanted Texas oil money scion who more or >less bought his seat in the single most expensive media blitz waged for >a House campaign last year (or any other year, for that matter). Still >and all, he seems to belong to the nearly extinct progressive wing of >the Republican party, based on views and actions to date. I suspect that >this independence of thought comes of not having to kowtow to the hard >right to get cash - $100 million in fuck-you money helps immensely. > > I also don't know if the number's still accurate. I shall >certainly be finding out. > > Rusty > > -----BEGIN PGP SIGNATURE----- Version: 2.2 iQBFAgUBK9rpBshmn7GUWLLFAQFWEwF+LqQ/Yg3Gpd1QcN2WfI6SVzZ9lCCJ7Aer AcHwLfpku2g0EDm/vsNLw/gfdhw6zwZG =Yt1P -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Round Waffle Date: Sun, 25 Apr 93 11:32:01 PDT To: x62727g2@usma8.USMA.EDU (Gatlin Anthony CDT) Subject: Re: WIRED In-Reply-To: <9304251541.AA13969@usma8.usma.edu> Message-ID: <9304251830.AA10237@titan.ucs.umass.edu> MIME-Version: 1.0 Content-Type: text Possessed by The Unholy, Gatlin Anthony CDT scrawled the following in blood: > > How can I subscribe to WIRED? > > Anthony J. Gatlin |-------------------------------------| > Cadet Private, Co. G-2 |PGP Public Key available on request. | > United States Military Academy |-------------------------------------| > Here's the info: Wired PO Box 191826 San Francisco, CA 94119-1826 (800) SO-WIRED lr@wired.com -Lou Rossetto (editor) $19.95 for one year (6 issues) +- eggo@titan.ucs.umass.edu --><-- Eat Some Paste -+ +- Yorn desh born, der ritt de gitt der gue, -+ +- Orn desh, dee born desh, de umn bork! bork! bork! -+ +----------------- The Durex Blender Corporation -----------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Pat Farrell" Date: Sun, 25 Apr 93 13:47:04 PDT To: cypherpunks@toad.com Subject: Congressional phone/fax, VA 11th district Message-ID: <60448.pfarrell@cs.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain The list that Paul sent out didn't even acknowledge that Virginia has an 11th district. The congresswoman is Leslie Byrne Phone (202) 225-1492 Fax (202) 255-2274 Pat Pat Farrell Grad Student pfarrell@cs.gmu.edu Department of Computer Science George Mason University, Fairfax, VA Public key availble via finger #include From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tenney@netcom.com (Glenn S. Tenney) Date: Sun, 25 Apr 93 18:17:57 PDT To: COMMUNET%UVMVM.BITNET@uga.cc.uga.edu Subject: No Subject Message-ID: <9304260117.AA12424@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain I received a fax of a letter from Representative Markey (Subcommittee on Telecommunications and Finance) to Ron Brown (Secretary of Commerce). Since encryption and the Clipper chip are raised in this letter, I felt it would be of interest to you. I understand that on 29 April, Mr. Markey will be holding a hearing on the questions raised in this letter. There may also be a follow-on hearing dedicated to the clipper chip, but that's not definite. I'm sending this to a few people (via BCC) and to a few mailing lists (listed in the TO line) related to privacy, encryption, clipper chip, etc. I'l also be posting this to the sci.crypt and alt.clipper newsgroups. Because of the traffic on some of the mailing lists, if you have a comment for me you should email directly to me. I've typed in the letter, which follows. Any errors in transcription are mine... --- Glenn Tenney tenney@netcom.com Amateur radio: AA6ER Voice: (415) 574-3420 Fax: (415) 574-0546 ------------------ letter of interest follows ---------------- April 19, 1993 The Honorable Ronald H. Brown Secretary Department of Commerce 14th and Pennsylvania Ave., NW Washington, DC 20236 Dear Secretary Brown: As you know, I have long been interested in the privacy and security of telecommunications transmissions and data in a networked environment. Recent reports concerning the Administration's endorsement of an electronic encryption standard, based upon "clipper chip" technology, have raised a number of related issues. The international competitiveness of U.S. high tech manufacturers and the software industry is a key factor that the government should consider when addressing issues of encryption and data security. As the nation moves forward in developing the national communications and information infrastructure, security of telecommunications transmissions and network data will be an increasingly important factor for protecting the privacy of users. The "hacker" community can compromise the integrity of telecommunications transmissions and databases linked by the network. The people and businesses that use the nation's telecommunications network and the personal computers linked through it increasingly are demanding that information be protected against unauthorized access, alteration, and theft. I am concerned that the Administration's plan may mean that to remain competitive internationally, U.S. companies would be compelled to develop two products -- one for U.S. government customers, and another for private, commercial users who may want a higher encryption standard. This may inadvertently increase costs to those U.S. companies hoping to serve both markets. To assist the Subcommittee's analysis of this issue, please respond to the following questions: 1. Has the encryption algorithm or standard endorsed by the Administration been tested by any entity other than NSA, NIST or the vendor? If so, please identify such entities and the nature of testing performed. If not, please describe any plans to have the algorithm tested by outside experts and how such experts will be chosen. 2. Under the Administration's plan, what entities will be the holders of the "keys" to decrypt scrambled data? What procedures or criteria will the Administration utilize to designate such key holders? 3. Does the encryption algorithm endorsed by the Administration contain a "trap door" or "back door," which could allow an agency or entity of the Federal government to crack the code? 4. It is clear that over time, changes in technologies used for communications will require new techniques and additional equipment. How will encryption devices adapt to the rapid advancement of telecommunications technology? 5. What additional costs would the proposed encryption place on the Federal government? What is the estimated cost to consumers and businesses which opt for the federal standard in their equipment? 6. What is the Commerce Department's assessment of the competitive impact of the Administration's endorsement of the "clipper chip" technology on U.S. exports of computer and telecommunications hardware and software products? I would appreciate your response by no later than close-of-business, Wednesday, April 28, 1993. If you have any questions, please have your staff contact Colin Crowell or Karen Colannino of the Subcommittee staff at (202) 226-2424. Sincerely, Edward J. Markey Chairman ### From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Valerie Lambert Date: Sun, 25 Apr 93 20:00:37 PDT To: cypherpunks@toad.com Subject: By popular request: A non-techy Clipper blurb Message-ID: <9304260159.AA13719@valis.biocad.com> MIME-Version: 1.0 Content-Type: text/plain Well, I received more than a dozen requests for this since I mentioned it here, and two people said I should post it. You have probably seen it all in one form or another already, but this is a handy package to send to other people who need an introduction to the issue. Embellish the intro, snip/forward at will. ----- begin blurb ----- INFORMATION ABOUT THE CLIPPER WIRETAP CHIP. DISTRIBUTE FREELY. The Clipper chip has been designed and introduced by the Federal government to standardize encryption technology so that law enforcement agencies can listen in on "private" conversations in electronic media. The device will initially be installed in government phones, and AT&T will also sell it for individual and business use. It is clear that the government would very much like the Clipper to become the standard for all future domestic electronic "private" communication. Many respected professionals in telecommunications and related industries fear that the government may soon make moves to outlaw or otherwise kill other encryption technology that could compete with the Clipper. This is not unlike the government demanding that you give them a sealed copy of all your future phone conversations and other computer-facilitated communications, just in case they ever want to open and examine them later. A pertinent quote from John Perry Barlow of the Electronic Frontier Foundation: The legal right to express oneself is meaningless if there is no secure medium through which that expression may travel. By the same token, the right to hold certain unpopular opinions is forfeit unless one can discuss those opinions with others of like mind without the government listening in. ...there is a kind of corrupting power in the ability to create public policy in secret while assuring that the public will have little secrecy of its own... This message contains announcements from the White House, AT&T, the Electronic Frontier Foundation, the Computer Professionals for Social Responsibility, and various news articles. Technical details and darker, deeper, evaluations of the Clipper project are available; see the usenet newsgroup sci.crypt for current info and pointers. _______________________________________________________________________________ FROM THE WHITE HOUSE From: clipper@csrc.ncsl.nist.gov (Clipper Chip Announcement) Subject: White House Public Encryption Management Fact Sheet Organization: National Institute of Standards & Technology Date: Fri, 16 Apr 1993 20:44:58 GMT Note: The following was released by the White House today in conjunction with the announcement of the Clipper Chip encryption technology. FACT SHEET PUBLIC ENCRYPTION MANAGEMENT The President has approved a directive on "Public Encryption Management." The directive provides for the following: Advanced telecommunications and commercially available encryption are part of a wave of new computer and communications technology. Encryption products scramble information to protect the privacy of communications and data by preventing unauthorized access. Advanced telecommunications systems use digital technology to rapidly and precisely handle a high volume of communications. These advanced telecommunications systems are integral to the infrastructure needed to ensure economic competitiveness in the information age. Despite its benefits, new communications technology can also frustrate lawful government electronic surveillance. Sophisticated encryption can have this effect in the United States. When exported abroad, it can be used to thwart foreign intelligence activities critical to our national interests. In the past, it has been possible to preserve a government capability to conduct electronic surveillance in furtherance of legitimate law enforcement and national security interests, while at the same time protecting the privacy and civil liberties of all citizens. As encryption technology improves, doing so will require new, innovative approaches. In the area of communications encryption, the U. S. Government has developed a microcircuit that not only provides privacy through encryption that is substantially more robust than the current government standard, but also permits escrowing of the keys needed to unlock the encryption. The system for the escrowing of keys will allow the government to gain access to encrypted information only with appropriate legal authorization. To assist law enforcement and other government agencies to collect and decrypt, under legal authority, electronically transmitted information, I hereby direct the following action to be taken: INSTALLATION OF GOVERNMENT-DEVELOPED MICROCIRCUITS The Attorney General of the United States, or her representative, shall request manufacturers of communications hardware which incorporates encryption to install the U.S. government-developed key-escrow microcircuits in their products. The fact of law enforcement access to the escrowed keys will not be concealed from the American public. All appropriate steps shall be taken to ensure that any existing or future versions of the key-escrow microcircuit are made widely available to U.S. communications hardware manufacturers, consistent with the need to ensure the security of the key-escrow system. In making this decision, I do not intend to prevent the private sector from developing, or the government from approving, other microcircuits or algorithms that are equally effective in assuring both privacy and a secure key- escrow system. KEY-ESCROW The Attorney General shall make all arrangements with appropriate entities to hold the keys for the key-escrow microcircuits installed in communications equipment. In each case, the key holder must agree to strict security procedures to prevent unauthorized release of the keys. The keys shall be released only to government agencies that have established their authority to acquire the content of those communications that have been encrypted by devices containing the microcircuits. The Attorney General shall review for legal sufficiency the procedures by which an agency establishes its authority to acquire the content of such communications. PROCUREMENT AND USE OF ENCRYPTION DEVICES The Secretary of Commerce, in consultation with other appropriate U.S. agencies, shall initiate a process to write standards to facilitate the procurement and use of encryption devices fitted with key-escrow microcircuits in federal communications systems that process sensitive but unclassified information. I expect this process to proceed on a schedule that will permit promulgation of a final standard within six months of this directive. The Attorney General will procure and utilize encryption devices to the extent needed to preserve the government's ability to conduct lawful electronic surveillance and to fulfill the need for secure law enforcement communications. Further, the Attorney General shall utilize funds from the Department of Justice Asset Forfeiture Super Surplus Fund to effect this purchase. _______________________________________________________________________________ FROM AT&T AT&T TO INCORPORATE NEW 'CLIPPER' CHIP INTO SECURE COMMUNICATIONS PRODUCT LINE GREENSBORO, N.C., April 16 AT&T (NYSE: T) said today it is moving to improve the security and privacy of telephone communications by incorporating a just-announced new U.S. government technology for voice encryption into its secure communications product line. AT&T will use the Clipper chip, announced today by President Clinton as a new technology for voice encryption, in all of its secure telephone products except those specially designed for government classified customers. The Commerce Department has announced a six-month timetable for the final certification of Clipper. "AT&T is pleased to be the first company to publicly commit to adoption of the Clipper chip," said Ed Hickey, AT&T vice president, Secure Communications Systems. "We believe it will give our customers far greater protection in defeating hackers or eavesdroppers attempting to intercept a call. "And now all commercially available AT&T voice encryption products will be compatible with each other, a major step forward in bringing secure communications capabilities to the business community." In standardizing AT&T voice encryption products on the Clipper chip, AT&T will include the algorithm in the Telephone Security Device as well as in the Secure Voice/Data Terminal. The AT&T Telephone Security Device is a compact, lightweight unit that brings advance encryption technology to conventional land-line and cellular telephones. It provides a powerful, convenient and reliable way to protect the most sensitive telephone conversations. The device works with a conventional land-line or transportable/mobile cellular phone. It turns the phone's signal into a digital stream of encrypted information that is decrypted by a Telephone Security Device attached to the phone at the receiving end of the call. The AT&T Telephone Security Device connects easily to desk telephones or tranportable or mobile phones. It weighs 1.5 pounds and is 7 inches long, 4.5 inches wide and 1.5 inches high. And it's as easy to use as it is portable. The AT&T Secure Voice/Data Terminals are desktop telephones that provide encryption for both telephone calls and data transmissions. These AT&T secure communications products use an enhanced voice encryption technique that provides very high voice quality. This technology allows calls placed with these products to approach the voice quality of normal calls. To further enhance interoperability, AT&T will consider licensing to other manufacturers its enabling technologies for interoperability. Interoperability of encryption devices requires common technology beyond the use of a common encryption algorithm, specifically common methods of digital voice encoding and signaling. AT&T has already performed integration tests with Clipper chips manufactured by the government's supplier, Mykotronx Inc., of Torrence, Calif., and is preparing to integrate the chip into the manufacturing of its secure products. AT&T's Clipper-equipped telephone security devices will be available to customers by the end of the second quarter. The federal government intends to adopt the Clipper chip as the standard for voice encryption to help protect proprietary information, protect the privacy of personal phone conversations and prevent unauthorized release of data transmitted electonically. At the same time, use of the Clipper chip will preserve the ability of federal, state and local law enforcement agencies to intercept lawfully the phone conversations of criminals. "Adoption of Clipper will support both the government's efforts to protect the public and the public's right to privacy," Hickey said. AT&T Secure Communication Systems provides products to protect voice, data, fax, cellular and video communications. It also engineers and integrates secure communications applications. Its customers include the governments of the United States and other nations as well as major corporations around the world. AT&T Secure Communications Systems is headquartered in Greensboro. For more information about the AT&T Telephone Security Device 3600 and other AT&T Secure Communications Products, call David Arneke at 919-279-7680. CONTACT: David Arneke of AT&T Secure Communications Systems, 919-279- 7680,or after hours, 919-273-5687, or Herb Linnen of AT&T Media Relations, 202-457-3933, or after hours, 202-333-9162 _______________________________________________________________________________ FROM THE ELECTRONIC FRONTIER FOUNDATION Date: Fri, 16 Apr 1993 15:17:02 -0400 From: Cliff Figallo Subject: EFFector Online 5.06 To: eff-news@eff.org (eff-news mailing list) ****************************************************************** ////////////// ////////////// ////////////// /// /// /// /////// /////// /////// /// /// /// ////////////// /// /// ****************************************************************** EFFector Online Volume 5 No. 6 4/16/1993 editors@eff.org A Publication of the Electronic Frontier Foundation ISSN 1062-9424 ... April 16, 1993 INITIAL EFF ANALYSIS OF CLINTON PRIVACY AND SECURITY PROPOSAL The Clinton Administration today made a major announcement on cryptography policy which will effect the privacy and security of millions of Americans. The first part of the plan is to begin a comprehensive inquiry into major communications privacy issues such as export controls which have effectively denied most people easy access to robust encryption as well as law enforcement issues posed by new technology. However, EFF is very concerned that the Administration has already reached a conclusion on one critical part of the inquiry, before any public comment or discussion has been allowed. Apparently, the Administration is going to use its leverage to get all telephone equipment vendors to adopt a voice encryption standard developed by the National Security Agency. The so-called "Clipper Chip" is an 80-bit, split key escrowed encryption scheme which will be built into chips manufactured by a military contractor. Two separate escrow agents would store users' keys, and be required to turn them over law enforcement upon presentation of a valid warrant. The encryption scheme used is to be classified, but they chips will be available to any manufacturer for incorporation into their communications products. This proposal raises a number of serious concerns . First, the Administration appears to be adopting a solution before conducting an inquiry. The NSA-developed Clipper chip may not be the most secure product. Other vendors or developers may have better schemes. Furthermore, we should not rely on the government as the sole source for Clipper or any other chips. Rather, independent chip manufacturers should be able to produce chipsets based on open standards. Second, an algorithm can not be trusted unless it can be tested. Yet the Administration proposes to keep the chip algorithm classified. EFF believes that any standard adopted ought to be public and open. The public will only have confidence in the security of a standard that is open to independent, expert scrutiny. Third, while the use of the split-key, dual-escrowed system may prove to be a reasonable balance between privacy and law enforcement needs, the details of this scheme must be explored publicly before it is adopted. What will give people confidence in the safety of their keys? Does disclosure of keys to a third party waive individual's fifth amendment rights in subsequent criminal inquiries? In sum, the Administration has shown great sensitivity to the importance of these issues by planning a comprehensive inquiry into digital privacy and security. However, the "Clipper chip" solution ought to be considered as part of the inquiry, not be adopted before the discussion even begins. DETAILS OF THE PROPOSAL: ESCROW The 80-bit key will be divided between two escrow agents, each of whom hold 40 bits of each key. Upon presentation of a valid warrant, the two escrow agents would have to turn the key parts over to law enforcement agents. Most likely the Attorney General will be asked to identify appropriate escrow agents. Some in the Administration have suggested one non-law enforcement federal agency, perhaps the Federal Reserve, and one non-governmental organization. But, there is no agreement on the identity of the agents yet. Key registration would be done by the manufacturer of the communications device. A key is tied to the device, not to the person using it. CLASSIFIED ALGORITHM AND THE POSSIBILITY OF BACK DOORS The Administration claims that there are no back door means by which the government or others could break the code without securing keys from the escrow agents and that the President will be told there are no back doors to this classified algorithm. In order to prove this, Administration sources are interested in arranging for an all-star crypto cracker team to come in, under a security arrangement, and examine the algorithm for trap doors. The results of the investigation would then be made public. GOVERNMENT AS MARKET DRIVER In order to get a market moving, and to show that the government believes in the security of this system, the feds will be the first big customers for this product. Users will include the FBI, Secret Service, VP Al Gore, and maybe even the President. FROM MORE INFORMATION CONTACT: Jerry Berman, Executive Director Daniel J. Weitzner, Senior Staff Counsel ... ============================================================= EFFector Online is published by The Electronic Frontier Foundation 666 Pennsylvania Ave., Washington, DC 20003 Phone: +1 202 544-9237 FAX: +1 202 547 5481 Internet Address: eff@eff.org Coordination, production and shipping by Cliff Figallo, EFF Online Communications Coordinator (fig@eff.org) Reproduction of this publication in electronic media is encouraged. Signed articles do not necessarily represent the view of the EFF. To reproduce signed articles individually, please contact the authors for their express permission. *This newsletter is printed on 100% recycled electrons* _______________________________________________________________________________ FROM THE COMPUTER PROFESSIONALS FOR SOCIAL RESPONSIBILITY April 16, 1993 Washington, DC COMPUTER PROFESSIONALS CALL FOR PUBLIC DEBATE ON NEW GOVERNMENT ENCRYPTION INITIATIVE Computer Professionals for Social Responsibility (CPSR) today called for the public disclosure of technical data underlying the government's newly-announced "Public Encryption Management" initiative. The new cryptography scheme was announced today by the White House and the National Institute for Standards and Technology (NIST), which will implement the technical specifications of the plan. A NIST spokesman acknowledged that the National Security Agency (NSA), the super- secret military intelligence agency, had actually developed the encryption technology around which the new initiative is built. According to NIST, the technical specifications and the Presidential directive establishing the plan are classified. To open the initiative to public review and debate, CPSR today filed a series of Freedom of Information Act (FOIA) requests with key agencies, including NSA, NIST, the National Security Council and the FBI for information relating to the encryption plan. The CPSR requests are in keeping with the spirit of the Computer Security Act, which Congress passed in 1987 in order to open the development of non-military computer security standards to public scrutiny and to limit NSA's role in the creation of such standards. CPSR previously has questioned the role of NSA in developing the so-called "digital signature standard" (DSS), a communications authentication technology that NIST proposed for government-wide use in 1991. After CPSR sued NIST in a FOIA lawsuit last year, the civilian agency disclosed for the first time that NSA had, in fact, developed that security standard. NSA is due to file papers in federal court next week justifying the classification of records concerning its creation of the DSS. David Sobel, CPSR Legal Counsel, called the administration's apparent commitment to the privacy of electronic communications, as reflected in today's official statement, "a step in the right direction." But he questioned the propriety of NSA's role in the process and the apparent secrecy that has thus far shielded the development process from public scrutiny. "At a time when we are moving towards the development of a new information infrastructure, it is vital that standards designed to protect personal privacy be established openly and with full public participation. It is not appropriate for NSA -- an agency with a long tradition of secrecy and opposition to effective civilian cryptography -- to play a leading role in the development process." CPSR is a national public-interest alliance of computer industry professionals dedicated to examining the impact of technology on society. CPSR has 21 chapters in the U.S. and maintains offices in Palo Alto, California, Cambridge, Massachusetts and Washington, DC. For additional information on CPSR, call (415) 322-3778 or e-mail . _______________________________________________________________________________ FROM THE CHICAGO TRIBUNE April 17, 1993 Privacy device leaves cops a key By Christopher Drew, Chicago Tribune. As a step toward the development of vast new data "superhighways," the federal government has designed a powerful device that would protect the privacy of electronic communications by encoding them but still allow police to eavesdrop. Critics say the project, announced Friday by the Clinton administration, raises serious questions about the protection of civil liberties as more people use cellular and cordless phones and computer-based communications. They also warned that the device is not likely to help law-enforcement agents foil high-tech criminals unless it becomes the most widely used commercial encryption system - and drives private competitors out of the business. "'A.k.a. Big Brother,' that's what I call it," said Stephen Bryen, a former Pentagon official who runs a company developing a rival encryption system. Bryen said it was "very disturbing" that the government has gone so far with the previously classified project "without consulting with experts in the industry" whose investments could be wiped out. One high-ranking federal official, Raymond Kammer, acknowledged that such concerns are part of an "appropriate debate" that needs to be held over the project. "Maybe it turns out that society, as it debates this, finds it unacceptable," said Kammer, acting director of the National Institute for Standards and Technology. "I'm not sure. This is the start of that debate." Millions of people who exchange information via computers and make calls from cordless and cellular phones, which are especially vulnerable to interception, could be affected. Experts say an era is dawning in which traveling executives exchange electronic memos and negotiate sensitive deals via hand-held communicators using vulnerable wireless transmitters. In endorsing the plan, the White House described it Friday as an outgrowth of federal efforts to capitalize on advances in telephone and computer technology while preventing drug dealers and terrorists from finding new ways to mask their misdeeds. In last year's campaign, President Clinton pledged to invest billions of dollars in faster and more secure data links to enhance the standing of U.S. firms in the global economy. But as the computer industry has developed systems to enable businesses to scramble data transfers and telephone conversations as a safeguard against industrial espionage, a growing number of criminals also have begun using them to foil court-authorized wiretaps. Under the new plan, engineers at the National Security Agency invented a new coding device, called the " Clipper Chip, " which is said to be much harder to crack than encoding systems now on the market. The government licensed two California companies - Mykotronx and VLSI Technology - to make the computer chips. The chips will form the "brains" inside small scrambling devices that can be attached to individual telephones. To spur the venture, the Justice Department will soon purchase several thousand of the devices. Military and spy agencies also are expected to use them. Private businesses would not be required to use the technology. But federal officials hope their sponsorship will establish the Clipper chips as the new industry standard and crowd out competing systems. Indeed, AT&T announced Friday that it will use the new chips in a desktop device for encrypting telephone conversations that it expects to sell for $1,195. But in return for gaining the extra encoding power built into the new system, users would have to accept the fact that government code- breakers would always hold the keys to tap into the information. In an effort to prevent abuses of civil liberties, federal officials said, they will set up a system in which they would have to match two coding keys held by different officials to unscramble any communications. National- security and law-enforcement officials could bring the keys together only under court-authorized operations. But Bryen said it is hard to see how the Clipper chips project will provide much help to the FBI. Even if the new coding devices drove others off the U.S. market, Bryen said, sophisticated criminals would simply buy encoding devices overseas, as many already do. Multinational and foreign-based companies also could prove leery of a system that has a built-in point of entry for U.S. authorities. The FBI separately is seeking legislation that would force telephone companies to modify their equipment to keep other advances in technology from hampering its ability to perform wiretaps. AT&T and other phone companies have opposed this idea. _______________________________________________________________________________ FROM THE WASHINGTON TIMES April 17, 1993 Government picks affordable chip to scramble phone calls Frank J. Murray; THE WASHINGTON TIMES President Clinton gave a major boost yesterday to one telephone- scrambler technology in a decision its delighted manufacturer likens to the choice of VHS over Beta for videotape machines. Mr. Clinton's action could allow the use of relatively cheap scramblers on almost every cellular, business and government phone and make scramblers common even on ordinary home telephones. An administration official said consideration will be given to banning more sophisticated systems investigators cannot crack, thereby creating a balance between banning private encryption and declaring a public right to unbreakably coded conversations. "We've got a balance we've got to strike between the public's important need for privacy and the public's need to be assured it's safe from crime," said Raymond G. Kammer, acting director of the National Institute of Standards and Technology, which developed the system with the National Security Agency. In an unusual decision he said was examined by the National Security Council, Mr. Clinton directed the Commerce and Justice departments to encourage the development of the high-tech system, which includes electronic master keys to enable law enforcement officials to decode transmissions if they obtain court orders. "This technology preserves the ability of federal, state and local law enforcement agencies to intercept lawfully the phone conversations of criminals," Mr. Clinton said, citing the fear that encrypted phones could aid terrorists and drug dealers. The system is designed to protect from unauthorized interception the electronic transmission of conversations, computer data and video images at a cost per telephone that could be under $30, said Ted Bettwy, executive vice president of the manufacturer, Mykotronx Inc. of Torrance, Calif. He said the chip announced yesterday, internally referred to as MYK-78, costs about $40 and uses an algorithm 16 million times more complex than that used by chips now on the market. Computer hackers have penetrated the current chips. The new chip uses an 80-bit code instead of the 56-bit code that is the digital encryption standard (DES). The chip eventually could sell in lots of 10,000 for about $25 each, Mr. Kammer said, with later versions priced around $10 each. Government engineers at NSA and the Commerce Department's NIST designed and developed the chip, which was then produced by privately owned Mykotronx and a publicly traded subcontractor, VLSI Technology. A Silver Spring competitor cried foul, particularly because the commercial device was developed without notice or competitive bids in a classified laboratory that does work for the National Security Agency. "If the purpose of this chip is to catch bad guys, then no bad guy will use it," said Stephen Bryen of Secure Communications Technology in Silver Spring, which produces a competitive chip he said could sell for $10. "The answer is to invest more money into breaking codes," Mr. Bryen said in an interview after yesterday's announcement. "They're trying to put us out of business." Mr. Kammer said the secrecy was justified. "The technology we're using was actually developed in a classified environment in the first place and then transferred to a sole-source supplier. I don't know that there was any way around it," he said in an interview. The Justice Department will buy several thousand of the Mykotronx devices, which use a " clipper chip. " They are being incorporated into other systems by Motorola and American Telephone & Telegraph Co., Mr. Bettwy said. Other sophisticated encryption systems do not allow ready access for authorized law enforcement purposes, said Mr. Bryen, who predicted that an elaborate security plan for the electronic master key would not prevent misuse. Mike Newman, a spokesman for the National Institute of Standards and Technology, said, "The key is split into two parts and stored Separately to ensure security of the key system." Access would be provided to the two parts for an agency that produced legitimate authority or a court order, he said. The Justice Department will determine whether the two parts will be held by separate federal agencies or a federal agency and a private agency. "This chip is going to do something that we, the citizens, really need, and that is to allow us the privacy we want as common citizens," Mr. Bettwy said in a telephone interview from California yesterday. He said the vital part of yesterday's decision is the government's declaration that it intends to use the device. Mr. Bettwy says that use will establish his device as the new standard and will require private facilities to use the same system to communicate with the government. He said the decision's impact is "exactly" like the adoption of VHS standards, making most private use of Beta video systems obsolete. "I hope that's true," he said of the business implications for Mykotronx. "We're hoping this will become the new standard." Only compatible phones can receive secure communications from a phone using a clipper chip. "To me the real significance is if everybody uses this, everybody can talk to anybody else," Mr. Bettwy said. "It creates a false hope," Mr. Bryen said. "The secret key could fall into other people's hands. When you create a system that has a back door, other people will find the back door." ______________________________________________________________________________ FROM THE NEW YORK TIMES April 16, 1993 Electronics Plan Aims to Balance Government Access With Privacy By JOHN MARKOFF, Special to The New York Times The Clinton Administration plans a new system of encoding electronic communications that is intended to preserve the Government's ability to eavesdrop for law enforcement and national security reasons while increasing privacy for businesses and individuals. New technology will be installed in some Government communications networks within weeks or months and could be available for business and even household use before the end of the year. It will use a new system of encoding voice and computer transmissions, including phone calls and electronic mail, to prevent unauthorized listening. The move is intended to resolve a long-standing dilemma of the information age: how to preserve the legitimate right for businesses and citizens to use codes to protect all sorts of digital communications -- be it a doctor's cellular phone call to a patient or a company's electronic transfer of a million dollars to an overseas client -- without letting criminals and terrorists conspire beyond the reach of the law. "There is a trade-off between individual privacy and society's safety from crime," one Government official said. "Our society needs to decide where to draw the line." But at least some communications experts, when told of the plan by a reporter, did not like what they heard. "I think the Government is creating a monster," said a former Pentagon official, Stephen D. Bryen, who is now president of Secured Communications Technologies Inc. in Silver Spring, Md., which makes data-security equipment. "People won't be able to trust these devices because there is a high risk that the Government is going to have complete access to anything they are going to do." Modern communications are becoming increasingly vulnerable to illegal listening. For example, cellular phone calls can be monitored by anyone with an inexpensive scanner. At the same time, computer chips and special software make it possible to code phone conversations and computer data, effectively garbling them so they cannot be deciphered by even the National Security Agency's most powerful code-breaking computers. Although computer encoding is now used in only a small portion of electronic communications, computer experts expect that volume to grow rapidly as more of the nation's commerce begins to flow over data networks -- especially wireless networks. The Government has proposed in the past to require the use of a hidden key in the coding hardware or software -- a way to crack the code, in other words -- to let police security agents decipher messages after obtaining court authorization to do so. Civil liberty concerns aside, computer experts have argued that any such key, no matter how sophisticated, might be figured out by any savvy computer hacker. The Administration's solution: require two separate keys, each to be held by different agencies or organizations. The new coding devices, which will be called Clipper Chips, have been designed by engineers at the National Institute for Standards and Technology and at the National Security Agency. They will be manufactured by Mycotronx, a military contractor based in Torrance, Calif., and VLSI Technology Inc., a Silicon Valley semiconductor manufacturer. The devices will be built into Government telephones and eventually into commercial telephones and computers. The new security plan has been a classified secret of several Government agencies, including the National Institute for Standards and Technology and the National Security Agency, and several law enforcement agencies, including the Federal Bureau of Investigation. The official said the Government planned to announce the technology, possibly within a week, and to propose it as a Government-wide standard later this year. Broad Review Ordered A White House official said today that President Clinton had ordered the National Security Council to conduct a formal review of the new plan as well as all Government cryptography policies. The review, which will take three to four months, will begin within weeks, and will consider both the domestic use and export of advanced cryptography systems. Several Administration officials said the security devices would be deployed first by law enforcement and intelligence agencies and also civilian agencies, like the Internal Revenue Service, that handle confidential information. But the new system is also viewed as a data security standard that the Clinton Administration believes will eventually be widely used in the nation's commercial telephone and computer networks. While the Administration currently has no plan to try imposing the technology on private industry, officials hope it will become a standard. Any communications or computer company doing business with the Federal Government, from A.T.& T. to I.B.M., would presumably have to incorporate the technology into their products. Moreover, the Government can authorize or deny the export of American-made computer and communications devices on the basis of whether it approves of any coding that may be used in the hardware and software. The new security standard, technically a set of computer algorithms, was developed by National Security Agency scientists. The Administration officials said they viewed the approach as a candidate for replacing the 15-year-old Data Encryption Standard that is now used to secure much of the nation's computer data. There is no known hidden key in this standard, although many industry experts believe that the agency can crack the code with its high-powered computers. ______________________________________________________________________________ FROM THE KNIGHT-RIDDER NEWS SERVICE (1) Knight-Ridder/Tribune Business News Computer Group, Libertarians Question Clinton Phone Privacy Stance By Rory J. O'Connor, San Jose Mercury News, Calif. SAN JOSE, Calif.--Apr. 17--Civil libertarians and a major computer industry group raised concerns Friday about how much protection a Clinton administration plan would afford private electronic communications, from cellular telephone calls to computer data. The administration Friday said it would begin using technology developed by the government's National Institute of Standards and Technology to balance two competing interests: the desire of citizens to keep their conversations private and the need for law enforcement agencies to monitor those conversations after getting a court order. The technology that enables this is a computer chip called the Clipper Chip that scrambles a telephone call or computer message using a secret algorithm, or formula. But each chip also comes with a pair of electronic "keys" that could be used by law enforcement agencies to decipher the secret messages generated by the chip. The Clinton proposal calls for one key to be held by each of two separate "trusted" third parties, who would release them to law enforcement agencies that obtained legal authority to intercept the communications. Both keys would be needed to decipher a message. The Electronic Frontier Foundation, a not-for-profit civil liberties group, praised the administration for considering the issue. But it criticized the lack of public input into the plan. "They've announced a big inquiry with public input, but they've reached a conclusion before they started," said Daniel J. Weitzner, staff counsel for the Washington-based foundation. Although the administration's plan calls only for equipping government telephones with the security devices, some groups are concerned the plan might become a standard for all manner of electronic communication before the public has a chance to debate its merits. "I don't want to sound too stridently opposed to this," said Ken Wasch, executive director of the Software Publishers Association (SPA) in Washington. "But...we feel blindsided." The SPA was discussing data security issues with Clinton administration officials but had not expected any White House action until August, said Ilene Rosenthal, general counsel. Besides the lack of initial hearings, both groups said they had two major concerns about the Clinton plan: - Because the algorithm itself is secret, the groups say it is impossible for the public to discern if it is truly secure. Users can't be certain government spy agencies have not hidden a "back door" in the software that will allow them to read anything they want. "So far there hasn't been a credible explanation about why the algorithm has to be secret," Weitzner said. - The administration hasn't decided who will be the escrow agents, and it seems unlikely any government agency, corporate entity or other organization would be deemed trustworthy by every user. Even assuming all concerned can agree on who will hold them, civil libertarians are concerned that the keys, by giving law enforcement agencies access to individuals' private communications, might pose a threat to constitutional protections against self-incrimination. Washington sources who requested anonymity suggested the White House might have drafted its plan quickly because of concern over sales of an AT&T device that encrypts phone calls using an older standard, Data Encryption Standard. The sources said law enforcement officials feared the device would create an explosion in secured telephone traffic that would severely hamper their efforts to wiretap calls. American Telephone & Telegraph Co. announced Friday it would adapt the $1,200 product, called the Telephone Security Device, to use the Clipper Chip by the end of this fiscal quarter. AT&T makes a related device, which encrypts voice and computer data transmissions, that could be converted to the Clipper technology, said spokesman Bill Jones. Jones said he wasn't aware of any concern by the government over the current model of the Telephone Security Device, which has been sold to government and business customers. At least one company was quite pleased with the plan: San Jose chip maker VLSI Technology, which will manufacture the Clipper chips for a Torrance company that is selling them to the government and to AT&T. VLSI, which invented a manufacturing method the company said makes it difficult to "reverse engineer" the chip or discern the encryption scheme, expects to make $50 million in the next three years selling the device, said Jeff Hendy, director of new product marketing for the company. _______________________________________________________________________________ FROM THE KNIGHT-RIDDER NEWS SERVICE (2) New Scrambler Designed to Protect Privacy, But Allow Police Monitoring By Christopher Drew, Chicago Tribune Knight-Ridder/Tribune Business News WASHINGTON--Apr. 19--As a step toward the development of vast new data "superhighways," the federal government has designed a powerful device that would protect the privacy of electronic communications by encoding them but still allow police to eavesdrop. Critics say the project, announced Friday by the Clinton administration, raises serious questions about the protection of civil liberties as more people use cellular and cordless phones and computer-based communications. They also warned that the device is not likely to help law-enforcement agents foil high-tech criminals unless it becomes the most widely used commercial encryption system - and drives private competitors out of the business. "'A.k.a. Big Brother,' that's what I call it," said Stephen Bryen, a former Pentagon official who runs a company developing a rival encryption system. Bryen said it was "very disturbing" that the government has gone so far with the previously classified project "without consulting with experts in the industry" whose investments could be wiped out. One high-ranking federal official, Raymond Kammer, acknowledged that such concerns are part of an "appropriate debate" that needs to be held over the project. "Maybe it turns out that society, as it debates this, finds it unacceptable," said Kammer, acting director of the National Institute for Standards and Technology. "I'm not sure. This is the start of that debate." Millions of people who exchange information via computers and make calls from cordless and cellular phones, which are especially vulnerable to interception, could be affected. Experts say an era is dawning in which traveling executives exchange electronic memos and negotiate sensitive deals via hand-held communicators using vulnerable wireless transmitters. In endorsing the plan, the White House described it Friday as an outgrowth of federal efforts to capitalize on advances in telephone and computer technology while preventing drug dealers and terrorists from finding new ways to mask their misdeeds. In last year's campaign, President Clinton pledged to invest billions of dollars in faster and more secure data links to enhance the standing of U.S. firms in the global economy. But as the computer industry has developed systems to enable businesses to scramble data transfers and telephone conversations as a safeguard against industrial espionage, a growing number of criminals also have begun using them to foil court-authorized wiretaps. Under the new plan, engineers at the National Security Agency invented a new coding device, called the "Clipper Chip," which is said to be much harder to crack than encoding systems now on the market. The government licensed two California companies - Mykotronx and VLSI Technology - to make the computer chips. The chips will form the "brains" inside small scrambling devices that can be attached to individual telephones. To spur the venture, the Justice Department will soon purchase several thousand of the devices. Military and spy agencies also are expected to use them. Private businesses would not be required to use the technology. But federal officials hope their sponsorship will establish the Clipper chips as the new industry standard and crowd out competing systems. Indeed, AT&T announced Friday that it will use the new chips in a desktop device for encrypting telephone conversations that it expects to sell for $1,195. But in return for gaining the extra encoding power built into the new system, users would have to accept the fact that government code-breakers would always hold the keys to tap into the information. In an effort to prevent abuses of civil liberties, federal officials said, they will set up a system in which they would have to match two coding keys held by different officials to unscramble any communications. National-security and law-enforcement officials could bring the keys together only under court- authorized operations. But Bryen said it is hard to see how the Clipper chips project will provide much help to the FBI. Even if the new coding devices drove others off the U.S. market, Bryen said, sophisticated criminals would simply buy encoding devices overseas, as many already do. Multinational and foreign-based companies also could prove leery of a system that has a built-in point of entry for U.S. authorities. The FBI separately is seeking legislation that would force telephone companies to modify their equipment to keep other advances in technology from hampering its ability to perform wiretaps. AT&T and other phone companies have opposed this idea. _______________________________________________________________________________ WHAT TO DO ABOUT IT by Philip Zimmermann Date: Sat, 24 Apr 93 01:03:53 PDT From: atfurman@cup.portal.com Newsgroups: comp.dcom.telecom Subject: Phil Zimmerman on the "Clipper initiative" Message-ID: Approved: telecom@eecs.nwu.edu The following was posted on the Usenet newsgroup alt.security.pgp by Philip Zimmermann, author of PGP (a public-key crypto program): --------------- Here are some ideas for those of you who want to oppose the White House Clipper chip crypto initiative. I think this is going to be a tough measure to fight, since the Government has invested a lot of resources in developing this high-profile initiative. They are serious about it now. It won't be as easy as it was defeating Senate Bill 266 in 1991. Possible actions to take in response: 1) Mobilize your friends to to all the things on this list, and more. 2) Work the Press. Talk with your local newspaper's science and technology reporter. Write to your favorite trade rags. Better yet, write some articles yourself for your favorite magazines or newspapers. Explain why the Clipper chip initiative is a bad idea. Remember to tailor it to your audience. The general public may be slow to grasp why it's a bad idea, since it seems so technical and arcane and innocent sounding. Try not to come across as a flaming libertarian paranoid extremist [*Moi?* -- ATF], even if you are one. 3) Lobby Congress. Write letters and make phone calls to your Member of Congress in your own district, as well as your two US Senators. Many Members of Congress have aides that advise them of technology issues. Talk to those aides. 4) Involve your local political parties. The Libertarian party would certainly be interested. There are also libertarian wings of the Democrat and Republican parties. The right to privacy has a surprisingly broad appeal, spanning all parts of the political spectrum. We have many natural allies. The ACLU. The NRA. Other activist groups that may someday find themselves facing a government that can suppress them much more efficiently if these trends play themselves out. But you must articulate our arguments well if you want to draw in people who are not familiar with these issues. 4) Contribute money to the Electronic Frontier Foundation (EFF) and Computer Professionals for Social Responsibility (CPSR), assuming these groups will fight this initiative. They need money for legal expenses and lobbying. 5) Mobilize opposition in industry. Companies that will presumably develop products that will incorporate the Clipper chip should be lobbied against it, from within and from without. If you work for a telecommunications equipment vendor, first enlist the aid of your coworkers and fellow engineers against this initiative, and then present your company's management with a united front of engineering talent against this initiative. Write persuasive memos to your management, with your name and your colleagues' names on it. Hold meetings on it. 6) Publicize, deploy and entrench as much guerrilla techno-monkeywrenching apparatus as you can. That means PGP, anonymous mail forwarding systems based on PGP, PGP key servers, etc. The widespread availability of this kind of technology might also be used as an argument that it can't be effectively suppressed by Government action. I will also be working to develop new useful tools for these purposes. 7) Be prepared to engage in an impending public policy debate on this topic. We don't know yet how tough this fight will be, so we may have to compromise to get most of what we want. If we can't outright defeat it, we may have to live with a modified version of this Clipper chip plan in the end. So we'd better be prepared to analyze the Government's plan, and articulate how we want it modified. Philip Zimmermann Forwarded to the Internet TELECOM Digest by Alan T. Furman, atfurman@cup.portal.com --- end --- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: HARUP16@delphi.com Date: Sun, 25 Apr 93 17:15:18 PDT To: cypherpunks@toad.com Subject: ... Message-ID: <01GXFVM2XBFS8Y564R@delphi.com> MIME-Version: 1.0 Content-Type: text/plain Steve Levy of Wired Magazine told me I could get Pretty Good Pri from your group. His instructions weren't too clear, but he said to mail to this address. Please mail me with info. Thanks. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mnemonic@eff.org Date: Sun, 25 Apr 93 22:11:39 PDT To: cypherpunks@toad.com Subject: talking to media Message-ID: <9304260508.AA15134@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain [During the audio hookup at Saturday's meeting, the following paper of Mike Godwin's got mentioned; I asked if he could send a copy to cypherpunks. It's going in the ftp site, as well--Eric] Go ahead and forward this to cypherpunks. This is the short posting I wrote in 1990 when I explained how I got the Steve Jackson Games case into the press. ----- :r talking This is a file I posted to an Austin BBS back when I gave the SJG story to the local papers. 104: Talking to Media, part 1 By: Johnny Mnemonic [54] Date: 11:07 3/18/90 As I've promised on another message base, here's the beginning of discussion of how to bring stories to the media. Since I keep thinking of different things people ought to know about how to take a story to the media, I'm going to make this a multi-post discussion. 1) TRY TO THINK LIKE THE REPORTER YOU'RE TALKING TO. One of the things that happens when people know about an event or series of events that may make a good news story is that they assume the importance of the story will be obvious to anyone. Sometimes this is true (when the tipster knows about a murder, for example). Often it's not. So, when I tell a reporter about a story I think she should want to cover, I make sure to stress the aspects of the story that are likely to interest that reporter and/or the readers of her publication. For example, when I spoke to Kyle Pope about the Illuminati seizure, I stressed the following: a) Steve Jackson Games is an Austin business that may end up being damaged by the seizure. b) Nobody has given this story anything like major coverage in the national media, or (so far as I knew) in other geographic areas. (I was telling him he had a major "scoop" opportunity.) c) There are some very dramatic aspects to this story. (I told him about the 20-year-old LoD member who woke up on the morning of March 1 with a gun pointed at him by a Secret Service agent.) 2) IF YOU'RE GOING TO MEET THE REPORTER IN PERSON, TRY TO BRING SOMETHING ON PAPER. There are lots of good reasons to follow this rule: a) Believe it or not, but people take stuff on paper a little more seriously than the spoken word. It's nice to give the reporter something that lends substance to what you're saying, even if the substance is printouts from your own computer. b) It makes life easier for the reporter, who doesn't have to write down every single thing you tell her. Reporters like to have materials they can use for reference as they research and write their stories. c) It helps you remember to say everything you want to say. Nothing is more frustrating than trying to get a reporter interested in your story, getting inconclusive results, and then realizing later that you should have told the reporter about something. (E.g., "Damn! I forgot to tell him what 'cyberpunk' means, so he won't know how the federal agents misinterpreted the manual.") When I went to the Statesman, I took edited printouts of discussions from Flight, from SMOF, and from comp.dcom.telecom on Usenet. I also took some private Email I had received, with the names of the senders deleted. And I took my copy of the WHOLE EARTH REVIEW with the article on Usenet. My object was to convey to him the scale of concern about the seizures, plus give him enough background to be able to ask reasonably informed questions of the people he talked to. 3) GIVE THE REPORTER OTHER PEOPLE TO TALK TO, IF POSSIBLE. Two basic justifications for this rule: First, it'll help your credibility (especially if you don't already know the reporter personally). Second, multiple sources or witnesses usually enable the reporter to filter out what is mere opinion or speculation from what everybody actually knows for a fact. 4) DON'T ASSUME THAT THE REPORTER WILL COVER THE STORY THE WAY YOU'D LIKE HER TO. Reporters' accuracy and focus in a story are constrained by several factors: a) The amount of available time. Reporters have to be quick studies, and often have to assimilate a complex story in a hurry. This necessarily increases the risk of inaccuracy in a story, and gives you an even greater reason to follow Rules 1 through 3. 2) The reporters' obligation to be fair. This means they have to talk to people on the other side of the issues from you. This in turn means that you're unlikely to get a story that represents or promotes your point of view at the expense of those who oppose you. --Mike From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sun, 25 Apr 93 22:25:51 PDT To: cypherpunks@toad.com Subject: ADMIN: ftp usage statistics Message-ID: <9304260522.AA16143@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain I get weekly statistics on the ftp usage at soda. We've been up at about near the top of the usage frequency for a while, but this week we hit number one, with over one third of the total ftp traffic here. We've even passed sfraves, which also runs on this machine. Hoo! Things are hoppin'. Eric ----------------------------------------------------------------------------- TOTALS FOR SUMMARY PERIOD Sat Apr 17 1993 TO Sun Apr 25 1993 For directory pub/cypherpunks: number of files: 1161 number of bytes: 180752541 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Derek Atkins Date: Sun, 25 Apr 93 20:26:30 PDT To: Valerie Lambert Subject: Re: By popular request: A non-techy Clipper blurb In-Reply-To: <9304260159.AA13719@valis.biocad.com> Message-ID: <9304260326.AA15408@binkley.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain > This is not unlike the government demanding that you give them a sealed > copy of all your future phone conversations and other computer-facilitated > communications, just in case they ever want to open and examine them later. It's even worse than this. It's giving the government a sealed copy of all your *PAST*, present, and future phone conversations and messages... They can always record everything, and then use your key at some later date to recover the messages... -derek PGP 2 key available upon request on the key-server: pgp-public-keys@toxicwaste.mit.edu -- Derek Atkins, MIT '93, Electrical Engineering and Computer Science Secretary, MIT Student Information Processing Board (SIPB) MIT Media Laboratory, Speech Research Group warlord@MIT.EDU PP-ASEL N1NWH From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc.Ringuette@GS80.SP.CS.CMU.EDU Date: Sun, 25 Apr 93 23:53:32 PDT To: cypherpunks@toad.com Subject: FWD: Jerry Berman, Mitch Kapor Message-ID: <9304260653.AA14004@toad.com> MIME-Version: 1.0 Content-Type: text/plain A couple of interesting messages from sci.crypt: an anonymously forwarded letter from 1985 from Jerry Berman (Exec Director of EFF) to David Chaum, and a response to the posting from Mitch Kapor. To sum up: Berman suggested to Chaum (in '85) that he prefers legal remedies to technological ones, and doesn't like the idea of a society where people routinely hide from the law. The anonymous reposter is concerned with the discrepancy between EFF policy and these sentiments from Berman. Kapor responds to his concerns by saying that Berman now recognizes the role of technological solutions in the privacy equation. The EFF continues to be the best representative of hacker culture in Washington. -- Marc Ringuette (mnr@cs.cmu.edu) From: nobody@alumni.cco.caltech.edu Subject: Jerry Berman on pseudonymous privacy Date: 24 Apr 1993 10:38:38 -0500 Sender: daemon@cs.utexas.edu Hello all, I thought you all might like to see this. It's a letter from Jerry Berman to David Chaum from November of 1985, in response to information that Mr. Chaum sent to Mr. Berman. While I have to congratulate EFF for its prompt response to the Clipper Chip announcement from the White House, I think it's important to recognize the philosophy of their Executive Director, as explained below. I agree that legal remedies are important, but when pressed, I'd prefer to retain the ability to use purely technical solutions to preserve my privacy, because they'll hold up under fire. Mr. Chaum has consented to the publication of this letter on the Net. I don't work for, nor am I a member of EFF, ACLU, or any similar organizations, but I do agree with them on a great many things. --Aristophanes ---------- AMERICAN CIVIL LIBERTIES UNION WASHINGTON OFFICE 122 Maryland Avenue, NE November 1, 1985 Washington, DC 20002 -------------------- National Headquarters Mr. David Chaum 132 West 43rd Street Centre for Mathematics and Computer Science New York. NY 10036 P.O. Box 4079 (212) 944-9800 19O9 AB Amsterdam Norman Dorsen President Dear Mr. Chaum: Ira Glasser Executive Director Eleanor Holmes Norton CHAIR National Advisory Council Thank you for sending me a most interesting article. A society of individuals and organizations that would expend the time and resources to use a series of 'digital pseudonyms' to avoid data linkage does not in my opinion make big brother obsolete but acts on the assumption that big brother is ever present. I view your system as a form of societal paranoia. As a matter of principle, we are working to enact formal legal protections for individual privacy rather than relying on technical solutions. We want to assume a society of law which respects legal limits rather than a society that will disobey the law, requiring citizens to depend on technical solutions. e.g. require a judical warrant for government interception of data communications rather than encrypt all messages on the assumption that regardless of the lawt the government will abuse its power and invade privacy. As a matter of practicality, I do not think your system offers much hope for privacy. First, the trend toward universal identifiers is as much.-a movement generated by government or industry's desire to keep track of all citizens as it is by citizens seeking simplicity and convenience in all transactions. At best, your system would benefit the sophisticated and most would opt for simplicity. The poor and the undereducated would never use or benefit from it. Finally where there's a will, there's a way. If government wants to link data bases, it will, by law, require the disclosure of various individual pseudonyms used by citizens or prohibit it for data bases which the government wants to link. Since corporations make money by trading commercial lists with one another, they will never adopt the system or if it is adopted, will use "fine printn contracts to permit selling various codes used by their customers to other firms. The solution remains law, policy, and consensus about limits on government or corporate intrusion into areas of individual autonomy. Technique can be used to enforce that consensus or to override it. It cannot be used as a substitute for such consensus. Sincerely Yours, /Sig/ Jerry J. Berman Chief Legislative Counsel & Direrector ACLU Privacy Technology Project cc: John Shattuck From: mkapor@eff.org (Mitch Kapor) Subject: Re: Jerry Berman on pseudonymous privacy Originator: mkapor@eff.org Sender: usenet@eff.org (NNTP News Poster) Date: Sat, 24 Apr 1993 17:16:28 GMT nobody@alumni.cco.caltech.edu correctly states Jerry Berman's 1985 view on privacy, but he mistakenly assumes that this represents Berman's 1993 view as EFF Executive Director. As one of the people who convinced Jerry that legal protections for privacy are insufficient, and that technical measures, especially public key cryptography, are also vitally necessary, I can tell you that Jerry and EFF are fully committed to this position. The previous poster is apparently unaware of a long series of EFF positions in support of this view. I suggest those interested read EFF's position on Clipper or our other work in digital privacy. Check ftp.eff.org for more details. One of the great things about human beings is that they are capable of change and evolution in their thinking. The idea that crypto is critical to privacy is one which is no longer limited to certain net afficianados, but is spreading to parts of the public policy community in Washington. Mitch Kapor co-Founder, EFF From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Ed Mehlschau Date: Mon, 26 Apr 93 10:04:13 PDT To: cypherpunks@toad.com Subject: subscribe Message-ID: <9304261703.AA08512@topgun> MIME-Version: 1.0 Content-Type: text/plain subscribe (please) Thanks, -- Ed From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Ed Mehlschau Date: Mon, 26 Apr 93 10:08:40 PDT To: cypherpunks@toad.com Subject: apology Message-ID: <9304261708.AA08561@topgun> MIME-Version: 1.0 Content-Type: text/plain Damn! I forgot to put the "-request" in the address. My sincere apologies; you know, it's Monday. -- Ed From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Mon, 26 Apr 93 12:09:16 PDT To: Cypherpunks@toad.com Subject: MEETING SUMMARY: 4-24-93 Cypherpunks Meeting Message-ID: <9304261909.AA29562@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Several people have asked for summaries (or minutes) for our physical Cypherpunks meetings, especially for our "Emergency Ad Hoc Meeting" a few days ago. Some Reasons NOT to do Minutes: * it formalizes a fundamentally informal meeting (recall that Cypherpunks have no legal status, no structure, no voting procedures, no officers, etc.). * some folks may be leery of having their names appear. * the credit assignment problem: as soon as summaries are written, people begin to complain that someone else got the credit for their idea, that their views weren't mentioned in the summary, and so forth. * somebody has to take the notes needed to generate the summary. Some Reasons IN FAVOR of Minutes: * with 40 people at our last meeting (counting the audio conference call, via Internet, to Boston and Washington, D.C.), with more than 400 on our mailing list, and with the Wiretap Chip events, these are historic times. (Fortunately, the list itself is a valuable archive of our history. Let's hope good archives are being kept by someone!) * folks who cannot attend physical meetings may still want to know what's basically going on. (And perhaps other groups will nucleate and grow.) * even folks who were at the meeting may want a summary, to keep their memories refreshed. So, some pros and cons to writing up a summary. What I plan to do here is to just write up a very brief snapshot summary, oriented more toward informing the non-attendees than to reminding the attendees of action items or things they agreed to do. Anyone with additions to make is of course encouraged to do so. Using the "MEETING SUMMARY:" prefix might be useful. 1. The Meeting Itself. Saturday, 24 April 1993, 12 noon to past 6 p.m. (when I had to leave). Offices of Cygnus Support, in Mountain View. Approximately 25-30 in attendance, including several new faces. John Gilmore was selling issues of "Wired" at cost. An amazing conference call was made to sites in Northern Virginia (Bob Stafford, Paul Ferguson, others) and to Boston (Marc Horowitz, Derek Atkins, others). What was amazing was that the audio went through the Internet and was DES-encrypted (for a while at least, until complaints by one of the sites about the audio quality caused us to turn off the encryption). Still, seeing an encrypted Internet conference call was something...a small step toward the world of Vinge's "True Names." Jim Bidzos, President of RSA Data Security, intended to just speak briefly about the Clipper Chip, Capstone, and the view of RSA, but ended up staying and participating for several hours. Mike Godwin, of EFF, was present at the Boston (I think) site. Glenn Tenney, organizers of the Hackers Conference and general activist, was also present for the first time. The other usual folks were there, including many active in cryptography and data security. (My apologies for not mentioning any other luminaries here.) All in all, a stimulating meeting. 2. The Theme: The Clipper Chip. This of course dominated the discussion all day, and was the explicit reason for the emergency meeting. There's too much to cover here in detail. Jim Bidzos and Arthur Abraham both presented information on the Clipper Chip, including a long data sheet from Mykrotronx (sent to Arthur) on their Myk-78 chip. (Copies distributed, and also faxed to the remote sites.) There was some debate about who Mykotronx was and whether it was really independent from the NSA. Capstone, the follow-on program, is a superset of Clipper and contains the DSS signature standard (which RSA Data led the fight against...and most of thought it was a dead issue--then it appeared here!). No public key methods are known to be incorporated, thought they may be. (Lots of analysis and question-asking still to be done.) Reverse-engineering was also discussed. VLSI Technology, the chip company, is a partner with Mykrotronx and apparently has a tamper-resistant chip technology. 3. What Motivated the Clipper Chip? It appears the Clipper/Capstone program is initially intended to "buy market share" as quickly as possible, with government offices requiring Clipperphones (and probably for those they do business with). Perhaps the intent is undercut competing models and make Clipper the de facto standard, which can then be made the de jure standard. Some think the key escrow features were added _late_ in the proposal and may even be _expected_ to fail (fail in the sense of key escrow agencies never getting rolling, issues never getting resolved, etc.). This fits with the idea of built-in backdoor to the enciphered traffic. The Agency may be more interested in quickly proliferating a breakable "standard" for voice encryption than in implementing the key escrow idea. (Left unanswered in this speculation is how court-ordered wiretaps would then be executed...would the FBI and NSA simply acknowledge the weakness? I don't think so.) The secrecy of the Clipper/Capstone project was quite impressive. Bidzos confirmed again, and convincingly, that he knew *nothing* of this whole effort until the announcement (or possibly the night before, when a reporter called him?). Apparently John Markoff, who sometimes reads this list and can comment if he wishes, had figured out some aspects or had been told them by a source, and was preparing an article for the "NY Times." This may've prompted the announcement timing. Several people commented that several previously-puzzling events become clearer in retrospect, such as the then-unknown Mykrotronx sniffing around to get an RSA license (which they don't yet have). I can't recap all the discussion, much of which was similar to what's been going on in sci.crypt and elsewhere. Everyone agreed that this was a seminal event, that the Clipper/Capstone announcement is a crucial event. 3. Lobbying Against the Clipper Chip The profound consequences call for major efforts. We discussed boycotting products, spreading negative reports, and reverse engineering the algorithm and publishing it so software solutions can spoof/imitate _part_ of the system (i.e., so someone with a SoundBlaster board or other system can talk to someone with one of these Clipperphones without escrowing keys or being wiretappable) John Gilmore has already posted to the list the results of our brainstorming session to come up with questions to ask the FBI, NIST, NSA, Congress, and the Administration. Mike Godwin argued that a lot of embarrassing questions could quickly derail the plan. Others confirmed that the NSA mathematicians seemed to be put on the spot by the many questions. That is, it's conceivable this plan could begin to unravel fairly soon. 4. Educating the Public. The Boston group took this as their focus of the rest of the meeting (we went offline after about an hour or so on the conference call). I haven't heard the results. 5. Lobbying the Legislature and Officials. Similarly, the D.C. group took this as their area of involvement. No feedback yet. 6. What Happens if Clipper Flops? An interesting discussion out in the lobby (and I probably missed many such interesting discussions!) had to do with scenarios for how Clipper may fail. Whit Diffie described how the failure could either so greatly embarrass the Administration that they'd be loathe to try it again (the Viet Nam Syndrome, applied to crypto) or that it could provoke them to tighten restrictions even further, perhaps even to the point of an outright ban on the use of unapproved encryption at *any* level. (Issues of enforceability, detectability, Constitutional issues, etc., of course exist and will be points of attack on any such comprehensive ban.) (The question of whether Clipper and Capstone applies, either now or later, to *data* came up several times. The Capstone chip is rated at "10-16 Mbps," which implies it is targeted for Ethernet-type speeds, and hence data. There was general agreement by all I heard that the Clipper/Capstone program is indeed intended to target more than just voice encryption and that our fears about restrictions on strong crypto are justified.) 7. Other Miscellaneous Topics * Since Jim Bidzos was there, the topic of PGP naturally came up several times. Eric Hughes let this run for a while, then moved the discussion back to Clipper. Jim Bidzos clearly had some strong opinions, but also did not want this to be the forum for debating patents and the legality and ethics of PGP. He did acknowledge, in my opinion, the point that RSA Data Security had somewhat neglected the individual end-user (in products such as MailSafe, which hasn't changed since 1988), in favor of the many large deals with Lotus, Microsoft, Apple, etc., to get RSA installed in their e-mail software. He acknowledged that in some sense this left an ecological niche for a product like PGP to fill, though he insisted that such a product could be legally developed and distributed if it used the "RSAREF" package and wasn't sold commercially. (There are lots of threads and keywords here: RSAREF, RIPEM, TIPEM, B-SAFE, Apple's OCE, etc.) (Some of us continue to hope some accommodation can be reached between RSA Data and the PGP community. The upcoming battle over strong crypto is a bigger issue than this squabble. I remain convinced that RSA Data Security is "on our side" in this fight for continued access to strong crypto. In fact, in my opinion, the Clipper/Capstone program looks to be a complete end-run around RSA and public key techniques, a thinly disguised attempt to seize control of the crypto market from RSA. In this battle, RSA may be fighting for their economic survival!) * The issue of the name of our group, the Cypherpunks name, was not discussed. The U.K. group has apparently picked "U.K. Cryptoprivacy Group" as their name. * The normal schedule for meetings will continue, with the next regular Cypherpunks (Bay Area) meeting on Saturday, 8 May. Well, this is my summary. Feedback is welcome. While I don't want to take meticulous notes the way a "Recording Secretary" is supposed to, I don't mind writing up these kinds of snapshot summaries. May you live in interesting times, indeed! -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, smashing of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. Waco Massacre + Big Brother Wiretap Chip = A Nazi Regime From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Mon, 26 Apr 93 09:24:51 PDT To: Cypherpunks Subject: REMAIL: Anonymous postin Message-ID: <930426161700_74076.1041_FHD66-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain The message forwarded by Mark Ringuette was apparently posted to sci.crypt by using a cypherpunks remailer followed by a mail-to-news gateway. To recap on how to do this, put :: Request-Remailing-To: sci-crypt@cs.utexas.edu then a blank line at the front of your message, and mail to one of the remailers (Karl Barrus posts a list every month). For more security and in-practice untraceability, use one of Karl's scripts to set up a chained request with encryption. By bouncing your message around the country like this, decrypting at each stage, you get much better security than with just one hop. Change "sci-crypt" in the address above to the name of the newsgroup you want to post to, replacing the "." in the name with "-". (No, I don't know how you post to a newsgroup with a "-" in it. Maybe it just works.) I notice that the Comment field I put out on remailed message cautioning that it is coming from an anonymous remailer did not get passed through the mail-to-news gateway software at utexas. This leaves little clue about where it came from. It does make it pretty clear that you can't reply to it since it comes from "nobody@alumni.caltech.edu". As an aside, I'd like to encourage people not to use hal@alumni.caltech.edu so much and to use one of the others more. I have one at hfinney@shell.portal.com which I think may be more immune to political pressure. Unlike the alumni account, I'm paying for this one, which should give me some clout; and also, I remember hearing that at the hackers conference the head of Portal offered some support to the idea of anonymous remailers, so I'm hoping that management won't be quick to shut me down when people complain. Hal 74076.1041@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Mon, 26 Apr 93 09:24:52 PDT To: CYPHERPUNKS Subject: CASH: Disney Dollars... Message-ID: <930426161723_74076.1041_FHD66-2@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain I know we're all focused pretty closely on Clipper right now, but as time goes on we will pay attention to other things, and one of those is digital cash. We've had a lot of debate here about whether it would be legal to issue private cash. I went to Disneyland last week, and discovered that they are issuing their own form of cash: "Disney Dollars" (presumably a Disney trademark). Disney Dollars come in at least three denominations: $1.00, $5.00, and $10.00. They are very attractively printed notes, about the size and shape of American dollars. They're quite a bit more colorful but the layout of the bills is similar to other forms of currency. Disney Dollars can be exchanged with U.S. dollars on a one-for-one basis at the park. No sales tax is involved in the transaction. I saved a $1.00 Disney Dollar, a special issue to commemorate Mickey Mouse's 65th anniversary this year. Here is what it says: On the face: "Disney Dollars" "Mickey's 65th". In the fine print: "May be used as legal tender only at Disneyland park, Disneyland Hotel, Walt Disney World resort and the Disney Store (U.S.A. & Puerto Rico)." Another block of fine print: "Disney Dollars may be spent or collected and saved as souvenirs and are redeemable at any time before or after any period of inactivity." At the bottom: "A00651375A" "Series 1993" "One Disney Dollar". There is a picture of Mickey Mouse in the middle with the word "Mickey" under it. "Scrooge McDuck" has signed the bill above the word "Treasurer". On the back: "Disney Dollars" at the top; "One Disney Dollar" at the bottom, and a large colorful picture of Mickey in a car filling most of the middle. "(C) The Walt Disney Company" in fine print. If Disney can issue its own currency, maybe other people can, too. These are basically gift certificates. If somebody had some goods or services to sell, they could issue their own "dollars" which would be good for purchasing their things, but which could also be exchanged back for U.S. dollars if needed. Hal Finney 74076.1041@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: matt@oc.com (Matthew Lyle) Date: Mon, 26 Apr 93 10:18:24 PDT To: cypherpunks@toad.com Subject: MacWeek article on Clipper/Capstone Message-ID: <199304261717.AA24952@ra.oc.com> MIME-Version: 1.0 Content-Type: text/plain MacWEEK 04.26.93 Page 1 SECURITY CHIPS TRIGGER ALARM Clipper and Capstone open digital back door. By Mitch Ratcliffe Washington -- The White House and National Security Agency, as part of a wide-ranging retooling of U.S. privacy policies, are preparing two encryption chips for use in the computer and telecommunications industries. Privacy advocates cried foul last week because the chips include a back door that allows police to monitor communications. The Clipper chip announced this month can encrypt voice and data communications at up to 16Mbps. Clipper is due to debut in secure telephones from AT&T Co. this summer. The second chip, called Capstone and currently under development at the NSA, is a superset of Clipper that will implement the much-criticized Digital Signature Standard to add authentication capabilities. Its existence was revealed during a briefing at the Massachusetts Institute of Technology in Cambridge last week. President Clinton ordered the National Institute of Standards and Technology to establish Clipper as a federal standard. Since the government is the largest computer customer in the world, its Federal Information Processing Standards (FIPS) often are imposed on the industry as de facto standards. If Capstone follows Clipper into the FIPS requirements, DSS could usurp RSA Data Security Inc.'s public-key encryption scheme, which Apple licensed for AOCE (Apple Open Collaboration Environment). But Apple's representative at the NSA briefing, Gursharan Sidhu, technical director of collaborative computer and leader of the AOCE project, said he is not worried that the government will force an encryption scheme on the industry. "We were given the impression that they are very open to suggestions," Sidhu said, adding that the government is faced with a growing conundrum as it tries to simultaneously protect privacy and maintain its ability to tap lawbreakers' communications. "People have the idea that in cellular the security of communications had gone away, so there is pressure to encrypt. [Without a back door], even the casual criminal would be able to communicate with invincible security," Sidhu said. "Law-enforcement agencies wouldn't be able to collect intelligence." A spokesman for NIST said Capstone will not be introduced unless the president's review of national encryption policy conclueds it is needed. But he also said the Department of Defense and NSA are already working to develope a PCMCIA card-based implementation of Capstone for a classified defense messaging system. The NSA confirmed it is working on Capstone but could not confirm the Capstone PCMCIA card project. Clipper and Capstone use a "key escrow" technology that lets law-enforcement agencies with a court order unscramble conversations and documents. To reduce the potential for wiretap abuse, two agencies to be named by Attorney General Janet Reno will hold half of each key. The NSA said the key escrow agents will not be law-enforcement agencies. Privacy advocates complained that the algorithms that perform Clipper scrambling functions will remain classified. Encryptin technologies typically gain acceptance only after cryptographers pore over the component algorithms and key management systems. "We can't protect the key escrow features if we reveal the algorithm to the public ... that's caused some heartburn," said John Podesta, staff secretary to President Clinton. "I'm not suggesting that the public should trust us any more than any other government agency, but we are doing a more comprehensive review [than any previous administration]." Podesta said the Clinton team is taking a free-market approach to encryption, in contrast to the previous administrations, which tried to legislate simplified approaches. "In the wireless communications environment, we have to more the ball forward on security and privacy," Podesta said. "The jury's still out on whether [Clipper] is the answer." Jim Bidzos, president of RSA Data Security of Redwood City, Calif., said the NSA is using Clipper and Capstone in an attempt to confuse the market for privacy-enhancing technologies. "It takes three or four years fo rthis kind of proposal to die." Bidzos said. Computer and communications companies might withhold support for any standard, giving the NSA more time to prepare for the encrypted world, he said. Computer Professionals for Social Responsibility, a Washington, D.C. based public-interest group, has filed 11 Freedom of Information Act requests for access to Clipper development records. The group suspects the NSA and NIST violated the Computer Security Act of 1987, whic limits the NSA's role in development of public encryption technologies to providing advice and assistance. NSA said it developed both chips. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: whitaker@eternity.demon.co.uk (Russell E. Whitaker) Date: Mon, 26 Apr 93 10:56:20 PDT To: cypherpunks@toad.com Subject: Re: Privacy International (fwd) Message-ID: <4567@eternity.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain Nick Szabo writes: > > The following forwarded from alt.privacy. Anybody have experience > with this group? Have they taken a position on the wiretap chip? > > Subject: Group Info: Privacy International > Message-ID: <1993Apr12.184129.11455@mont.cs.missouri.edu> > Originator: rich@pencil.cs.missouri.edu > Organization: Privacy International > PRIVACY INTERNATIONAL > > A WATCHDOG ON SURVEILLANCE > > GENERAL INFORMATION > > PRIVACY INTERNATIONAL - THE BIRTH OF A WORLDWIDE MOVEMENT > > [Text elided for brevity] > If you are interested in getting involved in the work of > Privacy International, please contact Simon Davies, Marc > Rotenberg, or David Banisar at : > Simon Davies is in London now. He will have an email account soon. However, anyone who needs to contact him - on non-confidential matters - can send email to privacy@eternity.demon.co.uk. This is my machine; Simon will have his own soon. Russell Russell Earl Whitaker whitaker@eternity.demon.co.uk Communications Editor AMiX: RWhitaker EXTROPY: The Journal of Transhumanist Thought Board member, Extropy Institute (ExI) ================ PGP 2.2 public key available ======================= From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Arthur Abraham Date: Mon, 26 Apr 93 15:02:34 PDT To: cypherpunks@toad.com Subject: MYK-78 Message-ID: <199304262202.AA13845@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain 26-Apr-93 For those awaiting my promised comments regarding this chip, I have the disappointing report that the individual I anticipated talking to was out of his town, and so not available today. If you have the data sheets for this chip, and have read them, I would be very interested to see your comments. Please respond to me directly, rather than the list at large, since my intent in this exercise it to replace deduction with disclosure, and avoid spreading any mis- or partial information. -a2. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Mon, 26 Apr 93 17:04:11 PDT To: rustman@netcom.com Subject: Re: Consumer phone privacy info sheet Message-ID: <9304270003.AA25770@servo> MIME-Version: 1.0 Content-Type: text/plain >From: rustman@netcom.com (Rusty Hodge) I suspect the Clipper chip will be used heavily in digital cellular phones, if it isn't too much of a power hog. I seriously doubt it. I could easily have done DES in software on our CDMA digital cellphones using spare cycles in the CPU we already have (a '186) had I been allowed to do so. Why should I re-engineer my already designed products to use a $30 IC instead? Power is not the only issue. Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fnerd@smds.com (FutureNerd Steve Witham) Date: Mon, 26 Apr 93 15:17:49 PDT To: cypherpunks@toad.com Subject: Report on Adi Shamir talk Message-ID: <9304262127.AA28339@smds.com> MIME-Version: 1.0 Content-Type: text/plain Last Friday, the 23rd, Adi Shamir (the S of RSA) gave a talk at MIT about some recent crypto results of his. (He was introduced by Ron Rivest, the R of RSA.) Shamir is in the country to give a talk about the history of crypto, in Washington DC, I think. It was actually two related talks, one on each of two papers of his: "On the Generation of Multivariate Polynomials which are Hard to Factor" and "Efficient Signature Schemes Based on Birational Permutations" Any misrepresentations and misunderstandings here are mine. The first paper is about factoring polynomials that are products of two polynomials, F = PQ where all these polynomials are on numbers that are mod the product of two primes. n = pq There are a lot of cases where F is easy to factor, and sometimes the easy cases seem to be only slightly different from the hard cases, but Shamir has found a large, easy-to-specify class of forms of (P, Q) where factoring their product is as hard as factoring n (the notorious hard problem that's the basis for the supposed strength of RSA). The second paper is about looking for public key crypto methods that are as strong as RSA but don't require such large amounts of computing on one end. In regular RSA, for instance, the number of multiplications for decrypting (for the legitimate key owner) goes up with key size, and so does the difficulty of multiplication. Shamir has found a scheme that takes about 20 multiplies on each side, period. However, it would be easily breakable as a crypto scheme, so he shows a variation that doesn't give as much info to an attacker, but works as a signature scheme. It *looks* secure to him and others he's shown it to, but it isn't proven as hard as factoring big numbers. The tie between the two papers is that the keys used in the scheme in the second paper are polynomials of the form discussed in the first paper. --fnerd@smds.com (FutureNerd Steve Witham) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: whitaker@eternity.demon.co.uk (Russell Earl Whitaker) Date: Tue, 27 Apr 93 13:24:32 PDT To: cypherpunks@toad.com Subject: Forwarded article. Message-ID: <4612@eternity.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain This article was forwarded to you by whitaker@eternity.demon.co.uk (Russell Earl Whitaker): --------------------------------- cut here ----------------------------- Newsgroups: demon.security From: nikki@trmphrst.demon.co.uk (Nikki Locke) Path: eternity.demon.co.uk!demon!trmphrst.demon.co.uk!nikki Subject: Cppnews now has PGP support Reply-To: cppnews@trmphrst.demon.co.uk Distribution: world X-Mailer: cppnews $Revision: 1.35 $ Organization: Trumphurst Ltd. Lines: 13 Date: Sun, 25 Apr 1993 17:23:45 +0000 Message-ID: <735786863snx@trmphrst.demon.co.uk> Sender: usenet@demon.co.uk CPPNEWS $Revision: 1.35 $ Demon.security members may like to know that cppnews now has the ability to add user defined external commands to the Article menu. This latter enables automatic uudecoding, pgp decrypting etc. to be integrated with cppnews. The latest version of cppnews should be available for public ftp from ftp.demon.co.uk [158.152.1.65]:in directory /pub/trumphurst/cppnews. -- Nikki Locke,Trumphurst Ltd.(PC and Unix consultancy) nikki@trmphrst.demon.co.uk trmphrst.demon.co.uk is NOT affiliated with ANY other sites at demon.co.uk. --------------------------------- cut here ----------------------------- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: hkhenson@cup.portal.com Date: Mon, 26 Apr 93 18:21:06 PDT To: cypherpunks@toad.com Subject: Re: MEETING SUMMARY: Message-ID: <9304261808.1.16634@cup.portal.com> MIME-Version: 1.0 Content-Type: text/plain Tim May closes his excellent summery with > May you live in interesting time, indeed! The rest of this curse is not as well known, but it goes "and attract the attention of important people." I suspect we are doing just that. Keith Henson From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "John (FuzzFace/Fast-Eddie) McMahon" Date: Mon, 26 Apr 93 15:27:12 PDT To: Cypherpunks@toad.com Subject: Re: MEETING SUMMARY: 4-24-93 Cypherpunks Meeting Message-ID: <01GXH67HAH8Y001HDW@Eisner.DECUS.Org> MIME-Version: 1.0 Content-Type: text/plain >>> "4. Educating the Public." I've seen several public/private debates open up just from "grass roots" circulation of the announcements and such. My only concerns are that: a) It's all pretty unfocused. b) It's being circulated on mailing lists (et al) where the discussion is inappropriate and probably would be viewed as annoying. But then again, any topic discussed on the network seems to have these problems initially. Fuzz From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peter honeyman Date: Mon, 26 Apr 93 16:46:09 PDT To: cypherpunks@toad.com Subject: Clipper letter Message-ID: <9304262346.AA25400@toad.com> MIME-Version: 1.0 Content-Type: text/plain here is the letter i sent my senators and representative, w/ a copy to clinton and gore. don't forget to write yours. peter =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= April 26, 1993 I'm writing to share my concern about the White House announcement of April 16, 1993, which provides for wiretap ability in telecommunica- tions networks and wireless communications links. The particulars of the announcement are not in and of themselves altogether alarming, but the implication is that this is just a foot in the door: Q: If the Administration were unable to find a technological solution like the one proposed, would the Administration be willing to use legal remedies to restrict access to more powerful encryption devices? A: This is a fundamental policy question which will be considered during the broad policy review. Thanks to the widespread use of software that provides for information protection and privacy, the most common "powerful encryption device" is the personal computer. The suggestion that computers and software in everyday use be declared contraband worries me. But at a more fundamental level, I am concerned about the right to privacy. Privacy in the modern day means information privacy: keeping to oneself computerized data about oneself. Because encryption is widely regarded by computer security experts as the only effective means of ensuring computer privacy, the White House's "broad policy review" promises to examine whether citizens should have the right to determine whether and how to provide for their own privacy. Your voice is needed in this debate. I hope that when the question is raised whether the government should hold exclusive rights to the protection of individual privacy, or whether the people should hold that right to themselves, you will stand on the side of the people. Sincerely yours, From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Anonymous Date: Mon, 26 Apr 93 18:02:54 PDT To: cypherpunks@toad.com Subject: mycotoxin Message-ID: <9304270106.AA18106@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain NOTE to the person who sent this (if on the list) that I forwarded it to the list, you forgot the space after the colon on request-remailing-to. -- nowhere@bsu-cs.bsu.edu Here's some stuff I dug up on Mykotronyx. The are privately held (at least there are no SEC filings on the database). I also checked the patent database, but it came up empty. Note the discrepency in the first two entries: one lists sales of $252,900,000 and the other says $2,500,000. "Myko" apparently means "enchantress" in Japanese. Check out their company motto: "Securing the world of communications bit by bit" ---------------------------------------------------------------- Copyright (c) 1992 American Business Information Trinet America COMPANY DATABASE MYKOTRONX INC 357 VAN NESS WAY # 200 TORRANCE , CALIFORNIA 90501-1488 310-533-8100 NUMBER OF EMPLOYEES: 25 EXECUTIVE: CHIEF EXECUTIVE OFFICER: BOB GOTTFRIED NUMBER OF ESTABLISHMENTS: 1 SALES INFORMATION: TOTAL SALES ( $ ): 252,900,000 SIC CODE-INFO: PRIMARY: 8731 COMMERCIAL PHYSICAL/BIOLOGICAL RES CODE INFORMATION: STATE CODE (FIPS): 06 COUNTY CODE (FIPS): 037 LOS ANGELES TRINET NUMBER: 808764096 ---------------------------------------------------------------- Copyright (c) 1992 American Business Information Trinet America ESTABLISHMENT DATABASE MYKOTRONX INC 357 VAN NESS WAY # 200 TORRANCE, CALIFORNIA 90501 310-533-8100 SIC-CODES: PRIMARY SIC CODE: 8731 COMMERCIAL PHYSICAL/BIOLOGICAL RES SALES INFORMATION: SALES ( $ ): 2,500,000 SHARE OF MARKET (%): .09 NUMBER OF EMPLOYEES: 25 EXECUTIVE: BOB GOTTFRIED OWNER CODE INFORMATION: STATE CODE (FIPS): 06 COUNTY CODE (FIPS): 037 LOS ANGELES MSA: 4480 PARENT COMPANY INFORMATION: MYKOTRONX INC 357 VAN NESS WAY # 200 TORRANCE, CALIFORNIA 90501 310-533-8100 STATE CODE (FIPS): 06 PRIVATE OWNED ESTABLISHMENT NUMBER: 808764096 ---------------------------------------------------------------- CALIFORNIA STATE BOARD OF EQUALIZATION, SALES AND USE TAX INFORMATION NUMBER: AB127112520000 OWNER-NAME: MYKOTRONX INC. TYPE OF OWNERSHIP: CORPORATION MAILING-ADDRESS: 357 VAN NESS WAY,STE.200 TORRANCE, CA 90501 COUNTY: LOS ANGELES START-DATE: 04/1987 TYPE-OF-BUSINESS: PUBLISHERS, LIGHT INDUSTRIAL EQUIPMENT AND ALL OTHER PERMITTEES N.E.C. TAX-PROGRAM: REGULAR SALES TAX ---------------------------------------------------------------- Copyright 1993 Business Wire, Inc. Business Wire April 19, 1993, Monday DISTRIBUTION: Business Editors & Computers/Electronics Writers LENGTH: 697 words HEADLINE: Mykotronx develops "Clipper" chip designed to ensure communications privacy DATELINE: TORRANCE, Calif. BODY: "Securing the world of communications bit by bit" is not only the motto but the guiding philosophy of Mykotronx Inc., a Torrance small business specializing in the design and manufacture of unique digital components and equipment. Mykotronx Monday announced the introduction of an electronic chip -- designated "Clipper" -- that it believes will ensure the protection of sensitive information transmitted via cellular or regular phones, computer networks or fax machines. This chip and follow-ons will also find application in many other systems, e.g., cable TV and personal computers. Leonard J. Baker, president of Mykotronx, said: "This chip is a good example of the transfer of military technology to the commercial and general government fields with handsome cost benefits. For 15 years we have been evolving this technology to protect government and commercial spacecraft from being tampered with and to protect the data transmitted by the spacecraft to its ground users. This technology should now pay big dividends to U.S. taxpayers." Economic data of incalculable value is transmitted each day over various telecommunications media, including telephones, facsimiles, telex, cable and other communications networks. Each message is vulnerable to interception through relatively simple techniques. Exploitation of illegally obtained information can do tremendous damage to the parties involved, ranging from embarrassment to the loss of hundreds of millions of dollars to a hacker who knows the specifics of a competitor's business plans. Said Baker: "Just as technology provides the means for communicating the data, it can now minimize the threat of its loss." It is in this arena that the chip developed by Mykotronx comes into play. It contains an ENCODE and DECODE capability using the government's recently announced new algorithm (more than 16 million times more keys than available on DES -- the existing system) to defeat hackers or eavesdroppers attempting to intercept voice or data messages. This first of a series of Mykotronx chips, developed by a team under the direction of Richard J. Takahashi, vice president of engineering, has been delivered to AT&T for use in its Telephone Security Device (TSD). This device, PAGE 3 Business Wire, April 19, 1993 placed between the handset and base of an ordinary telephone, allows the encryption and decryption of conversations so that eavesdropping cannot occur. This inexpensive capability will first be utilized by government agencies to protect sensitive conversations. A similar chip has been delivered to Motorola for use in its secure telephone products and digital radios. More advanced chips, those that protect other data transmissions, will be available in the coming months. These chips are manufactured by VLSI Technology Inc. of San Jose, Calif., using its unique FSB technology. VLSI was selected by Mykotronx based on its ability to develop high-performance semiconductor chips. Mykotronx, a.k.a. Myko, was founded by Robert E. Gottfried and Kikuo Ogawa to develop cryptographic units to protect the communication channels between spacecraft and ground stations. The company has delivered equipment to the Department of Defense, NASA and most aerospace companies. The strength of Mykotronx lies in its people and their unrelenting drive for excellence. Their "can-do" attitude has allowed the company to deliver high-quality products on very short time schedules. Mykotronx has received numerous commendations for its quality program and was recently named "Supplier of the Year" for the second consecutive year by IBM's Federal Systems Co. of Boulder, Colo. Sales of more than $5 million in 1992 are expected to double in 1993. Transferring this technology from spacecraft to everyday uses will allow the company to fulfill its ambitious motto of "Securing the world of communications bit by bit." For further information concerning these products, contact John C. Droge, vice president of program development, at 310/533-8100, or fax 310/533-0527. CONTACT: Mykotronx Inc., Torrance John Droge, 310/533-8100 (phone) 310/533-0527 (fax) ORGANIZATION: MYKOTRONX -INC GEOGRAPHIC: CALIFORNIA COLORADO INDUSTRY: COMPUTERS/ELECTRONICS PRODUCT ---------------------------------------------------------------- Copyright 1993 PR Newswire Association, Inc. PR Newswire April 16, 1993, Friday SECTION: Financial News DISTRIBUTION: TO BUSINESS EDITOR LENGTH: 742 words HEADLINE: AT&T TO INCORPORATE NEW 'CLIPPER' CHIP INTO SECURE COMMUNICATIONS PRODUCT LINE DATELINE: GREENSBORO, N.C., April 16 KEYWORD: bc-AT&T-Clipper-chip BODY: AT&T (NYSE: T) said today it is moving to improve the security and privacy of telephone communications by incorporating a just-announced new U.S. government technology for voice encryption into its secure communications product line. AT&T will use the Clipper chip, announced today by President Clinton as a new technology for voice encryption, in all of its secure telephone products except those specially designed for government classified customers. The Commerce Department has announced a six-month timetable for the final certification of Clipper. "AT&T is pleased to be the first company to publicly commit to adoption of the Clipper chip," said Ed Hickey, AT&T vice president, Secure Communications Systems. "We believe it will give our customers far greater protection in defeating hackers or eavesdroppers attempting to intercept a call. "And now all commercially available AT&T voice encryption products will be compatible with each other, a major step forward in bringing secure communications capabilities to the business community." In standardizing AT&T voice encryption products on the Clipper chip, AT&T will include the algorithm in the Telephone Security Device as well as in the Secure Voice/Data Terminal. The AT&T Telephone Security Device is a compact, lightweight unit that brings advance encryption technology to conventional land-line and cellular telephones. It provides a powerful, convenient and reliable way to protect the most sensitive telephone conversations. The device works with a conventional land-line or transportable/mobile cellular phone. It turns the phone's signal into a digital stream of encrypted information that is decrypted by a Telephone Security Device attached to the phone at the receiving end of the call. The AT&T Telephone Security Device connects easily to desk telephones or tranportable or mobile phones. It weighs 1.5 poun PAGE 5 PR Newswire, April 16, 1993 inches wide and 1.5 inches high. And it's as easy to use as it is portable. The AT&T Secure Voice/Data Terminals are desktop telephones that provide encryption for both telephone calls and data transmissions. These AT&T secure communications products use an enhanced voice encryption technique that provides very high voice quality. This technology allows calls placed with these products to approach the voice quality of normal calls. To further enhance interoperability, AT&T will consider licensing to other manufacturers its enabling technologies for interoperability. Interoperability of encryption devices requires common technology beyond the use of a common encryption algorithm, specifically common methods of digital voice encoding and signaling. AT&T has already performed integration tests with Clipper chips manufactured by the government's supplier, Mykotronx Inc., of Torrence, Calif., and is preparing to integrate the chip into the manufacturing of its secure products. AT&T's Clipper-equipped telephone security devices will be available to customers by the end of the second quarter. The federal government intends to adopt the Clipper chip as the standard for voice encryption to help protect proprietary information, protect the privacy of personal phone conversations and prevent unauthorized release of data transmitted electonically. At the same time, use of the Clipper chip will preserve the ability of federal, state and local law enforcement agencies to intercept lawfully the phone conversations of criminals. "Adoption of Clipper will support both the government's efforts to protect the public and the public's right to privacy," Hickey said. AT&T Secure Communication Systems provides products to protect voice, data, fax, cellular and video communications. It also engineers and integrates secure communications applications. Its customers include the governments of the United States and other nations as well as major corporations around the world. AT&T Secure Communications Systems is headquartered in Greensboro. For more information about the AT&T Telephone Security Device 3600 and other AT&T Secure Communications Products, call David Arneke at 919-279-7680. CONTACT: David Arneke of AT&T Secure Communications Systems, 919-279-7680, or after hours, 919-273-5687, or Herb Linnen of AT&T Media Relations, 202-457-3933, or after hours, 202-333-9162 ORGANIZATION: AT&T TICKER-SYMBOL: T SUBJECT: New Products; Services GEOGRAPHIC: North Carolina INDUSTRY: Telecommunications CO: AMERICAN TELEPHONE & TELEGRAPH CO INC; PR Newswire, April 16, 1993 TS: T (NYSE); IND: 111 COMMUNICATIONS; ---------------------------------------------------------------- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Mon, 26 Apr 93 20:14:28 PDT To: cypherpunks@toad.com Subject: A correction, and another motive for Clipper Message-ID: <9304270314.AA12553@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Jim Bidzos of RSA informs me that Capstone does in fact use public key methods, and that his company will presumably receive royalty payments. (I remember this being discussd, now. The government itself has royalty-free access to the various public key patents, so I understand, but corporations selling equipement using the patents would presumably have to negotiate their own deals.) On another matter, I saw in the April 19th issue of "Network World," the headline on the front page: "Clinton security plan hints of Big Brother," with the subtitle: "Clipper Chip would let government eavesdrop on encrypted voice and data communications." The article is by Ellen Messmer. Along with the usual quotes from the White House announcement came this curious admission from an AT&T manager when asked why anyone, especially a criminal or terrorist, would use a tappable phone when alternatives exist. ---begin quote--- "A criminal probably wouldn't use it," said Mike Agee, marketing manager for secure products at AT&T, adding that the Clipper Chip is for the rest of the world. ---end quote--- Now I've heard several explanations for Clipper, ranging from buying market share to the stupidity of criminals (i.e., criminals _could_ buy non-Clipper alternatives under the current plan, but in practice they're too stupid to). Assuming non-Clipper encryption remains legal, why Clipper? It just occurred to me that perhaps the government is primarily interested in tapping its *own* phones! Not necessarily as part of a paranoid conspiracy plan, but because of the graft and bribery cases that keep coming up, such as the Defense Department scandals uncovered by Operatin Ill Wind a few years back. Ditto for "leaks" from offices. The Powers That Be may have looked at the coming age of untappable phones and concluded that at least they make sure they could tap the phones of those in government and defense contractors and suppliers, who will be the only ones actually _required_ to buy the Clipperphones. (Under the precise wording of the White House announcement; we can all still worry that this move is preparatory to wider restrictions.) Lest you think I'm becoming like David Sternlight and looking for the silver lining in every government move, I'm only floating this as a minor wrinkle on why the Clipperphones may be being deployed so quickly. --Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Mon, 26 Apr 93 21:24:54 PDT To: cypherpunks@toad.com Subject: He's all yours... Message-ID: <9304270424.AA29796@toad.com> MIME-Version: 1.0 Content-Type: text/plain I'll send him the master list of cypherpunks questions. You-all can do the rest. John ------- Forwarded Message From: schneier@chinet.com (Bruce Schneier) Subject: Comments on Clipper for Publication To: gnu@toad.com Date: Mon, 26 Apr 1993 20:27:26 -0500 (CDT) I am writing an article on Clipper for Network World. I am looking for comments and opinions (that I can quote) on the scheme, its implications for security and privacy, its acceptance here and overseas, etc. I am on very tight deadline (I need to finish this Wednesday night). Please call or E-Mail responses. If there is someone else at EFF I should be talking to, please send me his address and telephione number. Thanks, Bruce (708) 524-9461 ------- End of Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "$HOME/.sig" Date: Mon, 26 Apr 93 23:47:02 PDT To: Beyond.Dreams.ORG!composer@netcom.com (Jeff Kellem) Subject: Re: COMP.RISKS is where the action seems to be In-Reply-To: <9304270540.AA02095@Beyond.Dreams.ORG> Message-ID: <9304270638.AA27096@netcomsv.netcom.com> MIME-Version: 1.0 Content-Type: text/plain -- Parts of this .sig borrowed with permission from T.C.May. Perhaps it will indeed get me busted also. .......................................................................... Kelly Goen | Crypto Anarchy: encryption, digital money, kelly@netcom.com | anonymous networks, digital pseudonyms, zero Intelligence Systems | knowledge, reputations, information markets, Specialists Inc. | black markets, face banks, data havens, dark | tech, covert channels, shared secrets, | alt.whistleblowers, collapse of governments. Technical Monkeywrench | Public Key: PGP 2.2. | .......................................................................... PGP 2.2 Key available from PGP Keyservers on the Internet. pub 1024/1BA573 1992/09/09 kelly Key fingerprint = EF 7A 38 99 22 84 E3 3B 90 2A DB 80 DC 65 DA 31 STOP THE WIRETAP CHIP(Clipper Chip)!! From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: hkhenson@cup.portal.com Date: Mon, 3 May 93 08:12:35 PDT To: extropians@gnu.ai.mit.edu Subject: Re: RISKS DIGEST 14.54 Message-ID: <9304262218.1.19891@cup.portal.com> MIME-Version: 1.0 Content-Type: text/plain This issue of comp.risks has a rather lengthy posting by DD. The moderator commented (re the wiretap chip) "there has been essentially no other topic of concern for the past week . . . ." Considering the wide range of topics covered here, that is quite a statement! Keith From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: composer@Beyond.Dreams.ORG (Jeff Kellem) Date: Mon, 26 Apr 93 19:21:44 PDT To: cypherpunks@toad.com Subject: a quick non-technical writeup on the Clipper chip... Message-ID: <9304270221.AA01280@Beyond.Dreams.ORG> MIME-Version: 1.0 Content-Type: text/plain The following is something I wrote for "What's Out There?", a column I write about what's available on the net. It's more for pointing out where to find out more information and such, but also includes a few of the concerns about the announcement. Feel free to send me comments. I'll be posting this to various USENET newsgroups in the near future, as the column won't be in hardcopy until about June, 1993. FYI... -jeff Jeff Kellem Internet: composer@Beyond.Dreams.ORG p.s. This is excerpted with permission, of course, since I am the author. ;-) ===CUT HERE=== [ NOTE: Please see the COPYRIGHT/LICENSE notice at the end of this document before ANY redistribution. ] The following is a portion of Volume 1, Issue 03 of "What's Out There?" written by Jeff Kellem . This is expected to appear in the May/June 1993 issue of the USENIX Association's hardcopy newsletter, ";login:". Excerpted from "What's Out There?", Volume 1, Issue 03... White House and NSA (Encryption) Clipper Chip Announcement ---------------------------------------------------------- On April 16, 1993, the White House announced the development of an encryption chip for voice communications developed in conjunction with the National Security Agency (NSA) called the Clipper Chip, along with an initiative regarding telecommunications and privacy which could literally affect almost every citizen in the United States. On the same day, AT&T announced a "secure" phone which incorporated this chip. Some important things to point out: o the encryption algorithm is remaining classified [ In the cryptography community, an encryption algorithm is only considered secure after it has been examined extensively and independently by a wide array of experts around the world. With an algorithm which is kept secret, there is no guarantee that it is secure and that the encryption method has no "back door" (allowing easy decryption for those, such as the NSA, that know the "back door"). ] o though the government has announced plans to use the chip in their own phones, they do NOT plan to use it for CLASSIFIED information, only for unclassified information. o this chip has been in the making for 4 years; it would seem that the Clinton Administration has already made plans to use the chip, without public comment or discussion on a matter which is so important to the privacy of that same public. o it would seem that the Government might be granting a monopoly to Mykotronx, Inc. and VLSI Technology. It's unclear whether each company makes the entire chip or just parts thereof. o the key, which allows the information encrypted with this chip to be decrypted, is embedded in the chip [ This means that once the key is known, the chip needs to be replaced to maintain private communications. In other words, a new encryption device, if the key is ever divulged, which could just mean a wire-tap. ] o the 80-bit key is split into two (2) 40-bit pieces and kept in databases at two different escrow agencies [ It's not clear how the key databases will be kept secure. It is also unknown if the classified encryption algorithm is any less secure to brute-force attacks, once half the key is known. ] o a successor chip has already been announced, called the Capstone chip. The Capstone chip is supposed to be a "superset" of the Clipper chip and will include the "digital signature standard" (DSS), which many in the cyprotgraphy community seem to consider insecure, as I recall. The NSA also developed DSS, which wasn't disclosed until CPSR filed a FOIA request with NIST (the National Institute of Standards & Technology). This announcement, in one way, is a step in the right direction -- privacy and encryption technology are important to the general public and for international economic competitiveness. An inquiry on whether export restrictions on encryption technology is good or bad is also a good thing. Currently, companies that want to include encryption as part of their products need to make two versions -- one for domestic distribution and one for international distribution. On the other hand, there are too many things about the announcement which are bothersome and need to be discussed publicly. Some of these items have been mentioned above. I recommend talking with your local congressman, writing letters, and discussing this with friends. Both the Electronic Frontier Foundation (EFF) and the Computer Professionals for Social Responsibility (CPSR) have made public statements against the announcement. The CPSR has filed Freedom of Information Act (FOIA) requests regarding the plan. Online discussions of the announcement have been occurring all over the Net in various USENET newsgroups and mailing lists. Here's a sample of where you might find discussions of the Clipper Chip: USENET newsgroups: alt.privacy.clipper sci.crypt alt.security alt.privacy comp.org.eff.talk comp.security.misc comp.society.cu-digest comp.risks Mailing lists: cypherpunks-request@toad.com Also, check the archives for the various groups listed above, as things may have changed by the time this comes to print in hardcopy come June 1993. The official White House press release of the Clipper Chip can be found via anonymous ftp from: csrc.ncsl.nist.gov in the /pub/nistnews directory, or via the NIST Computer Security BBS at +1 301 948 5717. It should also be available with the rest of the White House press release archives mentioned above. The EFF comments were first published in the EFFector Online Issue 5.06, which is available via anonymous ftp from: ftp.eff.org in the /pub/EFF/newsletters directory. Information from CPSR is available online via anonymous ftp from: ftp.cpsr.org in the /cpsr directory. The cypherpunks mailing list also maintains an archive. Information on the Clipper Chip can be found via anonymous ftp from: soda.berkeley.edu in the /pub/cypherpunks/clipper directory. Please do read the announcement of the Clipper Chip encryption technology, think about and discuss the implications of this with your friends, congressmen, and anyone else. ...End of excerpt. COPYRIGHT/LICENSE: This document is Copyright (c) 1993 Jeff Kellem/Beyond Dreams, composer@Beyond.Dreams.ORG. This copyright notice must be kept with each document. You have permission to freely redistribute this for non-commercial and non-profit purposes. It would be nice if you let the author know about any redistributions that are expected to reach more than a single person. :-) (This would include mirroring ftp sites, etc.) Please contact the author if you wish to use this document in ANY other fashion. Most likely, there won't be a problem. If you wish to redistribute this document for commercial purposes, you MUST contact the author for permission. Thank you. Jeff Kellem Composer of Dreams Beyond Dreams Internet: composer@Beyond.Dreams.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Mon, 26 Apr 93 22:24:33 PDT To: cypherpunks@toad.com Subject: Markey hearings on Thursday will be on the Internet MBone Message-ID: <9304270524.AA00805@toad.com> MIME-Version: 1.0 Content-Type: text/plain John Gage tells me that audio from the Congressional hearings on telephone privacy and Clipper will be multicast on the Internet `MBone' (multicast backbone). We don't yet know the multicast address. If someone who knows about the mbone could hook in and record a copy of the hearings (as an online sound file, or on tape), that would be great. I'll be at a conference on Thursday. John From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Mon, 26 Apr 93 22:25:04 PDT To: cypherpunks@toad.com Subject: COMP.RISKS is where the action seems to be Message-ID: <9304270525.AA28002@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Comp.risks is carrying extensive coverage of the Clipper Chip issue, including Dorothy Denning attempting to defend the Clipper. Sci.crypt and alt.security.clipper still have more messages, but comp.risks seems to be the place I check first. Being a digest, though, a new one only appears a few times a week. -Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Tom Keenan Date: Mon, 26 Apr 93 23:09:19 PDT To: risks@csl.sri.com Subject: Clipper: International implications Message-ID: <9304270606.AA67332@acs3.acs.ucalgary.ca> MIME-Version: 1.0 Content-Type: text/plain It will be fascinating to see how non-US governments react to Clipper. Anybody have any info on this? I will contact the office of the Canadian minister responsible for Communictions (Hon. Perrin Beatty) and see if there has been a statement or reaction. Canada might prosper as a "phone haven" much as some Caribbean countries are "data havens." Somewhat related item in April 19/93 Communictions Week International (page 4) reports (in part): "Europe's mobile telephone industry is developing less-secure GSM digital cellular equipment to mollify government law-enforcement agencies and adjust to restrictions on high technology exports. New base station software and modified handset chips would make it easier for GSM calls to be tapped, a requirement of some governments, but would likely cost millions of dollars to install in existing networks and terminals." The export status of Clipper technology will also be an interesting thing to sort out. White House Statement just says "case by case." Dr. Tom Keenan, I.S.P. Associate Dean, R&D, U of Calgary & Technology Correspondent, CBC Television "Midday" From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com Date: Mon, 26 Apr 93 21:35:30 PDT To: smb@ulysses.att.com Subject: Mykotronx and VLSI data sheets Message-ID: <9304270435.AA09033@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text The data sheets arrived today! (Steve - I gave Matt a copy; I can fax it to you if yours hasn't shown) (Cypherpunks - Mykotronx 310-533-8100 fax-0527, VLSI 408-434-3100 fax-263-2511) The VLSI material didn't have anything Clipper-specific - lots of stuff on their ASIC libraries and chips, and some information on their tamper-proof technology. Their DES chip does 192 Mb/s, and they've got a vocoder chip for 13 kb/s GSM as well as 32 kb/s ADPCM G.721, ARM RISC, Z80 cores, high-speed comms stuff, PC support ASICs, etc. The Mykotronx material was interesting. It was about 18 pages long, and there are functional diagrams, pinouts, timing diags, command sets. It looks like there may be two versions, one commercial, one industrial-hard. The chip is 28-pin PLCC, with 4 bits control input, 8 leads for input/ output/config/status/test/alarm depending on command, the usual power, clock, strobe, busy, reset, and alarm leads, and two leads for higher-voltage write-once PROM. The internal clock is 15 MHz, and I'm not sure how fast it goes if you clock it externally (it uses the internal clock when it's doing the fun stuff, but can use externals for I/O, etc.) It looks like the encryption phase takes 64 clock cycles, but I'm not an electrician so I can't guarantee that that's what the timing diags mean; if that's the case it would seem to be slower than 16 mb/s throughput given I/O time? There are 5 functional blocks: controller, algorithm, Data Bus Buffer, self-test, and clock. There's an internal data bus (how wide? 8 bits?) with the controller, data buffer, and external clock accessible from outside, the self-test generating two output leads only, and the algorithm block isolated (only connected to the bus and self-test.) The basic sequence of operations, once the chip has booted and tested, is that you feed commands to initialize cryptographic variables (key, IV), tell it to encrypt or decrypt, strobe in data, let it crunch, and strobe out results. It's picky about getting commands in the right order, and rejects anything it isn't willing to do for security reasons. It can operate in 7 different modes: ECB-64, CBC-64, OFB-64, CFB-64/32/16/8. The number of bytes read or written depends on the mode, but I was interested to find that I couldn't tell from the data sheets how many bytes that is, which either means they deliberately aren't telling us where the wiretap block is or else they assume that the Output Buffer Full and Input Buf Empty leads are all you care about; I'll try to find a tasteful way to ask them. Commands: - Reset - Write Random Seed - must be done at startup; there's a pseudo-random generator for IVs. If you give it a zero, it asks for a better seed. - Write Config Register - done second, picks operating mode. If you're in IDLE mode, you need to do this before writing the CV or IV. - Write Crypto-Variable (CV) (loads 10 bytes key, 3 bytes checksum, automagically checks key when loaded.) - Write Initialization Vector (IV) - you can load it or generate. - Generate IV - using the pseudo-random. Outputs to data bus when done. - Start Encrypt Block - read data off bus, crunch, wait for Read Output, IDLE - Read Output - strobes out output - Start Decrypt Block - read data, crunch, wait for Read Output, repeat until you get a Terminate or other command - Terminate Encrypt/Decrypt - stop doing encryption (IDLE?) - Save Current State - output 8 bytes of state to data bus - Restore Current State - input 8 bytes of state from data bus - Read Status Register - outputs to bus - Read Test/Alarm Register - outputs to bus - Write Test/Alarm Register - read from bus, do tests If you want to order a copy, they were pretty quick about delivering it. The person I talked to was John Droge, VP, Program Development. Approximate prices are $30 (qty. 10,000), no mention of engineering samples, quotations on a case-by-case basis for now. Bill Stewart # Bill Stewart wcs@anchor.ho.att.com +1-908-949-0705 Fax-4876 # AT&T Bell Labs, Room 4M-312, Crawfords Corner Rd, Holmdel, NJ 07733-3030 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Sy Verpunc Date: Tue, 27 Apr 93 18:01:40 PDT To: cypherpunks@toad.com Subject: Re: REMAIL: email to usenet gateways Message-ID: <9304270130.AA18056@pizzabox.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain group-name@ucbvax.berkeley.edu * * I understand that the admin of ucbvax.berkeley.edu block posts from non berkeley sites, but I'm not positive about that! It was open for a couple of years but is now blocked. I checked a week ago. G From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: composer@Beyond.Dreams.ORG (Jeff Kellem) Date: Mon, 26 Apr 93 22:35:49 PDT To: cypherpunks@toad.com Subject: Re: a quick non-technical writeup on the Clipper chip -- corrections Message-ID: <9304270535.AA02062@Beyond.Dreams.ORG> MIME-Version: 1.0 Content-Type: text/plain Here are some minor corrections to the the non-technical writeup I posted earlier this evening. Note, that I also already corrected the typo regarding how the keys were constructed. Ignore the line numbers.. they'll be incorrect, as this is part of a larger article. FYI... -jeff Jeff Kellem Internet: composer@Beyond.Dreams.ORG ===CUT HERE=== *** /tmp/RCSA002047 Tue Apr 27 01:29:46 1993 --- whats-out-there-1.03.text Tue Apr 27 01:29:08 1993 *************** *** 188,203 **** important to the privacy of that same public. o it would seem that the Government might be granting a monopoly to ! Mykotronx, Inc. and VLSI Technology. It's unclear whether each ! company makes the entire chip or just parts thereof. o the key, which allows the information encrypted with this chip to be decrypted, is embedded in the chip [ This means that once the key is known, the chip needs to be ! replaced to maintain private communications. In other words, a new ! encryption device, if the key is ever divulged, which could just ! mean a wire-tap. ] o the 80-bit key is made from the xor of two (2) 80-bit keys, which are kept in databases at two different escrow agencies --- 188,206 ---- important to the privacy of that same public. o it would seem that the Government might be granting a monopoly to ! Mykotronx, Inc. and VLSI Technology. As far as I know, VLSI ! fabricates the chip and Mykotronx programs the keys into it. o the key, which allows the information encrypted with this chip to be decrypted, is embedded in the chip [ This means that once the key is known, the chip needs to be ! replaced to maintain private communications. This would usually ! mean replacing the entire device (e.g. telephone), anytime that ! the key was divulged, whether legally or not. The key is also ! transmitted along with your encrypted data, so that law enforcement ! can obtain it, which would allow them to decrypt your data without ! your knowledge. ] o the 80-bit key is made from the xor of two (2) 80-bit keys, which are kept in databases at two different escrow agencies *************** *** 223,235 **** for international distribution. On the other hand, there are too many things about the announcement which ! are bothersome and need to be discussed publicly. Some of these items ! have been mentioned above. I recommend talking with your local ! congressman, writing letters, and discussing this with friends. Both the Electronic Frontier Foundation (EFF) and the Computer Professionals for Social Responsibility (CPSR) have made public statements ! against the announcement. The CPSR has filed Freedom of Information Act (FOIA) requests regarding the plan. Online discussions of the announcement have been occurring all over the --- 226,243 ---- for international distribution. On the other hand, there are too many things about the announcement which ! are bothersome and need to be discussed publicly. Some of these items have ! been mentioned above. The Clipper Chip basically seems like it might ! provide privacy from some people, but not from the government. I recommend ! talking with your local congressman, writing letters, and discussing this ! with friends. Both the Electronic Frontier Foundation (EFF) and the Computer Professionals for Social Responsibility (CPSR) have made public statements ! against the announcement. The EFF supports the idea of reviewing ! cryptographic and privacy policies, but believes that the Clipper Chip ! announcement was premature and should be delayed until after the overall ! review and discussion. The CPSR has filed Freedom of Information Act (FOIA) requests regarding the plan. Online discussions of the announcement have been occurring all over the From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: composer@Beyond.Dreams.ORG (Jeff Kellem) Date: Mon, 26 Apr 93 22:40:24 PDT To: tcmay@netcom.com (Timothy C. May) Subject: Re: COMP.RISKS is where the action seems to be In-Reply-To: <9304270525.AA28002@netcom3.netcom.com> Message-ID: <9304270540.AA02095@Beyond.Dreams.ORG> MIME-Version: 1.0 Content-Type: text/plain On the cypherpunks mailing list, Tim May wrote... > Sci.crypt and alt.security.clipper still have more messages, but ^^^^^^^^ Minor correction: it's alt.privacy.clipper. FYI... -jeff Jeff Kellem Internet: composer@Beyond.Dreams.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: strat@intercon.com (Bob Stratton) Date: Mon, 26 Apr 93 22:47:14 PDT To: gnu@toad.com Subject: Markey hearings on Thursday will be on the Internet MBone In-Reply-To: <9304270524.AA00805@toad.com> Message-ID: <9304270547.AA10528@intercon.com> MIME-Version: 1.0 Content-Type: text/plain >>>>> On Mon, 26 Apr 93 22:24:31 -0700, gnu@toad.com (John Gilmore) said: John> John Gage tells me that audio from the Congressional John> hearings on telephone privacy and Clipper will be John> multicast on the Internet `MBone' (multicast backbone). John> We don't yet know the multicast address. Hrm..That's interesting. If you're on the MBONE, the Session Directory tool should show you upcoming events, and let you select them. It also fires off the appropriate client software with the proper arguments, which is the Right Thing. John> If someone who knows about the mbone could hook in and John> record a copy of the hearings (as an online sound file, John> or on tape), that would be great. I'll be at a John> conference on Thursday. I'm on the remote conferencing mailing list (rem-conf@es.net), and I have yet to see an announcement. If I can find it, I'll tape it. John, have your friend drop me a note with any details he might have, because the regular channels haven't had any information on this. Any pointers might help me track it down. --Strat From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Sy Verpunc Date: Tue, 27 Apr 93 19:29:17 PDT To: cypherpunks@toad.com Subject: Re: REMAIL: email to usenet gateways Message-ID: <9304270150.AA18265@pizzabox.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain Hal recently posted instructions on how to post to usenet using the anonymous remailers. Here's a collection of email to usenet gateways I have, no doubt far from complete. group-name@ucbvax.berkeley.edu * group-name@cs.utexas.edu group-name@pws.bull.com group.name@news.demon.co.uk Actually, the latter is group-name@demon.co.uk, and it's intended for demon customers. I believe they don't police this too heavily (ie they could chop connections from non-demon sites) but if it's heavily overused or abused there's a chance it might disappear. These sites are *not* anonymous remailers, in case anyone thought that. They post under the name presented in your mail to it, and if you forge mail the demon one at least attaches an 'Originator:' line with the real site, and sends a copy to the postmaster. Generally, a service not to be abused. The only open NNTP server I know of at the moment is sol.ctr.columbia.edu, and it has user limits and time restrictions. Still, it's better than none. G From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: szabo@techbook.com (Nick Szabo) Date: Tue, 27 Apr 93 03:17:43 PDT To: cypherpunks@toad.com Subject: How to protect your electronic privacy -- consumer pamphlet Message-ID: MIME-Version: 1.0 Content-Type: text/plain Here is a handout I've written for our next Portland-area libertarian meeting. Comments welcome. Feel free to distribute freely (you can edit out Portland-specific stuff) with attributions. ---------------------------------------------------------------- How to Protect Your Electronic Privacy Nick Szabo, April 30 1993 Distribute Freely We conduct more and more of our legal, political, and private business over the wires. Every decade, the number of phone calls that the government can record for later playback increases by a factor of ten. Commercial organizations gather and sell our transactions; marketers and governments cross-reference them, forming our vast electronic reputation. The number of e-mail messages doubles every year, and many political organizations are coming to rely on networks like Internet and LiberNet. Most e-mail users are unaware that it is the most public medium ever invented, and use it to write love letters, letters to their lawyer, discussion of illegal activities, etc. Vast volumes of e-mail can be stored on small magnetic tapes and searched in bulk for keywords, eg "mari[jh]uana". The good news is, the computer brings an even greater weapon to fight these threats to our privacy and political freedoms: widely available, automatic cryptography. Instead of developing phones allowing truly private conversations, which are now feasible, AT&T recently put a phone on the market that contains the NSA-designed "Clipper" wiretap chip. All users' encryption keys are registered with the U.S. government, giving it exclusive access to wiretapping this system's phones. The use of an unpublished algorithm and other features also make the system insecure. "Clipper" would also make traffic analysis (finding out who is calling whom, when, etc.) much easier. The goal of this government/Ma Bell collusion is to subsidize the creation of a standard that forces truly private phone systems off the market. By purposefully allowing a government backdoor in its "secure" phones, AT&T has demonstrated its contempt for its customers' privacy. Here are some other long-distance providers that may have more respect. All U.S. line providers are required to surrender to telephone taps under government "authorization", but some require more "authorization" than others, or otherwise make a greater fuss about it. Local wiretaps are beyond the control of long-distance companies, but long-distance eavesdropping is much more difficult if the company uses fiber optic instead of microwave links. Ask company representatives for details. Allnet Long Distance Services 1-800-783-2020 MCI, commercial 1-800-888-0800 MCI, residential 1-800-950-5555 Metromedia Communications Corp. 1-800-275-2273 One-2-One Communications 1-800-293-4121 Sprint, residential 1-800-877-7746 Sprint, business 1-800-733-5566 Real phone privacy can be obtained with a veil of encryption, by using pairs of phones containing privacy chips, which scramble the signals *and* keep the keys private. Contact your local business telephone dealers for privacy phones from Ericson, Cylink and other companies. Keep your eye out for portable-computer-based software with voice input that can be used to encrypt voice mail and send it over the networks like e-mail; these may be appearing on the market or as freeware within six months. Data privacy can be obtained with public-key encryption features which have been added to some of the newer e-mail packages from Microsoft, Apple, Novell, etc. Beware: most software encryption has been restricted by the U.S. government to very weak algorithms. "Cypherpunks" enjoy writing programs to crack the weakened file encryption in Word Perfect, Lotus, etc. Be sure the software contains the new "RSA" public-key algorithm, which probably cannot be cracked by anybody, even the NSA with their buildings full of supercomputers. A strong freeware RSA package is also available called Pretty Good Privacy (PGP); this is the international standard on the Internet. PGP can also be used for protecting the files on your PC. On an Internet machine type "archie pgp" to find out where PGP is available for download. Several BBS systems also have PGP available. In public key encryption, there are two keys, one used to lock (really scramble) the data, the other to unlock (unscramble) the data. To join the fun, publish or send your freinds your public key, and they can then send you messages only you can unlock with your private key. You collect other's public keys and do the same. PGP key distribution is based on an informal, voluntary web of trust instead of the government's rigid heirarchy which is vulnerable to failure at the top. Just as today's businessmen trade business cards, tommorrow's businessmen will trade public keys -- if the government doesn't ban them first. For more detailed information on electronic privacy, see: * Your local phone dealer. If he does not know about privacy issues and phone privacy products, ask him to find out! * The May/June issue of "Wired" magazine featuring "crypto-rebels" on the cover. A history computer cryptography and the "cypherpunk" movement, whose goal is to break the government monopoly on cryptography and to restore our right to privacy in the electronic age. * "Mondo 2000" #9 (most recent) features two good articles on PGP, and a third article on protecting our financial privacy from governments. * The Winter/Spring issue of "Extropy" features and article on digital cash. Unlike current electronic funds transfer, digital cash increases financial privacy. * On the Internet, the cypherpunks mailing list (cypherpunks-request@toad.com) and the newsgroups sci.crypt. In the Portland area two Internet providers are agora (293-1772 data) and techbook (220-0636 data). * Organizations helping lobby for electronic privacy: Electronic Frontier Foundation (eff.org), Computer Professionals for Social Responsibility (cpsr.org), Privacy International. These are not entirely libertarian (eg EFF tends to support Gore's socialist "Data Highway".) * James Bamford, _The Puzzle Palace_, 1983: A classic expose of the National Security Agency. Nick Szabo szabo@techbook.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stanton McCandlish Date: Tue, 27 Apr 93 03:52:40 PDT To: cypherpunks@toad.com Subject: Re: Clipper: International implications In-Reply-To: <9304270606.AA67332@acs3.acs.ucalgary.ca> Message-ID: <9304271052.AA20890@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain > statement or reaction. Canada might prosper as a "phone haven" > much as some Caribbean countries are "data havens." "are"? I was under the impression that that was a sci-fi motif. What do you mean the "are 'data havens'"? -- Testes saxi solidi! ********************** Podex opacus gravedinosus est! Stanton McCandlish, SysOp: Noise in the Void Data Center BBS IndraNet: 369:1/1 FidoNet: 1:301/2 Internet: anton@hydra.unm.edu Snail: 8020 Central SE #405, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Tue, 27 Apr 93 09:18:04 PDT To: cypherpunks@toad.com Subject: Re: Markey hearings on Thursday will be on the Internet MBone Message-ID: <9304271617.AA01355@servo> MIME-Version: 1.0 Content-Type: text/plain Does anybody know if the hearings will be carried on CSPAN? Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Arthur Abraham Date: Tue, 27 Apr 93 09:37:01 PDT To: tcmay@netcom.com Subject: Re: A correction, and another motive for Clipper Message-ID: <199304271636.AA22886@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain 27-Apr-93 Tim, Your suggestion has the validity of strong logic: it fits all the facts we know, leaves none out, and makes no external assumptions. In particular, while the rotten underbelly of society (terrorists, drug runners, producers of TV sitcoms) would have no compunctions about using further encryption within a Privacy Clipper wrapper, a government employee or contractor who did would be highly suspect, and -- knowing Big Uncle might be listening -- would be restrained from performing kick-back business as usual. Is this the technological fix to government corruption? Following this theory, I am sure we would all applaud legislation restraining the gov-guys from using non-Clipper crypto. The situation might come to resemble drug testing: legally mandated for individuals in "public saftey" positions, such as transportation workers and A-bomb builders, not required where not justified. The Attorney General is going to buy several thousand of these things, she already has the money -- and probably a signed contract with AT&T Greensboro -- and it's unlikely this can be stopped. What we can do is use it to our advantage. This may be maneuvered into a no-lose situation for us, as... either: a. The government taps itself, corruption is uncovered, and the national debt decreases. Society agrees that public officials don't deserve privacy, but citizens do. or: b. The government bureaucrats, seeing hard times coming, reject Privacy Clipping for themselves, and so everybody -- gov and citizens -- retains their privacy. (This is judo: use their weight against them.) Let me suggest this as a political position: Clipper Privacy for the Government, real privacy for Private citizens. -a2. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: crunch@netcom.com (John Draper) Date: Tue, 27 Apr 93 11:39:20 PDT To: cypherpunks@toad.com Subject: Rave on... Message-ID: <9304271839.AA26005@netcom4.netcom.com> MIME-Version: 1.0 Content-Type: text/plain At the last Mt View Cypherpunks meeting, it was discussed about ways in which we can get the word out to as many people as possible. I have an idea on yet another way on how this can be done. Would like to get input and feedback on this from the rest of the group. One such place where lots of people meet are RAVES. My proposal is to set up a room with a bunch of donated PC's Macs or whatever, and have a booth set up where people can purchase PGP diskettes for slightly above cost of the diskettes. People attending raves can purchase their PGP diskettes and on the spot, generate their keys. They can sign each other's keys there, and handout literature can be made available for anyone attending that describes the "Clipper" proposals, and suggestions on what people can do to resist further government control over private cryptography. Already, at most raves, there are demonstrations set up for things like the new "body synth", VR demos, and other things, so this should fit right in. I'm in contact with a number of RAVE organizors, and plan on contacting them. If enough people from Cypherpunks are interested in bringing their portables or small PC's, Macs or whatever to raves, this might be a very good way of reaching the younger people who might not otherwize be plugged into the mainstream media like TV, or newspapers, or whatever. For those interested in donating a Sat evening, and wanting to have a little fun, by bringing their computers to future raves, please send me your Email address, and specifics on any equipment you might want to bring, I can put you in touch with the appropriate organizers. Anyway, I'm open for input on this, and how we can get the word out. At the Cypherpunks dinner, I mentioned to John Gilmore and others about the possibility of doing short video "skits" and "infomercials" on some hypothetical scenerios of a "Faschiist government" that outlaws encryption. We can make it fun and entertaining, and I don't think I would have a problem proposing it to those people capable of producing this video. We will need actors, and some people to write up the "skit". I don't think we would have any problem convincing KQED, or any other TV station to air it. It would reach a lot of people, and is a good instrument in getting the word out. I talked to Wes Thomas about this, and we can set up an ad hoc get together in Berkeley and perhaps Eric Hughes and John Gilmore can attend and we can "ad lib" for practice a few hypothetical skits and vide tape it some evening. I think it would be fun, and even John Gilmore might enjoy participating in this fun activity. Rave on - D00ds!! JD From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "L. Detweiler" Date: Tue, 27 Apr 93 12:45:26 PDT To: cypherpunks@toad.com Subject: Clipper key negotiation... Message-ID: <9304271945.AA10153@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain is nonexistent. That is, as I understand it, the algorithm for creating/exchanging the session key that is negotiated at the beginning of each call is *not* built into the chip or the standard. Am I correct? Mrs. Denning has conspicuously evaded this issue only by saying that the keys can be exchanged via Diffie-Hellman or RSA. The point is, the phone hardware designer/integrator must use an additional circuit. Isn't this a serious potential defect of the chip? Isn't it amazing that the design neglects the issue completely? Wouldn't the ideal (or even `usable'?) chip have this built in? If RSA refused to grant support to people using the algorithm for this purpose, it could have tremendous effect in helping vanquish it... What will be their commitment in this area? Is Mr. Bidzos annoyed about the Clipper chip as a veiled revocation of American rights or as a lucrative opportunity, denied at first, but not later, to get a tasty piece of the wiretapping pie? It seems to me that Mr. Bidzos has a critically pivotal decision to make, and to make clear. Or has it been made already, by someone else? If somebody comes out with a neat chip that interfaces to the Clipper *really soon* that has been *totally approved* by RSA for clipper key negotiation, I'd be a bit suspicious.... Can anybody clear this up? Exactly what parts of session key exchange/ negotiation/ generation are handled by the chip, and which aren't? There is not even specific information in Denning's statements about when all this (including the All-American Privacy-Protecting Law Enforcement Block, ug!) is transmitted (at the beginning of the call, presumably). Why hasn't there been more inquiry into this? Is the key fed to the chip by other circuitry? That would seem to be the case. The chip appears to be just a low level encryption device, not something high-level that worries about key manipulation and trading. Hence, there may be widely varying approaches to implementing key exchange. Not much of a `standard' that leaves unspecified something so basic. Notice however that the wiretapper does not care, because this is not involved in the decryption; the crucial data for them is that the serial number and family codes be correct for the chip. So, these aspects are hardwired. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eli Brandt Date: Tue, 27 Apr 93 13:58:22 PDT To: cypherpunks@toad.com Subject: Re: A correction, and another motive for Clipper In-Reply-To: <199304271636.AA22886@well.sf.ca.us> Message-ID: <9304272058.AA12843@toad.com> MIME-Version: 1.0 Content-Type: text/plain > either: > a. The government taps itself, corruption is uncovered, > and the national debt decreases. Society agrees that public > officials don't deserve privacy, but citizens do. > or: > b. The government bureaucrats, seeing hard times coming, > reject Privacy Clipping for themselves, and so everybody -- > gov and citizens -- retains their privacy. (This is judo: use > their weight against them.) S.O.P. would be c. The government mandates that citizens use only Approved Privacy Techniques, while government employees, "for national security reasons", can use whatever they want. The government has a long and lurid history of placing less restrictions upon itself than upon the rest of us. I can imagine general restrictions on crypto, but I can't picture the CIA using a known-broken system. > -a2. Eli ebrandt@jarthur.claremont.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: bbehlen@soda.berkeley.edu (Brian Behlendorf (Vitamin B)) Date: Tue, 27 Apr 93 14:39:14 PDT To: cypherpunks@toad.com Subject: Re: Rave on... Message-ID: <9304272135.AA19884@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Hmm... the problem is I don't think a majority of the people at raves are focused enough to concentrate on something as technical as that (I KNOW it isn't technical to you and me, but the average raver doesn't even know what the word encryption means). HOWEVER, raves ARE the ideal place to hand out info about what's going on, something the raver can cling onto to read and understand when he's not high on {vibes,music,drug,etc.}. Give pointers to where to get more info or where to obtain PGP, and perhaps most importantly, WHY THEY NEED IT. Within a certain amount of time, but most likely sooner than any of us anticipate, there will be more people with email access than without, so "taking the message to the streets" is becoming less and less of a fanciful idea.... Brian From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uri@watson.ibm.com Date: Tue, 27 Apr 93 14:56:04 PDT To: cypherpunks@toad.com Subject: Be afraid! (some Clipper details) Message-ID: <9304271854.AA20759@buoy.watson.ibm.com> MIME-Version: 1.0 Content-Type: text/plain As Ms. Dorothy Denning explained, this is the intended "interface" between the Clipper and Law Enforcement (taken from her posting to "comp.risks"): 1. Family Key. F is embedded in every Clipper Chip, but like other chip keys, unknown to the people who use them. Only law enforcement will have a decoder box that allows the law enforcement field to be decrypted. Initially, there will be just one box, and it will be operated by the FBI. Read - FBI will have the Family Key (and thus will be able to get all the chip serial numbers, do traffic analysis etc). And later she "corrected" herself, adding: For the same reason as above, it is imperative that law enforcement be able to decode the law enforcement field in order to obtain E[K; U] and then decrypt this to get K. It is completely impractical to go the escrow agents for each conversation. Read - Law Enforcement (local, "global" - whatever) will have that Family Key as well, not only that "one box at FBI"... But it was obvious, wasn't it? 2) Unit Key. It is imperative that law enforcement get U. If they are tapping a line, there may be dozens of calls on that line per day.It would be totally impractical to have to go to the escrow agents to get the session key for each call. It would be impossible to do real-time decryption under that constraint. Read - a) Law Enforcement indeed will have your Unit key (and thus be able to decrypt whetever was sent through your chip, from the day one, till you throw your chip away). b) It's indeed physically possible thus for some corrupted Law Enforcement officials to "collect" the Unit Keys and to do all the bad things with them. c) Nobody seems to be concerned about it. 3) Question about agencies capable of decrypting all the future traffic of once-suspected individual: After a tap has been completed, government attorneys are required to notify the subjects of the electronic surveillance. At that point, the subjects are certainly free to purchase a new device with a new chip, or perhaps the vendors could simply replace the chip. Read - if they won't forget to notify you, that your phone was tapped, feel free to shell another $XXX bucks for a new chip/phone... Keep doing that until either they, or you get tired... 4) Question about whether there's time component in the cipher. Reasons for it - since wiretaps are authorized ONLY for certain time periods with both start and end dates specified, it should not be possible to be able to decrypt the traffic outside of this frame. I am unaware of any time component. Current wiretap laws protect against this. Evidence collected after the warrant has expired can be thrown out in court. In addition, it is illegal for the service provider to implement an intercept after a warrant has expired.With the new technologies,law enforcers will be incapable of executing a tap without the assistance of the service provider. Read - just as we assumed, once your key is compromised (ouch! I mean - disclosed :-), whatever "they" bothered to record, is now open... Well, of course it won't be legal, but then there are many things beyond the law (:-)... 5) Question about potential weakness, which may be lurking behind the "classified" stamp of the algorithm, known thus only to those "cleared" to know. The NSA has a long record of success with crypto, far better than any individual or organization in the public community. In addition, there are plans to bring in expert cryptographers to assess the algorithm. Read - she's ignorant of academia/industry crypto successes? (:-) That's all folks! [For now :-] Regards, Uri. ------------ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Arthur Abraham Date: Tue, 27 Apr 93 14:58:59 PDT To: ebrandt@jarthur.Claremont.EDU Subject: Re: A correction, and another motive for Clipper Message-ID: <199304272158.AA11690@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Eli, Of course the guys with the STU phones will keep them, this is Type II security, which is of a lower level. The people who really need these phones are the civil servants in these departments: Agriculture Commerce Education Energy EPA HHS HUD Interior Justice Labor State Transportation Treasury Veterans Affairs ...that is, people in positions to missapropriate funds, or create overly generous contracts with their future employers. There is no good argument that these functionaries shouldn't be Clippered, except that nobody should be. ""National Security"" doesn't apply here. You also seem to be thinking with two cliches: 1. You can't fight city hall. 2. This is the way things have always been, this is the way they always will be. The guys who put this in motion certainly aren't thinking with 2), but they sure are hoping you're thinking with 1). Please expunge both of them from your mind and replace then with an appreciation of forces and masses: Judo. -a2.] From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mike Godwin Date: Tue, 27 Apr 93 12:10:19 PDT To: mnemonic@eff.org (Mike Godwin) Subject: Interesting quotation from Denning's book on cryptography Message-ID: <199304271910.AA17788@eff.org> MIME-Version: 1.0 Content-Type: text/plain From Dorothy Denning, CRYPTOGRAPHY AND DATA SECURITY, Addison-Wesley 1982,1983, page 8: "Cryptosystems must satisfy three general requirements: "1. The enciphering and deciphering transformations must be efficient for all keys. "2. The system must be easy to use. "3. The security of the system should depend only on the secrecy of the keys and not on the secrecy of algorithms E [enciphering] or D [deciphering]." --Mike From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mike Godwin Date: Tue, 27 Apr 93 13:28:41 PDT To: tcmay@netcom.com (Timothy C. May) Subject: Re: MEETING SUMMARY: 4-24-93 Cypherpunks Meeting In-Reply-To: <9304261909.AA29562@netcom.netcom.com> Message-ID: <199304272028.AA19664@eff.org> MIME-Version: 1.0 Content-Type: text/plain Tim writes in the summary of Saturday's meeting: > Jim Bidzos, President of RSA Data Security, intended to just speak briefly > about the Clipper Chip, Capstone, and the view of RSA, but ended up staying > and participating for several hours. Mike Godwin, of EFF, was present at > the Boston (I think) site. Definitely at the Boston (Cambridge) site. > It appears the Clipper/Capstone program is initially intended to "buy > market share" as quickly as possible, with government offices requiring > Clipperphones (and probably for those they do business with). Perhaps the > intent is undercut competing models and make Clipper the de facto standard, > which can then be made the de jure standard. I am very sceptical that the "market share" strategy is the whole strategy here. I think that while some proponents of Clipper may believe this is the strategy, DOJ hopes that widespread adoption of Clipper will mute any opposition to subsequent limitations on other encryption methods. > John Gilmore has already posted to the list the results of our > brainstorming session to come up with questions to ask the FBI, NIST, NSA, > Congress, and the Administration. Mike Godwin argued that a lot of > embarrassing questions could quickly derail the plan. Let me clarify: I argued that asking tough questions could either force to the government to reveal its hand or pin the government down to a statement it would later have to admit was false. > That is, it's conceivable this plan could begin to unravel fairly soon. We can only hope. > Whit Diffie described how the failure could either so greatly > embarrass the Administration that they'd be loathe to try it again (the > Viet Nam Syndrome, applied to crypto) or that it could provoke them to > tighten restrictions even further, perhaps even to the point of an outright > ban on the use of unapproved encryption at *any* level. I believe this is precisely the reason we want to make powerful encryption ubiquitous as soon as possible. And doing this is one of the reasons I mentioned my hope for an eventual rapprochment between Jim Bidzos and Phil Zimmerman. Regardless of past disagreements, these two have a common cause now, and we should strive to find a way to quell further public disagreement and resolve as many differences as possible. > * Since Jim Bidzos was there, the topic of PGP naturally came up several > times. Eric Hughes let this run for a while, then moved the discussion back > to Clipper. Jim Bidzos clearly had some strong opinions, but also did not > want this to be the forum for debating patents and the legality and ethics > of PGP. Another clarification: in response to a comment I made at the meeting, Jim spoke at length about the validity of the RSA patent and about the validity of his company's procedures. I want Jim and others to understand that what I'm saying here should not be interpreted as an attack on Jim's business strategy. I know that Jim is so used to being criticized about the patent that he has standard responses to those criticisms, but I hope it's clear that I wasn't criticizing him. > Some of us continue to hope some accommodation can be reached between RSA > Data and the PGP community. The upcoming battle over strong crypto is a > bigger issue than this squabble. Yes, yes, yes. --Mike From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: crunch@netcom.com (John Draper) Date: Tue, 27 Apr 93 16:54:46 PDT To: cypherpunks@toad.com Subject: Raving on... Message-ID: <9304272354.AA23189@netcom4.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Hmmm, getting some mixed responses from the group on the raves idea, below are my comments.... > I don't mean to rain on the parade, but young people (myself >included) go to Raves to get away from the problems and injustice >the clipper represents. Bringing in your personal PC to generate keys >isn't going to draw a crowd. MOST ravers don't have, don't know, and >by and large don't care about computers - let alone mass >communication and encryption schemes. What can the government do if >they don't care? It's the "music" scene. That might be partially true, and depends on the rave. Most raves I go to have all sorts of computer related demonstrations, and exibits. I've been getting very positive interest on the part of rave organizers. Brian says: >Hmm... the problem is I don't think a majority of the people at raves are >focused enough to concentrate on something as technical as that (I KNOW it >isn't technical to you and me, but the average raver doesn't even >know what the word encryption means). HOWEVER, raves ARE the ideal place >to hand out info about what's going on, something the raver can cling onto >to read and understand when he's not high on {vibes,music,drug,etc.}. Give >pointers to where to get more info or where to obtain PGP, and perhaps >most importantly, WHY THEY NEED IT. Within a certain amount of time, but >most likely sooner than any of us anticipate, there will be more people with >email access than without, so "taking the message to the streets" is becoming >less and less of a fanciful idea.... I agree that we should keep it non-technical, thats why I proposed that raves have tables set up where PGP copies can be given out, literature can be displayed for ravers to take home later... Then, there are those hard core cyberpunks that will take in EVERYTHING including lots of drugs. For those UK folks, Craig Larson from the USA will be working with sponsors to a totally awsome rave of an estimated 40,000 folks. Now THATS a good place to get the word out, spark intererest in encryption, etc. And on and on.. JD From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 27 Apr 93 17:47:37 PDT To: cypherpunks@toad.com Subject: REMAIL: email to usenet gateways In-Reply-To: <199304272308.AA28969@Menudo.UH.EDU> Message-ID: <9304280008.AA02189@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >group-name@ucbvax.berkeley.edu * >* I understand that the admin of ucbvax.berkeley.edu block posts from >non berkeley sites, but I'm not positive about that! No problem. Just use a berkeley.edu remailer as the final hop before posting. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "/home/kelly/.sig" Date: Tue, 27 Apr 93 20:04:54 PDT To: cypherpunks@toad.com Subject: ANON: Cryptographic MIX Message-ID: <9304280305.AA19293@netcomsv.netcom.com> MIME-Version: 1.0 Content-Type: text # Key fingerprint = EF 7A 38 99 22 84 E3 3B 90 2A DB 80 DC 65 DA 31 STOP THE WIRETAP CHIP(Clipper Chip)!! -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK93QvfgXinP2G6VzAQHAzQP/aaSiiBlKIrZUP+xe4xuC6pzyeS/xM0Hd FdDOJ4ttsOiBPkSm+C6WxLZQvsdhSpe9e947YZmM2afQWgDFBynkcaUG3RS6eh7P Q35Fqaof6WEAqZO+IRg2KYarRA60CB1hUu082B3/9DSSCnr2CsPPMgtQGo8ULg/x WnHX6cN/9Xo= =AtWx -----END PGP SIGNATURE----- # From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl Barrus Date: Tue, 27 Apr 93 16:08:45 PDT To: cypherpunks@toad.com Subject: REMAIL: email to usenet gateways Message-ID: <199304272308.AA28969@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain Hal recently posted instructions on how to post to usenet using the anonymous remailers. Here's a collection of email to usenet gateways I have, no doubt far from complete. group-name@ucbvax.berkeley.edu * group-name@cs.utexas.edu group-name@pws.bull.com group.name@news.demon.co.uk * I understand that the admin of ucbvax.berkeley.edu block posts from non berkeley sites, but I'm not positive about that! I seem to have lost (okay, I must have deleted it :-) a list of nntp servers; places you can telnet to port 119 and POST your message to usenet. Anybody have info about these? /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Valerie Lambert Date: Tue, 27 Apr 93 20:30:38 PDT To: cypherpunks@toad.com Subject: Re: By popular request: A non-techy Clipper blurb Message-ID: <9304280136.AA03855@valis.biocad.com> MIME-Version: 1.0 Content-Type: text/plain In article <9304260326.AA15408@binkley.MIT.EDU>, Derek Atkins writes: >It's even worse than this. It's giving the government a sealed copy >of all your *PAST*, present, and future phone conversations and >messages... They can always record everything, and then use your key >at some later date to recover the messages... Point well taken. I only meant in regards to Clipped communications. Presumably they would have a harder time opening the "envelopes" of your past communications that used non-standard encryption. Sigh. Sound bites are SO shallow, I know. -- Valerie Lambert * valerie@biocad.com * 415/903-3923 * AT&T: phones with Big Brother Built Inside! Just say "NO" to the Clipper wiretap chip. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eli Brandt Date: Tue, 27 Apr 93 19:39:59 PDT To: cypherpunks@toad.com Subject: Re: A correction, and another motive for Clipper In-Reply-To: <199304272158.AA11690@well.sf.ca.us> Message-ID: <9304280202.AA24998@relay1.UU.NET> MIME-Version: 1.0 Content-Type: text/plain > From: Arthur Abraham Your point is that government employees in non-critical positions might end up using Clipper, and this would either reduce corruption or, alternatively, drive the government to repudiate the entire scheme. The latter will not happen (at least not for this reason). Labeling of cliches notwithstanding, there is no reason why government employees could not use a different standard if they found it necessary. This would be no more politically disagreeable than many steps taken in the past. The former I don't understand. The direct effect of Clipper would be to make eavesdropping by other than LE more difficult. There could be an impact on corruption only if it were known or believed that the level of surveillance had concomitantly increased -- if all calls were tapped and archived, perhaps. This would be bad. It would undoubtedly increase the likelihood of such a policy's being implemented w.r.t. the general population. > -a2.] Eli ebrandt@jarthur.claremont.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Looping Back on the Dulles Toll Road Date: Tue, 27 Apr 93 22:11:25 PDT To: cypherpunks@toad.com Subject: So what was the point ? Message-ID: <01GXIRO3ECDU08QNG8@CONTROL.TGV.COM> MIME-Version: 1.0 Content-Type: text/plain > At the first cypherpunks meeting I cam to, > A speaker was giving a presentation on cryptographic MIX protocols. > My memory fails me as to who that was... so thats the question and what is > the progress on an implementation??? (edited) > -----BEGIN PGP SIGNATURE----- > Version: 2.2 (edited) (resulted in) File has signature. Public key is required to check signature. . Good signature from user "snake@cadence.com". Signature made 1993/04/28 00:33 GMT WARNING: Because this public key is not certified with a trusted signature, it is not known with high confidence that this public key actually belongs to: "snake@cadence.com". John 'Fast-Eddie' McMahon () TGV, Incorporated () "Any networking problem can be solved by 603 Mission Street () the application of 33 miles of Unshielded Santa Cruz, California 95060 () Twisted Pair (UTP)" 408-427-4366 or 800-TGV-3440 () [InterOp Spring 1992] E-Mail: MCMAHON@TGV.COM () From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Arthur Abraham Date: Tue, 27 Apr 93 22:36:15 PDT To: cypherpunks@toad.com Subject: MYK-78 Message-ID: <199304280536.AA09155@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain I've been stalking Mykotronx with phone and smail since right after the announcement, and finally got through the guy who kept telling me that I'd undertand if I just knew a little more crypto, to the guy who really know what was going on and wanted to tell me. This is what I found out: Mykotronx MYK-78 has been identified as the Privacy "Clipper" chip. The "Clipper" name comes from Washington, and the guys at Mykotronx know about the Intergraph chip. The data sheets, as those of you who have read them know, are confusing, incomplete and internally inconsistent. This is evident even if you do not consider that they are to implement the social protocol described by Dorothy Denning (her 19-Apr-93 paper, as published in Cypherpunks). After some discussions with Mykotronx, I was able to convince them of the truth of the last paragraph and to have them explain just what the chip was designed to do. I would also like to emphasize that these discussions revealed that the poor quality of the documentation does not result from any attempt to obscure the operation of the chip, they were very forth coming and eager to discuss its operation. The deficiencies result more from the nature of a military contractor's relationship to its one customer: the customer understands how to use the chip so there's no pressure to get it described carefully. Going public was a bit of a surprise to them, in fact the announcement was made during their application engineer's vacation. I am sure there is an interesting story in this timing, but the people I was talking to didn't seem to know it. On to the chip: You don't just hook up a clear-text bit stream to one end and get a Denning-stream out the other. It needs a bit of care and feeding. At startup it requires a Random Seed (8 bytes/64-bits) and a crypto-variable CV (10 bytes/80-bits) for its DES-type algorithm. This is Denning's "skipjack" algorithm and, like DES, is a symmetric key block cypher, which performs in all the DES modes: 64-Bit Electronic Code Book (ECB) 64-Bit Cypher Block Chaining (CBC) 8/16/32/64 Bit Cypher Feedback 64-Bit Output Feedback (OFB) In the last three modes the encryption of each block is dependent on the previous blocks. (If you care to know more about DES modes, see FIPS-PUB 81 which is cited in the data sheets.) One other thing about Skipjack: Denning describes it as having "32 rounds of scrambling" and this is supported by the data sheet's timing charts, which note 64 clocks cycles to complete an encryption. Since this would operate on an 8-byte/64-bit block, with the 15MHz internal clock we appear to have roughly a 10M-bit/1.3MB transfer rate in encryption/decryption. This is fast enough for the average telephone, or several telephones, or maybe a stereo CD. It's probably just average performance for 1 micron technology and some units clock up to 30MHz (they expect 0.8 micron eventually, with improved performance). Back to the Crypto-Variable, CV. The CV is the session key, is selected off-chip, and must always be accompanied by a 3 byte/24-bit checkword. Where do you get the check word?... you ask the chip! If you load a CV with a bad checkword, the chip sets its ERROR line -- oh, sadness. But then you can read out a good checkword, and subsiquently reload the same CV with the good checkword (happy now?). The checkword is actually just the first three bytes from an application of Skipjack to the CV. Do all this and the chip is loaded and ready for plaintext. You could just give it an Encryption command, and start pulling cyphertext out the other side, but who would understand it? First you have to get the key information out of the chip and send it to the chip on the other side of the link. Skipjack is DES-like so to run a decryption mode on the other chip we're going to have to send it the session key, CV, and the Initial Vector, IV, which is the starting state of the stream for the non-ECB modes of operation. We selected CV ourselves, and learned its checkword during the startup experience, but where's IV? Well, we generate it using "a feature not found in current DES chips" (data sheet, 1-3). And quite a feature it is, too. We use this command, Generate IV, and it makes all 8 bytes/64-bits of the IV, based on the Random Seed... But That's Not ALL! You issue the Generate IV command three (3) times to get the full 24 byte/192-bit LEEF block. LEEF = Law Enforcement Exploitation Field. (I wrote this down very carefully to be sure I had it right.) ...Actually, you issue a Read Data command after each Generate IV command, but I won't bore you with details. The first 8 bytes/64-bits are called L1 or LEEF-1, the second 8 bytes/64-bits are L2 or LEEF-2, and then here is the IV we've all been waiting for, in its full 8 byte/64-bit glory. You probably noticed that LEEF is 24 bytes/192-bits long, and has the structure [L1,L2,IV]. Mykotronx is not supposed to tell us the structure of L1,L2. The interesting thing is that [CV,checkword,L1,L2,IV] is a self-checking unit. The receiving chip checks it as it is loaded. If something is wrong, the chip sets its ERROR line. If CV is fermished, you have to get all the way to IV before you're rasberried. In transmitting this we are advised to encrypt CV because it is, after all, the session key. OK, so we are encrypting and the other chip is decrypting. Suppose something happens and the other chip wants to talk to us, so that it encrypts and we decrypt. It has all it needs to encrypt and we have all we need to decrypt, but one more thing has to be done. We need to save the state of the chaining cypher so we can resume it at the same place in the chain when we return to encrypting. Use the Save State command, which pops out 8 bytes/64-bits of Saved State, SS, or the current contents of the Skipjack encryption register. To make this a bit clearer, if we pulled the Saved State right after Generate IV, we'd find SS = IV. The chip's serial number is 4-bytes/32-bits long, not the 3.75 bytes/30-bits Denning reported, but don't worry, _you'll_ never see it. It and the family key are written in over pins Vpp1 and Vpp2, which are then burned out. All chips are currently planned to have the same family key, but if you happen to meet a chip with a different family key and it sends you [CV,checkword,L1,L2,IV], you could understand it. That's the main part of what's missing from the data sheets. The rest works pretty much as described, and is at a level of detail too fine to interest anyone except a compulsive hardware wonk. Oh, one more thing, on page 1-4 where the Configuration Register is shown with two "Arm CV" bits, the one at position D5 should be "Arm IV". -a2. ps: I will be at a meeting the rest of the week, so please don't expect me to respond to requests for clarification until I return. Sorry. -a2. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: whitaker@eternity.demon.co.uk (Russell E. Whitaker) Date: Wed, 28 Apr 93 00:22:15 PDT To: cypherpunks@toad.com Subject: Re: MEETING SUMMARY: 4-24-93 Cypherpunks Meeting Message-ID: <4696@eternity.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain In message <9304261909.AA29562@netcom.netcom.com> Timothy May writes (text elided for brevity): > > > * The issue of the name of our group, the Cypherpunks name, was not > discussed. The U.K. group has apparently picked "U.K. Cryptoprivacy Group" > as their name. > Actually, *I* unilaterally changed it. The climate is different here in England. "UK Cryptoprivacy Association" works; "Cypherpunks" requires time-consuming explanation. Of course, I _like_ the latter term... ;-) In any event, it looks to be our largest meeting. I'll post a Tim May-style summary after the meeting. Russell Whitaker Russell Earl Whitaker whitaker@eternity.demon.co.uk Communications Editor AMiX: RWhitaker EXTROPY: The Journal of Transhumanist Thought Board member, Extropy Institute (ExI) ================ PGP 2.2 public key available ======================= From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: whitaker@eternity.demon.co.uk (Russell E. Whitaker) Date: Wed, 28 Apr 93 00:26:28 PDT To: cypherpunks@toad.com Subject: From Crossbows to Cryptography Message-ID: <4706@eternity.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Please note that the following speech was made by Chuck Hammill in 1987. Address all letters to his address, given at the end of this document. -- Russell FROM CROSSBOWS TO CRYPTOGRAPHY: THWARTING THE STATE VIA TECHNOLOGY Given at the Future of Freedom Conference, November 1987 You know, technology--and particularly computer technology--has often gotten a bad rap in Libertarian cir- cles. We tend to think of Orwell's 1984, or Terry Gilliam's Brazil, or the proximity detectors keeping East Berlin's slave/citizens on their own side of the border, or the so- phisticated bugging devices Nixon used to harass those on his "enemies list." Or, we recognize that for the price of a ticket on the Concorde we can fly at twice the speed of sound, but only if we first walk thru a magnetometer run by a government policeman, and permit him to paw thru our be- longings if it beeps. But I think that mind-set is a mistake. Before there were cattle prods, governments tortured their prisoners with clubs and rubber hoses. Before there were lasers for eavesdropping, governments used binoculars and lip-readers. Though government certainly uses technology to oppress, the evil lies not in the tools but in the wielder of the tools. In fact, technology represents one of the most promis- ing avenues available for re-capturing our freedoms from those who have stolen them. By its very nature, it favors the bright (who can put it to use) over the dull (who can- not). It favors the adaptable (who are quick to see the merit of the new (over the sluggish (who cling to time- tested ways). And what two better words are there to de- scribe government bureaucracy than "dull" and "sluggish"? One of the clearest, classic triumphs of technology over tyranny I see is the invention of the man-portable crossbow. With it, an untrained peasant could now reliably and lethally engage a target out to fifty meters--even if that target were a mounted, chain-mailed knight. (Unlike the longbow, which, admittedly was more powerful, and could get off more shots per unit time, the crossbow required no formal training to utilize. Whereas the longbow required elaborate visual, tactile and kinesthetic coordination to achieve any degree of accuracy, the wielder of a crossbow could simply put the weapon to his shoulder, sight along the arrow itself, and be reasonably assured of hitting his tar- get.) Moreover, since just about the only mounted knights likely to visit your average peasant would be government soldiers and tax collectors, the utility of the device was plain: With it, the common rabble could defend themselves not only against one another, but against their governmental masters. It was the medieval equivalent of the armor- piercing bullet, and, consequently, kings and priests (the medieval equivalent of a Bureau of Alcohol, Tobacco and Crossbows) threatened death and excommunication, respec- tively, for its unlawful possession. Looking at later developments, we see how technology like the firearm--particularly the repeating rifle and the handgun, later followed by the Gatling gun and more advanced machine guns--radically altered the balance of interpersonal and inter-group power. Not without reason was the Colt .45 called "the equalizer." A frail dance-hall hostess with one in her possession was now fully able to protect herself against the brawniest roughneck in any saloon. Advertise- ments for the period also reflect the merchandising of the repeating cartridge rifle by declaring that "a man on horseback, armed with one of these rifles, simply cannot be captured." And, as long as his captors were relying upon flintlocks or single-shot rifles, the quote is doubtless a true one. Updating now to the present, the public-key cipher (with a personal computer to run it) represents an equiv- alent quantum leap--in a defensive weapon. Not only can such a technique be used to protect sensitive data in one's own possession, but it can also permit two strangers to ex- change information over an insecure communications channel--a wiretapped phone line, for example, or skywriting, for that matter)--without ever having previously met to exchange cipher keys. With a thousand-dollar com- puter, you can create a cipher that a multi-megabuck CRAY X-MP can't crack in a year. Within a few years, it should be economically feasible to similarly encrypt voice communi- cations; soon after that, full-color digitized video images. Technology will not only have made wiretapping obsolete, it will have totally demolished government's control over in- formation transfer. I'd like to take just a moment to sketch the mathemat- ics which makes this principle possible. This algorithm is called the RSA algorithm, after Rivest, Shamir, and Adleman who jointly created it. Its security derives from the fact that, if a very large number is the product of two very large primes, then it is extremely difficult to obtain the two prime factors from analysis of their product. "Ex- tremely" in the sense that if primes p and q have 100 digits apiece, then their 200-digit product cannot in gen- eral be factored in less than 100 years by the most powerful computer now in existence. The "public" part of the key consists of (1) the prod- uct pq of the two large primes p and q, and (2) one fac- tor, call it x , of the product xy where xy = {(p-1) * (q-1) + 1}. The "private" part of the key consists of the other factor y. Each block of the text to be encrypted is first turned into an integer--either by using ASCII, or even a simple A=01, B=02, C=03, ... , Z=26 representation. This integer is then raised to the power x (modulo pq) and the resulting integer is then sent as the encrypted message. The receiver decrypts by taking this integer to the (secret) power y (modulo pq). It can be shown that this process will always yield the original number started with. What makes this a groundbreaking development, and why it is called "public-key" cryptography," is that I can openly publish the product pq and the number x , while keeping secret the number y --so that anyone can send me an encrypted message, namely x a (mod pq) , but only I can recover the original message a , by taking what they send, raising it to the power y and taking the result (mod pq). The risky step (meeting to exchange cipher keys) has been eliminated. So people who may not even trust each other enough to want to meet, may still reliably ex- change encrypted messages--each party having selected and disseminated his own pq and his x , while maintaining the secrecy of his own y. Another benefit of this scheme is the notion of a "dig- ital signature," to enable one to authenticate the source of a given message. Normally, if I want to send you a message, I raise my plaintext a to your x and take the result (mod your pq) and send that. However, if in my message, I take the plaintext a and raise it to my (secret) power y , take the result (mod my pq), then raise that result to your x (mod your pq) and send this, then even after you have normally "decrypted" the message, it will still look like garbage. However, if you then raise it to my public power x , and take the result (mod my public pq ), so you will not only recover the ori- ginal plaintext message, but you will know that no one but I could have sent it to you (since no one else knows my secret y). And these are the very concerns by the way that are to- day tormenting the Soviet Union about the whole question of personal computers. On the one hand, they recognize that American schoolchildren are right now growing up with com- puters as commonplace as sliderules used to be--more so, in fact, because there are things computers can do which will interest (and instruct) 3- and 4-year-olds. And it is pre- cisely these students who one generation hence will be going head-to-head against their Soviet counterparts. For the Soviets to hold back might be a suicidal as continuing to teach swordsmanship while your adversaries are learning ballistics. On the other hand, whatever else a personal computer may be, it is also an exquisitely efficient copying machine--a floppy disk will hold upwards of 50,000 words of text, and can be copied in a couple of minutes. If this weren't threatening enough, the computer that performs the copy can also encrypt the data in a fashion that is all but unbreakable. Remember that in Soviet society publicly ac- cessible Xerox machines are unknown. (The relatively few copying machines in existence are controlled more inten- sively than machine guns are in the United States.) Now the "conservative" position is that we should not sell these computers to the Soviets, because they could use them in weapons systems. The "liberal" position is that we should sell them, in the interests of mutual trade and cooperation--and anyway, if we don't make the sale, there will certainly be some other nation willing to. For my part, I'm ready to suggest that the Libertarian position should be to give them to the Soviets for free, and if necessary, make them take them . . . and if that doesn't work load up an SR-71 Blackbird and air drop them over Moscow in the middle of the night. Paid for by private sub- scription, of course, not taxation . . . I confess that this is not a position that has gained much support among members of the conventional left-right political spectrum, but, af- ter all, in the words of one of Illuminatus's characters, we are political non-Euclideans: The shortest distance to a particular goal may not look anything like what most people would consider a "straight line." Taking a long enough world-view, it is arguable that breaking the Soviet govern- ment monopoly on information transfer could better lead to the enfeeblement and, indeed, to the ultimate dissolution of the Soviet empire than would the production of another dozen missiles aimed at Moscow. But there's the rub: A "long enough" world view does suggest that the evil, the oppressive, the coercive and the simply stupid will "get what they deserve," but what's not immediately clear is how the rest of us can escape being killed, enslaved, or pauperized in the process. When the liberals and other collectivists began to at- tack freedom, they possessed a reasonably stable, healthy, functioning economy, and almost unlimited time to proceed to hamstring and dismantle it. A policy of political gradualism was at least conceivable. But now, we have patchwork crazy-quilt economy held together by baling wire and spit. The state not only taxes us to "feed the poor" while also inducing farmers to slaughter milk cows and drive up food prices--it then simultaneously turns around and sub- sidizes research into agricultural chemicals designed to in- crease yields of milk from the cows left alive. Or witness the fact that a decline in the price of oil is considered as potentially frightening as a comparable increase a few years ago. When the price went up, we were told, the economy risked collapse for for want of energy. The price increase was called the "moral equivalent of war" and the Feds swung into action. For the first time in American history, the speed at which you drive your car to work in the morning be- came an issue of Federal concern. Now, when the price of oil drops, again we risk problems, this time because Ameri- can oil companies and Third World basket-case nations who sell oil may not be able to ever pay their debts to our grossly over-extended banks. The suggested panacea is that government should now re-raise the oil prices that OPEC has lowered, via a new oil tax. Since the government is seeking to raise oil prices to about the same extent as OPEC did, what can we call this except the "moral equivalent of civil war--the government against its own people?" And, classically, in international trade, can you imag- ine any entity in the world except a government going to court claiming that a vendor was selling it goods too cheaply and demanding not only that that naughty vendor be compelled by the court to raise its prices, but also that it be punished for the act of lowering them in the first place? So while the statists could afford to take a couple of hundred years to trash our economy and our liberties--we certainly cannot count on having an equivalent period of stability in which to reclaim them. I contend that there exists almost a "black hole" effect in the evolution of nation-states just as in the evolution of stars. Once free- dom contracts beyond a certain minimum extent, the state warps the fabric of the political continuum about itself to the degree that subsequent re-emergence of freedom becomes all but impossible. A good illustration of this can be seen in the area of so-called "welfare" payments. When those who sup at the public trough outnumber (and thus outvote) those whose taxes must replenish the trough, then what possible choice has a democracy but to perpetuate and expand the tak- ing from the few for the unearned benefit of the many? Go down to the nearest "welfare" office, find just two people on the dole . . . and recognize that between them they form a voting bloc that can forever outvote you on the question of who owns your life--and the fruits of your life's labor. So essentially those who love liberty need an "edge" of some sort if we're ultimately going to prevail. We obvi- ously can't use the altruists' "other-directedness" of "work, slave, suffer, sacrifice, so that next generation of a billion random strangers can live in a better world." Recognize that, however immoral such an appeal might be, it is nonetheless an extremely powerful one in today's culture. If you can convince people to work energetically for a "cause," caring only enough for their personal welfare so as to remain alive enough and healthy enough to continue working--then you have a truly massive reservoir of energy to draw from. Equally clearly, this is just the sort of ap- peal which tautologically cannot be utilized for egoistic or libertarian goals. If I were to stand up before you tonight and say something like, "Listen, follow me as I enunciate my noble "cause," contribute your money to support the "cause," give up your free time to work for the "cause," strive selflessly to bring it about, and then (after you and your children are dead) maybe your children's children will actu- ally live under egoism"--you'd all think I'd gone mad. And of course you'd be right. Because the point I'm trying to make is that libertarianism and/or egoism will be spread if, when, and as, individual libertarians and/or egoists find it profitable and/or enjoyable to do so. And probably only then. While I certainly do not disparage the concept of poli- tical action, I don't believe that it is the only, nor even necessarily the most cost-effective path toward increasing freedom in our time. Consider that, for a fraction of the investment in time, money and effort I might expend in try- ing to convince the state to abolish wiretapping and all forms of censorship--I can teach every libertarian who's in- terested how to use cryptography to abolish them unilaterally. There is a maxim--a proverb--generally attributed to the Eskimoes, which very likely most Libertarians have al- ready heard. And while you likely would not quarrel with the saying, you might well feel that you've heard it often enough already, and that it has nothing further to teach us, and moreover, that maybe you're even tired of hearing it. I shall therefore repeat it now: If you give a man a fish, the saying runs, you feed him for a day. But if you teach a man how to fish, you feed him for a lifetime. Your exposure to the quote was probably in some sort of a "workfare" vs. "welfare" context; namely, that if you genuinely wish to help someone in need, you should teach him how to earn his sustenance, not simply how to beg for it. And of course this is true, if only because the next time he is hungry, there might not be anybody around willing or even able to give him a fish, whereas with the information on how to fish, he is completely self sufficient. But I submit that this exhausts only the first order content of the quote, and if there were nothing further to glean from it, I would have wasted your time by citing it again. After all, it seems to have almost a crypto-altruist slant, as though to imply that we should structure our ac- tivities so as to maximize the benefits to such hungry beggars as we may encounter. But consider: Suppose this Eskimo doesn't know how to fish, but he does know how to hunt walruses. You, on the other hand, have often gone hungry while traveling thru walrus country because you had no idea how to catch the damn things, and they ate most of the fish you could catch. And now suppose the two of you decide to exchange information, bartering fishing knowledge for hunting knowledge. Well, the first thing to observe is that a transaction of this type categorically and unambiguously refutes the Marxist premise that every trade must have a "winner" and a "loser;" the idea that if one person gains, it must necessarily be at the "expense" of another person who loses. Clearly, under this scenario, such is not the case. Each party has gained some- thing he did not have before, and neither has been dimin- ished in any way. When it comes to exchange of information (rather than material objects) life is no longer a zero-sum game. This is an extremely powerful notion. The "law of diminishing returns," the "first and second laws of thermodynamics"--all those "laws" which constrain our possi- bilities in other contexts--no longer bind us! Now that's anarchy! Or consider another possibility: Suppose this hungry Eskimo never learned to fish because the ruler of his nation-state had decreed fishing illegal. Because fish contain dangerous tiny bones, and sometimes sharp spines, he tells us, the state has decreed that their consumption--and even their possession--are too hazardous to the people's health to be permitted . . . even by knowledgeable, willing adults. Perhaps it is because citizens' bodies are thought to be government property, and therefore it is the function of the state to punish those who improperly care for govern- ment property. Or perhaps it is because the state gener- ously extends to competent adults the "benefits" it provides to children and to the mentally ill: namely, a full-time, all-pervasive supervisory conservatorship--so that they need not trouble themselves with making choices about behavior thought physically risky or morally "naughty." But, in any case, you stare stupefied, while your Eskimo informant re- lates how this law is taken so seriously that a friend of his was recently imprisoned for years for the crime of "pos- session of nine ounces of trout with intent to distribute." Now you may conclude that a society so grotesquely oppressive as to enforce a law of this type is simply an affront to the dignity of all human beings. You may go far- ther and decide to commit some portion of your discretion- ary, recreational time specifically to the task of thwarting this tyrant's goal. (Your rationale may be "altruistic" in the sense of wanting to liberate the oppressed, or "egoistic" in the sense of proving you can outsmart the oppressor--or very likely some combination of these or per- haps even other motives.) But, since you have zero desire to become a martyr to your "cause," you're not about to mount a military campaign, or even try to run a boatload of fish through the blockade. However, it is here that technology--and in particular in- formation technology--can multiply your efficacy literally a hundredfold. I say "literally," because for a fraction of the effort (and virtually none of the risk) attendant to smuggling in a hundred fish, you can quite readily produce a hundred Xerox copies of fishing instructions. (If the tar- geted government, like present-day America, at least permits open discussion of topics whose implementation is re- stricted, then that should suffice. But, if the government attempts to suppress the flow of information as well, then you will have to take a little more effort and perhaps write your fishing manual on a floppy disk encrypted according to your mythical Eskimo's public-key parameters. But as far as increasing real-world access to fish you have made genuine nonzero headway--which may continue to snowball as others re-disseminate the information you have provided. And you have not had to waste any of your time trying to convert id- eological adversaries, or even trying to win over the unde- cided. Recall Harry Browne's dictum from "Freedom in an Unfree World" that the success of any endeavor is in general inversely proportional to the number of people whose persua- sion is necessary to its fulfilment. If you look at history, you cannot deny that it has been dramatically shaped by men with names like Washington, Lincoln, . . . Nixon . . . Marcos . . . Duvalier . . . Khadaffi . . . and their ilk. But it has also been shaped by people with names like Edison, Curie, Marconi, Tesla and Wozniak. And this latter shaping has been at least as per- vasive, and not nearly so bloody. And that's where I'm trying to take The LiberTech Project. Rather than beseeching the state to please not en- slave, plunder or constrain us, I propose a libertarian net- work spreading the technologies by which we may seize freedom for ourselves. But here we must be a bit careful. While it is not (at present) illegal to encrypt information when government wants to spy on you, there is no guarantee of what the fu- ture may hold. There have been bills introduced, for exam- ple, which would have made it a crime to wear body armor when government wants to shoot you. That is, if you were to commit certain crimes while wearing a Kevlar vest, then that fact would constitute a separate federal crime of its own. This law to my knowledge has not passed . . . yet . . . but it does indicate how government thinks. Other technological applications, however, do indeed pose legal risks. We recognize, for example, that anyone who helped a pre-Civil War slave escape on the "underground railroad" was making a clearly illegal use of technology--as the sovereign government of the United States of America at that time found the buying and selling of human beings quite as acceptable as the buying and selling of cattle. Simi- larly, during Prohibition, anyone who used his bathtub to ferment yeast and sugar into the illegal psychoactive drug, alcohol--the controlled substance, wine--was using technol- ogy in a way that could get him shot dead by federal agents for his "crime"--unfortunately not to be restored to life when Congress reversed itself and re-permitted use of this drug. So . . . to quote a former President, un-indicted co- conspirator and pardoned felon . . . "Let me make one thing perfectly clear:" The LiberTech Project does not advocate, participate in, or conspire in the violation of any law--no matter how oppressive, unconstitutional or simply stupid such law may be. It does engage in description (for educa- tional and informational purposes only) of technological processes, and some of these processes (like flying a plane or manufacturing a firearm) may well require appropriate li- censing to perform legally. Fortunately, no license is needed for the distribution or receipt of information it- self. So, the next time you look at the political scene and despair, thinking, "Well, if 51% of the nation and 51% of this State, and 51% of this city have to turn Libertarian before I'll be free, then somebody might as well cut my goddamn throat now, and put me out of my misery"--recognize that such is not the case. There exist ways to make your- self free. If you wish to explore such techniques via the Project, you are welcome to give me your name and address--or a fake name and mail drop, for that matter--and you'll go on the mailing list for my erratically-published newsletter. Any friends or acquaintances whom you think would be interested are welcome as well. I'm not even asking for stamped self- addressed envelopes, since my printer can handle mailing la- bels and actual postage costs are down in the noise compared with the other efforts in getting an issue out. If you should have an idea to share, or even a useful product to plug, I'll be glad to have you write it up for publication. Even if you want to be the proverbial "free rider" and just benefit from what others contribute--you're still welcome: Everything will be public domain; feel free to copy it or give it away (or sell it, for that matter, 'cause if you can get money for it while I'm taking full-page ads trying to give it away, you're certainly entitled to your capitalist profit . . .) Anyway, every application of these principles should make the world just a little freer, and I'm certainly willing to underwrite that, at least for the forseeable fu- ture. I will leave you with one final thought: If you don't learn how to beat your plowshares into swords before they outlaw swords, then you sure as HELL ought to learn before they outlaw plowshares too. --Chuck Hammill THE LIBERTECH PROJECT 3194 Queensbury Drive Los Angeles, California 90064 310-836-4157 hammill@netcom.com [The above LiberTech address was updated December 1992, with the permission of Chuck Hammill, by Russell Whitaker] Those interested in the issues raised in this piece should participate in at least these newsgroups: alt.privacy alt.security.pgp comp.org.eff.talk sci.crypt A copy of the RSA-based public key encryption program, PGP 2.1 (Pretty Good Privacy), can be obtained at various ftp sites around the world. One such site is gate.demon.co.uk, where an MS-DOS version can be had by anonymous ftp as pgp22.zip in /pub/pgp. Versions for other operating systems, including UNIX variants and Macintosh, are also available. Source code is also available. Here's the blurb for PGP, by the way: - ---------------------- Quote ---------------------------------------- PGP (Pretty Good Privacy) ver 2.2 - RSA public-key encryption freeware for MSDOS, protects E-mail. Lets you communicate securely with people you've never met, with no secure channels needed for prior exchange of keys. Well featured and fast! Excellent user documentation. PGP has sophisticated key management, an RSA/conventional hybrid encryption scheme, message digests for digital signatures, data compression before encryption, and good ergonomic design. Source code is free. Filenames: pgp22.zip (executable and manuals), pgp22src.zip (sources) Keywords: PGP, Pretty Good Privacy, RSA, public key, encryption, privacy, authentication, signatures, email - ---------------------- End Quote ------------------------------------- Russell Earl Whitaker whitaker@eternity.demon.co.uk Communications Editor AMiX: RWhitaker EXTROPY: The Journal of Transhumanist Thought Board member, Extropy Institute (ExI) -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK922PYTj7/vxxWtPAQEbkgQAsgOxCtZjdZMZuRfm05nwm2ObsoLH/cFh aHRnb6dmp1o+4+yxaR+BO4fpRAtNMMOhn6WUSOoUJz1qqqkghfolYRu/TeCdr9du irrb7tCwndKsQC+wcTI/Q4+cmq3HrRRTnaIWYjmfaqXPEYRODVFDXc409umVGRJb 5IgXfNgaz78= =T1vu -----END PGP SIGNATURE----- -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Robert Luscombe Date: Tue, 27 Apr 93 21:32:37 PDT To: Cypherpunks Subject: Need help with remailer scripts Message-ID: MIME-Version: 1.0 Content-Type: text/plain Would someone be able to help me install the remailer scripts from the archives? I have no Unix experience and have *no* idea where to begin. I don't even know if root access is needed for these. Any help would be appreciated. --Robert Luscombe Internet: ral@telerama.pgh.pa.us Voice:412/488-0941 robert@well.sf.ca.us (Finger for PGP Pub Key) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: edgar@spectrx.Saigon.COM (Edgar W. Swank) Date: Wed, 28 Apr 93 08:34:02 PDT To: Cypherpunks Subject: PGP: USA-Legal PGP Project Message-ID: MIME-Version: 1.0 Content-Type: text/plain Derek Zahn recently posted: Subject: "Cypherpunks Write Code" Hmm, I write code -- but so far no cyphercode. Since I'd like to be part of the cypherdelic revolution, what code needs writing? I agree that the PC/modem scrambled telephone is a good idea, but others are already bashing that out; there must be other neat projects that want doing. Any thoughts? Thank you, Derek!! Yes, I have such an idea and I'm beginning work on it myself. Your and other Cypherpunks participation is certainly welcome and probably essential. At the Cypherpunks meeting on Saturday (4/24), which was called to discuss plans to counter the "Clipper chip" announcement, we agreed that one prong of our attack should be to get strong crypto as widely distributed as possible. Unfortunately, wide distribution in the USA of PGP, the most popular product, is inhibited because it violate's RSA's patents. PGP has already been chased off some USA FTP Sites. But this problem has a solution! I confirmed with Jim Bidzos, President of RSA, who was present at the meeting, that a USA Legal version of PGP could be constructed by just replacing certain sections of code with free code from RSAREF. Since source for both PGP and RSAREF are available, this sounds like an easy job. Since no-one's actually done it yet, perhaps it's not, but I will try. I hope I haven't bitten off more than I can chew. At best, I can compile and test only the MSDOS version of PGP. I will certainly need help if USA-Legal MAC, AMIGA, UNIX, etc. versions are to be available. Note that since RSAREF cannot be exported, the USA Legal version(s) of PGP will not replace the current version(s) for use outside the USA. But the two versions -will- be able to exchange keys and messages and so the combination of the two will offer the -only- legal method of strong crypto for communication crossing USA borders. This is a job for USA programmers. We can't expect the foreign programmers currently maintaining/improving PGP to do the job for us. First, they have no incentive to do so; the current version of PGP is perfectly legal to use outside the USA. Second, they can't (legally) obtain a copy of RSAREF to work with. I plan to delimit all changes for USA legality with conditional compile statements (#ifdef USALEGAL), so I'm hopeful that Branko, Jean-Loup, et.al. will consent to merge those changes back into the master source, to reduce the pain of generating USA Legal versions of future releases of PGP. I invite you, Derek, and anyone interested in participating, and -especially- anyone who has -already- started a similar project to contact me immediately via e-mail edgar@spectrx.saigon.com (Edgar W. Swank) or by phone at (408)227-3471. Here is an (illegal) PGP key if you want to communicate encrypted: -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.2 mQCNAirfypkAAAEEAKe2jziPeFw6hY19clR2GtQ4gtGCSSVOTgPKEJzHfuC74Scf 9PEuu1kebLhHk43A9wo1vr52o4jpH/P/tnFmRtBQOMzLUzAt5rMucswtSVviMQS2 hBuc9yGJKWHVcyfA79EARKEYTdhx+2qKI+hFJcPE+rmD8wVoF94nNf3ah8DHAAUR tClFZGdhciBXLiBTd2FuayA8ZWRnYXJAc3BlY3RyeC5zYWlnb24uY29tPokAlAIF ECvWOdMYM6FlCLcHxQEBz6wD8wW3+pUMs8G1MHcWssyw6Idx8oJ7py6KIvss84hF UHIToErd7C3tiNdPAy8U4KftupSWEwGQfhoPBxsgfjc+tutw9F5VVF0Ivf+wkkcn fG4WBXrhT8Bcxz1mZciwwCLLmhHwbJqdgwS4H374VAqoolmJj/aGvqzgPuSB0vsT fLSJAFUCBRAruXWDs7y/yYd6pmEBAWAyAgCOSnWk4j69mNTrUQk4usTBuoZ0TWpb yvQuXf28ayp1GKrH0qSmsl/k7PabJqumunaDq19wALYHGbkwmFH0JHdtiQCVAgUQ K5cyE6HBOF9KrwDlAQGoXQP+K0aEladxviotML5HAL6Z8Le70hGKR10pMqAvC3QK rPW37eTQ0zspIMOR9ahRtQ6KpOqEdMsWNJPdXlaAVXJS1g2/eLDTtyYxySjv0HTg 4pOQ6ZlxJ0IQXy5bo7mJArSY6Ab9fkHSJp57/WjYnRriwJ3jb2flDTanxNyEUocz cNyJAJUCBRArY+YsNlaXxjLdmNkBAQxGA/9ojDJpeuXhWjVqzT+2m2IfEFt/jJ48 peQjaQIxpMXo5iJuJ2SqlBzeQ7hs6SQ57LUcG8+nWlyteV3KDNZvILobulMyMB7P foWyhOop0ws+AtJhOeT0prxf3o43sZxs7IhabhZ4zf7Ea0h3Oe35TiFFgQmQ/B4s 892mAcZr8CfOt4kAlQIFECsRFxzidd4O/2f3CwEBsmID/2qXL/VdjGxxYFNIZdA+ DC6howUXlHw66MUArILE2/9J69VvcpbQTKmD4A+04SwH9q8SDzWxsg+1VANuy08E E0up9pm7ZBzrxkFcOydhsEwOt9fRn9EJ3tDNYe1SVoxV9Fc47of55Om7cTNrky0h dp1LA13uf/TeV3nrBYa21zaz =kLEt -----END PGP PUBLIC KEY BLOCK----- -- edgar@spectrx.saigon.com (Edgar W. Swank) SPECTROX SYSTEMS +1.408.252.1005 Silicon Valley, Ca From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: geoffw@nexsys.net (Geoff White) Date: Wed, 28 Apr 93 05:17:24 PDT To: cypherpunks@toad.com Subject: Re: Raving on... Message-ID: <9304281204.AA05215@nexsys.nexsys.net> MIME-Version: 1.0 Content-Type: text/plain > Brian says: > > >Hmm... the problem is I don't think a majority of the people at raves are > >focused enough to concentrate on something as technical as that (I KNOW it > >isn't technical to you and me, but the average raver doesn't even > >know what the word encryption means). HOWEVER, raves ARE the ideal place > >to hand out info about what's going on, something the raver can cling onto > >to read and understand when he's not high on {vibes,music,drug,etc.}. Give > >pointers to where to get more info or where to obtain PGP, and perhaps > >most importantly, WHY THEY NEED IT. Within a certain amount of time, but > >most likely sooner than any of us anticipate, there will be more people with > >email access than without, so "taking the message to the streets" is becoming > >less and less of a fanciful idea.... Speaking as someone who has been a pretty hardcore raver for almost 2 years now my view on this is as follows: 1) Most ravers don't want to be preached to, they do want to be informed though, the best approach is an "access to tools" approach of invite and education. I think that as of right now, not many ravers even have e-mail, although there is a very organized group that does and is strongly networked already. Some of them know about PGP. We have already discussed whether our e-mail lists should be encryped and the idea was rejected by the group at large. Some of us do send encrypted messages back and forth sort of as a novelty, sort of for practice. I think the best thing to do for this organized group is to educate them and at least get them to generate keys for themselves IF THEY WANT TO. Education is important they have to realize that the key is like a bank card password , you don't tell everbody what it is. Many people are in altered states at raves, this is NOT the set or setting to have them generating keys with pass phrases that they have to remember. 2) I am on a drive to "wire-up" the rave community, in the next issue of CyberTribe-5, I have an article on PGP and why ravers should get hooked up to e-mail. The e-mail advantage is clear for many ravers... the ones who are wired always seem to know where the best parties are. Why we need encryption is not as clear. The scene is about openess, we are well aware that LE folks are most likely on our lists, we don't post the truely underground events anymore to public list. We set up phone trees and private e-mail trees for events like the Full Moon Rave. This has been sufficient to keep the authorities from having preknowledge of our events. I personally hope that most organizers learn about e-mail and at least generate keys in case there comes a time that the Scene really needs secure communication between people (I think this time is not too far off). 3) I have seen some activity by the libertarian party around the rave scene in SF. I've thought this to be curious but as I think about it, it makes sense, many ravers would most likely embrace large portions (but not all) of the libertarian ideals. Most ravers are not overtly political in the classic sense of the word. Although there is sort of a "Politics of Ecstasy" :) so to speak, we find that a lot of the problems that the left is still struggling with like, equality for women and people of color (within their own ranks!) are non-issues for us. We don't need affirmative action policies because as a social group, we are intensely homogenous, when you party with people across race,gender,sexual orientation, lines, it become easy to work with them, you naturally build a network of trust that is multi-cultural. As far as capitalism is concerned many young people in the Scene have developed their own companies from the selling of T-Shirts to "other things" that people buy at raves. They have no great love for "taxation" or interfearence by the "State" The scene is forging its own economic web and they are finding that economic co-operation is more productive then traditional competition, e-mail and encryption can help here. Raving IS a social political statement, sort of like the people in (pre) nazi germany who danced to swing,jazz,blues music which the nazis said was a "degenerate" type of music from the negro. You can go to a rave, dance to socialy unacceptable music, confront Authority with a statement but not land in prison (at least not in this country). Ultimately raving is not just another disco, it IS NOT a pick-up scene as most people going for that reason have discovered, it is not even a drug scene although there is drug use at raves (there are also some folks who have sex). The Scene IS about a persons right to CONSCIOUSNESS, knowledge and the right to think what ever thoughts s/he might want to think using whatever tools are at their disposal. The main goal of the raves that I go to are to reach that ecstatic state that some refer to as "The Vibe". This usually happens in the wee hours of the morning after 2 am when all the alcohol drinkers go home. This state is accessable via drugs but you need the beat as well, advanced ravers don't need the drugs any more to go into trance, this type of trance dancing is little understood in the west but is common throughout africa, india and parts of the middle east. 4) OK so the bottom line is I think that a SIMPLE flier informing these young people what is at stake as far as their present and future freedom of thought/speech/privacy sould be handed out. Low on rethoric, high on information. Have a lap-top available for the advanced ones who know/comprehend what PGP is and want to be able to use it. Don't blindly give out floopies, most will never be used. This message has been long but I wanted to INFORM the group who might have had preconceived ideas about the scene. I am willing to answer any questions that anybody might have, off-line. ------------------------------------------------------------------------------- NEXUS SYSTEMS/CYBERTRIBE-5 : Voice:(415)965-2384 Fax: (415)327-6416 Editor/Instigator/Catalyst : Geoff White Production Crew : Universal Movement Trinity "They might stop the party, but they can't stop the future" --PGP Public key available upon request-- AT&T:Phones with Big Brother Inside, Just say "NO" to the Clipper wiretap chip! ------------------------------------------------------------------------------- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Wed, 28 Apr 93 10:09:14 PDT To: cypherpunks@toad.com Subject: MYK-78 In-Reply-To: <199304280536.AA09155@well.sf.ca.us> Message-ID: <9304281705.AA23767@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Arthur sez: >I've been stalking Mykotronx with phone and smail And I've been peering over his shoulder for much of that time. I'd like to comment on some of the unapproved ways to use this chip. The way that the chip enforces the wiretap protocol is by not working as a pair unless the LEEF's are transferred from one chip to another. Since these LEEF's are presumed to go out in the clear, tapping is reasonably assured. >LEEF = Law Enforcement Exploitation Field. I really am astounded at the names these people use. It does give rise to a great new slogan, though: "Stop Government Exploitation Fields!" Now suppose that there was a law requiring use of this chip. One could still create an untappable system just by not sending the LEEF's in the clear. So, for example, you do a D-H key exchange with a 600 bit modulus. Then the originating chip transmits the CV, LEEF's, etc. (as I count 282 bits), XORing with the D-H key, i.e. using a one-time pad. Now the LEEF's have been transferred, but not revealed to any eavesdropper. With a 600 bit modulus in the key exchange you could transmit one set of keying material each way. There's a great hack here to be had. These AT&T secure phones with the wiretap chip inside have internal modems and run some coordination protocol to synchronize. Almost certainly such an initial protocol must have retry paths in its state machine; otherwise the reliability would suffer. So we could make a compatible phone that initially tried to determine if another such phone was on the other end; if so, proceed with the blinded LEEF transmission. If not, drop back and try the wiretap protocol. In fact, those of you who have seen Shimomura's and Lottor's work with hacked cellular phones know that it might be possible to put this hacked protocol right in the AT&T phone itself! If the phone has a ROM of some type which contains the microcontroller code, it could be reverse engineered and reprogrammed. If I were mandated to use the chip in a commercial product, I'd put three buttons on the phone: CLEAR (icon=open doors) SECURE (icon=closed doors) TELL THE GOVERNMENT (icon=benevolent face) Pressing the third button would use the AT&T protocol, pressing the second would encrypt the LEEF's. "AT&T: Helping the government to reach in and touch you." There might be another technique. There is a Write CV command that is accepted in normal operation. (Some CV must be put in during initialization after reset to reach the idle state, i.e. the normal operating state.) This command requires the check word, but that's easily generated in the normal manner. It is possible that changing the CV requires generating another set of LEEF's; that's not clear to me, but Arthur thinks you can. If, however, one can just change the CV at will, one could send the LEEF's in the clear and then immediately change the CV (session key). Now the LEEF has been sent but the conversation makes no sense. My money is that this is interlocked with IV generation, though. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: cp@jido.b30.ingr.com (Serrzna Penvt Cerffba) Date: Wed, 28 Apr 93 08:08:02 PDT To: 7025aj@gmuvax2.gmu.edu Subject: Is Rush Limbaugh giving Clinton sh*t about wiretap chip? In-Reply-To: <9304231457.AA22562@gmuvax2.gmu.edu> Message-ID: <199304281506.AA06491@jido.b30.ingr.com> MIME-Version: 1.0 Content-Type: text/plain In <9304231457.AA22562@gmuvax2.gmu.edu>, 7025aj@gmuvax2.gmu.edu writes: |> |> I'm under the impression that Rush Limbaugh's address is: |> 70277.2502@compuserve.com |> Would a few articulate defenders of (privacy and) AMERICAN COMPETITIVENESS |> send him some convincing words, please? |> |> G. Gordon Liddy would be another good target, but I don't know his address. G. Gordon Liddy, "Radio Free DC" can be reached at: Vox: 1-800-GGLIDDY Fax: 1-800-937GFAX I'm going to go wash my hands now. With lots of soap. My guess would be that Liddy and Limbaugh would both be very happy about the Tapper chip proposal, and would recognize us as natural enemies. Try 'em if you want, but be wary. ^ / ------/---- cp@jido.b30.ingr.com (Freeman Craig Presson) / / From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Wed, 28 Apr 93 10:34:18 PDT To: cypherpunks@toad.com Subject: Markey Hearing Thursday 930AM Message-ID: <9304281734.AA29120@toad.com> MIME-Version: 1.0 Content-Type: text/plain ------- Forwarded Message Date: Wed, 28 Apr 1993 13:04:20 -0400 From: jberman@eff.org (Jerry Berman) Subject: Markey Hearing DATE AND TIME: Thursday, April 29, 1993 at 9:30am ROOM: 2123 Rayburn House Office Building SUBJECT: Oversight hearing on issues relating to the integrity of telecommunications networks and transmissions including consumer privacy, encryption, computer hacking, toll fraud and data security. WITNESS LIST Technical Presentation Mr. John B. Gage Director, Science Office Sun Microsystems, Inc. 2550 Garcia Avenue, MS PAL01-505 Mountain View, CA 94043-1100 [I think Tsutomu Shimomura and Ron Rivest will also appear as part of this presentation. --gnu] Panel Mr. Raymond Kammer Acting Director National Institute of Standards and Technology Building 101, Room A1111 Gaithersburg, MD 20899 Mr. John P. Lucich State Investigator Organized Crime and Racketeering Bureau New Jersey Division of Criminal Justice 25 Market Street Trenton, NJ 08625 Mr. Bruce Sterling 4525 Speedway Austin, TX 78751 Author: The Hacker Crackdown: Law and Disorder on the Electronic Frontier Mr. Joel Reidenberg Associate Professor of Law Fordham University School of Law 140 West 62nd Street New York, NY 10023-7485 ------- End of Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Wed, 28 Apr 93 10:49:17 PDT To: cypherpunks@toad.com Subject: (fwd) Capstone & Preliminary Message Security Protocol Message-ID: <9304281749.AA28920@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Cypherfolks, Some info on Capstone and another program called "Tessera." -Tim From: mrr@scss3.cl.msu.edu (Mark Riordan) Newsgroups: sci.crypt Subject: Capstone & Preliminary Message Security Protocol Date: 28 Apr 1993 01:35:50 GMT Organization: Michigan State University Summary: Defense Message System to use Capstone chip Keywords: Clipper, Capstone, PMSP, Mykotronx, NSA An article in the 26 April 93 issue of Network World mentions encryption technology to be used in a proposed Department of Defence email network: Next year, the DOD will issue an RFP for a one million-user Defense Message System (DMS). DMS will not be completely compatible with X.400 messaging. Therefore, to make it easier for vendors to bid on what will be a non-standard email system, the DOS plan to release prototype source code for its version of X.400. The article contains the interesting sentence: "Along with source code, it will release the nonclassified encryption algorithm application called Preliminary Message Security Protocol (PMSP)." DMS places security features in the Mail User Agent, rather than the Message Transfer Agent, as is done with stock X.400. Furthermore, PMSP will use the NSA's Capstone public key algorithm, rather than RSA, which is used in X.400. Therefore, gateways will be required to translate between encryption systems when DMS is exchanging messages with other networks. As its data encryption algorithm, Capstone uses the same unpublished private-key algorithm as the Clipper chip. [In a Usenet posting, Dorothy Denning says that Capstone uses the Skipjack algorithm, the Digital Signature Standard (DSS), and the Secure Hash Algorithm (SHA).] Capstone chips will be provided by Mykotronx, Inc., the Torrance, Calif firm that also designed Clipper. Military DMS users will be issued PCMCIA-compliant cryptocards containing the Capstone chip. (PCMCIA is an add-on interface card standard oriented toward subnotebook PC compatibles.) This interface card is dubbed "Tessera". Mykotronx claims to have already shipped 10,000 Capstone and 20,000 Clipper chipsets. Does anyone know anything else about PMSP? Mark R. mrr@ripem.msu.edu -- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Wed, 28 Apr 93 08:41:13 PDT To: cypherpunks@toad.com Subject: Wiretap Chip and Key Escrow Abuses Message-ID: MIME-Version: 1.0 Content-Type: text/plain I've been following the discussions on several newsgroups and mailing lists (RISKS, PRIVACY and Cypherpunks) concerning the Wiretap Chip (Clipper/Capstone) and the proposed key escrow system. Here's my $.02, as well. In RISK 14.55, Jim Bidzos wrote - JB> Since Clipper, as currently defined, cannot be implemented in JB> software, what options are available to those who can benefit JB> from cryptography in software? Was a study of the impact on JB> these vendors or of the potential cost to the software industry JB> conducted? (Much of the use of cryptography by software JB> companies, particularly those in the entertainment industry, is JB> for the protection of their intellectual property. Using hardware JB> is not economically feasible for most of them.) Jim raises a valid concern. Although a hardware based system is ideal for voice encryption, the idea of registered key systems, where government and/or LE agencies have involvement, is not a popular one. The key escrow scheme in this proposal reeks of Big Brother. (As in, "Trust me. I'm from the government and I'm your friend.") In some circles, it is not even a consideration. Software encryption systems employed to protect intellectual and commercial data and electronic mail are much more flexible and desirable, especially when they are not governmentally proposed, imposed, designed and sanctioned by spook organizations such as the NSA. The real sore spot with the Clipper proposal is that private industry and citizenry were blind-sided by this entire process. The possibility that Uncle Sam will try to make this a de-facto standard and subsequently place restrictions on other forms of crypto (eg. software based) is real. Also in RISKS 14.55, Bill Campbell wrotes - BC> There are dozens, perhaps hundreds, of commercial, criminal and BC> governmental entities with access to government resources who BC> would not hesitate for a moment to violate my rights if they BC> found it expedient to do so. These individuals and organizations BC> have demonstrated beyond question that they are not constrained BC> by legal or ethical considerations, and as has been suggested BC> in a number of other postings, the technology employed by Clipper BC> (including the dual escrow sham) will probably not even pose so BC> much as an inconvenience to a determined adversary. To suggest BC> otherwise is, at best, profoundly naive. I have a tendency to agree with Bill. In fact, California is currently embroiled in a scandal involving the release of confidential data (DMV addresses), by employees of the Anaheim Police Department, to third party interests. This is clearly in violation of their employer's policies, their own terms of employment, state criminal law, and civil law. What's to stop the same blatant, unethical breech of confidentiality with regards to the Clipper key escrow implementation? Nothing, that's what. In the future, information will be the most powerful possession and in the spirit of SNEAKERS, s/he who has control of and access to the information is the most powerful. Power corrupts, but absolute power corrupts absolutely. I think that Clipper offers maximum abuse in this scenario. Also in RISK 14.55, Robert Firth wrote - RF> You see, friends, if the Clipper becomes the normal, standard, or RF> accepted means of encryption, then *the use of any other encryption RF> scheme can of itself be considered "probable cause" for search and RF> seizure*. And thereby could be lost in the courts what was won at RF> such great cost. This is perhaps my greatest concern in all of the Clipper/Capstone hoopla. Personally, I don't have much faith in the law enforcment agencies to act responsibly. The Secret Service and FBI have, in the past, clearly demonstrated that do not grasp the scope of the problems technically challenging modern society. The Steve Jackson Games case is one instance that immediately springs to mind. Some parts of the country are demographically more at risk than others. For example, the criteria which may be deemed as "probable cause" for search and seizure in Jackson, Mississippi could very well be reason for the ACLU to file a suit against the LEA in New York City. Also in RISKS 14.55, A. PADGETT PETERSON writes - PP> Like I said, both the government and corporate America *need* PP> Clipper, the designers are some of the best in the world, and PP> the administration has more to lose than we do. Given that, PP> Clipper will work as advertised. The only way that I can imagine the government actually *needing* Clipper is where Clipper is forced upon the country as the de-facto standard and other forms of cryptography are restricted. Uncle Sam tends to forget that what is desirable for the government, is not always acceptable to the public at large. Cynically, Paul Ferguson | Uncle Sam wants to read Network Integrator | your e-mail... Centreville, Virginia USA | Just say "NO" to the Clipper fergp@sytex.com | Chip... -------------------------------+------------------------------ I love my country, but I fear it's government. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: crunch@netcom.com (John Draper) Date: Wed, 28 Apr 93 12:04:34 PDT To: cypherpunks@toad.com Subject: CSPAN NOT covering the hearings tommorrow Message-ID: <9304281904.AA12916@netcom4.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Called CSPAN, and they are NOT covering the hearings tommorrow. Hah! our tax dollars at work!! So, for those very luckey people going to attend, we plead with you to please write up a comprehensive report and send it to the group (or at least to me!!). JD From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Sandy <72114.1712@CompuServe.COM> Date: Wed, 28 Apr 93 10:02:19 PDT To: Subject: CLIPPER SOUND BITES Message-ID: <930428164931_72114.1712_FHF34-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain _________________________________________________________________ FROM THE VIRTUAL DESK OF SANDY SANDFORT ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ No matter what you think of our current and former presidents, associating the Clipper chip with them might work in our favor. Asking the following question might cause their supporters to have second thoughts: "Why haven't Clinton and Gore had a "town meeting" about the Reagan-Bush Wiretap Chip? Didn't they run on a platform of change? This sounds like business-as-usual to me." Presumably, Reagan-Bush supporters will smell a rat--Clinton--and oppose Clipper to thwart the new administration. Clinton fans will oppose Clipper because it is a leftover symbol of the hated Reagan-Bush era. S a n d y _________________________________________________________________ PLEASE RESPOND TO: ssandfort@attmail.com (except from CompuServe) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mike Godwin Date: Wed, 28 Apr 93 09:58:52 PDT To: fergp@sytex.com (Paul Ferguson) Subject: Re: Wiretap Chip and Key Escrow Abuses In-Reply-To: Message-ID: <199304281658.AA10784@eff.org> MIME-Version: 1.0 Content-Type: text/plain Paul Ferguson writes: > The real sore spot with the Clipper proposal is that private > industry and citizenry were blind-sided by this entire process. I disagree. That's *a* sore spot, but not *the* sore spot. Even if industry and citizen groups had been consulted, I'd find the Clipper proposal, and the strategy it represents, to be unacceptable. --Mike From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: eric@synopsys.com Date: Wed, 28 Apr 93 13:02:44 PDT To: cypherpunks@toad.com Subject: Re: ANON: Cryptographic MIX In-Reply-To: <9304280305.AA19293@netcomsv.netcom.com> Message-ID: <199304282002.AA09358@gaea.synopsys.com> MIME-Version: 1.0 Content-Type: text/plain >> Hi All, >> At the first cypherpunks meeting I cam to, >> A speaker was giving a presentation on cryptographic MIX protocols. >> My memory fails me as to who that was... so thats the question and what is >> the progress on an implementation??? >> cheers >> kelly Sounds like you were referring to me. I've been doing some perl programming and have scripts to create an address block, encode a message for transmittal with an address block, and to process one hop of a message. These scripts don't actually do any encryption, but rather simulate it for testing purposes. They're not ready for use mailing actual messages, and I still have to finish the script for decoding the message when it's finally recieved. So, there's a bunch of work to go, but it looks good so far. I'll be sure to let everyone know when they're in a condition to be played with by all. -eric messick (eric@synopsys.com) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: markh@wimsey.bc.ca (Mark C. Henderson) Date: Wed, 28 Apr 93 13:06:40 PDT To: edgar@spectrx.Saigon.COM (Edgar W. Swank) Subject: Re: PGP: USA-Legal PGP Project Message-ID: MIME-Version: 1.0 Content-Type: text/plain > Unfortunately, wide distribution in the USA of PGP, the most popular > product, is inhibited because it violate's RSA's patents. PGP has > already been chased off some USA FTP Sites. But this problem has a > solution! I confirmed with Jim Bidzos, President of RSA, who was > present at the meeting, that a USA Legal version of PGP could be > constructed by just replacing certain sections of code with free code > from RSAREF. Since source for both PGP and RSAREF are available, this > sounds like an easy job. Since no-one's actually done it yet, perhaps > it's not, but I will try. I hope I haven't bitten off more than I can > chew. At best, I can compile and test only the MSDOS version of PGP. I > will certainly need help if USA-Legal MAC, AMIGA, UNIX, etc. versions > are to be available. You should be able to do it. But, you will first have to get permission from RSADSI to access RSAREF in ways other than by the published interface. I trust they'll grant it, given what you say above. Also, be sure to get the RSAREF version included with RIPEM (wait for version 1.07 if you can). It has several significant performance enhancements (generic and some platform specific asm versions of time critical code). You won't be able to export this 'legal' version of PGP. Tracking and updating to new PGP releases will be a pain as much of the development is done outside of North America. Mark -- Mark Henderson markh@wimsey.bc.ca RIPEM key available by key server/finger/E-mail MD5OfPublicKey: F1F5F0C3984CBEAF3889ADAFA2437433 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mike Godwin Date: Wed, 28 Apr 93 10:13:47 PDT To: gnu@toad.com Subject: Navajo Hypothetical Message-ID: <199304281713.AA11070@eff.org> MIME-Version: 1.0 Content-Type: text/plain I recently heard an even better hypothetical that illustrates the issues raised by encryption: Suppose the only two navajo speakers left in the world were talking on the phone to plot the overthrow of the United States. If the FBI could not obtain a translator, would that mean the plotters could be compelled to hold their phone conversations in English? --Mike From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Wed, 28 Apr 93 13:44:43 PDT To: cypherpunks@toad.com Subject: (fwd) Re: Clipper Chip Questions Message-ID: <9304282044.AA07510@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Cypherpatriots, Here's a fairly long posting I made to sci.crypt and comp.lsi about reverse engineering the Clipper chip. Especially on the technical issues about tamper-resistant modules and electron-beam probing. -Tim Newsgroups: sci.crypt,comp.lsi From: tcmay@netcom.com (Timothy C. May) Subject: Re: Clipper Chip Questions Date: Wed, 28 Apr 1993 20:26:51 GMT (followup to comp.lsi added, as they may have something to say on this) allyn (allyn@netcom.com) wrote: : My question is what is to prevent someone who has one of these chips : (from a cellphone or computer or whatever) from taking the chip to : a microelectronic facility with a decent scanning electron microscope and : other equipment that is used to testing and analysis of microcircuits : and taking the darn thing abart and reverse engineer it? : : There must be plenty of microelectronic facilities that are under : relatively minimal security (such as universities) for someone to : try to reverse engineer one of these classified chips that the government : plans to put into the public's hands. I ran an electron microscope/chip testing lab for Intel, circa 1981-84. (We built a kind of "time machine" for imaging the internal states of complex chips--the 286 in those days--and displaying them on an image processing system which "subtracted out" the states of bad chips from known good chips and thus allowed us to analyze the nucleation and propagation of logic faults through the chip. Very useful for finding subtle speed and voltage problems, as well as gross faults, of course.) Analyzing the Clipper chip, or any "tamper-resistant module," will not be trivial, but neither will it be impossible. Some issues, questions, problems: 1. Getting through the package to the chip surface itself is problematic. Proprietray molding compounds may be used to make this tough. (For example, carborundum and sapphire particles are often mixed in, so that mechanical grinding and lapping also destroys the chip. And plasma ashing won't work.) 2. Sometimes the package itself has "traps" which wipe the chip (the data) if breached (fiber optic lines mixed in the epoxy, for example). This seems unlikely for a relatively low-cost solution like the Clipper. Papers presented at the "Crypto Conference" have dealt with this. (The main uses: nuclear weapons "Permissive Action Links" and credit card "smart cards," which use less intensive measures, obviously.) 3. Once at the chip surface, via grinding, chemical etch, plasma ashing, etc., the chip can be analyzed. 4. Carefully photographing the chip as layers are etched away (or even carefully lapped away) can reveal much about the internal operation, though not the data stored in internal ROM, EPROM, EEPROM, Flash EPROM, etc. If the Clipper/Capstone algorithm is embedded in the microcode and not apparent from the visible circuitry, then it must be read by other means. 5. Voltage contrast electron microscopy allows internal chip voltages to be read with good reliability. Cf. any of the the many papers on this. Commercial e-beam probers are available. (How voltage contrast works is itself an interesting issue, and there are many good references on this.) 6. However, operating the chip is necessary to read the internal states and voltage levels, and opening the chip under "hostile conditions" (read: limited numbers of samples, no knowledge of the molding compound, no help from the manufacturer) often destroys the functionality. It can be done, but count on lots of trial and error. 7. Metal layers may be used to shield lower signal-carrying layers from scrutiny by electron beam probes. Intel, for example, builds the new Pentium on a 3-layer metal process in which the top layer almost completely covers the lower layers. (Extremely sophisticated measurements using lasers (Kerr effect) and magnetic field sensing may be possible. Count on a very expensive set-up to do this.) 8. Other "tricks" may route parts of the key circuitry through buried layers, polysilicon lines, several layers of metal, etc. 9. VLSI Technology, Inc., the company with the "tamper-resistant technology" used by Mykotronx (VTI will fab the chips), may also be storing bits in very small EEPROM cells, which are very hard to e-beam probe (especially without disrupting them!). Note also that Intel bought a partial stake in VLSI. (I'm not imputing anything and don't know if Intel is somehow involved in the Clipper/Capstone effort. In fact, I left Intel in 1986.) 10. The easiest way to get the Clipper/Skipjack/Capstone details is probably the old-fashioned way: offer money for it. With anonymous remailers and digital cash, this may be much easier. Just some thoughts on this extremely interesting issue of reverse-engineering the Clipper. -Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fnerd@smds.com (FutureNerd Steve Witham) Date: Wed, 28 Apr 93 11:29:14 PDT To: cypherpunks@toad.com Subject: Liddy; There's a Chip in the Middle of the Phone Message-ID: <9304281818.AA09111@smds.com> MIME-Version: 1.0 Content-Type: text/plain > In <9304231457.AA22562@gmuvax2.gmu.edu>, 7025aj@gmuvax2.gmu.edu writes: > |> > |> send him [Limbaug] some convincing words, please? > |> > |> G. Gordon Liddy would be another good target, but I don't know his address. cp@jido.b30.ingr.com (Serrzna Penvt Cerffba) [!Is that real rot13!?] replies: > My guess would be that Liddy and Limbaugh would both be very > happy about the Tapper chip proposal... Isn't Liddy the guy who wanted to be able to get at someone's private information later, and so he... he... wait, I hear a melody... There's some Dems at the Watergate Hotel, There's some Dems at the Watergate Hotel, There's some Dems, There's some Dems, There's some Dems at the Watergate Hotel. There's a suite for the the Dems at the Watergate Hotel, ... There's a door on the suite of the Dems at the Watergate Hotel, ... There's a lock on the door on the suite of the Dems at the Watergate Hotel, ... There's a tape on the lock on the door of the suite of the Dems at the Watergate Hotel, ... There's a finger on the tape on the lock on the door of the suite of the Dems at the Watergate Hotel, ... There's a chip in the middle of the phone, There's a chip in the middle of the phone, There's a chip, There's a chip, There's a chip in the middle of the phone. There's a lock on the chip in the middle of the phone, ... There's a key in the lock on the chip in the middle of the phone, ... There's a crack in the key in the lock on the chip in the middle of the phone, ... There's a tap on the crack in the key in the lock on the chip in the middle of the phone, ... There's a speaker on the tap on the crack in the key in the lock on the chip in the middle of the phone, ... There's an ear at the speaker on the tap on the crack in the key in the lock on the chip in the middle of the phone, ... -fnerd keep your oxides dry --fnerd@smds.com (FutureNerd Steve Witham) quote me From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Sy Verpunc Date: Thu, 29 Apr 93 07:24:09 PDT To: Cypherpunks@toad.com Subject: Re: Tough Choices: PGP vs. RSA Data Security Message-ID: <9304281433.AA05674@pizzabox.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain : At risk of getting the goats of some friends of mine who read the list, I'm : tending to agree with Tim's ideas here. Brief conversation with Jim Bidzos : at the cypunx mtg indicated that he is very much up for something along the : lines of a personal encryption product that would meet our needs. From a All he has to do is let us pay a licence fee for pgp. What's the advantage to him in asking for a different piece of code that uses RSAREF and DES instead of Phil's code and IDEA? I can't see it, except that using DES blows away the security of the program... No, I think this suggestion should be put down now, or we'll splinter and give them exactly the divide-and-conquer opening they're looking for. G From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Sy Verpunc Date: Thu, 29 Apr 93 07:26:51 PDT To: cypherpunks@toad.com Subject: Re: Tough Choices: PGP vs. RSA Data Security Message-ID: <9304281436.AA05701@pizzabox.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain A better course of action might be to remove the RSA engine from PGP and distribute the source code, and a binary for free, but require users to pay $30-50 to RSA to get the source code and binary for the RSA engine. Thats what people have *always wanted* to do. RSA won't let them. That's why any talk of a newer friendlier Bizdos is bullshit. G From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Sy Verpunc Date: Thu, 29 Apr 93 07:23:36 PDT To: cypherpunks@toad.com Subject: Re: A link encryption protocol to crytique ;-) Message-ID: <9304281442.AA05753@pizzabox.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain : T[i] is generated by a pseudo random process, similar to shuffling a deck of : cards. For each i, fill the vector with the values 0 to D-1. Then two random : indexes (j & k) are chosen (to be different) and the two values at : T[i,j] and T[i,k] are swapped. This can be iterated an arbitraty number of : times (L) to ensure a good "shuffle" of the values. I saw this particularly clueless statement and stopped even trying to follow the rest of it. Still, I made an even more stupid blunder on sci.crypt a few weeks ago myself, so I can't criticise. All I can say is I learned from my mistake and will leave thinking up new crypto schemes to the experts. G From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Chuck Lever Date: Wed, 28 Apr 93 11:52:05 PDT To: cypherpunks@toad.com Subject: PGP: pgp -ke Message-ID: <9304281852.AA00450@toad.com> MIME-Version: 1.0 Content-Type: text/plain so, like, what's to stop me from writing a program (based on pgp source code) which can delete user IDs from my own keys after other folks have signed them? in fact, how *can* i change the user ID on a key after it has been signed? the pgp docs are unclear on how this works. can someone help me to understand what it means exactly when a key is signed? what parts of the key are certified by the signature? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Meyer Date: Wed, 28 Apr 93 14:25:07 PDT To: cypherpunks@toad.com Subject: Program to measure entropy Message-ID: <19930428212444.5.MEYER@OGHMA.MCC.COM> MIME-Version: 1.0 Content-Type: text/plain Cypherpunks write code, so here's some (at the end, anyway). Someone asked awhile back (just before the deluge of postings on the Wiretap Chip swamped my announcement of the release of new versions of our Dolphin Encrypt encryption software) about (something like) how to tell whether a file consists of something like English text or just (apparent) garbage. Here's one way, a program to calculate the entropy (and the relative entropy) of the set of bytes in a file. First the documentation (extracted from Appendix III in the manual for the Dolphin Encryption Library): Information theorists have attempted to formalize and to quantify the notion of randomness, also called entropy. The usual definition of entropy in a string of letters from some alphabet is due to Claude Shannon (who formulated this concept in the 1950s). Let S be a string of letters from some alphabet A = { a(0), a(1), ..., a(k-1) } of k letters, and let p(i) be the probability (that is, the relative frequency) of occurrence of a(i) in the string S, then the entropy E of the string S may be defined as: k-1 E = - Sigma ( p(i) * ln ( p(i) ) ) i = 0 where ln is the natural logarithm. It can be shown that this value is maximized when all letters occur in S with equal frequency (in this case E = ln(k)), and is minimized when one letter occurs all the time (in this case E = 0). Since E ranges between 0 and ln(k), we may obtain a modified entropy value E', which we call relative entropy, which ranges between 0 and 1 by dividing E by ln(k) thus: E' = E / ln(k). The program ENTROPY1.EXE calculates the relative entropy of the bytes in a given file. For a DOS text file consisting of English text the relative entropy value is typically in the range 0.48 - .68. The relative entropy values for most non-random files, including .OBJ, .COM and .EXE files, usually fall in the range 0.50 through 0.95. Files consisting of bytes generated by pseudo-random-number generators typically have relative entropy values in the range 0.970 - 0.999. Thus a file with a relative entropy value of at least .98 looks (at least according to this test) very much like a file consisting of random bytes. ENTROPY.EXE can thus be used to test whether a file appears to consist of random bytes or something like natural language. The ENTROPY1.EXE program takes two parameters on the command line, a file specification (wildcard characters are not allowed in this version) and (optionally) a byte space size, e.g. ENTROPY1 FILE.TXT 150. The program produces results such as: File Size Entropy Rel. entropy Diff. bytes HAMLET.TXT 1459 3.037405 0.547756 42 PTRS.TXT 3683 3.415741 0.615984 108 CHAP04.TXT 51162 3.339292 0.602198 100 FILE1.RND 1762 5.473655 0.987102 255 FILE2.RND 3400 5.503647 0.992511 256 FILE3.RND 29225 5.541324 0.999305 256 HAMLET.ENC 1762 5.478605 0.987995 256 PTRS.ENC 3400 5.501231 0.992075 256 CHAP04.ENC 29225 5.540785 0.999208 256 NULLFILE 20000 0.000000 0.000000 1 The file called NULLFILE consists of 20,000 null (zero) bytes, and has a relative entropy value of zero (as do all files which contain only a single byte value). Note that the relative entropy values for the .ENC files (encrypted using Dolphin Encrypt) are about .99, as are those for the .RND files (created by using a pseudo-random-number generator similar to Microsoft's rand() function) of the same size. The last column gives the number of different bytes found in the file. This may be less than the size of the byte space for the file. If the size of the byte space is less than 256, as is the case with text files, then the space size parameter may be included in the command line, as in ENTROPY1 HAMLET.TXT 108. In this case the program produces results such as: File Size Entropy Rel. entropy Diff.bytes HAMLET.TXT 1459 3.037405 0.648723 42 PTRS.TXT 3683 3.415741 0.729527 108 CHAP04.TXT 51162 3.339292 0.713199 100 Thus decreasing the value for the byte space increases the entropy measure. Relative entropy tends to be larger for larger files. Now the C source code: /* ENTROPY1.C * Written by Peter Meyer, last revised 1993-04-27. * Calculates the relative entropy of the bytes in a file * defined as the negative of the sum for each byte of the product of * the relative probability of that byte times the natural log * of that byte, divided by the natural log of the number of * different bytes occurring in the file; values can range from 0 to 1. */ #include /* Microsoft header files */ #include #include #include unsigned long n[256]; double p[256]; unsigned char *usage = "\nUse: ENTROPY1 filespec [space_size]" "\nspace_size = number of possible bytes (default = 256)\n"; void measure_entropy(unsigned char *filename, unsigned long *total, double *entropy, double *relative_entropy, unsigned int*num_diff_bytes, unsigned int *space_size, int *err_flag); /*-----------------------------*/ void main(int argc, char *argv[]) { int err_flag; unsigned int num_diff_bytes, space_size; unsigned long total; double entropy, relative_entropy; if ( argc == 1 ) { printf(usage); exit(0); } if ( argc == 2 ) space_size = 256; else { space_size = (unsigned int)atoi(argv[2]); if ( space_size == 0 || space_size > 256 ) { printf("\nInvalid space size.\n"); exit(1); } } measure_entropy(argv[1],&total,&entropy,&relative_entropy,&num_diff_bytes, &space_size,&err_flag); switch ( err_flag ) { case 0: /* no error */ printf("Space size = %u\n",space_size); printf("\n%15s%15s%15s%15s%15s", "File","Size","Entropy","Rel. entropy","Diff. bytes"); printf("\n%15s%15lu",argv[1],total); printf("%15.6f%15.6f%15d\n",entropy,relative_entropy,num_diff_bytes); exit(0); case -1: printf("\nCannot open file %s.\n",argv[1]); exit(2); case -2: printf("\n%15s is inconsistent with space size %d.\n", argv[1],space_size); exit(3); } } /*-----------------------------------------*/ void measure_entropy(unsigned char *filename, unsigned long *total, double *entropy, double *relative_entropy, unsigned int *num_diff_bytes, unsigned int *space_size, int *err_flag) { int j; FILE *file; *err_flag = 0; file = fopen(filename,"rb"); if ( file == NULL ) { *err_flag = -1; return; } /* zero the frequency array */ memset(n,0,256*sizeof(unsigned long)); /* count the byte values */ while ( !feof(file) ) n[fgetc(file)]++; /* get the number of bytes and the number of different byte values */ *num_diff_bytes = 0; *total = 0L; for ( j=0; j<256; j++ ) { *num_diff_bytes += ( n[j] != 0 ); *total += n[j]; } if ( *num_diff_bytes > *space_size ) { *err_flag = -2; fclose(file); return; } /* calculate the probabilities */ for ( j=0; j<256; j++ ) p[j] = ((double)n[j])/(*total); /* calculate the entropy */ *entropy = 0.0; for ( j=0; j<256; j++ ) { if ( p[j] ) *entropy += p[j]*log(p[j]); } *entropy = -1.0*(*entropy); /* calculate the relative entropy */ *relative_entropy = *entropy/log(*space_size); fclose(file); } If anyone wants the MS-DOS executable version of this program then send me (meyer@mcc.com) a snailmail address and I'll send it to you on the Dolphin Encrypt demonstration disk. -- Peter Meyer From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Honeyman Date: Wed, 28 Apr 93 13:34:05 PDT To: cypherpunks@toad.com Subject: othercrypt Message-ID: <9304282034.AA01784@toad.com> MIME-Version: 1.0 Content-Type: text/plain does anyone know how to get the a5 eurocrypt stuff? also there is rumored to be russian cryptosoftware on the street. clue? peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stanton McCandlish Date: Wed, 28 Apr 93 16:04:17 PDT To: cypherpunks@toad.com Subject: No FTP? You can still get PGP! Message-ID: <9304282303.AA07582@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain ************************************************************************* DEFEAT THE BIG BROTHER PROPOSAL! JUST SAY F!CK NO TO THE PRIVACY CLIPPER! ************************************************************************* ************************************************************ The security of PGP encryption for those without FTP access! ************************************************************ This is not an ad, but a public service announcement. NitV-BBS is FREE. This info (and my system!) has been updated to make it easier for you to obtain Pretty Good Privacy (PGP): Secure RSA pubkey encrytion for all! Due to the overwhelming response, I have sought out as many ports as possible. After a week of exhaustive FPT/Archie searches it appears to me that NitV-BBS is the world's singlemost comprehensive PGP site, with executables and/or source code for the following platforms: Platform exec source patch extras MS-DOS (PC-DOS, etc.) X X X Macintosh X X Archimedes X ? OS/2 X X Amiga X X Unix X X NeXT X In one case I do not have the means to open the archive to see if it comes with the source code, thus "?". WARNING: My DallasFax 14.4k v32bis modem does not always cooperate too well with USR/Miracom Dual Standards. BY MODEM TO BBS: Call NitV-BBS (see .sig at end of message for details) Here you will find: File area file name description LOGIN PGP22.ZIP DOS version of PGP LOGIN PGPSHEL1.ZIP menu/shell for PGP (DOS only) NONIBM PGP22B-A.LHA PGP for Amiga (w/source) NONIBM ARCPGP22 PGP for Archimedes (format unknown; w/src??) NONIBM MACPGP22.CPT PGP for Mac (.cpt archive) NONIBM PGP22.TAZ PGP for Unix (compressed .tar; w/source) WIN PGP22OS2.ZIP PGP for OS/2 (w/source patch) LOGIN PGP22SRC.ZIP PGP source code & utils for DOS NONIBM MPGP22SC.S_H PGP source code for Mac (BinHex .hqx encode of a .sea self-extracting archive) MONIBM MPGP22SC.SIG PGP signature for validation of Mac source NONIBM NXTPGP22.ASC PGP source code diff (patch) for NeXT. ASCII A quick ext search for "pgp" will yield the files for flagging quickly. Note: original name of Mac version is: MacPGP_2.2.cpt original name of Unix version is: pgp22.tar.Z original name of Mac source is: MacPGP2.2src.sea.hqx original name of Mac signature is: MacPGP2.2src.SIGNATURE NeXT patch is a concatenation of: PGP.random.c.diff and PGP.random.c.diff.README These names were changed because of the 12 char limit of MesSDOS filenames. All files are direct from these FTP sites: nic.funet.fi, sony.com, garbo.uwasa.fi, and ftp.uni-erlangen.de. They are NOT uploaded by BBS users, nor gotten from other BBSs. You can rest assured that they are "clean" (the superparanoid^H^H^H^H^H^H^H^Hcautious may wish to obtain additional copies and compare them for further validation.) You may login anonymously as ANONYMOUS, password GUEST. If you want the whole lot you won't have time, as that acct. is limited. In that case, login normally, but if you never intend to call again, please be courteous, and leave a omment to sysop to delete your account. Disk space is limited! All user accounts are free. There is no charge (other than your phone expenses of course) for obtaining PGP from NitV-BBS. BY FIDO-PROTOCOL FREQ Anyone in FidoNet or any other FTN/FTSC network (such as RBBSNet, etc.), or anyone with a working Fido-type mailer, can get PGP from the same source, via File REQuest, as long as they can send mail to Fido address 1:301/2 (you will need a Fido nodelist to pull that off). You do not have to be nodelisted to do this. You can even be a point system. Just send a DIRECT not routed netmail To: Sysop, NitV (1:301/2) From: Re: ,, St: Crash, Direct, FilReq, can be a full file name, or a "magic name". Status is not that important, as long as the message is set for at least these 2: Direct and FilReq. You can use the following magic names (which will still hold for future releases of PGP): Magic Name files description PGPDOS PGP22.ZIP, PGPSHEL1.ZIP DOS PGP and menu/shell PGPAMI PGP22B-A.LHA Amiga PGP & source PGPARC ARCPGP22 Archimedes PGP PGPMAC MACPGP22.C_H Mac PGP PGPNXT NXTPGP22.ASC NeXT PGP source code diff (requires a full src package) PGPOS2 PGP22O2.ZIP OS/2 PGP & patch PGPUNX PGP22TAR.Z Unix PGP & source PGPSDOS PGP22SRC.ZIP PGP source & utils (DOS fmt.) PGPSMAC MPGP22SC.S_H, MPGP22SC.SIG PGP source & sig (Mac fmt.) --------------------------------------------------------------------------- Please upload, file-attach via netmail, uuencode and email, or just tell me where to find, any interesting utils, FAQs, etc for PGP that you come across, so that I can make them available to the needy but FTPless hordes. Please do NOT further distribute this copy of PGP, especially to BBSs. Part of the Good Thing about getting it from NitV is that you know it came right from one of the original FTP sites for it, not from some cheezy BBS via the hands of 27 other people and systems, any of which might harbour a baddie. This is not to say that BBSs are bad (hell, I run one!) but rather that too much is left to chance (and ill-will!) in it's distribution methods. PGP is a security program, and needs to be guaranteed to be secure. Thank you. This offer, due to IDIOTIC export restrictions, must of course be limited to the USA. Authors are stongly encouraged to upload, mail, etc. their ports of PGP, their PGP utilities, etc. directly to me or the system listed below so that non-FTP-using PGP afficionados can be certain that they are getting a "pris- tine" copy. Thanks! ---------------------------------------------------------------------------- Distribute ENTIRE contents of this message freely. ---------------------------------------------------------------------------- -- Testes saxi solidi! ********************** Podex opacus gravedinosus est! Stanton McCandlish, SysOp: Noise in the Void Data Center BBS IndraNet: 369:1/1 FidoNet: 1:301/2 Internet: anton@hydra.unm.edu Snail: 8020 Central SE #405, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Derek Atkins Date: Wed, 28 Apr 93 14:46:47 PDT To: Chuck.Lever@umich.edu Subject: Re: PGP: pgp -ke In-Reply-To: <9304281852.AA00450@toad.com> Message-ID: <9304282146.AA00918@stage8> MIME-Version: 1.0 Content-Type: text/plain Hi. A signature on a key is a cryptographic signature of the key and userid. Therefore, you cannot remove your userid from the key and hope to keep the signatures valid. The other problem is that once other people have your userid on your key, which is neccessary for them to sign it, then you need to have them remove it, too, etc. Basically, signatures and userids currently act like viruses... Once they escape, its nearly impossible to contain them again.... -derek Derek Atkins, MIT '93, Electrical Engineering and Computer Science Secretary, MIT Student Information Processing Board (SIPB) MIT Media Laboratory, Speech Research Group warlord@MIT.EDU PP-ASEL N1NWH From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: v20177@vax1.cc.uakron.edu (Robert D Shofner ) Date: Wed, 28 Apr 93 17:06:33 PDT To: cypherpunks@toad.com Subject: Need some Advice Message-ID: <9304290001.AA02691@vax1.cc.uakron.edu> MIME-Version: 1.0 Content-Type: text/plain Hello All My question is what is the diff. between a Software Eng. & Computer Sci. degree. Some of my profs say that they don't know of any schools offer a BS in Software Eng. If that is the case then why do people use that term? Or is it a Masters degree or something like that? I also would like to thank Eric Hughes for replying to my early question on Q&A a dos database problem. His basic steps solved the problem in less 30 min. By the way the algorithm used very lame. abs(ascii character - 255) I would like a little more info on the debugger method. Has anyone the address to MircoSystems Management magazine, I need the April 93 issue, but unable to find it local. Thanks in advance. Red :) typo above From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stanton McCandlish Date: Wed, 28 Apr 93 20:31:52 PDT To: thesegroups@tic.com Subject: HELP! Some nut is threatening to sue! Message-ID: <9304290331.AA18264@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain Due to my posts to sci.crypt and elsewhere that I was distributing PGP, I recieved the following, and after that a very biased textfile on the dangers of having PGP and how terrible it is. Can anyone verify that this is a real threat? Last I heard PGP *MIGHT* violate a patent, but that this had not been decided yet. Please reply soon, and by direct email. If it is the Real Shit, I don't think they are going to give me long to ditch PGP... :( Begin forwarded msg ----------------------------------------------------- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jim@RSA.COM (Jim Bidzos) Date: Wed, 28 Apr 93 19:17:43 PDT To: anton@hydra.unm.edu Subject: pgp Message-ID: <9304290217.AA24716@RSA.COM> MIME-Version: 1.0 Content-Type: text/plain I don't think you're aware of our position on pgp. Unfortunately, you may leave us no choice but to take legal action, which we will unless you cease promotion adn distribution of pgp. The next message will state our position. End forwarded msg---------------------------------------------------------- -- Testes saxi solidi! ********************** Podex opacus gravedinosus est! Stanton McCandlish, SysOp: Noise in the Void Data Center BBS IndraNet: 369:1/1 FidoNet: 1:301/2 Internet: anton@hydra.unm.edu Snail: 8020 Central SE #405, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: William Oldacre <76114.2307@CompuServe.COM> Date: Wed, 28 Apr 93 19:03:43 PDT To: Subject: Help find this shareware! Message-ID: <930429015612_76114.2307_BHA12-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain To: >Internet:cypherpunks@toad.com PLEASE HELP ME LOCATE THE FOLLOWING SHAREWARE AND IT'S AUTHORS. The following shareware was removed from Compuserve Information Service because a sysop feared it might be downloaded by someone outside of the United States and get him in trouble. 1 DES Documentation for DESJWW.ZIP IBMPRO/C and C++ [P] DESJWW.DOC 2 Data Encryption Standard (in MSC v5.0) IBMPRO/C and C++ [P] DESJWW.ZIP 3 Knapsack Public-Key Encryption System IBMPRO/C and C++ [P] KNAPSA.ZIP 4 Confide - encryption/decryption program (DES) IBMSYS/File Utilities [S] CONFID.ARC 5 The Private Line (tm) IBMSYS/File Utilities [S] TPL.ARC 6 The Private Line Documentation IBMSYS/File Utilities [S] TPLDOC.ARC I am trying to do a survey of ALL data encryption shareware, especially that based on the DES or RSA algorithm (I have PGP). Can you help? Please contact William Oldacre at: 76114.2307@Compuserve.com or William H. Oldacre 6208 N.W. 132nd St. Gainesville, FL 32606 904-332-3010 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Wed, 28 Apr 93 21:15:57 PDT To: cypherpunks@toad.com Subject: Orig. Press Release. Message-ID: <9304290415.AA17021@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain I'm looking for the press release for the wire-tap chip which says that communications manufactures will be "encouraged" to incorporate the "we're-tapped" chip in their products. Any hints would be appreciated. Thanx in advance. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | | But, I was mistaken. |available| | +-----------------------------+---------+ | mdiehl@triton.unm.edu | "I'm just looking for the opportunity | | mike.diehl@fido.org | to be Politically Incorrect! | | (505) 299-2282 | | +-----------------------+---------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Paco Xander Nathan Date: Wed, 28 Apr 93 23:38:54 PDT To: cypherpunks@toad.com Subject: Re: Raving on... In-Reply-To: <9304281204.AA05215@nexsys.nexsys.net> Message-ID: <9304290515.AA21342@wixer> MIME-Version: 1.0 Content-Type: text/plain "Sent from the cyberdeck of: Geoff White" > > >Hmm... the problem is I don't think a majority of the people at raves are > > >focused enough to concentrate on something as technical as that (I KNOW it > > >isn't technical to you and me, but the average raver doesn't even > > >know what the word encryption means). HOWEVER, raves ARE the ideal place > > >to hand out info about what's going on, something the raver can cling onto Our company, FringeWare, has been out doing brain machine demos at raves for a while.. I'm still trying to catch up on sleep from last weekend's rave construction & show :-) The raves started as socio/politial but in many places have become yet-another-club-hop-for-kids-with-time-to-kill. Even so, sentiments are in the right place, guaranteed. Especially among the *RAVE PROMOTERS* .. The promoters are already sensitive to issues in common with cypherpunks since they tend to be underground operations in the cash economy, etc. Plus, they're HEAVILY networked. As a techno/gonzo journalist, I've found it EASIER to get in with hacker cliques than with rave promoter cliques; granted the real stakes are higher so they take security more seriously :-) Also, I'm intrigued to see the overlap (at least in this area) between ravers and people at EFF-Austin mtgs.. Some of the main u/g promoters even showed up to EFF-A's CopCon a couple weeks back, so the overlap in our agendas is valid. I'd tend to go with the argument that actually signing keys or passing out pamphlets during a rave would be weird and blow the mood. Maybe you'd say "So what?" but to an entertainment promoter, mood means everything and only a few cypherphuckups would spread a terrible image for us. I'm generally the most hi-tech part of these raves, what with the sound/light brain gizmos and even that's too left-brained some ravers.. Most want to experience, not engage in discourse. With pheromones and alkaloids being some of the dominant attractions for people attending, I could agree more :-) Which is why I'd suggest we tag along with the VRrave project, based on IRC connex between concurrent raves. That'd present a hi-tech set & setting and allow for some demo/experience of secure comm. Do what you can to introduce/instruct the local promoters -- but generally they're busy people with better things to worry about, like liability and overhead not somebody else's political agenda. pxn. pacoid@wixer.bga.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Paco Xander Nathan Date: Thu, 29 Apr 93 0:15:39 CDT To: cypherpunks@toad.com Subject: Re: Raving on... Message-ID: MIME-Version: 1.0 Content-Type: text/plain "Sent from the cyberdeck of: Geoff White" > > >Hmm... the problem is I don't think a majority of the people at raves are > > >focused enough to concentrate on something as technical as that (I KNOW it > > >isn't technical to you and me, but the average raver doesn't even > > >know what the word encryption means). HOWEVER, raves ARE the ideal place > > >to hand out info about what's going on, something the raver can cling onto Our company, FringeWare, has been out doing brain machine demos at raves for a while.. I'm still trying to catch up on sleep from last weekend's rave construction & show :-) The raves started as socio/politial but in many places have become yet-another-club-hop-for-kids-with-time-to-kill. Even so, sentiments are in the right place, guaranteed. Especially among the *RAVE PROMOTERS* .. The promoters are already sensitive to issues in common with cypherpunks since they tend to be underground operations in the cash economy, etc. Plus, they're HEAVILY networked. As a techno/gonzo journalist, I've found it EASIER to get in with hacker cliques than with rave promoter cliques; granted the real stakes are higher so they take security more seriously :-) Also, I'm intrigued to see the overlap (at least in this area) between ravers and people at EFF-Austin mtgs.. Some of the main u/g promoters even showed up to EFF-A's CopCon a couple weeks back, so the overlap in our agendas is valid. I'd tend to go with the argument that actually signing keys or passing out pamphlets during a rave would be weird and blow the mood. Maybe you'd say "So what?" but to an entertainment promoter, mood means everything and only a few cypherphuckups would spread a terrible image for us. I'm generally the most hi-tech part of these raves, what with the sound/light brain gizmos and even that's too left-brained some ravers.. Most want to experience, not engage in discourse. With pheromones and alkaloids being some of the dominant attractions for people attending, I could agree more :-) Which is why I'd suggest we tag along with the VRrave project, based on IRC connex between concurrent raves. That'd present a hi-tech set & setting and allow for some demo/experience of secure comm. Do what you can to introduce/instruct the local promoters -- but generally they're busy people with better things to worry about, like liability and overhead not somebody else's political agenda. pxn. pacoid@wixer.bga.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: simonm@mindvox.phantom.com (Simon Moon) Date: Wed, 28 Apr 93 21:34:02 PDT To: cypherpunks@toad.com Subject: RE: Rave on... Message-ID: MIME-Version: 1.0 Content-Type: text/plain crunch@netcom.com (John Draper) writes: > My proposal is to set up a room with a bunch of donated PC's Macs or > whatever, and have a booth set up where people can purchase PGP diskettes While this sounds like a great idea, I'm not sure you'll find many ravers who eill actually use PGP. How many ravers exchange email, but haven't heard of PGP? It seems like only a couple, based on my talking to people about computers at raves. > [...] handout literature can be made available for anyone attending that > describes the "Clipper" proposals, and suggestions on what people can do > to resist further government control over private cryptography. This seems like a more practical tactic. Even just handing out a single or half-page flier about PGP, Clipper, and a couple of other topics would probably get a lot of people to read it. And people at raves are used to others going around handing out interesting things to read. The hard part is coming up with 300 well written words that cover everything that needs to be said, a task I leave in more capable hands. On the other hand, I wouldn't mind lugging my PowerBook 170 down to a rave... If anyone organizes such an event, drop me a line... -- Simon (simonm@mindvox.phantom.com) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: crunch@netcom.com (John Draper) Date: Thu, 29 Apr 93 00:33:14 PDT To: cypherpunks@toad.com Subject: Some ideas, thats all... Message-ID: <9304290733.AA29290@netcom4.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Who wants to collaborativly work on an information packet containing a collection of the previous reports on the wiretap chip, such as the initial white house statement, CPSR's and EFF's responses, list of questions that were hashed at the last Cypherpunks meeting, etc, etc. A smaller and easier to read infomation packet should be prepared to hand out at raves. These should be fairly simple, easy to read and comprehend while on LSD, and other drugs, and also easy to fold up and tuck in your jacket pockets for later reading. Included might be a diskette containing PGP and a "Bone head" starter "readme" file, with references to additional places where more robust information can be had. I volunteer to check out the rave scene, and do an analysis on how the ravers will respond. :-). I'll also try out various other ways to reach ravers and fill them in. It's most important to point out ways for them to become involved in both spreading the info to others, and if they have computers, how they can use PGP and other encryption software to protect their email and voice calls. In the not to distant future, I will be in various media interviews, and will have opportunity to mention these things, and tell people how they can get more information on what we are doing, and how they can be involved. Anyway, feel free to post this to any other system or network, where appropriate. John D. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "DrZaphod" Date: Thu, 29 Apr 93 08:11:46 PDT To: CypherPunks@toad.com Subject: RE: HELP! Some nut is threatening to sue! Message-ID: <2475.drzaphod@ncselxsi> MIME-Version: 1.0 Content-Type: text/plain In Message Wed, 28 Apr 93 21:31:10 MDT, Stanton McCandlish writes: >Due to my posts to sci.crypt and elsewhere that I was distributing PGP, >I recieved the following >From: jim@RSA.COM (Jim Bidzos) >To: anton@hydra.unm.edu >Subject: pgp > >I don't think you're aware of our position on pgp. Unfortunately, you >may leave us no choice but to take legal action, which we will unless >you cease promotion adn distribution of pgp. The next message will >state our position. For a guy who claims to want to help us Cypherpunks in the way of personal encryption, scare tactics seem a little out of place. I'm sure we'd all like to use legal encryption methods [maybe]... but we ARE Cypherpunks.. giving us the responsibility to use what's best and defend our rights for privacy. Using a package that hasn't been updated in 5 years [MailSafe], we have diminished to politically correct yippies. I;m not sure quite what to do.. but I saw Jim Bidzos on a magazine once.. and he looks like a fed. By playing the game we are becoming part of it. TTFN. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- - DrZaphod #Don't Come Any Closer Or I'll Encrypt! - - [AC/DC] / [DnA][HP] #Xcitement thru Technology and Creativity - - [drzaphod@ncselxsi.uucp]# [MindPolice Censored This Bit] - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Thu, 29 Apr 93 01:36:29 PDT To: Cypherpunks@toad.com Subject: Tough Choices: PGP vs. RSA Data Security Message-ID: <9304290836.AA17180@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Cypherpatriots, This is a tough posting to write. I may even be called a quisling, or even a sternlight! This may be the most important posting I make during this current Clipper-Big Brother Chip controversy. I suggest that we as a community seriously reconsider our basic support for PGP. Not because of any flaws in the program, but because of issues related to Clipper and the potential limits on crypto. Continuing use of PGP causes several problems: 1. If RSA fails to take actions against sites and users, it weakens their legal position with respect to their patents. The government does not need licenses in any case, but users of Clipperphones *do* (not the final end-users, but the suppliers of Clipperphones to non-government customers). (A case can be made that repudiation of the patents might be a good thing. I know I have argued this at times. It's hard to know.) 2. The "guerrilla crypto" aspect of the PGP community (and our group) is charming, but may be counterproductive. If we are viewed as outlaws, the target even of RSA, then we have almost no influence, save for underground subversion. (To put this another way, if we are seen as RSA Data's enemy, we lose a potential ally. I am suggesting that a coming war between strong crypto on one side and government snooping on the other will force all participants to choose up sides.) 3. Supporting a legal version of strong crypto, which RSA Data-approved programs are and PGP is *not*, is a much more solid foundation from which to fight possible restrictions on strong crypto. 4. Our time could better be spent by solidifying existing RSA programs, including RIPEM, RSAREF-derived programs, MailSafe, and so forth. This is the approach several major companies have taken (Apple, Lotus, Sun, etc.). I've urged Jim Bidzos to work toward some compromise with the PGP community (and I think everyone recognizes the positive aspects of this growing community). This might include creating translation programs so MailSafe or RIPEM can read PGP files, a reworking of PGP to conform to licensing requirements, etc. I'm hoping that Phil Zimmermann can see what the real battle is. The PGP community is not likely to win their battle in court, and the effect of such a court battle will be divisive and ultimately may help the government in its plans. Phil Z. is most unlikely to ever see any real revenues from PGP. I think the benefits of a strong, legal, supported crypto product are greater than the dubious benefits of having a "free" piece of software. At any reasonable hourly wage, the cost of MailSafe ($125, last time I checked) is dwarfed by the amount of time crypto activists like ourselves spend debating it, downloading it, awaiting patched versions, etc. (All is not rosy on the RSA Data side, either. RSA Data chose to concentrate on getting RSA built in to e-mail products from the major companies and chose not to devote much effort to PGP-like personal encryption products (such as MailSafe, which runs on DOS and UNIX only and which hasn't changed much since 1988). Support for RSA Data should mean more support for these kinds of products. We could essentially ask RSA for a commitment in this area.) I'm arguing that we should look carefully and see what the real issues are, who the real enemy is, and then make plans accordingly. Awaiting your feedback, -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, smashing of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. Waco Massacre + Big Brother Wiretap Chip = A Nazi Regime From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: George A. Gleason Date: Thu, 29 Apr 93 03:01:27 PDT To: tcmay@netcom.com Subject: Re: Tough Choices: PGP vs. RSA Data Security Message-ID: <199304291001.AA23207@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain At risk of getting the goats of some friends of mine who read the list, I'm tending to agree with Tim's ideas here. Brief conversation with Jim Bidzos at the cypunx mtg indicated that he is very much up for something along the lines of a personal encryption product that would meet our needs. From a business perspective it's easy to see why RSA haven't gone for this yet; a copmany needs to concentrate at first on the most likely profitable lines of operation, and once that's solid, go for the wider market. Right now we have an incredible array of crypto talent which can be brought into a cooperative arrangement in developing additional RSA products. The result may turn out to be as good as the best potentials of PGP, and at the same time, support for RSA's position vis-a-vis any possible govt attempt to go after the patents. I don't see this as a matter of withdrawing support from the people and efforts which brought forth PGP. They're going to have their hands full doing *something* about Clipper right now, and that will deserve a lot of support. PGP has fulfilled its promise in many ways. It pre-empted the chance of an early govt ban on private crypto. It stimulated wide interest in crypto. It also provided a great market demonstration for the potential of an affordable strong personal encryption program. By this time, Jim Bidzos has a great case to make to his stockholders, for the business potential of personal cryptography. And PGP also brought together a wide community of cryptologists and programmers and end-users and so on. Consider a band who release a record on an underground label, which then makes it onto college radio in a big way, and the band gets a chance to get major distribution from that. They'd be dumb not to, as long as they can keep their artistic autonomy; and a smart record company executive knows that it's better not to try to tamper with a Good Thing. So here we are at the next step; public keys for the masses have the chance to come aboveground in a big way, and achieve even wider distribution and use. Now if those carrots aren't tasty enough; consider the stick: there is a long history of the govt doing in its adversaries by divide-&-conquer, along the lines of getting all kinds of infighting going among people who would be logical allies. Read the history of COINTELPRO for many examples. A major rift between PGP and RSA folks will only serve the interests of those who would rather both systems be banned. On the other hand, increased cooperation builds strength against possible governmental action in the future. -gg From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: rjc@gnu.ai.mit.edu Date: Thu, 29 Apr 93 03:16:59 PDT To: tcmay@netcom.com (Timothy C. May) Subject: Re: Tough Choices: PGP vs. RSA Data Security In-Reply-To: <9304290836.AA17180@netcom.netcom.com> Message-ID: <9304291016.AA36369@hal.gnu.ai.mit.edu> MIME-Version: 1.0 Content-Type: text/plain I partially agree with Tim, but RSA must be willing to make some compromises on this. Mathematical/Algorithmic patents already face lots of opposition in the user/programmer community, but charging high licensing fees on such patents will inevitably force programmers to develop freeware alternatives. I haven't seen Mailsafe, but from the reviews of it, it sounds like it is vastly inferior to PGP and not worth $125. It is also not "open" (e.g. you don't get source code?) which prevents the cypherpunk community from making modifications that they want. (I've also heard that RSA doesn't even support it well). A better course of action might be to remove the RSA engine from PGP and distribute the source code, and a binary for free, but require users to pay $30-50 to RSA to get the source code and binary for the RSA engine. This maintains our flexibility to modify PGP as we see fit, but preserves RSA's intellectual property. The downside is, platform portability will be impacted slightly. On the other hand, RSA could develop and maintain a PGP alternative which has all the bells and whistles we like, and market it at reasonable cost, say $50. (remember, Clipper chips will be cheaper than $40!) RSA's alternative is to have their patent become useless like most of the compression patents through wide spread unauthorized used of their algorithms. -- Ray Cromwell | Engineering is the implementation of science; -- -- EE/Math Student | politics is the implementation of faith. -- -- rjc@gnu.ai.mit.edu | - Zetetic Commentaries -- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: geoffw@nexsys.net (Geoff White) Date: Thu, 29 Apr 93 08:06:42 PDT To: crunch@netcom.com Subject: Re: Raving on... Message-ID: <9304291447.AA06514@nexsys.nexsys.net> MIME-Version: 1.0 Content-Type: text/plain I tend to agree with this guy, tread very carefully, we want to inform NOT proslitize. Ravers will get turned off real quick if you come on as something they MUST do. Offer information, answer questions and most of all be considerate of the fact that many people DONT know about the net or e-mail and that there may be some initial distrust from young ravers who don't know who you are because of your age, (and older guy wantin me to type some stuff into a computer? Humf, smells like DEA to me!) So go easy on folks at these things. You might want to find someone who is heavy into the Scene to go with you the first couple of times, to smooth the acceptance factor. Currently I'm way to busy with other aspects of the Scene to do this, you might want to contact some people on: sfraves@soda.berkeley.edu who regularly deploy VRAVE (an IRC like program for the international rave community) at raves in the Bay Area. To subscribe send a message to sfraves-request@soda.berkeley.edu, I've cross posted some of your mail so they are well aware of what you want to do. sfraves has been around for about a year, they are an integral and trusted part of the House Family, you might want to co-ordinate with them before you start a major campaign. I know they are working on getting the average raver signed onto e-mail. Hope this helps. ----- Begin Included Message ----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fig@eff.org Date: Thu, 29 Apr 93 05:56:54 PDT To: Stanton McCandlish MIME-Version: 1.0 Content-Type: text/plain At 9:31 PM 4/28/93 -0600, Stanton McCandlish wrote: If it is the Real Shit, It looks like the Real Shit to me, Stanton. I don't know anyone who has stonewalled Bidzos, so I don't know if he has actually taken legal action against a PGP distributor. But that's the guy (assuming it's not forged mail). <<*>><<*>><<*>><<*>><<*>><<*>><<*>><<*>> Cliff Figallo fig@eff.org EFF Online (617)576-4506 (voice) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nmh@thumper.bellcore.com (Neil Haller) Date: Thu, 29 Apr 93 06:05:41 PDT To: tcmay@netcom.com Subject: Re: Tough Choices: PGP vs. RSA Data Security Message-ID: <9304291305.AA14642@latour.bellcore.com> MIME-Version: 1.0 Content-Type: text/plain Let me add one vote of support to your proposal ... and another reason you may not have considered. I use PGP for personal communications. I'm not a big enough target for anyone to sue. On the other hand I do *not* use PGP for anything related to my employment. My company (Bellcore) is large enough to get sued, and everyone loves to hate the telephone industry. As a result, I would happily pay a resonable license fee. Neil Haller nmh@thumper.bellcore.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Nickey MacDonald Date: Thu, 29 Apr 93 05:22:23 PDT To: cypherpunks list Subject: A link encryption protocol to crytique ;-) Message-ID: MIME-Version: 1.0 Content-Type: text/plain Okay folx, tear this apart... I running on little sleep, but after thinking about this for a couple of hours (mostly while trying to document it...) I can't see any obvious holes... If no one points out any significant deterrants, I will code this up in C and release the code to the public domain (I'll get it put on soda...) I should comment, that this is not meant to be the best link encryption protocol available... the NSA (or others of their TLA friends) can monitor my sessions if they really want to... but this should at least provide a minor stumbling block... Also, I'm not a math major, so my version of a "technical" description of how to do this may upset the mathematicians among us... I did it the way it is cause it seem straight forward that way... I hope it actually makes sense to someone besides me... I hope it is general enuff (while writing this I had fixed values in mind, like 256 byte packets, so I may have let some of the constants creep in without noticing... I hope not, please point out these things)... Anyway, here it is, for whatever its worth... Oh, for irony's sake, I must admit that it was all the "clipper" discussion that got me thinking, and the use of I1 & I2 reflect this... hehehehe! --- Cut here --- Protocol proposal for a peer to peer encrypted link --------------------------------------------------- The goal of this algorithm was to be fast and not easily subject to a known plaintext attack, as the data bytes in B[] will be highly structured. x^y=the result of x exclusive ORed with y v[x..y]=a vector with positions indexed from x up to y (inclusive) v[i]=index into an an vector v for position i v[]=the list of all values in vector v CRC(v[])=caculate a CRC checksum on the data bytes in vector v N=number of user data bytes per packet D=N+sizeof(CRC(B[])) (for ease in generating I, should be a power of 2) S=D+sizeof(I)*2 B[0..N-1]=the N user data bytes C[0..D-1]=a work buffer filled from B[], CRC(B[]) P[0..S-1]=the outgoing packet K1 & K2=two random "session" keys of length P I=packet rearrange index (range of 0 up to D-1) I1 & I2=the two generators of I (range of 0 up to D-1) T[0..(2^sizeof(I))-1]=array of vectors of size D L=number of times to iterate the shuffle function total size of data D=N + sizeof(CRC(B[])) total size of each packet S=sizeof(I)*2 + N + sizeof(CRC(B[])) Exchanged in advance of any packets being sent (by a public key mechanism for example) are N, sizeof(I), sizeof(CRC(B[])), K1, K2, T. K1 and K2 are generated randomly, but checked to insure that K1[i] does not equal K2[i]. T[i] is generated by a pseudo random process, similar to shuffling a deck of cards. For each i, fill the vector with the values 0 to D-1. Then two random indexes (j & k) are chosen (to be different) and the two values at T[i,j] and T[i,k] are swapped. This can be iterated an arbitraty number of times (L) to ensure a good "shuffle" of the values. To encrypt each packet P: - Generate a random index (I) by generating two random values for I1 and I2 and exclusive OR'ing them together. I is not transmitted as part of the packet - Copy the values in B[i] to C[T[I,i]] for all values of i=0 up to N-1. - Copy the individual bytes from CRC(B[]) into C by indexing T[I,x] for x=N up to D-1. - Form the packet: P[0..D-1]=C[], P[D..D+sizeof(I)-1]=I1, P[D+sizeof(I)..S-1]=I2 - Replace each value of P[i] with P[i]^K1[i]^K2[i] for all values of i=0..S-1. - Transmit P[i] for all values i=S-1 down to 0. Explanatory comments: - Exclusive OR was chosen beacuse it executes so quickly on most machines. - The asumption was that just using a single key K1 would not be strong enough, so thus there are two. - Sending I as I1 and I2 gives more appranent choices of values, without requiring T to be extremely large. This is in hopes of further hindering any known plaintext attacks. - P is transmitted backwards merely so that I1 & I2 arrive first, to aide the decryption process. (Quite honestly this was done to make the above description of the assemblage of P a little easier to write, as putting I1 & I2 in first would have meant more calculation to yield the offsets of the sub parts of P eg. "P[0..D-1]=C[] would have become "P[sizeof(I)..sizeof(I)+D-1]=C[]" which is not as easily understood.) To decrypt each packet P: - As each byte comes in, it is stored into P[i] for values of i=S-1 down to 0. - Replace each value of P[i] with P[i]^K1[i]^K2[i] for all values of i=0..S-1. - I1=P[D..D+sizeof(I)-1]=I1, I2=P[D+sizeof(I)..S-1]. - I=I1^I2. - C[]=P[0..D-1]=C[]. - Copy the values in C[T[I,i]] to B[i] for all values of i=0 up to N-1. - Verify that CRC(B[]) equals C indexed T[I,x] for x=N up to D-1. - If the CRC verifies, the the data values have been transmitted and reside in B[] to be used. --- Cut here --- { God I hope I don't look like too much of a fool... ;-) } --- Nick MacDonald | NMD on IRC i6t4@jupiter.sun.csd.unb.ca | PGP 2.1 Public key available via finger From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Pat Farrell" Date: Thu, 29 Apr 93 06:25:12 PDT To: cypherpunks@toad.com Subject: RE: Tough Choices: PGP vs. RSA Data Security Message-ID: <33938.pfarrell@cs.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain Tim may is starting to sound like a Suit. :-) I agree strongly that we need RSA on our side, not against us. I don't know the history of the animosity between Jim B and Phil Z, but I think it is time to say that water is over the dam. Several folks have suggested here, and in the usual feeds, that it wouldn't appear to be all that hard to take RSAREF and use it as the key exchange engine for a US-legal PGP. Or even to take the PGP source and use it as an enhanced RSAREF. I haven't looked at either source, but I have to believe that someone on the list has. Is there a technical reason why this can't be done? Is there some hidden political reason that it can't be done? The readers of this list are hardcore and facile with techninology. To get the widespread support we need kill the wiretap chip, we need to get "easy to use" strong cryptography into the mass market. I'm writing a Windows-based POP client designed for folks that can't spell SLIP. It should have strong encryption invisibly and automatically. It won't until there is a legal encryption engine with at least the key management of PGP. Pat Pat Farrell Grad Student pfarrell@cs.gmu.edu Department of Computer Science George Mason University, Fairfax, VA Public key availble via finger #include From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stanton McCandlish Date: Thu, 29 Apr 93 09:52:06 PDT To: extropians@gnu.ai.mit.edu Subject: PGP is NOT availble from NITV anymore! Message-ID: <9304291650.AA13711@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain Due to threats of legal action from RSA, I have had to remove PGP from my system. Some time when I get the mess sorted out, non-patent-infringing PGP/RSA/[your-fave-crypto-here] utilities, such as mail scripts, will still be available, and I will post a message with the detail. I repeat, PGP *IS NOT* available from NitV-BBS any longer. Do not call for it you will be wasting your money and time. Sorry, but the law is the law. - S. McC. -- Testes saxi solidi! ********************** Podex opacus gravedinosus est! Stanton McCandlish, SysOp: Noise in the Void Data Center BBS IndraNet: 369:1/1 FidoNet: 1:301/2 Internet: anton@hydra.unm.edu Snail: 8020 Central SE #405, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: markh@wimsey.bc.ca (Mark C. Henderson) Date: Thu, 29 Apr 93 11:13:13 PDT To: cypherpunks@toad.com Subject: Re: Tough Choices: PGP vs. RSA Data Security Message-ID: MIME-Version: 1.0 Content-Type: text/plain > All he has to do is let us pay a licence fee for pgp. What's the advantage > to him in asking for a different piece of code that uses RSAREF and DES > instead of Phil's code and IDEA? I can't see it, except that using DES > blows away the security of the program... With respect to this, putting another symmetric cipher into RSAREF is a simple matter. I've done it for triple DES (3 key EEE version). Once (and if) we get permission from RSADSI to distribute it, it will go into the RIPEM distribution. I don't see any reason why we couldn't plug in IDEA. If you look at the RSAREF code you'll see that it would be technically very easy. > > No, I think this suggestion should be put down now, or we'll splinter and > give them exactly the divide-and-conquer opening they're looking for. Problems with RSAREF/RIPEM: 1. Use of RSAREF/RIPEM in support of a commercial enterprise is prohibited without paying a licence fee. Note that they can get you on copyright violations rather than patent infringement if you break the RSAREF licence agreement. My bet is that it makes enforcement a much simpler matter (you might say, especially in Canada). Note that personal use on a commercial system is OK. 2. One needs to get permission every time one wants to modify RSAREF in any substantial way. 3. The pseudo random number generation is suspect, especially if we're considering using symmetric cipher keys of > 64 bits. Essentially at most 2^128 distinct sequences of pseudo random numbers can be generated. 2^128 is a big number, but on the other hand it does make one wonder whether it is worth adding a scheme which uses 192-24 bits of key material. It isn't that I know how to break it, but on the other hand, it wouldn't surprise me if someone could compute, in less time than it would take to try 2^128 possibilities by brute force, some smaller number of possibilities for the encryption key given the IV which is output in plaintext in a RIPEM message. Call me paranoid. 4. We need something better than 56 bit key DES (said it before). 5. export problems. 6. RIPEM currently has no way to handle certificates or sign other people's public keys. This is, of course, serious. Good things: 1. One can use it for non-commercial purposes in North America. 2. Performance of RIPEM is considerably better than the original RSAREF code. The DES routines have been replaced. Furthermore a lot of platform specific improvements have been made to the large integer operations. The point being, that performance is similar to PGP. 3. The promise of PEM compatibility. (People are working on getting some support for certifificates into RIPEM.) The real point is that if we put our considerable resources behind something like RIPEM or 'legal' PGP and we had RSADSI's cooperation in terms of permission to modify, improve and update RSAREF then we could almost certainly have a high quality legal personal public key encryption program with the features we want, in a few months. It is a compromise. PGP is already done and is a very impressive software package. It certainly has a better feature set than RIPEM. It has been exported, so the export control issue is not a serious one. I do think the optimal solution (for both RSADSI and us) is to get some sort of scheme into place where PGP could be used legally for a licence fee (either per key or per person). Perhaps the folks at RSADSI could sign keys as PAID (but not necessarily authenticated) for US$50. They would certainly make some money in the process. Mark -- Mark Henderson markh@wimsey.bc.ca RIPEM key available by key server/finger/E-mail MD5OfPublicKey: F1F5F0C3984CBEAF3889ADAFA2437433 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: crunch@netcom.com (John Draper) Date: Thu, 29 Apr 93 11:27:56 PDT To: cypherpunks@toad.com Subject: Raving on.. Message-ID: <9304291828.AA03535@netcom4.netcom.com> MIME-Version: 1.0 Content-Type: text/plain >> Who wants to collaborativly work on an information packet containing >> a collection of the previous reports on the wiretap chip, such as >> the initial white house statement, CPSR's and EFF's responses, >> list of questions that were hashed at the last Cypherpunks meeting, >> etc, etc. >I already have such an archive (missing the cypherpunk questions [I had >a mail blowout, and that was one of the casualties, along with a couple >other saved items, mostly criticisms of the the privacy clipper.]) >Lemme know if you need it. I have it in .ZIP format, so you'll need >some way to deal with that. Great!! What we need is for someone who can read ZIP files and get it into hard copy for reproduction to be handed out at raves. Who wants to take on this responsibility? Geoff, now that one of my mailing lists has just dissolved (TCL_TALK) I can now join the sfRaves group and work with them directly, but first I want to write up a short introduction. JD From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tytso@ATHENA.MIT.EDU (Theodore Ts'o) Date: Thu, 29 Apr 93 08:33:35 PDT To: cypherpunks@toad.com Subject: Re: Tough Choices: PGP vs. RSA Data Security In-Reply-To: <9304281436.AA05701@pizzabox.demon.co.uk> Message-ID: <9304291533.AA11541@tsx-11.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain Date: Wed, 28 Apr 93 14:36:04 GMT From: Sy Verpunc Reply-To: cypherpunks@toad.com Thats what people have *always wanted* to do. RSA won't let them. That's why any talk of a newer friendlier Bizdos is bullshit. Have you actually tried? Several people from RSA, including Bidzos at the last Cypherpunks meeting at Mountain View (I wasn't there, but take a look at the meeting "minutes"), have stated repeatedly that if someone were to ask for permission to use the internal interfaces of RSAREF in order to write a PGP-compatible program, they would grant permission. However, as of two weeks ago, *NOT* *A* *SINGLE* *PERSON* *HAS* *ASKED*. To those of you who have repeatedly said "Cypherpunks write code" (and I applaud that attitude), consider this a challenge. :-) - Ted From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dionf@ERE.UMontreal.CA (Francois Dion) Date: Thu, 29 Apr 93 08:49:59 PDT To: geoffw@nexsys.net (Geoff White) Subject: Re: Raving on... In-Reply-To: <9304291447.AA06514@nexsys.nexsys.net> Message-ID: <9304291548.AA08102@brise.ERE.UMontreal.CA> MIME-Version: 1.0 Content-Type: text/plain Beyond the ultraworld of Geoff White: > > > I tend to agree with this guy, tread very carefully, > we want to inform NOT proslitize. Ravers will get turned off real > quick if you come on as something they MUST do. It must be homogenous with the rave. For example, in the chillout room, you put a mind machine, a vrave connection, an electronic LED race (it's way cool to either create or modify handheld games into huge "techno" games), and finally several PCs, modified as "rave machines(tm)" :) with some people to explain how to get the keys, how to exchange them, what you can do with it, and emphasize the cool side... > information, answer questions and most of all be considerate > of the fact that many people DONT know about the net or e-mail The majority or ravers in Montreal know about raves thru my radio show, Raving Up North (emaill list) or my interactive phone line. I regularly talk about the net, internet issues, etc... (been doing that for 2 years) so most people know what the net is really about and they send lots of mail when the written press around here screw up). Another point, i'll be doing a rave on may 8th and the ravers have dubbed it the cyberpunk rave, even if it's called Rave en couleur... > You might > want to find someone who is heavy into the Scene to go with you > the first couple of times, to smooth the acceptance factor. Definitely. The scene needs some dominant figures. > Currently I'm way to busy with other aspects of the Scene to > do this, you might want to contact some people on: > > sfraves@soda.berkeley.edu > > who regularly deploy VRAVE (an IRC like program for the international > rave community) at raves in the Bay Area. Vrave is used in the east coast too. Twould be really cool if some rave from the west coast be connected may 8th... i'll probably have 2 lines here. > know they are working > on getting the average raver signed onto e-mail. As most people who are heavily "connected". There is an article in the may/june issue of wired about a guy called cursor cowboy who wants to connect everybody he meets. Speaking of wired, i've read the article on crypto rebels aka cypherpunks. What do you think? Please respond to me since i am not on cypherpunks anymore because the traffic was too heavy and religious when i was on. Ciao, -- Francois Dion ' _ _ _ CISM (_) (_) _) FM Montreal , Canada Email: CISM@ERE.UMontreal.CA (_) / . _) 10000 Watts Telephone no: (514) 343-7511 _______________________________________________________________________________ Audio-C-DJ-Fractals-Future-Label-Multimedia-Music-Radio-Rave-Video-VR-Volvo-... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: greg@ideath.goldenbear.com (Greg Broiles) Date: Thu, 29 Apr 93 14:13:29 PDT To: cypherpunks@toad.com Subject: Re: Tough Choices Message-ID: <338R3B1w164w@ideath.goldenbear.com> MIME-Version: 1.0 Content-Type: text/plain Timothy May writes: > I suggest that we as a community seriously reconsider our basic support for > PGP. Not because of any flaws in the program, but because of issues related > to Clipper and the potential limits on crypto. > > [Cites several reasons why it's inconvenient that PGP users don't have > legal licenses to use RSA's stuff] With all due respect, fuck that. I agree that it would be much much better if PGP users could be licensed; but your letter convinced me that it's even more crucial that we get Bizdos, et al., to give or sell us a license for PGP. Yes, it is important that we have a legal and above-board product available to us. Walking away from a well-written and well-distributed (and FREE, with source) piece of software to assuage the egos and wallets of a few folks in California is bullshit. If I need to choose between "legitimacy" and privacy, privacy wins. Every time. This is the carrot for Bizdos: our money, and more market share. This is the stick for Bizdos: some of use are gonna use it anyway. He can have our money to use it - or not. RSA's choice. This entire issue pisses me off - the work that created the "patentable" stuff in the first place was supported by with public money. I think that makes it ours. I'd be willing to play along with this game if it was possible for me to do so in a reasonable fashion; but it is not. My money went to fund the development of an algorithm that now I'm not allowed to use? NOT! > I'm arguing that we should look carefully and see what the real issues are, > who the real enemy is, and then make plans accordingly. The real enemy is people who tell us that some folks can own an algorithm or a process; and other people who tell us that we can't use properties of mathematics to ensure our own privacy. It may be that within months or years the US Government will tell us that certain mathematical processes cannot be applied to streams of data, without criminal penalties; we are all able to see that's clearly unacceptable. Why is it so difficult to see that it's also unacceptable for PKP to tell us that we cannot apply those same processes without risking civil penalties? The legal minutiae behind those two statements may differ; but the end result is the same. Other folks want to tell us what we can and can't do with our data and our computers. Fuck that. -- Greg Broiles greg@goldenbear.com Golden Bear Computer Consulting +1 503 465 0325 Box 12005 Eugene OR 97440 BBS: +1 503 687 7764 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Thu, 29 Apr 93 12:09:02 PDT To: tcmay@netcom.com Subject: Re: Tough Choices: PGP vs. RSA Data Security Message-ID: <9304291908.AA14792@servo> MIME-Version: 1.0 Content-Type: text/plain I think the ball's already in Bidzos's court. Consider the following Bidzos quote a few days ago on the "billcryp" list: You have it correct, but let me expand a bit. It would be a bad business decision for us to try to keep *anyone* out of the market with patents because we disagree with their approach. Remember, personal choice crypto isn't outlawed yet. Now the context of this quote was whether RSA could use its patents to try to squash the more objectionable aspects of Clipper (particularly key registration), but his wording is (perhaps unintentionally) much more revealing. It implies to me that licensing PGP would be in RSADSI's best business interests. And so it would, if not for the personal animosity between Bidzos and Zimmerman. I sent a note to Bidzos asking him this exact question, but I have not yet received a reply. I am yet another person who would be glad to pay RSADSI a reasonable fee to use RSA in the form of PGP. Cost is really not the main issue here; PGP is the product I want to use, plain and simple. Nothing else matches its features, especially the "web of trust" model for certificates and the widespread availability of source code for inspection. Mailsafe isn't even in the running. I use PGP only occasionally, in a personal and educational mode. I would very much like to be able to recommend it to my company for business use, but I can't do that under the present circumstances. And that's too bad. Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uri@watson.ibm.com Date: Thu, 29 Apr 93 09:24:41 PDT To: cypherpunks@toad.com Subject: Re: Tough Choices: PGP vs. RSA Data Security In-Reply-To: <9304281433.AA05674@pizzabox.demon.co.uk> Message-ID: <9304291612.AA17566@buoy.watson.ibm.com> MIME-Version: 1.0 Content-Type: text/plain Sy Verpunc writes: > : .........Brief conversation with Jim Bidzos > : at the cypunx mtg indicated that he is very much up for something along the > : lines of a personal encryption product that would meet our needs. Well, this is yet to be seen. > All he has to do is let us pay a licence fee for pgp. What's the advantage > to him in asking for a different piece of code that uses RSAREF and DES > instead of Phil's code and IDEA? Practically none, especially since RIPEM is already running, and is as free as PGP. Of course, single DES is somewhat less resistant to brute force, thus triple DES would be more appropriate... > I can't see it, except that using DES blows away the security > of the program... Oh, come on now. It looks like every fool in the world believes now he can crack DES... Let me enlighten you: even IF one gets a DES engine fast enough and can put lots of those in parallel - that one still needs lots of ahrdware/software. Which isn't very feasible today. > No, I think this suggestion should be put down now, or we'll splinter and > give them exactly the divide-and-conquer opening they're looking for. Agreed. Regards, Uri. ------------ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Thu, 29 Apr 93 09:28:55 PDT To: CYPHERPUNKS Subject: Tough Choices: PGP vs. RSA Data Security Message-ID: <930429161807_74076.1041_FHD83-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Tim May writes: > I suggest that we as a community seriously reconsider our basic support for > PGP. Not because of any flaws in the program, but because of issues related > to Clipper and the potential limits on crypto. I see several problems with this proposal. 1. It's not clear what it means to "reconsider our basic support for PGP." What exactly is Tim proposing? That people stop using PGP? That they phase out their use of it as legal products become available? I'd like to see some clarification. 2. More generally, what about the issue of our advocating and supporting other possibly infringing actions? Which ones do we stop? Just those that upset Jim Bidzos? He claims to have patents that cover many more activities than RSA, including patents which cover the very idea of public key encryption, and patents on Diffie-Hellman key exchange and virtually any conceivable variation. Should we respect all of these now? 3. David Chaum apparently has U.S. patents on many key features of digital cash. It looks like we would have to stop working on that, too, by this reasoning. 4. What reasonable alternatives to PGP exist? Is RSAREF really usable on a PC? I tried an early version and it was terribly, terribly slow. PGP is just barely fast enough. A "legal" version of PGP which uses RSAREF will presumably be considerably slower. 5. I am not as convinced as Tim that RSADSI is truly, positively, certainly on our side. Why is it that RSAREF has such a weak conventional encryption algorithm (DES, with 56-bit keys)? RIPEM has been out for many months, and people have been asking for IDEA or triple DES all that time. Bidzos has supposedly said he'll give permission for improvements. Yet as far as I know RIPEM still only has this small key size, a key size which persistent rumors say can be broken by government computers. When Bidzos permits RSAREF to run a conventional encryption algorithm with a secure key size I will give more credence to the view that he wants people to have strong encryption. 6. How is it that one company has collected virtually all of the patents on cryptographic technology in this country? Jim Bidzos controls patents on public-key encryption in general, RSA, Diffie-Hellman key exchange, ElGamal signatures and encryption, and several others. I can't help noticing that it would be an extraordinarily convenient arrangement for the government if such a company existed and were secretly working against public use of cryptography while publically pretending to be doing all they can to bring this technology to a reluctant market. I still have not seen any specific public action by Bidzos which would invalidate this possibility. Yes, he has engaged in this widely publicized tiff with NIST over the Digital Signature Standard, and he's made some statements against Clipper. But where are the lawsuits? Is AT&T receiving the same threatening letters that Stanton McCandlish received when he said he was distributing PGP from his BBS? 7. Extrapolating from the widespread acceptance of PGP, which is free, to conclude that there is a market for a commercial encryption product which costs money is pointless. Granted, some of us may spend a lot of time talking about PGP and thinking about these issues, but most PGP users just downloaded it from a BBS or the net. There are a lot of things they'd spend $100 on before they would buy an encryption program. One of the things that attracted me to Cypherpunks is that they take steps to make these tools available without worrying about upsetting the power structure. David Chaum may object to our implementing digital cash. Jim Bidzos may object to our using RSA, or Diffie-Hellman, or almost anything else having to do with cryptography. If we're going to start looking over our shoulder and not doing anything which powerful people object to then we might as well pack up and go home. Almost everything we have talked about over the last six months infringes somebody's patents in this country. I really don't see what role a group like ours has if we have to tiptoe through the minefield of intellectual property protection which permeates the field of cryptography. Are we to become a bunch of unpaid consultants for RSADSI, writing code which they will then make profits on? Phil Zimmermann has done more to put strong cryptography into the hands of people all over the world in two years than Bidzos has managed in ten. He has faced lawsuits by Bidzos and has undergone considerable personal sacrifice in getting this software out. People talk about this "feud" as though the two are equally guilty, and ask (like Rodney King) "can't we all just get along?" But this is a cop-out. To me there is clear asymmetry in their dispute in terms of who asserts their power and who is trying to empower individuals. Look at what Tim is suggesting. We abandon PGP, not because it is a bad program; not because its author has behaved unethically; not because it has failed in its goals; but because Jim Bidzos is throwing his weight around and we don't want Jim to be unhappy. If Jim were to accept that PGP was no more threatening to his patents than RSAREF then the problem would be solved. I presume that Tim has decided that this won't happen, so now he suggests Plan B, that we abandon PGP. I have to suggest that the real obstacle to the wide deployment of strong cryptography remains Jim Bidzos. He has the power, by a single stroke of a pen, to do more to encourage the spread of cryptography in this country than any other single person (including Bill Clinton). All he has to do is to issue a policy statement that since PGP is freeware it falls under the PKP policy allowing use of the patents for noncommercial use. Presto - PGP is legal, and one of the main obstacles to its spread is eliminated. I agree with Tim that we need to look closely to see who our real enemies are. Perhaps Bidzos is a charming person. I've never met him. Certainly the bay area Cypherpunks seem to be falling under his influence. From my perspective I find this cozying up to the PKP/RSADSI power structure to be rather alarming. I don't think it is a good direction for the group. Hal Finney 74076.1041@compuserve.com hal@alumni.caltech.edu -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK9/UvKgTA69YIUw3AQGCrgQAi2980bgg4eHAoIbRUtEtT05V7+50UH16 erkzERI8ot+uk0soXPsM53YlVVAvSYVmLY5Ine862RWG0TUldq1O99CbnCet6Da9 /NWVUQCAoKrUuwj7Cetyf84wE4Fof6tbugOtXhke26WXZXhEIIsSdgKBzaDdc/LD y0zU/abZ9Es= =IKKf -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uri@watson.ibm.com Date: Thu, 29 Apr 93 09:24:59 PDT To: tytso@ATHENA.MIT.EDU (Theodore Ts'o) Subject: Re: Tough Choices: PGP vs. RSA Data Security In-Reply-To: <9304281436.AA05701@pizzabox.demon.co.uk> Message-ID: <9304291618.AA21186@buoy.watson.ibm.com> MIME-Version: 1.0 Content-Type: text/plain Theodore Ts'o writes: > Several people from RSA, including Bidzos at the last Cypherpunks > meeting at Mountain View (I wasn't there, but take a look at the meeting > "minutes"), have stated repeatedly that if someone were to ask for > permission to use the internal interfaces of RSAREF in order to write a > PGP-compatible program, they would grant permission. Now - there's a slight distinction between: a) write [from scratch] PGP-compatible program; b) write RSA engine for [existing] PGP program. I suspect it's the second, that most people would prefer. > However, as of two weeks ago, *NOT* *A* *SINGLE* *PERSON* *HAS* *ASKED*. Incorrect. I asked for, and recieved, a permission to use RSAREF internals for modified RIPEM program. Actually, nobody but time and efforts preclude me from adding PGP capabilities to it... Of course, whether b) will be granted too, is an open question. > To those of you who have repeatedly said "Cypherpunks write code" > (and I applaud that attitude), consider this a challenge. :-) Naw... EeRegards, Uri. ------------ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Thu, 29 Apr 93 09:34:53 PDT To: tcmay@netcom.com (Timothy C. May) Subject: Re: Tough Choices: PGP vs. RSA Data Security In-Reply-To: <9304290836.AA17180@netcom.netcom.com> Message-ID: <9304291634.AA24470@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain [I am CCing this to Jim Bidzos at RSA.] Timothy C. May says: > Cypherpatriots, > > This is a tough posting to write. I may even be called a quisling, or even > a sternlight! Actually, I do not disagree with your fundamental points. Jim Bidzos is not, fundamentally, an enemy of privacy. He's just in a difficult position because his livelyhood comes from selling patent licenses. If a program existed that was legal and freely distributed like RIPEM but ran as fast as PGP and offered the "web of trust" model of PGP, I'd use it immediately. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "L. Detweiler" Date: Thu, 29 Apr 93 11:39:00 PDT To: cypherpunks@toad.com Subject: The May Proposal In-Reply-To: <9304290836.AA17180@netcom.netcom.com> Message-ID: <9304291838.AA11371@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain Just when I think I'll lie low awhile, tcmay@netcom.com (Timothy C. May) drops a bombshell: >I suggest that we as a community seriously reconsider our basic support for >PGP. Not because of any flaws in the program, but because of issues related >to Clipper and the potential limits on crypto. I'm quite aghast at this little gem of a proposal, which might be deemed `treasonous' by some (however, I'll limit my flames). In many ways it is more unpalatable than the Clipper announcement. PGP is *solid* software for cryptography that is available *now*. What other software is available? Sure, there are plenty of vague promises and vaporware, or bits and pieces for little nooks and crannies of platforms. PGP is the closest thing to *widespread* strong cryptography available *across* platforms. Look, support whatever you want. Cypherpunks don't have an official policy sheet. But to recommend they stop promoting something that has formed one of the most stable core commitments of the group is divisive in itself. (Sheesh, this group couldn't reach a consensus if only one person was subscribing!) >1. If RSA fails to take actions against sites and users, it weakens their >legal position with respect to their patents. The government does not need >licenses in any case, but users of Clipperphones *do* (not the final >end-users, but the suppliers of Clipperphones to non-government customers). are you saying that RSA needs to support Clipperphones? or that they need the legal torque to suppress granting the patent to implementations of it? If RSA sells out, which I see every sign of this happening (lacking explicit reassurances from Bidzos, and in light of his apparent devotion to the company `stockholders'), then the point is mute. What makes you so sure they won't (or haven't)? Also, your reasoning is bizarre. If RSA wants to protect their patents, then they should attempt prosecution or pursue agreement, one or the other. It is the failure to prosecute that weakens their case, not the existence of infringers per se. Actually, that is the only way they have to strengthen their case, to attempt prosecution of perceived infringers. If they fail to do this then they are implicitly acknowledging their own weakness. >2. The "guerrilla crypto" aspect of the PGP community (and our group) is >charming, but may be counterproductive. If we are viewed as outlaws, the >target even of RSA, then we have almost no influence, save for underground >subversion. I just don't get this strange and insatiable drive to `respectability' by outspoken members of this list. This is the critical period when cryptography itself is in jeopardy, precisely at the point that we must, to a large extent, work outside the ``system'' that has unequivocally demonstrated its hostility to the basic premise of widespread unbreakable cryptography. Currently, we cannot have our unbreakable cryptography and respectability too. You all remind me of Denning, who wants to underhandedly promote Clipper and retain her scientific respectability at the same time. Or the NSA, who wants to regulate commercial cryptography but completely suppress any innovative commercial ideas that threaten their (increasingly threatened and seriously weakened) domination. >(To put this another way, if we are seen as RSA Data's enemy, we lose a >potential ally. I am suggesting that a coming war between strong crypto on >one side and government snooping on the other will force all participants >to choose up sides.) I'm on the side that commits to widespread availability of strong cryptography at any cost and any sacrifice. As Mr. Hughes has written, ``no compromises''. I think RSA had better make it clear right away whether they will support the Clipper and Capstone projects or not. That is the crucial decision at stake. Every minute that a strong statement is lacking I am further skeptical and suspicious of their true intent. >3. Supporting a legal version of strong crypto, which RSA Data-approved >programs are and PGP is *not*, is a much more solid foundation from which >to fight possible restrictions on strong crypto. All this vague legal mumbo jumbo and wonderful rhetoric like `solid foundation' may have some value in the future, and may even be a decisive pivot. But the pace of litigation is glacial, and we need powerful tools *now*. PGP is such a tool. The strongest approach to fighting restrictions on strong cryptography is to USE IT RIGHT NOW. RSA in a MINUTE could guarantee the legality of PGP by offering licenses to users. Many have expressed the sincere desire to become `legitimate'. I consider it a wholly reasonable approach. Their continued silence on this point is deafening. They have not addressed the possibility whatsoever publicly except to hint that they regret their inability or inaction in the area. Why do they refuse to assent? There are overtures & negotiations to get the RSADSI libraries into the code, but this is just (so far) a decoy, distraction, and diversion in my opinion. I think the bottom line is that RSA wants more control over the public key algorithm than P. Zimmerman (a true cypherpatriot) is willing to grant, and he is willing to take a calculated but considerable risk, which so far has payed vast, global, valuable dividends reaped by tens of thousands. >4. Our time could better be spent by solidifying existing RSA programs, >including RIPEM, RSAREF-derived programs, MailSafe, and so forth. This is >the approach several major companies have taken (Apple, Lotus, Sun, etc.). again, not enough platform-independent availability or fanatical commitment on the part of the companies. Is there a *universal*, *freely available* package in there? How many of those vendors would take out the strong cryptography if a law were passed to do it? How many have already demonstrated their spinelessness by weakly assenting to disembowel their embedded strong cryptographic techniques? How many are subject to the whims of RSA or the NSA? >I've urged Jim Bidzos to work toward some compromise with the PGP community >(and I think everyone recognizes the positive aspects of this growing >community). This might include creating translation programs so MailSafe or >RIPEM can read PGP files, a reworking of PGP to conform to licensing >requirements, etc. Oh, so we abandon PGP until Mr. Bidzos works out a compromise on his own terms and own time schedule, is that the idea? He has had *years* to demonstrate his willingness to `compromise'. Some parts of the PGP community would gladly submit to even a one-sided `compromise' of expensive individual licensing. So far, in my view, he has done nothing but string along the PGP team, when he (or somebody) has the power to end the bickering and tension *immediately*. Many PGP users don't object to RSA getting rich off the algorithm licenses. It is not an issue of money, apparently, though, it is an issue of *control* (something that any true cypherpatriot should recognize as critical and not to be given away). Do you want your strong cryptographic techniques to be controlled by yourself or someone else? >I'm hoping that Phil Zimmermann can see what the real battle is. The PGP >community is not likely to win their battle in court, and the effect of >such a court battle will be divisive and ultimately may help the government >in its plans. Phil Z. is most unlikely to ever see any real revenues from >PGP. Mr. Zimmerman has never seen `any real revenues' from his work and to attribute his basic past motive to that purpose is mercenary and tasteless. He has a true and passionate commitment to strong cryptography, enough that he risked his personal comfort and sacrificed years of his life to promoting it, and the documentation accurately represents that drive. Yes, a court battle would be divisive. It would probably bankrupt Mr. Zimmerman and distract RSA if pursued vigorously. But RSA can wholly avoid it. On the other hand, a court battle could bring public favor to the cryptographic cause. It could set a clear precedent for the dubious legality of software patents. There are many wildcards. Would many people send Zimmerman money if he was prosecuted? Would EFF get involved? Would he be perceived as the David vs. the Goliath? Does RSA have a strong, legal, legitimate case? Only a Sternlight would think the issue is clear cut. >I think the benefits of a strong, legal, supported crypto product are >greater than the dubious benefits of having a "free" piece of software. At >any reasonable hourly wage, the cost of MailSafe ($125, last time I >checked) is dwarfed by the amount of time crypto activists like ourselves >spend debating it, downloading it, awaiting patched versions, etc. PGP is essential now because it is supported on many platforms, has a common format, is not limited to mail, has attained a sophisticated degree of reliability, is continuing to be supported extremely responsively, is not limited by wishywashy and halfhearted commitment by its developers, was born of the true motive that *everyone* deserves and requires strong cryptography *today* and that there's something just a little upsetting about big conglomerates getting rich off of selling algorithms for a freedom like privacy. Do you want to trade something solid for something vapid? >(All is not rosy on the RSA Data side, either. RSA Data chose to >concentrate on getting RSA built in to e-mail products from the major >companies and chose not to devote much effort to PGP-like personal >encryption products (such as MailSafe, which runs on DOS and UNIX only and >which hasn't changed much since 1988). Support for RSA Data should mean >more support for these kinds of products. We could essentially ask RSA for >a commitment in this area.) I will support RSA when they show an unequivocal commitment to the proliferation of strong cryptography by allowing individual users to obtain licenses. So far, they have only worked with companies. They stand to make *more* if they had the unorthodox whim to allow users to receive licenses. People have been asking for ``a commitment from RSA in this area'' for *many months* if not *years*. There are ulterior motives present that are not apparent in talking exclusively to Bidzos, I'm sure. Here is my position on PGP: yes, it has dubious legal ground. But so did many other revolutionary technologies at the time of their inception. RSA has had plenty of opportunities to send a clear signal by either prosecuting or promoting PGP (the former in potentially devastating ways, the latter in potentially lucrative ways). That they have not done either suggests to me that they don't understand the fundamental importance of the issue in some way. It seems to me somebody directing RSA (Bidzos perhaps) wants to straddle the fence, and is continuing to do so, and that PGP and Clipper (so far) are just two aspects of a pattern. But I think somebody at RSA had better pick a side soon or they will be speared by both sides of the fence. I think it would be overly optimistic and idealistic to think that PGP will be here, say, 10 years from now. It is a stepping stone to grander things, but a *crucial* one at this point, and not to be abandoned but remembered, revered, and *used*. Do you know how many man-hours have gone, and continue to go, into its development and maintenance? Many new wrinkles will be occuring in time, but right now PGP is the well-deserving cyphersoftware of choice. Until RSA makes some clear statements of their intent on critical issues like Clipper/Capstone/PGP, I don't consider them an ally. At this point their silence can be taken as an affront to *all* sides. Right now I think the clock is ticking on a blatant sellout, but I'd just love to be pleasantly surprised. So far the only thing surprising about RSA is their conspicuous inconspicuousness. And there are ominous rumors that they will be or are starting to target prominent PGP users in a mailwriting campaign. The issue is not ``will RSA be our ally if we sacrifice PGP?'' but ``why has RSA not responded despite reasonable overtures?'' In my opinion, J. Bidzos needs to answer the following explicitly and satisfactorily before cypherpunks consider RSA their Salvation: 1. Will RSA sell licenses to companies seeking to use the public key algorithm in Capstone and Clipper implementations? What was the exact RSA involvement in those areas prior to the announcement? 2. Why has RSA refused to sell individual licenses to PGP users despite the continued expressions of willingness and desire to cooperate on the part of many of those users? 3. What is the real RSA position/plan/policy on patent infringers, if there is one? 4. Who is fundamentally in control of RSA, anyway? Bidzos? R. S. & A.? Shareholders? the NSA? Accountants and lawyers? What is the underlying agenda? >I'm arguing that we should look carefully and see what the real issues are, >who the real enemy is, and then make plans accordingly. ``Friends come and go, but enemies accumulate.'' From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Xiao Zhou Date: Thu, 29 Apr 93 09:41:01 PDT To: cypherpunks@toad.com Subject: Limbaugh & Liddy Message-ID: <9304291640.AA15355@toad.com> MIME-Version: 1.0 Content-Type: text/plain >> In <9304231457.AA22562@gmuvax2.gmu.edu>, 7025aj@gmuvax2.gmu.edu writes: >> |> >> |> send him [Limbaug] some convincing words, please? >> |> >> |> G. Gordon Liddy would be another good target, but I don't know his address > >cp@jido.b30.ingr.com (Serrzna Penvt Cerffba) [!Is that real rot13!?] replies: >> My guess would be that Liddy and Limbaugh would both be very >> happy about the Tapper chip proposal... 1) Any publicity is good for us. These guys need controversy, and we've got it. 2) There's the 'international competitiveness' issue. 3) These guys hate Clinton to Schiminton. 4) Even if they pick the other side, we look good. 5) Larry King would of course be better, but is he returning your calls? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tribble@memex.com (E. Dean Tribble) Date: Thu, 29 Apr 93 15:07:35 PDT To: anton@hydra.unm.edu Subject: HELP! Some nut is threatening to sue! In-Reply-To: <9304290331.AA18264@hydra.unm.edu> Message-ID: <9304292001.AA20252@memexis.memex.com> MIME-Version: 1.0 Content-Type: text/plain From: Stanton McCandlish Date: Wed, 28 Apr 93 21:31:10 MDT this is a real threat? Last I heard PGP *MIGHT* violate a patent, but PGP does violate patents. Several people, particularly in the cypherpunks community, are trying to alleviate the RSA vs. PGP problem. The controversy is counterproductive (and all sides seem to be mostly good guys), so let's not stir the pot further. Two of the solutions are 1) PGP could be reimplemented to use RSAREF, and 2) RSAREF (or something like it) could be extended to include all the functionality of PGP, but without the patent problems. (RSAREF is a copyleft implementation of RSA stuff). From: jim@RSA.COM (Jim Bidzos) I don't think you're aware of our position on pgp. Unfortunately, you may leave us no choice but to take legal action, which we will unless you cease promotion adn distribution of pgp. The next message will state our position. I encourage you to cease public promotion (because the RSA claim is legit), and send a message to Jim asking him what you can do to encourage a freely (and easily) useable and legal general encryption tool. dean From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: cp@jido.b30.ingr.com (Serrzna Penvt Cerffba) Date: Thu, 29 Apr 93 11:09:03 PDT To: cypherpunks@toad.com Subject: CSPAN NOT covering the hearings tommorrow In-Reply-To: <9304281904.AA12916@netcom4.netcom.com> Message-ID: <199304291808.AA10547@jido.b30.ingr.com> MIME-Version: 1.0 Content-Type: text/plain In <9304281904.AA12916@netcom4.netcom.com>, John Draper writes: |> Called CSPAN, and they are NOT covering the hearings tommorrow. Hah! |> our tax dollars at work!! C-SPAN is not tax supported, if that's what you meant. Presumably transcripts will be available from the GPO as part of the Congressional Record, or someone in Ma who is a Markey constituent could get them for free and post a summary. ^ / ------/---- cp@jido.b30.ingr.com (Freeman Craig Presson) / / From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Thu, 29 Apr 93 13:12:27 PDT To: cypherpunks@toad.com Subject: RE: HELP! Some nut is threatening to sue! Message-ID: <9304292012.AA12334@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Dr. Zaphod writes, commenting on Jim Bidzos' e-mail to Stanton M., > For a guy who claims to want to help us Cypherpunks in the way of >personal encryption, scare tactics seem a little out of place. I'm sure >we'd all like to use legal encryption methods [maybe]... but we ARE >Cypherpunks.. giving us the responsibility to use what's best and defend our >rights for privacy. Using a package that hasn't been updated in 5 years >[MailSafe], we have diminished to politically correct yippies. I;m not sure >quite what to do.. but I saw Jim Bidzos on a magazine once.. and he looks >like a fed. >By playing the game we are becoming part of it. TTFN. * The scare tactics may have been somewhat too harsh, or at least phrased in typical "cease and desist" lawyer terms, but Stanton _did_ post his announcement very prominently and widely in sci.crypt, where everyone could see it. RSADSI was pretty much forced to react, lest they later find their patents/copyrights/whatever ruled invalid by their failure to protect them. Most PGP sites are less well-advertised :-}. * I agree that PGP has a feature set (especially its distributed trust model) that is more interesting than the creaky old MailSafe program. There may be several solutions brewing here, as several postings in this thread have noted. * As George Gleason has also noted, dividing our community may play into the government's hands. (Some may think I'm trying to fragment the PGP community with these comments. Not at all. PGP has done a valuable service in educating hackers, users, etc., and in energizing the community. But keeping crypto "underground," as by nature PGP must be, is not what we want, is it?) * I once thought RSA Data Security Inc. was NSA-controlled. This was in 1988 or so, when I tried to buy a crypto package from them and got the run-around ("Don't call us, we'll call you."). It seemed natural, to me at that time, that the Agency would control such a crucial technology. This opinion didn't last too long, as I got more familiar with the crypto community. Now I'm convinced otherwise, and that Clipper/Capstone is in fact the government's way of gaining control of a technology they failed to classify and control the first time around. (To be sure, the export controls and other legal restrictions are a way the Agency and others control the spread of strong crypto, but so far there has been no basic challenge to the "right to encrypt." Many of us see Clipper as a probable move in this direction. Time will tell.) After meeting many of the principals, including some early investors (like Alan Alcorn, of Atari fame, at the Hackers Conference), I came to a different conclusion: RSA Data Security was just concentrating on the "big deals" which are only now coming to fruition--the zillion-copy deals with large companies like Apple, Microsoft, Lotus, etc.. This market is vastly larger than the PGP community, which may be as "small" as several thousand copies (does anybody have any better guesses?). And it turns out anyone _can_ buy a personal encryption package from RSADSI...it's called MailSafe. In 1991, I stopped off at the offices of RSA in Redwood City, while on my way to Lake Tahoe to the Hackers Conference, to pick up my copy of MailSafe and ran into Jim Bidzos. We talked about PGP (1.0 in those days) and about the upcoming Hackers Conference. Jim made an interesting offer: Anyone at the Hackers Conference could buy MailSafe for $50, just by saying they were there. This fee barely covered the manufacturing/packaging costs, as I'm sure you all know. So far as I know, a handful of people followed up. (And I agree there's a perceived problem that no one, especially in our community, uses it. That's why I have both a MailSafe and a PGP key...I figure I'm pretty safe against any legal charges, as I can always wave my MailSafe license in the air!) Several other conversations have convinced me that Bidzos is not a Fed. Also, his company has sponsored two excellent (and *free*, by the way!) conferences on crypto, featuring speakers from outside his company (such as Mark Riordan of RIPEM fame) and talks highly critical of the "Digital Signature Standard" (DSS), which the real Feds were pushing as a weak alternative to RSA digital signatures. (By the way, DSS is part of the new Capstone system, unsurprisingly.) * I'm not a lawyer (which is why I'll cc Mike Godwin and Lee Tien on this response), but my understanding is that the RSA patents cannot just be licensed on a "per person" basis...that's just not the way patents work. That is, we can't just pay RSA a quite reasonable $50 apiece for a perpetual license to the patents and be done with it. Instead, each product that uses the patents must be separately licensed, as per patent laws. (This doesn't mean the fee is anywhere _near_ the $125 for MailSafe, the $50 fee I suggested here, etc. I suspect the deals with Apple, Lotus, etc., resulted in _much_ lower fees, perhaps just a couple of bucks per user. Just a guess.) * A "personal encryption" product, for users who don't use commercial e-mail products such as Lotus Notes (which contains RSA), is sorely needed. The PGP distributed trust model and other features, combined with a fully legal "crypto core," could be a real success. (Personally, I'd like to see a commercial version of "Eudora," the Macintosh off-line mail reader I now use, with easier (push-button, automatic) support for PGP, RIPEM, etc.). * The upcoming battle for strong crypto is as important a battle for civil liberties as our generation will ever face, in my opinion. The precendents set in the next several years will shape this country (and other countries, by extension) for many years to come. -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, smashing of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available. Waco Massacre + Big Brother Wiretap Chip = A Nazi Regime From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Thu, 29 Apr 93 10:26:38 PDT To: nmh@thumper.bellcore.com (Neil Haller) Subject: Re: Tough Choices: PGP vs. RSA Data Security In-Reply-To: <9304291305.AA14642@latour.bellcore.com> Message-ID: <9304291725.AA24557@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain Neil Haller says: > Let me add one vote of support to your proposal ... and another > reason you may not have considered. > > I use PGP for personal communications. I'm not a big enough > target for anyone to sue. On the other hand I do *not* use > PGP for anything related to my employment. My company (Bellcore) > is large enough to get sued, and everyone loves to hate the > telephone industry. As a result, I would happily pay a resonable > license fee. So would I. Many have said this before. Sigh. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Stephen P. Marting" Date: Thu, 29 Apr 93 10:32:24 PDT To: cypherpunks@toad.com Subject: Re: Need some Advice In-Reply-To: <9304290001.AA02691@vax1.cc.uakron.edu> Message-ID: MIME-Version: 1.0 Content-Type: text/plain Excerpts from cypherpunks: 28-Apr-93 Need some Advice by "Robert D Shofner"@vax1.cc.uakron.edu > My question is what is the diff. between a Software Eng. & Computer Sci. > degree. Some of my profs say that they don't know of any schools offer > a BS in Software Eng. If that is the case then why do people use that > term? Or is it a Masters degree or something like that? Well, I'm not too sure what this has to do with cypherpunking, but here goes: The difference between Software Engineering and Computer Science is sort of like the difference between Differential Equations and Mathematics. SoftEng is a subset of CompSci. I don't believe there are any schools that offer SoftEng as a BS degree - very few schools even offer an undergrad-level SoftEng course, Carnegie Mellon University (we're ranked second in CompSci overall) being a notable exception. We offer a Masters degree in SoftEng, and even have a program set up that allows a student to achieve a BS in CompSci and a MS in SoftEng in five years. [However, squeezing both those degree programs into a 5-year period would probably kill most ordinary mortals. I don't recommend this program, as lots of people have a hard time fitting the BS into four-and-a-half :) years. We're a tough school...] Not a University Spokescritter, but I play one on the net, -Spam -- spam+@cmu.edu |~|___________ Spam is: Please sm6h+@andrew.cmu.edu | \ Steve Marting Email me anonymous mail: | . / Carnegie Mellon U. For my PGP ap.2879@cupid.sai.com |_____________> Pittsburgh, PA Public key! From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Thu, 29 Apr 93 10:40:11 PDT To: cypherpunks@toad.com Subject: Re: Tough Choices: PGP vs. RSA Data Security In-Reply-To: <9304281433.AA05674@pizzabox.demon.co.uk> Message-ID: <9304291739.AA24576@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain Sy Verpunc says: > : At risk of getting the goats of some friends of mine who read the list, I'm > : tending to agree with Tim's ideas here. Brief conversation with Jim Bidzos > : at the cypunx mtg indicated that he is very much up for something along the > : lines of a personal encryption product that would meet our needs. From a > > All he has to do is let us pay a licence fee for pgp. What's the advantage > to him in asking for a different piece of code that uses RSAREF and DES > instead of Phil's code and IDEA? Why don't you ask him? He's jim@rsa.com. I'd be polite. .pm From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Bob Stratton Date: Thu, 29 Apr 93 11:50:53 PDT To: cypherpunks@toad.com Subject: Re: Tough Choices: PGP vs. RSA Data Security Message-ID: <9304291350.AA43154@horton.intercon.com> MIME-Version: 1.0 Content-Type: text/plain > From: markh@wimsey.bc.ca (Mark C. Henderson) > Date: Thu, 29 Apr 1993 11:11:20 PDT > Subject: Re: Tough Choices: PGP vs. RSA Data Security > > > 6. RIPEM currently has no way to handle certificates or sign other > people's public keys. This is, of course, serious. The Macintosh RIPEM client does/will have certificate creation functionality RSN. In fact, RSA's even running a low-security persona certification authority that interoperates with them, as we speak. --Strat From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Sy Verpunc Date: Fri, 30 Apr 93 06:37:45 PDT To: cypherpunks@toad.com Subject: Re: Tough Choices: PGP vs. RSA Data Security Message-ID: <9304291357.AA09412@pizzabox.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain From: Theodore Ts'o From: Sy Verpunc (Graham Toal) Thats what people have *always wanted* to do. RSA won't let them. That's why any talk of a newer friendlier Bizdos is bullshit. Have you actually tried? *I* don't need to. PKP don't have a patent in Britain. Several people from RSA, including Bidzos at the last Cypherpunks meeting at Mountain View (I wasn't there, but take a look at the meeting "minutes"), have stated repeatedly that if someone were to ask for permission to use the internal interfaces of RSAREF in order to write a PGP-compatible program, they would grant permission. That's *NOT* what we want to do. We have perfectly good code that we trust already, called pgp. We're offering to pay a patent licence for pgp, not some RSADEF-derived code with DES that we don't trust. Hell, *I* would even pay a license fee for pgp and I'm not even legally obliged to... However, as of two weeks ago, *NOT* *A* *SINGLE* *PERSON* *HAS* *ASKED*. Because that's the wrong question. G From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: hkhenson@cup.portal.com Date: Mon, 3 May 93 08:12:43 PDT To: cypherpunks@toad.com Subject: Re: Tough Choices: PGP vs. RSA Data Security Message-ID: <9304291359.1.6025@cup.portal.com> MIME-Version: 1.0 Content-Type: text/plain re paying a reasonable license fee, I wonder if RSA would cash my check for (say) $10 if I wrote on the check that it was for a license for whatever they might claim on PGP. One wonders what they would do with several hundred checks. :) Keith From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mike Godwin Date: Thu, 29 Apr 93 11:00:57 PDT To: gg@well.sf.ca.us (George A. Gleason) Subject: Re: Tough Choices: PGP vs. RSA Data Security In-Reply-To: <199304291001.AA23207@well.sf.ca.us> Message-ID: <199304291800.AA02672@eff.org> MIME-Version: 1.0 Content-Type: text/plain George Gleason writes: > A major > rift between PGP and RSA folks will only serve the interests of those who > would rather both systems be banned. I cannot overstate how strongly I agree with George's statement here. --Mike From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Thu, 29 Apr 93 11:01:59 PDT To: cypherpunks@toad.com Subject: Re: HELP! Some nut is threatening to sue! In-Reply-To: <2475.drzaphod@ncselxsi> Message-ID: <9304291801.AA24615@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain "DrZaphod" says: > but I saw Jim Bidzos on a magazine once.. and he looks like a fed. Gawd. For people who claim "no one judges by appearances" you are really being silly. So he looks like a Fed. I suspect that to you, *I* likely look like a Fed, too. (I wear suits, and have a very very short haircut. I have to -- I work on Wall Street.) Geesh. Whether Bidzos is a nice guy or the devil incarnate has nothing to do with his clothes. You have, of course, demonstrated quite nicely what I was getting at in my earlier messages -- appearances count. Even hackers judge by appearance. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 29 Apr 93 14:05:29 PDT To: cypherpunks@toad.com Subject: Tough Choices: PGP vs. RSA Data Security In-Reply-To: <9304290836.AA17180@netcom.netcom.com> Message-ID: <9304292102.AA17707@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Copyright (c) 1993 Eric Hughes. Unlike most everything else I write, I do not grant right to use this without my express permission. If you want it sent somewhere else, ask me. I'll probably just send it there myself. I'm going to try to give an overview of the RSADSI and PGP situation. This is long. I've put it in the form of premises, assertions, facts, lemmas, theorems. I know that below I am mostly trying to justify RSADSI's actions. I offer the following so that you may understand how they view themselves. I also wish to offer my personal view on RSADSI. I do not consider them the enemy; I consider the enemy to be NSA/COMINT and those who would destroy privacy to create Big Brother. The RSA patent expires in seven years; the NSA will be around long after that. I have a clear priority here. This long term battle is worth winning to the exclusion of some other desiderata. "Patents don't kill people. Tyrants kill people." I do not think we should pick fights with our allies. The patent battle will not be won by mere defiance, but by careful planning. PGP is not the right vehicle for this fight. Every argument below is predicated on the first premise. I know lots of people are stronly opposed to the patents; I myself am of two minds on the subject. I do wish to point out that the validity of the patents is not what I argue from, but their pragmatic effect in the legal world. Premise: The RSADSI patents are _de facto_ effective. This is a completely separate issue from whether the ought to exist, whether the public really should have them, etc. The fact is, the PTO granted them, the courts will find them valid unless a lot of money is spent in a legal challenge whose outcome is by no means guaranteed. A large organization with lots of money to spend (not the LPF) might have a chance of a successful overturning, but that course of action is not in sight. Premise: Jim Bidzos is not in a unconstrained position; he has repsonsibilities and restrictions and can't do whatever he might want. The effectiveness of the patents gave rise to a commercial opportunity. That commercial opportunity is embodied in PKP and RSADSI. That opportunity was successful by any reasonable measure. The success directly created a fiscal responsibility for the agents of the patent owners to make money for the owners. Bidzos can't take actions which can reasonably be seen as threatening to his business; the point of view here is that of the owners, no one else's. Premise: PGP threatens the business of PKP and RSADSI. This is fairly explicit in the documentation; PGP intends to threaten their business. The patent claims are denounced, variously, as unethical, immoral, and stolen. The docs says "Hey! we tried to get a license, and they wouldn't give it to us, but here's the software anyway." The point is that the truth or falsity of these claims is not the issue. These statements on their face can be taken as harmful; that is sufficient. Premise: RSADSI and PKP will defend themselves. Seems obvious, eh? The way to counter rhetoric is with more rhetoric, and the rhetoric of business is the law and threats of legal action. To my knowledge, no actual legal actions have been made by RSADSI, but lots of threats have been. I also believe that RSADSI is ready to take legal action, however. Premise: RSADSI's main business is licensing, and licensing individuals is not very profitable. RSADSI has had enormous commercial success in getting large corporations to sign up. The only reason to license individuals is to allow them to use non-commerical software of one form or another. The brute fact of the matter is that most people just don't use non-commercial software, as a percentage of market. (If you disagree, consider the size of the PC deployed base vis a vis Unix, and then consider that most of those PC's are owned by companies, who purchase their software.) Lemma: Licensing patents is different than licensing software. With software, most of your revenue stream in the long run is upgrades, not initial purchases. The incremental cost to produce an upgrade over its sale price is far less than for the initial version. With a patent license, you get one sale and that's it. Premise: RSADSI created RSAREF in order to license individuals. The purpose of RSADSI is not to suppress cryptography--it is to promote it. They lose very little by making a free version and they gain a lot in terms of goodwill and preparing and educating people to use commercial versions. Since they don't make any money from it, there's no reason for them to spend much money paying lawyers to draft license agreements for products which bring in no income. Therefore they want all non-income uses of the patents to be filtered through a single license. Fact: Commercial licenses to RSAREF are available. They have not been advertised widely as yet, though. Assertion: The reason that RSADSI requires that individual licenses be mediated through RSAREF is that non-commercial software is inevitably used in commercial contexts. Remember, their main business is licensing. All software used in a commercial context must be licensed, otherwise their main business is imperiled. Were they to make separate licenses for every low end product, they would be in the same situation as if they licensed individuals--high overhead, small return. Therefore, they license RSAREF to companies; this allows RSADSI to economically offer licensed use for all such low end software packages. Theorem: PGP does not need to threaten RSADSI's business. By using RSAREF, PGP can satisfy RSADSI's business requirement to control licensing and satisfy PGP's requirement to have a free license. Fact: RSAREF has a restricted interface which does not allow for direct RSA cryptosystem operations. Assertion: RSADSI is protecting their good name by restricting the default RSAREF interface. Jim Bidzos has told me that the reason they use a restricted interface is to prevent people from making stupid cryptographic mistakes and then claiming that the lack of security was the fault of RSADSI. Given the number of cryptographic numbskulls out there, this concern is not unrealistic. Fact: PGP cannot use the default RSAREF interface. For one, DES is embedded into that interface. Fact: RSADSI has allowed products to go behind the RSAREF interface before. Their concern is that your not doing anything stupid. PGP isn't, so that concern is satisfied. Fact: RSAREF requires a written request to go around the standard interface. Licensing is a legal issue; written words are pretty much required in order to be responsible. Fact: No one has ever made such a written request for PGP. Part of the reason has been that moving to RSAREF entails some architectural changes, and these are still being debated. The recent clipper announcement delayed things as well. Fact: RSAREF is slow. It's only C code. The 386 assembly code in PGP runs about 15 times faster than the C code in RSAREF. RSAREF explicitly allows modifications for improved performance. The plan is to make the PGP assembly speedup modules available as RSAREF speed improvements; this is another delay in getting a port done. Fact: RSAREF can't be legally exported from the US because of the ITAR. Bidzos is seeking a Commerce Jurisdiction ruling for RSAREF, which would mean that it would be permitted for export. But until then, PGP would have to support two versions: an RSAREF one for US use, and a non-RSAREF one for non-US use. This requires more wrappers, and thus more work. Fact: PGP development is already moving in the direction of RSAREF. As I've stated, however, there are a number of practical problems that have to be straightened out before software ships. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 29 Apr 93 14:19:51 PDT To: cypherpunks@toad.com Subject: Tough Choices: PGP vs. RSA Data Security In-Reply-To: Message-ID: <9304292116.AA18449@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >Problems with RSAREF/RIPEM: >1. Use of RSAREF/RIPEM in support of a commercial enterprise is >prohibited without paying a licence fee. Note that they can get >you on copyright violations rather than patent infringement >if you break the RSAREF licence agreement. For those of you looking around for a good cypherpunk-style project, a rewrite of RSAREF with an identical interface (external and some of the internal) would be a good idea. Such a body of code would prevent RSADSI from using copyright as leverage against a non-US company or person. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dmandl@lehman.com (David Mandl) Date: Thu, 29 Apr 93 11:21:29 PDT To: tcmay@netcom.com Subject: Re: Tough Choices: PGP vs. RSA Data Security Message-ID: <9304291821.AA13207@tardis.shearson.com> MIME-Version: 1.0 Content-Type: text/plain A new PGP with an RSA-approved engine and a reasonable license fee sounds fine to me. --Dave. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tribble@memex.com (E. Dean Tribble) Date: Fri, 30 Apr 93 00:35:20 PDT To: cypherpunks@toad.com Subject: Tough Choices: PGP vs. RSA Data Security In-Reply-To: <9304292116.AA18449@soda.berkeley.edu> Message-ID: <9304292309.AA21508@memexis.memex.com> MIME-Version: 1.0 Content-Type: text/plain >Problems with RSAREF/RIPEM: >1. Use of RSAREF/RIPEM in support of a commercial enterprise is >prohibited without paying a licence fee. Note that they can get >you on copyright violations rather than patent infringement >if you break the RSAREF licence agreement. For those of you looking around for a good cypherpunk-style project, a rewrite of RSAREF with an identical interface (external and some of the internal) would be a good idea. Such a body of code would prevent RSADSI from using copyright as leverage against a non-US company or person. It would be even nicer if this was done by someone outside the US. This avoids the export problem. dean From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Matthew J Miszewski Date: Thu, 29 Apr 93 16:19:00 PDT To: cypherpunks@toad.com Subject: No Compromise in Defense of Our Privacy Rights. PGP FIRST! Message-ID: <23042918181047@vms2.macc.wisc.edu> MIME-Version: 1.0 Content-Type: text/plain To all, Tim's statements bother me a great deal. Granted I have not been around as long as some (in this particular environment), but long enough to gain respect for certain net personalities. I wish to hold on to that respect... Ive heard a lot of people talk a lot of sh** about the privacy issues concerning us requiring private acts of heroism. Is that what is involved with giving up on an ideal that has helped define the term cypherpunk. Not long ago Tim (and others) posted a rabid defense to the changing of the name of the list. Were those merely words? I have never questioned the dedication of freedom lovers like Tim before this series of postings. Something has clearly taken place. I hope we find out what. My problems with Tim's suggestions: 1. While those of us lucky enough (or skilled enough) to be independently wealthy may think that the price of RSA software is nominal considering what is at risk (I personally agree), do we forget about those that *need* this data security and cannot pay for it? (All of these people of course would use PGP as an academic resource in order to make its distribution OK). 2. From a legal point of view, what RSA is probably doing is asserting its *presumed* patent rights. Left unchallenged they will remain presumed. So, to those whom have repeatedly sounded the call for "individual acts of heroism", is now the time to run and hide? The *ultimate* question of the legitimacy of algorithmic patents funded with public money *will* default if left unchallenged. So I challenge, with all of my honest respect, those with the means to take up the gauntlet thrown down by RSA. 3. There are more ways than one to legitimize strong crypto and allow RSA to gain its almighty buck. Suggestions have already been made. Allow the rights to the RSA patents to be purchased. RSA does have a choice between that and no money at all. 4. What about those that went before. Is the heroism of Phil Zimmerman to go for nought? The chances that several people, including Tim, have taken deserve compensation NOT compromise. RSA wants us to fold now. Why is a respected leader of the community asking a compromise of the Cypherpunk Manifesto? 5. Finally, there have been other ways suggested to deal with the problems. A USA-Legal PGP is one. I know that many of the philosophers, code writers, hackers, thinkers, etc. among us can overcome this too. Why give up when it appears to be the night before the big game? I am merely a law student with a deep interest in liberty and privacy. I *am* willing to offer my time to the preparation of any eventual *challenge* of the RSA patents. NONE of the above post was meant as a personal afront to anyone, but rather a critical look at Tims suggestions (Mainly because I would not have expected it from *Tim*). If there are extenuating circumstances involved, let us know. I have been reading posts from Tim since the days of p/hun and before. I in NO WAY question Tims committment, but rather the motivation for the out of character post. Any individual heroes left? Matt mjmiski@macc.wisc.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Sy Verpunc Date: Fri, 30 Apr 93 11:52:10 PDT To: cypherpunks@toad.com Subject: Introduction... Message-ID: <9304291919.AA12900@pizzabox.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain To whoever it was at Ohio who just fingered this account... (whether it's one of us or the obligatory NSA mole :-) [oops, no, the NSA mole works out of uunet.ca, right?]) - I'll save you the bother - it's not a cunning alias, it's just a spare account I created so I don't get all this stuff in my real mailbox; I have an account for every mailing list I'm on. If you want to mail me under my normal account, it's the rather obvious gtoal@gtoal.com Graham From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 29 Apr 93 19:24:16 PDT To: cypherpunks@toad.com Subject: Tough Choices: PGP vs. RSA Data Security Message-ID: <9304300220.AA18492@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain I have a few more words on this topic at this juncture. Tim was calling for an examination of the issue; he was not, to my reading, recommending one course of action or another. Possibly Tim's pancritically rationalist sensibilities have offended some. To them I say "Cypherpunk is not a religion." If you cannot question your own beliefs, you are acting in a predominantly ideological mode. We need no zealots here. Please, everyone, have a bit of calm purpose and broad-mindedness. Reference is not advocacy. One of the great and lasting advantages of language over the visual is the ability to say "no," "might," "ought," "can," "may": the plethora of negations and conditions. This mailing list is not a TV channel; do not treat it as one. I specifically request those of you who engaged the keyboard without understanding this basic point please to reread Tim's article and to alter and/or to retract you hasty words as appropriate. I leave this entirely as an exercise to the reader. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Ian S. Nelson" Date: Thu, 29 Apr 93 18:23:11 PDT To: tytso@ATHENA.MIT.EDU (Theodore Ts'o) Subject: Re: Tough Choices: PGP vs. RSA Data Security In-Reply-To: <9304291533.AA11541@tsx-11.MIT.EDU> Message-ID: <199304300123.AA27903@bvsd.Co.EDU> MIME-Version: 1.0 Content-Type: text/plain > Several people from RSA, including Bidzos at the last Cypherpunks > meeting at Mountain View (I wasn't there, but take a look at the meeting > "minutes"), have stated repeatedly that if someone were to ask for > permission to use the internal interfaces of RSAREF in order to write a > PGP-compatible program, they would grant permission. > > However, as of two weeks ago, *NOT* *A* *SINGLE* *PERSON* *HAS* *ASKED*. > > To those of you who have repeatedly said "Cypherpunks write code" (and I > applaud that attitude), consider this a challenge. :-) If they are so willing to let us do this, then will they tell us why we have to use their code? If they are willing to do it, it shouldn't matter what code we use. -- Ian S. Nelson I speak for only myself. Finger for my PGP key. If you are a beautiful woman, it is mandatory that you reply to this message. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Duncan Frissell <76630.3577@CompuServe.COM> Date: Thu, 29 Apr 93 16:28:18 PDT To: Subject: NPR Clipper Report Transcript Message-ID: <930429232303_76630.3577_EHK20-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain Here is the NPR report on Clipper broadcast on the Tuesday following Der Tag. It was heroically transcribed by my wife Lois and myself. There are no errors (except for name spellings we had to guess at) so we won't apologize for them. Duncan Frissell National Public Radio Morning Edition -- Tuesday 20 April 1993 -- C+4 (Clipper + 4) Approx 6:50 am EDT repeated 8:50 am EDT (a few words missing from the front end) ...telephone communications from illegal eavesdropping. But the new system is the focus of controversy because the federal government has built in a way for law enforcement agencies to listen to private conversations. NPR's Dan Charles reports: You don't usually go to the White House to learn about computer technology. But last Friday, officials there unveiled a new silicon chip. The Clipper Chip, as it's called, is programmed to turn electronic transmissions like telephone conversations into gibberish that no one unauthorized listening in can understand. And it turns that gibberish back into normal speech or data at the other end. Whitfield Diffey, a senior engineer at Sun Microsystems in Silicon Valley, says this Clipper Chip is an example of the technology of secret codes or cryptography. "This is in some sense a relatively ordinary cryptographic chip, of which there lots." Banks, companies, and government officials can use these chips to make sure no one eavesdrops on financial transfers or confidential discussions. And the government says this new chip will offer more powerful protection than anything people could buy up to now. But there's another reason why the government wants people to use the Clipper Chip, and it's why a lot of people are up in arms about it. Every one of these chips will have in its circuitry a unique key --- a very long number --- that only the government knows. And if an agency of the government, like the FBI, wants to listen in, that number will be like a master key that allows them to decode the conversation. "The mechanism is very much like what the real estate agents do with houses. Right, they take you to show you a house and they don't have a key to that house in their pockets. But they get to the house, and there's a lock box hanging on the front door. And they have a master key in their pockets, and they open the lock box, and take out the key to the door, and open the front door, and go in and show you the house." The special key that the government holds is like the key to the lock box. Even though someone using the Clipper Chip can choose their own key to keep other people from listening in, the chip is programmed to always keep that changing key inside the lock box, where the government can get at it. The reason for that lock box is that the government occasionally likes to listen in to the phone calls of suspected criminals at home and hostile governments abroad. For the last two years, law enforcement officials have been worrying publicly that the Mafia or terrorists will start buying powerful scrambler phones to keep the FBI from understanding their conversations. The government doesn't want to ban this technology because, increasingly, legitimate businesses depend on it. So the government developed its own version --- the Clipper Chip. Raymond Kammer, Acting Director of the National Institute of Standards and Technology, says it's a good compromise. "On the one hand you've got a need for personal privacy. And I think most of us intuitively understand that and desire it. I know I do. And on the other hand, you've got the right of society to try and assure itself that it's safe from crime. But computer scientist Whitfield Diffey, who's one of the pioneers of modern cryptography, thinks the lock box is a terrible idea. He says that trying to deny even criminals the right to a private conversation is dangerous. It is something absolutely essential to the functioning of society. "We are taking a long step towards saying, 'No, you can never be sure that you're going to have a private conversation on the phone.' And therefore, a real right of privacy only belongs to people rich enough to travel and meet face to face." Government officials say they have policies in place to prevent abuse. Law enforcement agencies will have to request the key for any lock box from two separate independent agencies, each of which will have only a piece of the key. This should also make it harder for anyone to steal the keys. Diffey says the Clipper Chip will encourage more government eavesdropping, simply because it's there. "Technology makes policy," he says, "if the government invests hundreds of millions of dollars creating a computer chip designed for wire taps, it will try to take advantage of that investment whenever possible by carrying out more of them. The success of the government strategy will depend on people buying the chip. AT&T will soon be selling a small flat box, half a foot long and about four inches wide, with the Clipper Chip at its heart. It costs just over $1000, plugs right into the cord that connects the telephone handset to the phone itself. People who have it can talk to each other in complete privacy --- unless the government wants to listen in. This is Dan Charles in Washington. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Thu, 29 Apr 93 19:48:03 PDT To: cypherpunks@toad.com Subject: Re: No Compromise in Defense of Our Privacy Rights. PGP FIRST! Message-ID: <9304300247.AA09058@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Matthew J Miszewski has asked some questions about my posting this morning, and about my motivations (Wow! It's kind of fun to be the target of such speculations!). I'll answer his questions and points with nothing but the truth. >To all, > > Tim's statements bother me a great deal. Granted I have not been around as >long as some (in this particular environment), but long enough to gain respect >for certain net personalities. I wish to hold on to that respect... > > Ive heard a lot of people talk a lot of sh** about the privacy issues >concerning us requiring private acts of heroism. Is that what is involved with >giving up on an ideal that has helped define the term cypherpunk. Not long >ago Tim (and others) posted a rabid defense to the changing of the name of the >list. Were those merely words? I have never questioned the dedication of >freedom lovers like Tim before this series of postings. Something has clearly >taken place. I hope we find out what. First of all, no "external event" has happened to cause me to change from being a freedom-loving "crypto anarchist" to being some kind of "crypto narc" (if you'll pardon the pun). No phone calls from Dorothy, or from Jim, or from Bobby Inman (wherever he may be these days). No threats, no letters, no knocks on the door in the middle of the night. My posting this morning on "tough choices" was based on my best assessment of the current situation and my best judgement on what we need to think about. > > My problems with Tim's suggestions: > >1. While those of us lucky enough (or skilled enough) to be independently >wealthy may think that the price of RSA software is nominal considering what is >at risk (I personally agree), do we forget about those that *need* this data >security and cannot pay for it? (All of these people of course would use PGP >as an academic resource in order to make its distribution OK). There are several points here. Is the purpose we're using PGP the saving of a few bucks? I doubt it. Most of the hobbyist/hacker types now using PGP are doing so because a kind of "community" has grown up around it, a kind of "stone soup" collective effort. I'm not trivializing the value of money. (Ironically, I chose not to go to the recent CFP Conference because I felt $400 was a bit much for a conference. A single seat at this conference would buy 3 copies of a commercial RSA encryption package.) I just don't see much evidence that the reason PGP is needed is because people can't afford the fee for a legal version. (BTW, I've acknowledged several times the limitations of MailSafe and the advantages in several areas of PGP 2.1.) I've yet to see many people who "need" PGP who cannot pay for it. Perhaps I'm wrong, but that's how I see it. In any case, while we may have certain doubts about the patentability of mathematical algorithms, that's the way the world works. Certain property rights are reasonable. Arguing that RSADSI has no rights to a patent on public key methods is a different matter than arguing that someone's need and inability to pay is grounds for taking software. (I apologize profusely to my Cypherpunk colleagues if I sound a bit like David Sternlight here. While I think he comes off as a pompous fool most of the time, he raises some important points. I like to think I'm raising them here in a different way, suggesting a compromise in the greater interests of ultimate privacy rights.) >2. From a legal point of view, what RSA is probably doing is asserting its >*presumed* patent rights. Left unchallenged they will remain presumed. So, >to those whom have repeatedly sounded the call for "individual acts of >heroism", >is now the time to run and hide? The *ultimate* question of the legitimacy of >algorithmic patents funded with public money *will* default if left >unchallenged. So I challenge, with all of my honest respect, those with the >means to take up the gauntlet thrown down by RSA. A legal battle with RSADSI at this moment would cost quite a bit and almost certainly be won by RSADSI. (The courts have upheld "process" and "algorithm" patents...Caveat: I am not a lawyer.) I happen to agree that some software patents are prima facie stupid--like the "XOR cursor" patent--and deserve to be thrown out. And perhaps the several key patents held by Public Key Partners (MIT, Stanford, RSA Data Security, and Cylink are the partners, as I recall) should be thrown out. But this will not happen anytime soon, and will cost an enormous amount to successfully litigate (the lawyers can correct me if I'm wrong). I see no chance of this happening before the patents begin to naturally expire around 1998 or so (and on to 2002 or so). Meanwhile, others are free to openly distribute PGP and face the court system. (RSADSI must of course defend itself against all "obvious" infringements or attempts to infringe, or it risks losing its patent status. While some of us might like this outcome, it's of course not very reasonable.) Stanton McLandish, in his admirable zeal, publicly announced the availability of PGP at his site. When RSADSI sent him a "cease and desist" letter (isn't e-mail great?...Stanton posts it, and Jim Bidzos, the Pres. of RSA responds...no lawyers were needed, no lengthy delays.). Stanton did the wise thing. I haven't seen others step forward to put PGP in a highly visible position on their systems (and I'm definitely not recommending it, either). >3. There are more ways than one to legitimize strong crypto and allow RSA >to gain its almighty buck. Suggestions have already been made. Allow the >rights to the RSA patents to be purchased. RSA does have a choice between that >and no money at all. > >4. What about those that went before. Is the heroism of Phil Zimmerman to go >for nought? The chances that several people, including Tim, have taken deserve >compensation NOT compromise. RSA wants us to fold now. Why is a respected >leader of the community asking a compromise of the Cypherpunk Manifesto? Because I think the larger issue is the preservation of the rigth to strong crypto, the right to put locks on your doors without depositing a copy with the cops, the right to speak in tongues if that's what you want. Fighting the RSA patents NOW will not help this battle be won. We're on a stronger foundation, legally and constitutionally, if we're using "non-illegal" products. (If it came down to defending my freedom with "illegal guns," for example, I'd certainly choose the guns. This is because I don't believe the government is right in outlawing guns. If the government ever outlaws strong crypto, you can be sure I'll be using outlaw crypto. The difference with the current situation is that crypto per se has not yet come under regulation.) >5. Finally, there have been other ways suggested to deal with the problems. >A USA-Legal PGP is one. I know that many of the philosophers, code writers, >hackers, thinkers, etc. among us can overcome this too. Why give up when it >appears to be the night before the big game? I'm definitely not proposing we "give up." And joining in a crusade against RSA precisely when we need them as an ally is truly tilting at windmills. (I've made this point before: the Clipper/Skipjack/Capstone scheme appears to be an attempted end-run around public key strong crypto. You may not like one minor aspect of this situation, i.e., that the work of Diffie, Hellman, Merkle, Rivest, Shamir, and Adleman is now licensed from RSA Data Security, but that's the way it is. Fortunately, it's a relatively minor issue.) > I am merely a law student with a deep interest in liberty and privacy. I >*am* willing to offer my time to the preparation of any eventual *challenge* >of the RSA patents. NONE of the above post was meant as a personal afront to >anyone, but rather a critical look at Tims suggestions (Mainly because I would >not have expected it from *Tim*). If there are extenuating circumstances >involved, let us know. I have been reading posts from Tim since the days of >p/hun and before. I in NO WAY question Tims committment, but rather the >motivation for the out of character post. I hope I've addressed the main points raised by Matt in his thoughtful post. Like I said, it was a tough post to write! I expected some controversy. But the points needed to be said. We should all thank Phil Zimmermann for what he did...he energized the community, made a lot of people aware of strong crypto, and started a community programming effort rarely seen before. But let's face it--bootleg crypto (which is what PGP will remain in this country unless and until the courts overturn the patents or RSA suddenly decides to cave in) is *not* going to spread the way we want strong crypto to. Already, companies that want to use PGP (probably because some employees do) are facing the realization that it's not legal and that they are exposing themselves to serious liabilities if they use it. This alone will begin to strangle PGP in its crib, so to speak. Furthermore, neither Phil nor any other members of the development team are likely to ever make any money with this (something Phil would understandably like to do someday). Better that Phil do what other companies have done: arrange a license with RSADSI. RSAREF source code is readily available for inspection, lest people fear that trapdoors or whatnot have been inserted into the code. (There are a lot of issues about the various versions of the RSA code, including RSAREF, MailSafe, RIPEM, TIPEM, OCE, etc., which I won't go into here. Others are better qualified anyway.) All I'm suggesting is that we not quixotically (speaking of tilting at windmills) pin our hopes and expectations on a climactic battle between Phil Zimmermann and the lawyers at RSA. Our freedom to encrypt is more important than that kind of ego battle. (Asking RSADSI to cave in and give away their crown jewels is unrealistic. Asking them to incorporate some of the features of PGP we like into some current or future offering is much more reasonable. Who knows, perhaps even a full-scale licensing of PGP is possible.) I'm hopeful that some kind of accommodation will come about so we can focus on the real fight, the fight for our right to keep some things secret. -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, smashing of governments. Higher Power: 2^756839 | Public Key: in a state of flux! Waco Massacre + Big Brother Wiretap Chip = A Nazi Regime From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: hfinney@shell.portal.com (Hal Finney) Date: Mon, 3 May 93 08:12:45 PDT To: cypherpunks@toad.com Subject: Re: Tough Choices: PGP vs. RSA Data Security Message-ID: <9304300305.AA10442@jobe> MIME-Version: 1.0 Content-Type: text/plain (I sent a copy of this message this morning from my Compuserve account, but it never appeared. Fighting to control my surging paranoia, I am re-sending it from this account. I apologize if a duplicate eventually shows up.) -----BEGIN PGP SIGNED MESSAGE----- Tim May writes: > I suggest that we as a community seriously reconsider our basic support for > PGP. Not because of any flaws in the program, but because of issues related > to Clipper and the potential limits on crypto. I see several problems with this proposal. 1. It's not clear what it means to "reconsider our basic support for PGP." What exactly is Tim proposing? That people stop using PGP? That they phase out their use of it as legal products become available? I'd like to see some clarification. 2. More generally, what about the issue of our advocating and supporting other possibly infringing actions? Which ones do we stop? Just those that upset Jim Bidzos? He claims to have patents that cover many more activities than RSA, including patents which cover the very idea of public key encryption, and patents on Diffie-Hellman key exchange and virtually any conceivable variation. Should we respect all of these now? 3. David Chaum apparently has U.S. patents on many key features of digital cash. It looks like we would have to stop working on that, too, by this reasoning. 4. What reasonable alternatives to PGP exist? Is RSAREF really usable on a PC? I tried an early version and it was terribly, terribly slow. PGP is just barely fast enough. A "legal" version of PGP which uses RSAREF will presumably be considerably slower. 5. I am not as convinced as Tim that RSADSI is truly, positively, certainly on our side. Why is it that RSAREF has such a weak conventional encryption algorithm (DES, with 56-bit keys)? RIPEM has been out for many months, and people have been asking for IDEA or triple DES all that time. Bidzos has supposedly said he'll give permission for improvements. Yet as far as I know RIPEM still only has this small key size, a key size which persistent rumors say can be broken by government computers. When Bidzos permits RSAREF to run a conventional encryption algorithm with a secure key size I will give more credence to the view that he wants people to have strong encryption. 6. How is it that one company has collected virtually all of the patents on cryptographic technology in this country? Jim Bidzos controls patents on public-key encryption in general, RSA, Diffie-Hellman key exchange, ElGamal signatures and encryption, and several others. I can't help noticing that it would be an extraordinarily convenient arrangement for the government if such a company existed and were secretly working against public use of cryptography while publically pretending to be doing all they can to bring this technology to a reluctant market. I still have not seen any specific public action by Bidzos which would invalidate this possibility. Yes, he has engaged in this widely publicized tiff with NIST over the Digital Signature Standard, and he's made some statements against Clipper. But where are the lawsuits? Is AT&T receiving the same threatening letters that Stanton McCandlish received when he said he was distributing PGP from his BBS? 7. Extrapolating from the widespread acceptance of PGP, which is free, to conclude that there is a market for a commercial encryption product which costs money is pointless. Granted, some of us may spend a lot of time talking about PGP and thinking about these issues, but most PGP users just downloaded it from a BBS or the net. There are a lot of things they'd spend $100 on before they would buy an encryption program. One of the things that attracted me to Cypherpunks is that they take steps to make these tools available without worrying about upsetting the power structure. David Chaum may object to our implementing digital cash. Jim Bidzos may object to our using RSA, or Diffie-Hellman, or almost anything else having to do with cryptography. If we're going to start looking over our shoulder and not doing anything which powerful people object to then we might as well pack up and go home. Almost everything we have talked about over the last six months infringes somebody's patents in this country. I really don't see what role a group like ours has if we have to tiptoe through the minefield of intellectual property protection which permeates the field of cryptography. Are we to become a bunch of unpaid consultants for RSADSI, writing code which they will then make profits on? Phil Zimmermann has done more to put strong cryptography into the hands of people all over the world in two years than Bidzos has managed in ten. He has faced lawsuits by Bidzos and has undergone considerable personal sacrifice in getting this software out. People talk about this "feud" as though the two are equally guilty, and ask (like Rodney King) "can't we all just get along?" But this is a cop-out. To me there is clear asymmetry in their dispute in terms of who asserts their power and who is trying to empower individuals. Look at what Tim is suggesting. We abandon PGP, not because it is a bad program; not because its author has behaved unethically; not because it has failed in its goals; but because Jim Bidzos is throwing his weight around and we don't want Jim to be unhappy. If Jim were to accept that PGP was no more threatening to his patents than RSAREF then the problem would be solved. I presume that Tim has decided that this won't happen, so now he suggests Plan B, that we abandon PGP. I have to suggest that the real obstacle to the wide deployment of strong cryptography remains Jim Bidzos. He has the power, by a single stroke of a pen, to do more to encourage the spread of cryptography in this country than any other single person (including Bill Clinton). All he has to do is to issue a policy statement that since PGP is freeware it falls under the PKP policy allowing use of the patents for noncommercial use. Presto - PGP is legal, and one of the main obstacles to its spread is eliminated. I agree with Tim that we need to look closely to see who our real enemies are. Perhaps Bidzos is a charming person. I've never met him. Certainly the bay area Cypherpunks seem to be falling under his influence. From my perspective I find this cozying up to the PKP/RSADSI power structure to be rather alarming. I don't think it is a good direction for the group. Hal Finney 74076.1041@compuserve.com hal@alumni.caltech.edu -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK9/UvKgTA69YIUw3AQGCrgQAi2980bgg4eHAoIbRUtEtT05V7+50UH16 erkzERI8ot+uk0soXPsM53YlVVAvSYVmLY5Ine862RWG0TUldq1O99CbnCet6Da9 /NWVUQCAoKrUuwj7Cetyf84wE4Fof6tbugOtXhke26WXZXhEIIsSdgKBzaDdc/LD y0zU/abZ9Es= =IKKf -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jsday@THUNDER.LakeheadU.CA (Jer!) Date: Thu, 29 Apr 93 17:21:27 PDT To: cypherpunks@toad.com Subject: Re: Tough Choices: PGP vs. RSA Data Security Message-ID: <9304300020.AA28297@thunder.LakeheadU.Ca> MIME-Version: 1.0 Content-Type: text/plain > All he has to do is let us pay a licence fee for pgp. > What's the advantage to him in asking for a different piece of code that > uses RSAREF and DES instead of Phil's code and IDEA? I can't see it, > except that using DES blows away the security of the program... > > No, I think this suggestion should be put down now, or we'll splinter > and give them exactly the divide-and-conquer opening they're looking for. Agreed. PGP is too much of a good thing for me to withraw my support for it without a much more compelling reason than this. As Tim May stated, we should be careful to see who there real enemies are here. PGP is certainly not one of them. I certainly do not want to be RSA Data's "enemy", but from the indications on here that they are actively working against PGP, and are not likely to support any similar, freely-distributable product (and that would require a substantial length of time to develop!) PGP is currently the best, and only, possibility. Now, if there were some program without the legal problems that PGP has which was at least very affordable and could reasonably be expected to gather the same widespread use that PGP already has, ideally through complete compatibility with PGP keys, I think we would all agree on using it. Tim May: > If RSA fails to take actions against sites and users, it weakens > their legal position with respect to their patents. The government > does not need licenses in any case, but users of Clipperphones *do* ... Indeed. It would be nice if PGP were universally supported, and legal. That, as far as I can see, is its only problem. I do not see how we are going to come up with a solution to that problem without sacrificing much of PGP's availability and utility. If not PGP, then what? Until there is a concrete and acceptable alternative to work towards, which seems unlikely if RSA will not support it, we must work with what we have. --- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com Date: Thu, 29 Apr 93 18:29:14 PDT To: cypherpunks@toad.com Subject: RE: Tough Choices: PGP vs. RSA Data Security Message-ID: <9304300129.AA25758@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text Pat Farrell writes: > I'm writing a Windows-based POP client designed for folks that can't spell SLIP. > It should have strong encryption invisibly and automatically. > It won't until there is a legal encryption engine with at least the key > management of PGP. (I'm replying to cypherpunks, since other people may run into similar problems, and there *are* good ways to solve them.) Let's assume for the moment that you don't care about being exportable, so "legal" only means "Ok with RSA". RSAREF is ok with RSA for non-commercial, non-exportable use, and if you want to use it commercially they'll give you a price. It's got most of the subroutines you need, and if some non-Yankee writes a version with a compatible interface (to avoid copyright problems; patents aren't an issue outside the US) they can probably use the non-RSA parts of your code. I'm not sure exactly which routines in RSAREF the license lets us use, (so I've written to RSA to ask them), but the ones that ARE clearly usable let you do Sign/Verify on a block, and DES-with-random-session-key-and- signature-with-RSA-session-key-encoding (aka R_SealPEMBlock/R_OpenPEMBlock.) This gives you all you need to build standalone systems (compatibility is another story), though sometimes it's a big and clunky approach when a simple RSAEncrypt/Decrypt would have done. For example, your POP client needs to solve three main problems 1) Login authentication 2) Message encryption during transmission 3) preventing bogus deletes or other problems if your session gets hijacked. 3) probably isn't possible without changing the protocols or running over an encrypted telnet-equivalent session, but that's not RSA's problem. The POP3 RFC1225 explicitly recommends against including extra data in the DELE messages, though I suppose you could use an RSAREF signature as extra baggage anyway, including some kind of timestamp or counter to prevent replay. 1) The current POP protocols have the user send a USER message, to which the system either sends a rejection or a positive +OK response with arbitrary text to follow, and the user sends a PASS message, with password in clear-text, which is not real swift. This obviously needs to be replaced with some sort of challenge- response method to prevent eavesdropping and replay. A simple method using the block stuff is for the system's +OK response to the user to contain a challenge-string, and the user's PASS variable to be the challenge-string (or that+1) with an RSA signature from R_SignPEMBlock(). If Diffie-Hellman were included with RSAREF, the response could include a DH half-key. Alternatively, the PASS variable could be an encrypted R_SealPEMBlock() message containing the challenge and a session key, encrypted using the server's public key and signed by the client. 2) can either be accomplished by encrypting each message as with a new session key and RSA to encrypt the session key (a bit slow, but each message is now self-contained, which has some degree of elegance) or else by negotiating a session key at the beginning (as discussed in the above) and using it for each message. The latter approach is obviously faster. The main feature from PGP that this doesn't provide is authentication of public keys, but that's not really a problem in a POP environment - you have to deal with the administrator to set up your mailbox, so you can exchange keys at that time. If you wanted to build a mechanism like PGP's web of trust for keys, it's not too hard, though the obvious approaches will probably have the painful slowness of PGP2.0 instead of the blazing speed of PGP2.2 :-) You've got a block signature routine, so you use messages saying "Keysig User KeyLen Key SignerUser SignerKeysig [SignerKey?]" with appropriate amounts of ASCII armoring and delimiters, and sign them. This would be a very practical addition to RIPEM, if anybody's in the mood; RIPEM's key server isn't integral to the package. Bill Stewart wcs@anchor.att.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 29 Apr 93 23:32:20 PDT To: cypherpunks@toad.com Subject: validity of the RSA patent Message-ID: <9304300628.AA17668@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Plenty of people gripe about PKP patents. Assume for the sake of argument that the patents will be upheld, that they are valid. What, exactly, is claimed? The RSA patent claims the RSA cryptosystem. So we don't use that. The Diffie-Hellman-Merkle patent claims all of public key cryptography; in particular it claims knapsack algorithms. So we don't use knapsacks. But does this patent really prevent us from using public key cryptosystems? I think not. Mind you, I'm only an amateur legal hacker, but this seems like a straightforward situtation. Consider use of another public key encryption scheme, say LUC encryption. Does use of this infringe the "public key" patent? Not directly, since we're not using knapsacks (presumably). We then look the equivalents doctine. From Blacks: Equivalents doctrine. In patent infringement law, doctrine of "equivalents" means that if two devices do the same work in substantially the same way and accomplish substantially the same result, they are the same, even though they differ in name, form, or shape. [...] A doctrine which declares that a device infringes a patented invention if it does the same work as the invention in substantially the same way, even if it is outside the literal terms of the claims of the patent. The doctrine prevents parties from infringing patents with impunity by making merely trivial changes in an invention. The more significant the patented invetion the greater the scope of this doctrine. So we have three criteria. "Same work" refers to function, "same way" refers to internal structure, "same result" refers to end product. Now public key cryptosystems all have the same function, to provide encryption and decryption with different keys. The result is the same at the end of each public key communication: a message has been passed securely from one end of the channel to the other. The structure, however, is completely different for the different systems. All three criteria must be satisfied in order for the equivalents doctrine to hold. The requirement of same structure is not satisfied. (Matt Miszewski has today offered to do legal research in anticipation of a patent fight. I'd like to ask him here to check out this theory with some references to case law.) RIPEM, as I understand it, came out originally with a different public key algorithm and later changed it. Perhaps Mark Henderson (who seems to have done some work on it) could comment. The equivalents doctrine seems to my mind to be a dual of the criteria required for patentability. There are four such criteria: statutory class (is it the right kind of thing), utility (is is good for anything), novelty (does it have new features), and unobviousness (does it have new results). The equivalence of function means that the utility of the two objects is the same. The equivalence of structure meanse that the new invention does not exhibit novelty. The equivalence of end result means that someone already thought of that before, i.e. it's obvious. Statutory class is the same for both, since if they're that close, they both are the kind of thing which might be patented. It is interesting as well to examine which can be patented: processes, machines, manufactures, compositions (of matter), and new uses of any of the above. Note that a bundle of properties and purposes, e.g. public key cryptography, is not patentable; it fails to specify structure, so any structure would be novel. The new use clause, though, is exceedingly scary. Under this class, existing equations could be used for different purposes and be separately patentable. For example, if you were to use the RSA equations for some purpose other that public key crypto and digital signature, that would be separately patentable. It behooves us all to think widely of possible applications and talk about them in order to make them part of the prior art. I'd like to see a document containing a good argument against the claim that all public key crypto is covered. It should have the full scholarly apparatus with it and an appendix explaining the apparatus to non-lawyers. This document could then be circulated widely, starting on sci.crypt. After that, developing a test case is easy. We would need for someone to write some public key crypto code (it need not be very complicated) and market it, claiming explicitly that the "public key" patent does not apply. We'd want them to be extremely loud in their claims, for example, writing the legal departments of all of the big RSADSI licensees and offering their wares for sale. If you could collect money, so much the better. This would almost invariably draw a lawsuit, since it so directly threatens RSADSI's business. Witness the speed with which the recent PGP board was asked to shut down. Assuming that we've already arranged for the up-front cost of legal defense, we'd be ready to go. Comments? Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peter honeyman Date: Thu, 29 Apr 93 21:41:05 PDT To: cypherpunks@toad.com Subject: Re: Tough Choices In-Reply-To: <338R3B1w164w@ideath.goldenbear.com> Message-ID: <9304300441.AA23617@toad.com> MIME-Version: 1.0 Content-Type: text/plain in a classic tirade, greg broiles' rants with fever and pitch, comparing the government's threat to make cryptoprivacy tools contraband and pkp's very real attempts to do exactly that. you know what? i agree completely. i don't plan to stop using pgp. if pkp wants to be reasonable, we can make a deal. in the meantime, my interest in pgp is research with no commercial significance. patent courts have long recognized the validity of experimental use of patented inventions by such researchers. don't believe me? see rebecca s. eisenberg, "patents and the progress of science: exclusive rights and experimental use," university of chicago law review, Vol. 56(3), pp. 1017-1086 (summer 1989). i suggest cypherpunks should make accommodation with pkp and the patent office by renouncing commercial exploitation of pgp, and embracing pgp as a foundation for building and understanding cryptoprivacy tools. that is to say, we blow them off. peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Thu, 29 Apr 93 23:12:13 PDT To: Cypherpunks Subject: Cypherpunks + PKP = Love Message-ID: <930430060451_74076.1041_FHD57-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain (Warning: I am EXTREMELY frustrated having waited over TWELVE HOURS for my messages on this topic to appear; after some presumed glitch caused my Compuserve message to get lost I re-sent it THREE HOURS ago from a DIRECT INTERNET CONNECTED system and I still haven't seen it.) To the suggestion that Jim Bidzos was just doing what he had to do in sending that threatening letter to Stanton McCandlish who was giving away PGP: It's too bad that McCandlish isn't in the Bay area. Then he could have been at the Cypherpunks meeting last weekend and Bidzos could have served papers on him right then and there. That would have saved Bidzos the cost of a postage stamp. Perhaps such legal actions can be a feature of future meetings. Shocking? What Bidzos did was the electronic equivalent of what I've just described. If you're willing to countenance his actions then you should be just as willing to accept and abet crackdowns on unapproved, unauthorized cryptography. Just make sure you go into this with your eyes open. Hal From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Sy Verpunc Date: Fri, 30 Apr 93 18:37:00 PDT To: cypherpunks@toad.com Subject: Re: 800 numbers Message-ID: <9304300205.AA18556@pizzabox.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain From: Nickey MacDonald Of course, only Americans can dial those numbers.. which is a shame... (A few Canadians could have skewed the voting... :-) On a note similar to remailers, has anyone ever given consideration to creating an "outdial" service? If I could dial long distance into the States, and then be able to dial a 1-800 number that I cannot dial direct from Canada (which is most) this would extremely useful... Could be taken mail me your pgp key... G From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Sy Verpunc Date: Fri, 30 Apr 93 18:47:12 PDT To: cypherpunks@toad.com Subject: Re: Introduction... Message-ID: <9304300211.AA18605@pizzabox.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain I wrote: : To whoever it was at Ohio who just fingered this account... (whether it's : one of us or the obligatory NSA mole :-) [oops, no, the NSA mole works out : of uunet.ca, right?]) - I'll save you the bother - it's not a cunning alias, What a nosey bunch... I've had this machine on the net for almost a year and not been fingered by as many strangers as over the last three days. Anyway, here's a little experiment in paranoia... which of these people *aren't* cypherpunks...? I've always wondered if joining a list like this would bring unwelcome attention... I've marked the people who I know are on the cypherpunks list with a *. If any of the rest of them are 'one of us', let me know. By elimination we'll work out where the gummint spies hide out :) ... (The machines that reject finger requests and telnet VRFYs are pretty suspicious...) And I'm also particularly suspicious of the finger from ohio-state - it *was* someone who reads this list (the svp ID was created especially for it) but there are *no* ohio-state sites in the mailing list at all. If this is considered a waste of the list's bandwidth, flame me privately... In fact, reply privately whatever you have to say... (gtoal@gtoal.com) Apr 27 20:03:05 finger from serdlc21.essex.ac.uk [155.245.11.40] Apr 27 20:03:18 guest Guest p3 Wed 20:00 Apr 27 20:03:18 millph P H Mills p5 Wed 19:44 Apr 27 20:03:18 guest Guest p6 Wed 20:25 Apr 27 20:03:18 guest Guest p7 Wed 20:31 Apr 27 23:10:19 finger from PANAM1.PANAM.EDU [129.113.1.2] Apr 27 23:10:44 GMJ2393B Jimenez, George M 20401FE1 FINGER LTA6549DSCC08/PORT4 Apr 27 23:13:08 finger gtoal from uunet.ca [142.77.1.1] Apr 28 19:48:53 finger from harrip@serdlc23.essex.ac.uk [155.245.11.42] Apr 28 19:49:13 harrip P Harrington p2 Thu 19:47 Apr 29 18:58:05 finger svp from mathserv.mps.ohio-state.edu [128.146.110.31] Apr 29 19:32:17 finger from mathserv.mps.ohio-state.edu [128.146.110.31] [! denotes no idle time during both fingers] akos alden aparson baker bkm bloch bogdan cao carlson chohan cthomas! davis dijen edgar falkner fcarroll fiedorow! forest ggelder! goedde goss haar hamilton! haradako harmon henri holbrook hpallen huneke jocha kappeler lguo ling! lingshu march morlet! neumann! nevai ogle overman patmac! ponomar rld robertso! root siegel singhi! sinha! sinnott stanton tanveer terman wang Apr 29 19:38:15 *finger gtoal from ee92jks@monge.brunel.ac.uk [134.83.72.1] Apr 29 19:38:20 ee92jks Jonathan K Saville *p1 Fri 20:03 cc-02.brunel.ac. Apr 29 19:44:11 finger svp from seneca.SED.Provo.Novell.COM [137.65.96.1] Apr 29 19:45:11 finger gtoal from seneca.SED.Provo.Novell.COM [137.65.96.1] ?* Apr 29 23:23:21 finger gtoal from sck@naucse.cse.nau.edu [134.114.64.1] Apr 29 23:23:27 sck Sean Koontz *p1 Fri 13:41 =* Apr 30 00:01:39 finger gtoal from dent.uchicago.edu [128.135.72.13] PS Someone mailed me to ask how I knew if I'd been fingered - it's a combination of a home-hacked fingerd and the log_tcp wrapper package. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: George A. Gleason Date: Fri, 30 Apr 93 02:38:22 PDT To: cypherpunks@toad.com Subject: Re: Tough Choices: PGP vs. RSA Data Security Message-ID: <199304300938.AA05792@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Quoting, "Thats what people have *always wanted* to do. RSA won't let them. That's why any talk of a newer friendlier Bizdos is bullshit. Well, maybe or maybe not... the main thing is to judge by concrete actions. I know there have been problems in the past, and reason for serious scepticism. But the main thing here is to keep the channels open and work toward some kind of concrete action on RSA's part. -gg From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: geoffw@nexsys.net (Geoff White) Date: Fri, 30 Apr 93 08:14:05 PDT To: cypherpunks@toad.com Subject: Re: Tough Choices: PGP vs. RSA Data Security Message-ID: <9304301505.AA07803@nexsys.nexsys.net> MIME-Version: 1.0 Content-Type: text/plain Maybe this is a solution... A core group of us coders take on the task of merging PGP functionality into MailSafe, we do the work for nominal cost or for free, this new version of MailSafe can become REALLY slick and worth paying the $125 or what-ever he is charging for it, AND it will be PGP compatable. We them retrofit PGP to use RSA's RSAREF or whatever else it takes to bring PGP into complience and PGP stays FREE, and unsupported, we suspend further development and make it sort of like a demo program or freeware, but if you want the really seemless UI you buy the product, Bidzos gets money, we get to deploy a program that educates the masses about the use of strong crypto, and since they are compatible, the use of the freeware can't help but encourage the use of the "product". The bottom line is that strong crypto is made available to the public, This solution might require that a few egos deflate a bit but I'm sure a varient of this could work. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Pat Farrell" Date: Fri, 30 Apr 93 06:21:29 PDT To: jim@rsa.com Subject: Fw: RSA approval for freeware, PGP compatible user program. Message-ID: <33701.pfarrell@cs.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain I'm a cypherpunk. I write code. I have already told the list my feelings on TC "the suit" May's suggestion. I read the post that no one asked PKP for permission to include RSA in a freely distributed strong cryptography package that was PGP compatible. So I asked. I found that PKP has two simple philosophies: (1) they have a valid patent, and you must agree to this fact and (2) if you make money, they make money. I don't have the interest, energy, time, or money to argue with (1), so fine, I'll say I agree. I sure haven't made any money off PGP, and probably won't off of this. I found that Jeff Schiller of MIT suggested an effort to develop something on RSAREF from scratch that would bring the pgp, RIPEM, TIS/PEM, etc. communities together. The PKP folks are strongly supportive. They (PKP, MIT, pfarrell. et al) need to do programming and reverse engineering. If other cypherpunks can code, volunteer. While the source for PGP is available, it is copyrighted. Unless we can get the copyright owner's permission, we'll have to reimplement it from scratch. Not an attractive idea. If you have a religious belief that software patents are immoral, that PKP is really a front for the NSA, etc. and don't want to help, that is fine with me. Simply don't volunteer. I'd like to believe that this really isn't a splintering of the cypherpunks. My guess as to why PKP is willing to talk to me and others now, and was not willing to agree to license PGP was that Phil never got permission to use RSA, and so agreeing to license users use of PGP is admission that using RSA without PKP permission is OK. There is no way that PKP can allow that to be infered. Pat From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Satan Date: Fri, 30 Apr 93 10:17:21 PDT To: cypherpunks@toad.com Subject: Re: HELP! Some nut is threatening to sue! In-Reply-To: <9304290331.AA18264@hydra.unm.edu> Message-ID: <199304301717.AA10153@orion.oac.uci.edu> MIME-Version: 1.0 Content-Type: text/plain > I don't think you're aware of our position on pgp. Unfortunately, you > may leave us no choice but to take legal action, which we will unless > you cease promotion adn distribution of pgp. The next message will > state our position. well... jim bidzos is not SOME nut and this isnt a threat.. justa warning the only problem i see with writing an apology note would be if he didnt send you a letter in the first place in my youth or if i were basically bored i would have sent a letter looking like taht from that account i would assume its real cuz if someone were to fake it they would act real mad adn say they are already suing but i think the fact that you dont know if he really sent you the letter (well i dont know if he really sent you the letter) is proof of why we need pgp out in public because that way we could verify who it was From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: geoffw@nexsys.net (Geoff White) Date: Fri, 30 Apr 93 12:04:06 PDT To: 74076.1041@CompuServe.COM Subject: Re: PGP on soda.berkeley.edu Message-ID: <9304301724.AA07951@nexsys.nexsys.net> MIME-Version: 1.0 Content-Type: text/plain > > It follows, doesn't it, that Jim Bidzos would be forced to apply similar > legal pressure to the Cypherpunks leadership to get them to remove PGP from > their site, a site which may be one of the leaders worldwide in distributing > PGP. > > Now we see Tim suggesting (in the spirit of "pancritical rationalism"? I'm > not so sure...) that we move away from PGP, and Eric offering arguments > showing why Bidzos has to do what he is doing. > > Is there a connection? Are Tim and Eric under pressure from Bidzos to get > PGP off their site? I don't know, but they would certainly be likely > targets for Bidzos' efforts, and so it is understandable that they may be > feeling personal discomfort. But I'd like to hear more about the > relationship with Bidzos. > > Hal > I think you are being a little paranoid. I clearly see the points that Eric and Tim are making. RSA is not going to "roll over" for us. If they did, it could mean the end of their company. Jim out of detante, might not be sending us (the Regents of UC to be exact) a letter because of the potential ramafications (both legal, and publicity wise) It would not be a good move for RSA or for cypherpunks, but if this issue heats up, he may be forced into this stance, which is one I'm convinced by meeting the man, that he personally would not like to take, but WOULD take if it came down to us or the companies patents being made null and void from failure to enforce them. I think he is passing over us for the time being, unless media attention causes him to do otherwise, remember he would sent "the letter" to the regents of UC Berkeley they are the one's who own soda, not the cypherpunks. I think we have to decide whether we are promoting PGP or an individuals right "to affordable secure cryptography" I for one will continue to use PGP until something better comes along. I'd be willing to give RSA $50 - $100 for the right to use the software, in this case BECAUSE THE ISSUE OF PRIVACY IS MORE IMPORTANT TO TO ME THAN THE ISSUES OF WHETHER SOFTWARE IS PATENTABLE. Now this does not mean that I don't believe in free software but if we don't stop the stuff that the feds are doing right now, the other issues won't make any difference. What founding father said "If we all don't hang together we will surely hang seperately" ------------------------------------------------------------------------------- NEXUS SYSTEMS/CYBERTRIBE-5 : Voice:(415)965-2384 Fax: (415)327-6416 Editor/Instigator/Catalyst : Geoff White Production Crew : Universal Movement Trinity "They might stop the party, but they can't stop the future" --PGP Public key available upon request-- AT&T:Phones with Big Brother Inside, Just say "NO" to the Clipper wiretap chip! ------------------------------------------------------------------------------- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl Barrus Date: Fri, 30 Apr 93 09:58:45 PDT To: cypherpunks@toad.com Subject: List of remailers 4/30/93 Message-ID: <199304301658.AA25687@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Q1: What cypherpunk remailers exist? A1: 1: hh@pmantis.berkeley.edu 2: hh@cicada.berkeley.edu 3: hh@soda.berkeley.edu 4: nowhere@bsu-cs.bsu.edu 5: ebrandt@jarthur.claremont.edu 6: hal@alumni.caltech.edu 7: remailer@rebma.mn.org 8: elee7h5@rosebud.ee.uh.edu 9: phantom@mead.u.washington.edu 10: hfinney@shell.portal.com 11: remailer@utter.dis.org 12: 00x@uclink.berkeley.edu 13: remail@extropia.wimsey.com NOTES: #1-#4 remail only, no encryption of headers #5-#12 support encrypted headers #13 special - header and message must be encrypted together #7,#11,#13 introduce larger than average delay (not direct connect) #12 public key not yet released ====================================================================== Q2: What help is available? A2: Check out the pub/cypherpunks directory at soda.berkeley.edu (128.32.149.19). Instructions on how to use the remailers are in the remailer directory, along with some unix scripts and dos batch files. Mail to me (elee9sf@menudo.uh.edu) for further help and/or questions. ====================================================================== -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK+FaUYOA7OpLWtYzAQHAkwP/XeYgJtC+oSWPkg84wMrkWUjuim7vMPgm XVpf90hvHyMy7dJbmCliQachBMV2/5ddgTipISdYzD3xeExIVNYOPruuQLSCDhrC 1zXpsqHlTUw9gppem58NoUPuQl2OP2vSUyWf12yxFpfTQ7Qg3gQ7GBiROa8xuaoC 31IzbfsvqE0= =iMsm -----END PGP SIGNATURE----- /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Sy Verpunc Date: Sat, 1 May 93 05:02:56 PDT To: cypherpunks@toad.com Subject: Re: Tactics. Message-ID: <9304301204.AA23052@pizzabox.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain From: Shaen Bernhardt To me its plain that the intent is to regulate crypto. Before then I plan (hope) that PGP finds its way into MANY hands. That's the only real weapon I see. Consider it a safety net to catch us if Tim's REALPOLITIK fails. I hope it doesn't, Tim, I hope not but I'm going to hope for the best and prepare for the worst. I intend to use strong crypto when I like. And to think I got flame mail less than two months ago when I said on alt.security.pgp that I was pissed off because someone put my key on a public server... I bet there's a few other people wishing now they hadn't put their keys in an 'arrest me' list... G From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Fri, 30 Apr 93 09:23:11 PDT To: Cypherpunks Subject: PGP on soda.berkeley.edu Message-ID: <930430161518_74076.1041_FHD32-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain The fact that PGP is available on the Cypherpunks FTP site, soda.berkely.edu, was publicized in sci.crypt last week (among other places and times). Eric said that the Cypherpunks FTP site has become among the top FTP access points in the world. When Stanton McCandlish posted on sci.crypt that he had PGP available on his system, he quickly received threats from Jim Bidzos demanding that he remove it. It follows, doesn't it, that Jim Bidzos would be forced to apply similar legal pressure to the Cypherpunks leadership to get them to remove PGP from their site, a site which may be one of the leaders worldwide in distributing PGP. Now we see Tim suggesting (in the spirit of "pancritical rationalism"? I'm not so sure...) that we move away from PGP, and Eric offering arguments showing why Bidzos has to do what he is doing. Is there a connection? Are Tim and Eric under pressure from Bidzos to get PGP off their site? I don't know, but they would certainly be likely targets for Bidzos' efforts, and so it is understandable that they may be feeling personal discomfort. But I'd like to hear more about the relationship with Bidzos. Hal From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: bcox@gmu.edu (Brad Cox) Date: Fri, 30 Apr 93 09:19:24 PDT To: "Stephen P. Marting" Subject: Re: Need some Advice Message-ID: <9304301620.AA00518@gmuvax2.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain "Stephen P. Marting" wrote >The difference between Software Engineering and Computer Science is sort >of like the difference between Differential Equations and Mathematics. >SoftEng is a subset of CompSci. Isn't it more like the difference between epicyclic computation and Ptolemaic Astronomy? In other words, don't these labels really denote software pre-engineering and computer pre-science? -- Brad Cox; bcox@gmu.edu; 703 968 8229 Voice 703 968 8798 Fax George Mason Program on Social and Organizational Learning From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jet@nas.nasa.gov (J. Eric Townsend) Date: Fri, 30 Apr 93 12:48:42 PDT To: cypherpunks@toad.com Subject: PGP legalities In-Reply-To: <930430161518_74076.1041_FHD32-1@CompuServe.COM> Message-ID: <9304301948.AA00372@boxer.nas.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain A short reminder: If you are the government, or you work for the government, you can use PGP. The conditions under which you can use it might be fuzzy (ie: can I use it to encrypt mail to send to this list, which is not work related), but you can definately use it for your work. -- J. Eric Townsend jet@nas.nasa.gov 415.604.4311 NASA Ames Numerical Aerodynamic Simulation | play: jet@well.sf.ca.us Parallel Systems Support, CM-5 POC | '92 R100R / DoD# 0378 PGP2.1 public key available upon request or finger jet@simeon.nas.nasa.gov From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jet@nas.nasa.gov (J. Eric Townsend) Date: Fri, 30 Apr 93 12:49:16 PDT To: cypherpunks@toad.com Subject: npr report Message-ID: <9304301949.AA00378@boxer.nas.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain from the NPR report: > "The mechanism is very much like what the real estate agents do with > houses. Right, they take you to show you a house and they don't have a > key to that house in their pockets. But they get to the house, and > there's a lock box hanging on the front door. And they have a master key > in their pockets, and they open the lock box, and take out the key to the > door, and open the front door, and go in and show you the house." This is a *wonderful* analogy. Imagine if one could not buy a set of locks for their house w/o buying the government lock-box to go beside the front door. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: lefty@apple.com (Lefty) Date: Fri, 30 Apr 93 13:05:50 PDT To: cypherpunks@toad.com Subject: Re: PGP on soda.berkeley.edu Message-ID: <9304301953.AA29637@internal.apple.com> MIME-Version: 1.0 Content-Type: text/plain >What founding father said "If we all don't hang together we will surely hang >seperately" Benjamin Franklin. -- Lefty (lefty@apple.com) C:.M:.C:., D:.O:.D:. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Fri, 30 Apr 93 13:00:32 PDT To: Cypherpunks@toad.com Subject: I don't take it personally... Message-ID: <9304302000.AA03138@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Just to let you folks know, I don't take some of the comments I've been seeing here (and in e-mail) personally. That is, I fully understand that emotions run high around these topics, especially about PGP, the Clipper Chip, and patents on software. This list is for discussion, even heated discussion. We're not here to just complain about things we all despise, like the Clipper chip...for that you can read sci.crypt. I've posted my thoughts and suggestions in this spirit. I'm not in a policy-making position (how many of us are?), so some of the stronger comments about how I'm reorienting the Cypherpunks list seem, well, inappropriate. That others have said much the same thing says this is a legitimate issue to discuss on this list. By the way, I responded at length to Matthew J Miszewski's posting because that's the one I saw first. The equally well-written critiques of my points by Lance Dettweiler and Hal Finney did not arrive at my site until sometime after 2 a.m. this morning, when I last checked...though they were written and posted half a day earlier than Matt's posting. Odd delays we're having. I won't answer their point-by-point critiques, as I think my follow-up to Matt and the various other posts by Eric, Pat Farrell, Stanton M., and others have gotten the issues aired. Just to repeat, I'm not in the thrall of RSA or anyone else. I just think the issues are much larger. I'm not saying we shouldn't use PGP, nor am I suggesting Jim Bidzos should serve arrest warrants at our Cypherpunks meetings (I got a kick out of that really "over the top" charge...I took no offense1). I don't set policy for you folks. Nobody does. I'm just one more voice. Discussion won't hurt this list--if it can, then we're really in trouble. -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, smashing of governments. Higher Power: 2^756839 | Public Key: in a state of flux! Waco Massacre + Big Brother Wiretap Chip = A Nazi Regime From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Fri, 30 Apr 93 10:12:18 PDT To: CYPHERPUNKS Subject: Tough Choices: PGP vs. RSA Data Security Message-ID: <930430170523_74076.1041_FHD74-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- I thought Eric's analysis of RSADSI/PKP's position was interesting, but I have to take issue with a couple of points: > Premise: RSADSI created RSAREF in order to license individuals. This seems to assume that RSADSI needs to "license" individuals in order to allow them to use the patent. But I don't think this is the case. RSADSI can simply say that individual, non-commercial use of the patents is permitted by them. In fact, they do say that, apparently. As Pat Farrell reported today: > I found that PKP has two simple philosophies: (1) they have a valid patent, > and you must agree to this fact and (2) if you make money, they make > money. I understand that the FAQ from RSA confirms this, that non-commercial, personal use of the patent is OK. (Actually, I don't think this first point, that "you have to agree that their patent is valid" is in the FAQ. I think this was added specifically because the PGP documentation criticizes the patent.) So, it does not seem to me that they had to take _any_ specific action in order to "license" individuals to use their patent non-commercially. They simply had to say, as they already said, that such use is not considered infringing. > Since they don't make any money from it, there's > no reason for them to spend much money paying lawyers to draft license > agreements for products which bring in no income. Therefore they want > all non-income uses of the patents to be filtered through a single > license. Again, there is no need for them to pay lawyers to set up a host of different "non-income" licenses. There is no need to "filter" all such uses through a single package. Rather, a general blessing of non-commercial use should be adequate. > Assertion: The reason that RSADSI requires that individual licenses be > mediated through RSAREF is that non-commercial software is inevitably > used in commercial contexts. Allow personal, non-commercial use does not mean they lose any rights to sue companies which make money off the patent. If a non-commercial product (like PGP) is used in a commercial context then both Phil and Jim may be expected to go after them. This therefore is not at all a reason for RSADSI to require individual licenses to be mediated through RSAREF. Doing that gives them no rights that they didn't already have. > Remember, their main business is > licensing. All software used in a commercial context must be > licensed, otherwise their main business is imperiled. Were they to > make separate licenses for every low end product, they would be in the > same situation as if they licensed individuals--high overhead, small > return. Therefore, they license RSAREF to companies; this allows > RSADSI to economically offer licensed use for all such low end > software packages. Here Eric is apparently talking about commercial use. I think our discussions are in the context of personal, non-commercial use. We should clearly separate these two issues. Where a putatively non-commercial product, whether RIPEM or PGP, is used in a commercial situation then PKP and/or PRZ may choose to take legal action. But the non-commercial situation can be dealt with without restricting users to use RSAREF. In short, Eric has not persuaded me (at least) that RSADSI was in any way forced to restrict non-commercial users to use the RSAREF package. Their general policy of permitting personal, non-commercial use, and demanding that "if you make money, we make money" are more than adequate without RSAREF entering the picture at all. Hal Finney 74076.1041@compuserve.com -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK+ExaKgTA69YIUw3AQErDQP/ZMqrgzTm/j2T5xkbLCruCdVfd+a/U9tk aNNE8687LMZsC9RSxh6me60zWEQag1DnLqOA5zhn+9kbQ3HbYsc58oc/5vNgJwEe lAfcRImykqdIq3PLWgGyvhqqBsOib/k9uL8+OijcdYmsnLciDN8z4IdREDDKn7zu w83hCzV7BDc= =zAQ6 -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Fri, 30 Apr 93 13:44:08 PDT To: jet@nas.nasa.gov Subject: Re: npr report Message-ID: <9304302043.AA21502@servo> MIME-Version: 1.0 Content-Type: text/plain > This is a *wonderful* analogy. Imagine if one could not buy a set of > locks for their house w/o buying the government lock-box to go beside > the front door. It's an even better analogy (for me) because of the experience I had a year ago with a house I was renting. The owner had put it up for sale, so a lockbox was installed on the garage door. One day I came home and noticed that the box was open, and the key inside was missing. Gave me a real warm and fuzzy feeling. One of the really nice things about now owning a house (vs renting) is that I can change the locks whenever I please and I don't have to give a copy to *anybody*... Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pfarrell@cs.gmu.edu (Pat Farrell) Date: Fri, 30 Apr 93 10:56:47 PDT To: cypherpunks@toad.com Subject: Re: PGP on soda.berkeley.edu Message-ID: <9304301751.AA06931@cs.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain Hal, I think you are being overly paranoid. Jim Bidzos must protest the use of PGP. If he doesn't, he will lose the ability to claim that companies have to pay for RSA. He has publicaly, and repeatedly, stated that the ITAR is a crock. Don't wave a flag infront of the bull. He has personally told me that he is very interested in a RSA approved program that is PGP compatible. He simply can NEVER say that PGP is OK. If we are to say to the politicians that normal folks need strong encryption, then we have to start without being labled criminals for violating the US laws. If I remember, you are not in the US, so it is fine to ignore Bidzos. I can not write my congressman and saw Clipper is bad, PGP is good when use (and development) of PGP is against the law. We could argue that the law is bad. I can agree. But changing the law will take so long that RSA will be illegal. Then when I use it, it will be grounds for a search warrent. Pat Pat Farrell, Grad Student pfarrell@cs.gmu.edu Department of Computer Science, George Mason University, Fairfax, VA From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Matthew J Miszewski Date: Fri, 30 Apr 93 11:59:48 PDT To: cypherpunks@toad.com Subject: CLIPPER: Remember Big Brother! Message-ID: <23043013580787@vms2.macc.wisc.edu> MIME-Version: 1.0 Content-Type: text/plain Cypherpunks, I have taken contention with Tim's suggestions and was glad to see the comprehensive response. And the following critiques. But I fear that AT&T and the NSA may be lovin' our discontent with each other. I still disagree with Tim on a few contentions and will post them later. But I now understand more clearly his position and far sightedness. While I did my part to start this dissent, I now hope that we can reconcentrate on the current emergency. CLIPPER! Im not saying we should quash dissent, but just cool the flames and remember our current situation. There are many facets of patent law which we may not be able to solve right now. [Eric, I am working on your research request, thanx!]. Please don't let a provacative post by a forward looking thinking derail *both* of our ultimate goals. There is a time and a place for this debate. However, I feel now we must attack the _real_ enemy. So, please, step back and remember that if we fall divided, NO ONE will voice opposition to the WIRETAP CHIP, and we can all set our calandars back to 1984. Respectfully Dissenting, Matt mjmiski@macc.wisc.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fnerd@smds.com (FutureNerd Steve Witham) Date: Fri, 30 Apr 93 12:44:40 PDT To: cypherpunks@toad.com Subject: PGP vs. RSADSI--what conflict? Message-ID: <9304301927.AA22360@smds.com> MIME-Version: 1.0 Content-Type: text/plain Cypherpholks-- Neither abandoning PGP nor antagonizing RSADSI seem necessary to me. This letter makes a 3/4 page summary of that belief after which I mention some interesting side issues. Eric Hughes' understanding of the situation confirms my intuitions-- RSADSI pretty much has to either act the way it's acting or else just roll over. and They seem agreeable to a technically good PGP/RSAREF connection. but That's work. On the middle point, in particular I don't think they'll insist we use DES or a slow engine. For people who don't get why those restriction seem to be there but aren't, I suggest rereading Eric's article. Although I have strong feelings about the patent issue, and although it affects the privacy issue, I definitely put the privacy issue first. Given that it seems we can separate the two issues, I don't see why we shouldn't. Although I agree with Tim that being non-confrontative with RSADSI is smart, I don't see PGP and RSADSI as quite so hard to reconcile as he seems to: > If the government ever outlaws strong crypto, you can be sure I'll be > using outlaw crypto. The difference with the current situation is > that crypto per se has not yet come under regulation.) And PGP per se is not outlaw. Only the current version and lack of license. Let's conceptually separate PGP, Phil's RSA/MD5 engine (PGRE?), and using/ distributing PGRE in the USA. Only the third is a problem with RSADSI. > ...bootleg > crypto (which is what PGP will remain in this country unless and until the > courts overturn the patents or RSA suddenly decides to cave in)... Pshaw. Until it's worked out. No "sudden caving in" is needed. Tim, you were the one who reported that Jim Bidzos was sounding agreeable. > Furthermore, neither Phil nor any other members of the development team are > likely to ever make any money with this ^^^^ PGRE Phil could finally solicit shareware fees. Now the side issues: There could conceivably be an issue in the future for people working with RSAREF--who have SEEN THE CODE--and then wanting to develop other crypto stuff later. People have attempted to avoid this legal hassle in the past by setting up a "clean room" where only specs and interfaces are known... RSAREF is copyrighted stuff, right?, which puts you in a slightly different legal position when you have it/distribute it. Assuming PGP gets a license to be shareware, I see this being less of a problem than the current situation. But even if PGP gets some kind of license, would individuals still have to sign agreements with RSADSI? I feel more serious about personal agreements than copyrights or patents. Will it be the standard RSAREF individual license? Does it require you to *act as if* they had rights some of us care about them not having? (Rights to the specific code don't bother me too much.) > (isn't e-mail great?...Stanton posts it, and Jim Bidzos, the > Pres. of RSA responds...no lawyers were needed, no lengthy delays.). At the CFP conference that Tim missed ~{;o), Cliff Stoll was remarking that eventually all sorts of nasty things happen related to the net--except lawsuits. We guessed that the availability of the quick, public response might have a lot to do with that. Here we have a threat; can anyone think of an example of an email-related suit that was carried through? -phnerd, er, fnerd quote me --fnerd@smds.com (FutureNerd Steve Witham) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "John (FuzzFace/Fast-Eddie) McMahon" Date: Fri, 30 Apr 93 13:49:56 PDT To: cypherpunks@toad.com Subject: Re: PGP on soda.berkeley.edu Message-ID: <01GXMNWP2FA6000426@Eisner.DECUS.Org> MIME-Version: 1.0 Content-Type: text/plain > What founding father said "If we all don't hang together we will surely hang > seperately" Ben Franklin, I believe. John McMahon From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: phr@america.Telebit.COM (Paul Rubin) Date: Fri, 30 Apr 93 16:49:27 PDT To: cypherpunks@toad.com Subject: eurocrypt '93 Message-ID: <9304302348.AB12222@america.TELEBIT.COM> MIME-Version: 1.0 Content-Type: text/plain Is anyone thinking of going? It's in Norway, in late May. Pining for the fjords... Paul From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Fri, 30 Apr 93 17:14:39 PDT To: cypherpunks@toad.com Subject: 800 numbers In-Reply-To: Message-ID: <9305010011.AA05935@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >On a note similar to remailers, has anyone ever given consideration to >creating an "outdial" service? [a redialer operation for telephones] I've been wanting to do this for years. As soon as we get a digital coin system running, I'm going to work on getting one up in Berkeley. There are some interesting issues here similar to remailers. Fancy schemes tend not to be all that secure because the in-band audio signalling is not conducive to crypto. Just having the redirection service is enough now to disrupt Caller-ID. When ISDN is standard, you can you the money transaction on the D channel, out of band, and digital. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tien (Lee Tien) Date: Fri, 30 Apr 93 17:27:13 PDT To: Cypherpunks, tcmay@netcom.com Subject: Re: I don't take it personally... Message-ID: <9305010027.AA08692@toad.com> MIME-Version: 1.0 Content-Type: text/plain Tim, I'm responding to your question about patents. I don't know of any reason why individual licenses to use the public-key patents in connection with specified authorized programs couldn't be granted under U.S. patent law. In general, a patent holder has the right to exclude unauthorized persons from making, using, or selling the patented invention. A patent holder can grant non- exclusive licenses to make, use, or sell. Legally speaking, a non-exclusive license can be thought of as a promise by the paent holder not to sue the licensee for acts within the scope of the license which would otherwise constitute patent infringement, in return for some kind of consideration. The major limits on a valid patent are "patent misuse" (where the patent holder overreaches) and antitrust (where the patent holder uses the patent to restrain trade). Patent licensing is a pretty flexible mechanism. I'm no expert, though, and I've never quite understood exactly what this patent protects, nor have I seen the actual claims of the issued patent. Lee From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Fri, 30 Apr 93 17:36:28 PDT To: cypherpunks@toad.com Subject: PGP on soda.berkeley.edu In-Reply-To: <930430161518_74076.1041_FHD32-1@CompuServe.COM> Message-ID: <9305010033.AA07393@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >soda.berkely.edu, was publicized in sci.crypt last week (among other places >and times). I have tried to make sure that it's not widely publicized, for reasons stated below. >Eric said that the Cypherpunks FTP site has become among the top FTP access >points in the world. No. I said that the cypherpunks site on soda is the most active one on soda. Quite a difference. >When Stanton McCandlish posted on sci.crypt that he had PGP available on his >system, he quickly received threats from Jim Bidzos demanding that he remove >it. Look. Bidzos is under fiduciary responsibility to exercise due diligence in making sure unlicensed software is not distributed. If Bidzos were to get fired for not doing it, someone else would come in and do exactly the same thing. >It follows, doesn't it, that Jim Bidzos would be forced to apply similar >legal pressure to the Cypherpunks leadership to get them to remove PGP from >their site, a site which may be one of the leaders worldwide in distributing >PGP. I've know Bidzos for a little over a year. I've been distributing PGP ever since the ftp site went up. Not once have I ever told Bidzos I'm doing this. If I did, he'd have no choice but to stop it, having been personally informed that infringement was occurring at a particular place under a known agent. I've asked Hugh Miller not to advertise the site publicly, not because I don't want it used, but because I don't want it to go away. The site is registered with archie; if you want it, you can find it. Sometimes you have to be loud to get things done; sometimes you have to be silent. Domestic distribution of PGP right now is something best done in silence. >Are Tim and Eric under pressure from Bidzos to get >PGP off their site? Tim doesn't have anything at all to do with the ftp site. I do it on a guest account on the machine, which for tactical reasons of software distribution I'd like to keep. I have never heard anyword from Bidzos that he even knows about the soda site, let alone that I maintain it, let alone any pressure to remove PGP from it. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com Date: Fri, 30 Apr 93 14:34:13 PDT To: mab@research.att.com Subject: clip.txt on NIST ftp Message-ID: <9304302134.AA10093@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text csrc.ncsl.nist.gov has some new uploads in /pub/nistnews, including Krammer(NIST)'s testimony to Markey, and clip.txt, a more recent Clipper description. It's short enough I'm attaching it below; the interesting part in Section 5 is that it says the wiretap block has 80-bit session key crypted with unit key, 25-bit serial number!, and 23-bit "authentication pattern" making a total of 128 narc bits. It also gets transmitted "at least once" to the receiver. Also, chip prices include "programmed and unprogrammed" - I wonder if real people will be able to buy them unprogrammed? Bill Stewart ------ clip here ----- CLIPPER CHIP TECHNOLOGY CLIPPER is an NSA developed, hardware oriented, cryptographic device that implements a symmetric encryption/decryption algorithm and a law enforcement satisfying key escrow system. While the escrow management system design is not completely designed, the cryptographic algorithm (SKIPJACK) is completely specified (and classified SECRET). The cryptographic algorithm (called CA in this paper) has the following characteristics: 1. Symmetric, 80-bit key encryption/decryption algorithm; 2. Similar in function to DES (i.e., basically a 64-bit code book transformation that can be used in the same four modes of operation as specified for DES in FIPS 81); 3. 32 rounds of processing per single encrypt/decrypt operation; 4. Design started by NSA in 1985; evaluation completed in 1990. The CLIPPER CHIP is just one implementation of the CA. The CLIPPER CHIP designed for the AT&T commercial secure voice products has the following characteristics: 1. Functions specified by NSA; logic designed by MYKOTRONX; chip fabricated by VLSI, Inc.: manufactured chip programmed (made unique) by MYKOTRONX to security equipment manufacturers willing to follow proper security procedures for handling and storage of the programmed chip; equipment sold to customers; 2. Resistant to reverse engineering against a very sophisticated, well funded adversary; 3. 15-20 MB/S encryption/decryption constant throughout once cryptographic synchronization is established with distant CLIPPER Chip; 4. The chip programming equipment writes (one time) the following information into a special memory (called VROM or VIA-Link) on the chip: a. (unique) serial number b. (unique) unit key c. family key d. specialized control software 5. Upon generation (or entry) of a session key in the chip, the chip performs the following actions: a. Encrypts the 80-bit session key under the unit key producing an 80-bit intermediate result; b. Concatenates the 80-bit result with the 25-bit serial number and a 23-bit authentication pattern (total of 128 bits); c. Enciphers this 128 bits with family key to produce a 128-bit cipher block chain called the Law Enforcement Field (LEF); d. Transmits the LEF at least once to the intended receiving CLIPPER chip; e. The two communicating CLIPPER chips use this field together with a random IV to establish Cryptographic Synchronization. 6. Once synchronized, the CLIPPER chips use the session key to encrypt/decrypt data in both directions; 7. The chips can be programmed to not enter secure mode if the LEF field has been tampered with (e.g., modified, superencrypted, replaced); 8. CLIPPER chips will be available from a second source in the future; 9. CLIPPER chips will be modified and upgraded in the future; 10. CLIPPER chips presently cost $16.00 (unprogrammed) and $26.00 (programmed). 4/30/93 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mike Godwin Date: Fri, 30 Apr 93 14:35:56 PDT To: cypherpunks@toad.com Subject: 800 number -- Clipper poll Message-ID: <199304302135.AA01210@eff.org> MIME-Version: 1.0 Content-Type: text/plain Article 17194 (12 more + 1 Marked to return) in comp.org.eff.talk: From: JHIUOT&)@p918.f70.n109.z1.fidonet.org (JHIUOT&)) Subject: Clipper poll Date: Wed, 28 Apr 93 12:00:09 PDT Organization: FidoNet node 1:109/70.918 - No Montgomery Co Ba, Rockville MD Lines: 14 Communications Week magazine has a weekly telephone response poll. This week's question is: Do you agree with the Clinton administration's Public Encryption Management dire ctive for communications equipment? Yes: 800-242-CWKY No: 800-242-CWKN -- uucp: uunet!m2xenix!puddle!109!70.918!JHIUOT&) Internet: JHIUOT&)@p918.f70.n109.z1.fidonet.org From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Nickey MacDonald Date: Fri, 30 Apr 93 16:08:56 PDT To: Mike Godwin Subject: Re: 800 numbers In-Reply-To: <199304302135.AA01210@eff.org> Message-ID: MIME-Version: 1.0 Content-Type: text/plain Of course, only Americans can dial those numbers.. which is a shame... (A few Canadians could have skewed the voting... :-) On a note similar to remailers, has anyone ever given consideration to creating an "outdial" service? If I could dial long distance into the States, and then be able to dial a 1-800 number that I cannot dial direct from Canada (which is most) this would extremely useful... Could be taken a step further, and with automated billing a person could dial *any* number and charge it back to their calling card (though this would not be fully anonymous, is there a use for this?? I donno... as Caller ID becomes more prevalent... maybe...) I know law enforcement agents use something like this for undercover operations, though I doubt they figure in a long distance factor very often... Anyway, something to think about... --- Nick MacDonald | NMD on IRC i6t4@jupiter.sun.csd.unb.ca | PGP 2.1 Public key available via finger On Fri, 30 Apr 1993, Mike Godwin wrote: > Communications Week magazine has a weekly telephone response poll. > > This week's question is: > > Do you agree with the Clinton administration's Public Encryption > Management directive for communications equipment? > > Yes: 800-242-CWKY > No: 800-242-CWKN From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eli Brandt Date: Fri, 30 Apr 93 20:46:40 PDT To: cypherpunks@toad.com Subject: Re: PGP In-Reply-To: <01GXMXWJVE4Y95NBR5@delphi.com> Message-ID: <9305010346.AA10948@toad.com> MIME-Version: 1.0 Content-Type: text/plain > From: HARUP16@delphi.com > I know that it was wrong to steal the RSA code for > a shareware alternative, but [...] Nobody stole code. PGP infringes on (at least) U.S. Patent 4,405,829, which covers the RSA algorithm. Personally, I have no qualms about exponentiating in any algebra I please. As to the question of "whether RSADSI are good guys": they certainly could be. However, I don't see RSA doing a hell of a lot to promote crypto use -- the opposite, in fact. Their software output is hardly impressive for a corporation of a decade's standing. They won't sell me a license -- they'll sell it to Lotus, but I can't see their source code. The government hasn't banned public-key encryption, but it's banned patent-infringing public-key encryption. And for practical purposes, that's the only kind there is. The combined effect of present patent law and RSA's "sue first, write code later" approach has been to stifle the development of cryptography in this country and in the world. Perhaps if encryption algorithms were not encumbered, they would already be in common use, rendering Clipper untenable. If RSA Inc. wishes to sell me a license I shouldn't have to buy, that would be nice. If they wish to show their change of heart in some other way, that would be nice too, as long as it doesn't come with a licensing agreement like RSAREF's. But if they're going to continue to sit on their patents, I'll do without their blessing. Incidentally, I don't think the issue of algorithm patents is as minor as some have portrayed it. It has blocked the use of RSA, after all, giving Clipper a window. Furthermore, there are patents on approximately every other cryptographic technique: PK in general, exponential key exchange, LUC, IDEA, DigiCash, .... Patents may gut cryptology the way they have data compression, to pick one example. This would be a shame. Eli ebrandt@jarthur.claremont.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: HARUP16@delphi.com Date: Fri, 30 Apr 93 18:43:36 PDT To: cypherpunks@toad.com Subject: PGP Message-ID: <01GXMXWJVE4Y95NBR5@delphi.com> MIME-Version: 1.0 Content-Type: text/plain > I've yet to see many people who "need" PGP who cannot pay for > I'm wrong, but that's how I see it. In any case, while we may > doubts about the patentability of mathematical algorithms, tha > the world works. Certain property rights are reasonable. Argui > RSADSI has no rights to a patent on public key methods is a di > matter than arguing that someone's need and inability to pay i > taking software. I think what Matt was trying to get at is that privacy should be free The day that I feel the need to have to pay $100 to ensure that my business is nobody's business but my own is the day I leave this country for a nice outlet free desert island. I know that it was wrong to steal the RSA code for a shareware alternative, but you gotta understand the stakes here: Breaking a patend, or keeping the government from snooping on each and everyone of us. Sure, RSA is great, and they should get payed for their time programming, yap, yap, yap. But when Salk found a vacine for Polio, did he have a little fit and say "no! you are all going to die because I am a greedy little bastard", no, he made the vacine a sort of share-ware. I know there is a great deal of difference between death and software, but just tell that to to the people involved with Inslaw(hope you are all familiar with Promis software). From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ld231782@longs.lance.colostate.edu Date: Fri, 30 Apr 93 22:37:44 PDT To: cypherpunks@toad.com Subject: electronic democracy: approaching at megabit speed! Message-ID: <9305010500.AA22840@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain This came from the `privacy digest' mailing list. Of particular interest is the opening & `onlining' of government databases. Also note that the noted Sen. Leahy has expressed serious concern over the Clipper and is chairing hearings on it. `mood of declassification'? `require more openess throughout the bureacracy'? `electronic mail to improve citizen participation'? WOW! Some words that have been coined to describe this kind of thing for future sound-bite reference: `modemocracy' (saw this in a Compuserve magazine) or `netocracy' (my own coining) ===cut=here=== [ Original posting source: nigel.allen@canrem.com in igc:alt.news-media -- MODERATOR ] White House Official Outlines Freedom of Information Strategy at 'Information Summit' To: National Desk, Media Writer Contact: Ellen Nelson of The Freedom Forum First Amendment Center, 615-321-9588 NASHVILLE, Tenn., April 13 -- A White House official today outlined a broad open government strategy for the Clinton administration, throwing support behind legislation to apply the Freedom of Information Act to electronic records. "At the Clinton White House, most of the debate over the E-mail system is about how we can interconnect it to public services rather than how we can destroy the records or tear out the hard drives before the subpoenas come to reach us," said John Podesta, assistant to the president and staff secretary. Podesta made his comments in front of 70 participants in the nation's first Freedom of Information Summit, sponsored by The Freedom Forum First Amendment Center at Vanderbilt University. Though the economy dominates the headlines, Podesta said the new administration was quietly working across a broad front to open government. His "predictions for the first year," included: -- Working with Sen. Patrick Leahy (D-Vermont) to win approval this session for a bill allowing access to dozens of electronic databases in the federal government. -- Developing an electronic mail system within the federal government to improve citizen participation in government. -- Making the government's archives available on the nation's "information highway," and appointing a national archivist "who cares more about preserving history than about preserving his job." --Creating a "mood of declassification" with new executive orders from the president outlining what government may keep secret. -- "Reinventing government" under initiatives developed by the fall by Vice President Gore to require more openness on the part of civil servants throughout the bureaucracy. Podesta also pledged lobbying reform and political reform to "get rid of the soft money in campaigns." The Freedom of Information Act may need strengthening in addition to electronic access, he said. Pinched by a dozen years of tight information policy, news organizations have sent President Clinton a freedom of information policy paper calling for wholesale personnel changes in FOIA-related jobs, junking the secrecy classifications of President Reagan's Executive Order 12356, overhauling the Freedom of Information Act and ending military censorship of war reporting. "People working on behalf of the public on more openness in government at all levels are heartened by the prospect of the White House taking the lead in this area," said Paul McMasters, executive director of The Freedom Forum First Amendment Center at Vanderbilt University. The conference, sponsored by The Freedom Forum First Amendment Center at Vanderbilt University, is focusing on issues ranging from the Clinton administration's policies on open government to restrictions on public access to crime, accident and disaster scenes. The conference, open to the public, is at the Stouffer Hotel in downtown Nashville. Speakers on the Clinton FOI Agenda included Richard Schmidt Jr., general counsel to the American Society of Newspaper Editors and partner in the law firm of Cohn & Marks in Washington, D.C.; Theresa Amato, the director of the FOI Clearinghouse in Washington, D.C. and staff counsel for Public Citizens Litigation Group in Washington, D.C.; and Quinlan Shea, former Carter administration official who discussed problems of access to government. Former American hostage Terry Anderson will give the keynote address at the dinner tonight. The Freedom Forum First Amendment Center at Vanderbilt University is an independent operating program of The Freedom Forum. The Center's mission is to foster a better public understanding of and appreciation for First Amendment rights and values, including freedom of religion, free speech and press, the right to petition government and peaceful assembly. The Freedom Forum is a nonpartisan, international organization dedicated to free press, free speech and free spirit for all people. It is supported entirely by an endowment established by Frank E. Gannett in 1935 that has grown to more than $700 million in diversified managed assets. Its headquarters is The Freedom Forum World Center in Arlington, Va. -30- -- Canada Remote Systems - Toronto, Ontario 416-629-7000/629-7044 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eli Brandt Date: Sat, 1 May 93 00:29:16 PDT To: cypherpunks@toad.com Subject: Re: validity of the RSA patent In-Reply-To: <9304300628.AA17668@soda.berkeley.edu> Message-ID: <9305010729.AA14153@toad.com> MIME-Version: 1.0 Content-Type: text/plain > Consider use of another public key encryption scheme, say LUC encryption. Which, of course, is patent-pending. It appears that we can no more make progress in cryptography in the face of algorithm patents than we could advance mathematics under the burden of theorem licensing. We can't afford to wait until 2001. > Eric Eli ebrandt@jarthur.claremont.edu (LPF member) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Fri, 30 Apr 93 21:47:14 PDT To: CYPHERPUNKS Subject: PGP on soda.berkely.edu Message-ID: <930501044129_74076.1041_FHD20-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN ??? SIGNED MESSAGE----- I want to apologize to Eric and Tim for intimating that their motives in exploring the possibility of closer ties to RSADSI were due to pressure from that company and its officers. I had apparently misinterpreted Eric's statements about the popularity of the Cypherpunks FTP directories to conclude that it was a major distribution site for PGP. I am glad to hear that Eric and Tim are not facing any immediate legal problems due to their support for this software. Turning to the issue under discussion, I do have a couple of other thoughts. First, I don't see that the interests of RSADSI are fully aligned with ours regarding Clipper. Despite PKP's success in accumulating patents, Clipper per se does not appear to infringe, being based on a new symmetric cryptosystem. So they don't have any direct leverage over the use of Clipper. Now, Clipper-based phones presumably need some way to exchange keys, and here PKP's patents are likely to be relevant. But I was under the impression that AT&T, at least, was already producing secure telephones. I don't see why whatever arrangements they made for key exchange under their previous technology would have to be changed with Clipper. In fact, Clipper in some ways represents a major market opportunity for PKP. To the extent that the publicity leads to increased sales of encrypting phones, PKP may benefit from the success of the Clipper. (The follow-on Capstone project does appear to pose a greater threat to PKP, since it will use DSS (for key exchange???).) Furthermore, in any future government prohibition on non-Clipper cryptography, our greatest nightmare, it is plausible that the government would "take care" of PKP by making sure that they get a nice piece of the pie. I could easily imagine a situation in which non-Clipper crypto is banned, Clipper is widely distributed, and PKP is doing very well financially with a slice of the profits from every sale. Even if Jim Bidzos were personally committed to widespread, strong, public cryptography, and opposed Clipper for fundamental philosophical reasons (just like us), he would be faced with a conflict of interest. As several people have pointed out here, Bidzos has a fiduciary responsibility to his shareholders to maximize profits for his twin companies. If it comes down to a choice between opposing Clipper on principle and accepting it along with guaranteed profits, he may be forced (in the same sense in which he is forced to send threats to Stanton McCandlish) to back Clipper. So, even if Bidzos is personally a nice guy I think we need to remember that his company may not be a natural ally of ours. One final point, for now. I like Tim's .sig and all it represents. But frankly, it is hard for me to square a commitment to radical change with the proposed alliance with PKP. Part of the trouble is that I still don't understand exactly what our relationship with RSADSI is proposed to become. But at a minimum it sounds like we would avoid supporting activities which would infringe on their patents. That means that when we want to start working on some of those things in Tim's .sig, we are in many cases going to have to get Jim Bidzos's permission. Can you imagine asking something like this: "Dear Jim: We request permission to use the RSA algorithm for an implementation of digital cash which we will distribute in an underground way among BBS's all over the world, with the goal being the support of "information markets, black markets, [and] smashing of governments" (to quote Tim's excellent .sig). "Please sign on the dotted line below. Yours truly, an anonymous Cypherpunk." Obviously there is no way Bidzos could give such approval. Even if he personally were a card-carrying member of the Anarchist Party he could not bear the legal liability that someone in his position would take if he granted this request. How, exactly, are we supposed to progress towards Crypto Anarchy if we have to be sure not to step on PKP's toes? Do we just not ask him for permission (in which case we are in PGP's boat)? Do we ask for permission without revealing the full scope of the project (in which case it may be rescinded later)? I am not being facetious here. I honestly don't see how you can carry out Cypherpunk activities with a corporate sponsor. I guess that's enough for now... Hal 74076.1041@compuserve.com -----BEGIN ??? SIGNATURE----- Version: 2.2 iQCVAgUBK+HUu6gTA69YIUw3AQF9hAP+K6HXxXxjpK2qmjtFmj6LnWFW10KG09P+ o09BpbCJsiXTulv85XEtDfTyqus+T9o2dp01xaJaj0T/En3nKPs7NjKlgNciLmhV 3gzAAuv3VedheUR4cLuZOKxk6MkcwywRB4T/PHPomJ411FeYHI1DgBxZEbpM25e0 Y5mk4vQP+oo= =zKde -----END ??? SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Sandy <72114.1712@CompuServe.COM> Date: Fri, 30 Apr 93 22:02:24 PDT To: Subject: OUTDIAL SERVICE Message-ID: <930501045637_72114.1712_FHF42-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain _________________________________________________________________ SANDY SANDFORT ssandfort@attmail.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Nickey MacDonald wrote: ". . . has anyone ever given consideration to creating an "outdial" service? If I could dial long distance into the States, and then be able to dial a 1-800 number that I cannot dial direct from Canada (which is most) this would extremely useful." At least one service, similar to what you describe, already exists. It was created primarily to take advantage of the low long distance/international rates available only from the US. Incoming calls to the US typically cost 2-3 times as much as outgoing calls to the same countries. Once you have an account, you can call a special number in the US, key in your private code, and hang up. You will immediately be called back by the service. When you answer, you will here an American dial tone. You may then dial any number in the world. The service charges you a fee that is substantially less than the international rates charges in your home country. Of course, it also allows you to call US 800 numbers, as well. The company, ITS, offers other services including programs for Americans (or anybody) travelling abroad. For more information, contact: International Telephone Services, Inc. 1750 K Street, N.W., Suite 380 Washington, DC 20006 Tel: 202 223 1307 Fax: 202 296 1643 S a n d y Please respond ONLY to: ssandfort@attmail.com _________________________________________________________________ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Sat, 1 May 93 01:51:23 PDT To: Hal <74076.1041@CompuServe.COM> Subject: REALPOLITIK = Choosing Battles Carefully Message-ID: <9305010851.AA14117@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain (Cyphergang, this is going to have to be my last post for a while on this thread. The points have been made. Some agree with me, some call me treasonous. I say what I think. -TCM) Hal Finney writes: .....stuff elided.... >First, I don't see that the interests of RSADSI are fully aligned with >ours regarding Clipper. Despite PKP's success in accumulating patents, >Clipper per se does not appear to infringe, being based on a new symmetric >cryptosystem. So they don't have any direct leverage over the use of >Clipper. That's right, they don't. Clipper/Skipjack/Capstone looks to be well-planned move to reassert government control over crypto, with various government modules replacing existing modules (as with the DSS signature standard, which uses the El Gamal algorithm). Whether RSADSI is upset, I don't know. I suspect so. Bidzos was quoted as saying "Clipper is an arrow aimed at the heart of my company." (source: Eric, who saw it in a newspaper) ... >In fact, Clipper in some ways represents a major market opportunity for PKP. >To the extent that the publicity leads to increased sales of encrypting >phones, PKP may benefit from the success of the Clipper. This could be. I don't think enough is known to answer this. I suspect the "end run" theory mentioned above. If Bidzos thought Clipper was a great thing for his company, he wouldn't be busily lobbying to help kill it, nor would he have shown up at ur emergency meeting to tell us what he knew. >(The follow-on Capstone project does appear to pose a greater threat to >PKP, since it will use DSS (for key exchange???).) Capstone is not really a "follow-on," in the sense that it is due to be announced *this month*, if I recall correctly. It's very far along, I believe. More like a "one-two punch." And, yes, it appears to be a major threat to us all. But we'll have to wait and see, I suppose. > >Furthermore, in any future government prohibition on non-Clipper cryptography, >our greatest nightmare, it is plausible that the government would "take care" >of PKP by making sure that they get a nice piece of the pie. I could easily >imagine a situation in which non-Clipper crypto is banned, Clipper is >widely distributed, and PKP is doing very well financially with a slice >of the profits from every sale. I think I mentioned somewhere that I put Bidzos on the spot with what I called "The 64-bit Question": Are you going to cut a deal and sell us out? Bidzos was very sober when he answered this, and said, roughly: "If you mean will I conspire with the government to deny strong crypto to users, no. But if Clipper and Capstone are destined for deployment and they come to us and offer royalties, what choice will we have? We have a duty to our shareholders." And as he was leaving for the day, he leaned in the door to our meeting and said, as if to reiterate the point, "Tim, I won't sell you out." (Please don't use this recollection of what he said for a dissection of what he really meant, what RSA is really doing, etc. I have already said that Bidzos said he knew nothing about the Clipper program until we all did. And so on.) >Even if Jim Bidzos were personally committed to widespread, strong, public >cryptography, and opposed Clipper for fundamental philosophical reasons >(just like us), he would be faced with a conflict of interest. As several This is not clear. Deploying strong crypto could be more lucrative to RSADSI than having the government deploy its own Capstone "CA" (Cryptographic Algorithm, the new acronym du jour) and paying RSADSI some token amount for some small piece of the package. >people have pointed out here, Bidzos has a fiduciary responsibility to >his shareholders to maximize profits for his twin companies. If it comes >down to a choice between opposing Clipper on principle and accepting it >along with guaranteed profits, he may be forced (in the same sense in which >he is forced to send threats to Stanton McCandlish) to back Clipper. > >So, even if Bidzos is personally a nice guy I think we need to remember >that his company may not be a natural ally of ours. I completely agree and nothing I have ever said suggests we place all our faith in his company or any other institution. What I have said--several times, now--is that a frontal attack on the RSA patents, via highly public postings of PGP and a "Fuck you!" approach to talking with patent owners, is not the best strategy at this time. >I like Tim's .sig and all it represents. But frankly, it is hard for me >to square a commitment to radical change with the proposed alliance with >PKP. Part of the trouble is that I still don't understand exactly what >our relationship with RSADSI is proposed to become. But at a minimum it >sounds like we would avoid supporting activities which would infringe >on their patents. There's no proposed alliance being talked about. See previous paragraph. I don't expect anyone to necessarily agree with my politics. > >That means that when we want to start working on some of those things in >Tim's .sig, we are in many cases going to have to get Jim Bidzos's >permission. Can you imagine asking something like this: > >"Dear Jim: We request permission to use the RSA algorithm for an >implementation of digital cash which we will distribute in an underground >way among BBS's all over the world, with the goal being the support of >"information markets, black markets, [and] smashing of governments" >(to quote Tim's excellent .sig). "Please sign on the dotted line >below. Yours truly, an anonymous Cypherpunk." Of course not! Nobody has suggested this. This is a straw man. Being nonconfrontational in some areas (aka "living to fight another day," aka "choosing your battles carefully") doesn't mean any kind of mutual approval pact has been signed. I want strong crypto first and foremost. Then the other stuff can perhaps follow. If crypto privacy is outlawed now, if the War on Drugs and "What have you got to hide?" approaches win out, then all is lost. >How, exactly, are we supposed to progress towards Crypto Anarchy if we >have to be sure not to step on PKP's toes? Do we just not ask him for >permission (in which case we are in PGP's boat)? Do we ask for permission >without revealing the full scope of the project (in which case it may be >rescinded later)? I am not being facetious here. I honestly don't see >how you can carry out Cypherpunk activities with a corporate sponsor. Asked and answered. Let me phrase the issue in slightly different terms. Which of the following strategies do you folks think will best improve the chances that strong crypto remains legal? 1. CONFRONTATION: We fight RSADSI at every step. We engage them in legal battles, we distribute infringing code whenever possible. We get PGP spread to thousands of users, perhaps tens of thousands of users at bootleg, underground sites. (Remember that businesses cannot use PGP without fear of prosecution, fines, whatever...unless the Cypherpunks win their lawsuit against RSADSI, sometime around 1997 or so, at the rate these cases move through the courts.) 2. REALPOLITIK: We concentrate instead on spreading strong crypto into as many ecological niches as possible: individuals, corporations, e-mail packages, attorney-client transactions, and so on. We emphasize the legal, constitutional right to communicate messages in the language of our choice (that is, we have no obligation to speak in languages eavesdroppers can more easily understand). To head off government moves to act against PGP and similar systems, the parts of PGP that conflict with RSA's patents are modified, thus becoming legal to use (and Phil even has a chance to make some money, which he sure as hell can't do now). I'll take #2 and worry about digital money and anonymous systems later. Strong crypto is logically prior to everything else. All I've argued is that the "in your face" approach has its limits. Most of the PGP users are, I think we'll all agree, hobbyists and hackers who downloaded it, played with it, learned some crypto from it, exchanged keys, etc. Probably not too many critical uses, YET. But the popularity suggests a hunger for strong crypto. The Clipper/Capstone move indicates the government wants to head this off at the pass. The question is whether the bootleg and infringing PGP (and Phil admits to all this in his docs, obviously) has a better chance of succeeding than a fully legal and already spreading RSA solution? (The issue of PGP's feature set versus that of MailSafe's is secondary to the main issues...between RSAREF, RIPEM, OCE, and other RSA-based systems, the features can be found. I expect a compromise along these lines, mixing parts of PGP with parts of RSAREF, is going to happen.) As for Stanton McLandish's removal of PGP from his site, Eric Hughes and others have explained the legal issues in great detail. Of course, anyone who really wishes to take on the RSA patents in a big way is perfectly free to place PGP on his U.S. site, advertise it heavily in sci.crypt so that RSADSI cannot possibly claim to have missed it, tell Bidzos to get lost when the inevitable "cease and desist" warning arrives, and then follow through with the several-year legal battle that will result. Strong crypto is far more important that this petty issue of patents. -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: by arrangement From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: rmashlan@mash.boulder.co.us (Robert Mashlan) Date: Sun, 2 May 93 13:55:38 PDT To: cypherpunks@toad.com Subject: unsubscribe Message-ID: <2be23f5e.mash@mash.boulder.co.us> MIME-Version: 1.0 Content-Type: text/plain Please unsubscribe me -- | Robert Mashlan email = rmashlan@mash.boulder.co.us | From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: George A. Gleason Date: Sat, 1 May 93 03:27:23 PDT To: hughes@soda.berkeley.edu Subject: Re: 800 numbers Message-ID: <199305011026.AA07579@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Outdial services: we most certainly will as soon as we install our first digital exchange (Community Dialtone; email me for more if you're interested). Now we've got a bit of a quandary here, what if someone uses it to make bomb threats or such? So I was thinking, save the CDR data on that and make it available under court order? What's the general consensus of opinion here as to our responsibility in these areas? More on outdial services: if you want to set up your own, I can provide a Teltone M-106 adaptor, for which you'll need a 24-volt key system power supply and some 8-pin phone hardware and two lines. Dial in on one, connect, and out on the other. We have a bunch of these in stock right now; I gave some to some friendly folks for setting up a service, but they haven't yet. So maybe giving them away means the price is too low...? Okay, send me $200 for one, or tell me you're definitely committed to using it once you have it. (gg@well.sf.ca.us) -gg .. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: George A. Gleason Date: Sat, 1 May 93 03:42:24 PDT To: uni@acs.bu.edu Subject: Re: Tactics. Message-ID: <199305011041.AA08089@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Re confrontation vs realpolitik: in political action there is something called "premature escalation of tactics." That means things like having a sit-in before you've even tried having a petition drive. Once you've escalated it's very very hard to go back to a less intense tactic, because it looks like you're vacking down. So good organisers escalate gradually: letter writing, then petitions, then voter initiatives, then maybe mass rallies, then maybe peaceful civil disobedience, and only if those things fail, then more confrontational tactics. We should take a clear lesson from that. Look at some of the ones who succeeded: Martin Luther King, Cesar Chavez, and so on. Start moderate, get more intense only if moderation fails. From which: promulgating underground crypto *as a safety measure*, *just in case* is one thing, but doing it to get in RSA's face is way premature. I'd say start by working with RSA to the extent possible, keeping at it until there is success, and then if the govt tries to slam public key, that's the time to break out the insurrectional approach. But not before. The adrenaline rush of a big bad confrontation is a feel-good drug to a lot of people but we have to be *smarter than that.* -gg From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uni@acs.bu.edu (Shaen Bernhardt) Date: Sat, 1 May 93 01:30:01 PDT To: cypherpunks@toad.com Subject: Patent Bullshit and Crypto Restrictions. Message-ID: <9305010829.AA99367@acs.bu.edu> MIME-Version: 1.0 Content-Type: text/plain Eli, in his infinate wisdom, says: However, I don't see RSA doing a hell of a lot to promote crypto use -- the opposite, in fact. Their software output is hardly impressive for a corporation of a decade's standing. They won't sell me a license -- they'll sell it to Lotus, but I can't see their source code. The government hasn't banned public-key encryption, but it's banned patent-infringing public-key encryption. And for practical purposes, that's the only kind there is. The combined effect of present patent law and RSA's "sue first, write code later" approach has been to stifle the development of cryptography in this country and in the world. Perhaps if encryption algorithms were not encumbered, they would already be in common use, rendering Clipper untenable. If RSA Inc. wishes to sell me a license I shouldn't have to buy, that would be nice. If they wish to show their change of heart in some other way, that would be nice too, as long as it doesn't come with a licensing agreement like RSAREF's. But if they're going to continue to sit on their patents, I'll do without their blessing. Incidentally, I don't think the issue of algorithm patents is as minor as some have portrayed it. It has blocked the use of RSA, after all, giving Clipper a window. Furthermore, there are patents on approximately every other cryptographic technique: PK in general, exponential key exchange, LUC, IDEA, DigiCash, .... Patents may gut cryptology the way they have data compression, to pick one example. This would be a shame. Eli ebrandt@jarthur.claremont.edu I have to agree with much of what Eli says. I have been reluctant to speak out against Tim's words until now because I respected Tim's opinions, and value his judgement. I felt I should "reflect" on the issue a little longer, before coming to any hard and fast conclusions. I thought perhaps time would soften the anger in my heart. I thought wrong. I still respect Tim's approach, but I cannot agree with it. Patents were designed to protect the financial interests of inventors. I respect this. RSA Inc. owns the patent on the engine, fine. They deserve to be rewarded for their work, their interest in developing the method, and their investment. I don't mind paying for the right to use PGP, not in the least. I'd happily compensate both Phil and RSA Inc. and PKP or whoever. IMHO PGP is worth a good $200. I think many share my view, in concept if not in degree. When patents become bullshit is when they serve special interests before they serve economic interests, or the interests of progress. Fine, life isn't fair. If the oil companies own a patent on 200 mile per gallon fuel injectors or whatever, fine. They figure they'll make more dough if they bury the "secret plans" in the darkest corners of their sphincters, fine. That's the law. That's cool. But when those plans get out, and someone starts giving away the injectors for no fee, that's progress. Sure, illegal, but progress none the less. At what point do the interests of the oil companies conflict with the environment as a whole? This is the problem I have with the patents on RSA. No one is even interested in money, like the oil companies were. The goal seems to be to RESTRICT ACCESS TO CRYPTOGRAPHY> DES all over again. Cripple it. Weaken it, can't let the real thing out. That's bullshit. Just as the NSA sought to control NSF and restrict funding, it's backstabbing regulation. Thanks be for Dr. Weingarten, an enlightened enough soul to see through the NSA bullshit and keep cryptography out in the open when they tried to shut it away. I see PKP and RSA Inc. as partners in the whole mess. They sit nice and quiet on their patent, making some vague threats everwhy once in awhile until Clipper comes out, and then they start to threaten people with action. Should I be surprised? After all if RSA gets out in any REAL implementation, Clipper is useless, AT&T (those backstabbing two faced snakes with good PR) gets fucked and Clinton looks like an asshole (ok, more like an asshole) for proposing a plan that would never work because private industry had beat him to it. Sound familiar? Like IBM, lucifer and DES perhaps? Bow down to RSA Inc? Gimme a break. Why should they fight the government, they know their patent will get them some dough. I don't even want to begin with Denning. She's got feet in both worlds. The problem is no one is going to see it until shes buried the knife in the libertarians to the hilt. What sickens me the most is the rhetoric that flys around this dung pile like buzzing flies. Crap like "citizens right to privacy" when used in the same paragraph with "law enforcement requirements" Crap like "stronger than most algorithms now on the market." Crap like "to protect us from drug dealers and terrorists." Crap like "we don't plan to outlaw cryptography" Crap like... well anything AT&T says. It all smells the same to me. The bottom line seems to be if you lay with the whore you have to wake up with the whore. Play RSA Inc., AT&T and Dorthy's game today and... what? The'll pay you back tommorow when you need it? Bullshit. Fine, we may lose the battle because business interests are stronger than an internet mailing list and the american people have an average I.Q. of 80, but at lease >I< will wake up and be able to look in the mirror. Don't sell out cypherpunks, RSA Inc. will stab you in the back as quickly as anyone else. uni (Dark) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uni@acs.bu.edu (Shaen Bernhardt) Date: Sat, 1 May 93 03:23:34 PDT To: cypherpunks@toad.com Subject: Tactics. Message-ID: <9305011023.AA176727@acs.bu.edu> MIME-Version: 1.0 Content-Type: text/plain Let me phrase the issue in slightly different terms. Which of the following strategies do you folks think will best improve the chances that strong crypto remains legal? 1. CONFRONTATION: We fight RSADSI at every step. We engage them in legal battles, we distribute infringing code whenever possible. We get PGP spread to thousands of users, perhaps tens of thousands of users at bootleg, underground sites. (Remember that businesses cannot use PGP without fear of prosecution, fines, whatever...unless the Cypherpunks win their lawsuit against RSADSI, sometime around 1997 or so, at the rate these cases move through the courts.) 2. REALPOLITIK: We concentrate instead on spreading strong crypto into as many ecological niches as possible: individuals, corporations, e-mail packages, attorney-client transactions, and so on. We emphasize the legal, constitutional right to communicate messages in the language of our choice (that is, we have no obligation to speak in languages eavesdroppers can more easily understand). To head off government moves to act against PGP and similar systems, the parts of PGP that conflict with RSA's patents are modified, thus becoming legal to use (and Phil even has a chance to make some money, which he sure as hell can't do now). *** So spoke Tim May. I don't see these issues as mutually exclusive. What may be necessary is to seperate the efforts, to bring the PGP operation farther underground. To remove the connection between PGP distrubtuion and the more "Realpolitik" move to keep crypto legal. I admit that some users like Tim, and the more progfessional of us might find this impossible, but for the academics and others who don't have to don a suit and work everyday, underground crypto might be the only real answer. Consider this, no one ever wins when you fight the government at its own game. If they plan to outlaw crypto (a very real possibility in my view, regardless of more realpolitik efforts) all that we have to rely on is the underground channels. It's time (IMHO) to find ways to disguise PGP output in other types of data, pict or whatever. At the same time, it is possible to pursue more overt and legit methods, my fear is these will produce less in terms of real crypto than will the underground movements. *** All I've argued is that the "in your face" approach has its limits. Most of the PGP users are, I think we'll all agree, hobbyists and hackers who downloaded it, played with it, learned some crypto from it, exchanged keys, etc. Probably not too many critical uses, YET. But the popularity suggests a hunger for strong crypto. *** So spoke Tim May. Yes... yes... LEARNED SOME CRYPTO FROM IT. This is the KEY point here. How many people out there joined cypherpunks and became interested in crypto because of PGP? (I'm raising my hand) Sure I was interested and even tinkered with my own code before I knew cypherpunks existed, but it was PGP that did it. Education is the key. I said before, and I will say again: Most people could give a squirt about crypto. 99% of people is my guess. You all saw how pro Clipper most of the newspaper reports were, how willing they were to change phrases like "more secure than many of the algorithms on the market" to "the most secure algorithm to date." A real politik method is limited because most people could give a care about the issue. The people who seem most passionate about it, in my experience are the ones who have played with PGP. I, for one cant seem to get anyone else to care. I've talked to about 15 people outside the internet about Clipper, and most forgot all about it when the next beer came. No one will learn jack from the bullshit crypto that Clipper represents. It will become a transparent process that anyone could care less about with regard to security. Back to the days of the Black Chamber. The Clipper/Capstone move indicates the government wants to head this off at the pass. The question is whether the bootleg and infringing PGP (and Phil admits to all this in his docs, obviously) has a better chance of succeeding than a fully legal and already spreading RSA solution? ^^^ So spoke Tim May. I don't think either will make much difference. Clipper has caught us before the danger has become apparent to most. You really think an RSA solution that is really secure is going to catch, especially if it conflicts with Clipper, if the government has anything to say about it? I've got to be real honest. I'm beginning to be afraid to open my mouth on this subject anymore. Maybe I'm paranoid, but I look at how hard the government is trying to sell Clipper and processes like it and I am stunned. Nothing works this fast. A company like AT&T is NOT about to jump on the bandwagon quickly unless they KNOW something. To me its plain that the intent is to regulate crypto. Before then I plan (hope) that PGP finds its way into MANY hands. That's the only real weapon I see. Consider it a safety net to catch us if Tim's REALPOLITIK fails. I hope it doesn't, Tim, I hope not but I'm going to hope for the best and prepare for the worst. I intend to use strong crypto when I like. uni (Dark) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uni@acs.bu.edu (Shaen Bernhardt) Date: Sat, 1 May 93 03:53:41 PDT To: uni@acs.bu.edu Subject: Re: Tactics. Message-ID: <9305011053.AA133338@acs.bu.edu> MIME-Version: 1.0 Content-Type: text/plain >From which: promulgating underground crypto *as a safety measure*, *just in case* is one thing, but doing it to get in RSA's face is way premature. I'd say start by working with RSA to the extent possible, keeping at it until there is success, and then if the govt tries to slam public key, that's the time to break out the insurrectional approach. But not before. The adrenaline rush of a big bad confrontation is a feel-good drug to a lot of people but we have to be *smarter than that.* -gg *** So spoke gg@well.sf.ca.us I agree.... After reading my message over, I realized that many might see what I said as a call to arms. It is not. Instead I suggest we all stay OUT of RSA's face. But neither in my opinion shall we find outselves unwitting partners with RSA only to find ourselves sold out. uni (Dark) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: x62727g2@usma8.USMA.EDU (Gatlin Anthony CDT) Date: Sat, 1 May 93 05:41:09 PDT To: cypherpunks@toad.com Subject: Crytography Message-ID: <9305011238.AA27003@usma8.usma.edu> MIME-Version: 1.0 Content-Type: text/plain I thought this list was supposed to have a lot of technical stuff--something on the order of disseminating new ideas on the cutting edge of crypto-technology. Most everything I see these days seems purely political. If there are problems with RSA v. PGP or the Wiretap Chip (and there definitely are!!!) then we should concentrate on designing our own. We can do things like redesign and code the engine in PGP which is normally handled by the RSA proprietary code and we can work to come up with voice encryption alternatives to the Wiretap chip. In other words, let's start using resources other than talk. Talk is cheap but actions are the catalysts of change. I am interested in working with people (perhaps you) on projects involving crypto, computers, and telecommunications. If any of you are serious enough to do more than talk, perhaps we can organize a team to vigorously pursue these projects. Anthony J. Gatlin |-------------------------------------| Cadet Private, Co. G-2 |PGP Public Key available on request. | United States Military Academy |-------------------------------------| From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: x62727g2@usma8.USMA.EDU (Gatlin Anthony CDT) Date: Sat, 1 May 93 05:43:11 PDT To: cypherpunks@toad.com Subject: *** ACT NOW !!! *** Message-ID: <9305011240.AA27038@usma8.usma.edu> MIME-Version: 1.0 Content-Type: text/plain I thought this list was supposed to have a lot of technical stuff--something on the order of disseminating new ideas on the cutting edge of crypto-technology. Most everything I see these days seems purely political. If there are problems with RSA v. PGP or the Wiretap Chip (and there definitely are!!!) then we should concentrate on designing our own. We can do things like redesign and code the engine in PGP which is normally handled by the RSA proprietary code and we can work to come up with voice encryption alternatives to the Wiretap chip. In other words, let's start using resources other than talk. Talk is cheap but actions are the catalysts of change. I am interested in working with people (perhaps you) on projects involving crypto, computers, and telecommunications. If any of you are serious enough to do more than talk, perhaps we can organize a team to vigorously pursue these projects. Anthony J. Gatlin |-------------------------------------| Cadet Private, Co. G-2 |PGP Public Key available on request. | United States Military Academy |-------------------------------------| From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: cplai@csie.nctu.edu.tw Date: Fri, 30 Apr 93 17:55:24 PDT To: cypherpunks@toad.com Subject: unsubsribe Message-ID: <9305010057.AA06347@csie.nctu.edu.tw> MIME-Version: 1.0 Content-Type: text/plain Please, unsubsribe me now. Please, unsubsribe me now. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: markh@wimsey.bc.ca (Mark C. Henderson) Date: Sat, 1 May 93 11:56:15 PDT To: Eli Brandt MIME-Version: 1.0 Content-Type: text/plain > > Consider use of another public key encryption scheme, say LUC encryption. > > Which, of course, is patent-pending. It appears that we can no more > make progress in cryptography in the face of algorithm patents than > we could advance mathematics under the burden of theorem licensing. > We can't afford to wait until 2001. On the other hand, perhaps the patent holder of LUC would be willing to licence LUC for use in a PGP-like tool (or PGP 3.0) on the same basis IDEA is now licenced to PGP users. (i.e. non-commerical use is OK. Even certain commercial use is OK.) This might solve a lot of our problems. Has anybody asked? I can't be the first person to have considered asking. Mark -- Mark Henderson markh@wimsey.bc.ca RIPEM key available by key server/finger/E-mail MD5OfPublicKey: F1F5F0C3984CBEAF3889ADAFA2437433 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mike Godwin Date: Sat, 1 May 93 09:08:57 PDT To: HARUP16@delphi.com Subject: Re: PGP In-Reply-To: <01GXMXWJVE4Y95NBR5@delphi.com> Message-ID: <199305011608.AA04241@eff.org> MIME-Version: 1.0 Content-Type: text/plain > I know there is a great deal of > difference between death and software .... I'd say this depends on the software. --Mike Mike Godwin, | Ariel Rose Godwin mnemonic@eff.org| Born 4-15-93 at 4:34 pm in Cambridge (617) 576-4510 | 7 pounds, 1.5 ounces, 19.75 inches long EFF, Cambridge | A new citizen of the Electronic Frontier From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sat, 1 May 93 12:54:38 PDT To: cypherpunks@toad.com Subject: clipper and public key Message-ID: <9305011951.AA27289@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Tim mentions that the Clipper chip requires public key in order to be useful. This is not quite right. The clipper chip is only a symmetric-keyed block cipher with a peculiar (and condemnable) key setup feature. the chip _per se_ does not involved public key. The problem is that you have to get the same key on both end of the link without transmitting it. There is a "public key" way of doing this: Diffie-Hellman key exchange. That would require licensing from RSADSI. This is not, however, the only way to do this. If you have a symmetric cipher and a secret system key not known to the participants, i.e. embedded in hardware, then you can also transmit a session key simply by encrypting it. Of course if you know the system key then you can read the traffic, LEEF's aside. Such a system master key could fairly easily be discovered, unless it's burned into the chip by the manufacturer and the secret ends there. (Yeah, right) Hence in order for a reasonably (?) secure implementation of a telephone which uses the clipper chip, D-H seems to be necessary. In fact, the AT&T 3600 phone does use D-H for key exchange. Some have asked how come AT&T doesn't get sued by RSADSI. Easy: they're a licensee. In summary: Does clipper require public key? In itself, no. In implementation, likely. Eruc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Sat, 1 May 93 10:02:47 PDT To: CYPHERPUNKS Subject: PGP on soda.berkely.edu Message-ID: <930501165557_74076.1041_FHD12-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- I want to thank Tim for taking the time to help clarify what he had in mind in proposing that we reconsider our support for PGP in the face of PKP's assertion of patent rights: > I completely agree and nothing I have ever said suggests we place all our > faith in his company or any other institution. What I have said--several > times, now--is that a frontal attack on the RSA patents, via highly public > postings of PGP and a "Fuck you!" approach to talking with patent owners, > is not the best strategy at this time. Speaking in generalizations can only go so far. It's more useful to consider specific actions which might be in keeping with this philosophical approach. I don't have many problems with our being civil to RSADSI. We don't need to spit in Bidzos' face whenever we meet him, refuse to shake his hand, whatever. Tact is OK. And the proposal to make a U.S.-legal version of PGP can't hurt anything, either. Moves in this direction have been going on for some time. Several months ago a patch was inserted to make certain data structures be compatible with RSA's PKCS standards, and therefore with RSAREF. This would allow RSAREF to be used if permission were gained to call it at an entry point not on the allowed list. However, this version of PGP would still be incompatible with pre-2.2 versions. To make a fully compatible version of PGP you not only have to call RSAREF at an undocumented entry point, you also have to modify the code slightly. All this has been going on for a few months. Eric Hughes deserves a lot of credit for encouraging progress in this direction, but I think Phil fundamentally agrees as well. One advantage of a U.S.-legal version of PGP is that its very existence would mean that no one HAD to use it. Sending out a PGP signed message would no longer be incriminating, even if you used the older (and presumably faster) version of PGP. There would be no way to tell from external observation which PGP users were using the legal one and which were using the illegal one. They would be functionally equivalent, but the legal one would be slower. (I find this rather amusing, actually, as it just goes to show the illogic of PKP's position.) What are some other issues that might arise in a move away from PGP, and an adoption of a less confrontational attitude towards RSADSI? One is the existance of PGP on the Cypherpunks server. Presumably this could be replaced by the legal version once that becomes available, but in the mean time it might have to disappear. I would oppose removing it unless a legal replacement were ready. Another suggestion that I have heard rumored is that Bidzos might be invited to join the list. I would strongly oppose this. I am also not comfortable with having him be a participant at Cypherpunks meetings but since I don't attend them I don't really have the right to complain. Tim has suggested, if I understand him, that we in some sense work to improve MailSafe and other RSA products. I don't really like the idea of doing unpaid consulting work for a commercial outfit. If I am going to work for free, on my own time, I'd like to see the software made freely available. So any work with RSA should be on freeware products, in my opinion. Improve RSAREF, not MailSafe. Another issue is whether people would be discouraged from discussing infringing projects on the Cypherpunks list or at the meetings. Suppose somebody wants to talk about a socket-based DC net protocol which uses Diffie-Hellman key exchange to initialize a shared PRNG for random bit generation. Oops, DH is a PKP patent. Again, I feel that this kind of project is entirely appropriate for the list and the group. Does this fall into Tim's confrontational category: "distributing infringing code whenever possible"? I'm not sure. (I have to confess, given the 15 hour delay in my message posting the other day (while a short message I dashed off 12 hours later appeared in a few minutes), that I thought perhaps a filter had been installed to prevent PGP-signed messages from appearing. Of course, my message did eventually appear, the delay being just a technical glitch. I assume that no one would support banning PGP-signed messages from appearing on the list.) A really sticky issue is our public attitude towards Bidzos cracking down on unauthorized crypto. What if some lone wolf out there does decide to go to the mat on PGP or some other infringing software? Whose side do we take? (Refusing to take a position is a de facto support of PKP, IMO.) I guess we'd have to hope that this never happens. Gee, it sure seems strange to HOPE that no one ever stands up to PKP. I have to say on this point that I can't accept the idea of Cypherpunks moving into a Sternlight position of support for PKP's crackdowns. I'd be interested in hearing other specific suggestions for changes which might result from Tim's suggestion. This might help focus the discussion better. === To the extent that Tim is proposing that we encourage efforts to make a U.S. legal version of PGP, and even replace the current version of PGP on the Cypherpunks FTP site with the legal version when that becomes available, I have no problem with it. To the extent that he suggests that we be polite and courteous in our public talk about RSADSI, I can accept that as well. But to the extent that anyone is proposing to go beyond this into some of the other areas I listed above (and I have no idea exactly what anyone has in mind specifically), I think the many problems I and others have listed in earlier messages provide strong arguments against such measures. Hal 74076.1041@compuserve.com -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK+KBE6gTA69YIUw3AQE77QQAnbYSx8cqvvraaJGeUXDKJT0mQVv/HbAj r5IehVCB5/fMeZiaY9ERdBOwllgvJiTRzN3tsHJAkd8QTz9Puv5UgVXLbjPWdQvS 5XPYFkH+A4Kaos+Rlwo1ufLQ1S3eFyV35L6e9CptgYqni/QQoZFhU7Wjqlv5QQmH KcE2xEMLMas= =JL8R -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: William Oldacre <76114.2307@CompuServe.COM> Date: Sat, 1 May 93 11:07:22 PDT To: Subject: A legal way to use RSA! Message-ID: <930501180040_76114.2307_BHA70-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain To: cypherpunks@toad.com A Legal Way To Use RSA ---------------------- There is a LEGAL way to establish the free use of PGP and the RSA algorithm by anyone who wishes to preserve their constitutional right to privacy. No licensing or fees are involved. The RSA algorithm is not copyrighted software, it's a patented technique (presumably in the form of a mathematical algorithm). Under patent law, it is legal to manufacture anything that someone has patented for your own use. If the item is an improved can opener, for example, then you can make one for yourself directly from the patent office drawings if you like. You cannot offer them for sale. So anyone is free to create a computer program which utilizes the RSA algorithm so long as it's just for them. All mathematical equations, no matter how large and complex, consist of smaller terms or sub calculations. In the instant case of the RSA algorithm, these smaller terms consist of prime numbers, Euler's quotient function, and operations like calculating the greatest common divisor and modular arithmetic. It's all about as patentable as long division. No one could be prevented from using such ordinary mathematics. PGP performs other tasks besides RSA related calculations. It supports IDEA and XXENCODE which are in the public domain. So it's only necessary to rewrite the RSA section to avoid conflict with the patent. This could be accomplished by arranging the section into a few mathematical modules or "building blocks." These could then be rearranged by the user into several different configurations for encryption ------ with only one supporting the actual RSA algorithm. After all, large prime numbers can legitimately be used as keys for almost any encryption technique and the arithmetic operations may be called as subroutines for a variety purposes. By stacking the un patentable "building blocks" into the particular sequence which implements the RSA algorithm, the users would, in essence, be employing their own tools (the computer and it's software) to create a copy of the RSA algorithm for their individual use. Programming skills would not be required since the inexpert user could simply employ a setup program and select from a menu of different encryption modes. Alternatively, a DEBUG script could be circulated separately to appropriately reshuffle the object code. Legal action to prevent such a program from being distributed could be very difficult. What reasonable argument could be set forth against someone using the mathematical functions? Arguing that someone -might- use the program to create RSA would make no more sense than arguing that a drill press -might- be used to make a patented can opener. Besides, if it's legal for someone to make their own can opener, how can it be illegal to sell them the tools and materials to do it with? Providing instructions on how to do it can hardly be attacked because the U.S. Patent Office, itself, publishes the plans (technically, they appear to violate the law whenever they send copies outside U.S. borders). By now, you get the point. There's a well anchored legal loophole in the patent law big enough to sail a ship through. It may render patents of formulae used in computer software worthless (as they ought to be). I sympathize with Public Key Partners. The venture must have looked awfully good on paper, but their position is fundamentally untenable. Sooner or later the subject of their exclusive rights over RSA will reach the courtroom. There is legal precedent for allowing private corporations to market products developed with public funds. However, a case might very well be made that MIT erred in granting an exclusive license. It would be to the greater public good (the underlying principal) to release RSA into the public domain so a range of competing businesses could provide it to the public. Because the right to privacy is involved, rather than valves for a rocket engine, a federal court could take licensing entirely out of Massachusetts' and MIT's hands if any federal funds could be traced to RSA's development. Once in court, it will make the newspapers. A private company profiteering from something the taxpayers paid for ----- denying privacy to the average American with heavy handed tactics. The simple fact is, I don't like it and I have a feeling most people won't like the sound of it. The press, a major user of electronic mail and a jealous guardian of sources, is not likely to take a sympathetic stance. There is a large organized body of opposed computer users poised to launch letter writing campaigns and many congressional "waste slayers" are apt to show real interest in the matter. Foundations which fund lawsuits on freedom issues abound. As courtroom and legislative arguments are raised against the license or patent, what foolish company is going to risk paying the license fee? The RSA license quivers on a bowl of Jello. I know financial misadventure when I see it. I'm glad none of my money is invested in Public Key Partners. Bon Voyage! From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: phr@america.Telebit.COM (Paul Rubin) Date: Sat, 1 May 93 14:06:45 PDT To: cypherpunks@toad.com Subject: clipper poll Message-ID: <9305012106.AA01079@america.TELEBIT.COM> MIME-Version: 1.0 Content-Type: text/plain Date: Sat, 1 May 93 08:28:04 PDT From: wuthel!brand@drums.reasoning.com (Russell Brand) To: brand@drums.reasoning.com Subject: CLIPPER POLL please propigate this to like minded people I am one of the many concerned computer scientists opposing the `Clipper Chip Initiative' that would waste the better part of eight billion dollars, interfere with individual privacy, promote harassment of individuals, threaten US competiveness and in fact simplify many types of criminal activity. It is important to take this opportunity to show the level of public opposition to this extension of domestic spying and abuse of government funds. Given the congressional vote to allow even more telephone taps WITHOUT warrents earlier this month, this is even a more pressing issue than it would otherwise be. Of course you should show your opposition in other ways as well, but this is a FREE and EZ first step. If you aren't sufficiently familiar with the issues, please feel free to send me email on the topic /Russell Communications Week magazine has a weekly telephone response poll. This week's question is: Do you agree with the Clinton administration's Public Encryption Management directive for communications equipment? Yes: 800-242-CWKY No: 800-242-CWKN Excerpted from `Boston Globe' of April 11, 1993, page 16. New England Votes in Congress Roll Call Report Syndicate WASHINGTON - This is how New England members of Congress were recorded on major roll-call votes last week. ... TO EXPAND FBI PHONE ACCESS: By a vote of 367-6, the House sent the Senate a bill expanding the FBI's power to obtain, without court warrants, telephone records and conversations in investigations of international terrorism and espionage. The bill grants the FBI access in such investigations to information on unlisted numbers that phone companies cannot now divulge. It also enables FBI counterintelligence agents to obtain a broader range of telephone conversations involving suspected terrorists and spies. A yes vote was to pass the bill. .. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wuthel!noisy@drums.reasoning.com Date: Sat, 1 May 93 16:11:37 PDT To: cypherpunks@toad.com Subject: Patent fallacies Message-ID: <9305012121.AA07256@wuthel.uucp> MIME-Version: 1.0 Content-Type: text/plain There seems to be some misunderstanding of how patent protection works. Page numbers in square brackets are references to _Patent_It_Yourself_ by David Pressman (Nolo Press) 2nd edition. Page numbers in angle brackets are to ``Intellectual Property'' by Miller & Davis (West) 2nd edition. CONTRIBUTOR INFRINGEMENT ``If your claims don't read on the infringnid device, but the infringing device is a specially made compenent tha't nly useful in a machine covered by your patent, the ingringer may be liable under the doctrine of `Contributroy infringment' '' [page 15-9] ``If a person actively encourages another to make, user or sell the inventino without permission, the psers so inducing is liable for INDIRECT infringment. CONTRIBUTORY infringment can be commmitted by know selling or supplying a non-stape item for which the only or predominant use is in connecitno with a patented invention.'' <130> ``Contributory infringement can occur only in connection with a SALE . . . Thus, a contributory infringer can be liable for infringment even though what he has sold is completey i the public domain and has no patent protection itself.'' <131> HOME INFRINGEMENT ``While 'home infrignement' may be difficult to detect, nevertheless it is a form in infringment which is legally actionable and can subject the infringer to paying damages and/or an injunction prohibiting futher infringement '' [page 15-12] ''A patenet ahs the EXCLUSIVE right to MAKE, USE or SELL the invention. 35 SUCA Par 154 <128> .... The owner of a patent ... has the right to exclude all others from using ... it. SELECTIVE ENFORCEMENT IS OK ``. . . a patent owner is not prejudiced by the fact that antoher infringer has prodcuded the item without notice of the paten even though a later second infrigner could legitimately claim that he copies an unmarked product.'' <129> /w From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Sat, 1 May 93 12:07:17 PDT To: "Ian S. Nelson" Subject: Re: Tough Choices: PGP vs. RSA Data Security In-Reply-To: <199304300123.AA27903@bvsd.Co.EDU> Message-ID: <9305011908.AA26541@pad-thai.aktis.com> MIME-Version: 1.0 Content-Type: text/plain >> If they are so willing to let us do this, then will they tell us why >> we have to use their code? If they are willing to do it, it shouldn't >> matter what code we use. Wrong. The RSAREF code is *licensed* to you for non-commercial use. They are explicitly not giving it away, or making it "freely available". By allowing you to use it under their license, they are not leaving themselves open to claims of non-enforcement of their patent. If they let you write your own code, then, strictly speaking, you would need a license to use it. Negotiating such a license is expensive and time-consuming. You don't want to do it. If RSA is willing to let you use their code, do so. It's probably the best compromise you're going to get unless you have a lot of money and lawyers to spare. I have the source code, and I can read it. If there are any back doors, I (or someone with more experience) can find them. That's enough security for me. Marc P.S. I don't like software and algorithm patents, and said so to Jim Bidzos's virtual face during the conference last weekend. But the law still stands, and although IMHO it is flawed, it's not inconsistent, so I'll obey it. If the gov't outlaws strong crypto, then they've just done something illegal w.r.t. the Constitution in my mind, and I will feel free to disobey that law, should it come about. In civil disobedience (which is essentally what people are arguing for), you disobey laws you find so immoral or so evil that you cannot conscionably obey them. I don't like the current patent law in this country, but my disagreements are in the details of the law, not in it's very nature. I don't think any of my fundamental rights are being violated, so I'll complain and disagree, but not disobey. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: 00MYRICHARDS@leo.bsuvc.bsu.edu Date: Sat, 1 May 93 14:20:46 PDT To: cypherpunks@toad.com Subject: hello Message-ID: <736291213.234107.00MYRICHARDS@bsuvc.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain Have I managed to reach you? (If so, please reply.) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Derek Atkins Date: Sat, 1 May 93 14:23:48 PDT To: William Oldacre <76114.2307@CompuServe.COM> Subject: Re: A legal way to use RSA! In-Reply-To: <930501180040_76114.2307_BHA70-1@CompuServe.COM> Message-ID: <9305012123.AA17107@podge> MIME-Version: 1.0 Content-Type: text/plain > Once in court, it will make the newspapers. A private company > profiteering from something the taxpayers paid for Uhh, I hate to inform you, but this was discussed back in the Congress in the 1960's. It was decided, then, that patents COULD be obtained fromm research done using gov't funding. Therefore, this is nothing new. In fact, I doubt a paper would even touch this "scoop"... As to whether or no I agree with this, well, thats a different topic. (I happen to believe that patents on algorithms are stupid, but that's besides the point). In other words, there was nothing illegal in the RSA patent, even if there was gov't funding.... -derek From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Sat, 1 May 93 18:20:03 PDT To: cypherpunks Subject: [Gavin Doughtie: Electronic escrow?] Message-ID: <9305020120.AA27878@toad.com> MIME-Version: 1.0 Content-Type: text/plain ------- Forwarded Message Date: Wed, 28 Apr 1993 17:56:13 -0700 From: Gavin Doughtie Message-Id: <199304290056.AA26690@well.sf.ca.us> To: gnu@toad.com Subject: Electronic escrow? How could two paranoid entities make use of digital cash and encryption to sell a chunk of data (letUs say something really valuable like a list of famous women linked to Elvis Presley in 1992) without 1) revealing their identities to each other or 2) involving a third party to act as an RescrowS agent. The paradox IUm thinking about is one where the purchaser of the information doesnUt want the sellerUs digital cash to be worth anything until the data being sold can be provably decrypted, and the seller doesnUt want the info being sold to be decryptable until the cash turns out to be genuine. You're a well-known cryptography person; I'm a struggling writer. If you're not inclined to respond, perhaps you can direct this message to someone who can. Thanks very much! Gavin. ------- End of Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: 00MYRICHARDS@leo.bsuvc.bsu.edu Date: Sat, 1 May 93 16:49:18 PDT To: cypherpunks@toad.com Subject: my last post Message-ID: <736300145.687107.00MYRICHARDS@bsuvc.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain Sorry if I'm just wasting bandwidth here. I just asked if I'd gotten through because I couldn't find any reference to this list on the system and I figured the people at Mondo 2000 probably just made it up. I guess not. Cool. I got a message telling me how to subscribe, so I guess I'll talk to y'all later. -SMR From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mike Godwin Date: Sat, 1 May 93 15:56:46 PDT To: x62727g2@usma8.USMA.EDU (Gatlin Anthony CDT) Subject: Re: Crytography In-Reply-To: <9305011238.AA27003@usma8.usma.edu> Message-ID: <199305012255.AA13267@eff.org> MIME-Version: 1.0 Content-Type: text/plain Gatlin writes: > In other words, let's start using resources other than talk. Talk is > cheap but actions are the catalysts of change. Talk may also be the catalyst for change. See, e.g., the Federalist Papers and the First Amendment. --Mike From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ghoast@gnu.ai.mit.edu Date: Sat, 1 May 93 16:48:49 PDT To: cypherpunks@toad.com Subject: Re: OUTDIAL SERVICE Message-ID: <9305012348.AA24681@hal.gnu.ai.mit.edu> MIME-Version: 1.0 Content-Type: text/plain I don't know if this is consistant with what everyone here is talking about in regards to "outdialing serivce," but some time ago I heard about a 900 number that a person could call, that would redirect their call so as to avoid being traced, etc. Oddly enough, I think they advertised that all the calls are logged and kept in some vault in another state. I may be confusing something here though. (As if this is the case, they've probably gone out of buisness.) ---- ghoast@gnu.ai.mit.edu ---- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uni@acs.bu.edu (Shaen Bernhardt) Date: Sat, 1 May 93 17:17:41 PDT To: ghoast@gnu.ai.mit.edu Subject: Re: OUTDIAL SERVICE Message-ID: <9305020017.AA68213@acs.bu.edu> MIME-Version: 1.0 Content-Type: text/plain I don't know if this is consistant with what everyone here is talking about in regards to "outdialing serivce," but some time ago I heard about a 900 number that a person could call, that would redirect their call so as to avoid being traced, etc. Oddly enough, I think they advertised that all the calls are logged and kept in some vault in another state. I may be confusing something here though. (As if this is the case, they've probably gone out of buisness.) ---- ghoast@gnu.ai.mit.edu ---- Yeah, I've heard of the system too. They claim they wont let their info out without a court order. I feel that there are a good deal of legal problems with this. It wont take much to get a court order and the ONLY reason worth the 2 bucks or whatever they want to add to what would otherwise be a local call (for caller ID evasion anyhow) would be to avoid legal action of one type or another. I suspect that the calls that go through this system are monitored occasionally too. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Sat, 1 May 93 17:27:10 PDT To: Cypherpunks Subject: Patent fallacies Message-ID: <930502002101_74076.1041_FHD63-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain Another patent misconception, from what I understand, is that an unenforced patent becomes invalid. It is said that PKP is "forced" to go after PGP because if they don't their patent will lose its force. Several days ago Tom Morrow on the Extropians list said that this doctrine applies to trademarks but not to patents. Patents have a fixed 17 year lifetime and failure to enforce against one user does not preclude the patent owner from enforcing against another. The folklore about the loss of intellectual property rights that we are all familiar with (aspirin, zippers, etc.) are all cases of trademark losses. Tom is a law student, not a lawyer; also, I am a few days behind on my Extropians reading so I don't know whether any follow-ups or corrections were posted since his message. But this principle seems to be in accordance with what was posted here about selective enforcement of patents. If this is in fact how patents behave, it is one less justification for PKP's heavy-handed enforcement efforts against PGP. It means that PKP could choose not to enforce against PGP (or any other freeware program) without losing any rights to enforce against others. It would be interesting to hear an authoritative opinion on this from a lawyer. Hal From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jdblair@nextsrv.cas.muohio.edu (John Blair) Date: Sat, 1 May 93 19:15:31 PDT To: cypherpunks@toad.com Subject: questions... Message-ID: <9305020221.AA04215@ nextsrv.cas.muohio.EDU > MIME-Version: 1.0 Content-Type: text/plain Hello, all. I'm new to this mailing list, but I've been following it for about 1/2 a week now, and I think I've found my niche. However, I've got a few questions that I was wondering if someone could help me with. 1) Is there a suggested, general purpose book on cryptography that would introduce me to the basics, and expand into more of the theory? I'm decent at math, but its definately not me strong point. 2) I've downloaded to source code for Mac PGP from soda.berkeley.edu. Is there an executable version available? I haven't learned C yet, and I don't have easy access to a C compiler, although I'm pretty sure I can take care of it if I have to. Also, on another note. I've noticed the discussion about passing out information at Raves. The idea sounds like a good one, but is IMHO a definite long shot. Most of the ravers that I know a definate math-phobes, and paradoxically practically technophobes. If not technophobes, they would rather not deal with it except for their weekly rush. Still, I like the idea of passing stuff out there. For at least every 50 people who go "huh?" there will be someone who goes "yeah!" and explains it to his friends. I would pass out info here in the Cincinatti area when I go, and at other times I could give the leaflets to a friend who is more of a raver, and just tell him to scatter them about. Someone will read it, and catch on, and that will be worth it. Now, this may sound like a stupid q, but does gzip decompress the ZIP format that you say the info you have is in? In my experience, ZIP has been a DOS compressor, and I am more of a Mac/Unix person. Again, if necessary, I can take care of it. later, john blair. jdblair@nextsrv.cas.muohio.edu data is fluid. will do multimedia for food- contact me. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com Date: Sat, 1 May 93 21:29:15 PDT To: cypherpunks@toad.com Subject: TALK, ACTION, CHANGE Re: Cryptography Message-ID: <9305020429.AA22762@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text Anthony Gatlin writes: > > In other words, let's start using resources other than talk. > > Talk is cheap but actions are the catalysts of change. Mike Godwin replies: > Talk may also be the catalyst for change. See, e.g., the Federalist > Papers and the First Amendment. Both of you are, of course, right :-) One of the valuable things about cypherpunks is that there *has* been a fair amount of action, though every once in a while we need to step back and ask "What are we DOING here?". As one of the manifestoes around says, "Cypherpunks write code." PGP has had a remarkable success in getting strong crypto out to thousands of people, increasing the interest in the technical community and reaching out to other communities, and giving us something that, if push comes to shove, we can use to communicate with no chance of government eavesdropping. That's good. When it first came out, I got a copy for just that reason, because strong crypto may later be banned. I've also got RIPEM, which is legally kosher, though it doesn't have the key distribution / certification infrastructure that's been built with PGP. (Yet!) PGP has been a really useful research tool for that. However, for many of us, using PGP for non-research applications, like sending messages to our friends, IS in violation of RSA's patents. Ripping off your allies is a bad policy; better to turn competitors into friends. I don't happen to like algorithm patents, and I especially dislike the overbroad claims made by the collection of patents held by PKP, but R,S,&A, and Diffie and Hellman, HAVE given us some really powerful techniques that we wouldn't have had if they hadn't developed or published. They've been relatively flexible about free licenses, the RSAREF code lets us do real work within a reasonably broad framework, and while they've written some heavy cease-and-desist threats to some of us, they *haven't actually sued any of us, and as far as I can tell they're basically on our side of the people-vs-government-control game. We need to work together with them, though obviously we need to keep trying to convince them to let us do more, either for free or for money; I hope they'll turn around. PGP has certainly been a catalyst for getting them to address our part of the market.... Whenever possible, at least for the next 5-7 years until the patents expire, I'm planning to put up with the limits of their licenses for production code, though research is a different story. Besides, there's a certain amount of hack value in programming with one hand tied behind your back :-) ; we can do just about everything we need using the RSAREF interface, though some applications would be simpler and cleaner without its limitations. One especially nice thing about RSAREF is the ability to use our work internationally. Sure, they're covering their behinds by forbidding export of the RSAREF code, but they haven't told use we can't export code written to use their interfaces, or forbidden us to use RSAREF to communicate across the political borders. Using illegal code like PGP to do so creates too much opportunity for the SS/NSA/etc to bust us, even if RSA hasn't pressed charges. Bill Stewart # Bill Stewart wcs@anchor.ho.att.com +1-908-949-0705 Fax-4876 # AT&T Bell Labs, Room 4M-312, Crawfords Corner Rd, Holmdel, NJ 07733-3030 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Sat, 1 May 93 22:27:08 PDT To: CYPHERPUNKS Subject: Apology and clarification Message-ID: <930502052048_74076.1041_FHD38-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain I want to clear up any misconceptions raised by my message about possible changes in Cypherpunks policies and practices. The various possibilities that I raised, such as forbidding discussion of patent-infringing projects at Cypherpunks meetings, or endorsing future PKP crackdowns on infringers, were completely my own conceptions. They were not meant to represent actual suggestions raised by Tim, Eric, or anyone else. Rather, they were my own extrapolations and extensions of what I viewed as positions being advocated on the list. But I see now that I went too far in drawing these extensions, especially given that the actual statements being made here bore little resemblance to the suggestions I made. The "straw man" positions which resulted were so extreme as to discredit anyone who would favor them. I hope no one will assume from my message that any list member advocates those views. I may have responded with excessive emotion to recent proposals here, coming as they do on the heels of the threat raised by Clipper. I do feel a sense of commitment to the PGP effort despite my current relatively inactive state there. My reaction was perhaps overly defensive. I'll try to keep a clearer head in the future and react only to actual threats rather than imagined ones. Hal From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Sy Verpunc Date: Sun, 2 May 93 19:49:46 PDT To: cypherpunks@toad.com Subject: Re: Voice Privacy Message-ID: <9305020210.AA02195@pizzabox.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain From: Jason Asbahr I don't remember hearing this exact use of privacy-enhanced voice communication discussed on the list before, but I might not have been paying attention. :-) I started asking about this recently and discovered that a lot of people are interested in it and some of them are even doing something about it. The most promising group is an Internet Engineering Task Force working on a project called 'nevot' (network voice terminal) - I'll include the readme after this post. It's only drawback is that it doesn't handle completely-software low baud rates that'll work over the internet *on top of* v32bis modems running slip or ppp. I'm working with some folks to hack up a really low bandwidth scheme and when our experiments are successful (if...) we'll feed them back to these folks so that everyone can use it. If anyone here is working on low bandwidth digital voice, there's a mailing list on netphone{-request}@moink.nmsu.edu - its a low-volume list and really only for reporting what people are working on; chatty discussions would probably be better on comp.speech or sci.crypt. Remember that before we get crypto voice, we need non-crypto voice, so there's no real reason to discuss the basics in a crypto group. What do you think about encrypting voice communication in a non-real-time sense? Say I record a message (8-bit CODEC) on my NeXT or on a friend's PC Soundblaster and then encrypt/scramble the file in such a way that the resultant file is still audible. I can then leave that message on the recipient's answering machine or voice mail box for him to later record and decrypt on his computer. This method would make private voice communication more accessable, as it doesn't require real-time levels of performance. This is baically what the multi-media extentions to email are about - check up on MIME if you don't know about it. Email mechanisms are fine - the concept of a 'software answering machine' is seductive, but we don't need anything special when you can say 'mail -voice fred' and pick up a mike and talk into it... Graham. --------------- See also gaia.cs.umass.edu:~ftp/pub/nevot/* NEVOT - A network voice terminal (BETA RELEASE 1.3 03/25/93) (c) Henning Schulzrinne ============================================================= NOTE: The .nevotinit files from versions prior to 1.3 are incompatible with the current command language and should be deleted. DESCRIPTION: The network voice terminal (NEVOT) allows audio-capable workstations to participate in audio conferences across local and wide area networks. Features: - real-time protocols: - NVP (network voice protocol), as used by 'vat' (LBL) and VT (isi) - 'vat' native packet format and session protocol - RTP draft - versions for: - Sun SPARCstation (SunOS 4.1.x and Solaris 5.x) - SGI Indigo (4D Series) and - Personal DECstations [as soon as we can get the DEC audio library to work] - GUIs: - XView - Tk [in progress] - curses - dumb terminal - fully controllable by Tcl-based command language - can serve as gateway for protocol and encoding translation - network transport protocols: - TCP - unicast/multicast UDP - ST-II [currently inoperative] - several independent concurrent conferences, each with different encoding and compression - DES-based voice encryption (U.S. only) - audio encodings: - 64 kb/s (mu-law PCM) - 32 kb/s G.721 ADPCM (Sun only) - 32 kb/s Intel DVI - 24 kb/s G.723 APDCM (Sun only) - 13 kb/s GSM - 4.8 kb/s LPC codec - each site can use different audio encodings - playback and recording of AIFC and .snd audio files - extensive statistics and tracing facilities - arbitrary voice packet length, which may differ for each site - lost packet and silence substitution - setable audio buffer occupancy - configurable adjustment mechanisms for playout delay, VU meter, silence detector and automatic gain control - redefinable session identifier string with variable substitution DOCUMENTATION: A compressed PostScript file describing Nevot is available for anonymous ftp from gaia.cs.umass.edu, as file ~ftp/pub/nevot.ps.Z. INSTALLATION: The sources are available by anonymous ftp from gaia.cs.umass.edu, as file ~ftp/pub/nevot/nevot.tar.Z (compressed tar file). The platform- specific external libraries are contained in the directory pub/nevot/lib.$ARCH. These typically change rarely. ARCH can be either dec, sgi, or sun4. Precompiled binaries are available as well: nevot/bin.$ARCH/nevot.tar.Z For the precompiled binaries, you also need to retrieve the initialization file ~ftp/pub/nevot/nevotinit and rename it to .nevotinit in the directory from which you plan to start Nevot. Unpack the compressed tar files, then execute the shell script compile You may have to adjust parameters within the shell script to your local needs, e.g., the compiler name. You also have to install the tcl library (version 6.7 or later), either the binary version as mentioned above, or from sources to be found in sprite.berkeley.edu:tcl. In order to use the UDP multicast and/or ST-II facilities, you have to install the appropriate kernel modifications. Due to export restrictions, the DES encryption code is available only by e-mail from the author. If you do have the DES code, change the value of the symbol DES in the Makefiles to 1. To enable on-line help for the OpenWindows version, the environment variable HELPPATH should be set to include the source directory where the .info files are located (here, assumed to be /usr/local/nevot/xview): setenv HELPPATH ${HELPPATH}:/usr/local/nevot/xview OPERATION WITH SD: ------------------ sd is a session directory written by Van Jacobson, LBL, available for anonymous ftp at ftp.ee.lbl.gov. The nevot/sd directory contains a replacement for the sd start_audio procedure, which you can insert into your ~/.sd.tcl startup file. Make sure that the directory containing the Nevot binary is in your path. Use at your own risk (i.e., don't blame VJ if it doesn't work...). DIFFICULTIES: ------------- If you experience difficulties, check the problems.tex file in the doc directory. BUG REPORTS: This is a beta release. Please send all bug reports and suggestions to the author at hgschulz@cs.umass.edu. New releases will be announced through the rem-conf mailing list (to join the list, send a request to rem-conf-request@es.net). I would appreciate if you could let me know how you are using the software. [A version for the Personal DECstation and DECstations with the DEC audio hardware is currently under development.] COPYRIGHT: All sources and documentation (except those listed in the acknowledgements or otherwise identified) are (c) Henning Schulzrinne 1992, University of Massachusetts and AT&T Bell Laboratories. Do not redistribute this software, or integrate with other software, without preserving the copyright notice. All changes have to be clearly marked. You may modify the code as long as you provide me with a copy. ACKNOWLEDGEMENTS: The DES encryption module was developed by Steve Kent and John Linn of BBN Communications Corporation, Cambridge, MA and provided by Karen Seo of BBN. The audio library incorporating G.721 and G.723 audio compression was provided by Daniel Steinberg of Sun Microsystems. It may at some point be integrated into the regular Sun OS. The Intel/DVI ADPCM codec was slightly modified from sources by Jack Kansen (CWI) and is copyrighted 1992 by Stichting Mathematisch Centrum, Amsterdam, The Netherlands (used by permission). The ST-II API and kernel support was developed by Charlie Lynn at BBN. The ST-II API (\C{st2_api.h}) is copyrighted (c) 1991 by BBN Systems and Technologies, a division of Bolt Beranek and Newman, Inc. and used by permission. The UDP multicast kernel support was written by Steve Deering, Xerox Parc. Charlie Lynn (BBN) was helpful with some of the fine points of the ST-II API. The Tcl interpreter was developed by John Osterhout, University of California at Berkeley. The sources are copyright University of California and used by permission. Advice on porting \nevot\ to the Silicon Graphics platform and numerous bug fixes were provided by Andrew Cherenson (SGI). Michael Halle (MIT) figured out how to get Xview applications to display fonts at the design sizes. The VU meter is based on discussions with Gints Klimanis (SGI). The audio mixing (mix.c) and checksum code (checksum.c) was taken from the ISI voice terminal (VT), copyright June 1991 by the University of Southern California, by permission. The silence detector and the ST-II code are modified versions of the respective parts of VT. The \vat\ session and audio protocol were implemented based on descriptions provided by Van Jacobsen. The I/O flags interpreter (flags.c) is a modified version of software contributed to Berkeley by Chris Torek. Copyright (c) 1990 by the Regents of the University of California; used by permission. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stanton McCandlish Date: Sun, 2 May 93 03:02:18 PDT To: cypherpunks@toad.com Subject: Re: Tactics. In-Reply-To: <9304301204.AA23052@pizzabox.demon.co.uk> Message-ID: <9305021001.AA16104@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain Hooo boy, just got that new _Wired_ (things get to New Mexico rather behind schedule.) What nut came up with that Cypherpunks article?! The TEXT is good, but god those photos. To people like us they are keen. But what happens when 16 yr. old Jamie's mom sees that? What is she to think of all these subversive longhairs with KKK-reminiscent masks, and one of them flashing a nasty-looking dagger? Like I say, to ME it was ok, but viewed with a conservative outsider's eyes, we look positively dangerous. I can't help but think that that article was a PR/memetic misadventure of a HIGH mag- nitude, and could do quite a bit to hurt our cause. What happens when clipper is big enough news to earn a prime time news slot, and they show excerpts of that photo? It is going to scare the living shit out of most people, and they are immediately going to jump on the clipper band wagon. In my never even remotely humble opinion, that article (or photoshoot, anyway) was a Bad Bad Thing. Not that Stanton "Call my BBS for free PGP" McCandlish is known for PR work, but sheesh... -- Testes saxi solidi! ********************** Podex opacus gravedinosus est! Stanton McCandlish, SysOp: Noise in the Void Data Center BBS IndraNet: 369:1/1 FidoNet: 1:301/2 Internet: anton@hydra.unm.edu Snail: 8020 Central SE #405, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sun, 2 May 93 10:44:29 PDT To: cypherpunks@toad.com Subject: more ftp usage stats Message-ID: <9305021616.AA19791@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Edged out by sfraves by less than a megabyte! Eric ----------------------------------------------------------------------------- ---- Percent of ---- Archive Section Files Sent Bytes Sent Files Sent Bytes Sent ------------------------- ---------- ----------- ---------- ---------- pub/sfraves 956 149433794 13.51 28.93 pub/cypherpunks 987 148460361 13.95 28.74 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sun, 2 May 93 10:40:38 PDT To: 74076.1041@CompuServe.COM Subject: patent licensing In-Reply-To: <930502002101_74076.1041_FHD63-1@CompuServe.COM> Message-ID: <9305021631.AA19999@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >It means that PKP could >choose not to enforce against PGP (or any other freeware program) without >losing any rights to enforce against others. This is correct as stated. I don't think that loss of patent is a motivation, though, for the suppression of PGP. I think it is perceived to cut into licensing revenues. PKP is a partnership of MIT, Stanford, RSADSI, and Cylink. Those first two academic institutions are out to make money, plain and simple, from their patent portfolio. They are large corporations and behave like such. The other two companies are smaller and are more accessible, but also have investors and a default requirement to make money for their shareholders. Any lobbying for better licensing practice needs to extend beyond just Jim Bidzos to the owners of all these companies. I presume that Stanford and MIT both have patent licensing offices, and that each also has a representative assigned to a particular patent account. It would be extremely beneficial to know the names of these people. They may be able to speak publicly where PKP is bound by confidentiality agreements; PKP, remember, is in a subordinate position with respect to its owners. List of principals and investors in RSADSI and Cylink would also be useful. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sun, 2 May 93 10:40:12 PDT To: cypherpunks@toad.com Subject: MONEY: escrow etc. In-Reply-To: <9305020120.AA27878@toad.com> Message-ID: <9305021704.AA20631@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain The most salient thing for this response that Gavis says is >I'm a struggling writer. There are lots of interesting technical issues here, but I'll confine my comments to the overall situation. [exchange of money for data] >without 1) revealing their >identities to each other or 2) involving a third party to act as an RescrowS >agent. The first thing to realize about electronic money is that there is always a third party involved. Since information does not obey mass conservation such as, say, gold does, you can't have free floating money electronically. The information has to start somewhere and end in the same place. So to say that there is no escrow agent is already stretching the point, since in certain ways the transaction is already mediated. >The paradox IUm thinking about is one where the purchaser of the >information doesnUt want the sellerUs digital cash to be worth anything >until the data being sold can be provably decrypted, "Provably decrypted" is really a useless concept here. Suppose I am selling information. If I want to rip you off, I can send random bits and claim that it is encrypted text. I can also make up random text and encrypt that. In both cases, the bits I have sent you are meaningless. One uses valid encryption, one doesn't. The separating invariant here is meaning, not encryption. >and the seller doesnUt >want the info being sold to be decryptable until the cash turns out to be >genuine. There are protocols which allow for simultaneous disclosure of information, where two parties want to exchange information simultaneously. This is not really the appropriate protocol, since money is not necessarily valid by form alone. But since you have electronic money in the first place, you have an intermediary. There's no reason for this intermediary not to be an escrow agent. In fact, there's really no risk for escrow agents who requires that all bits be encrypted when passing through their machines; there's no knowledge of content and it's just a commercial transaction like any other. As far as anonymity, that's easily solved by mail or packet forwarding services. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sun, 2 May 93 10:40:04 PDT To: cypherpunks@toad.com Subject: PATENT: A legal way to use RSA! In-Reply-To: <930501180040_76114.2307_BHA70-1@CompuServe.COM> Message-ID: <9305021725.AA21192@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain William Oldacre suggests just letting people roll their own encryption packages. Russell Brand exhibited a few relevant passages of the patent law. Allow me to make the argument clearer. First, patent law covers all use, including personal use. It would be beneficial public policy to allow personal use broadly under statute, but drawing the line between personal use and sole proprietorship is difficult at best. There are many cases where society might wish to distinguish between profit and not-for-profit and personal uses, yet however one looks at this, these can be difficult to distinguish at their margins. When, for example, does a hobby which turns into a money making adventure actually become a business. At the first sale? At the first loss filed on Schedule C? When specifically, might patent licensure invoke? Remember, this has to be a litigable distinction. For many of these reasons, all rights to patents are vested in the patent holder. Second, assume that personal use really was OK. Then some people really could build their own. But you could even then sell kits, because that would be tantamount to the completed object. You could sell all the parts, but you could agglomerate them into a single unit. Big deal, you might say. It is a big deal. Most people, more that 99%, could not assemble a crypto system out of parts. You would make crypto protection available only to the programming elite. This, surely, is not my idea of a worthwhile end goal. Patents are a restriction; they are designed to be a restriction. We can either use them by licensing them or go around them by not using them but rather a substitute. Any other way of dealing with them is not generalizable to the public at large. I am sympathetic to personal and research uses of unlicensed patents, but my goal is the whole world. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Sy Verpunc Date: Mon, 3 May 93 06:45:43 PDT To: sci-crypt@demon.co.uk Subject: Import OK by the look of this... Message-ID: <9305021304.AA06890@pizzabox.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain : which otherwise would have been illegal. FBI special agent was standing by to : make sure no other laws were broken, as could have happened in technology : demonstration. Event was practical demonstration of what Subcommittee Chmn. : Markey (D-Mass.) called "the 'sinister side' to cyberspace." ... : Gage said export laws prohibit selling abroad of particular encryption : computer programs. Yet he showed panel text of computer program pulled off : Internet, from Finland, of prohibited source code for Data Encryption Standard : (DES) used by U.S. govt. In that case, law wasn't broken because program was : imported, not exported. Adding comma to code would route program to Moscow, Gage : said, so he didn't add it because there was no immunity. Also set up in room was : satellite hookup to Moscow using small earth station made by KGB, which was in : contact with Russian satellite. My inference from this is that if they went to the bother of checking to make sure they knew about the laws and explicitly arranged immunity for the scanner demonstration, we can take it as read that *import* of crypto wares is *not* illegal, as some have tried to suggest. Graham PS I'm xposting this to sci.crypt From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jcook@pro-storm.metronet.com (Julian Cook) Date: Sun, 2 May 93 12:24:09 PDT To: 7025aj%gmuvax2.gmu.edu.cypherpunks@toad.com Subject: Re: Is Rush Limbaugh giving Clinton sh*t about wiretap chip? Message-ID: MIME-Version: 1.0 Content-Type: text/plain WEll i work for a mojor airline and I would be happy to get you his homne mailing address if he has a frequent flyer number. ProLine: jcook@pro-storm Internet: jcook@pro-storm.cts.com UUCP: crash!pro-storm!jcook Bitnet: jcook%pro-storm.cts.com@nosc.mil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jdblair@nextsrv.cas.muohio.edu (John Blair) Date: Sun, 2 May 93 12:40:43 PDT To: cypherpunks@toad.com Subject: thanks Message-ID: <9305021946.AA05661@ nextsrv.cas.muohio.EDU > MIME-Version: 1.0 Content-Type: text/plain Thanks for the quick and multiple responses to my questions. I also grabbed the cryptography FAQ off of sci.cryptography, and it has been helpful. -john. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Stop the Big Brother CHip" Date: Sun, 2 May 93 17:42:56 PDT To: cypherpunks@toad.com Subject: ANON: hop.mail replacements random number generation in perl Message-ID: <9305030043.AA25635@netcomsv.netcom.com> MIME-Version: 1.0 Content-Type: text # Key fingerprint = EF 7A 38 99 22 84 E3 3B 90 2A DB 80 DC 65 DA 31 STOP THE WIRETAP CHIP(Clipper Chip)!! -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK+RZyvgXinP2G6VzAQGugQP/VEkMHJdZCaJgw6aqIqUscFzqGX+AxNCR 5etQjwPimk+CEc1NPwB9IrgEZOnXFQannqb3T3ISAJdUZLfYkuqowQoz9fBhIT/4 GGpO1SQtDU2aMe9zR6RjdnGBditblURyUsA4Bgco9692BuqWmuvQ8QJ+MFOGJNHl dNBFw7JPXik= =UR/e -----END PGP SIGNATURE----- # From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Sun, 2 May 93 13:45:55 PDT To: jcook@pro-storm.cts.com (Julian Cook) Subject: Re: Is Rush Limbaugh giving Clinton sh*t about wiretap chip? In-Reply-To: Message-ID: <9305022047.AA16792@pad-thai.aktis.com> MIME-Version: 1.0 Content-Type: text/plain >> WEll i work for a mojor airline and I would be happy to get you his homne >> mailing address if he has a frequent flyer number. Excuse me? Are you completely missing the point here? We're fighting for *PRIVACY*. Misusing your position at whatever airline you work for and broadcasting someone's home address over a mailing list of people he's never heard of is completely antithetical to what we are trying to do. Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Stop the Big Brother CHip" Date: Sun, 2 May 93 18:04:01 PDT To: cypherpunks@toad.com Subject: ANON: Stepping up the pace... Message-ID: <9305030104.AA01342@netcomsv.netcom.com> MIME-Version: 1.0 Content-Type: text Hi All, With all this excitement about clipper, I am questions about a number of points: * are we losing momentum on the anon-server front * we have just 13 remailers deployed... and from what I am given to understand insufficient traffic on all. * did penet II (with PGP inbound encryption similar to PAX) ever materialize?.(how about it Julf??) * what about John Gilmores suggestion for defensible U.S. Anon-sites. * 2 stage usage of anon-servers. * anonymous cash protocols and digital banks? * support of cypherpunks encrypted remailer blocks by aservers. * is anyone besides me working on supporting aliases for MH, the pgpedit script, and pgp 2.2's multiple recipient feature? * is anyone working on converting MajorDomo to support PGP encryption and PGP 2.2 multiple recipient feature and cypherpunk anonymous encrypted return address blocks. (I have already taken a pass at it and it didnt meet my design goals..i.e. runnable from a shell users .forward file, it requires sendmail.cf mods.) * anonymous posting/mail via open NNTP/SMTP servers and header social engineering. Email or reply to the list... cheers kelly -- Parts of this .sig borrowed with permission from T.C.May. Perhaps it will indeed get me busted also. .......................................................................... Kelly Goen | Crypto Anarchy: encryption, digital money, kelly@netcom.com | anonymous networks, digital pseudonyms, zero Intelligence Systems | knowledge, reputations, information markets, Specialists Inc. | black markets, face banks, data havens, dark | tech, covert channels, shared secrets, | alt.whistleblowers, collapse of governments. Technical Monkeywrench | Public Key: PGP 2.2. | .......................................................................... PGP 2.2 Key available from PGP Keyservers on the Internet. pub 1024/1BA573 1992/09/09 kelly Key fingerprint = EF 7A 38 99 22 84 E3 3B 90 2A DB 80 DC 65 DA 31 STOP THE WIRETAP CHIP(Clipper Chip)!! From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Sy Verpunc Date: Mon, 3 May 93 11:29:06 PDT To: cypherpunks@toad.com Subject: Re: RSA patent! Message-ID: <9305021734.AA09136@pizzabox.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain 5) (Misuse) Does RSA telling Phil Zimmermann that they will "never" license PGP to use RSA constitute monopolistic abuse? Could you tell us more about this? 6) (Misuse) The underlying purpose of the patent system was to encourage the creative genius for the benefit of the public. Has the public benefited in this case? Don't patent holders *have* to license patents to all comers? If say a rich sugar-daddy could be found who would put up the same scale of money as Lotus and Microsoft have, to use these patents - on behalf of Phil and PGP users - would they be obliged to license it? (I'm assuming if they did they would have to offer roughly similar conditions, and not charge punitively to force us out the market) If yes - then who do we know that's rich? :-) If no - are they doing anything wrong that we could get them in court over? G From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Valerie Lambert Date: Sun, 2 May 93 18:30:14 PDT To: cypherpunks@toad.com Subject: [comp.society.privacy fwd] Wiretaps without warrants Message-ID: <9305030115.AA24068@valis.biocad.com> MIME-Version: 1.0 Content-Type: text/plain I wasn't sure if I should forward this or not... should I assume that most every cypherpunk with usenet access keeps an eye on comp.society.privacy? I found this article surprising; I wasn't even aware that there was any such bill in Congress. It seems that the FBI is busy chipping away at privacy on many fronts. So, how good is the argument that Clipper keys are held safely in escrow awaiting a warrant, if no warrant is required to gain a legal wiretap? ----- begin forwarded message ----- From: David Brierley Newsgroups: comp.society.privacy Subject: Wiretaps without warrants Path: portal!uunet!computer-privacy-request Date: Wed, 28 Apr 1993 01:54:13 GMT Message-ID: Organization: Division of Academic Computing, Northeastern University, Boston, MA. 02115 USA Sender: comp-privacy@pica.army.mil Approved: comp-privacy@pica.army.mil X-Submissions-To: comp-privacy@pica.army.mil X-Administrivia-To: comp-privacy-request@pica.army.mil X-Computer-Privacy-Digest: Volume 2, Issue 039, Message 1 of 7 Sorry to get this out so late, but better late than never. It is from the Boston Sunday Globe of April 11, 1993, page 16. ------------------------- New England Votes in Congress Roll Call Report Syndicate WASHINGTON - This is how New England members of Congress were recorded on major roll-call votes last week. ... TO EXPAND FBI PHONE ACCESS: By a vote of 367-6, the House sent the Senate a bill expanding the FBI's power to obtain, without court warrants, telephone records and conversations in investigations of international terrorism and espionage. The bill grants the FBI access in such investigations to information on unlisted numbers that phone companies cannot now divulge. It also enables FBI counterintelligence agents to obtain a broader range of telephone conversations involving suspected terrorists and spies. A yes vote was to pass the bill. Connecticut: Voting yes: Kennelly, Gejdenson, Shays, Franks, Johnson. Not voting: DeLauro. Maine: Voting yes: Andrews, Snowe. Massachusetts: Voting yes: Neal, Blute, Frank, Meehan, Torkildsen, Markey, Kennedy, Moakley, Studds. Not voting: Olver. New Hampshire: Voting yes: Swett. Not voting: Zeliff. Rhode Island: Voting yes: Machtley, Reed. Vermont: Not voting: Sanders. ... ----- end forwarded message ----- -- Valerie Lambert * valerie@biocad.com * 415/903-3923 * "The world hates change, yet it is the only thing that has brought progress." --Charles Kettering From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jason Asbahr Date: Sun, 2 May 93 17:15:01 PDT To: cypherpunks@toad.com Subject: Voice Privacy Message-ID: <199305030014.AA22547@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain Greets, all... I don't remember hearing this exact use of privacy-enhanced voice communication discussed on the list before, but I might not have been paying attention. :-) What do you think about encrypting voice communication in a non-real-time sense? Say I record a message (8-bit CODEC) on my NeXT or on a friend's PC Soundblaster and then encrypt/scramble the file in such a way that the resultant file is still audible. I can then leave that message on the recipient's answering machine or voice mail box for him to later record and decrypt on his computer. This method would make private voice communication more accessable, as it doesn't require real-time levels of performance. Perhaps one of the PGP gurus could advise on how this sort of private communications could be accomplished. If PGP is used as the encryption tool, then making the encrypted file audible is not unlike making an encrypted file "readable" by turning it into mailable ASCII. It is probably important to consider that recording an "audio armored" encrypted voice message to an answering machine or voice mail box will introduce various kinds of distortion. Is anyone experienced with error-correction methods for audio transmissions? Jason Asbahr 116 E. Edgebrook #603 asbahr@uh.edu Houston, Texas 77034 next@tree.egr.uh.edu (NeXTmail) (713) 743-6995 voice asbahr@tree.egr.uh.edu (NeXTmail) UH NeXT Campus Consultant From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: simonm@mindvox.phantom.com (Simon Moon) Date: Sun, 2 May 93 16:47:43 PDT To: cypherpunks@toad.com Subject: Digital Cash Message-ID: MIME-Version: 1.0 Content-Type: text/plain Could someone mail or post some (preferably on-line) references to information re digital cash? Thx, I missed the discussion that was posted here. -- Simon (simonm@mindvox.phantom.com) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sun, 2 May 93 20:01:43 PDT To: cypherpunks@toad.com Subject: PATENT: RSADSI filings with the SEC Message-ID: <9305030258.AA22354@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain RSADSI is a closely held California corporation. What filings are they required to make with the SEC for issues, dividends, etc.? Are these filings publicly available? Do they contain names? Perry, I know you're familiar with this; could you comment? Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Al Billings Date: Sun, 2 May 93 20:59:02 PDT To: cypherpunks@toad.com Subject: Interesting mail (fwd) Message-ID: MIME-Version: 1.0 Content-Type: text/plain I received this on the Leri list and thought a little amusement might be appreciated here given the current conversations. ---------- Forwarded message ---------- Date: Sat, 01 May 1993 20:57:34 From: David L Racette To: Leri Subject: Interesting mail Opening Statement to the House Subcommittee on Telecommunications and Finance, Washington DC, April 29, 1993 Hello everyone and thanks for inviting me here. My name is Bruce Sterling and I'm a science fiction writer and sometime science journalist. Since writing my nonfiction book HACKER CRACKDOWN: LAW AND DISORDER ON THE ELECTRONIC FRONTIER, I have returned to writing science fiction. And I've returned to that with some relief, frankly, since the world of science fiction is in most ways rather less strange and less bizarre than the contemporary world of telecommunications policy. I hope therefore that you will forgive me if I testify today as a science fiction writer. It's one of the perks of my profesion to write about the future, or attempt to, and I thought you might like to meet someone from the telecommunications future that you are so busy creating. With your kind indulgence for my novelist's whimsy then, the rest of my brief presentation today will be given by a Mr. Bob Smith, with is an NREN network administrator from the year 2015. I present Mr. Smith. "Thank you, Mr. Sterling. It's a remarkable privilege to talk to the legislators who historically created my working environment. As a laborer in the fields of 21st Century cyberspace I of course would have no job without NREN and my wife and small son and I are all properly grateful for your foresight in establishing the Information Superhighway. "Your actions in this regard have affected American society every bit as strongly as did the telegraph, the railroads, the telephone, the highway system, and television. In fact, it's impossible for me to imagine contemporary life in 2015 without the Global Net; living without the Net would be like trying to live without electricity. "However, it's a truism in technological development that no silver lining comes without its cloud. Today I'd like to mention two or three trifling problems that have come up that were not entirely obvious from the perspective of the early 1990s. "First of all, this 'Research and Education' aspect. Since communications *is* power in an Information Society, giving fantastically advanced communications to the Research and Education communities did in fact empower those communities quite drastically by comparison with interest-groups lacking that advantage. Today, one of the most feared political organizations in the world is the multi-national anarchist libertarian group called the Students for an Utterly Free Society. "Of course, there have always been campus radicals, but thanks to their relative lack of financial clout, and lack of even a steady home address, these young fanatics once found it very difficult to organize politically. Therefore, they were easy for the powers-that-be to ignore, except during occasional spasms of violent campus unrest. "Thanks to NREN, however, spasms of student unrest can now spread like lightning across entire continents. Advanced AI translation programs installed on the Net only made matters worse, since in 2015 the global leaders of the student movements are not only extremely radical, but French. "Attempts by campus authorities to control this unrest have failed miserably. In 2015, NREN sites are always the first buildings occupied during a campus strike. Campus chancellors and faculty are themselves so utterly dependent on NREN that they become quite helpless off-line. "A second major problem has been the growth of unlicenced encryption, which has proved quite unstoppable. Today some seventy-five percent of NREN archives are material that no one in authority can read. Countries that attempted to control and monitor network traffic have lost market share and service revenue as data processing simply moves offshore. "The United States has profited by this phenomenon to a great extent as people worldwide have flocked to the relative liberty of our networks. Unfortunately many of these electronic virtual immigrants are not simply dissidents looking for free expression but in fact are organized criminals. "Take for instance a recent FBI raid on an enormous archive of encrypted Iranian files, illicitly stored in an obscure NREN node in North Dakota. Luckily the FBI was able to decrypt these files thanks to an inside informant. Deciphering these archives revealed the following contraband: "Eighty percent graphic image files of attractive young women without veils on, or, in fact, much clothing of any kind. "Fifteen percent digitally stored pirated copies of Western pop music and Western videos, still illegal to possess in Teheran. "And, five percent text files in the Farsi language describing how to guild, deliver and park truck-bombs in major urban areas. "I can't conclude my brief remarks today without a mention of a particularly odd development having to do with *wireless* computer telecommunications. Since it is now possible to transact business entirely in cyberspace, including financial transactions, many information entrepreneurs in 2015 have simply given up any physical home. Basically, they have become stateless people, 21st Century gypsies. "A recent tragic example of this occurred in the small town of North Zulch, Texas. There some rural law enforcement officers apprehended a scruffy vagabond on a motorcycle in a high-speed chase. Unfortunately he was killed. A search of his backpack revealed a device the size of a cigarette pack. In searching the dead man's effects, the police officers, who were not computer literate, accidentally broke the device. This tiny device was actually a privately owned computer bulletin board system with some 15,000 registered users. "Many of the users were wealthy celebrities, and the apparent outlaw biker was actually an extremely popular and nationally known system operator. These 15,000 users were enraged by what they considered the wanton destruction of their electronic community. They pooled their resources and took a terrible vengeance on the small town of North Zulch, which, by contrast, had only 2,000 residents, none of them wealthy or technologically sophisticated. Through a combination of harassing lawsuits and sharp real-estate deals, the vengeful board users bankrupted the town. Eventually the entire township was bulldozed flat and purchased for parkland by the Nature Conservancy. "Thanks in part to the advances that you yourselves set in motion, violent conflicts between virtual and actual communities have become a permanent feature of the cultural landscape in 2015." Thank you for your patience in entertaining my speculations. I'll be happy to take any questions -- though only in my real-life persona. Thank you very much. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Timothy Newsham Date: Mon, 3 May 93 00:07:51 PDT To: cypherpunks@toad.com Subject: No Subject Message-ID: <9305030707.AA14920@toad.com> MIME-Version: 1.0 Content-Type: text/plain I am using the d3des package. So far I have been using the normal DES routines. I have recently decided to use the tripple-DES routines but the documentation ( == *.c and *.h ) didnt seem too clear on the point. From what I understand so far it seems that Ddes() is used for both double and triple encryption (???) for 64bits in 64bits out. this is the test code I did, it works, I'd just like to know for sure if it is using triple des (3*56 bit keys). thanx. #include "d3des.h" unsigned long enkey[96],dekey[96]; main() { char *a,b[100],*k; strcpy(b,"this is a test"); k="testing123423456789212345678"; des3key(k,0); cp3key(enkey); /* set up long keys , encrypt */ des3key(k,1); cp3key(dekey); /* decrypt */ use3key(enkey); Ddes(b,b); /* encrypt b */ write(1,b,8); use3key(dekey); Ddes(b,b); /* decrypt b */ write(1,b,8); } From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: freedman@helix.com Date: Sun, 2 May 93 21:14:50 PDT To: cypherpunks@toad.com Subject: Please unsubscribe me Message-ID: <9305030413.AA26488@netcomsv.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Please unsubscribe me. Thanks. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ld231782@longs.lance.colostate.edu Date: Sun, 2 May 93 20:11:52 PDT To: cypherpunks@toad.com Subject: government free reign on RSA -- from whence? Message-ID: <9305030311.AA11639@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain This is driving me crazy. I have asked many people that refer to the U.S. government's free reign on the use of patents in general and RSA technology in particular. There are a lot of very respectable and reputable specialists on this list and I hope they can answer my question. What *specifically* gives the government the *right* to use patents developed `with public money' without licensing, or the RSA patent in particular (if the two are not the same)? Court precedents? A specific law? `congressional hearings'? A condition of agreement to receive NSF funds? >what< ? This little tidbit of information has gotten tossed around so frequently and haphazardly (a bit like an Urban Legend) and it really deserves some sharp scrutiny, at least a bit more than I have ever seen, I suspect it might have some interesting implications to consider. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sun, 2 May 93 21:54:38 PDT To: cypherpunks@toad.com Subject: Need some Advice In-Reply-To: <9304290001.AA02691@vax1.cc.uakron.edu> Message-ID: <9305030451.AA00114@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain > I also would like to thank Eric Hughes for replying to my early question >on Q&A a dos database problem. His basic steps solved the problem in less >30 min. By the way the algorithm used very lame. > abs(ascii character - 255) Now that you've figured out how, could you write the method up in more detail? Please include facts like the location of the password inside the database files, the version of Q&A you tested, etc. I'll put it up for ftp when you're done. Share the work so that others can look at it. The password was encrypted on a character-by-character basis? Some people really are foolish, either the ones who wrote the software thinking it was secure, or the ones who pay the ones who wrote the software to recover lost passwords. Any encryption that allows passwords to be recovered should not be called encryption; it should be called snake oil. > I would like a little more info on the debugger method. Got a program? You've got my email address. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sun, 2 May 93 22:08:09 PDT To: cypherpunks@toad.com Subject: PATENT: PKP patent numbers Message-ID: <9305030504.AA01076@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Eric Townsend extracted some of the text from RFC 1421 (PEM) and sent it to me. Thanks! In it are contained the patent numbers for PKP's patents, which I present below. Note: PKP has since acquired rights to the Schnorr patent; it relates to DSA. Eric ----------------------------------------------------------------------------- Cryptographic Apparatus and Method ("Diffie-Hellman")............................... No. 4,200,770 Public Key Cryptographic Apparatus and Method ("Hellman-Merkle").................... No. 4,218,582 Cryptographic Communications System and Method ("RSA")................................... No. 4,405,829 Exponential Cryptographic Apparatus and Method ("Hellman-Pohlig").................... No. 4,424,414 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sun, 2 May 93 22:42:37 PDT To: cypherpunks@toad.com Subject: PATENT: A LEGAL way---maybe! In-Reply-To: <930503040243_76114.2307_BHA51-1@CompuServe.COM> Message-ID: <9305030539.AA03966@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain William Oldacre persists in believing that personal use of a patent is permissible. It's not legal, but if they don't know, they don't sue. The differences between legality, the cost-effectiveness of a lawsuit, and finding out in the first place are significant here. We want the protecting of legality, if we can get it. >CypherPunks has something that Public Key Partners doesn't. An >organization of motivated people who can devote hundreds of person >hours to putting the RSA patent under a microscope. I'm really glad for this observation. One, however, must derate our person-hours some because we aren't lawyers. The basic idea, though, is entirely accurate. >Allowing patents on ordinary mathematics was >mistake that has to be rectified. It has been rectified. RSA is not a mathematical patent. It is the embodiment of some mathematical routines into a machine which is used for a particular purpose and has certain security properties. > (Diffie-Helman-Merkle?) I got that one wrong. It's the Hellman-Merkle patent. I just posted the actual numbers. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: William Oldacre <76114.2307@CompuServe.COM> Date: Sun, 2 May 93 21:08:40 PDT To: BlindCopyReceiver:;@compuserve.com Subject: A LEGAL way---maybe! Message-ID: <930503040243_76114.2307_BHA51-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain To: >Internet:cypherpunks@toad.com;>Internet:huges@soda.berkeley.edu; To: >Internet:prz@sage.cgd.ucar.edu One of the first attornys I ever had used to build steam engines as a hobby. He would purchase a kit of basic castings somewhere and then machine them into beautiful working models. Some of the designs were covered by modern patents. That's where I first heard of the "if for private use" principal. It was reaffirmed, some years later, by an attorney working for one of the large law firms next to the U.S. Patent Office. I'd designed several electronic circuits, one of which (the simplest and clearly unpatentable) had appeared on the front cover of Popular Electronics magazine. I was concerned about another which might be patentable. I came away from our discussion with the impression that there was nothing to stop someone who wanted to build a single copy of a patented design for themselves. (I came away from my first attempt at a patent search with a headache.) Yesterday, I was delighted when this small bit of knowledge seemed to have some practical application, i.e. legally bypassing a frivolous patent and putting a good encryption program in the hands of an exposed public. So today I decided to spend some time at the Univ. of Fla. law library to get the actual statute numbers and case law background. (Sigh) I didn't have much luck. Three hours wasn't nearly enough time to research roughly 80 feet of shelf space filled with patent law. But I couldn't confirm what I said yesterday and I'm hoping that I haven't miscontrued something called the "public use doctrine." Tomorrow I'll try to get a legal opinion on the matter. If what I said yesterday turns out to be wrong, there remains an important point to consider. Finding legal ways to sidestep patents is the name of the game. It may even encourage further innovation. What makes patent law such a lucrative field is not the four inches of shelf space devoted to the actual law itself, but weight of the seventy nine feet eight inches of case law next to it. There was a lot of encouraging background there. Something like fifty percent of all patents in litigation are overturned. And misuse is an excellent way to overturn one. Interference is another. CypherPunks has something that Public Key Partners doesn't. An organization of motivated people who can devote hundreds of person hours to putting the RSA patent under a microscope. To pay someone to do that amount of research would cost a fortune. If you put all of the skills each of us has down on paper it would take a sizable corporation to equal it. And, the high speed communications network is already in place. I think it's time the organization was less a shrill chorus of skeptics and more of a cavalry charge. By now, Phil Zimmermann and some others would find us a welcome sight coming over the hill top. If we break the PGP/RSA problem into managable pieces and divide ourselves into working groups something is bound to turn up. And then there is the press. Magazine articles and news releases will get the public and legislators involved. Don't think this won't work. Remember the guy in Colorado three years ago with a perfectly worthless generator that produced more energy than it used? He got the legislature to force the N.B.S. to examine it over their ongoing objection. The arguments I've heard on this newsgroup are sound. You don't like the chill that has come over public cryptography, I don't like it, and the public won't like it either. Forget how the law is written, patent laws have been in a constant state of flux since their inception. Allowing patents on ordinary mathematics was mistake that has to be rectified. To start with, I need something. Does anyone out there have the actual patent numbers for the RSA and DHM (Diffie-Helman-Merkle?) patents so I can order copies? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@mead.u.washington.edu Date: Sun, 2 May 93 22:11:02 PDT To: cypherpunks@toad.com Subject: No Subject Message-ID: <9305030510.AA25448@mead.u.washington.edu> MIME-Version: 1.0 Content-Type: text/plain Hey guys, I think someone has been listening: --------------------------------------------------- Communications Daily April 30, 1993, Friday Immunity Needed; MARKEY PANEL SEES DARK SIDE OF ELECTRONIC FRONTIER Legislative intent met reality of technology Thurs. one-on-one before House Telecom Subcommittee. It was no contest: Technology won in seconds, on a knockout. Last year, Congress, concerned about cellular phone users' privacy, passed legislation outlawing scanners that pick up cellular channels, and last week FCC issued rules banning those scanners (CD April 23 p2). At hearing on privacy, computer cracking and related topics, it took San Diego Supercenter Center scientist Tsutomu Shimomura about 2 min. to take new cellular phone out of its box, turn it on and set device to test mode -- thus turning it into scanner that enabled those in House hearing room to hear snatches of live cellular conversations. Shimomura needed congressional immunity to conduct demonstration, which otherwise would have been illegal. FBI special agent was standing by to make sure no other laws were broken, as could have happened in technology demonstration. Event was practical demonstration of what Subcommittee Chmn. Markey (D-Mass.) called "the 'sinister side' to cyberspace." John Gage, dir. of science office of Sun Microsystems, who orchestrated that and other demonstrations that turned Rayburn Bldg. hearing room into media lab with HDTV setup, computers and other devices, held up phone and said that, in effect, legislation passed by Congress "has banned all cellular telephones in the United States." Gage said: "It's not safe to talk on a cellular phone." With right screwdriver and little adaptation, scanning capabilities of cellular phones can be made more impressive, he said. He said that cellular phones are little more than "good radios and terrible computers" that are designed to be scanners, because that's how cellular radios keep users in touch with switches. In moving products quickly to market, cellular manufacturers didn't want to spend money or take time to worry about privacy concerns or consider encryption technology, Gage said. Gage's general theme was that move to digital world posed challenges for policy-makers and for industry. He said KPIX San Francisco planned to store newscasts in computer in digital form for sound and pictures, to be made available over high-speed network in Bay area and over Internet, to be played back via computers whenever anyone called it up. What will that development do to concept of TV stations or networks? "There's no way to stop digital technology." Even as he spoke, Gage's equipment was transmitting images and sound from hearing room to Internet. Gage said export laws prohibit selling abroad of particular encryption computer programs. Yet he showed panel text of computer program pulled off Internet, from Finland, of prohibited source code for Data Encryption Standard (DES) used by U.S. govt. In that case, law wasn't broken because program was imported, not exported. Adding comma to code would route program to Moscow, Gage said, so he didn't add it because there was no immunity. Also set up in room was satellite hookup to Moscow using small earth station made by KGB, which was in contact with Russian satellite. Subcommittee members were impressed and dismayed. Rep. Tauzin (D-La.) asked what Congress could do to keep up with technology. Gage said it should stick to general principles and forget about legislating against specific technologies. He said that one solution for Digital Age was encryption, and that federal govt. should take lead, not by endorsing specific technology such as Clipper Chip (CD April 19 p2) that fits into telephones, fax machines, other devices. In reply to question from Rep. Boucher (D-Va.), Gage said federal govt. should support research on encryption. Following Gage's demonstration, Raymond Kammer, acting dir. of National Institute for Standards & Technology (NIST), defended govt. support for Clipper Chip and for DES standard. He said it would take powerful Cray supercomputer more than 200 years to solve DES key, and more than billion years to crack one Clipper Chip encryption key. Under Administration plan, users would have one key to chip and federal govt. would have other. Kammer endorsed plan as balance between law enforcement needs and privacy concerns. In April 28 letter to Markey in response to April 19 letter from chmn., Kammer said Clipper Chip technology has no "trap door" that could allow govt. to crack encyption code and said code would be offered to experts for evaluation. He wasn't asked for comment on Gage's demonstration. Fordham U. law Prof. Joel Reidenberg called for federal board that would set series of "fair information practices," as well as Data Protection Board for specific information standards. N.J. state investigator John Lucich warned of harm that comes from cracking of private business telephone and voice mail services and said sophistication of law enforcement is increasing. Science fiction author Bruce Sterling, who also wrote nonfiction book on govt. crackdown on computer hackers, testified about future issues. Hearing was first in series on privacy, computer and telecommunications issues. Others will examine automatic number identification, selling of marketing information, related topics. -------------------------------------------------------- CommunicationsWeek April 26, 1993 Encryption Policy Spurs Concern SHARON FISHER WASHINGTON Members of the networking and security community have expressed concern that a new government policy on data encryption may restrict the use of the technology. The White House earlier this month called for the implementation of a special encryption chip that offers a "back door" for decryption by federal law enforcement agencies. The chip uses a secret algorithm called "Skipjack" that prevents users from encoding data in such a way that it cannot be read by law enforcement officials. Under the new policy, electronic keys will be stored in two "escrow" locations for release to law enforcement organizations that have been warranted to wiretap and decrypt voice transmissions. The escrow locations have not been named. The encryption chip was initially called the Clipper chip, but the government has received complaints from Intergraph Corp., which holds a registered trademark on a product called Clipper chip, according to John Droge, vice president of program development for Mykotronx Inc., Torrance, Calif., which developed the chip. "We call it the MYK-78," he said. AT&T has already announced a device based on the chip that attaches to a telephone to let users encrypt telephone calls. The AT&T Telephone Security Device will cost around $1,195 and will be available at the end of the second quarter. In addition, Mykotronx is working on a more complex chip, called the Capstone or MYK-80, that adds a key exchange algorithm, digital signature standard and other technologies to the MYK-78, Droge said. Key exchange lets two devices agree on a common encryption key; digital signature is a way to guarantee the identity of the originator of the message. Industry members expressed concern that the federal government's policy review on encryption, privacy protection and law enforcement could result in further changes or restrictions to communications technology. The review is taking place under a classified Presidential directive that does not publicly state its exact scope or procedure. The review, which will be managed and directed by the National Security Council, calls for an interim report by the end of June and a final report in late August or early September, said Lynn McNulty, associate director for computer security for the National Institute of Standards and Technology, Gaithersburg, Md. Many members of the encryption community are concerned that a policy review might result in restrictions on encryption technology already in use. There are currently no restrictions in the United States on the use of encryption technology. "Why (else) would the government go through all this time and trouble and expense to do this?" said Jim Bidzos, president of RSA Data Security Inc., a Redwood City, Calif., company that licenses encryption and key technology to vendors such as Apple Computer Inc., Lotus Development Corp. and Novell Inc. "I'm not sure anybody has a complaint with the FBI wanting to wiretap with a legitimate court order, but when the FBI says it's so important that we need to force a new communications system on the country, I have a problem with that," Bidzos said. "I am afraid, from the FBI's viewpoint, if this is the solution, how can it work unless you eliminate the other kinds of use?" But McNulty said such an expanded policy was not likely. "Those concerns are not well-founded," he said, though he said the issue probably will be addressed in the policy review. "I don't think in our society that people would accept that restriction on their technology and freedoms. It's absolutely the last recommendation that would be made." ----------------------------------------------------- CommunicationsWeek April 26, 1993 Editor's View; WHAT GOOD IS SECURITY IF IT MAKES US INSECURE? The federal government, under the guise of President Clinton's new Public Encryption Management directive, promises to improve the security and privacy of communications systems. The directive is likely, however, to result in the eventual disappearance of private encryption and the erosion of personal freedom. The directive was announced two weeks ago by the White House and the National Institute of Standards and Technology. It requests suppliers of communications equipment to base encryption on the " Clipper Chip, " a microcircuit developed by the National Security Agency. The Clipper Chip will be manufactured by Mykotronx Inc., a military contractor in Torrance, Calif. An 80-bit, split-key escrowed encryption scheme used to lock and unlock data transmissions will be built into each chip. The encryption scheme will also be kept in a "key-escrow" database monitored by two independent government agencies. Unlike effective public encryption techniques, such as RSA Data Security's triple-Data Encryption Standard (DES), which are available for analysis and testing, the Clipper Chip's key algorithm will not be released to the public. Based on explanations provided in official documents, it seems that the government doesn't care about improving secure communications. Reliable encryption already exists. Indeed, in the view of agencies like the NSA, standards such as DES are too good because they are hard to crack. Clinton's directive has only one real agenda-to make it easier for government agencies to snoop on private communications. Keys will be made available to government agencies who request access in the same manner that Federal judges grant telephone taps. The initiative hides behind the excuse of creating means to monitor "terrorists, drug dealers, and other criminals." This isn't the first time that the government has proposed an authoritarian scheme that goes after a few peoples' crimes while stomping on the majority's civil liberties. Public scrutiny helps to pinpoint weaknesses and allow technical refinement. In this case, we're being asked to trust the government, a notion that rubs most rational people the wrong way. Congress passed the Computer Security Act in 1987 to open the development of non-military computer security standards to public scrutiny to limit-not expand-the NSA's role in their development. The directive makes no mention of a particular communication session's key-escrow. Once your keys have been released, all past and future traffic is open to examination. The administration said it would not prohibit private encryption, "nor is the U.S. saying that every American, as a matter of right, is entitled to an unbreakable commercial encryption product." If the program succeeds, it probably will drive private encryption vendors out of the marketplace. Commercial encryption products already provide excellent network security. Contact the White House and let policy-makers know that we appreciate their concern about crime control, but prefer that the government stay out of the security-control business. Send your reactions to DBUERGER on MCI Mail, DBUERGERCUP.PORTAL.COM on the Internet or by fax, 516-562-5055. ---------------------------------------------------- Network World April 26, 1993 NSA has public-key chip to complement Clipper Chip; Uses same controversial key escrow system. By Ellen Messmer, Senior Correspondent WASHINGTON, D.C. The algorithm developed by the National Security Agency (NSA) for use with the government's newly proposed Clipper Chip private-key encryption system will also show up in Capstone, a chip for public-key encryption, Network World has learned. Like Clipper Chip, Capstone will use a key escrow system that will enable the government to eavesdrop on encrypted information. Vendors of Capstone-based encryption products will have to register decryption keys with a federal agency that other agencies can retrieve through legal means. Although Capstone has not been publicly announced, it is at the heart of the encryption system that is to be used in the upcoming Defense Message System (DMS) (see story, p.1). With the public-key Capstone system, one key is made public, while another is kept secret; the message recipient and sender do not have to exchange keys as they do in private-key systems such as the Data Encryption Standard and Clipper Chip. With Capstone, key management is much simpler. Clipper Chip, for example, enables users to encrypt electronic documents before sending them to the intended recipient, but the recipient must have received the sender's secret key beforehand in order to decrypt the document. In addition, Capstone will provide the electronic digital signature for "signing" documents electronically, something private-key systems cannot do. Mykotronx, Inc., the Torrance, Calif., firm that designed Clipper Chip, is also supplying the Capstone chipset. John Droge, vice president of marketing at Mykotronx, an authorized NSA Communications Security vendor, said the firm has already shipped 10,000 Capstone and 20,000 Clipper Chip chipsets. The NSA intends to equip military users of the DMS with cryptocards -- dubbed Tessera cards -- containing the Capstone chips so users can enter and activate the public-key encryption and signing features. The Tessera cards are based on the new industry standard PCMCIA, named after the Personal Computer Memory Card International Association, which created the standard. Mykotronx is currently the sole Tessera card supplier. Last week, the NSA acknowledged that the private-key algorithm to be used with Capstone in the DMS is the same as that used in Clipper Chip. "The [DMS] Type 2 algorithm is the same as the Clipper Chip announced by the Clinton administration," said John Nagengast, chief of strategic systems at the NSA, speaking last week at the Information Systems Security Association's trade show CardTech/SecureTech in Arlington, Va. "It will enable us to go across the government with a common algorithm." User reaction The key escrow concept behind both Clipper Chip and Capstone have left many users and vendors worried. Sandra Lambert, vice president of information security at Citibank, N.A., and Samuel Epstein, president of Racal-Guardata, Inc., said the key escrow system raises the issue of security vulnerability, which could result from a break-in at the site where the escrow keys will be stored. The Electronic Frontier Foundation (EFF), a public advocacy group based here, has taken the position that the public should not have to rely on the government as the sole source for encryption chips. Last week, the EFF began pulling together a coalition of vendors and users under the banner of its Digital Privacy and Security Working Group to address the issues raised by Clipper Chip. AT&T, which announced that it would include Clipper Chip in its Secure Telephone Device, will participate in the EFF forum. Government sources last week said AT&T rushed out with its Clipper Chip announcement because the Department of Justice wants to purchase AT&T telephone security devices with Clipper Chip. Last week, AT&T said it based its decision to include the Clipper Chip chipset on faith rather than knowledge. "We've told the government there's a need to establish the credibility of the standard," said Mike Agee, marketing manager for secure products at AT&T. Although publication of the Clipper Chip specification would not compromise the effectiveness of the algorithm, the NSA said it intends to keep the algorithm secret. "The plan is we would share it with academia on a limited basis," Nagengast said. "I don't believe it's ever intended to be published." From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@alumni.cco.caltech.edu Date: Mon, 3 May 93 06:13:16 PDT To: cypherpunks@toad.com Subject: Shimomura's testimony Message-ID: <9305031312.AA24645@alumni.cco.caltech.edu> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- This sounds like the tricks he and Mark Lottor showed off at Hackers last year, according to the first issue of Wired. Of course he was anonymous there; I guess Wired didn't offer him immunity. I'd like to know more about Shimomura's testimony -- was he just showing off, or is he selling us out? Sounds like both. DEADBEAT -----BEGIN PGP SIGNATURE----- Version: 2.2 iQBFAgUBK+UZ6PFZTpBW/B35AQGroQGAprtpUtJi5l9EzQsjmdyhniWtea0kRRg4 KZloWA2ScVtaEQP0/e/q2yGXYCILuKV5 =wmIO -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: kelly@pleiku.netcom.com Date: Mon, 17 May 93 21:30:26 PDT To: cypherpunks@toad.com Subject: No Subject Message-ID: <9305180430.AA29328@toad.com> MIME-Version: 1.0 Content-Type: text/plain >From kelly Mon May 03 06:15:02 0700 1993 remote from pleiku To: netcomsv.netcom.com!biocad.com!valerie cc: toad.com!cypherpunks, kelly Subject: Re: [comp.society.privacy fwd] Wiretaps without warrants In-reply-to: Your message of "Sun, 02 May 1993 18:15:00 PDT." <9305030115.AA24068@valis.biocad.com> Priority: urgent Date: Mon, 03 May 1993 06:15:02 -0700 From: "Stop the Big Brother CHip" Received: from pleiku by pleiku.netcom.com; Mon, 3 May 1993 06:15 PDT Content-Type: text Content-Length: 1107 Well I read it also and I couldnt believe my eyes... we have to get working rather than talking it seems... cheers kelly -- Parts of this .sig borrowed with permission from T.C.May. Perhaps it will indeed get me busted also. .......................................................................... Kelly Goen | Crypto Anarchy: encryption, digital money, kelly@netcom.com | anonymous networks, digital pseudonyms, zero Intelligence Systems | knowledge, reputations, information markets, Specialists Inc. | black markets, face banks, data havens, dark | tech, covert channels, shared secrets, | alt.whistleblowers, collapse of governments. Technical Monkeywrench | Public Key: PGP 2.2. | .......................................................................... PGP 2.2 Key available from PGP Keyservers on the Internet. pub 1024/1BA573 1992/09/09 kelly Key fingerprint = EF 7A 38 99 22 84 E3 3B 90 2A DB 80 DC 65 DA 31 STOP THE WIRETAP CHIP(Clipper Chip)!! From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: kelly@pleiku.netcom.com Date: Mon, 17 May 93 21:30:44 PDT To: cypherpunks@toad.com Subject: No Subject Message-ID: <9305180430.AA29334@toad.com> MIME-Version: 1.0 Content-Type: text/plain >From kelly Mon May 03 06:24:09 0700 1993 remote from pleiku To: toad.com!cypherpunks Subject: Date: Mon, 03 May 1993 06:24:09 -0700 From: "Stop the Big Brother CHip" Received: from pleiku by pleiku.netcom.com; Mon, 3 May 1993 06:24 PDT Content-Type: text Content-Length: 3949 I thought this my be interesting to those designing encrypted phones... cheers kelly ------- Forwarded Message Return-Path: Received: by netcom.netcom.com (5.65/SMI-4.1/Netcom) id AA21283; Sun, 2 May 93 10:25:08 -0700 Date: Sun, 2 May 93 10:25:08 -0700 From: kelly (Kelly Goen) Message-Id: <9305021725.AA21283@netcom.netcom.com> To: junem, kelly, phil Subject: quaderno Speech capabilities Status: R Path: netcom.com!csus.edu!news.ucdavis.edu!agate!howland.reston.ans.net!usc!cs.utexas.edu!uunet!psgrain!ee.und.ac.za!csir.co.za!nuustak!duck From: duck@nuustak.csir.co.za (Paul Ducklin) Newsgroups: comp.sys.palmtops Subject: Re: Quaderno speech hardware Date: 22 Apr 1993 10:01:03 +0200 Organization: CSIR, South AFrica Lines: 54 Message-ID: References: <1993Apr20.213938.26184@Princeton.EDU> NNTP-Posting-Host: nuustak.csir.co.za X-Disclaimer: None of the opions expressed herein are the official X-Disclaimer: opinions of the CSIR or any of its subsidiaries. X-Disclaimer: ** So don't freak out at _us_ about anything ** Thus spake mg@cs.princeton.edu (Michael Golan): [stuff about the Quaderno's sound digitising capability] >Can the mic/speaker be accessed from software to produce 8-12bit digital >sound? If so, and assuming a 9600bps modem is available (is it?), the >machine is an excellent candidate for a truly secure phone The speech DSP hardware is quite fancy -- you can download your own vocoder program, if you have the right DSP code development tools, to implement things like DTMF-recognition. Or you can select one of the built-in vocoders, which provide various levels of compression. The speech program which comes with the Quaderno is just a TSR which hooks to the speech hardware, and which writes digitised sound to a file. No reason why you couldn't write your own speech program which grabs digitsed blocks from the DSP [you can give the BIOS the address of a routine to be called when the DSP is ready to deliver] and stuffs them wheresoever you desire -- such as into the serial port. On the other end, you have a DSP "play" program -- once again, you can give the system the address of a routine to be called whenever the DSP is ready to analogise [?] the next block of bits. I can't remember, though, what bit-rates are available with the built-in vocoders. If people are interested, I'll look it up when I get home this evening [or Don Herrick -- are you there?]. Ah yes -- just remembered that one of the vocoders churns out 13Kbit/sec with *very* acceptable quality [for voice -- music sounds like a heap o' crap when pushed through this particular vocoder]. So this could be stuffed into a regular V.32bis modem and transmitted fast enough to give real-time speech. With its 16MHz V30 CPU, the Quaderno should be more than ready for the task of real-time encryption in software. If my memory serves me, there's also a built-in vocoder which compresses to 2400bits/sec [!] -- the speech program which ships with the Quaderno, however, doesn't offer this as an option, so I've yet to try it. Probably pretty damn bad, though. Another thought -- the Quaderno's DSP will record and play at the same time, and V.32bis is full-duplex. So full-duplex conversations on the above scheme are quite possible. Could be fun -- how to turn a good 3KHz analogue voice line into a fair 13Kbit digital voice line! And, as mentioned recently in alt.security, you can also use the speech digitiser for acquiring data with a high degree of randomness, which you then encrypt with a part of itself to produce data which is "truly" random. Paul /\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\ \ Paul Ducklin duck@nuustak.csir.co.za / / CSIR Computer Virus Lab + Box 395 + Pretoria + 0001 S Africa \ \/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/ ------- End of Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: smb@research.att.com Date: Mon, 3 May 93 04:18:11 PDT To: ld231782@longs.lance.colostate.edu Subject: Re: government free reign on RSA -- from whence? Message-ID: <9305031118.AA20167@toad.com> MIME-Version: 1.0 Content-Type: text/plain This is driving me crazy. I have asked many people that refer to the U.S. government's free reign on the use of patents in general and RSA technology in particular. There are a lot of very respectable and reputable specialists on this list and I hope they can answer my quest ion. What *specifically* gives the government the *right* to use patents developed `with public money' without licensing, or the RSA patent in particular (if the two are not the same)? My understanding -- and I've never seen the original document, so I can be wrong -- is that the statutes providing for grants to professors have such provisions. That is, barring all patents developed under such grants could be seen as stifling private initiative. But permitting the inventor to retain all rights is unfair, since the government funded the work. Hence the compromise: patents are permitted in such cases, but the government gets free use. As for the ``personal use'' question -- I've never heard of such a thing. The law gives gives the patent holder the right to bar others from selling, making, or *using* the protected invention. There is a court ruling permitting use of patented materials for experimental purposes; some people may be extending that. One more word on patents. The claim that 50% of patents are thrown out when challenged may or may not be accurate; however, it is very time-dependent. Such things go in cycles, depending on the makeup of the Supreme Court. During, say, the 1970's, there was a substantial component on the court that opposed the concept of patents, so many more challenges were upheld. I need not point out that the makeup of the court has changed substantially in recent years; during the 1980's, many more patents were upheld. I've seen one or two articles indicating that the pendulum is starting to swing back, but it's harder to say now; most patent cases these days only go as high as the Court of Appeals for the Federal Circuit. --Steve Bellovin From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Mon, 3 May 93 08:48:04 PDT To: cypherpunks@toad.com Subject: Tough Choices: PGP vs. RSA Data Security In-Reply-To: <9304291359.1.6025@cup.portal.com> Message-ID: <9305031544.AA01568@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >re paying a reasonable license fee, I wonder if RSA would cash my check >for (say) $10 if I wrote on the check that it was for a license for >whatever they might claim on PGP. RSA might try to cash such a check, but if their bank is smart they won't accept it. A check is not negotiable if it contains a condition. Negotiable means it can be bought or sold. If the check is not negotiable then it can't properly be processed by the check clearing house, since that would require a negotiation. Only if the check were drawn on RSADSI's bank would such a check be depositable, since then your order to pay is being made to the same entity which is receiving the check. >One wonders what they would do with >several hundred checks. Return them, I would suppose. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Honeyman Date: Mon, 3 May 93 06:01:06 PDT To: 76114.2307@CompuServe.COM Subject: Re: A LEGAL way---maybe! Message-ID: <9305031301.AA22009@toad.com> MIME-Version: 1.0 Content-Type: text/plain perhaps you missed my note last week, where i cited: %T patents and the progress of science: exclusive rights and experimental use %A rebecca s. eisenberg %J university of chicago law review %V 56 %N 3 %D summer 1989 %P 1017-1086 follow the footnotes. here's a quote to entice you: If basic research cannot be insulated from the patent system entirely, it might still be possible to reconcile a system of exclusive patent rights in prior discoveries with the interest of the scientific community in allowing subsequent researchers to enjoy free access to such discoveries by exempting the use of patented inventions in research from infringement liability. While the United States patent statute does not provide for such an exemption, the courts have long recognized, at least in principle, that a purely "experimental use" of a patented invention, with no commercial purpose, should be exempt from infringement liability. over and over, she reiterates that patent courts have consistently recognized the experimental use defense. peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wtap@mindvox.phantom.com (Wire Tap!) Date: Mon, 3 May 93 06:49:59 PDT To: cypherpunks@toad.com Subject: Add to list Message-ID: <3H9y3B1w165w@mindvox.phantom.com> MIME-Version: 1.0 Content-Type: text/plain I was wondering if I might be added to your mailing list, or be sent an application or something similar. Thanx you. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Mon, 3 May 93 10:05:12 PDT To: cypherpunks@toad.com Subject: PATENT: A LEGAL way---maybe! In-Reply-To: <9305031301.AA22009@toad.com> Message-ID: <9305031701.AA05899@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain I first wish to apologize for a bit of impreciseness in a previous posting. I had said that a personal use exemption was not legal. I should have stated that personal use is not a defense against a claim of infringement, and that barring any other defense (e.g. research) such use would not be legal. I hope this clarifies. Peter Honeyman references a law review paper arguing for an experimental exemption to patent rights. This is a good document for us. Perhaps one of the many members of the Information Liberation Front (ILF, which also stands for Information Longs to be Free) which are around the country might arrange for an electronic copy to be made available. I have not read the paper, but I do have some comments on its usefulness. I think that an experimental exemption will not work for wider goals, and I state two reasons below. I also think that the existence of the exemption is a huge rhetorical win for distribution. First, an experimental exemption does not touch commerce. PGP is stalled right now in two areas. The first, distribution, is not the major problem given the number of overseas sites carrying PGP. Lack of commercial availability, however, is. There are business that would like to use PGP, but cannot. Phil has mentioned some specifics to me; some of these are large companies. PEM implementations are available commercially right now; they are not yet in widespread use, but given the positive economic feedback in markets where compatibility is key, PEM could easily and quickly overtake PGP completely. As far as I'm concerned, this issue is moot with respect to PGP. The development plans are already in place to put RSAREF into PGP in order to legitimately license it. But the same argument applies whenever one might want widespread deployment of a system which infringes some patent claim. Digital money falls into this category squarely. Second, even with a research exemption, you have to be doing _bona fide_ research. _Bona fide_ is Latin for "in good faith." If you merely claim you're doing research, that is not sufficient. Bona fide research certainly encompasses some academic research, but not all. I suspect that superconductivity researchers who used PGP to exchange valuable technical information would be be consider to be doing cryptographic research. On the other hand, bona fide research need not be confined to the academy. The operators of remailers currently could well be argued to be doing research, but when deployment becomes widespread the defense of research becomes harder and harder to mount. Both these concerns limit the extent to which a research exemption could be used to promote the spread of cryptography. This seems entirely in keeping with the idea of an exemption for the purpose of extending the state of the art, which is always conducted by very few people. The research exemption does not generalize. The research exemption does have one extremely positive effect, and that is on distribution from University sites. Since the University has a mission to research, distributing a research tool from an anonymous ftp site is clearly within the purview or research. The question of bona fide research remains. I would suggest that Peter Honeyman simply start a research project "to study the distribution mechanisms of public keys in a non-authenticated, highly networked environment." Peter, you could do this just by fiat, by creating a document that says you're doing this. This document could be handed to the administrators at the University of Michigan ftp site, who could then reinstate PGP with some measure of certainty that it was legitimately there. Yours in wiliness, but also in good faith, Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: William Oldacre <76114.2307@CompuServe.COM> Date: Mon, 3 May 93 10:02:41 PDT To: Subject: RSA patent! Message-ID: <930503164336_76114.2307_BHA68-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain To: >Internet:cypherpunks@toad.com Enclosed is the essential text of the "RSA" patent. Now it's time to go to work. 1) (Interference) Is there anything in history wherein someone created a cypher consisting of two parts which could only be broken when they were combined mathematically? Or how about a wax seal created by impressing two images, one after the other-----verifying authenticity? 2) (Interference) Stripped of it's turgid language, does the basic equation fit any other ordinary operation such as factoring some type of equation. Is there some routine mathematical operation in number theory which resembles it? 3) (Invalidity) is there any part of the description language that could be interpreted two different ways? 4) (Misuse) a) Were any federal funds used in this project? Somebody at MIT needs to dig into the public documents there. b) If so, was the government irresponsible in licensing something so useful to the public to a company (in which they are a partner) which makes it's use by the public difficult? Can any evidence be found that this was deliberate? 5) (Misuse) Does RSA telling Phil Zimmermann that they will "never" license PGP to use RSA constitute monopolistic abuse? 6) (Misuse) The underlying purpose of the patent system was to encourage the creative genius for the benefit of the public. Has the public benefited in this case? 7) Keep thinking, and volunteer to take on some aspect of this and research it. Most research is not done by attorneys but, rather, by assitants who simply assemble the case histories for them to work from. By doing this work ourselves, any attorney or company wishing to challenge this patent in court is halfway there. 1475889 2329848 E/ CRYPTOGRAPHIC COMMUNICATIONS SYSTEM AND METHOD -------------------------------------------------------------------- Inventors: Adleman Leonard M (US); Rivest Ronald L (US); Shamir Adi (US) Assigned to: Massachusetts Institute of Technology Code: 52912 Patent Number: 4405829 Application Number: US 860586 Application Date: 12/14/77 Issue Date: 9/20/83 Patent Type: Utility Citations: Cited by 29 later patents Abstract: --------- A cryptographic communications system and method. The system includes a communications channel coupled to at least one terminal having an encoding device and to at least one terminal having a decoding device. A message-to-be-transferred is enciphered to ciphertext at the encoding terminal by first encoding the message as a number M in a predetermined set, and then raising that number to a first predetermined power (associated with the intended receiver) and finally computing the remainder, or residue, C, when the exponentiated number is divided by the original message at the decoding terminal in a similar manner by raising the ciphertext to a second predetermined power (associated with the intended receiver), and then computing the residue, M', when the exponentiated ciphertext is divided by the product of the two predetermined prime numbers associated with the intended receiver. The residue M' corresponds to the original encoded message M. Exemplary Claim: ---------------- A communications system for transferring a message signal Mi comprising k terminals, wherein each terminal is characterized by an encoding key Ei (ei, ni) and decoding key Di (ei, ni), where i 1,2, . . . ,k, and wherein Mi corresponds to a number representative of a message signal to be transmitted from the ith terminal, ni is a composite number of the form ni pi X qi Pi and qi are prime numbers, ei is relatively prime to 1 cm(pi-1,qi-1), di is a multiplicative inverse of ei(mod(1 cm((pi-1),(qi-1)))) wherein a first terminal includes means for encoding a digital message word signal MA for transmission from said first terminal (i A) to a second terminal (i B), said first terminal including: means for transforming said message word signal MA to one or more message block word signals MA', each block word signal MA being a number representative of a portion of said message word signal MA in the range 0 < OR = MA < OR = nB-1, means for transforming each of said message block word signals MA'' to a ciphertext word signal CA, CA corresponding to a number representative of an encoded form of said message block word signal MA'', whereby: CA identical MA''eB(mod nB). From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Mon, 3 May 93 10:03:26 PDT To: cypherpunks@toad.com Subject: Re: PGP In-Reply-To: <01GXMXWJVE4Y95NBR5@delphi.com> Message-ID: <9305031702.AA19444@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain HARUP16@delphi.com says: > I think what Matt was trying to get at is that privacy should be free > The day that I feel the need to have to pay $100 to ensure that my business > is nobody's business but my own is the day I leave this country for a nice > outlet free desert island. Nothing is free. Food isn't free. Clothing isn't free. Places to live aren't free. Computers to run crypto sofware are not free. There is no reason on earth that privacy should be free. This is not to say that privacy needs to be expensive. However, it is to say that we do not yet live in a communist society. People DO deserve to get rewarded for their work if they wish to be. Phil Zimmerman and others have very kindly donated their work to the public -- but we should not forget that they were in no way obligated to be as nice as they were. .pm From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mike Godwin Date: Mon, 3 May 93 10:14:21 PDT To: cypherpunks@toad.com Subject: comments solicited (fwd) Message-ID: <199305031714.AA16127@eff.org> MIME-Version: 1.0 Content-Type: text/plain Forwarded message: From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wuthel!brand@drums.reasoning.com (Russell Brand) Date: Sun, 2 May 93 08:13:41 PDT To: brand@drums.reasoning.com Subject: comments solicited Message-ID: <9305021513.AA08322@wuthel.uucp> MIME-Version: 1.0 Content-Type: text/plain Why the Clipper Clip is Bad (v1) by Russell Brand wuthel!bj-4@reasoning.com Copyright (C) 1993 All Rights Reserved Permission is given to freely redistribute this document without modification. The analysis presented has not been endorsed by any third party. It incorporates only UNCLASSIFIED information made by 31 April 1993. On or about 15 April 1993, The US Government has announced a encryption chip set called `Clipper' whose primary stated application is to encrypt VOICE telephone communication in such a way that law officers with a lawful warrant would be able to tap and decode the communication while no other unauthorized person would be able to do so. Law enforcement officials would present their warrant to two `escrow' agencies in order to get a halfs of a special key that they would use with a special device to decrypt the message. The algorithm is to remain classified. The number of objections to this, technical, legal and moral are numerous. First, a secret design is violation of the open design principle and hides from public view future hazards. Further there may be trap doors in the system that allow decryption WITHOUT the warrant or escrow key. Second, all of the agencies that have any experience with managing secrets like the Key Escrow process have declined to become involved or have been disqualified. Considering the value of the escrow data to corporate spies, one must fear corruption including blackmail of a commercial nature. Third, the cryptographic protocol as described is weak in a number of ways such that the escrow keys are seemingly unneeded for decryption by the federal government. This combined with a recent house of representative votes to allow the FBI to among other things conduct phone taps without a warrant when international terrorism is suspected as well as long well documented history of BLANK warrants being signed and issued is rather scary. Fourth, it seems to be a mis-use of government funds to subsidize the development of this chip to the advantage of certain companies over others without so much a public comment period. In addition to the development costs, there are many other large costs including the key escrow agencies themselves. Fifth, it will damage US competitiveness for companies to need to build both the insecure CLIPPER chip for government regulated markets and real protection circuitry for people that care. Sixth, the clipper proposal will not help against organized crime; they are bright enough to buy real encryption devices and certain details of CLIPPER will make it easier for them to accomplish this. Of course wire tapping itself has been shown *NOT* to be cost effective in detecting/preventing/prosecuting crimes. There is no way in the system to mark a `privileged conversation' (for example doctor-patient, lawyer-client' and hence these can and will be captured. Please write to your elected officials, media, etc. to oppose this. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: edgar@spectrx.Saigon.COM (Edgar W. Swank) Date: Mon, 3 May 93 14:35:33 PDT To: Cypherpunks Subject: PGP: Re: Tough Choices: PGP vs. RSA Data Security Message-ID: MIME-Version: 1.0 Content-Type: text/plain The conflict between RSA and PGP -may- be about to be solved. You all may recall my "announcement" of an effort to create a USA-Legal version of PGP by incorporating RSAREF code. Among several offers to help, I received the following messages: ======================================================================== To: spectrx!edgar (Edgar W. Swank) Subject: Re: PGP: USA-Legal PGP Project In-Reply-To: Your message of "Wed, 28 Apr 93 01:02:23 PDT." Date: Wed, 28 Apr 93 12:37:30 -0600 From: "L. Detweiler" >I confirmed with Jim Bidzos, President of RSA, who was >present at the meeting, that a USA Legal version of PGP could be >constructed by just replacing certain sections of code with free code >from RSAREF. Since source for both PGP and RSAREF are available, this >sounds like an easy job. Since no-one's actually done it yet, perhaps >it's not, but I will try. I hope I haven't bitten off more than I can >chew. At best, I can compile and test only the MSDOS version of PGP. I >will certainly need help if USA-Legal MAC, AMIGA, UNIX, etc. versions >are to be available. I'm sorry Mr. Bidzos didn't tell you, but the PGP development group is already looking very seriously into integrating RSAREF, and one person phr@america.Telebit.COM (Paul Rubin) has already done it. If you would like to join the list send mail to prz@sage.cgd.ucar.EDU (Philip Zimmermann). ========================================================================== Date: Wed, 28 Apr 93 19:32:55 PDT From: szebra!america.Telebit.COM!phr (Paul Rubin) Message-Id: <9304290232.AA10138@america.TELEBIT.COM> To: spectrx!edgar Subject: PGP: USA-Legal PGP Project >I confirmed with Jim Bidzos, President of RSA, who was >present at the meeting, that a USA Legal version of PGP could be >constructed by just replacing certain sections of code with free code >from RSAREF. Not quite true. RSAREF's license requires that the RSAREF routines be called only in certain ways unless special permission is obtained. Calling the RSAREF routines in the generally permitted manner won't work with PGP because PGP's file format is different than what RSAREF expects. PGP needs to call RSAREF in a non-standard way which is easy technically, but needs special permission from Bidzos. Attempts to get such permission have thus far been inconclusive. ====================================================================== I am msging Phil Z. to ask to be placed on "the list". I'm also trying to get more details from Paul Rubin, offering my assistance, and forwarding to him the other offers of assistance I received. It remains to be seen whether RSA's witholding of permission to use non-standard interfaces to RSAREF is reasonable or designed to be obstructive. When we find out, I think we should choose sides (if we -need- to choose sides) accordingly. It looks like the PGPers have made a good faith effort to at least meet RSA halfway. A "PGP-like" "consumer" crypto product which does not exchange keys and messages with PGP will -not- be acceptable. Any such product produced here will almost certainly be export restricted. I am -not- willing to give up my present ability to exchange keys and encrypted data with PGP users outside the USA. (I'm currently exchanging encrypted e-mail with persons in Poland(!!), Germany, and Taiwan). PGP is currently an -international- standard, and, because of ITAR, it's likely to be the -only- international standard for a long time to come. Note that current PGP is legal outside the USA -only- for non-commercial purposes (Phil Zimmerman's "copyleft"). If a USA version is approved by RSA, it will be legal only for non-commercial use inside the USA (RSA's patents & copyrights on RSAREF). If PGP becomes popular (even more so than at present, it's already the leader) worldwide for individual non-commercial use, businesses are going to want a PGP-compatible product they can use for exchanging encrypted data with their (non-business) -customers-. For example, encryption is a good idea if you're ordering merchandise with your credit-card number. Jim Bidzos has told me that Phil Z. or anyone else can get a license from RSA for $20,000 plus minimum $10,000/yr. royalties. If we say we don't want to spend more than 50% of our revenues on licensing, then if Phil can get $60,000 of firm orders for a -commercial- USA version of PGP, he's in (a very profitable) business. $60,000 might be 600 copies at $100 or six site licenses at $10,000. Also, if a -foreign- software producer wants to license a commercial version of PGP useable only overseas, he only needs to deal with Phil (& maybe the other PGP co-authors). But the effect of this would just be to increase the market for a USA commercial version (for businesses who wanted to exchange encrypted data with other businesses, or their own subsidiaries, overseas). I guess anyone who wants to can get onto Phil's list. I'd prefer if you all didn't bombard Paul Rubin with E-mail. I'll post more details of this project here as I get them (unless I'm asked not to). -- edgar@spectrx.saigon.com (Edgar W. Swank) SPECTROX SYSTEMS +1.408.252.1005 Silicon Valley, Ca From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mike Godwin Date: Mon, 3 May 93 10:37:53 PDT To: pleiku!kelly@netcom.com (Stop the Big Brother CHip) Subject: Re: ANON: Stepping up the pace... In-Reply-To: <9305030104.AA01342@netcomsv.netcom.com> Message-ID: <199305031737.AA16659@eff.org> MIME-Version: 1.0 Content-Type: text/plain Kelly Goen writes: > Hi All, > With all this excitement about clipper, I am > questions about a number of points: > > * are we losing momentum on the anon-server front > > * we have just 13 remailers deployed... and from what I > am given to understand insufficient traffic on all. I've been asked to work up a possible EFF policy statement on anonymity. Can anyone on this list tell me how long anonymous remailers have been in use on the Net? Has anyone written a policy document on this subject that you can give me a pointer to? --Mike From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: crunch@netcom.com (John Draper) Date: Mon, 3 May 93 15:32:58 PDT To: cypherpunks@toad.com Subject: Need permission... or info... Message-ID: <9305032233.AA23826@netcom4.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Greetings, On the EFF Conference on the WELL, some people over there who are NOT in the cypherpunks list want to get the question list we generated at the last meeting. John G. posted it but no revisions were done. Is someone going to be adding more stuff to the list, and is it OK for me to cross post thje list into the EFF Conference on the WELL?? Thanx JD From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Honeyman Date: Mon, 3 May 93 12:56:14 PDT To: hkhenson@cup.portal.com Subject: Re: Tough Choices: PGP vs. RSA Data Security Message-ID: <9305031956.AA00650@toad.com> MIME-Version: 1.0 Content-Type: text/plain > re paying a reasonable license fee, I wonder if RSA would cash my check > for (say) $10 if I wrote on the check that it was for a license for > whatever they might claim on PGP. writing conditions on the back of a check don't mean shit. > One wonders what they would do with several hundred checks. discard them, would be my guess. peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Honeyman Date: Mon, 3 May 93 13:05:07 PDT To: svp@gtoal.com Subject: Re: RSA patent! Message-ID: <9305032005.AA00798@toad.com> MIME-Version: 1.0 Content-Type: text/plain > Don't patent holders *have* to license patents to all comers? no. peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Brad Huntting Date: Mon, 3 May 93 17:48:21 PDT To: fnerd@smds.com (FutureNerd Steve Witham) Subject: Re: Shamir papers in postscript In-Reply-To: <9305032323.AA06924@smds.com> Message-ID: <199305040048.AA03299@misc.glarp.com> MIME-Version: 1.0 Content-Type: text/plain > I have the postscript versions of the papers of the two Adi Shamir > talks I summarized last week. Shamir gives permission to distribute > them freely. If anyone's interested, please mail > to me, and depending on how many ask for them, > I'll either mail directly or post to the list. I would be interested. I dont suppose you could you put them up for anon-ftp and send a MIME message with the external-body reference to the list? thanx, brad From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fnerd@smds.com (FutureNerd Steve Witham) Date: Mon, 3 May 93 16:44:15 PDT To: cypherpunks@toad.com Subject: Shamir papers in postscript Message-ID: <9305032323.AA06924@smds.com> MIME-Version: 1.0 Content-Type: text/plain I have the postscript versions of the papers of the two Adi Shamir talks I summarized last week. Shamir gives permission to distribute them freely. If anyone's interested, please mail to me, and depending on how many ask for them, I'll either mail directly or post to the list. -fnerd Titles: ``On The Generation of Multivariate Polynomials Which Are Hard To Factor'' and ``Cryptographic Applications of Birational Permutations'' by Adi Shamir Weizmann Institute FIRST ABSTRACT: In this talk we consider the difficulty of factoring multivariate polynomials F(x,y,z,...) modulo n. We consider in particular the case in which F is the product of two randomly chosen polynomials P and Q with algebraically specified coefficients, and n is the product of two randomly chosen primes p and q. The main result of this talk is that (with one trivial exception), the problem of factoring F is at least as hard as the factorization of n whenever P and Q are chosen from the same sample space, regardless of what may be known about its form. SECOND ABSTRACT: Many public key cryptographic schemes (such as cubic RSA) are based on low degree polynomials whose inverses are high degree polynomials. These functions are very easy to compute, but time consuming to invert even by their legitimate users. To make such schemes more efficient, we consider in this talk the class of birational permutations f over k-tuples of numbers, in which both f and f^-1 are low degree multivariate rational functions. We develop new families of birational permutations, and describe how to use them in new cryptographic schemes which are faster than the known schemes. -- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "John (FuzzFace/Fast-Eddie) McMahon" Date: Mon, 3 May 93 16:33:41 PDT To: cypherpunks@toad.com Subject: FWD: Hearings by Congressman Markey Message-ID: <01GXR0JXRR66000FNB@Eisner.DECUS.Org> MIME-Version: 1.0 Content-Type: text/plain Date: 03 May 1993 09:12:58 -0400 (EDT) From: carl@malamud.com (Carl Malamud) Subject: Hearings by Congressman Markey To: announce@malamud.com Org: Internet Talk Radio Channel: Internet Town Hall Program: Special Program Release: May 2, 1993 (Hearings were on April 29, 1993) Content: Hearings by House Subcommittee on Telecommunications and Finance Chairman Edward Markey held oversight hearings on April 29 on the rights and responsibilities of individuals and organizations in cyberspace. A high tech presentation highlighting issues such as encryption, electronic invasions of privacy, fraud, civil liberties and computer crime, preceded a panel discussion. For the demonstration, a world-class team of four engineers from Sun and the San Diego Supercomputer Center brought in an HDTV, an ATM switch, an ISDN switch, a Russian satellite dish, a XEROX Liveboard, a BARCO projector with special video equipment, four Sparcstation 10s, a few Sparcstation 2s, and miscellaneous other equipment. The purpose of the demonstration was to show that while our current public policy makes distinctions based on industry, those distinctions have no meaning in the underlying technology. A television is a computer and a computer is a television; a computer is a telephone and vice versa. To demonstrate the latter point, Gage and his associates showed how a new AT&T cellular phone could be changed by any 13-year old into a scanner. The demonstration also showed how DES code could be pulled off anonymous FTP systems in Finland, yet US industry was unable to export this technology. The panel consisted of Raymond Kammer, Acting Director of NIST (National Institute of Standards and Technology), who provided testimony on technology standard setting issues including the government-endorsed "Clipper Chip" encryption technology; Mr. Bruce Sterling, noted science fiction writer on cyberspace and also author of the non-fiction book, "The Hacker Crackdown: Law and Disorder on the Electronic Frontier," which discusses computer crime and civil liberties; Mr. John Lucich, State Investigator with the New Jersey Division of Criminal Justice. Mr. Lucich combats computer and electronic fraud crimes by electronically infiltrating the underground computer bulletin boards of the "hacker" and "phone phreak" community; and Mr. Joel Reidenberg, Professor of Law at Fordham University Law School, who has studied how personal privacy is affected by telecommunications and computer technologies and the various privacy protections afforded citizens of different countries. We would like to apologize in advance for the very poor audio quality of this tape. The hearing room was quite antiquated, and was full of ungrounded electricity, lots and lots of electronic equipment, wireless mikes, and PA systems turned up way too loud. We hope the content makes the mind happier than the ears. Support for this program was provided by O'Reilly & Associates and by Sun Microsystems. ITH Program Files: 050293_spec_01_HALL.au (Testimony of John Gage) 050293_spec_02_HALL.au (Testimony of Panel) ITH Readme File: 050293_spec_HALL.readme (This File) For information on Internet Talk Radio, write to info@radio.com. More information on Internet Town Hall will be available shortly. For a current, partial listing of sites, write to sites@radio.com. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Sy Verpunc Date: Tue, 4 May 93 13:21:23 PDT To: nobody@soda.berkeley.edu Subject: Answer to 'vital wiretap chip article question' Message-ID: <9305031948.AA00777@pizzabox.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain #1: Everything about the scheme implies that strong crypto of any nature will eventually require key escrow or be outlawed. G From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Mon, 3 May 93 11:51:16 PDT To: Mike Godwin Subject: Re: ANON: Stepping up the pace... In-Reply-To: <199305031737.AA16659@eff.org> Message-ID: <9305032127.aa29095@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > Can anyone on this list tell me how long anonymous remailers have been in > use on the Net? Wizvax (serving alt.sex.bondage) has been up for *years*, as far as I remember... > Has anyone written a policy document on this subject that > you can give me a pointer to? I was going to write one... But I think work on anon.penet.fi Mk. II (alias penet.anon.com) has priority... And besides, I have to pay my rent... :( Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peter honeyman Date: Mon, 3 May 93 20:35:11 PDT To: Eric Hughes Subject: Re: PATENT: A LEGAL way---maybe! In-Reply-To: <9305031701.AA05899@soda.berkeley.edu> Message-ID: <9305040335.AA07265@toad.com> MIME-Version: 1.0 Content-Type: text/plain well, eric, you're asking if i'm willing to put my money where my mouth is, more or less, and i suppose the answer is "no." that is, i don't really want to work on distribution mechanisms of public keys in a non-authenticated, highly networked environment. avi rubin and i are working on a pk-based remailer. we need to manage public keys, pgp is perfect, we plan to use it. we hope to get to the point where we want to share our software and then will be forced to visit the pk distribution question. peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Tom Keenan Date: Mon, 3 May 93 22:53:29 PDT To: i6t4@jupiter.sun.csd.unb.ca (Nickey MacDonald) Subject: Re: 800 numbers & anonymity In-Reply-To: Message-ID: <9305040550.AA29713@acs5.acs.ucalgary.ca> MIME-Version: 1.0 Content-Type: text/plain > On a note similar to remailers, has anyone ever given consideration to > creating an "outdial" service? If I could dial long distance into the > States, and then be able to dial a 1-800 number that I cannot dial direct > from Canada (which is most) this would extremely useful... In fact there used to be just such a number 206 945-2111 which some kind soul in the state of Washington made available for Canadians who wanted to call US numbers. It gave a dial tone and you dialed the 800 number...no charge. You're right, *someone* should do that again, it was sure handy. (That number is now out of service.) A related question, is there some way to find the identity of an 800 number holder, e.g. like a reverse phone directory? -- Dr. Tom Keenan, I.S.P. Associate Dean, R&D, Faculty of Cont. Ed. University of Calgary 2500 University Dr. NW Calgary, AB T2N 1N4 CANADA (403) 220-4715 (voice) (403) 284-5702 (fax) keenan@acs.ucalgary.ca (email) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stanton McCandlish Date: Tue, 4 May 93 00:51:50 PDT To: cypherpunks@toad.com Subject: Re: PGP In-Reply-To: <9305031702.AA19444@snark.shearson.com> Message-ID: <9305040751.AA21712@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain Perry E. Metzger opines: > HARUP16@delphi.com says: > > I think what Matt was trying to get at is that privacy should be free > > The day that I feel the need to have to pay $100 to ensure that my business > > is nobody's business but my own is the day I leave this country for a nice > > outlet free desert island. > Nothing is free. Food isn't free. Clothing isn't free. Places to live > aren't free. Computers to run crypto sofware are not free. There is no > reason on earth that privacy should be free. Sorry to get on your case yet again, Perry, but I just cannot accept that, and I don't think anyone else here can either. Privacy should be free, just like freedom should be free, and the right to say what you want should be free. This is not to say well made tools for ENSURING these rights should be free. A radio broadcasting station will sure help you exercise your speech rights, but you aren't likely to get one for christmas. Likewise, crypto software should not be expected to be free, unless, as in the case of PGP, the author makes it free of their own accord. You are very right that > we should not forget that they were in no way obligated to be > as nice as they were. While this is true, I would urge people to keep in mind that while we can be expected to pay for tools to help us maintain our rights, no one can charge us a fee for those rights themselves. Privacy is free, it is our birthright. -- Testes saxi solidi! ********************** Podex opacus gravedinosus est! Stanton McCandlish, SysOp: Noise in the Void Data Center BBS IndraNet: 369:1/1 FidoNet: 1:301/2 Internet: anton@hydra.unm.edu Snail: 8020 Central SE #405, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Liam David Gray Date: Tue, 4 May 93 06:54:28 PDT To: cypherpunks@toad.com Subject: PGP, and TANSTAAFL! In-Reply-To: <9305040751.AA21712@hydra.unm.edu> Message-ID: MIME-Version: 1.0 Content-Type: text/plain Stanton McCandlish writes, in response to Perry Metzger, on privacy and free lunches: > >[Perry says privacy isn't and shouldn't be free (Liam's summary).] > Sorry to get on your case yet again, Perry, but I just cannot accept that, > and I don't think anyone else here can either. A-ha! You've just caused me to "un-lurk," Stanton; thanks for the great opening. > Privacy should be free, just > like freedom should be free, and the right to say what you want should be > free. This is not to say well made tools for ENSURING these rights should > be free. Here you seem to be confusing the issue. How can you say that privacy (the right?) should be free, when defending privacy shouldn't be free? Can someone walk up to you and _give_ you privacy? I always assumed you had to be willing to go out and get it yourself, by hook or by crook. Without defense of a right, the right is moot. _With_ defense of a right, the right is moot: In that case, you already have what you want! I suppose I also have a "right to lunch," too, with the caveat that each I must "ensure" my right to lunch by tripping down to MacDonald's and buying it. Why bother with the right? What is free here? The fact that MacDonald's is open for business? But I'm not even guaranteed that! Are rights a useless construction? > A radio broadcasting station will sure help you exercise your > speech rights, but you aren't likely to get one for christmas. Likewise, > crypto software should not be expected to be free, unless, as in the case > of PGP, the author makes it free of their own accord. Well said; I agree completely. > While this is true, I would urge people to keep in mind that while we can > be expected to pay for tools to help us maintain our rights, no one can > charge us a fee for those rights themselves. Privacy is free, it is our > birthright. I hope I'm not getting off list topic here on my first post, but the "privacy is free" meme looks to be potentially damaging for us. Perhaps you mean, Stanton, that privacy as a commodity should not be traded for U.S. dollars, Deutsche Mark, or Mexican Pesos, but for some other currency? Sweat, perhaps? If you pay in sweat, it isn't free--you could have paid someone else to sweat for you. Surely this hasn't boiled down to a question over valid currency for trade in privacy? I think the fundamental question here is whether rights are free. [Whether they "should be" free doesn't mean ANYTHING; what does "should be" mean?] Look around; you'll see a lot of people "fighting for their rights" to do X. I don't think you can tell _them_ that "the right to do X is free." Cheers, TANSTAAFL, and I hope I haven't offended Stanton over a minor point, Liam P.S. If anyone knows what rights are, mail me. I'm extremely interested. Don't perpetuate my possible topical error by sending it to Cypherpunks, unless you think everyone else will be interested. (Maybe Extropians would be...) --- Public key available by arrangement -- The cat is out of the bag. Too much of a dreamer not to be practical -- Go have your own "valiant defeat." Liam David Gray -- Quote me. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Timothy Newsham Date: Tue, 4 May 93 13:13:45 PDT To: cypherpunks@toad.com Subject: tripple des Message-ID: <9305042013.AA25148@toad.com> MIME-Version: 1.0 Content-Type: text/plain Crypto question: why was the following chosen for tripple DES : EN(DE(EN(data,k1),k2),k3); The encryption would involve passing data through IP, then doing 16 rounds forward with k1, (factoring out the IP-1 and IP) then doing 16 rounds backwards with k2 (factoring out the next IP-1 and IP) then doing 16 rounds forward with k3 then going through IP-1 How would this compare with EN(EN(EN(data,k1),k2),k3); which goes through IP, does 16 rounds each with k1, k2 then k3, then IP-1 ? The only difference is that the key scheduler rotates backwards (or another interpretation keys used in reverse order) for the second stage. Does anyone know the rationale behind this? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stanton McCandlish Date: Tue, 4 May 93 09:20:24 PDT To: cypherpunks@toad.com Subject: Re: PGP, and TANSTAAFL! Message-ID: <9305041619.AA08996@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain > A-ha! You've just caused me to "un-lurk," Stanton; thanks for the great > opening. Hmm not sure if that is a good thing or not > > > Privacy should be free, just > > like freedom should be free, and the right to say what you want should be > > free. This is not to say well made tools for ENSURING these rights should > > be free. > > Here you seem to be confusing the issue. How can you say that privacy > (the right?) should be free, when defending privacy shouldn't be free? > Can someone walk up to you and _give_ you privacy? I always assumed you > had to be willing to go out and get it yourself, by hook or by crook. > Without defense of a right, the right is moot. _With_ defense of a > right, the right is moot: In that case, you already have what you want! No, no that is not quite what I am meaning. What I mean by " should be free" is that we should be presumed to have that right, and that it should not be abridged in any way whatsoever, especially not for a fee. As an example, we have a right to bear arms. You should not have to pay a fee for that right. You certainly *should* have to pay for the arms you bear, or make your own. I think YOU are slightly confusing the issue. Rights are not property, but are concepts. I argue that what one should pay for are items of property, as well as services, whether they are tools for excercising a right or not. You don't get things for free. But rights are not really "things" in that sense at all. Imagine if you had to buy an annual Free Speech Registration from the FCC. Without this registra- tion certificate, you may only use words in The Official FCC Dictionary, and may only construct phrases that follow the rules of The Official FCC Style Guide, and may only talk about subjects delimited in The Official FCC Subject Index; any violation of these policies will result in punishment not to exceed $10,000 and/or 10 years in prison. This may seem an absurd example, but one most of us are familiar with if we have read _1984_. And no, no one can walk up and hand you a box full of privacy. Rights are there or not there, conceptually speaking. I don't think that not defending a right makes the right moot, per se, though you may lose it. Thing is you should not have to defend it. Any attempt to extinguish a right is by def- inition a violation of it. Unfortunately, people are only too happy to violate other's rights, so we have to defend them. > I suppose I also have a "right to lunch," too, with the caveat that each > I must "ensure" my right to lunch by tripping down to MacDonald's and > buying it. Why bother with the right? What is free here? The fact > that MacDonald's is open for business? But I'm not even guaranteed that! No, the "right" is in your right to actually leave work, and go get something to eat. If you employer demanded a $15 dock in pay to take lunch, or refused to let you have your break (and in most states I believe there are labor laws that mandate that employees get a certain length-of-time break for every x amount of work) that would be a violation of your right to have lunch. Like- wise if someone put a gun to your head and said "thou shalt eat no lunch". > Are rights a useless construction? *I* don't think so, personally. > > While this is true, I would urge people to keep in mind that while we can > > be expected to pay for tools to help us maintain our rights, no one can > > charge us a fee for those rights themselves. Privacy is free, it is our > > birthright. > > I hope I'm not getting off list topic here on my first post, but the > "privacy is free" meme looks to be potentially damaging for us. How so? > Perhaps > you mean, Stanton, that privacy as a commodity should not be traded for > U.S. dollars, Deutsche Mark, or Mexican Pesos, but for some other > currency? Sweat, perhaps? If you pay in sweat, it isn't free--you > could have paid someone else to sweat for you. Surely this hasn't > boiled down to a question over valid currency for trade in privacy? Nope. I don't think privacy (or any other right) is a commodity. I see the 2 categories as mutually exclusive. When a "right" becomes a commodity, it is no longer a right, but a privilege. > I think the fundamental question here is whether rights are free. > [Whether they "should be" free doesn't mean ANYTHING; what does "should > be" mean?] Look around; you'll see a lot of people "fighting for their > rights" to do X. I don't think you can tell _them_ that "the right to > do X is free." Sure I can. All of us here, or many of us, are fighting for at least one of our rights, namely privacy. I have yet to see someone say that we should BUY our right, or that we are fighting to be allowed to purchase or get a license for that right. Rather we are fighting because some people in the govt with big egos or someother mental problem are trying to destroy that right, to nullify it. FIGHTING for the right may not be free, since again one must purchase tools to do that with, and also "services" (if you can call legal and court fees a service >:). But the right itself has no price tag. > Cheers, TANSTAAFL, and I hope I haven't offended Stanton over a minor point, Nope not at all. Few things offend me, and debate is one of the last things I'd be offended by. > P.S. If anyone knows what rights are, mail me. I'm extremely > interested. Don't perpetuate my possible topical error by sending it to > Cypherpunks, unless you think everyone else will be interested. (Maybe > Extropians would be...) I think they would indeed, and the cypherfolk also. I can think of few groups more concerned with our rights and protecting them. Thanks for the comments, this is a good thing to talk about, to hash out. -- Testes saxi solidi! ********************** Podex opacus gravedinosus est! Stanton McCandlish, SysOp: Noise in the Void Data Center BBS IndraNet: 369:1/1 FidoNet: 1:301/2 Internet: anton@hydra.unm.edu Snail: 8020 Central SE #405, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stanton McCandlish Date: Tue, 4 May 93 09:42:48 PDT To: cypherpunks@toad.com Subject: Re: Privacy being free Message-ID: <9305041642.AA09869@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain > > Sorry to get on your case yet again, Perry, but I just cannot accept that, > > and I don't think anyone else here can either. > > I accept it. > Freedom and privacy are things that take actual effort to maintain. > Either you pay the cost yourself or you expect others to pay it for you, > but the cost is there. Saying it "should" be free doesn't explain a lot. I think this is another map/territory confusion. The RIGHT and the defense, use, tools for, effect of, etc. of the right are not the same thing. It is like the distinction between philosophy and books about phil. The first is free. The second cost money as does instruction in philosophy, etc. Even the effects of philosophy can be costly. But the concept "philosophy" has no price tag. > I think maybe you mean that you shouldn't accept any intrusion, any > specific imposed cost, without fighting back. I agree. In addition to what I already said, I agree with this absolutely 100%. > I have a certain emotional resonance with "rights" talk, but I've found > that people will argue it forever unless (and even if) you get down to > brass tacks, talking about ideas that can guide individual actions by > individual people in individual situations in a practical way. Most astute. I agree with this also. That was one of the reasons I "put my money where my mouth was" and tried to dist. PGP on my BBS. -- Testes saxi solidi! ********************** Podex opacus gravedinosus est! Stanton McCandlish, SysOp: Noise in the Void Data Center BBS IndraNet: 369:1/1 FidoNet: 1:301/2 Internet: anton@hydra.unm.edu Snail: 8020 Central SE #405, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@soda.berkeley.edu Date: Tue, 4 May 93 11:08:30 PDT To: cypherpunks@toad.com Subject: No Subject Message-ID: <9305041805.AA07076@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Hola, I have been offered an opportunity to write on a regular basis for a National Underground Magazine. ZENGER. I am writing to the list to solicit a distilled list of Wiretap Chip Arguments. Ive got the masses of documents and understand the arguments but i am faced with limited space for the article. What does the list think is *vital* to let ZENGER readers know about? Remember this is a "not-necessarily-technical" crowd. (Although they are now realizing the need to include the computer underground Please post responses to the list since I am using a remailer. Ill post the national distribution sites when I receive the complete list. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Timothy Newsham Date: Tue, 4 May 93 14:31:52 PDT To: jthomas@access.digex.net (Joe Thomas) Subject: Re: tripple des In-Reply-To: Message-ID: <9305042131.AA28472@toad.com> MIME-Version: 1.0 Content-Type: text/plain > > > > Crypto question: > > why was the following chosen for tripple DES : > > EN(DE(EN(data,k1),k2),k3); > > In fact, "triple" DES goes three times through the engine, but only uses > two keys: > > EN(DE(EN(data,k1),k2),k1) > hmm... I am using d3des which I had assumed uses 'tripple-DES'. at any rate, I used the Ddes() function, printed its output, then used the des() function 3 times and prined its output. They matched up which suggests that d3des uses the method I posted at the top. > My understanding is that this was chosen for hardware implementations > because it is equivalent to single DES when k1 = k2. This is important, > of course, when some people you want to talk to are still using single DES > and the hardware is hard to reconfigure. interesting. Wouldnt the first scheme do the same? for k1=k2, and k3 = any key ? (or k2=k3 and k1 = any key) > Joe > -- > Joe Thomas Say no to the Wiretap Chip! -- main.c, compares Ddes output and des output --------- #include "d3des.h" unsigned long enkey[96],dekey[96]; unsigned long e1[32],e2[32],e3[32]; unsigned long d1[32],d2[32],d3[32]; main() { char *a,b[100],*k,*k1,*k2,*k3; strcpy(b,"this is a test"); k="testing123423456789212345678"; k1="testing1"; k2="23423456"; k3="78921234"; deskey(k1,0); cpkey(e1); deskey(k2,1); cpkey(d2); deskey(k3,0); cpkey(e3); des3key(k,0); cp3key(enkey); /* set up long keys , encrypt */ des3key(k,1); cp3key(dekey); /* decrypt */ use3key(enkey); Ddes(b,b); /* encrypt b */ write(1,b,16); use3key(dekey); Ddes(b,b); /* decrypt b */ write(1,b,16); usekey(e1); des(b,b); usekey(d2); des(b,b); usekey(e3); des(b,b); write(1,b,16); } From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: The Phantom Date: Tue, 4 May 93 12:34:43 PDT To: cypherpunks@toad.com Subject: REQUEST: Info on email accounts Message-ID: MIME-Version: 1.0 Content-Type: text/plain I've lost the piece on dialup email access that was sent a few weeks ago. I think someone said MCImail (?) had a good monthly rate -- is this right? Can anyone help me out on this one? Matt Thomlinson Say no to the Wiretap Chip! University of Washington, Seattle, Washington. Internet: phantom@u.washington.edu phone: (206) 528-5732 PGP 2.2 key available via email or finger phantom@hardy.u.washington.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Liam David Gray Date: Tue, 4 May 93 12:18:22 PDT To: cypherpunks@toad.com Subject: Re: PGP, and TANSTAAFL! In-Reply-To: <9305041614.AA08798@hydra.unm.edu> Message-ID: MIME-Version: 1.0 Content-Type: text/plain [I already sent this to Stanton McCandlish in private e-mail, but I thought it might be of interest to Cypherpunks in general. In it I correct some stupid statements I made in an earlier post. -Liam] ------------- Begin forwarded message -------------- In <9305041614.AA08798@hydra.unm.edu>, you write: > No, the "right" is in your right to actually leave work, and go get something > to eat. If you employer demanded a $15 dock in pay to take lunch, or refused > to let you have your break (and in most states I believe there are labor laws > that mandate that employees get a certain length-of-time break for every x > amount of work) that would be a violation of your right to have lunch. For the sake of argument , Stanton, I wouldn't say a "right to lunch," even as posed this way, should stand. If it's a statutory right, then -- well, then it is just that. But I regard this is coincidence and would hesitate to call it a "natural right," since I should be free to negotiate an employment contract which pays me less ("docks" me, if you wish) if I take time off for lunch, and more (a "bonus?") if I stay on all day. Note that at present I am _not_ free to do so, so that right is being infringed upon, just as our privacy is frequently infringed upon at present. > Like- > wise if someone put a gun to your head and said "thou shalt eat no lunch". Right! This seems to be the main parallel to privacy here. I do agree on that. I accept your objection to my positioning of rights as commodities. Disregarding the fact that I still believe rights are fairly meaningless (they only work if someone recognizes the same rights as you do, so that's all subjective), I do realize what people mean when they talk about rights, and that to talk of them as commodities therefore probably _is_ confusing the issue. What I meant to emphasize (and failed to mention) was that it is still quite possible and natural to defend one's privacy, whether one believes privacy is a "right" under the law or not. Too often, I've seen people use their violated rights as a justification for pointless, indignant whining. I want to advocate a more aggressive, guerrilla-style defense of privacy; to me, it is enough that I _want_ privacy. While rights are inherent, and, agreed, are _not_ commodities, the preservation and enforcement of all rights _costs_ something, and doesn't always involve opponents who are willing to believe that what you are defending is a right. I think we're fundamentally in agreement. I think I was right to have second thoughts over whether my argument over rights was appropriate for the list--probably it was not. But nonetheless, I'm glad we're discussing it. Happy Cypherpunking! Liam PS: I admired your courage in offering and advertising PGP on your BBS, and thought you handled the threat from Jim Bidzos gracefully. Let's hope PGP can become legal soon. Really, I'd like to see a PGP that is legal for both personal _and commerical_ use, internationally, even if it costs money--perhaps especially if it costs money. The reason I tried to establish rights as commodities, Stanton, is that I've read too many Ayn Rand novels :) and believe that trading something in money is a symbol of its value, and of the value of whoever created it, and should be a big ego boost to creative people and to all involved. I really don't like anything free, even something sold in a large bundle. Ever eat too much at an all-you-can-eat restaurant? I think that, in part, life is too much like an all-you-can-eat restaurant. Paying for something for its own merits causes us to get our priorities straight. I like to see people get filthy rich [why filthy?] _selling_ software; the feeling I get when I buy something is similar to the feeling some people get when they give money to charities, I suppose. Everything worth doing is worth doing at a profit. Ever get warm fuzzies when you send something UPS instead of US Parcel Post? :-) In some cases, the profit may not be monetary. But it's profit nonetheless, and that can only be good. --- Public key available by arrangement -- The cat is out of the bag. Too much of a dreamer not to be practical -- Go have your own "valiant defeat." Liam David Gray -- Quote me. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 4 May 93 15:47:25 PDT To: strat@intercon.com Subject: checks In-Reply-To: <9305041725.AA34057@horton.intercon.com> Message-ID: <9305042244.AA27314@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain For those who don't want to read about an arcane bit of commercial paper law, please stop reading now. >Much as I respect you Eric, I direct your attention to the myriad of "checks" >being sent out by AT&T and MCI, to name a few offenders. These bear the >legend: "endorsement of this check constitutes your acceptance of as >your long distance carrier." From West's Nutshell handbook on _Commercial Paper_, p 55: "[...] an instrument is not negotiable unless it contains an unconditional promise or order. [UCC] 3-104(1)(b). See 3-105. That is, the obligation must be expressed in terms which are absolute and not subject to contingencies, provisos, qualifications, or reservations which may impair the obligation to pay. It must be a 'courier without luggage.' Overton v. Tyler, 3 Pa. 346,347 (1846)." If a check is not negotiable, that does not mean that the order on it is invalid; it means that the rights of third and later parties to collect on the order are precariously held. This might not impede the money getting transferred, though. The thing about the LD company checks is that their writing doesn't seem to be a condition on the order to pay. After all, you don't have to indorse a check in order to get the money from it; you can always take it to the bank it was drawn on directly. The condition on these checks seems to be a condition upon your indorsement of the check; conditions on indorsements do not affect negotiability. >Weasels. I agree. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: composer@Beyond.Dreams.ORG (Jeff Kellem) Date: Tue, 4 May 93 13:10:22 PDT To: cypherpunks@toad.com Subject: TALK: Boston Univ CS Dept Colloquium--Digital Signatures, 6 May, 11am Message-ID: <9305042010.AA28513@Beyond.Dreams.ORG> MIME-Version: 1.0 Content-Type: text/plain For those in the Boston area this Thursday, 6 May 93, this talk may be of interest. FYI... -jeff Jeff Kellem Internet: composer@Beyond.Dreams.ORG ------- Forwarded Message BOSTON UNIVERSITY CS DEPARTMENT COLLOQUIUM Thursday, May 6 at 11:00 Math and Computer Science Bldg (MCS) Room 135, 111 Cummington Street Boston, MA 02215 ON-LINE/OFF-LINE DIGITAL SIGNATURES Shimon Even Computer Science Department Technion - Israel Institute of Technology Joint work with Oded Goldreich and Silvio Micali ABSTRACT A signature scheme is proposed. It consists of two phases. The first phase is performed off-line, before the message to be signed is even known. The second on-line phase is performed once the message to be signed is known. The scheme has a practical advantage as well as a theoretical value. It is shown that the on-line phase can be carried out very quickly, by using a one-time signature scheme. The off-line phase can use a simplified version of the square extraction method of Rabin. It requires a moderate amount of computation, but can be performed leisurely, before the message to be signed is even known. Thus, the scheme may be of practical value in scenarios such as that of electronic fund transfer. It is proved that if the building blocks are secure against known message attack, the scheme is secure against chosen message attack. There will be tea at 10:45. ------- End of Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jet@nas.nasa.gov (J. Eric Townsend) Date: Tue, 4 May 93 16:42:17 PDT To: uni@acs.bu.edu (Shaen Bernhardt) Subject: An answer and a question In-Reply-To: <9305042316.AA147149@acs.bu.edu> Message-ID: <9305042342.AA24553@boxer.nas.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain Convenience is Freedom! "Get your Freedom at 7-11!" -- remember this ad campaign? The word has been so overused that it's now meaningless in the minds of many Americans. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Joe Thomas Date: Tue, 4 May 93 14:18:38 PDT To: Timothy Newsham Subject: Re: tripple des In-Reply-To: <9305042013.AA25148@toad.com> Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Tue, 4 May 1993, Timothy Newsham wrote: > > Crypto question: > why was the following chosen for tripple DES : > EN(DE(EN(data,k1),k2),k3); > > . . . > > How would this compare with > EN(EN(EN(data,k1),k2),k3); > In fact, "triple" DES goes three times through the engine, but only uses two keys: EN(DE(EN(data,k1),k2),k1) My understanding is that this was chosen for hardware implementations because it is equivalent to single DES when k1 = k2. This is important, of course, when some people you want to talk to are still using single DES and the hardware is hard to reconfigure. Nowadays, when most DES (technically, DEA) is done in software, it would make more sense to use three separate keys. Two key "triple" DES has 112 key bits (56 * 2), while a three key system would have 168. I've seen the latter system used recently, though I can't remember where... Joe -- Joe Thomas Say no to the Wiretap Chip! PGP key available by request, finger, or pgp-public-keys@toxicwaste.mit.edu PGP key fingerprint: 1E E1 B8 6E 49 67 C4 19 8B F1 E4 9D F0 6D 68 4B From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Bob Stratton Date: Tue, 4 May 93 14:25:42 PDT To: cypherpunks@toad.com Subject: checks Message-ID: <9305041725.AA34057@horton.intercon.com> MIME-Version: 1.0 Content-Type: text/plain > Date: Mon, 3 May 93 08:44:37 -0700 > From: Eric Hughes > Choices: PGP vs. RSA Data Security > > >re paying a reasonable license fee, I wonder if RSA would cash my > >check for (say) $10 if I wrote on the check that it was for a license > >for whatever they might claim on PGP. > > RSA might try to cash such a check, but if their bank is smart they won' > t accept it. A check is not negotiable if it contains a > condition. Much as I respect you Eric, I direct your attention to the myriad of "checks" being sent out by AT&T and MCI, to name a few offenders. These bear the legend: "endorsement of this check constitutes your acceptance of as your long distance carrier." Weasels. --Strat From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: smb@research.att.com Date: Tue, 4 May 93 15:42:26 PDT To: Timothy Newsham Subject: Re: tripple des Message-ID: <9305042242.AA00515@toad.com> MIME-Version: 1.0 Content-Type: text/plain Crypto question: why was the following chosen for tripple DES : EN(DE(EN(data,k1),k2),k3); The encryption would involve passing data through IP, then doing 16 rounds forward with k1, (factoring out the IP-1 and IP) then doing 16 rounds backwards with k2 (factoring out the next IP-1 and IP) then doing 16 rounds forward with k3 then going through IP-1 How would this compare with EN(EN(EN(data,k1),k2),k3); which goes through IP, does 16 rounds each with k1, k2 then k3, then IP-1 ? The only difference is that the key scheduler rotates backwards (or another interpretation keys used in reverse order) for the second stage. Does anyone know the rationale behind this? First, it's usually done as EN(DE(EN(data,k1),k2),k1) The middle step is a decryption for two reasons, one of which is no longer important for DES. The reason that is still valid is that by setting k1==k2, you have compatibility with other implementations that only do single encryption. (See the Garon and Outerbridge paper in the July '91 Cryptologia for why you want to triple-encrypt keys...) The second reason, no longer a concern for DES, is that it was feared that DES might be a group. That is, given E(E(data,k1),k2) it was feared that there might be a third key kx equivalent to encryption with k1 and k2. It's recently been proved that DES is not a group. That is, in general there is no such kx. Conceivably, the problem could arise with other cryptosystems, such as Skipjack. I haven't yet seen the proof about DES, and I don't know how much might transfer to other DES-like algorithms. In any event, doing a decryption as the second operation was thought to dodge the whole question. Finally, even though triple encryption as I've defined it only has a key length of 112, it's still necessary to do three operations, rather than a simple double encryption; for the latter, there's a birthday attack in O(2^56) time, though it does require O(2^56) space as well, making its feasibility a bit dubious. --Steve Bellovin From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uni@acs.bu.edu (Shaen Bernhardt) Date: Tue, 4 May 93 16:16:23 PDT To: cypherpunks@toad.com Subject: An answer and a question Message-ID: <9305042316.AA147149@acs.bu.edu> MIME-Version: 1.0 Content-Type: text/plain First, with regard to privacy being free. I agree, than in an ideal society privacy would be considered a right, and no effort would be required to insure it. In my view it is necessary for the state to insure this right. This goes to the "if you were ever made dictator of a small island nation, what would be your first decrees?" Well, mine would be something to the effect of this: That we the citizens of unissa might preserve the individuality and freedom of the populous, prevent tyrrany and authortarian tactics, promote the right of men and women to develop in their own direction s, as this is most conducive to the rise of a great nation, I hereby decree that it shall be the unalienable right of citizens to hold their personal and public actions and duties in confidence. Further it shall be made to pass that the burden of ensuring such confidentiality shall rest on the state, and the state shall pass no law or decree that violates this right. Unfortunately, we all know that this is classified as "fantasy" I'd love for it to happen, and I would be quite proud to offer citizenship to all the cypherpunks (well most of you :) ) but in the words of a great man I once knew... "It Ain't gonna happen...." Privacy isn't free, you have to work for it in this country. I don't mind that. I sort of like the process. I have a problem when the state ACTIVELY tries to ELIMINATE privacy. I have an even WORSE problem when the state does so by serapitious means. I am disgusted by what's happening with regard to press releases and complicity of large corporations who are basically selling us out for a profit (A-hem T-eeem an-hem-d T-hem) I realized something suddenly that made me feel like I am growing more and more paranoid by the hour by the way. I noticed for the first time that these AT&T commercials that are airing lately have distinct propaganda trends... I never noticed it before but think about it. Lots of talk about freedom, individual plans, and a MAJOR ad campaign on T.V. complete with Arethra (sp) Franklin singing "Freedom....Freedom... FREEDOM!" Does this strike anyone else as odd or am I going crazy? I think I'm turning into a liberal! I can't take it! Look, it's obvious that security and liberty are a trade off. I'm an international relations schloar, with a concentration in intelligence, so that's not a leap of logic for me. What I don't understand is this: Of late, terrorist acts have been on the DECLINE. The world trade center was a big one, sure. But it's not the whole picture. So why the push now? We really don't NEED more security in the form of clipper and FBI bills right now... not in my view anyhow. Comparatively this is a safe nation. Even if you disagree with this point, it can be pointed out that you DO NOT need privacy invading tactics to prevent terrorism, or drug dealing. To me, drug sniffing dogs, metal detectors, x-ray machines are not a GREAT violation of privacy, I have little trouble tolerating these things and I accept them as part of life. Fine. But when it becomes obvious that government is taking an ACTIVE interest in things like my conversations and business practices, as well as opening the way for me and my children (I hope to have some some day) to be cataloged and followed and assigned a number and database for our health records and who knows what else from birth, I get offended. I WILL fight these initiaves, with civil disobedience if nothing else works. I have a feeling that there are like minded people out there, people who can tolerate some violations of absolute privacy in exchange for feeling that every plane you ride on is not at risk because of some psycho, and that less coke is going to find its way to schools. But who cannot tolerate AUTHORATARIAN regimes, and practices to make these assurances. We are in my opinion at a very dangerous time. VERY dangerous We are at a point where events have made isolationism more and more a concern, and the focus is more an more on the people of this nation rather than other issues. Events like the world trade center, and the media attention it brings threaten to bring more force to bear on the fragile balance between what I will accept and what government wants. On another note, how public is this mailing list. I mean the list of names here. How unlikely is it that we might be on a "watch-these-dangerous-activits-revolutionaries" black list somewhere...? uni@acs.bu.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: baumbach@atmel.com (Peter Baumbach) Date: Tue, 4 May 93 18:11:27 PDT To: cypherpunks@toad.com Subject: Re: REQUEST: Info on email accounts Message-ID: <9305050036.AA17304@sole.chp.atmel.com> MIME-Version: 1.0 Content-Type: text/plain I hope this is the kind of thing you're looking for. :-) ----- Begin Included Message ----- >From kaminski@netcom.com Sun Apr 25 14:39:32 1993 Reply-To: kaminski@netcom.com Date: Sun, 25 Apr 93 10:49:13 -0700 From: kaminski@netcom.com (Peter Kaminski) To: PDIAL Mailing List Subject: PDIAL011, 23 April 1993 Content-Length: 34539 You're on the mailing list to receive new PDIAL editions as they come out; here's the latest! For problems, email me at (preferred) or 71053.2155@compuserve.com. Thanks for your interest! Pete ================ New in PDIAL011: New provider: nwnexus (206) New points of presence: netcom (206) (503) Updated info: csn, msen; section on 800 rates ---- cut here ---- The Public Dialup Internet Access List (PDIAL) ============================================== File PDIAL011.TXT -- 23 April 1993 A list of public access service providers offering dialup access to outgoing Internet connections such as FTP and telnet. Copyright 1992-1993 Peter Kaminski. May be distributed but not sold -- see notice at the end of this document. Or, tell people to email "Send PDIAL" to "info-deli-server@netcom.com". Contents: -1- Summary: Providers With Wide Area Access -2- Summary: Area Codes For US/Canada Dialins -3- Summary: Phone Prefixes For International Dialins -4- What *Is* The Internet? -5- What The PDIAL Is -6- List of Providers -7- How People Can Get The PDIAL (This List) -8- Appendix A: Finding Public Data Network (PDN) Access Numbers -9- Copyright and Distribution Of The PDIAL; Other Notices Subject headers below are formatted so this list may be read as a digest by USENET newsreaders that support digests. Example commands: rn, "control-G" skips to next section; nn, "G%" presents as a digest. Sections may also be located by searching for the desired section number string (e.g. "-1-") from the list above. ---------------------------------------------------------------------- From: PDIAL -1- Subject: Summary: Providers With Wide Area Access PDN delphi, holonet, michnet, portal, psi-gds, psilink, well, world 800 class, cns, crl, csn, dial-n-cerf-usa, jvnc, OARnet "PDN" means the provider is accessible through a public data network (check the listings below for which network); note that many PDNs listed offer access outside North America as well as within North America. Check with the provider or the PDN for more details. "800" means the provider is accessible via a "toll-free" US phone number. The phone company will not charge for the call, but the service provider will add a surcharge to cover the cost of the 800 service. This may be more expensive than other long-distance options. ------------------------------ From: PDIAL -2- Subject: Summary: Area Codes for US/Canada Dialins If you are not local to any of these providers, it's still likely you are able to access those providers available through a public data network (PDN). Check the section above for providers with wide area access. 201 jvnc-tiger 202 express, grebyn 203 jvnc-tiger 206 eskimo, halcyon, netcom, nwnexus 212 mindvox, panix 213 dial-n-cerf, netcom 214 metronet 215 jvnc-tiger, PREPnet 216 OARnet, wariat 301 express, grebyn 303 cns, csn 310 dial-n-cerf, netcom 312 ddsw1 313 michnet, MSen 401 anomaly, ids, jvnc-tiger 408 a2i, netcom, portal 410 express 412 PREPnet, telerama 415 crl, dial-n-cerf, netcom, portal, well 419 OARnet 503 netcom 508 anomaly, nearnet 510 dial-n-cerf, holonet, netcom 513 OARnet 514 CAM.ORG 516 jvnc-tiger 517 michnet 603 nearnet 609 jvnc-tiger 614 OARnet 616 michnet 617 delphi, nearnet, world 619 cyber, dial-n-cerf, netcom 703 express, grebyn 704 rock-concert 707 crl 708 ddsw1 713 sugar 714 dial-n-cerf 717 PREPnet 718 mindvox, panix 719 cns, csn, oldcolo 814 PREPnet 815 ddsw1 818 dial-n-cerf, netcom 906 michnet 908 jvnc-tiger 916 netcom 919 rock-concert These are area codes local to the dialups, although some prefixes in the area codes listed may not be local to the dialups. Check your phone book or with your phone company. Most providers listed here are also accessible by packet-switched data services such as PC Pursuit ($30/month for 30 hours off-peak 2400 bps access -- call 800-736-1130 for more information), traditional long distance services, and of course telnet. ------------------------------ From: PDIAL -3- Subject: Summary: Phone Prefixes for International Dialins If you are not local to any of these providers, there is still a chance you are able to access those providers available through a public data network (PDN). Check the section above for providers with wide area access, and send email to them to ask about availability. +61 2 connect.com.au +61 3 connect.com.au +44 (0)81 ibmpcug ------------------------------ From: PDIAL -4- Subject: What *Is* The Internet? The Internet is a global cooperative network of university, corporate, government, and private computers, all communicating with each other by means of something called TCP/IP (Transmission Control Protocol/Internet Protocol). Computers directly on the Internet can exchange data quickly and easily with any other computer on the Internet to download files, send email, provide remote logins, etc. Users can download files from publicly accessible archive sites ("anonymous FTP"); login into remote computers (telnet or rlogin); chat in real-time with other users around the world (Internet Relay Chat); or use the newest information retrieval tools to find a staggering variety of information (Wide Area Information Servers, Gopher, World Wide Web). Computers directly on the Internet also exchange email directly and very quickly; email is usually delivered in seconds between Internet sites. Sometimes the Internet is confused with other related networks or types of networking. First, there are other ways to be "connected to the Internet" without being directly connected as a TCP/IP node. Some computers connect via UUCP or other means at regular intervals to an Internet site to exchange email and USENET newsgroups, for instance. Such a site can provide email (though not as quickly as a directly connected systems) and USENET access, but not Internet downloads, remote logins, etc. "email" (or "Internet email", "netmail") can be exchanged with a wide variety of systems connected directly and indirectly to the Internet. The email may travel solely over the Internet, or it may traverse other networks and systems. "USENET" is the collection of computers all over the world that exchange USENET news -- thousands of "newsgroups" (like forums, or echos) on a wide range of topics. The newsgroup articles are distributed all over the world to USENET sites that wish to carry them (sometimes over the Internet, sometimes not), where people read and respond to them. The "NSFNET" is one of the backbones of the Internet in the US. It is funded by the NSF, which restricts traffic over the NSFNET to "open research and education in and among US research and instructional institutions, plus research arms of for-profit firms when engaged in open scholarly communication and research." Your Internet provider can give you more details about acceptable use, and alternatives should you need to use the Internet in other ways. ------------------------------ From: PDIAL -5- Subject: What The PDIAL Is This is a list of Internet service providers offering public access dialins and outgoing Internet access (ftp, telnet, etc.). Most of them provide email and USENET news and other services as well. If one of these systems is not accessible to you and you need email or USENET access, but *don't* need ftp or telnet, you have many more public access systems from which to choose. Public access systems without ftp or telnet are *not* listed in this list, however. See the nixpub (alt.bbs, comp.misc) list and other BBS lists. Some of these providers offer time-shared access to a shell or BBS program on a computer connected directly to the Internet, through which you can FTP or telnet to other systems on the Internet. Usually other services are provided as well. Generally, you need only a modem and terminal or terminal emulator to access these systems. Check for "shell", "bbs", or "menu" on the "services" line. Other providers connect you directly to the Internet via SLIP or PPP when you dial in. For these you need a computer system capable of running the software to interface with the Internet, e.g., a Unix machine, PC, or Mac. Check for "SLIP", or "PPP" on the services line. While I have included all sites for which I have complete information, this list is surely incomplete. Please send any additions or corrections to "kaminski@netcom.com". ------------------------------ From: PDIAL -6- Subject: List of Providers Fees are for personal dialup accounts with outgoing Internet access; most sites have other classes of service with other rate structures as well. Most support email and netnews along with the listed services. "Long distance: provided by user" means you need to use services such as PC Pursuit, direct dial long distance or other long distance services. << a2i >> name ----------> a2i communications dialup --------> 408-293-9010 (v.32, v.32 bis) or 408-293-9020 (PEP) 'guest' area codes ----> 408 local access --> CA: Campbell, Los Altos, Los Gatos, Moutain View, San Jose, Santa Clara, Saratoga, Sunnyvale long distance -> provided by user services ------> shell, ftp, telnet, feeds fees ----------> $20/month or $45/3 months or $72/6 months email ---------> info@rahul.net voice ---------> n/a ftp more info -> ftp.rahul.net:/pub/BLURB << anomaly >> name ----------> Anomaly - Rhode Island's Gateway To The Internet dialup --------> 401-331-3706 (v.32) or 401-455-0347 (PEP) area codes ----> 401, 508 local access --> RI: Providence/Seekonk Zone long distance -> provided by user services ------> shell, ftp, telnet, SLIP fees ----------> Commercial: $125/6 months or $200/year; Educational: $75/6 months or $125/year email ---------> info@anomaly.sbs.risc.net voice ---------> 401-273-4669 ftp more info -> anomaly.sbs.risc.net:/anomaly.info/access.zip << CAM.ORG >> name ----------> Communications Accessibles Montreal dialup --------> 514-281-5601 (v.32 bis, HST) 514-738-3664 (PEP), 514-923-2103 (ZyXeL 19.2K) 514-466-0592 (v.32) area codes ----> 514 local access --> QC: Montreal, Laval, South-Shore, West-Island long distance -> provided by user services ------> shell, ftp, telnet, feeds, SLIP, PPP, FAX gateway fees ----------> $25/month Cdn. email ---------> info@CAM.ORG voice ---------> 514-923-2102 ftp more info -> n/a << class >> name ----------> Cooperative Library Agency for Systems and Services dialup --------> contact for number; NOTE: CLASS serves libraries/information distributors only area codes ----> 800 local access --> anywhere (800) service is available long distance -> included services ------> ftp, telnet, gopher, wais, hytelnet fees ----------> $10.50/hour + $150/year for first account + $50/year each additional account + $135/year CLASS membership email ---------> class@class.org voice ---------> 800-488-4559 fax -----------> 408-453-5379 ftp more info -> n/a << cns >> name ----------> Community News Service dialup --------> 719-520-1700 id 'new', passwd 'newuser' area codes ----> 303, 719, 800 local access --> CO: Colorado Springs, Denver; continental US/800 long distance -> 800 or provided by user services ------> UNIX shell, email, ftp, telnet, irc, USENET, Clarinet, gopher fees ----------> $1/hour; $10/month minimum + $35 signup email ---------> klaus@cscns.com voice ---------> 719-579-9120 ftp more info -> n/a << connect.com.au >> name ----------> connect.com.au pty ltd dialup --------> contact for number area codes ----> +61 3, +61 2 local access --> Australia: Melbourne, Sydney long distance -> provided by user services ------> SLIP, PPP, ISDN, UUCP, ftp, telnet, NTP, FTPmail fees ----------> AUS$2000/year (1 hour/day), 10% discount for AUUG members; other billing negotiable email ---------> connect@connect.com.au voice ---------> +61 3 5282239 fax -----------> +61 3 5285887 ftp more info -> ftp.connect.com.au << crl >> name ----------> CR Laboratories Dialup Internet Access dialup --------> 415-389-UNIX area codes ----> 415, 707, 800 local access --> CA: San Francisco Bay Area; continental US/800 long distance -> 800 or provided by user services ------> shell, ftp, telnet, feeds, SLIP, WAIS fees ----------> $19.50/month + $15.00 signup email ---------> info@crl.com voice ---------> 415-381-2800 ftp more info -> n/a << csn >> name ----------> Colorado SuperNet, Inc. dialup --------> contact for number area codes ----> 303, 719, 800 local access --> CO: Alamosa, Boulder/Denver, Colorado Springs, Durango, Fort Collins, Frisco, Glenwood Springs/Aspen, Grand Junction, Greeley, Gunnison, Pueblo, Telluride; anywhere 800 service is available long distance -> provided by user or 800 services ------> shell or menu, UUCP, SLIP, 56K, ISDN, T1; ftp, telnet, irc, gopher, WAIS, domains, anonymous ftp space, email-to-fax fees ----------> $1/hour off-peak, $3/hour peak ($250 max/month) + $20 signup, $5/hr surcharge for 800 use email ---------> info@csn.org voice ---------> 303-273-3471 fax -----------> 303-273-3475 ftp more info -> csn.org:/CSN/reports/DialinInfo.txt off-peak ------> midnight to 6am << cyber >> name ----------> The Cyberspace Station dialup --------> (619) 634-1376 'guest' area codes ----> 619 local access --> CA: San Diego long distance -> provided by user services ------> shell, ftp, telnet, irc fees ----------> $15/month + $10 startup or $60 for six months email ---------> help@cyber.net voice ---------> ftp more info -> n/a << ddsw1 >> name ----------> 'ddsw1', MCSNet dialup --------> (312) 248-0900 V.32bis/V.32, 248-6295 (PEP), follow prompts area codes ----> 312, 708, 815 local access --> IL: Chicago long distance -> provided by user services ------> shell, ftp, telnet, feeds, email, irc, gopher fees ----------> $25/month or $65/3 months email ---------> info@ddsw1.mcs.com voice ---------> n/a ftp more info -> n/a << delphi >> name ----------> DELPHI dialup --------> (800) 365-4636 'JOINDELPHI password:INTERNETSIG' area codes ----> 617, PDN local access --> MA: Boston; KS: Kansas City long distance -> Sprintnet or Tymnet: $9/hour weekday business hours, no charge nights and weekends services ------> ftp, telnet, feeds, user groups, wire services, member conferencing fees ----------> $10/month for 4 hours or $20/month for 20 hours + $3/month for Internet services email ---------> walthowe@delphi.com voice ---------> 800-544-4005 ftp more info -> n/a << dial-n-cerf >> name ----------> DIAL n' CERF or DIAL n' CERF AYC dialup --------> contact for number area codes ----> 213, 310, 415, 510, 619, 714, 818 local access --> CA: Los Angeles, Oakland, San Diego, Irvine, Pasadena, Palo Alto long distance -> provided by user services ------> shell, menu, irc, ftp, hytelnet, gopher, WAIS, WWW, terminal service, SLIP fees ----------> $5/hour ($3/hour on weekend) + $20/month + $50 startup OR $250/month flat for AYC email ---------> help@cerf.net voice ---------> 800-876-2373 or 619-455-3900 ftp more info -> nic.cerf.net:/cerfnet/dial-n-cerf/ off-peak ------> Weekend: 5pm Friday to 5pm Sunday << dial-n-cerf-usa >> name ----------> DIAL n' CERF USA dialup --------> contact for number area codes ----> 800 local access --> anywhere (800) service is available long distance -> included services ------> shell, menu, irc, ftp, hytelnet, gopher, WAIS, WWW, terminal service, SLIP fees ----------> $10/hour ($8/hour on weekend) + $20/month email ---------> help@cerf.net voice ---------> 800-876-2373 or 619-455-3900 ftp more info -> nic.cerf.net:/cerfnet/dial-n-cerf/ off-peak ------> Weekend: 5pm Friday to 5pm Sunday << eskimo >> name ----------> Eskimo North dialup --------> 206-367-3837 300-2400 bps, 206-362-6731 for 9600/14.4k, 206-742-1150 World Blazer area codes ----> 206 local access --> WA: Seattle, Everett long distance -> provided by user services ------> shell, ftp, telnet fees ----------> $10/month or $96/year email ---------> nanook@eskimo.com voice ---------> 206-367-7457 ftp more info -> n/a << express >> name ----------> Express Access - Online Communications Service dialup --------> 301-220-0462, 410-766-1855 'new' area codes ----> 202, 301, 410, 703 local access --> Northern VA, Baltimore MD, Washington DC long distance -> provided by user services ------> shell, ftp, telnet, irc fees ----------> $25/month or $250/year email ---------> info@digex.com voice ---------> 301-220-2020 ftp more info -> n/a << grebyn >> name ----------> Grebyn Corporation dialup --------> 703-281-7997, 'apply' area codes ----> 202, 301, 703 local access --> Northern VA, Southern MD, Washington DC long distance -> provided by user services ------> shell, ftp, telnet fees ----------> $30/month email ---------> info@grebyn.com voice ---------> 703-281-2194 ftp more info -> n/a << halcyon >> name ----------> Halcyon dialup --------> (206) 382-6245 'new', 8N1 area codes ----> 206 local access --> Seattle, WA long distance -> provided by user services ------> shell, telnet, ftp, bbs, irc, gopher, hytelnet fees ----------> $200/year, or $60/quarter + $10 start-up email ---------> info@halcyon.com voice ---------> 206-955-1050 ftp more info -> halcyon.com:~/pub/waffle/info << holonet >> name ----------> HoloNet dialup --------> (510) 704-1058 area codes ----> 510, PDN local access --> Berkeley, CA long distance -> [per hour, off-peak/peak] Bay Area: $0.50/$0.95; PSINet A: $0.95/$1.95; PSINet B: $2.50/$6.00; Tymnet: $3.75/$7.50 services ------> ftp, telnet, irc, games fees ----------> $2/hour off-peak, $4/hour peak; $6/month or $60/year minimum email ---------> info@holonet.net voice ---------> 510-704-0160 ftp more info -> holonet.net:/info/ off-peak ------> 5pm to 8am + weekends and holidays << ibmpcug >> name ----------> UK PC User Group dialup --------> +44 (0)81 863 6646 area codes ----> +44 (0)81 local access --> London, England long distance -> provided by user services ------> ftp, telnet, bbs, irc, feeds fees ----------> GBPounds 15.50/month or 160/year + 10 startup (no time charges) email ---------> info@ibmpcug.co.uk voice ---------> +44 (0)81 863 6646 ftp more info -> n/a << ids >> name ----------> The IDS World Network dialup --------> (401) 884-9002, (401) 785-1067 area codes ----> 401 local access --> East Greenwich, RI; northern RI long distance -> provided by user services ------> ftp, telnet, SLIP, feeds, bbs fees ----------> $10/month or $50/half year or $100/year email ---------> sysadmin@ids.net voice ---------> 401-884-7856 ftp more info -> ids.net:/ids.net << jvnc-tiger >> name ----------> The John von Neumann Computer Network - Dialin' Tiger dialup --------> contact for number area codes ----> 201, 203, 215, 401, 516, 609, 908 local access --> Princeton & Newark, NJ; Philadelphia, PA; Garden City, NY; Bridgeport, New Haven, & Storrs, CT; Providence, RI long distance -> provided by user services ------> ftp, telnet, SLIP, feeds, optional shell fees ----------> $99/month + $99 startup (PC or Mac SLIP software included -- shell is additional $21/month) email ---------> info@jvnc.net voice ---------> (800) 35-TIGER, (609) 258-2400 ftp more info -> n/a << jvnc >> name ----------> The John von Neumann Computer Network - Tiger Mail & Dialin' Terminal dialup --------> contact for number area codes ----> 800 local access --> anywhere (800) service is available long distance -> included services ------> email and newsfeed or terminal access only fees ----------> $19/month + $10/hour + $36 startup (PC or Mac SLIP software included) email ---------> info@jvnc.net voice ---------> (800) 35-TIGER, (609) 258-2400 ftp more info -> n/a << metronet >> name ----------> Texas Metronet dialup --------> 214-705-2902 9600bps, 214-705-2917 2400bps, 'info/info' or 'signup/signup' area codes ----> 214 local access --> TX: Dallas long distance -> provided by user services ------> shell, ftp, telnet, feeds, SLIP fees ----------> $10-$50/month + $20-$30 startup email ---------> srl@metronet.com / 73157.1323@compuserve.com / GEnie:S.LINEBARG voice ---------> 214-401-2800 fax -----------> 214-401-2802 ( 8am-5pm CST weekdays ) ftp more info -> n/a << michnet >> name ----------> Merit Network, Inc. -- MichNet project dialup --------> contact for number or telnet hermes.merit.edu and type 'help' at 'Which host?' prompt area codes ----> 313, 517, 616, 906, PDN local access --> Michigan; Boston, MA; Wash. DC long distance -> SprintNet, Autonet, Michigan Bell packet-switch network services ------> telnet, SLIP, PPP, outbound SprintNet, Autonet and Ann Arbor dialout fees ----------> $35/month + $40 signup ($10/month for K-12 & libraries in Michigan) email ---------> info@merit.edu voice ---------> 313-764-9430 ftp more info -> nic.merit.edu:/ << mindvox >> name ----------> MindVOX dialup --------> (212) 988-5030 'mindvox' 'guest' area codes ----> 212, 718 local access --> NY: New York City long distance -> provided by user services ------> conferencing system ftp, telnet, irc, gopher, hytelnet, Archives, BBS fees ----------> $15-$20/month. No startup. email ---------> info@phantom.com voice ---------> 212-988-5987 ftp more info -> n/a << MSen >> name ----------> MSen dialup --------> contact for number area codes ----> 313 local access --> All of SE Michigan (313) long distance -> provided by user services ------> shell, WAIS, gopher, telnet, ftp, SLIP, PPP, IRC, WWW, Picospan BBS, ftp space fees ----------> $20/month; $20 startup email ---------> info@msen.com voice ---------> 313-998-4562 fax -----------> 313-998-4563 ftp more info -> ftp.msen.com:/pub/vendor/msen << nearnet >> name ----------> NEARnet dialup --------> contact for numbers area codes ----> 508, 603, 617 local access --> Boston, MA; Nashua, NH long distance -> provided by user services ------> SLIP, email, feeds, dns fees ----------> $250/month email ---------> nearnet-join@nic.near.net voice ---------> 617-873-8730 ftp more info -> nic.near.net:/docs << netcom >> name ----------> Netcom Online Communication Services dialup --------> (206) 527-5992, (310) 842-8835, (408) 241-9760, (408) 459-9851, (415) 328-9940, (415) 985-5650, (503) 626-6833, (510) 426-6610, (510) 865-9004, (619) 234-0524, (916) 965-1371 area codes ----> 206, 213, 310, 408, 415, 503, 510, 619, 818, 916 local access --> CA: SF Bay Area (5 POPs), Sacramento, Santa Cruz, Los Angeles, San Diego; OR: Portland; WA: Seattle (May 1) long distance -> provided by user services ------> shell, ftp, telnet, irc, WAIS, gopher, SLIP/PPP, ftp space, feeds, dns fees ----------> $19.50/month + $15.00 signup email ---------> info@netcom.com voice ---------> 408-554-UNIX ftp more info -> n/a << nwnexus >> name ----------> Northwest Nexus Inc. dialup --------> contact for numbers area codes ----> 206 local access --> WA: Seattle long distance -> provided by user services ------> UUCP, SLIP, PPP, feeds, dns fees ----------> $10/month for first 10 hours + $3/hr; $20 start-up email ---------> info@nwnexus.wa.com voice ---------> 206-455-3505 ftp more info -> nwnexus.wa.com:/NWNEXUS.info.txt << OARnet >> name ----------> OARnet dialup --------> send e-mail to nic@oar.net area codes ----> 614, 513, 419, 216, 800 local access --> OH: Columbus, Cincinnati, Cleveland, Dayton long distance -> 800 service services ------> email, ftp, telnet, newsfeed fees ----------> $4.00/hr to $330.00/month; call for code or send email email ---------> nic@oar.net voice ---------> 614-292-8100 fax -----------> 614-292-7168 ftp more info -> n/a << oldcolo >> name ----------> Old Colorado City Communications dialup --------> 719-632-4111 'newuser' area codes ----> 719 local access --> CO: Colorado Springs long distance -> provided by user services ------> shell, ftp, telnet, AKCS, home of the NAPLPS conference fees ----------> $25/month email ---------> dave@oldcolo.com / thefox@oldcolo.com voice ---------> 719-632-4848, 719-593-7575 or 719-636-2040 fax -----------> 719-593-7521 ftp more info -> n/a << panix >> name ----------> PANIX Public Accss Unix dialup --------> (212) 787-3100 'newuser' area codes ----> 212, 718 local access --> New York City, NY long distance -> provided by user services ------> shell, ftp, telnet, gopher, wais, irc, feeds fees ----------> $19/month or $208/year + $40 signup email ---------> alexis@panix.com, jsb@panix.com voice ---------> 212-877-4854 [Alexis Rosen], 212-691-1526 [Jim Baumbach] ftp more info -> n/a << portal >> name ----------> The Portal System dialup --------> (408) 973-8091 high-speed, (408) 725-0561 2400bps; 'info' area codes ----> 408, 415, PDN local access --> CA: Cupertino, Mountain View, San Jose long distance -> SprintNet: $2.50/hour off-peak, $7-$10/hour peak; Tymnet: $2.50/hour off-peak, $13/hour peak services ------> shell, ftp, telnet, IRC, UUCP, feeds, bbs fees ----------> $19.95/month + $19.95 signup email ---------> cs@cup.portal.com, info@portal.com voice ---------> 408-973-9111 ftp more info -> n/a off-peak ------> 6pm to 7am + weekends and holidays << PREPnet >> name ----------> PREPnet dialup --------> contact for numbers area codes ----> 215, 412, 717, 814 local access --> PA: Philadelphia, Pittsburgh, Harrisburg long distance -> provided by user services ------> SLIP, terminal service, telnet, ftp fees ----------> $1,000/year membership. Equipment-$325 onetime fee plus $40/month email ---------> prepnet@cmu.edu voice ---------> 412-268-7870 fax -----------> 412-268-7875 ftp more info -> ftp.prepnet.com:/prepnet/general/ << psi-gds >> name ----------> PSI's Global Dialup Service (GDS) dialup --------> send email to numbers-info@psi.com area codes ----> PDN local access --> long distance -> included services ------> telnet, rlogin fees ----------> $39/month + $39 startup email ---------> all-info@psi.com, gds-info@psi.com voice ---------> 703-620-6651 fax -----------> 703-620-4586 ftp more info -> ftp.psi.com:/ << psilink >> name ----------> PSILink - Personal Internet Access dialup --------> send email to numbers-info@psi.com area codes ----> PDN local access --> long distance -> included services ------> email and newsfeed, ftp fees ----------> $29/month + $19 startup (PSILink software included) email ---------> all-info@psi.com, psilink-info@psi.com voice ---------> 703-620-6651 fax -----------> 703-620-4586 ftp more info -> ftp.psi.com:/ << rock-concert >> name ----------> Rock CONCERT Net dialup --------> contact for number area codes ----> 704, 919 local access --> NC: Asheville, Chapel Hill, Charlotte, Durham, Greensboro, Greenville, Raleigh, Winston-Salem, Research Triangle Park long distance -> provided by user services ------> shell, ftp, telnet, irc, gopher, wais, feeds, SLIP fees ----------> $30/month + $50 signup email ---------> info@concert.net voice ---------> 919-248-1999 ftp more info -> ftp.concert.net << sugar >> name ----------> NeoSoft's Sugar Land Unix dialup --------> 713-684-5900 area codes ----> 713 local access --> TX: Houston metro area long distance -> provided by user services ------> bbs, shell, ftp, telnet, irc, feeds, UUCP fees ----------> $29.95/month email ---------> info@NeoSoft.com voice ---------> 713-438-4964 ftp more info -> n/a << telerama >> name ----------> Telerama BBS dialup --------> (412) 481-5302 'new' area codes ----> 412 local access --> PA: Pittsburgh long distance -> provided by user services ------> shell, ftp, telnet, feeds, menu, bbs fees ----------> $6/month for 10 hours, 60 cents/hour thereafter. No startup. email ---------> info@telerama.pgh.pa.us voice ---------> 412-481-3505 ftp more info -> telerama.pgh.pa.us:/info/general.info << well >> name ----------> The Whole Earth 'Lectronic Link dialup --------> (415) 332-6106 'newuser' area codes ----> 415, PDN local access --> Sausalito, CA long distance -> Compuserve Packet Network: $4/hour services ------> shell, ftp, telnet, bbs fees ----------> $15.00/month + $2.00/hr email ---------> info@well.sf.ca.us voice ---------> 415-332-4335 ftp more info -> n/a << wariat >> name ----------> APK- Public Access UNI* Site dialup --------> 216-481-9436 (2400), 216-481-9425 (V.32bis, SuperPEP) area codes ----> 216 local access --> OH: Cleveland long distance -> provided by user services ------> shell, ftp, telnet, irc, gopher, feeds, BBS(Uniboard1.10) fees ----------> $35/monthly, $200/6months, $20 signup email ---------> zbig@wariat.org voice ---------> 216-481-9428 ftp more info -> n/a << world >> name ----------> The World dialup --------> (617) 739-9753 'new' area codes ----> 617, PDN local access --> Boston, MA long distance -> Compuserve Packet Network: $5.60/hour services ------> shell, ftp, telnet, irc fees ----------> $5.00/month + $2.00/hr or $20/month for 20 hours email ---------> office@world.std.com voice ---------> 617-739-0202 ftp more info -> world.std.com:/world-info/basic.info ------------------------------ From: PDIAL -7- Subject: How People Can Get The PDIAL (This List) USENET: The PDIAL list is posted semi-regularly to alt.internet.access.wanted, alt.bbs.lists, ba.internet, and news.answers. EMAIL: From the Information Deli archive server (most up-to-date): To receive the current edition of the PDIAL, send email with the subject "Send PDIAL" to "info-deli-server@netcom.com". To subscribe to a list which receives future editions as they are published, send email with the subject "Subscribe PDIAL" to "info-deli-server@netcom.com". To receive both the most recent and future editions, send both messages. From the news.answers FAQ archive: Send email with the message "send usenet/news.answers/pdial" to "mail-server@pit-manager.mit.edu". For help, send the message "help" to "mail-server@pit-manager.mit.edu". FTP ARCHIVE SITES (PDIAL and other useful information): Information Deli FTP site: ftp.netcom.com:/pub/info-deli/public-access/pdial [192.100.81.100] As part of a collection of public access lists: VFL.Paramax.COM:/pub/pubnet/pdial [128.126.220.104] (used to be GVL.Unisys.COM) From the Merit Network Information Center Internet information archive: nic.merit.edu:/internet/pdial [35.1.1.48] As part of an Internet access compilation file: liberty.uc.wlu.edu:/pub/lawlib/internet.access [137.113.10.35] As part of the news.answers FAQ archive: pit-manager.mit.edu:/pub/usenet/news.answers/pdial [18.172.1.27] ------------------------------ From: PDIAL -8- Subject: Appendix A: Finding Public Data Network (PDN) Access Numbers Here's how to get local access numbers or information for the various PDNs. Generally, you can contact the site you're calling for help, too. IMPORTANT NOTE: Unless noted otherwise, set your modem to 7E1 (7 data bits, even parity, 1 stop bit) when dialing to look up access numbers by modem as instructed below. BT Tymnet --------- For information and local access numbers, call 800-937-2862 (voice) or 215-666-1770 (voice). To look up access numbers by modem, dial a local access number, hit and 'a', and enter "information" at the "please log in:" prompt. Compuserve Packet Network ------------------------- You do NOT have to be a Compuserve member to use the CPN to dial other services. For information and local access numbers, call 800-848-8199 (voice). To look up access numbers by modem, dial a local access number, hit and enter "PHONES" at the "Host Name:" prompt. PC Pursuit (SprintNet) ---------------------- PC Pursuit may be used to call a modem in any of 44 major metro areas in the US from local access numbers around the country. As such, it can be used to access most of the providers listed in the PDIAL (those with no other PDN access or even those which are accessible by other PDNs). For information and registration, call 800-736-1130 (voice) or 800-877-2006 (data). More information is also available on the PC Pursuit support BBS (see below). To look up access numbers by modem, dial 800-546-1000, hit at 1200 baud or '@' at 2400 baud. Enter "MAIL" at the "@" prompt, then "PHONES" at the "USER NAME:" prompt, and "PHONES" at the "PASSWORD:" prompt. The PC Pursuit support BBS provides a great deal of information about PC Pursuit, including rates, terms and conditions, outdial numbers, etc. To access the PC Pursuit support BBS, dial a local access number and hit at 1200 baud or '@' at 2400 baud. Change modem parameters to 8N1, and enter "C PURSUIT" at the "@" prompt. PSINet ------ For information, call 800-82PSI82 (voice) or 703-620-6651 (voice), or send email to "all-info@psi.com". For a list of local access numbers send email to "numbers-info@psi.com". ------------------------------ From: PDIAL -9- Subject: Copyright and Distribution Of The PDIAL; Other Notices This Document Copyright 1992-1993 Peter Kaminski. This document may be distributed in its entirety by any means, and a fee may be charged for its distribution, but it may not be sold without prior permission. I make no representations about the suitability or accuracy of this document for any purpose. It is provided "as is" without express or implied warranty. UPDATES AND CORRECTIONS: Send new or updated entries in the format used here to "kaminski@netcom.com". Also include an email address to which I can send requests for more information. -- Peter Kaminski | Internet: kaminski@netcom.com (preferred) The Information Deli | CIS: 71053,2155 "connecting people" | ------------------------------ End of PDIAL ************ ----- End Included Message ----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Clark Reynard Date: Tue, 4 May 93 18:25:04 PDT To: cypherpunks@toad.com Subject: No CFV for soc.whistleblowers Message-ID: <9305050208.AA02069@metal.psu.edu> MIME-Version: 1.0 Content-Type: text/plain Based on the responses of a few cypherpunk members, I have decided not to post a second RFD for soc.whistleblowers unless I receive a significant amount of email requesting that I do so. Nor will I post a CFV. I will simply let the matter be pigeonholed indefinitely. While I find the imputation that I ought to be executed as an Enemy of the People both offensive and absurd, it seems that I could be acting retrogressively, though no sane reason why I am doing so has been presented to me. In either case, I will allow others to continue their efforts, and would be pleased to help in whatever manner I can, but do not wish to foment further splintering of what is already a divided group. I thank you for your support, and request that anyone with any further comment on the matter mail it to me in personal mail, unless it is of interest to the group at large. If interest warrants, or opinion seems different than what I understand it to be, I reserve the right to change my mind. ---- Robert W. Clark Just Say No! to the rclark@nyx.cs.du.edu Big Brother Chip From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 4 May 93 21:13:04 PDT To: cypherpunks@toad.com Subject: ADMIN: allowable use In-Reply-To: Message-ID: <9305050409.AA05703@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Re: a potential questionaire Feel free to post your questionaire, but don't be surprised if you get a hundred anonymous responses, skewing the results. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: x62727g2@usma8.USMA.EDU (Gatlin Anthony CDT) Date: Tue, 4 May 93 19:07:30 PDT To: cypherpunks@toad.com Subject: ZENGER Magazine Message-ID: <9305050201.AA22134@usma8.usma.edu> MIME-Version: 1.0 Content-Type: text/plain What is ZENGERE magazine and where can I get info on it? Does anyone have back issues of Phrack and how can I get them? "The NSA's version of strong crypto is crypto that they have the key for." Anthony J. Gatlin |-------------------------------------| Cadet Private, Co. G-2 |PGP Public Key available on request. | United States Military Academy |-------------------------------------| From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter shipley Date: Tue, 4 May 93 22:27:00 PDT To: hoptoad!cypherpunks Subject: 'zines Message-ID: <9305050520.AA08247@merde.dis.org> MIME-Version: 1.0 Content-Type: text/x-pgp -----BEGIN PGP SIGNED MESSAGE----- >What is ZENGERE magazine and where can I get info on it? while we are on the subject, has anyone heard or seen "Black Ice" if so, where can one get a copy? -Pete btw: I highly recomend "Fact Sheet Five" -----BEGIN PGP SIGNATURE----- Version: 2.2 iQBFAgUBK+dOkMhmn7GUWLLFAQEW/gF9FxVtVHKMnZqIsc6qGKjxwnXdMkuijxn3 IfUp8lhC1UZNcoWWQeaD6HgyL36gwLu4 =YZ3f -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@soda.berkeley.edu Date: Tue, 4 May 93 22:35:48 PDT To: cypherpunks@toad.com Subject: No Subject Message-ID: <9305050532.AA13376@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain All: ZENGER has been around for a long time. It is connected to a long tradition and network. It will be part of the future. And it realizes the importance of crypto-systems in any _real_ underground movement. When ZENGER has decided to come above ground for their latest publication, the cypherpunks will be informed of distribution channels. Until then, keep up the fight! More to come.... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Edward J OConnell Date: Tue, 4 May 93 19:46:05 PDT To: cypherpunks@toad.com Subject: Selling Pointers to Privacy Message-ID: MIME-Version: 1.0 Content-Type: text/plain WARNING: The following post, I realize, assumes that we all agree that we should all have the right to buy and sell and take any chemicals we damn well please. In Extropians, you don't have to mention this. In the world at large, this elicits wide eyed stares, and sputtering noises of disbelief. ( I recall someone being willing to give up some privacy for 'less crack in the schools.' Sorry. Not a good enough reason to give up one whit of privacy.) SELLING 'OFF THE SHELF' PRIVACY TO THOSE THAT WOULD PAY FOR IT... (Providing Pointers, that is...) I've been thinking about this PGP thing. Playing with it has been a lot of fun, (The ultimate secret decoder ring!) and has made me wonder, who *needs* this kind of security that doesn't have it already? Who would pay for it? Who wouldn't care too much about the legalities? Mid to large scale drug dealers, that's who! I began to think of things I could do with off the shelf hardware and software. Ease of use is important--I don't think many drug dealers are going to want to mess around with command line interfaces--So I started playing with the idea of a voicemail/answering machine type thing, using macs with built in microphones, modems, telecom software, etc. Maybe use hypercard to create a single application with a phone book, so that they would just double click on someone's name, and talk into the microphone. Hit a button to end the message, and then hit, SEND. The hypercard stack compresses and encrypts using PGP the voice file, which is decompressed and encrypted automatically at the other end, maybe producing a blinking button with that persons name on it, and the time of the call. The interface design would be fun, actually. Asynchronous, but perhaps useful enough? (With a 1.44 modem and the 6/1 compression rate of my shareware voice recorder, it would take about 2 minutes to modem a minutes worth of message--not too bad, really.) I think it might be interesting to typeset a booklet describing how to do this, and try to sell it in the back of magazines--maybe Rolling Stones and High Times. The booklet might just be pointers to the hardware and software needed, and the few skills the client would have to acquire. You could sell the "ease of use" hypercard stack through the booklet, too. You could wait and see if the thing takes off before actually making the stack. I've also thought, that you could sell phone support to people who are trying to get this type of thing going. I'm less enthusiastic about this; it seems like this would be a good way to get busted. Of course, the legality of this hinges on the legality of PGP. I've read some stuff about the copyright infringment aspect, and have seen on Extropians, a legal action threatened against someone who was advertising PGP in a big way. Any thoughts? I'm halfway serious about this. Perhaps it could exist in the same sort of quasilegal half-life as bongs, psyloycybin spore logs, and automatic weapon conversion kits--sure, it's illegal to use this stuff I'm selling, but I'm not selling illegality...I'm just selling the stuff! First Draft of Ad: PHONE WITHOUT FEAR Did you know that personal computers can be used to communicate with others with absolute privacy? That free public domain software exists that cannot be cracked? Not even by the CIA? For plans for a user friendly, voice-mail encryption system send 10.00 money order to: Jay. Maybe. If I don't chicken out. ;-) __________________________________ Albert Einstein--"God does not play dice with the universe." Me--"No, he plays Super-Scratch-Card-Wingo (TM) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Arthur Abraham Date: Tue, 4 May 93 22:49:48 PDT To: cypherpunks@toad.com Subject: MYK-78 Message-ID: <199305050549.AA29765@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain 4-May-93 Eric Hughes writes: >It is possiqK another set of LEEF's; that's not clear to >me, but Arthur thinks you can. Sometimes I have a bit of trouble following Eric's written syntax. This passage would make more sense if "can" was replaced by "must") >If, however, one can just change the >CV at will, one could send the LEEF's in the clear and then >immediately change the CV (session key). Now the LEEF has been sent >but the conversation makes no sense. My money is that this is >interlocked with IV generation, though. To quote myself: >[CV,checkword,L1,L2,IV] is a self-checkin+nit which means that these data items must be loaded in this order (MSB first) and must all have been properly constructed via the Skipjack algorithm, else the MYK-78 will yank on its ERROR line. To build a proper protocol, CV (= session key) and checkword would be encrypted, and to be a proper citizen, L1,L2,IV would be transmitted in the clear. The funny thing is, that after loading the "self-checking unit", and checking it, MYK-78 will still accept a different CV. I specifically had this verified. It will encrypt funny, since the CV won't properly match the rest of the loading, but it shouldn't be too hard to use this encryption mode. There are actually several ways to abuse this chip -- another obvious one is tonever power it off, and run with the first LEEF you ever get -- it just seems to cry out in masochism. A real consumer crypto chip wouldn't be this flexible. I hope to be able to say something about the true protocol for law-abiding American citizens in the near future. -a2. ps: though I will continue to post to Cypherpunks, if you wish me to read something, please send it to me directly. -a2. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peter honeyman Date: Tue, 4 May 93 20:20:11 PDT To: Nickey MacDonald Subject: Re: ADMIN: allowable use In-Reply-To: Message-ID: <9305050320.AA10667@toad.com> MIME-Version: 1.0 Content-Type: text/plain count me out. peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Paul Goggin Date: Tue, 4 May 93 20:23:57 PDT To: cypherpunks@toad.com Subject: RE: Phrack Back Issues Message-ID: <9305050323.AA10799@toad.com> MIME-Version: 1.0 Content-Type: text/plain Anthony Gatlin asks, > What is ZENGERE magazine and where can I get info on it? Never heard of it and I to would like to know. > Does anyone have back issues of Phrack and how can I get them? ftp ftp.eff.org cd pub/cud/phrack binary mget * -- R O All Comments Copyright by | Technofetisht A N Paul S. Goggin (1993) | Cypher, Cyber, Chaos V Information Broker | Ergoflux, Interzone E chaos@aql.gatech.edu | Carpe Diem: Stop the Clipper wiretap chip Finger account for latest _Phrack_ | Public Key: PGP and RIPEM available ------------------------------------------------------------------------------ Title 18 USC 2511 and 18 USC 2703 Protected -- Monitoring Absolutely Forbidden From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uni@acs.bu.edu (Shaen Bernhardt) Date: Tue, 4 May 93 20:23:08 PDT To: cypherpunks@toad.com Subject: Privacy and Prices of Privacy Message-ID: <9305050323.AA108323@acs.bu.edu> MIME-Version: 1.0 Content-Type: text/plain ejo@world.std.com spoke thus: WARNING: The following post, I realize, assumes that we all agree that we should all have the right to buy and sell and take any chemicals we damn well please. In Extropians, you don't have to mention this. In the world at large, this elicits wide eyed stares, and sputtering noises of disbelief. ( I recall someone being willing to give up some privacy for 'less crack in the schools.' Sorry. Not a good enough reason to give up one whit of privacy.) End Quote. That was me. Specifically I said: I have a feeling that there are like minded people out there, people who can tolerate some violations of absolute privacy in exchange for feeling that every plane you ride on is not at risk because of some psycho, and that less coke is going to find its way to schools. But who cannot tolerate AUTHORATARIAN regimes, and practices to make these assurances. End Quote Sure, if YOU want to grow coco plants and harvest and process them for your own use, I don't have a problem with that. That's your business. If you want to process it into base, crack in effect, go ahead. I don't really have a problem with that either. Frankly I don't have a problem with the legalization of cocaine, I'm indifferent. I wouldn't use any, but I'm not going to stop anyone else from it. I am not quite libertarian enough however to support the sale of refined coke out there. I think this is a pragmatic point, based on what is practical as far as soceity goes. I WILL say that I can't support authoratarian moves to prevent it. Makeing exceptions for wiretap laws on drugdealers is bullshit. Follow the constitution at all times IMHO, no exceptions. If you can't catch em without invading privacy then they aren't enough of a public problem to worry about. To me this does NOT include drug sniffing dogs at the airport. I really am not much offended by THIS practice. Border control has been a standby for soverignty for as long as borders have been drawn. Fine. We're getting a touch out of the scope of the list however so I will finish by saying that it is entirely impossible to grant ABSOLUTE privacy, and I'm not asking for it. I just don't want to be numbered, tracked, watched, listened to when I am minding my own business in my house. uni From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Nickey MacDonald Date: Tue, 4 May 93 19:56:54 PDT To: cypherpunks list Subject: ADMIN: allowable use Message-ID: MIME-Version: 1.0 Content-Type: text/plain I just putting this out to test the "temperature" of the cypherpunks "waters"... I am considering posting a questionaire that I would like each cypherpunk to answer... Its not written yet, thought I do have a good idea of what I want to ask, and I suspect it would be a little lengthy (I can think of a good 10 questions, each requiring a paragraph or two to answer). My goal of the questionaire would be to see what type of people use cryptography... (Quite a simple goal... but not easily met...) I will of course make the results available to the group, and optionally the raw data (the person filling it out would have the option of not having any "written" (more than a yes or no) answer "published"). Would the majority consider this good use of cypherpunks bandwidth, or are you all too secretive? --- Nick MacDonald | NMD on IRC i6t4@jupiter.sun.csd.unb.ca | PGP 2.1 Public key available via finger From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: rcooke@conicit.ve (Robert E. Cooke) Date: Tue, 4 May 93 20:56:46 PDT To: cypherpunks@toad.com Subject: Unsubscribe. Message-ID: <9305050352.AA28065@dino.conicit.ve> MIME-Version: 1.0 Content-Type: text/plain Please remove me from your list. I have limited mail space aside from other restrictions on Internet usage. Every day I call I find myself notified and fined for excess mail in my box. Robert Cooke. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: SYPHRIT@vms.cis.pitt.edu Date: Wed, 5 May 93 00:08:00 PDT To: cypherpunks@toad.com Subject: No Subject Message-ID: <01GXST382MI8AZU01N@vms.cis.pitt.edu> MIME-Version: 1.0 Content-Type: text/plain Please add me to your e-mail subscription list. Thanks! John A. Syphrit Syphrit@vms.cis.pitt.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Wed, 5 May 93 01:26:49 PDT To: cypherpunks@toad.com Subject: pgp temp files. Message-ID: <9305050826.AA20910@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain After using pgp to read an encrypted message, I ran chkdsk on my hard drive. I was astonished to find that chkdsk found an error on my hard drive, but I was even more astonished to find that when I recovered the error to a file, it contained most of a message I had just read using pgp. Apearantly, this was what was left of a temp file that pgp used. IMHO, pgp should have wiped this file. Maybe I should try to use a ramdisk as my temp-file path. Just thought ya'll should know that pgp may not be as secure as we hope. In my effort to write a menu system for pgp-encrypted email, I use pgp very often, and in very unusuall ways. Consequently, I have found a (very) few weaknesses in the program. Is anyone currently supporting pgp, or am I on my own? If anyone is supporting pgp, I'd like to talk to you. ;^) Thanx in advance. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | | But, I was mistaken. |available| | +-----------------------------+---------+ | mdiehl@triton.unm.edu | "I'm just looking for the opportunity | | mike.diehl@fido.org | to be Politically Incorrect! | | (505) 299-2282 | | +------How do I send email between fidonet and internet?--------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: George A. Gleason Date: Wed, 5 May 93 02:28:58 PDT To: strat@intercon.com Subject: Re: checks Message-ID: <199305050928.AA08518@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Re: Much as I respect you Eric, I direct your attention to the myriad of "checks" being sent out by AT&T and MCI, to name a few offenders. These bear the legend: "endorsement of this check constitutes your acceptance of as your long distance carrier." When those go out in English to non-English speakers and get cashed, there is a good case to be made for consumer fraud. Anyone want to follow up on that...? -gg From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Nickey MacDonald Date: Tue, 4 May 93 23:20:37 PDT To: cypherpunks list Subject: ADMIN: Handling of "tags" Message-ID: MIME-Version: 1.0 Content-Type: text/plain Just a suggestion about the implimentation of the "redistributer" program that runs this list. I noticed a goodly number of people are using "tags" like the "ADMIN:" tag in my subject... I think this is good. I'd love to see it go one step further, and have every cypherpunks message have a "CPUNK:" prepended to the subject, so that I can read this more important mail first. Also, I notice that a lot of people reply to messages without editing the subject, and the subject gets "mangled" to "Re: ADMIN: ..." instead of "ADMIN: Re: ..." Would it be possible to have the redistribution software changed to do the first and correct the second? Are these changes worth it to anyone besides myself? --- Nick MacDonald | NMD on IRC i6t4@jupiter.sun.csd.unb.ca | PGP 2.1 Public key available via finger From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Paul Goggin Date: Wed, 5 May 93 00:47:21 PDT To: cypherpunks@toad.com Subject: Black Ice Message-ID: <9305050747.AA20605@toad.com> MIME-Version: 1.0 Content-Type: text/plain I have the January 1993 issue and purchased it, believe it or not at Tower Records in March. I have not seen issue #2 yet. I enjoyed it, it has a different flare than Mondo or Wired,although there is definate similarity. For further info, Subscription Department Black Ice PO Box 1069 Brighton BN2 4YT The issues are 3.95 Pounds, with 1 year subscriptions 15 Pounds. Good Luck. > while we are on the subject, has anyone heard or seen "Black Ice" > if so, where can one get a copy? > -Pete -- R O All Comments Copyright by | Technofetisht A N Paul S. Goggin (1993) | Cypher, Cyber, Chaos V Information Broker | Ergoflux, Interzone E chaos@aql.gatech.edu | Carpe Diem: Stop the Clipper wiretap chip Finger account for latest _Phrack_ | Public Key: PGP and RIPEM available ------------------------------------------------------------------------------ Title 18 USC 2511 and 18 USC 2703 Protected -- Monitoring Absolutely Forbidden From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: x62727g2@usma8.USMA.EDU (Gatlin Anthony CDT) Date: Wed, 5 May 93 02:54:50 PDT To: cypherpunks@toad.com Subject: EEPROM Programmers for the PC Message-ID: <9305050952.AA01201@usma8.usma.edu> MIME-Version: 1.0 Content-Type: text/plain Possessors of all Knowledge Great and Small, I humbly beseech thy expertise on a manner in which I have none. I have been told that one can by an EEPROM programmer which fits on a card in the PC or a similar version which merley connects to the PC. I would like to know a) if this is so? b) how much they cost? c) where to find them? d) what their memory capacities are? e) do EEPROMS run as fast as regular PROMS? f) an other pertinent data. Thank you very much! Anthony J. Gatlin |-------------------------------------| Cadet Private, Co. G-2 |PGP Public Key available on request. | United States Military Academy |-------------------------------------| From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com (Bill_Stewart(HOY002)1305) Date: Wed, 5 May 93 07:26:47 PDT To: att!toad.com!cypherpunks@homxb.ho.att.com Subject: Re: 'zines Message-ID: <9305051424.AA06793@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text/plain > >What is ZENGER magazine and where can I get info on it? If memory serves me correctly, ZENGER is Ben Masel's paper; it's mainly oriented towards hemp activists (and users), but also covers other civil-liberties issues. Peter Zenger was a publisher in New York during colonial times. He was arrested for publishing Bad Things about the King, which was illegal. His trial was helped reinforce important legal precedents for preserving our freedoms - the facts weren't particularly in dispute (he had published the pamphlets, and they did say things the King didn't like), but the jury found him innocent because they thought the law was bad, and juries under the common law have always had the right to judge the law as well as the facts, no matter what the judge says. For more information about this, write to The Fully Informed Jury Association (FIJA), Box 59, Helmville, Montana 59843; this may be an old address, since Larry Dodge has moved to Texas, but there may be mail forwarding. Bill Stewart From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: henry strickland Date: Wed, 5 May 93 10:40:16 PDT To: i6t4@jupiter.sun.csd.unb.ca (Nickey MacDonald) Subject: Re: [CPunk] ADMIN: Handling of "tags" In-Reply-To: Message-ID: <9305051747.AA05432@versant.com> MIME-Version: 1.0 Content-Type: text/plain # ... and have every cypherpunks message have a "CPUNK:" prepended # to the subject, ... I do this on two digests that I edit, and I have one realtime reflector that automatically inserts a tag into the Subject: line. The problem is when something gets nandoed into more than one mailing list, the tags take up the whole subject line. But it seems worth the bother. strick From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mike Godwin Date: Wed, 5 May 93 07:51:45 PDT To: wcs@anchor.ho.att.com (Bill_Stewart(HOY002)1305) Subject: Re: 'zines In-Reply-To: <9305051424.AA06793@anchor.ho.att.com> Message-ID: <199305051451.AA07360@eff.org> MIME-Version: 1.0 Content-Type: text/plain Bill Stewart writes: > Peter Zenger was a publisher in New York during colonial times. > He was arrested for publishing Bad Things about the King, which was illegal. > His trial was helped reinforce important legal precedents for > preserving our freedoms - the facts weren't particularly in dispute > (he had published the pamphlets, and they did say things the King didn't like), > but the jury found him innocent because they thought the law was bad, > and juries under the common law have always had the right to > judge the law as well as the facts, no matter what the judge says. John Peter Zenger, actually. And it was comments about the colonial governor, not about the king. The Zenger case is commonly taken to be a precedent both for press freedom and for jury nullification. --Mike From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Wed, 5 May 93 10:34:21 PDT To: cypherpunks@toad.com Subject: Big Brother, Rights to Privacy and Broadening Horizons? Message-ID: <08133B1w165w@sytex.com> MIME-Version: 1.0 Content-Type: text/plain Greets, all. After taking a few days off for the pomp and circumstance of my second wedding (no, I'm not a polygamist -- I was divorced first)(genuine thanks to all who sent your congratulations and best wishes), I finally waded through all of the e-mail that had piled up in my "in-box" -- some 800 kb worth, no less. Anyway, to the point -- This morning I was watching CBS's early, early morning news "Up to the Minute" over a cup of Joe before heading to the airport. An interesting spot came on that interested me very much, because of the correlation to several law enforcement agencies' "loose cannon" style of persecution which many of us have witnessed. This particular report spotlighted the DEA's heavy-handed and questionable practice of targeting legitimate gardening store consumers under suspicion of growing marijuana. It just so happens that the DEA had been watching several gardening supply stores which sold hydroponic gardening equipment in some particular area of California. (For those of you who are not familiar with Hydroponics, it is a gardening method which uses water instead of soil. The plants usually grow twice as fast when grown hydroponically and has become a popular method of indoor gardening with marijuana enthusiasts.) In fact, the DEA had gone as far as to place monitoring cameras in place to record the identity of every customer or prospective consumer that went in and out of these legitimate businesses, solely because of their suspicions that some of the customers may be (gasp) growing marijuana. Additionally, a particular instance was cited where a gentleman went into one of these gardening supply stores and bought a couple of lamps for his aquarium. (This young, family-man had some coral in his aquarium at home that he wanted to illuminate.) Later that evening, agents from the DEA burst into his home while he and his family were having dinner, saying that he was under suspicion of growing marijuana and that "reliable witnesses" had tipped them off. After thoroughly searching his home, they apologized and left. Now -- you may ask yourself, "What in the hell does this have to do with me? Or computers?" ("This is not my beautiful wife ....") Well, this may be the same scenario, with the same LEA, but with a different premise. Cryptography. If the Clipper/Capstone implementation has a hidden agenda (I believe it does), then tough restrictions on other "non-sanctioned" crypto methods may not be far behind. Personally, I don't have much of a problem imagining this, given the recent escapades of the SPA (Rusty & Edie's), the Secret Service (SJG) and all of our other beloved governmental law enforcement appartchiks. In fact, I find it down-right disturbing that in many instances, this is done without a warrant. George Orwell is probably rolling over in his grave... -----BEGIN ??? PUBLIC KEY BLOCK----- Version: 2.2 mQCNAiuk0/8AAAEEALqlLc+x9lmgiJCRSpu/aPhQdi0hMjwiGlN2B/GJQqgZPhTb pR+u5/blGogqT+WwcXZ2XfEdIV19FrJY4BXGGn4+4TjdVN3XuuCHuueoygBAmOQD IloU6SJuDqJa0kFA5X/i/1ELn86I5+8A4Hx88FiYJIVUBR6SApRLcZSdHMBNAAUR tB9QYXVsIEZlcmd1c29uIDxmZXJncEBzeXRleC5jb20+iQCVAgUQK9g8HY4wrq++ 1Ls5AQHwVAP/dCsOV1dXBrQMj0wavZymzDdECXlv8auDNcSpxAUFgLdwXm5OuE4Q nOPHryN0UMq5RN2rvC2QJdxIW7gPeXN1RK2so9aGXJtSiip3QS0bN2JCH1sPcYIX NmRQ3Z7J/zqppG7IYlcafUpj0V+GsL6lqLzB8JtBGQER9DAYapvQRR0= =FcQR -----END ??? PUBLIC KEY BLOCK----- Paul Ferguson | Uncle Sam wants to read Network Integrator | your e-mail... Centreville, Virginia USA | Just say "NO" to the Clipper fergp@sytex.com | Chip... -------------------------------+------------------------------ I love my country, but I fear it's government. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: vanam@topper.ksu.ksu.edu (Stephen Lee(Second son of Caine)) Date: Wed, 5 May 93 09:42:10 PDT To: cypherpunks@toad.com Subject: Unsubscribe Message-ID: <9305051642.AA02254@topper.ksu.ksu.edu> MIME-Version: 1.0 Content-Type: text/plain Please remove me from the list.... Stephen From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: prz@sage.cgd.ucar.EDU (Philip Zimmermann) Date: Wed, 5 May 93 10:53:05 PDT To: cypherpunks@toad.com (Cypherpunks) Subject: A proposal to use RSAREF in PGP (fwd) Message-ID: <9305051752.AA16242@sage.cgd.ucar.EDU> MIME-Version: 1.0 Content-Type: text/plain Forwarded message: From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: prz (Philip Zimmermann) Date: Wed, 5 May 93 11:42:11 MDT To: jim@rsa.com (Jim Bidzos) Subject: A proposal to use RSAREF in PGP Message-ID: <9305051742.AA15809@sage.cgd.ucar.EDU> MIME-Version: 1.0 Content-Type: text/plain To: Jim Bidzos RSA Data Security, Inc. 5 May 93 Dear Jim: I am writing to you to get your approval to install RSAREF into PGP in order to make PGP legal and hopefully end the conflicts regarding patent infringement. You said publicly a number of times that PGP may become legal in the US if it incorporated RSAREF. I assume from these remarks that you would prefer that to happen. So let's do it. PGP now has, in testbed form, RSAREF integrated into it. With your approval, the next release could be an RSAREF version. I say your approval, because it is necessary to use the two static entry points RSAPublicBlock and RSAPrivateBlock in rsa.c in RSAREF to allow backward compatibility with older versions of PGP. Unfortunately, the old versions of PGP have an error that makes the contents of a DEK and MD packet inside of an RSA multiprecision integer not comply with PKCS standards of padding. New versions of PGP will correct this problem, but backward compatibility is needed, so the RSAPublicBlock and RSAPrivateBlock entry points must be called to parse the old packets. The global entry points RSAPublicEncrypt and RSAPrivateEncrypt will also be used to generate the new PKCS-formatted packets. As I understand it, the standard RSAREF license requires your approval to use these entry points. I discussed these ideas with Ron Rivest and Burt Kaliski, and both seemed to not raise any objections. I hope you will agree. At some time in the future, when all the old certifying signatures are eventually replaced with new ones, these static entry points will not have to be called, allowing the the regular entry points in rsa.h to be called in their place. We will be encouraging people to get their certifying signatures renewed on their keys with the new version of PGP. PGP users outside the US will be using a version of PGP without RSAREF, but it will be compatible in every way with the RSAREF version. The PGP developers will also be contributing some speedups to RSAREF in future releases. This will help all of your installed base of RSAREF applications. I am also modifying the PGP User's Guide to remove the remarks in the legal issues section that I suspect you regard as inflammatory. I hope this will pave the way for us to close ranks and work together on fighting the Clipper chip initiative. If there are other measures you'd like me to take to improve relations between us, let me know. I hope our common political objectives will outweigh your personal feelings, so the community of PGP users may work better with you to face these pressing policy issues. The new release can be ready in a few days, if you approve. Regards, Philip Zimmermann From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Wed, 5 May 93 08:59:31 PDT To: cypherpunks@toad.com Subject: Re: 'zines In-Reply-To: <9305051424.AA06793@anchor.ho.att.com> Message-ID: <9305051559.AA05868@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain Bill_Stewart(HOY002)1305 says: > Peter Zenger was a publisher in New York during colonial times. > He was arrested for publishing Bad Things about the King, which was illegal. Bill is normally excruciatingly accurate, but in this case he is slightly off -- he was charged with slandering the Royal Governor in his newspaper. His defense was that his statements were true -- which was not a defense under the law in question. The jury decided it was sufficient, however. The rest of what Bill said was substantially accurate. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: whitaker@eternity.demon.co.uk (Russell E. Whitaker) Date: Wed, 5 May 93 09:35:39 PDT To: cypherpunks@toad.com Subject: MEETING (Reminder): UK Cryptoprivacy Association Message-ID: <5212@eternity.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- REMINDER: Meeting of the UK Cryptoprivacy Association - ----------------------------------------------------- When: Saturday, 8 May 1993, 1500 To be held at the offices of: FOREST 4th floor 2 Grosvenor Gardens London SW1W 0DH This is located at the corner of Hobart Place, a couple of blocks west of Victoria Station, and almost directly across from the dark green cabbie shelter. If you have trouble finding the place, please call the office on 071-823-6550. Or, call me (Russell Whitaker) on my pager, 081-812-2661, and leave an informative message with the telephone number where you can be reached; I will return the call almost immediately. Discussion will range from the usual general topics, such as the use of secure public key cryptosystems to protect message data, to specific topics, such as recent moves by the U.S. government to restrict choice in data privacy (reference recent discussion on Usenet groups, e.g. sci.crypt and alt.security.pgp). All are invited. Particularly welcome are members of the newly-formed UK CommUnity group ... the local EFF-in-spirit-if-not-in-name folks. Those who plan to attend should email me and let me know. Please. All attendees are requested to bring diskettes - preferably MS-DOS - with their PGP 2.+ public keys. As is usual at these gatherings, several of us will bring our laptops, and will sign public keys, subject to the usual caveats (reference the documentation for PGP 2.2, specifically files PGPDOC1.DOC and PGPDOC2.DOC). If you do not already have a copy of PGP 2.2 (MS-DOS), and would like to have a copy of this public domain program, please bring a formatted, medium or high density 3.5 inch floppy PC diskette; you will be provided a copy of the program. Of course, you might prefer to ftp a version of the program from one of the various archive sites. I suggest trying Demon Internet Systems, which carries the full range of PGP (Phil Zimmerman's "Pretty Good Privacy") implementations: directory /pub/pgp at gate.demon.co.uk. Meetings are of indeterminate time. Those who are interested are invited to join the rest of us at a pseudorandomly determined pub afterwards. Please note: - ------------ In the past few months, interested people have emailed me, requesting FAQs and special information mailings. I regret that, except in very unusual cases (e.g. working press), I cannot, in a timely manner, respond to these requests. I will, however - and for the first time - do a writeup of this meeting, which I will post in various places. What I *am* willing to supply is general information on our activities for the maintainers of existing FAQs, such as that for alt.privacy. FAQ maintainers can contact me at whitaker@eternity.demon.co.uk Russell Earl Whitaker whitaker@eternity.demon.co.uk Communications Editor AMiX: RWhitaker EXTROPY: The Journal of Transhumanist Thought Board member, Extropy Institute (ExI) ================ PGP 2.2 public key available ======================= -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK+egtoTj7/vxxWtPAQFSFgQAjTPwfm8I5gaP85Yqm1Dh6IRIb6au2sBI THGLGpPGgEao3MAESN0Cmh3nH6IHdSRthR/Uro8CQcpyD4IgGw912wO2CEYy1K/l v0+n4y+2+YFV/X2LDNntP27G3+zP9N6wMJQs2JHNjExfTHaUKFg9Zb90wTvuU4Ce RIbjnZNNriU= =uFhH -----END PGP SIGNATURE----- -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Chris Hibbert Date: Wed, 5 May 93 13:55:07 PDT To: Nickey MacDonald Subject: Re: ADMIN: Handling of "tags" In-Reply-To: Message-ID: <9305052036.AA13004@entropy.memex.com> MIME-Version: 1.0 Content-Type: text/plain >> I'd love to see [...] every cypherpunks message have a "CPUNK:" prepended >> to the subject [...] >> I notice that a lot of people reply to messages without editing the >> subject, and the subject gets "mangled" to "Re: ADMIN: ..." instead of >> "ADMIN: Re: ..." Would it be possible to have the redistribution >> software changed to [fix these?]. My mail reader (Xmh) allows me to sort incoming mail by any header field. I key off the "to: cypherpunks" to put this mail in a different box. The information you need is already in the header, and I would object to adding more noise to the beginning of the subject field to obscure the real subject. On the second point, I agree that the second is better, but my mail sorter is smart enough to sort "Re: foo" with "foo", so again, no change is necessary. Is there any chance you can get access to a more powerful mail reader, rather than asking everyone to clutter up the headers with redundant info? Chris From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Wed, 5 May 93 11:52:23 PDT To: cypherpunks@toad.com Subject: Hearing statement of Ray Kammer Message-ID: <3V933B1w165w@sytex.com> MIME-Version: 1.0 Content-Type: text/plain This file was obtained from the National Institute of Standards and Technology. - 8<------- Cut Here ------------ STATEMENT OF RAYMOND G. KAMMER ACTING DIRECTOR, NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY BEFORE THE SUBCOMMITTEE ON TELECOMMUNICATIONS AND FINANCE COMMITTEE ON ENERGY AND COMMERCE APRIL 29, 1993 Mr. Chairman and Members of the Subcommittee: Good morning. Thank you for inviting me to testify. I am Raymond G. Kammer, Acting Director of the National Institute of Standards and Technology of the U.S. Department of Commerce. Under the Computer Security Act of 1987, NIST is responsible for the development of standards for protecting unclassified government computer systems, except those commonly known as Warner Amendment systems (as defined in Title 10 USC 2315). NIST has a long-established program of developing computer security guidelines and standards for federal agencies. Many of these are also used, on a voluntary basis, by the private sector. We have published guidance on computer security training and awareness, identification and authentication, open systems security, incident response, cryptographic standards, trusted systems, and many other facets of computer security. Today, however, I plan to address the following topics which I believe are most directly germane to your invitation: * The need for good information security technology to protect computer and telecommunications systems and networks; * NIST's activities in telecommunications switch security; * the planned recertification of the Data Encryption Standard; * NIST's proposed Digital Signature Standard; * the recent White House announcement of a new encryption technology, called the Clipper Chip; and * the President's directive to review advanced telecommunications and encryption technology. Need for Computer Security Strong security technology is required in modern communications systems and networks to protect sensitive and valuable information. Government agencies and private corporations depend upon the integrity and availability of their communications system in order to do business. Computer viruses, network worms, hackers, and other threats against our systems emphasize the importance of telecommunications security. Additionally, I have grown convinced, through strong anecdotal evidence, most of it shared on a proprietary basis, of the growing threat to American business from "economic espionage." Much has been reported in the press of the activities of foreign intelligence services targeting American firms, and sharing their findings with competing foreign firms. I am convinced that American firms need strong security, and in particular, strong cryptography, to protect against such threats. More importantly, the Administration is committed to working with the private sector to spur the development of a National Information Infrastructure which will use new telecommunications and computer technologies to give Americans unprecedented access to information. This infrastructure of high-speed networks ("information superhighways") will transmit video, images, HDTV programming, and huge data files as easily as today's telephone system transmits voice. Appropriate security techniques may at times be integrated into such systems. Telecommunications Security Federal telephone and computer networks depend upon reliable and secure telecommunications capabilities, both of long-distance carriers and local private-branch exchanges (PBXs). To examine security issues of telecommunications networks, including issues of PBX security and telecommunications switch security, NIST is currently setting up a Telecommunications Security Analysis Center. This Center will expand on initial research we have conducted on the vulnerability of telecommunications switches. Telecommunications switches are an integral part of the security of the public switched network. Security problems in switches can result in serious problems such as toll fraud, unauthorized and illegal eavesdropping, or the disabling of switches, which would result in bringing down part of the public switched network. NIST has been monitoring the growth of switch-related abuse and has been analyzing switches to be able to address the types of crimes that could be perpetrated in the future. This work includes studying the growing ease of perpetrating these crimes. There are several areas of concern: * Toll fraud. Current research indicates that the problem is well over $1 billion per year. While not all toll-fraud is accomplished technically, telecommunications switches are vulnerable to hackers who can gain unauthorized access to the use of long-distance services. This is a particular vulnerability to the owners of PBXs, who can lose considerable sums if their systems are inadequately protected. Good system configuration control is one good security measure we are examining. * Network Availability. There have been no cases of intruders purposefully bringing down parts of the public switched network. The President's National Security Telecommunications Advisory Committee (NSTAC) concluded that "Until there is confidence that strong comprehensive computer security programs are in place, the industry should assume that a motivated and resourceful adversary in one concerted manipulation of the network software could degrade at least portions of the PSN." * Unauthorized Eavesdropping. If unauthorized access is gained to telecommunications switches, which is really just a computer that switches phone calls, a hacker can gain access to the contents of phone conversations and other information transmitted through a switch. This unauthorized eavesdropping can be either "real-time," as the conversations occur, or the intruders can arrange to have the conversations and data electronically transmitted to another telecommunications switch or computer for later analysis. The purpose of the Telecommunications Security Analysis Center will be to: * Develop tools and techniques to analyze very complex systems such as switches; * Provide informal security guidance and advice to federal agencies on procurement of telecommunications switches; * Perform security analyses of commercial switches in both laboratory and real world environments; and * Develop standards and guidance for use in securing switches and in building more secure switches, while providing for the legitimate needs of law enforcement, under proper court order, to protect the American public. As we pursue this research, we will be pleased to provide additional information on our findings to the Committee. The Data Encryption Standard The current government standard for the encryption of data is known as the Data Encryption Standard (DES), which was first approved as a Federal Information Processing Standard in 1977. DES is widely used within both the government and the private sector for the protection of sensitive information, including financial information, medical information, and Privacy Act data. DES represents a proven twenty year old technology with DES products available in the marketplace for the last 15 years. Last year, NIST formally solicited comments on the recertification of DES. After reviewing those comments, and the other technical inputs that I have received, I plan to recommend to the Secretary of Commerce that he recertify DES for another five years. I also plan to suggest to the Secretary that when we announce the recertification we state our intention to consider alternatives to it over the next five years. By putting that announcement on the table, we hope to give people an opportunity to comment on orderly technological transitions. In the meantime, we need to consider the large installed base of systems that rely upon this proven standard. NIST's Proposed Digital Signature Standard The majority of the cryptographic-based security requirements in computer and network systems involve the need for strong identification and authentication. One method which we believe holds a capacity for significant improvements in security and also cost- savings by automating paper processes is the use of digital signatures. A digital signature is a computer-based method of "sealing" an electronic message in such a way that its contents cannot be changed or forged without detection and that the identity of the originator of the communication can be verified. The digital signature for a message is simply a code, or large number, that is unique for each message and each message originator (within a very high, known probability). A digital signature is computed for a message by computing a representation of the message (called a "hash" code) and a cryptographic process that uses a key associated with the message originator. Any party with access to the public key, message, and signature can verify the signature. If the signature verifies correctly, the receiver (or any other party) has confidence that the message was signed by the owner of the public key and the message has not been altered after it was signed. In 1991, NIST proposed a draft Digital Signature Standard (DSS). We received about 130 public comments. We have been reviewing these comments and revising the standard as appropriate to respond to those comments. Additionally, we have examined and are currently dealing with two claims of patent infringement, which we believe will be successfully resolved in the not-too-distant future. Once this occurs, the Secretary of Commerce needs to decide to approve the DSS as a Federal Information Processing Standard. It will then complement the Secure Hash Standard which was recently approved by the Secretary of Commerce as Federal Information Processing Standard 180. We anticipate that the DSS will find many uses within government computer systems and networks. For example, DSS could be employed in electronic funds transfer systems. Suppose an electronic funds transfer message is generated to request that $100.00 be transferred from one account to another. If the message was passed over an unprotected network, it may be possible for an adversary to alter the message and request a transfer of $1000.00. Without additional information, it would be difficult, if not impossible, for the receiver to know the message had been altered. However if the DSS was used to sign the message before it was sent, the receiver would know the message had been altered because it would not verify correctly. The transfer request could then be denied. DSS could be employed in a variety of business applications requiring a replacement of handwritten signatures. One example is Electronic Data Interchange (EDI). EDI is the computer-to-computer interchange of messages representing business documents. In the federal government, this technology is being used to procure goods and services. Digital signatures could be used to replace handwritten signatures in these EDI transactions. For instance, contracts between the government and its vendors could be negotiated electronically. A government procurement official could post an electronically signed message requesting bids for office supplies. Vendors wishing to respond to the request may first verify the message before they respond. This assures that the contents of the message have not been altered and that the request was signed by a legitimate procurement official. After verifying the bid request, the vendor could generate and sign an electronic bid. Upon receiving the bid, the procurement official could verify that the vendor's bid was not altered after it was signed. If the bid is accepted, the electronic message could be passed to a contracting office to negotiate the final terms of the contract. The final contract could be digitally signed by both the contracting office and the vendor. If a dispute arose at some later time, the contents of contract and the associated signatures could be verified by a third party. DSS is also likely to find widespread applications in the health care field. It might be used to sign digital images, for example, to assure that they remain safe against unauthorized modifications. DSS could also be useful in the distribution of software. A digital signature could be applied to software after it has been validated and approved for distribution. Before installing the software on a computer, the signature could be verified to be sure no unauthorized changes (such as the addition of a virus) have been made. The digital signature could be verified periodically to ensure the integrity of the software. In database applications, the integrity of information stored in the database is often essential. DSS could be employed in a variety of database applications to provide integrity. For example, information could be signed when it was entered into the database. To maintain integrity, the system could also require that all updates or modifications to the information be signed. Before signed information was viewed by a user, the signature could be verified. If the signature verified correctly, the user would know the information was not altered by an unauthorized party. The system could also include signatures in the audit information to provide a record of users who modified the information. The DSS can also be used in conjunction with more secure identification and authentication systems, for the protection of access to both computer and telecommunication systems. A New Encryption Technology: The Clipper Chip Approximately two weeks ago, the White House announced our intention, based on a new encryption technology, the Clipper Chip, to initiate a voluntary program to improve the security and privacy of telephone communications while meeting the legitimate needs of law enforcement. This initiative will involve the creation of new products to accelerate the development and use of advanced and secure telecommunications networks and wireless communications links - the security of the very systems you are examining here today. Sophisticated encryption technology, including the DES, has been used for years to protect electronic funds transfer. It is now being used to protect electronic mail and computer files. While encryption technology can help Americans protect business secrets and the unauthorized release of personal information, it also can be used by terrorists, drug dealers, and other criminals. A state-of-the-art microcircuit, the "Clipper Chip," has been developed by government engineers. The chip represents a new approach to encryption technology. It can be used in new, relatively inexpensive encryption devices that can be attached to an ordinary telephone. It scrambles telephone communications using an encryption algorithm that is more powerful than many in commercial use today. The Clipper algorithm with an 80 bit long cryptographic key is approximately 16 million times stronger than DES. It would take a CRAY YMP over 200 years to solve one DES key. It would take the same machine over a billion years to solve one Clipper Chip key. This new technology offers opportunities for companies to protect proprietary information, protect the privacy of personal phone conversations and prevent unauthorized release of data transmitted electronically. At the same time this technology preserves the ability of federal, state and local law enforcement agencies to intercept lawfully the phone conversations of criminals. Protection of confidentiality of information is of critical concern to the nation. So too is the ability of law enforcement to provide safe streets and neighborhoods. Americans demand the very best in law enforcement - at the federal, state and local level. Citizens insist upon a quick response to terrorist threats, organized crime, and drug dealers, while preserving our Constitutional rights. Past experience clearly shows that one critical technology successfully used to prosecute organized crime is the use of court-authorized wiretaps. Unquestionably, these lawful electronic intercepts have saved lives and been critical to bringing criminals to justice. The "Clipper Chip" is also a powerful tool which will be used by law enforcement to protect its own sensitive communications from illicit criminal monitoring. A "key-escrow" system is envisioned that would ensure that the "Clipper Chip" is used to protect the privacy of law-abiding Americans. Each device containing the chip will have two unique "keys," numbers that will be needed by authorized government agencies to decode messages encoded by the device. When the device is manufactured, the two keys would be deposited separately in two "key- escrow" data bases established by the Attorney General. Access to these keys would be limited to government officials with legal authorization to conduct a wiretap. The President has asked the Attorney General to make arrangements with appropriate entities who would hold the keys for the key-escrow microcircuits installed in communications equipment. I understand that the Attorney General is currently studying these procedures and options for who will serve as the key escrow holders. Since the announcement from the White House, I have stressed that the "Clipper Chip" technology provides law enforcement with no new authorities to access the content of the private conversations of Americans. Also, some have claimed that there is a hidden trapdoor in the chip or the algorithm. I cannot state it more simply: no trapdoor exists. The chip is an important step in addressing the problem of encryption's dual-edge sword: encryption helps to protect the privacy of individuals and industry, but it also can shield criminals and terrorists. We need the "Clipper Chip" and other approaches that can both provide law-abiding citizens with access to the encryption they need and prevent criminals from using it to hide their illegal activities. Presidential Directive for Advanced Telecommunications and Encryption Review In order to assess technology trends and explore new approaches and technologies (like the key-escrow system), the President has directed government agencies to develop a comprehensive policy on encryption and advanced telecommunications technology that accommodates: * the privacy of our citizens, including the need to employ voice or data encryption for business purposes; * the ability of authorized officials to access telephone calls and data, under proper court or other legal order, when necessary to protect our citizens; * the effective and timely use of the most modern technology to build the National Information Infrastructure needed to promote economic growth and the competitiveness of American industry in the global marketplace; and * the need of U.S. companies to manufacture and export high technology products. The President has directed early and frequent consultations with affected industries, the Congress and groups that advocate the privacy rights of individuals as policy options are developed. I anticipate being a member of the governmental review panel which will study this issue. I will again stress what we have stated previously. Encryption technology will play an increasingly important role in future network infrastructures and the Federal Government must act quickly to develop consistent, comprehensive policies regarding its use. The Administration is committed to policies that protect all Americans' right to privacy while also protecting them from those who break the law. Thank you Mr. Chairman, I would be pleased to answer any questions. Paul Ferguson | Uncle Sam wants to read Network Integrator | your e-mail... Centreville, Virginia USA | Just say "NO" to the Clipper fergp@sytex.com | Chip... -------------------------------+------------------------------ I love my country, but I fear it's government. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Wed, 5 May 93 13:44:28 PDT To: cypherpunks@toad.com Subject: Additional amendments to the ECPA? Message-ID: MIME-Version: 1.0 Content-Type: text/plain Doing some research on existing laws and ran across this snippet concerning the ECPA and amendments made in 1986-87. Can someone with more legalese comment on whether this has again been amended or changed? How does this relate to LEA's selectively wiretapping private e-mail and other electronic communications? Or does it? 8<----- Begain forwarded text ------------ On October 21, 1986, President Reagan signed the new Electronic Communications Privacy Act of 1986 amending the federal wiretap law. ECPA went into effect during the beginning of 1987. (P.L. 99-508, Title I, sec. 111, 100 Stat. 1859; P.L. 99-508, Title II, sec. 202, 100 Stat. 1868.) ECPA created parallel privacy protection against both interception of electronic communications while in transmission and unauthorized access to electronic communications stored on a system. The new ECPA first provides privacy protection for any 'electronic communication' ... [by] any transfer of signs, signals, writing, images, sounds, data or intelligence of any nature transmitted in whole or in part by a wire, radio, electromagnetic, photoelectronic or photooptical system that affects interstate or foreign commerce...." (18 U.S.C. secs. 2510(12), 2511.) The Senate Report noted examples of electronic communications to include non-voice communications such as "electronic mail, digitized transmissions, and video teleconferences." (S. Rep. No. 541, 99th Cong., 2d Sess. 14 reprinted_in 1986 U.S. Code Cong. & Ad. News 3568.) Electronic communication is defined in terms of how it is transmitted. So long as the means by which a communication is transmitted affects interstate or foreign commerce, the communication is covered ECPA. (18 U.S.C. sec. 2510(12).) Generally, that would include all telephonic means including private networks and intra-company communications. (S. Rep. No. 541, 99th Cong., 2d Sess. 12 reprinted_in 1986 U.S. Code Cong. & Ad. News 3566.) Second, ECPA protects the electronic communication when it has been stored after transmission, such as e-mail left on an electronic computer communication system for later pickup by its intended recipient. (18 U.S.C. sec. 2510(17).) The legislation makes it a federal criminal offense to break into any electronic system holding private communications or to exceed authorized access to alter or obtain the stored communications. (18 U.S.C. sec. 2701(a).) The legislation would protect electronic computer communication systems from law enforcement invasion of user e-mail without a court order. (18 U.S.C. secs. 2517, 2518, 2703.) Although the burden of preventing disclosure of the e-mail is placed on the subscriber or user of the system, the government must give him fourteen days notice to allow him to file a motion to quash a subpoena or to vacate a court order seeking disclosure of his computer material. (18 U.S.C. sec. 2704(b).) However, the government may give delayed notice where there are exigent circumstances as listed by the Act (18 U.S.C. sec. 2705.) Recognizing the easy user destruction of computer data, ECPA allows the government to include in its subpoena or court order the requirement that the provider or operator retain a backup copy of electronic communications when there is risk of user destruction. (18 U.S.C. sec. 2704(a).) The legislation gives a civil cause of action to the provider or operator, subscriber, customer or user of the system aggrieved by an invasion of an electronic communication in the system in violation of the ECPA. (18 U.S.C. secs. 2520, 2707.) If the provider or operator has to disclose information stored on his system due to a court order, warrant, subpoena, or certification under ECPA, no cause of action can be brought against him by the person aggrieved by such disclosure. (18 U.S.C. sec. 2703(e); see_also 18 U.S.C. secs. 2701(c), 2702(b), 2511(2)(a)(i), 2511(3)(b)(iii) where the systems operator or provider is not held criminally liable, may observe a private communication while performing employment duties or according to authorization, etc., may intercept private communication while making quality control checks or during the course of forwarding communications to another system.) 8<----- End of forwarded text --------- Paul Ferguson | Uncle Sam wants to read Network Integrator | your e-mail... Centreville, Virginia USA | Just say "NO" to the Clipper fergp@sytex.com | Chip... -------------------------------+------------------------------ I love my country, but I fear it's government. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Wed, 5 May 93 16:13:01 PDT To: cypherpunks@toad.com Subject: DH: Draft RSAREF/Diffie-Hellman specification Message-ID: <9305052309.AA00684@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Jim Bidzos sent the following to me, and I've received his blessing to forward it to cyphperpunks. Note that it is a draft specification, not the actual one. For those who have no idea what Diffie-Hellman key exchange is, this document may give you some idea. Eric ----------------------------------------------------------------------------- Date: Wed, 5 May 93 15:21:20 PDT From: jim@RSA.COM (Jim Bidzos) FYI. Subject to change, but probably minor ones. This will be added to RSAREF and will be subject to RSAREF license terms when released. --Jim Date: Fri, 30 Apr 93 16:05:14 PDT From: burt@RSA.COM (Burt Kaliski) To: jim@RSA.COM Subject: Draft RSAREF/Diffie-Hellman specification RSAREF/Diffie-Hellman Interface Specification RSA Laboratories April 30, 1993 Copyright (C) 1993 RSA Laboratories, a division of RSA Data Security, Inc. All rights reserved. DRAFT -- SUBJECT TO CHANGE The Diffie-Hellman extension to RSAREF adds three routines: R_GenerateDHParams generates Diffie-Hellman parameters R_SetupDHAgreement sets up a key agreement R_ComputeDHAgreedKey computes the agreed-upon key To generate new Diffie-Hellman parameters, an application calls R_GenerateDHParams, giving the length of the Diffie-Hellman prime and a random structure. R_GenerateDHParams generates the parameters and returns the status of the operation. Several users may share given Diffie-Hellman parameters, or they may be unique to a given user. To set up a key agreement, communicating applications call R_SetupDHAgreement, giving these parameters: - the Diffie-Hellman parameters - a random structure R_SetupDHAgreement generates a new "public value" and a new "private value" for each party and returns the status of the operation. The applications then exchange their public values. To compute the agreed-upon key, the applications call R_ComputeDHAgreedKey, giving these parameters: - the Diffie-Hellman parameters - the other party's public value - the private value R_ComputeDHAgreedKey computes the agreed-upon key and returns the status of the operation. The applications may encrypt subsequent data under the agreed-upon key. When the length of the Diffie-Hellman prime is large enough, it is considered impractical for someone who sees the Diffie-Hellman parameters and the exchanged public values to determine to agreed-upon key, so the subsequent encryption is secure. R_GenerateDHParams int R_GenerateDHParams ( R_DH_PARAMS *params, /* new Diffie-Hellman parameters */ R_DH_PROTO_PARAMS *protoParams, /* D-H prototype parameters */ R_RANDOM_STRUCT *randomStruct /* random structure */ ); R_GenerateDHParams generates random Diffie-Hellman parameters, storing the result in params. protoParams specifies the lengths in bits of the Diffie-Hellman prime. randomStruct must have been seeded. Return value: 0 success RE_MODULUS_LEN prime length invalid RE_NEED_RANDOM randomStruct is not seeded R_SetupDHAgreement int R_SetupDHAgreement ( unsigned char *publicValue, /* new public value */ unsigned int *publicValueLen, /* length of public value */ unsigned char *privateValue, /* new private value */ unsigned int *privateValueLen, /* length of private value */ R_DH_PARAMS *params, /* Diffie-Hellman parameters */ R_RANDOM_STRUCT *randomStruct /* random structure */ ); R_SetupDHAgreement sets up a Diffie-Hellman key agreement by generating a public value and a private value from the Diffie-Hellman parameters. It stores the resulting public value in publicValue and the resulting private value in private value, and their lengths in publicValueLen and privateValueLen. The private value is a random number x, and the public value is the number y such that y = g^x mod p, where p and g are the prime and generator in params. publicValue and privateValue will be represented most significant byte first, with no leading zero bytes. publicValueLen and privateValueLen will not be greater than MAX_DH_PRIME_LEN. randomStruct must have been seeded. Return value: 0 success RE_NEED_RANDOM randomStruct is not seeded (others to be determined) R_ComputeDHAgreedKey int R_ComputeDHAgreedKey ( unsigned char *agreedKey, /* new agreed key */ unsigned int *agreedKeyLen, /* length of agreed key */ unsigned char *otherPublicValue, /* other's public value */ unsigned int otherPublicValueLen, /* length of public value */ unsigned char *privateValue, /* private value */ unsigned int privateValueLen, /* length of private value */ R_DH_PARAMS *params /* Diffie-Hellman parameters */ ); R_ComputeDHAgreedKey computes an agreed key from the other party's public value, a private value, and the Diffie-Hellman parameters. It stores the resulting agreed key in agreedKey, and its length in agreedKeyLen. The agreed key is the number z such that z = (y')^x mod p, where y' is the other party's public value, x is the private value, and p is the prime in params. agreedKey will be represented most significant byte first, with no leading zero bytes. agreedKeyLen will not be greater than MAX_DH_PRIME_LEN. Return value: 0 success (others to be determined) R_DH_PARAMS typedef struct { unsigned int bits; /* length in bits of prime */ unsigned char prime[MAX_DH_PRIME_LEN]; /* prime */ unsigned char generator[MAX_DH_PRIME_LEN]; /* generator */ } R_DH_PARAMS; An R_DH_PARAMS value is a structure specifying Diffie-Hellman parameters. There are three fields: bits length in bits of the prime (not less than MIN_DH_PRIME_BITS and not greater than MAX_DH_PRIME_BITS) modulus prime p, represented as a MAX_DH_PRIME_LEN- byte number, most significant byte first, as many leading zero bytes as necessary generator generator g, represented like prime R_DH_PROTO_PARAMS typedef struct { unsigned int bits; /* length in bits of prime */ } R_DH_PROTO_PARAMS; An R_DH_PROTO_PARAMS value is a structure specifying the length in bits of the Diffie-Hellman prime for parameter generation. There is one field: bits length in bits of the prime (not less than MIN_DH_PRIME_BITS and not greater than MAX_DH_PRIME_BITS) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Wed, 5 May 93 13:44:21 PDT To: cypherpunks@toad.com Subject: Notes from the field Message-ID: MIME-Version: 1.0 Content-Type: text/plain Mike, I recently became aware of an article that you wrote entitled, "Notes on Cryptography, Diigital Telephony, and the Bill of Rights", which was included in a recent CuD (5.32, Sun May 2, 1993). It appeared to be a message you had originally posted to the austin.eff newsgroup. I'm not so sure that it ever made it over to cypherpunks, so I'm quoting part of that message here for clarity. You wrote - "B. The Fourth Amendment reads: "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized." C. Conspicuously missing from the language of this amendment is any guarantee that the government, with properly obtained warrant in hand, will be _successful_ in finding the right place to be searched or persons or things to be seized. What the Fourth Amendment is about is _obtaining warrants_--similarly, what the wiretap statutes are about is _obtaining authorization_ for wiretaps and other interceptions. Neither the Fourth Amendment nor Title III nor the other protections of the ECPA constitute an law-enforcement _entitlement_ for law enforcement. D. It follows, then, that if digital telephony or widespread encryption were to create new burdens for law enforcement, this would not, as some law-enforcement representatives have argued, constitute an "effective repeal" of Title III. What it would constitute is a change in the environment in which law enforcement, along with the rest of us, has to work. Technology often creates changes in our social environment --some, such as the original innovation of the wiretap, may aid law enforcement, while others, such as powerful public-key cryptography, pose the risk of inhibiting law enforcement. Historically, law enforcement has responded to technological change by adapting. (Indeed, the original wiretaps were an adaptation to the widespread use of the telephone.) Does it make sense for law enforcement suddenly to be able to require that the rest of society adapt to its perceived needs?" (End Quote) Maybe it's just that time of the day or perhaps I just need for you to clarify this a bit more -- How does the ECPA offer protection, as it is cuurrently written, against warranted search and seizure with regards to technologically advanced systems (such as would crypto be considered)? Again, you fyrther wrote - "I. As my notes here suggest, these initiatives may be, in their essence, inconsistent with Constitutional guarantees of expression, association, and privacy." (End Quote) You are saying, in effect, that it is your opinion that these initiatives may be unconstitutional? If so, what course of action can be suggested, short of a class action lawsuit against an LEA after-the-fact? By the way, the article was excellent and since I have not seen it posted here in cypherpunks, I'd like your permission to repost it. Cheers. Paul Ferguson | Uncle Sam wants to read Network Integrator | your e-mail... Centreville, Virginia USA | Just say "NO" to the Clipper fergp@sytex.com | Chip... -------------------------------+------------------------------ I love my country, but I fear it's government. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Mr. Noise" Date: Wed, 5 May 93 13:41:24 PDT To: cypherpunks@toad.com Subject: Re: RSA patent! Message-ID: <9305052027.AA06997@titan.ucs.umass.edu> MIME-Version: 1.0 Content-Type: text > 6) (Misuse) The underlying purpose of the patent system was to > encourage the creative genius for the benefit of the public. Has the > public benefited in this case? There are two things wrong with this objection that I can see: (1) What is relevant is whether the public derives a NET (no pun intended!) benefit from the patent system, not whether it has benefittted in this particular case. We can't decide, ex post, whether to extend patent protection to something that is patentable under the law, else the law will cease to provide the incentives that encourage innovation. (2) We may have, in fact, benefitted. The question is whether anyone would have come up with the algorithim & given it away if it weren't for the possibility of making some money off of it. Maybe they would have; it *is* certain that in a few years (how many, exactly? anyone know?) the patent will expire, & we will enjoy the full use of the algorithm free of patent restrictions, right? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tom.jackson@oubbs.telecom.uoknor.edu Date: Wed, 5 May 93 16:13:22 PDT To: cypherpunks@toad.com Subject: HOW TO FAKEMAIL Message-ID: <9305051748.A6016wk@oubbs.telecom.uoknor.edu> MIME-Version: 1.0 Content-Type: text/plain I'm new to this list and am sorry if this is a frequently asked question. Can someone tell me how "fakemail" works and how to do it. I need to send mail to the "ftp by mail" server at decwrl.dec.com and want the host to think that it is from another address. Basicly, I want to send it my ftp request from one e-mail address and have it mail what I'm requesting to a different one. The only way that I know of to do this is with fakemail. Any suggestions? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mike Godwin Date: Wed, 5 May 93 17:06:33 PDT To: fergp@sytex.com (Paul Ferguson) Subject: Re: Notes from the field In-Reply-To: Message-ID: <199305060004.AA18125@eff.org> MIME-Version: 1.0 Content-Type: text/plain Paul Ferguson writes: > I recently became aware of an article that you wrote entitled, > "Notes on Cryptography, Diigital Telephony, and the Bill of > Rights", which was included in a recent CuD (5.32, Sun May 2, > 1993). It appeared to be a message you had originally posted to > the austin.eff newsgroup. I don't recall posting it to that newsgroup, but it doesn't surprise me that it appeared there. I have strong connections with Austin and with EFF-Austin. > Maybe it's just that time of the day or perhaps I just need for you > to clarify this a bit more -- How does the ECPA offer protection, as > it is cuurrently written, against warranted search and seizure with > regards to technologically advanced systems (such as would crypto be > considered)? ECPA doesn't mention encryption. It does, however, penalize unauthorized disclosure of communications. Whether "disclosure" occurs when a communication is seized, or when it's decrypted, is an open question. > "I. As my notes here suggest, these initiatives may be, in their > essence, inconsistent with Constitutional guarantees of expression, > association, and privacy." > > (End Quote) > > You are saying, in effect, that it is your opinion that these > initiatives may be unconstitutional? Yes. > If so, what course of action > can be suggested, short of a class action lawsuit against an LEA > after-the-fact? Lawsuits are almost inherently reactive. The best thing is to lobby Congress for guarantees of the right to encrypt. State legislatures may also be a useful target. > By the way, the article was excellent and since I have not seen it > posted here in cypherpunks, I'd like your permission to repost it. You have permission to repost it anywhere. I believe it appeared already in cypherpunks, though. Maybe some people want to see it again. --Mike From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 6 May 93 07:53:09 PDT To: cypherpunks-announce@toad.com Subject: Cypherpunks meeting Saturday, May 8 Message-ID: <9305061445.AA12095@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain ANNOUNCEMENT ------------ Cypherpunks Physical Meeting Saturday, May 8, 1993 (the second Saturday, as always) 12:00 noon - 6:00 p.m. Cygnus Support offices, Mt. View, CA Even after our successful _ad hoc_ meeting two weeks ago, we're still going to have our regular meeting. There's more wiretap chip to discuss; there's more encrypted phones to be discussed. I apologize for the lateness of this announcement; I've been busy putting a machine on the Internet. Eric AGENDA ------ 1. Norm Hardy has some time reserved to talk about money. 2. There will be some demonstrations of speech compression implementations that a couple of people have worked on. 3. There will be some stuff on remailers, as always. DIRECTIONS ---------- [Directions to Cygnus provided by John Gilmore. -- EH] Cygnus Support 1937 Landings Drive Mt. View, CA 94043 +1 415 903 1400 switchboard +1 415 903 1418 John Gilmore Take US 101 toward Mt. View. From San Francisco, it's about a 40-minute drive. Get off at the Rengstorff Ave/Amphitheatre Parkway exit. If you were heading south on 101, you curve around to the right, cross over the freeway, and get to a stoplight. If you were heading north on 101, you just come right off the exit to the stoplight. The light is the intersection of Amphitheatre and Charleston Rd. Take a right on Charleston; there's a right-turn-only lane. Follow Charleston for a short distance. You'll pass the Metaphor/Kaleida buildings on the right. At a clump of palm trees and a "Landmark Deli" sign, take a right into Landings Drive. At the end of the road, turn left into the complex with the big concrete "Landmark" sign. Follow the road past the deli til you are in front of the clock tower that rises out of one of the buildings, facing you. Enter through the doors immediately under the clock tower. They'll be open between noon and 1PM at least. (See below if you're late.) Once inside, take the stairs up, immediately to your right. At the top of the stairs, turn right past the treetops, and we'll be in 1937 on your left. The door is marked "Cygnus". If you are late and the door under the clock tower is locked, you can walk to the deli (which will be around the building on your left, as you face the door). Go through the gate in the fence to the right of the deli, and into the back lawns between the complex and the farm behind it. Walk forward and right around the buildings until you see a satellite dish in the lawn. Go up the stairs next to the dish, which are the back stairs into the Cygnus office space. We'll prop the door (or you can bang on it if we forget). Or, you can find the guard who's wandering around the complex, who knows there's a meeting happening and will let you in. They can be beeped at 965 5250, though you'll have trouble finding a phone. Don't forget to eat first, or bring food at noon! I recommend hitting the burrito place on Rengstorff (La Costen~a) at about 11:45. To get there, when you get off 101, take Rengstorff (toward the hills) rather than Amphitheatre (toward the bay). Follow it about ten blocks until the major intersection at Middlefield Road. La Costen~a is the store on your left at the corner. You can turn left into the narrow lane behind the store, which leads to a parking lot, and enter by the front door, which faces the intersection. To get to the meeting from there, just retrace your route on Rengstorff, go straight over the freeway, and turn right at the stoplight onto Charleston; see above. See you there! John Gilmore From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: William Lee Nussbaum Date: Thu, 6 May 93 09:44:13 PDT To: cypherpunks@toad.com Subject: Markoff/NYTimes : "Big Brother & the Computer Age" Message-ID: <199305061643.AA15480@ground.cs.columbia.edu> MIME-Version: 1.0 Content-Type: text/plain Since I haven't seen any mention of this yet: On the D1 (business section) page, in the top center, in today's [May 6] New York Times, is a diagram and 38" story on issues re: Clipper. Given that it's a finals week, I don't have time to enter much from the article, but will note the following: The first two paragraphs: Can the nation trust its secrets to its spies? That question underpins a fierce debate over a recently disclosed plan by the Clinton Administration to secure the privacy of the nation's phone calls and computer data with a standard set of computer codes. The first quotation (and the only one appearing on D1) in the article is from Eric Hughes: "This plan creates the ears of Big Brother, just as Orwell warned," said Eric Hughes, an independent software designer in Berkeley, Calif. ... - Lee From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Derek Upham Date: Thu, 6 May 93 13:57:15 PDT To: cypherpunks@toad.com Subject: HIDE: Alpha version of JFIF steganography available Message-ID: <199305062057.AA00672@grolsch.cs.ubc.ca> MIME-Version: 1.0 Content-Type: text/plain I've got a working version of a JPEG steganograpy program. It uses modified cjpeg/djpeg sources to stick arbitrary files in JPEG images and then extract them. It needs testing. The files are in ftp.cs.ubc.ca:pub/pickup/jsteg. There is a copy of the JPEG-v4 sources (or use your own), a context-diff of the source changes (use "patch -p0" in the directory above the sources), and a test ".jpg" file. Assuming everything works correctly, running djpeg -crypt filetoread.txt miyazaki.jpg > /dev/null will extract the steganized text into the file "testout.txt" and dump the PPM file. (The extracted text should be an exact copy of the "USING" file in the JPEG-v4 distribution.) To steganize a file, use cjpeg -crypt filetohide.txt image.ppm > image.jpg or replace "image.ppm" with "-G image.gif", etc. If "cjpeg" reports that it's unable to inject the file, compress the file or use a higher "-Q" parameter. In general, the stegfile needs a final JPEG file that's at least eight times larger. Derek "Naaaaaaaaaaah, Quess isn't stupid. A vicious, vindictive, underhanded, slimy, double-crossing, self-deluding, daddy-hunting, family-killing, conscienceless, callous, sexually repressed, Electra Complex victimized, self-interested, snot- ty, obnoxious little preadolescent whining B*T*H, yes. But she's not stupid." From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Thu, 6 May 93 12:45:37 PDT To: cypherpunks@toad.com Subject: Eerie silence.... Message-ID: <2N853B1w165w@sytex.com> MIME-Version: 1.0 Content-Type: text/plain Gee, what happened guys? I've had nary a stick of mail all today. Don't tell me the mail server crashed? Cheers. Paul Ferguson | Uncle Sam wants to read Network Integrator | your e-mail... Centreville, Virginia USA | Just say "NO" to the Clipper fergp@sytex.com | Chip... -------------------------------+------------------------------ I love my country, but I fear it's government. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Thu, 6 May 93 12:45:39 PDT To: mnemonic@eff.org Subject: New York Times article on "Big Brother and the Computer Age" Message-ID: MIME-Version: 1.0 Content-Type: text/plain New York Times Thursday, May 6, 1993 Page D1, Business Day Big Brother and the Computer Age By John Markoff Can the nation trust its secrets to its spies? That question underpins a fierce debate over a recently disclosed plan by the Clinton Administration to secure the privacy of the nation's phone calls and computer data with a standard set of computer codes. The system was designed by scientists from the United States' most secretive intelligence organization, the National Security Agency. And newly disclosed memorandums, obtained under a legally enforceable request under the Freedom of Information Act, show that the agency waged a long and ultimately successful campaign within the Government to insure that the technical details of such a system would remain secret. The inner workings of the system would be in tamper-proof computer chips that could not be opened without being destroyed. That means that citizens and businesses could use the encoding technique to protect the privacy of their wireless phone calls or the transmissions of corporate computer files, but that independent computer experts would have no way to assure that the system was secure enough to keep savvy computer hackers from unscrambling messages. Nor, some computer experts say, can anyone be certain that the National Security Agency has not built in a "trap door" that could allow unauthorized Government eavesdropping. "This plan creates the ears of Big Brother, just as Orwell warned," said Eric Hughes, an independent software designer in Berkeley, Calif. Over the years, the N.S.A. has been the Government's communications policeman, with the job of protecting the sensitive telephone and computer networks used by the military, the State Department and other Federal agencies. It also operates a world-wide electronic-surveillance system, monitoring foreign communications in the name of national security. But the recently announced encoding plan would give the agency an unprecedented role in domestic civilian corporate communications. "The N.S.A. is split between the need to provide security and the fear that if information about cryptography gets out, it won't be able to perform its other job, which is intercepting and resolving codes." said David Kahn, author of "The Codebreakers," a history of the science of encryption. "It's an unresolvable problem." The Clinton Administration inherited the new project from the Bush Administration, and has embraced it. The goal is a national voice- and data-security standard intended to provide privacy for Government, civilian and corporate users of telephone and computer communications, while also assuring that law enforcement agencies can continue to eavesdrop on or wiretap voice and data conversations after obtaining warrants. For authorized wiretapping, the law enforcement agency must obtain special code keys held in escrow by two independent organizations. What computer experts fear is a secret trap door that would not require use of these legally obtained keys. Custodian of Security The agency has a long history of resisting industry efforts to develop such technology on the ground that any codes not breakable by the N.S.A. might compromise national security. But people like John Gage, director of the science office at Sun Microsystems in Mountain View, Calif., the maker of high-powered computer work stations, are uncomfortable with that line of reasoning. "These decisions can't be left solely to the gods of encryption, the N.S.A.," Mr. Gage said. "We need privacy for the world of business." He testified last week at a hearing by the House Commerce subcommittee on telecommunications and finance, which is studying computer encryption and the National Security Agency's role in it. Concerns about the agency's influence on civilian communications have been raised before. Last year, for instance, a number of cellular-telephone executives said that an industry standards committee had been pressed by N.S.A. officials to weaken the security of a coding scheme that cellular phone makers are planning to build into the next generation of phones. Although the agency denied the assertion, computer researchers who analyzed the industry committee's cellular coding scheme say that it would be simple to subvert by anyone with computer- programming skills. Written Response With the new plan, N.S.A. officials insist that they have no motive to undermine the security of the coding plan, which was originally developed to protect Government information. The agency routinely refuses requests for on-the-record interviews, but the agency's director of policy, Michael A. Smith, responded in writing to a reporter's questions. "N.S.A. states unequivocally there is no trap door built into the algorithm." he wrote, referring to the mathematical instructions on which the encoding system is based. "A trap door would be a vulnerability in the system, and would defeat the purpose of assuring the system provides U.S. citizens with excellent security." In resisting the N.S.A.'s effort to impose a secret standard, communications and computer-industry executives point out that various unofficial coding systems are already in use in this country and abroad, whether for legitimate purposes or to conceal criminal conspiracies. Among those criticizing the agency's effort to keep a lid on encryption is Representative Edward J. Markey, Democrat of Massachusetts, chairman of the House telecommunications subcommittee. What Power Do opponents Have? "There are many ways the N.S.A. is trying to put the cryptography genie back in the bottle, but it's already available for everyone openly," said Mr. Markey, who plans to conduct further hearings on the agency's role in the new system. The Clinton Administration plans to hold its own private review in coming months to study the nation's cryptography policies and consider public comment. It is not yet clear whether mounting controversy over the National Security Agency's role could derail the plan. The new technology is the result of the Computer Security Act of 1987. It called for creation of a national standard for computer encryption and assigned the task to the main Federal standards-setting body, now known as the National Institute for Standards and Technology. A 1989 memo by a technical working group from the institute detailed the goal for an encryption standard that would be open to public use and scrutiny. "The algorithms that we use must be public, unclassified implementable in both hardware or software, usable by Federal agencies and U.S.-based multinational corporations," the memo reads in part. The institute turned to the N.S.A. for technical assistance. "The act says we can draw on N.S.A.," said Raymond Kammer, who was at the institute at the time and is now deputy director. "They're the pre-eminent scientists in cryptography in the world. We asked the agency to design a technology to fit the needs of the civilian community." Memos Detail Opposition But previously classified Government memos, obtained last week through a Freedom of information filing by Computer Professional for Social Responsibility, a public-interest group, indicate that the agency used the process of technical working groups to wear down opposition by institute scientists who wanted to keep the standard open to scrutiny. A January 1990 memo by a National Institute scientist to a colleague expressed frustration. Referring to his own group by its acronym, he wrote, "It is increasingly evident that it is difficult, if not impossible, to reconcile the concerns of N.S.A., N.I.S.T. and the general public using this approach." The N.S.A. also largely ignored the public advisory group that Congress mandated in the 1987 law. That group, composed of industry and Government computer experts, plans a public hearing meeting next month to put forth its concerns. "This all happened within the N.S.A.," said a member of the advisory group, Stephen Walker, president of Trusted Information Systems, a computer security company in Glenwood, Md. "Then it was brought forward as an accomplished fact. This doesn't solve any of our problems relative to getting good cryptography for the American people." The new coding system, if adopted, would first be used for Government electronic communications. It is then expected to quickly spread to business and even to household use, as hardware and software makers incorporate the technology into their products. Export Process Is Slow Various types of encryption systems are in use today, but the standard approach in the United States is a 15-year-old system known as the Data Encryption Standard. Based on outdated technology, this system is not the best available for modern electronic commerce. And the Government has refused to authorize export of hardware and software containing it, except on a time-consuming case-by-case basis. The Clinton Administration is studying whether to allow the general export of products based on the new N.S.A.-designed coding system, although industry executives say they doubt that foreign buyers, especially foreign Governments, would want to use codes designed by American spy masters. When Congress passed the Computer Security Act, it recognized the need to update privacy laws and wiretapping regulations to modern digital communication, which, particularly in the case of cellular phone calls and other emerging forms of over-the-air technology, can be easily monitored either by those authorized to do so, or those who are not. To demonstrate just how easy unauthorized use might be, Mr. Gage, the Sun Microsystems executive, brought a computer hacker with him to the recent House hearing. Punching a special code into a standard cellular phone, the hacker quickly converted the phone into a scanner capable of eavesdropping on all the cellular channels being used on or near Capitol Hill. The intercepted snatches of innocuous conversation were amplified to the amusement and discomfort of those in the subcommittee hearing room -- including a woman in the audience who had her own cellular phone at her side. "This demonstration," Mr. Gage said, "shows it's not really safe to talk on the phone." Paul Ferguson | Uncle Sam wants to read Network Integrator | your e-mail... Centreville, Virginia USA | Just say "NO" to the Clipper fergp@sytex.com | Chip... -------------------------------+------------------------------ I love my country, but I fear it's government. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Thu, 6 May 93 14:44:15 PDT To: cypherpunks@toad.com Subject: ECPA reports Message-ID: <5Tc63B1w165w@sytex.com> MIME-Version: 1.0 Content-Type: text/plain I was re-reading USC Title 18 (Crimes and Criminal Procedure) when I came across this snippet. Are these reports available under the Freedom of Information Act? If so, I'd be interested in examining them. This extract is from Title 18, Part I, Chp. 119 (Wire and Electronic communications interception of oral communications), Sec. 2519 (Reports concerning intercepted wire, oral or electronic communications) paragraphs (inclusive) 2 & 3. 8<----- Begin snippet ------- (2) In January of each year the Attorney General, an Assistant Attorney General specially designated by the Attorney General, or the principal prosecuting attorney of a State, or the principal prosecuting attorney for any political subdivision of a State, shall report to the Administrative Office of the United States Courts- (a) the information required by paragraphs (a) through (g) of subsection (1) of this section with respect to each application for an order or extension made during the preceding calendar year; (b) a general description of the interceptions made under such order or extension, including (i) the approximate nature and frequency of incriminating communications inter- cepted, (ii) the approximate nature and frequency of other communications intercepted, (iii) the approximate number of persons whose communications were intercepted, and (iv) the approximate nature, amount, and cost of the manpower and other resources used in the interceptions; (c) the number of arrests resulting from interceptions made under such order or extension, and the offenses for which arrests were made; (d) the number of trials resulting from such intercep- tions; (e) the number of motions to suppress made with respect to such interceptions, and the number granted or denied; (f) the number of convictions resulting from such interceptions and the offenses for which the convictions were obtained and a general assessment of the importance of the interceptions; and (g) the information required by paragraphs (b) through (f) of this subsection with respect to orders or extensions obtained in a preceding calendar year. (3) In April of each year the Director of the Administra- tive Office of the United States Courts shall transmit to the Congress a full and complete report concerning the number of applications for orders authorizing or approving the interception of wire, oral, or electronic communications pursuant to this chapter and the number of orders and extensions granted or denied pursuant to this chapter during the preceding calendar year. Such report shall include a summary and analysis of the data required to be filed with the Administrative Office by subsections (1) and (2) of this section. The Director of the Administrative Office of the United States Courts is authorized to issue binding regulations dealing with the content and form of the reports required to be filed by subsections (1) and (2) of this section. 8<------- End snippet ---------- Paul Ferguson | Uncle Sam wants to read Network Integrator | your e-mail... Centreville, Virginia USA | Just say "NO" to the Clipper fergp@sytex.com | Chip... -------------------------------+------------------------------ I love my country, but I fear it's government. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: zane@genesis.mcs.com (Sameer) Date: Thu, 6 May 93 15:59:41 PDT To: cypherpunks@toad.com Subject: DIGICASH: freely available article Message-ID: MIME-Version: 1.0 Content-Type: text/plain I'm looking for a freely distributable article about digicash & anonymous remailers. I want to have this information available for the libertarian party of Missouri convention... (Something along the lines of the article in _Extropy_ would be nice, but I want something which I can copy MANY MANY times..) -- | Sameer Parekh-zane@genesis.MCS.COM-PFA related mail to pfa@genesis.MCS.COM | | Apprentice Philosopher, Writer, Physicist, Healer, Programmer, Lover, more | | ----STOP THE WIRETAP CHIP/BIG BROTHER PROPOSAL!---MAIL ME FOR DETAILS! __/ | "Be God" - Me __ "Specialization is for Insects" - Robert A. Heinlein__/ \_____________/ \___________________________________________________/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mike Godwin Date: Thu, 6 May 93 15:31:05 PDT To: fergp@sytex.com (Paul Ferguson) Subject: Re: ECPA reports In-Reply-To: <5Tc63B1w165w@sytex.com> Message-ID: <199305062223.AA08620@eff.org> MIME-Version: 1.0 Content-Type: text/plain Paul Ferguson defines "snippet" in a funny way. > I was re-reading USC Title 18 (Crimes and Criminal Procedure) > when I came across this snippet. Are these reports available > under the Freedom of Information Act? Beats me. Probably, though. --Mike From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mike Godwin Date: Thu, 6 May 93 15:36:17 PDT To: cypherpunks@toad.com Subject: EFF letter regarding crypto policy Message-ID: <199305062236.AA08753@eff.org> MIME-Version: 1.0 Content-Type: text/plain Forwarded message: From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mike Godwin Date: Thu, 6 May 1993 18:31:51 -0400 To: mnemonic@well.sf.ca.us Subject: No Subject Message-ID: <199305062231.AA08688@eff.org> MIME-Version: 1.0 Content-Type: text/plain >From jberman Thu May 6 18:23:32 1993 Received: from [192.77.172.140] (bush.eff.org) by eff.org with SMTP id AA08608 (5.65c/IDA-1.4.4/pen-ident); Thu, 6 May 1993 18:23:09 -0400 Date: Thu, 6 May 1993 18:23:09 -0400 Message-Id: <199305062223.AA08608@eff.org> To: eff-board, eff-staff From: jberman (Jerry Berman) Subject: LETTER TO PRES CRYTO Status: OR This is the letter to the President dated 5/6/93 on Cryptography and Clipper Chip from the digital privacy and security working group. PLEASE CIRCULATE BROADLY. For further information, contact jberman@eff.org (202-5449237) >The President >The White House >Washington, D.C. 20500 > >Dear Mr. President: > > On April 16 you initiated a broad industry/government review of >privacy and cryptography policies. We applaud your efforts to develop a >greater understanding of these complex issues. With the end of the Cold >War and the rapid evolution of technology in the computer and >communications industries, a comprehensive review of our communications >security policies such as you have directed is sorely needed. As the world >becomes linked by a myriad of interconnected digital networks, and computer >and communications technologies converge, both government and the private >sector need to evaluate information security and privacy issues. Of course, >any overall policy must recognize the authorized law enforcement and >national security needs, and must evaluate the impact on American >competitiveness. > > The Digital Privacy and Security Working Group -- a coalition of >communications and computer companies and associations, and consumer and >privacy advocates -- was formed almost a decade ago when Congress undertook >a review of technology and security policy. That review led to the >Electronic Communications Privacy Act of 1986. Subsequently, many members >of the Working Group served on the Privacy and Technology Task Force that >Senator Leahy charged with examining these and similar issues in 1991. > > While we recognize the importance of authorized national security >and law enforcement needs, we believe that there are fundamental privacy >and other constitutional rights that must be taken into account when any >domestic surveillance scheme is proposed. Moreover, it is unclear how your >proposal and the overall review of cryptography policy will impact on U.S. >export controls. Over the past two years, the Digital Privacy and Security >Working Group has held numerous meetings at which both public and private >sector representatives have exchanged technical and legal information with >the law enforcement community on just such issues. > > In the White House press release of April 16, the Press Secretary >stated that you have "directed early and frequent consultations with >affected industries...and groups that advocate the privacy rights of >individuals..." Our group of over 50 members -- from computer software and >hardware firms, to telecommunications companies and energy companies, to >the American Civil Liberties Union and the Electronic Frontier Foundation >-- requests the opportunity to participate in developing policy on the >broad range of security and privacy issues being considered, including >appropriate encryption techniques. We believe that our membership has the >breadth and depth of expertise and experience that would allow us to >provide an excellent forum for the development of new policies in these >areas. > During the past few weeks, the Working Group has met several times >to identify issues that need to be addressed. Several aspects of the >Administration's encryption proposal warrant further discussion, including, >but not limited to: > > o whether a key escrow system will produce the desired law >enforcement results; > o the level of strength and integrity of the algorithm and >the security of the key escrow system; > o the advisability of a government-developed and classified >algorithm; > o its practicality and commercial acceptability; > o the effect of the proposal on American competitiveness and >the balance of trade; > o possible implications for the development of digital >communications; and, > o the effect on the right to privacy and other constitutional >rights. > >A detailed list of our questions relating to this subject is being prepared >to facilitate this dialogue. > > We are making our views known to officials within your >Administration and Members of Congress as the review begins. We would >welcome the opportunity to participate in the review process and look >forward to working with you and your Administration on this important issue >in the coming months. Representatives of the Digital Privacy and Security >Working Group are anxious to meet with your staff at their earliest >convenience to establish a consultation process. > > Sincerely, > >abcd, The Microcomputer Industry Association >Hewlett-Packard Company >Advanced Network & Services, Inc. IBM >American Civil Liberties Union Information Technology Association of America >Apple Computer, Inc. Information Industry Association >AT&T > Iris Associates >Business Software Alliance >Lotus Development Corporation >Cavanagh Associates, Inc. >McCaw Cellular Communications >Cellular Telephone Industry Association MCI >Computer Professionals for Social Responsibility >Microsoft Corporation >Computer & Business Equipment Manufacturers Association RSA Data Security, Inc. >Computer & Communications Industry Association Software Publishers >Association >Crest Industries, Inc. Sun Microsystems, Inc. >Digital Equipment Corporation Toolmaker, Inc. >EDUCOM Trusted Information Systems >Electronic Mail Association >United States Telephone Association > > Electronic Frontier Foundation/Coordinator > Contact: Jerry Berman 202/544-6906 > > From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Dave Banisar Date: Thu, 6 May 93 16:00:20 PDT To: CYPHERPUNKS@toad.com Subject: Re: ECPA reports Message-ID: <9305061903.AA42000@hacker2.eff.org> MIME-Version: 1.0 Content-Type: text/plain > > I was re-reading USC Title 18 (Crimes and Criminal Procedure) > when I came across this snippet. Are these reports available > under the Freedom of Information Act? If so, I'd be interested > in examining them. The reports should be available from any federal depository library and many law libraries. The administrative office told me early this week that the new volume for 92 will be out in a few weeks. A Congressional source tells me that new figures are even higher than last year, upto the mid 900 range, which is the highest number ever reported. Dave Banisar CPSR Washington Office From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: John Perry Barlow Date: Thu, 6 May 93 04:10:05 PDT To: jim@rsa.com Subject: Phil Zimmerman's Laurel Branch Message-ID: <199305061109.AA24844@eff.org> MIME-Version: 1.0 Content-Type: text/plain Jim, John Gilmore passed on to me Phil Zimmerman's recent peace overture to you. I expect I am joined by nearly everyone who cares about the issue of cryptography in the hope that you will bury an understandable sense of rancor and accept his offer. Further, if there is anything which the Electronic Frontier Foundation can do to introduce light and good will into the area between you and Phil, be assured we are ready and willing. While I realize that PGP has been a burr under your saddle for the last two years...growing steadily more irritating as it proliferated like a virus around the planet...one could argue that it has actually done PK Partners more good that harm. By introducing thousands to both public key cryptography and the RSA approach to it, it has gone a long way toward establishing RSA as the de facto international standard for personal encryption. This can only work to your long term benefit. On the other hand, if the current course of things remains fixed and no resolution is made between PK Partners and Phil, then PGP will continue to be modified and improved by many international volunteers and will eventually become seriously competitive to your own products. To me, it appears you have a choice between a position where everybody loses and one where everybody wins. Perhaps I'm wrong, but the only factor which supports the former course is an emotional sense of violated principle. As I say, I could hardly fault you for feeling bitter after all that's happened, but I sincerely hope you'll be able to rise above it. And please let me know if we can help in any way. Thanks, John Perry Barlow From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Dave Banisar Date: Thu, 6 May 93 16:15:19 PDT To: CYPHERPUNKS@toad.com Subject: New NIST/NSA Revelations (by CPSR) Message-ID: <9305061921.AA58911@hacker2.eff.org> MIME-Version: 1.0 Content-Type: text/plain New NIST/NSA Revelations Less than three weeks after the White House announced a controversial initiative to secure the nation's electronic communications with government-approved cryptography, newly released documents raise serious questions about the process that gave rise to the administration's proposal. The documents, released by the National Institute of Standards and Technology (NIST) in response to a Freedom of Information Act lawsuit, suggest that the super-secret National Security Agency (NSA) dominates the process of establishing security standards for civilian computer systems in contravention of the intent of legislation Congress enacted in 1987. The released material concerns the development of the Digital Signature Standard (DSS), a cryptographic method for authenticating the identity of the sender of an electronic communication and for authenticating the integrity of the data in that communication. NIST publicly proposed the DSS in August 1991 and initially made no mention of any NSA role in developing the standard, which was intended for use in unclassified, civilian communications systems. NIST finally conceded that NSA had, in fact, developed the technology after Computer Professionals for Social Responsibility (CPSR) filed suit against the agency for withholding relevant documents. The proposed DSS was widely criticized within the computer industry for its perceived weak security and inferiority to an existing authentication technology known as the RSA algorithm. Many observers have speculated that the RSA technique was disfavored by NSA because it was, in fact, more secure than the NSA-proposed algorithm and because the RSA technique could also be used to encrypt data very securely. The newly-disclosed documents -- released in heavily censored form at the insistence of NSA -- suggest that NSA was not merely involved in the development process, but dominated it. NIST and NSA worked together on the DSS through an intra-agency Technical Working Group (TWG). The documents suggest that the NIST-NSA relationship was contentious, with NSA insisting upon secrecy throughout the deliberations. A NIST report dated January 31, 1990, states that The members of the TWG acknowledged that the efforts expended to date in the determination of a public key algorithm which would be publicly known have not been successful. It's increasingly evident that it is difficult, if not impossible, to reconcile the concerns and requirements of NSA, NIST and the general public through using this approach. The civilian agency's frustration is also apparent in a July 21, 1990, memo from the NIST members of the TWG to NIST director John W. Lyons. The memo suggests that "national security" concerns hampered efforts to develop a standard: THE NIST/NSA Technical Working Group (TWG) has held 18 meetings over the past 13 months. A part of every meeting has focused on the NIST intent to develop a Public Key Standard Algorithm Standard. We are convinced that the TWG process has reached a point where continuing discussions of the public key issue will yield only marginal results. Simply stated, we believe that over the past 13 months we have explored the technical and national security equity issues to the point where a decision is required on the future direction of digital signature standards. An October 19, 1990, NIST memo discussing possible patent issues surrounding DSS noted that those questions would need to be addressed "if we ever get our NSA problem settled." Although much of the material remains classified and withheld from disclosure, the "NSA problem" was apparently the intelligence agency's demand that perceived "national security" considerations take precedence in the development of the DSS. From the outset, NSA cloaked the deliberations in secrecy. For instance, at the March 22, 1990, meeting of the TWG, NSA representatives presented NIST with NSA's classified proposal for a DSS algorithm. NIST's report of the meeting notes that The second document, classified TOP SECRET CODEWORD, was a position paper which discussed reasons for the selection of the algorithms identified in the first document. This document is available at NSA for review by properly cleared senior NIST officials. In other words, NSA presented highly classified material to NIST justifying NSA's selection of the proposed algorithm -- an algorithm intended to protect and authenticate unclassified information in civilian computer systems. The material was so highly classified that "properly cleared senior NIST officials" were required to view the material at NSA's facilities. These disclosures are disturbing for two reasons. First, the process as revealed in the documents contravenes the intent of Congress embodied in the Computer Security Act of 1987. Through that legislation, Congress intended to remove NSA from the process of developing civilian computer security standards and to place that responsibility with NIST, a civilian agency. Congress expressed a particular concern that NSA, a military intelligence agency, would improperly limit public access to information in a manner incompatible with civilian standard setting. The House Report on the legislation noted that NSA's natural tendency to restrict and even deny access to information that it deems important would disqualify that agency from being put in charge of the protection of non-national security information in the view of many officials in the civilian agencies and the private sector. While the Computer Security Act contemplated that NSA would provide NIST with "technical assistance" in the development of civilian standards, the newly released documents demonstrate that NSA has crossed that line and dominates the development process. The second reason why this material is significant is because of what it reveals about the process that gave rise to the so- called "Clipper" chip proposed by the administration earlier this month. Once again, NIST was identified as the agency actually proposing the new encryption technology, with "technical assistance" from NSA. Once again, the underlying information concerning the development process is classified. DSS was the first test of the Computer Security Act's division of labor between NIST and NSA. Clipper comes out of the same "collaborative" process. The newly released documents suggest that NSA continues to dominate the government's work on computer security and to cloak the process in secrecy, contrary to the clear intent of Congress. On the day the Clipper initiative was announced, CPSR submitted FOIA requests to key agencies -- including NIST and NSA -- for information concerning the proposal. CPSR will pursue those requests, as well as the pending litigation concerning NSA involvement in the development of the Digital Signature Standard. Before any meaningful debate can occur on the direction of cryptography policy, essential government information must be made public -- as Congress intended when it passed the Computer Security Act. CPSR is committed to that goal. *************************************************** David L. Sobel CPSR Legal Counsel (202) 544-9240 dsobel@washofc.cpsr.org From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Dave Banisar Date: Thu, 6 May 93 18:00:55 PDT To: CYPHERPUNKS Subject: New NIST/NSA Revelations Message-ID: <00541.2819563074.3344@washofc.cpsr.org> MIME-Version: 1.0 Content-Type: text/plain New NIST/NSA Revelations Less than three weeks after the White House announced a controversial initiative to secure the nation's electronic communications with government-approved cryptography, newly released documents raise serious questions about the process that gave rise to the administration's proposal. The documents, released by the National Institute of Standards and Technology (NIST) in response to a Freedom of Information Act lawsuit, suggest that the super-secret National Security Agency (NSA) dominates the process of establishing security standards for civilian computer systems in contravention of the intent of legislation Congress enacted in 1987. The released material concerns the development of the Digital Signature Standard (DSS), a cryptographic method for authenticating the identity of the sender of an electronic communication and for authenticating the integrity of the data in that communication. NIST publicly proposed the DSS in August 1991 and initially made no mention of any NSA role in developing the standard, which was intended for use in unclassified, civilian communications systems. NIST finally conceded that NSA had, in fact, developed the technology after Computer Professionals for Social Responsibility (CPSR) filed suit against the agency for withholding relevant documents. The proposed DSS was widely criticized within the computer industry for its perceived weak security and inferiority to an existing authentication technology known as the RSA algorithm. Many observers have speculated that the RSA technique was disfavored by NSA because it was, in fact, more secure than the NSA-proposed algorithm and because the RSA technique could also be used to encrypt data very securely. The newly-disclosed documents -- released in heavily censored form at the insistence of NSA -- suggest that NSA was not merely involved in the development process, but dominated it. NIST and NSA worked together on the DSS through an intra-agency Technical Working Group (TWG). The documents suggest that the NIST-NSA relationship was contentious, with NSA insisting upon secrecy throughout the deliberations. A NIST report dated January 31, 1990, states that The members of the TWG acknowledged that the efforts expended to date in the determination of a public key algorithm which would be publicly known have not been successful. It's increasingly evident that it is difficult, if not impossible, to reconcile the concerns and requirements of NSA, NIST and the general public through using this approach. The civilian agency's frustration is also apparent in a July 21, 1990, memo from the NIST members of the TWG to NIST director John W. Lyons. The memo suggests that "national security" concerns hampered efforts to develop a standard: THE NIST/NSA Technical Working Group (TWG) has held 18 meetings over the past 13 months. A part of every meeting has focused on the NIST intent to develop a Public Key Standard Algorithm Standard. We are convinced that the TWG process has reached a point where continuing discussions of the public key issue will yield only marginal results. Simply stated, we believe that over the past 13 months we have explored the technical and national security equity issues to the point where a decision is required on the future direction of digital signature standards. An October 19, 1990, NIST memo discussing possible patent issues surrounding DSS noted that those questions would need to be addressed "if we ever get our NSA problem settled." Although much of the material remains classified and withheld from disclosure, the "NSA problem" was apparently the intelligence agency's demand that perceived "national security" considerations take precedence in the development of the DSS. From the outset, NSA cloaked the deliberations in secrecy. For instance, at the March 22, 1990, meeting of the TWG, NSA representatives presented NIST with NSA's classified proposal for a DSS algorithm. NIST's report of the meeting notes that The second document, classified TOP SECRET CODEWORD, was a position paper which discussed reasons for the selection of the algorithms identified in the first document. This document is available at NSA for review by properly cleared senior NIST officials. In other words, NSA presented highly classified material to NIST justifying NSA's selection of the proposed algorithm -- an algorithm intended to protect and authenticate unclassified information in civilian computer systems. The material was so highly classified that "properly cleared senior NIST officials" were required to view the material at NSA's facilities. These disclosures are disturbing for two reasons. First, the process as revealed in the documents contravenes the intent of Congress embodied in the Computer Security Act of 1987. Through that legislation, Congress intended to remove NSA from the process of developing civilian computer security standards and to place that responsibility with NIST, a civilian agency. Congress expressed a particular concern that NSA, a military intelligence agency, would improperly limit public access to information in a manner incompatible with civilian standard setting. The House Report on the legislation noted that NSA's natural tendency to restrict and even deny access to information that it deems important would disqualify that agency from being put in charge of the protection of non-national security information in the view of many officials in the civilian agencies and the private sector. While the Computer Security Act contemplated that NSA would provide NIST with "technical assistance" in the development of civilian standards, the newly released documents demonstrate that NSA has crossed that line and dominates the development process. The second reason why this material is significant is because of what it reveals about the process that gave rise to the so- called "Clipper" chip proposed by the administration earlier this month. Once again, NIST was identified as the agency actually proposing the new encryption technology, with "technical assistance" from NSA. Once again, the underlying information concerning the development process is classified. DSS was the first test of the Computer Security Act's division of labor between NIST and NSA. Clipper comes out of the same "collaborative" process. The newly released documents suggest that NSA continues to dominate the government's work on computer security and to cloak the process in secrecy, contrary to the clear intent of Congress. On the day the Clipper initiative was announced, CPSR submitted FOIA requests to key agencies -- including NIST and NSA -- for information concerning the proposal. CPSR will pursue those requests, as well as the pending litigation concerning NSA involvement in the development of the Digital Signature Standard. Before any meaningful debate can occur on the direction of cryptography policy, essential government information must be made public -- as Congress intended when it passed the Computer Security Act. CPSR is committed to that goal. *************************************************** David L. Sobel CPSR Legal Counsel (202) 544-9240 dsobel@washofc.cpsr.org From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 6 May 93 22:13:07 PDT To: cypherpunks@toad.com Subject: PRESS: Markoff/NYTimes : "Big Brother & the Computer Age" In-Reply-To: <199305061643.AA15480@ground.cs.columbia.edu> Message-ID: <9305070509.AA24429@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain The quotation of mine in the NYT today was one I gave to John Markoff three weeks ago when the story first broke. I called him up on the afternoon of the announcment--his office is in SF, across the bay--and told him I wanted him to give him an opportunity to quote me. I was surprised to see it in today's article. The hook for this article was the recent FOIA disclosures. Newspaper articles usually don't get written unless there is something that has changed, something that is "new." An ongoing situation won't get reported on until something specific happens; this specific happening can be an event made just for the press--a press conference, a press release, a public statement, or some publication. For further reading on this subject, look at _Reading the News_, an anthology by Pantheon Press. The FOIA disclosures about NSA's involvement in NIST was the hook, but that wasn't the point of the story. The facts of the FOIA were at the back of the story, but they were there. This illustrates another principle of the newspaper: once you have a hook, there's lots of stuff you can hang on it. It really is easy to get quoted, but to do so, you have to make yourself available to the press. The recent FOIA story is a good hook. All the recent crypto events should be enough for a Sunday article (but are not enough without a hook!). I would encourage all of you to make contact with your local media and offer to explain this abstruse subject to them. Reporters have little enough time to learn about what they talk about as it is. If you can present yourself as a bona fide expert (and this does not necessarily mean as an academic) and make an offer to tutor someone on the subject, not only will the quality of coverage improve, but a friendship will have been made. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 6 May 93 22:16:02 PDT To: cypherpunks@toad.com Subject: ADMIN: Eerie silence.... In-Reply-To: <2N853B1w165w@sytex.com> Message-ID: <9305070512.AA24629@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain relay2.uu.net was down again today for a while, leading to big delays and rearranged mail. To repeat, no interloper is filtering mail or trying to disrupt service to this list, to the best of our knowledge. These interruptions havefar more banal origins. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Thu, 6 May 93 19:47:12 PDT To: mnemonic@eff.com Subject: ITAR info Message-ID: MIME-Version: 1.0 Content-Type: text/plain Mike Godwin writes - > The best person on the Net to ask about the ITARs is, IMHO, > Lee Tien, the lawyer handling John Gilmore's cryptography-related > litigation. Lee can be reached at tien@well.sf.ca.us. Mr. Tien, I have bothered Mike Godwin and Shari Steele to the point of no return in legalese. (Blame them for pointing me in your direction.) Actually, I'm quite curious of the ITAR restrictions of cryptologic software/hardware legislation currently on the books and the chances of it being scaled back in light of the current "Clipper" fiasco. I'm well aware of the legal provisions within USC Title 18, and the ECPA but have no idea of additional transcripts that exist that the Dept. of State which have been circumscribed to regulate and tariff. Would you be so kind as to enlighten me (us) of the ITAR stuff that many of us have heard so much about? I know Phil Zimmerman has made limited mention of ITAR restrictions, so I think that we need to first lift the veil of ignorance. Thanks for your anticipated response. Cheers. Paul Ferguson | Uncle Sam wants to read Network Integrator | your e-mail... Centreville, Virginia USA | Just say "NO" to the Clipper fergp@sytex.com | Chip... -------------------------------+------------------------------ I love my country, but I fear it's government. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Thu, 6 May 93 19:47:04 PDT To: virus-l@lehigh.edu Subject: Legal Net News Message-ID: <8NR63B1w165w@sytex.com> MIME-Version: 1.0 Content-Type: text/plain Due to the increasing demands of external activities, Legal Net News will discontinue being sent on a mailing list. My apologies go out to all of you who sent subscription requests. Legal Net News will, however, continue to be compiled, produced, released and archived on a regular basis. It can be found at the following locations: Publicly Accessable BBS's ------------------------- The SENTRY Net BBS Arlington Software Exchange Centreville, Virginia USA Arlington, Virginia USA +1-703-815-3244 +1-703-532-7143 To 9,600 bps To 9,600 bps The Internet ------------ Legal Net News is available at the following archive site(s)- tstc.edu (161.109.128.2) Directory: /pub/legal-net-news Login as ANONYMOUS and use your net ID (for example: fergp@sytex.com) as the password. The most recently released issue was volume 1, issue 4 dated 6 May, 1993 and is in the following formmat: Filename Filename Compressed ASCII Vol 1, Issue 1 LNM0493.ZIP LNM0493.TXT Vol 1, Issue 2 LNN0102.ZIP LNN1.002 Vol 1, Issue 3 LNN0103.ZIP LNN1.003 Vol 1, Issue 4 LNN0104.ZIP LNN1.004 Thanks for the interest. Cheers. Paul Ferguson | Uncle Sam wants to read Network Integrator | your e-mail... Centreville, Virginia USA | Just say "NO" to the Clipper fergp@sytex.com | Chip... -------------------------------+------------------------------ I love my country, but I fear it's government. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mike Godwin Date: Fri, 7 May 93 06:09:23 PDT To: hughes@soda.berkeley.edu (Eric Hughes) Subject: Re: PRESS: Markoff/NYTimes : "Big Brother & the Computer Age" In-Reply-To: <9305070509.AA24429@soda.berkeley.edu> Message-ID: <199305071309.AA15120@eff.org> MIME-Version: 1.0 Content-Type: text/plain Eric writes: > The hook for this article was the recent FOIA disclosures. Newspaper > articles usually don't get written unless there is something that has > changed, something that is "new." I know that John Schwartz is working on a major piece for the Washington Post--a kind of intro to the subject. --Mike From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Fri, 7 May 93 10:13:06 PDT To: cypherpunks@toad.com Subject: EFF letter regarding crypto policy In-Reply-To: <9305071548.AA13593@toad.com> Message-ID: <9305071709.AA22408@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain re: AT&T questioning clipper and pushing clipped phones. My guess is that AT&T corporate doesn't like the idea because they know the long term consequences and the Greensboro division does like it because it's income. It's a classic case of corport schizophrenia. Whether the patient ever becomes sane is an exercise left to the patient. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peter honeyman Date: Fri, 7 May 93 08:48:06 PDT To: cypherpunks@toad.com Subject: Re: EFF letter regarding crypto policy In-Reply-To: <199305062236.AA08753@eff.org> Message-ID: <9305071548.AA13593@toad.com> MIME-Version: 1.0 Content-Type: text/plain here we have at&t, on the one hand, questioning the wisdom and practicality of the principles underlying clipper, while on the other hand, it promises to be first to push clipped phones out the door. go figure. peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: david@staff.udc.upenn.edu (R. David Murray) Date: Fri, 7 May 93 11:05:39 PDT To: cypherpunks@toad.com Subject: cheap secure telnet? Message-ID: <9305071804.AA19192@staff.udc.upenn.edu> MIME-Version: 1.0 Content-Type: text/plain I have a need to have a secure telnet connection. It has to be cheap (on the order of hundreds of dollars, not thousands), but it doesn't have to be free. It also has to be low cost in terms of setup; that is, I don't want to set up a full blown Kerberos system just to get a single secure telnet link. The link is to be between two unix systems. I have root and physical access to both systems. Anyone know of such a beast? On second thought, if you have leads on stuff in the thousands of dollars range, send me them too. This /could/ turn out to be that important. -- david david@staff.udc.upenn.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fnerd@smds.com (FutureNerd Steve Witham) Date: Fri, 7 May 93 13:59:15 PDT To: cypherpunks@toad.com Subject: Swaine Flames Denning Message-ID: <9305072034.AA03557@smds.com> MIME-Version: 1.0 Content-Type: text/plain Nice editorial on the back page of the June Dr. Dobb's: "Pay No Attention to the Man Behind the Curtain, Dorothy" I won't quote the whole thing, but the first paragraph reads: "The debate on digital-telephony legislation in the March 1993 issue of *Communications of the ACM* was a fraud and a dissappointment." It's by Michael Swaine. More serious than "Swaine's Flames" sometimes are. Cypherpunks reminds me of the very first issues of "Dr. Dobb's Journal of TINY BASIC Calisthenics and Orthodontia: Running Light without Overbyte." Those days, when it seemed we all had a chance to steer the future, were over fast. -fnerd From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Fri, 7 May 93 14:17:57 PDT To: cypherpunks@toad.com Subject: Carrier humor Message-ID: <08673B1w165w@sytex.com> MIME-Version: 1.0 Content-Type: text/plain Buzzword (acronym) of the day: VLCC (Very Large Crude Carrier) Where: UNIX Review May 1993 Vol. 11, No. 5 in "Devil's Advocate," page 126, by Stan Kelly-Bootle "VLCC (Very Large Crude Carrier) is not MCI's view of AT&T, but rather one of those supertankers that regularly resort premature delivery, known as spillage." My $.02: If it's not, it should be. Cheers. Paul Ferguson | Boycott AT&T, Network Integrator | Write your elected Centreville, Virginia USA | Representatives. fergp@sytex.com | Do the right thing. Just say "NO" to the Wiretap (Clipper/Capstone) Chip(s) I love my country, but I fear its government. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Fri, 7 May 93 18:39:54 PDT To: cypherpunks@toad.com Subject: testing.... Message-ID: <9305080139.AA01204@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain I haven't received anything from this list in about 4 days. Am I still on? Sorry to waste BW +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | | But, I was mistaken. |available| | +-----------------------------+---------+ | mdiehl@triton.unm.edu | "I'm just looking for the opportunity | | mike.diehl@fido.org | to be Politically Incorrect! | | (505) 299-2282 | | +-----------------------+---------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Clark Reynard Date: Fri, 7 May 93 17:51:18 PDT To: cypherpunks@toad.com Subject: One-time pads Message-ID: <9305080134.AA05436@metal.psu.edu> MIME-Version: 1.0 Content-Type: text/plain Is there any publically-available software which allows utilization of one-time pads? I know it's just a matter of XOR'ing digits, but something which would allow use by modem and transmit the pad itself by PGP or another secure encryption standard, or the delivery by mail or courier of the pad itself to allow the future exchange of information by a less-secure medium would seem to be something that SOMEONE must have thought of doing; and while it's by no means trivial, it would take a bit of work to program it with a snazzy front-end, idiot-proofing and other bells and whistles. Just wondering. Oh, yes, I've posted an amusing little bit of propaganda to sci.crypt and alt.privacy.clipper, a sensationalistic little hypothetical proposition which I'd be happy to email anyone who is interested and doesn't have UseNET access (is there such a person?). ---- Robert W. Clark Just Say No! to the rclark@nyx.cs.du.edu Big Brother Chip From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Nickey MacDonald Date: Sat, 8 May 93 03:56:15 PDT To: cypherpunks list Subject: A few different topics Message-ID: MIME-Version: 1.0 Content-Type: text/plain I have a couple of different things I want to talk about, so I'll make one large post rather than several smaller ones. I posted a link encryption post a while back, and one of the responses I got back implied I was very naive in using a "shuffle" as part of the initial manipulation of the packet to be sent. I have spent some further time thinking about this, and I still fail to see how reshuffling the order of the data is anything but a good thing. If the encryption algorithm generates one output character for each input character, then I can see a situation developing where an "interloper" could cause the message being sent to be changed: sender ---> interloper ---> receiver ^ Knows senders password, but sender is unaware. Changes sent message without senders knowledge. Now this situation is a possibility any time a store and forward (such as email) situation exists and someone (other than the sender and receiver as appropriate) knows the password(s). This could still be a problem in a real time link, unless the data is sent in a nonlinear (shuffled) order. The implication is, that if the data has to be rearranged to be understood, then the interloper is going to have to gather more than one packet, and rearrange them to understand whats being sent, in order to be able to know what changes to make to the message to make it have an altered meaning for the receiver. Collecting the packets would cause a delay that would (should) be noticeable on a real time link. I still don't like the idea of trying to use timing as the only control, given the modern communications can be filled with arbitrary delays, but I don't know of any other approach that will offer any hope of detecting that someone knows your password. This is probably another problem that would be solved by a "more powerful mailer", but not having one on hand I do not know this to be the case: I have a second thought about the subject handling of posts to this (and other) email lists. In my Bitnet days, I used to be on a number of Listserv lists. One of things I liked about them was that the messages always showed up as being from the list. The email I get now, all appears to be a collection of private mail from a collection of individual people... The problem occurs when someone replys privately to one of my posts. It is impossible for me to tell which mail is sent directly to me, and which mail has been redirected by the list. I am about to start "spec"ing a software licensing system using public key technology. I would like any comments... this is not something I have seen discussed on the list in the short time I've been subscribed. What I propose is that the software would require (say in an environment variable or a special file some where) an "activation key". The activation key would be some licensing data that was encrypted with a private key by the software manufacturer (say a serial number, licensee's name, and a license duration (or expiry date)). The software would have the public key compiled into it, and only if it could decode the activation key, and it had not expired, would the software run. The majority response on "should I try my survey" was positive (in fact I only got one "count me out"). I was warned that it may end up meaningless because everyone will submit anonymous responses... I don't see where that will be a problem, unless someone submits multiple responses or unless hiding behind anonymity means someone still feels inclined to be untruthful. I guess maybe I'm just being foolish by assuming that allowing anonymous posts would make people feel more secure in telling the truth about themselves... In any case, I will start collecting my thoughts and form some questions... --- Nick MacDonald | NMD on IRC i6t4@jupiter.sun.csd.unb.ca | PGP 2.1 Public key available via finger From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Arthur R. McGee" Date: Sat, 8 May 93 08:35:48 PDT To: cypherpunks@toad.com Subject: An end to the PGP quarrel? (fwd) Message-ID: MIME-Version: 1.0 Content-Type: text/plain ---------- Forwarded message ---------- Date: Fri, 7 May 93 02:13:29 -0500 From: Steve Jackson To: eff-austin@tic.com, eff-austin-directors@tic.com Cc: thesegroups@tic.com Subject: An end to the PGP quarrel? The creator of PGP has proposed to Jim Bidzos of RSA that RSA approve a new, already-written version of PGP which uses "RSAREF," an unprotected version of the PGP algorithm. I propose that EFF-Austin write to Bidzos endorsing the suggestion. Hmm. Perhaps other groups might feel the same way, so this will be copied appropriately. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Arthur R. McGee" Date: Sat, 8 May 93 08:57:35 PDT To: cypherpunks@toad.com Subject: Re: An end to the PGP quarrel? (fwd) Message-ID: MIME-Version: 1.0 Content-Type: text/plain ---------- Forwarded message ---------- Date: Sat, 8 May 1993 01:57:56 +0800 From: John Perry Barlow To: Steve Jackson , eff-austin@tic.com, eff-austin-directors@tic.com Cc: thesegroups@tic.com Subject: Re: An end to the PGP quarrel? At 2:13 AM 5/7/93 -0500, Steve Jackson wrote: >The creator of PGP has proposed to Jim Bidzos of RSA that RSA approve >a new, already-written version of PGP which uses "RSAREF," an unprotected >version of the PGP algorithm. I propose that EFF-Austin write to Bidzos >endorsing the suggestion. While I don't necessarily want to us to stampede at ol' Jim I wrote him the following yesterday: Jim, John Gilmore passed on to me Phil Zimmerman's recent peace overture to you. I expect I am joined by nearly everyone who cares about the issue of cryptography in the hope that you will bury an understandable sense of rancor and accept his offer. Further, if there is anything which the Electronic Frontier Foundation can do to introduce light and good will into the area between you and Phil, be assured we are ready and willing. While I realize that PGP has been a burr under your saddle for the last two years...growing steadily more irritating as it proliferated like a virus around the planet...one could argue that it has actually done PK Partners more good that harm. By introducing thousands to both public key cryptography and the RSA approach to it, it has gone a long way toward establishing RSA as the de facto international standard for personal encryption. This can only work to your long term benefit. On the other hand, if the current course of things remains fixed and no resolution is made between PK Partners and Phil, then PGP will continue to be modified and improved by many international volunteers and will eventually become seriously competitive to your own products. To me, it appears you have a choice between a position where everybody loses and one where everybody wins. Perhaps I'm wrong, but the only factor which supports the former course is an emotional sense of violated principle. As I say, I could hardly fault you for feeling bitter after all that's happened, but I sincerely hope you'll be able to rise above it. And please let me know if we can help in any way. Thanks, John Perry Barlow From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Sat, 8 May 93 09:45:07 PDT To: cypherpunks@toad.com Subject: Shamir at Stanford on Thursday Message-ID: <9305081645.AA07281@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain > From daemon@Sunburn.Stanford.EDU Thu May 6 14:34:13 1993 > Date: Thu, 6 May 93 14:18:26 -0700 > From: Daphne Koller > To: stc@Theory.Stanford.EDU > Subject: STANFORD THEORY COLLOQUIUM > > > S T A N F O R D T H E O R Y C O L L O Q U I U M > ===================================================== > > > The Stanford Computer Science Department is pleased to announce the > eighth Stanford Theory Colloquium this Thursday, May 13. > > > Polynomials and Cryptography - Some Recent Results > > Professor Adi Shamir > Weizmann Institute of Science > > > The talk will take place 4:15 -- 5:45 p.m. in Jordan 041. > > A RECEPTION in honor of the speaker will be held in the third floor > lounge of MJH around 3:45. Everyone is welcome. > > ------------------------------------------------------------------- > | Professor Adi Shamir is a coinventor of the RSA public key | > | cryptographic scheme and of several other key management and | > | signature schemes. He was involved in the cryptanalytic attack | > | on the knapsack scheme, and more recently he developed (with E. | > | Biham) the new technique of differential cryptanalysis and | > | applied it to the Data Encryption Standard. | > ------------------------------------------------------------------- > > ----------------------------------------------------------------------------- > > > Polynomials and Cryptography - Some Recent Results > > Professor Adi Shamir > Weizmann Institute of Science > > > Mappings defined by polynomials modulo n=pq are a fundamental tool in > modern cryptography. However, the inversion of such mappings usually > requires the extraction of roots or the evaluation of high degree > polynomials, which is quite slow. This talk will consist of two parts. > In the first part, we give an introduction to some basic cryptographic > techniques. The second part will describe some new results in the area. > We consider the class of birational permutations f, in which both f and > f^-1 are low degree multivariate rational functions mod n. We describe > new families of birational permutations, and how to turn them into new > cryptographic schemes which are much faster than previously known > schemes. In addition, we consider the general problems of factoring > multivariate polynomials mod n and solving systems of polynomial > equations mod n, and develop new techniques for proving the hardness of > randomly chosen instances of such problems. > > The talk will be self contained and accessible to a wide audience. > +----------------------------------------------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Sat, 8 May 93 14:08:21 PDT To: cypherpunks@toad.com Subject: testing again. Message-ID: <9305082108.AA27172@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain I never got my last test post, so I'm trying again. I have resubscribed. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | | But, I was mistaken. |available| | +-----------------------------+---------+ | mdiehl@triton.unm.edu | "I'm just looking for the opportunity | | mike.diehl@fido.org | to be Politically Incorrect! | | (505) 299-2282 | | +-----------------------+---------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: edgar@spectrx.Saigon.COM (Edgar W. Swank) Date: Sat, 8 May 93 19:48:05 PDT To: Cypherpunks Subject: Correction! Message-ID: MIME-Version: 1.0 Content-Type: text/plain In part of my long post dated May 3, Subject: PGP: Re: Tough Choices: PGP vs. RSA Data Security I said: Jim Bidzos has told me that Phil Z. or anyone else can get a license from RSA for $20,000 plus minimum $10,000/yr. royalties. If we say we don't want to spend more than 50% of our revenues on licensing, then if Phil can get $60,000 of firm orders for a -commercial- USA version of PGP, he's in (a very profitable) business. $60,000 might be 600 copies at $100 or six site licenses at $10,000. Upon reviewing my records, I find I didn't remember those figures correctly. The above -should- have read: Jim Bidzos has told me that Phil Z. or anyone else can get a license from RSA for $25,000 plus minimum $10,000/yr. royalties. ^^^^^^^ If we say we don't want to spend more than 50% of our revenues on licensing, then if Phil can get $70,000 of firm orders for a -commercial- USA version of PGP, he's in (a very profitable) business. $70,000 might be 700 copies at $100 or seven site licenses at $10,000. My apologies to Jim Bidzos for misquoting him; however, the basic point of the paragraph that a commercial license is not too far out of reach remains valid. -- edgar@spectrx.saigon.com (Edgar W. Swank) SPECTROX SYSTEMS +1.408.252.1005 Silicon Valley, Ca From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jdblair@nextsrv.cas.muohio.edu (John Blair) Date: Sat, 8 May 93 19:02:10 PDT To: cypherpunks@toad.com Subject: ping? Message-ID: <9305090207.AA28329@ nextsrv.cas.muohio.EDU > MIME-Version: 1.0 Content-Type: text/plain Hello? Is anyone out there? The very high mail flow from cypherpunks suddenly ended. Is something wrong, or is this just a normal burp in the system? -john. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Liam David Gray Date: Sat, 8 May 93 21:24:57 PDT To: tcmay@netcom.com Subject: RNG: from Zener diode? Message-ID: MIME-Version: 1.0 Content-Type: text/plain Tim, I recall you or some other Cypherpunk mentioning that, by some means, strong random numbers can be had by observing some property of Zener diodes. Could you explain this? ...If feasible, I imagine exploiting this phenomenon to make a "random number dongle," an inline device for a PC's serial or parallel port, which could be polled by savvy software. If possible, and if someone hasn't done it already, I'd like to work up a simple recipe (schematic, list of ingredients, and sample code) for this--and get it put into our "crypto-anarchists' cookbook"--i.e., on soda.berkeley.edu. Perhaps a future version of PGP could take advantage of such a random noise dongle, selectable by command-line switch. This is pure speculation at this point. Am I completely off-base? In any case, I'd love to hear more about it. Liam --- PGP public key available by arrangement -- The cat is out of the bag. Too much of a dreamer not to be practical -- Go have your own "valiant defeat." Liam David Gray From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: markh@wimsey.bc.ca (Mark C. Henderson) Date: Sun, 9 May 93 11:37:26 PDT To: William Oldacre Subject: Re: RNG from zener is easy. Message-ID: MIME-Version: 1.0 Content-Type: text/plain > To: >Internet:cypherpunks@toad.com > > A simple XOR with the message text is enough to create an unbreakable > cyphertext. Problem is, that both parties have to have exact copies > ... > I'm glad Liam brought this up. It is a good way to produce an > absolutely unbreakable code. This, providing the design is good and > no patterns are allowed to appear (introduced by amplifier > oscillation or nearby noise sources) in the generated numbers. If > there is any interest out there perhaps we (Liam or I) could produce > a few for testing. Yes, I'm certainly interested. A practical use for such a device would be to generate "random" data for use by PGP or RIPEM. Both need "random" data to generate session keys and public/secret keypairs. In fact, the whole security of these programs depends upon the unpredictability of the "random" data used. Mark -- Mark Henderson markh@wimsey.bc.ca RIPEM key available by key server/finger/E-mail MD5OfPublicKey: F1F5F0C3984CBEAF3889ADAFA2437433 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Harry Shapiro Date: Sun, 9 May 93 08:52:26 PDT To: extropians@gnu.ai.mit.edu (Harry Shapiro) Subject: Press: Sunday NY Times Message-ID: <199305091552.AA28290@sun.Panix.Com> MIME-Version: 1.0 Content-Type: text/plain There is a major "technology" piece in the Sunday NY Times by John Markoff on the Cyhperpunk group, the Wired article (The cover is reproduced a long with the demasked photo to Tim, Eric and John), the encryption as a whole. Great job John!! /harry -- Harry Shapiro habs@panix.com List Administrator of the Extropy Institute Mailing List Private Communication for the Extropian Community since 1991 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: William Oldacre <76114.2307@CompuServe.COM> Date: Sun, 9 May 93 10:07:36 PDT To: Subject: RNG from zener is easy. Message-ID: <930509170215_76114.2307_BHA35-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain To: >Internet:cypherpunks@toad.com This posting is in response to Liam's earlier message on creating a random number generator using a zener diode. I breadboarded such a circuit over year ago and it worked fine. Zener diodes, operated in their zener region with a reverse voltage generate electrical noise much like a "noise diode". This can be amplified and shaped using a single quad op amp package to create what appears to be a very random data stream. Best way to use this would be to shift it into an eight bit latch before reading the parallel port. Depending on design, it's operation is much (MUCH) faster than a pseudo random number generator written in software. It can fill a floppy disk so fast that the main limitation is the writing speed of the disk drive. A simple XOR with the message text is enough to create an unbreakable cyphertext. Problem is, that both parties have to have exact copies of the random numbers since they cannot be regenerated as with pseudo random numbers using a key. What is needed is a way to encrypt the random numbers so that they can be sent to someone else to use. This would be hard to decode, because it would be difficult to know when success had been achieved. If it is being tested against a message text, the loss of one byte shifts everything to that the text becomes gibberish again. I'm glad Liam brought this up. It is a good way to produce an absolutely unbreakable code. This, providing the design is good and no patterns are allowed to appear (introduced by amplifier oscillation or nearby noise sources) in the generated numbers. If there is any interest out there perhaps we (Liam or I) could produce a few for testing. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: whitaker@eternity.demon.co.uk (Russell Earl Whitaker) Date: Mon, 10 May 93 10:49:03 PDT To: cypherpunks@toad.com Subject: FWD: PGP Menu Utility Message-ID: <5351@eternity.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain This article was forwarded to you by whitaker@eternity.demon.co.uk (Russell Earl Whitaker): --------------------------------- cut here ----------------------------- Xref: demon demon.security:118 demon.ip.cppnews:318 Path: eternity.demon.co.uk!demon!rundart.demon.co.uk!gt Newsgroups: demon.security,demon.ip.cppnews From: gt@rundart.demon.co.uk (Giles Todd) Cc: pbrett@tamara.demon.co.uk Reply-to: uploads@demon.co.uk Subject: PGP Menu Utility X-Mailer: VE3PZR VIEW DIS V1.01. Lines: 61 Date: Fri, 7 May 1993 22:35:33 +0000 Message-ID: <31617.gt@rundart.demon.co.uk> Sender: usenet@demon.co.uk > From: Paul Brett > Subject: PGP Menu Utility > Reply-To: pbrett@tamara.demon.co.uk > To: uploads@demon.co.uk > Message-ID: <736839528snx@tamara.demon.co.uk> > X-Mailer: cppnews $Revision: 1.35 $ > Date: Fri, 07 May 93 22:38:48 GMT > Organization: Disorganised > Lines: 41 > > -----BEGIN PGP SIGNED MESSAGE----- > > PGP MENU > ~~~~~~~~ > PGP menu is a simple utility to allow easy use of PGP from within CppNews (or > any other program that allows you to shell out to an editor as you prepare > your text). > > The program calls up your editor, to allow you to edit a text message, and > then prompts you to allow you to sign, encrypt or sign & encrypt (both) a > file. > > Known Bugs / Features > ~~~~~~~~~~~~~~~~~~~~~ > > 1. The program will always use default key for encryption of your message > (i.e. the key specified by 'MyName' in %PGPPATH%\config.txt). > > 2. There is currently no way to specify the encryption flags. > > Legal Stuff > ~~~~~~~~~~~ > > This program is copyright by me. It is made available as is, for unlimited > distribution and use provided that the program and documentation are > distributed as is. No warranty is given for malfunction of the program, > or consequent damages. > > - -- > Paul Brett EMail : pbrett@tamara.demon.co.uk > Uxbridge, UK Voice : 0895 251479 > PGP2.x key available > > > -----BEGIN PGP SIGNATURE----- > Version: 2.2 > > iQBVAgUBK+rVWdQocaCQTJGXAQE3JQH/UX6/QxlFJViBw3Na+/anMV78OsziHEfh > KfjRg65rrUWB4NY+rjBhBOSKtn8uSv+kVZYZjx6TiAYSqsLqpeNczg== > =OMdm > -----END PGP SIGNATURE----- pgpmenu.zip is available for anonymous ftp from ftp.demon.co.uk:/pub/pgp. Thanks for the upload. Giles. -- Giles Todd gt@rundart.demon.co.uk (Internet) Rundart Ltd Demon Internet Services Voice: +44 925 33472 PGP 2.x public key available. --------------------------------- cut here ----------------------------- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: whitaker@eternity.demon.co.uk (Russell Earl Whitaker) Date: Mon, 10 May 93 10:50:28 PDT To: cypherpunks@toad.com Subject: FWD: UK English language file for PGP Message-ID: <5352@eternity.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain This article was forwarded to you by whitaker@eternity.demon.co.uk (Russell Earl Whitaker): --------------------------------- cut here ----------------------------- Path: eternity.demon.co.uk!demon!rundart.demon.co.uk!gt Newsgroups: demon.security From: gt@rundart.demon.co.uk (Giles Todd) Cc: pla@sktb.demon.co.uk Reply-to: uploads@demon.co.uk Subject: UK English language file for PGP X-Mailer: VE3PZR VIEW DIS V1.01. Lines: 40 Date: Sat, 8 May 1993 13:13:47 +0000 Message-ID: <31691.gt@rundart.demon.co.uk> Sender: usenet@demon.co.uk > Date: Sat, 8 May 1993 12:37:27 GMT > From: "Paul L. Allen" > To: uploads@demon.co.uk > Subject: UK English language file for PGP > Message-ID: <8FoXA4j024n@sktb.demon.co.uk> > Reply-To: pla@sktb.demon.co.uk > Organization: Chaos > Lines: 21 > X-Mailer: Archimedes ReadNews > > -----BEGIN PGP SIGNED MESSAGE----- > > I became a little tired of PGP misspelling `armour', so I created a UK > English language.txt (which also tells people to press keys instead of > hitting them). I've just uploaded it as language.uk. > > Archimedes users of PGP will need release 1.14 of PGP for the Archimedes > to use other languages (should appear on demon in the next day or two, if > it hasn't already). > > - --Paul > > -----BEGIN PGP SIGNATURE----- > Version: 2.2 > > iQCVAgUBK+upf2v14aSAK9PNAQFg9gP+NNareZokjgy+MJMWbfK+ny3CfzMdoTRO > cHhw8hOFDd+v8h4ezUFhI9YIFV6cfJDW9VesvcfFTlTkJ33V1x1YXKcPznxnF6fM > yUBbgWUEooLDMjEVjB+lpK3nBy+0HDTpH1zVwYgpNQTV8pITApVzG7FobwGJGFia > z21//VYWG6g= > =eiIE > -----END PGP SIGNATURE----- /pub/pgp/language.uk is now available. Thanks for the upload. Giles. -- Giles Todd gt@rundart.demon.co.uk (Internet) Rundart Ltd Demon Internet Services Voice: +44 925 33472 PGP 2.x public key available. --------------------------------- cut here ----------------------------- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: whitaker@eternity.demon.co.uk (Russell Earl Whitaker) Date: Mon, 10 May 93 10:53:13 PDT To: cypherpunks@toad.com Subject: FWD: Archimedes PGP 2.2 & PGPwimp Message-ID: <5353@eternity.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain This article was forwarded to you by whitaker@eternity.demon.co.uk (Russell Earl Whitaker): --------------------------------- cut here ----------------------------- Path: eternity.demon.co.uk!demon!rundart.demon.co.uk!gt Newsgroups: demon.security From: gt@rundart.demon.co.uk (Giles Todd) Cc: chrisg@nedman.demon.co.uk Reply-to: uploads@demon.co.uk Subject: Archimedes PGP 2.2 & PGPwimp X-Mailer: VE3PZR VIEW DIS V1.01. Lines: 34 Date: Sat, 8 May 1993 15:51:01 +0000 Message-ID: <31705.gt@rundart.demon.co.uk> Sender: usenet@demon.co.uk > Date: 08 May 93 16:05:23 GMT > Message-Id: <930508160523@nedman.demon.co.uk> > From: Chris Gransden > Reply-To: chrisg@nedman.demon.co.uk > To: uploads@demon.co.uk > Subject: Archimedes PGP 2.2 & PGPwimp > Organization: Home > X-Mailer: ReaderS for the Acorn Archimedes > > I've just uploaded a new version of PGP 2.2 for the Archimedes to /incoming. > The main improvement for this release, v1.14, is the encryption/decryption > phase is significantly speeded up. Also using language translation files now > works. > > I've also uploaded PGPwimp. This is a desktop front end to Archimedes PGP. > This was produced by Peter Gaunt. This can only be used with RISC OS3. It > makes using PGP alot simpler. > > Could you put both these programs in /pub/archimedes. > Thanks. > > Chris > > -- > Email: chrisg@nedman.demon.co.uk These files are now available from /pub/archimedes. Thanks for the upload. Giles. -- Giles Todd gt@rundart.demon.co.uk (Internet) Rundart Ltd Demon Internet Services Voice: +44 925 33472 PGP 2.x public key available. --------------------------------- cut here ----------------------------- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Sun, 9 May 93 11:47:17 PDT To: CYPHERPUNKS Subject: Random TSR Message-ID: <930509183959_74076.1041_FHD48-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- We had some discussion on the list a few months ago about hardware RNG's. As I recall, there were problems feared with the Zener diode noise generators involving coupling to other EM signals that might add regularity to the noise. Hardware random numbers are useful, not so much to fill one time pads, with their attendant problems with distribution, but rather as session key generators for Diffie-Hellman key exchange or RSA-type public key programs. This is one of the weak points of PGP, in my opinion; it times keystrokes when you first generate your public key, but then from then on it just uses and re-uses those same random numbers. (It does mix in the time of day for each message sent, but as pointed out on the PGP developers' list, this may not add that much randomness.) Each time you send a message, it has to generate a random session key, which it uses to encrypt your message, sending this random key RSA- encrypted at the head of your message. How random are these session keys? PGP is still re-using the same random information I supplied many months ago. There is no KNOWN way to exploit this lack of randomness but it is still worrisome. Perry Metzger mentioned that he deletes his randseed.bin file every night. This causes PGP to ask him for new keystroke timings every morning when he first runs it. This adds a new daily dose of randomness to the program but it is kind of a pain to do. This is where a hardware RNG would be really useful. Use it to generate your session keys and you don't have to worry too much about someone breaking your message by intelligent key guessing. RIPEM goes to greater lengths than PGP in trying to find good random bits. It has options to scan your filesystem or to use network information, both of which are presumed to be randomly changing. These approaches are more suitable for a multi-user workstation than for a regular PC, though. I had an idea for the PC environment which I don't think I've seen before. (Apologies if I'm regurgitating someone else's idea.) Have a TSR which just extracted random information from your use of the PC. Do keystroke timing all the time, check disk block contents and locations. Record this information and periodically pass it through MD5 then store it in a file. This file would basically hold entropy extracted from how you use your PC. PGP could then read this file (you could even have the file be PC's randseed.bin, making it compatible with current versions of PGP) to get its random bits for session keys. This does not sound like it would be that hard, although the few attempts I have made to write TSR programs which hooked into DOS calls have not been terribly robust. One technical issue is how much randomness or entropy exists in each event. This has been discussed in some detail on the PGP developers' list, but a simple solution would be to just ignore that problem and constantly merge in your new random bits with those in the file. Once you've gotten enough "true" randomness your file will be fully random. You won't know when that's happened but if your file isn't too big and you use the computer quite a bit it will hopefully be fast enough. Or, if you wanted to be more ambitious, I gather from the discussion on pgp-dev that you could collect statistics on the intervals between key- strokes and use these to estimate the amount of random information per keystroke. Then you could have a call to the TSR to tell how much random information is available in the file. This program could be constantly running in the background, unobtrusively, collecting and distilling the randomness you are discarding all the time. Randomness is precious; it's time to stop wasting these bits! Hal Finney 74076.1041@compuserve.com -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK+0lWqgTA69YIUw3AQGPbQP/TUSbeusbaPQ3DF6wpr+tY5H8IcVTzJUb p78E+IZHx8pMSQP/fu8SnBGWuINnurq9fssJT9o7DQJnXBmcEgK+48OHbunHi9OV VrheN8tXHTY5OBd4pvKV9nh200+OalRny5lL4ZviMqGl+iYVJEU5PdZIPnPeRAzV AaZ2gvVBdbE= =gww0 -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: norm@netcom.com (Norman Hardy) Date: Sun, 9 May 93 15:37:14 PDT To: cypherpunks@toad.com Subject: Early Battles Message-ID: <9305092237.AA11893@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain I remember hearing an anecdote from a fairly private but unclassified source. According to this source NSA was incensed when IBM first developed Lucifer for banking applications, especially because they published details in a Scientific American article. NSA accused IBM of stealing secrets from NSA thru IBM employees having access to NSA technology as part of their jobs developing hardware and software for NSA. IBM was of course prepared for this eventuality. They quoted an early paper by Shannon suggesting that a mixture of transpositions and permutations would likely produce strong ciphers. This is, of course, the heart of both Lucifer and DES. NSA backed off. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fnerd@smds.com (FutureNerd Steve Witham) Date: Sun, 9 May 93 16:22:05 PDT To: sw@smds.com Subject: Shamir papers are available Message-ID: <9305092305.AA06080@smds.com> MIME-Version: 1.0 Content-Type: text/plain The Adi Shamir papers are available by anonymous ftp from soda.berkeley.edu in pub/cypherpunks/papers/ shamir.abstracts shamir.birational shamir.hard.poly Thanks to Eric Hughes. -fnerd From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: KINNEY WILLIAM H Date: Mon, 10 May 93 07:34:03 PDT To: cypherpunks@toad.com Subject: Random Numbers Message-ID: <199305101433.AA01828@spot.Colorado.EDU> MIME-Version: 1.0 Content-Type: text/plain There's was some traffic on sci.crypt today about generating random numbers by reading noise off a sound port, which ties in to discussion here of using a Zener diode device. The question is, if you have a noise source that is likely to create, say, long strings of zeros or to have some other statistical bias, how do you fix it up to create a good distribution? Certainly, if your only problem is that you have an input stream where the ones are randomly distributed but _rare_, in the sense that the stream is mostly zeros, you can just count ones for a period of time and create an output stream like output[i] = 1 if the parity of N input bits is odd 0 if the parity of N input bits is even Then the ouput stream will be very high-entropy. Something similar, but more complicated, would probably apply to reading thermal noise as well, since you know the input has a Boltzmann distribution or whatever, and can transform it to a distribution of your choice. The problem seems to boil down to having random input with a distribution f() and transforming it to random output with another distribuion g(). Or if you want to make it worse, having some not-really-random input f() and transforming it to random output g(). But this is probably naive -- what are the pitfalls here? What is the best way to do it for cryptographic purposes? -- Will From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jb@paris7.jussieu.fr Date: Mon, 10 May 93 01:03:46 PDT To: cypherpunks@toad.com Subject: Re:How to FAKE MAIL Message-ID: <0096c4a2.c6e6bbf2.19741@paris7.jussieu.fr> MIME-Version: 1.0 Content-Type: text/plain From: MX%"Postmaster@paris7.jussieu.fr" 8-MAY-1993 13:19:41.13 To: JB CC: Subj: SMTP delivery error Return-Path: <> Date: Sat, 08 May 1993 13:19:18 WET From: Postmaster@paris7.jussieu.fr (SMTP delivery agent) To: Subject: SMTP delivery error Note: this message was generated automatically. A problem occurred during SMTP delivery of your message. Error occurred sending to host oubbs.telecom.uoknor.edu: retry count exceeded message transmission could not be completed connect to network object rejected ======================================================================== Message follows. Date: Thu, 06 May 1993 11:10:50 WET From: jb@paris7.jussieu.fr To: tom.jackson@oubbs.telecom.uoknor.edu Message-ID: <0096c187.9189aeba.18431@paris7.jussieu.fr> Subject: RE: HOW TO FAKEMAIL Hi, I'm interested on the subject too. Can u keep me inform on any information u might receive? Thanx in advance, Jean-Baptiste From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jet@nas.nasa.gov (J. Eric Townsend) Date: Mon, 10 May 93 13:27:04 PDT To: cypherpunks@toad.com Subject: notes from meeting? Message-ID: <9305102026.AA12154@boxer.nas.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain anybody keep some sort of notes/minutes/summary of the meeting that they can post? I managed to misplace mine, and with it, things like names and email addresses... thx -- J. Eric Townsend jet@nas.nasa.gov 415.604.4311 NASA Ames Numerical Aerodynamic Simulation | play: jet@well.sf.ca.us Parallel Systems Support, CM-5 POC | '92 R100R / DoD# 0378 PGP2.1 public key available upon request or finger jet@simeon.nas.nasa.gov From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Mon, 10 May 93 11:06:43 PDT To: cypherpunks@toad.com Subject: Re: Early Battles In-Reply-To: <9305092237.AA11893@netcom3.netcom.com> Message-ID: <9305101806.AA14984@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain Norman Hardy says: > I remember hearing an anecdote from a fairly private but > unclassified source. According to this source NSA was incensed when > IBM first developed Lucifer for banking applications, especially > because they published details in a Scientific American article. NSA > accused IBM of stealing secrets from NSA thru IBM employees having > access to NSA technology as part of their jobs developing hardware > and software for NSA. IBM was of course prepared for this > eventuality. They quoted an early paper by Shannon suggesting that a > mixture of transpositions and permutations would likely produce > strong ciphers. This is, of course, the heart of both Lucifer and > DES. > NSA backed off. This sounds like an urban legend -- NSA and IBM worked way too closely on the development of DES for this to sound likely. .pm From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu@cygnus.com Date: Mon, 10 May 93 17:54:30 PDT To: cypherpunks@toad.com Subject: [Torbjorn Granlund: GNU Multiple Precision Arithmetic Library] Message-ID: <9305110054.AA27764@cygnus.com> MIME-Version: 1.0 Content-Type: text/plain It might be interesting to compare the speed of this library with the speed of the multiprecision code in RSAREF and in PGP. May the fastest library win! John ------- Forwarded Message To: info-gnu@prep.ai.mit.edu, bug-gnu-utils@prep.ai.mit.edu Subject: GNU Multiple Precision Arithmetic Library Date: Mon, 10 May 1993 16:35:35 +0200 From: Torbjorn Granlund Version 1.3 of the GNU Multiple Precision Arithmetic Library is now available for anonymous ftp from prep.ai.mit.edu as /pub/gnu/gmp-1.3.tar.z. The main differences between 1.2 and 1.3 are bug fixes and support for 64-bit machines. There are also a couple of enhancements that affects the speed of some operations. There are no new user-visible functions in this version. (There will be a new major version of this library in a not distant future. That version, 2.0, will contain additions of new functions contributed from other people. It also has a documented low-level interface for really time-critical applications. I don't know exactly when it will be ready.) These people (in alphabetical order) helped with testing of this release: Per Bothner Bruno Haible J.W.Hawtin-SE0@computer-science.birmingham.ac.uk Joachim Hollman Phil Howard Henrik Johansson AOKI Kazumaro Steve Linton Alyson Reeves Nils Rennebarth Joachim Schimpf Ken Weber Plus possibly somebody whose name I have lost. Many other people have contributed bug reports during the 1 1/2 years since the last release. Thanks everybody! Torbjorn Granlund [ Most GNU software is packed using the new `gzip' compression program. Source code is available on most sites distributing GNU software. For information on how to order GNU software on tape, floppy, or cd-rom, check the file etc/ORDERS in the GNU Emacs distribution or in GNUinfo/ORDERS on prep, or e-mail a request to: gnu@prep.ai.mit.edu By ordering tapes from the FSF you help us continue to develop more free software. Media revenues are our primary source of support. Donations to FSF are deductible on US tax returns. The above software will soon to be at these ftp sites as well. Please try them before prep.ai.mit.edu! thanx -gnu@prep.ai.mit.edu ASIA: ftp.cs.titech.ac.jp, utsun.s.u-tokyo.ac.jp:/ftpsync/prep, cair.kaist.ac.kr:/pub/gnu AUSTRALIA: archie.oz.au:/gnu (archie.oz or archie.oz.au for ACSnet) EUROPE: irisa.irisa.fr:/pub/gnu, grasp1.univ-lyon1.fr:pub/gnu, unix.hensa.ac.uk:/pub/uunet/systems/gnu, src.doc.ic.ac.uk:/gnu, ftp.informatik.tu-muenchen.de, ftp.informatik.rwth-aachen.de:/pub/gnu, isy.liu.se, ftp.stacken.kth.se, ftp.luth.se:/pub/unix/gnu, nic.funet.fi:/pub/gnu, ugle.unit.no, ftp.win.tue.nl, ftp.denet.dk, ftp.eunet.ch, nic.switch.ch:/mirror/gnu, archive.eu.net USA: wuarchive.wustl.edu, labrea.stanford.edu, ftp.kpc.com:/pub/mirror/gnu, ftp.cs.widener.edu, uxc.cso.uiuc.edu, col.hp.com:/mirrors/gnu, ftp.cs.columbia.edu:/archives/gnu/prep, gatekeeper.dec.com:/pub/GNU, ftp.uu.net:/systems/gnu ] ------- End of Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: deboni@diego.llnl.gov (Tom DeBoni) Date: Tue, 11 May 93 10:58:46 PDT To: cypherpunks@toad.com Subject: book reference request Message-ID: <9305111757.AA02870@diego.llnl.gov> MIME-Version: 1.0 Content-Type: text/plain A month or so back, there appeared on this list a reference to a book on the history of cryptology in telecommunications in the country. If memory serves me (and it may well not) its title was something like "The Invisible Weapon". Could some knowing person please send oe the full reference, or otherwise unconfuse me? Thanks! Tom DeBoni deboni@llnl.gov From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Sandy <72114.1712@CompuServe.COM> Date: Tue, 11 May 93 15:52:39 PDT To: Subject: CALLER ID? Message-ID: <930511191724_72114.1712_FHF57-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain _________________________________________________________________ SANDY SANDFORT ssandfort@attmail.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Cypherpunks, You think CALLER ID isn't available where you live? Think again. Any time you call an 800 number, regardless of where you live, your number is captured by ANI (Automatic Number Identification) and given to the owners of the 800 number. This includes the various "crime stopper" snitch lines that claim "we don't want your name, just the pusher's." A special 800 number has been set up to demonstrate this. It's: 1-800-235-1414 Call it, and it will recite your phone number back to you. It then gives a pitch for two worthwhile items--a 900 phone number service that lets you make calls which cannot be traced by ANI, and FULL DISCLOSURE, a privacy oriented magazine. If you leave your name and address, you will be sent FULL DISCLOSURE info. Check it out, S a n d y (arbitration volunteer) >>>>>>>> Please address e-mail to: ssandfort@attmail.com <<<<<<<< _________________________________________________________________ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Matthew J Miszewski Date: Tue, 11 May 93 14:48:24 PDT To: cypherpunks@toad.com Subject: BYTE article Message-ID: <23051116244656@vms2.macc.wisc.edu> MIME-Version: 1.0 Content-Type: text/plain Cypherpunks, There is an article about the future of Encryption Regulation in the May 1993 issue of BYTE. Its not TOO bad and our side is at least represented. (With a most excellent spokesman BTW). They offer up a "solution" to the Denning/Privacy Schism. Including Silvio Micali's (I thought someone else had this idea first...) multiple repositories. I recall some talk about this with regard to time released crypto. I think they could use some refining. The author is Peter Wayner and can be reached at pcw@access.digex.com. Take it easy on him, I think he is really trying to struggle with issues that we understand already. Lets school 'im guys (and gals). The article actually mentions steganography also...Not bad BYTE. Matt mjmiski@macc.wisc.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jet@nas.nasa.gov (J. Eric Townsend) Date: Tue, 11 May 93 17:25:45 PDT To: Subject: CALLER ID? In-Reply-To: <930511191724_72114.1712_FHF57-1@CompuServe.COM> Message-ID: <9305120025.AA27965@boxer.nas.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain Sandy writes: > Call it, and it will recite your phone number back to you. It Too bad it gets the wrong number for my work #: My number: 415.604.4311. The number it claims I'm at: 415.967.7227 (No one answers the second number, fyi.) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: markh@wimsey.bc.ca (Mark C. Henderson) Date: Tue, 11 May 93 17:42:23 PDT To: cypherpunks@toad.com Subject: Re: [Torbjorn Granlund: GNU Multiple Precision Arithmetic Library] Message-ID: MIME-Version: 1.0 Content-Type: text/plain > It might be interesting to compare the speed of this library with the > speed of the multiprecision code in RSAREF and in PGP. May the fastest > library win! > > John > > ------- Forwarded Message > > To: info-gnu@prep.ai.mit.edu, bug-gnu-utils@prep.ai.mit.edu > Subject: GNU Multiple Precision Arithmetic Library > Date: Mon, 10 May 1993 16:35:35 +0200 > From: Torbjorn Granlund > > Version 1.3 of the GNU Multiple Precision Arithmetic Library is now > available for anonymous ftp from prep.ai.mit.edu as /pub/gnu/gmp-1.3.tar.z. Well, I've done some comparison between gmp 1.3 and RSAREF (as distributed with RIPEM 1.07) on a RS6000/320 The key generation speeds turned out to be almost exactly the same using the "aixgcc/xlc mixed" version of RSAREF/RIPEM and gmp compiled entirely with IBM's xlc compiler. (for those who haven't poked around in RIPEM, I'll say that this RS6000 version of RIPEM uses the "long long" data type to get 32 bit by 32 bit multiplications with 64 bit results quickly). So, it wouldn't surprise me if some clever person could optimize gmp for the RS6000 and end up with something faster than what's provided in RIPEM 1.07. Mark -- Mark Henderson markh@wimsey.bc.ca RIPEM key available by key server/finger/E-mail MD5OfPublicKey: F1F5F0C3984CBEAF3889ADAFA2437433 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Tue, 11 May 93 17:42:44 PDT To: cypherpunks@toad.com Subject: Re: BYTE article In-Reply-To: <23051116244656@vms2.macc.wisc.edu> Message-ID: <9305120043.AA07654@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Matt M. writes: > I think they could use some refining. The author is Peter Wayner and can be > reached at pcw@access.digex.com. Take it easy on him, I think he is really > trying to struggle with issues that we understand already. Lets school 'im guys > (and gals). > I suspect Peter will also comment on this! Peter Wayner is a member of this very list. (I know this from reading his posts, not from seeing the distribution list, which I haven't.) The article was excellent, in my opinion. -Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Tue, 11 May 93 15:15:33 PDT To: banisar@washofc.cpsr.org Subject: NIST Open Meeting Message-ID: MIME-Version: 1.0 Content-Type: text/plain This message is forwarded from RISKS Digest (14.59) 8<---------- Begin forwarded message -------------- Date: Tue, 11 May 93 13:42:18 EDT From: Clipper-Capstone Chip Info Organization: National Institute of Standards and Technology (NIST) Subject: NIST Advisory Board Seeks Comments on Crypto Note: This file has been posted to the following groups: RISKS Forum, Privacy Forum, Sci.crypt, Alt.privacy.clipper and will be made available for anonymous ftp from csrc.ncsl.nist.gov, filename pub/nistgen/cryptmtg.txt and for download from the NIST Computer Security BBS, 301-948-5717, filename cryptmtg.txt. Note: The following notice is scheduled to appear in the Federal Register this week. The notice announces a meeting of the Computer System Security and Privacy Advisory Board (established by the Computer Security Act of 1987) and solicits public and industry comments on a wide range of cryptographic issues. Please note that submissions due by 4:00 p.m. May 27, 1993. DEPARTMENT OF COMMERCE National Institute of Standards and Technology Announcing a Meeting of the COMPUTER SYSTEM SECURITY AND PRIVACY ADVISORY BOARD AGENCY: National Institute of Standards and Technology ACTION: Notice of Open Meeting SUMMARY: Pursuant to the Federal Advisory Committee Act, 5 U.S.C. App., notice is hereby given that the Computer System Security and Privacy Advisory Board will meet Wednesday, June 2, 1993, from 9:00 a.m. to 5:00 p.m., Thursday, June 3, 1993, from 9:00 a.m. to 5:00 p.m., and Friday, June 4, 1993 from 9:00 a.m. to 1:00 p.m. The Advisory Board was established by the Computer Security Act of 1987 (P.L. 100-235) to advise the Secretary of Commerce and the Director of NIST on security and privacy issues pertaining to Federal computer systems and report its findings to the Secretary of Commerce, the Director of the Office of Management and Budget, the Director of the National Security Agency, and the appropriate committees of the Congress. All sessions will be open to the public. DATES: The meeting will be held on June 2-4 1993. On June 2 and 3, 1993 the meeting will take place from 9:00 a.m. to 5:00 p.m. and on June 4, 1993 from 9:00 a.m. to 1:00 p.m. Public submissions (as described below) are due by 4:00 p.m. (EDT) May 27, 1993 to allow for sufficient time for distribution to and review by Board members. ADDRESS: The meeting will take place at the National Institute of Standards and Technology, Gaithersburg, MD. On June 2, 1993, the meeting will be held in the Administration Building, "Red Auditorium," on June 3 the meeting will be held in the Administration Building, "Green Auditorium," and on June 4, 1993 in the Administration Building, Lecture Room "B." Submissions (as described below), including copyright waiver if required, should be addressed to: Cryptographic Issue Statements, Computer System Security and Privacy Advisory Board, Technology Building, Room B-154, National Institute of Standards and Technology, Gaithersburg, MD, 20899 or via FAX to 301/948-1784. Submissions, including copyright waiver if required, may also be sent electronically to "crypto@csrc.ncsl.nist.gov". AGENDA: - Welcome and Review of Meeting Agenda - Government-developed "Key Escrow" Chip Announcement Review - Discussion of Escrowed Cryptographic Key Technologies - Review of Submitted Issue Papers - Position Presentations & Discussion - Public Participation - Annual Report and Pending Business - Close PUBLIC PARTICIPATION: This Advisory Board meeting will be devoted to the issue of the Administration's recently announced government-developed "key escrow" chip cryptographic technology and, more broadly, to public use of cryptography and government cryptographic policies and regulations. The Board has been asked by NIST to obtain public comments on this matter for submission to NIST for the national review that the Administration's has announced it will conduct of cryptographic-related issues. Therefore, the Board is interested in: 1) obtaining public views and reactions to the government-developed "key escrow" chip technology announcement, "key escrow" technology generally, and government cryptographic policies and regulations 2) hearing selected summaries of written views that have been submitted, and 3) conducting a general discussion of these issues in public. The Board solicits all interested parties to submit well-written, concise issue papers, position statements, and background materials on areas such as those listed below. Industry input is particularly encouraged in addressing the questions below. Because of the volume of responses expected, submittors are asked to identify the issues above to which their submission(s) are responsive. Submittors should be aware that copyrighted documents cannot be accepted unless a written waiver is included concurrently with the submission to allow NIST to reproduce the material. Also, company proprietary information should not be included, since submissions will be made publicly available. This meeting specifically will not be a tutorial or briefing on technical details of the government-developed "key escrow" chip or escrowed cryptographic key technologies. Those wishing to address the Board and/or submit written position statements are requested to be thoroughly familiar with the topic and to have concise, well-formulated opinions on its societal ramifications. Issues on which comments are sought include the following: 1. CRYPTOGRAPHIC POLICIES AND SOCIAL/PUBLIC POLICY ISSUES Public and Social policy aspects of the government-developed "key escrow" chip and, more generally, escrowed key technology and government cryptographic policies. Issues involved in balancing various interests affected by government cryptographic policies. 2. LEGAL AND CONSTITUTIONAL ISSUES Consequences of the government-developed "key escrow" chip technology and, more generally, key escrow technology and government cryptographic policies. 3. INDIVIDUAL PRIVACY Issues and impacts of cryptographic-related statutes, regulations, and standards, both national and international, upon individual privacy. Issues related to the privacy impacts of the government-developed "key escrow" chip and "key escrow" technology generally. 4. QUESTIONS DIRECTED TO AMERICAN INDUSTRY 4.A Industry Questions: U.S. Export Controls 4.A.1 Exports - General What has been the impact on industry of past export controls on products with password and data security features for voice or data? Can such an impact, if any, be quantified in terms of lost export sales or market share? If yes, please provide that impact. How many exports involving cryptographic products did you attempt over the last five years? How many were denied? What reason was given for denial? Can you provide documentation of sales of cryptographic equipment which were lost to a foreign competitor, due solely to U.S. Export Regulations. What are the current market trends for the export sales of information security devices implemented in hardware solutions? For software solutions? 4.A.2 Exports - Software If the U.S. software producers of mass market or general purpose software (word processing, spreadsheets, operating environments, accounting, graphics, etc.) are prohibited from exporting such packages with file encryption capabilities, what foreign competitors in what countries are able and willing to take foreign market share from U.S. producers by supplying file encryption capabilities? What is the impact on the export market share and dollar sales of the U.S. software industry if a relatively inexpensive hardware solution for voice or data encryption is available such as the government-developed "key escrow" chip? What has been the impact of U.S. export controls on COMPUTER UTILITIES software packages such as Norton Utilities and PCTools? What has been the impact of U.S. export controls on exporters of OTHER SOFTWARE PACKAGES (e.g., word processing) containing file encryption capabilities? What information does industry have that Data Encryption Standard (DES) based software programs are widely available abroad in software applications programs? 4.A.3 Exports - Hardware Measured in dollar sales, units, and transactions, what have been the historic exports for: Standard telephone sets Cellular telephone sets Personal computers and work stations FAX machines Modems Telephone switches What are the projected export sales of these products if there is no change in export control policy and if the government- developed "key escrow" chip is not made available to industry? What are the projected export sales of these products if the government-developed "key escrow" chip is installed in the above products, the above products are freely available at an additional price of no more than $25.00, and the above products are exported WITHOUT ADDITIONAL LICENSING REQUIREMENTS? What are the projected export sales of these products if the government-developed "key escrow" chip is installed in the above products, the above products are freely available at an additional price of no more than $25.00, and the above products are to be exported WITH AN ITAR MUNITIONS LICENSING REQUIREMENT for all destinations? What are the projected export sales of these products if the government-developed "key escrow" chip is installed in the above products, the above products are freely available at an additional price of no more than $25.00, and the above products are to be exported WITH A DEPARTMENT OF COMMERCE LICENSING REQUIREMENT for all destinations? 4.A.4 Exports - Advanced Telecommunications What has been the impact on industry of past export controls on other advanced telecommunications products? Can such an impact on the export of other advanced telecommunications products, if any, be quantified in terms of lost export sales or market share? If yes, provide that impact. 4.B Industry Questions: Foreign Import/Export Regulations How do regulations of foreign countries affect the import and export of products containing cryptographic functions? Specific examples of countries and regulations will prove useful. 4.C Industry Questions: Customer Requirements for Cryptography What are current and future customer requirements for information security by function and industry? For example, what are current and future customer requirements for domestic banking, international banking, funds transfer systems, automatic teller systems, payroll records, financial information, business plans, competitive strategy plans, cost analyses, research and development records, technology trade secrets, personal privacy for voice communications, and so forth? What might be good sources of such data? What impact do U.S. Government mandated information security standards for defense contracts have upon demands by other commercial users for information security systems in the U.S.? In foreign markets? What threats are your product designed to protect against? What threats do you consider unaddressed? What demand do you foresee for a) cryptographic only products, and b) products incorporating cryptography in: 1) the domestic market, 2) in the foreign-only market, and 3) in the global market? 4.D Industry Questions: Standards If the European Community were to announce a non-DES, non-public key European Community Encryption Standard (ECES), how would your company react? Include the new standard in product line? Withdraw from the market? Wait and see? What are the impacts of government cryptographic standards on U.S. industry (e.g., Federal Information Processing Standard 46-1 [the Data Encryption Standard] and the proposed Digital Signature Standard)? 5. QUESTIONS DIRECTED TO THE AMERICAN BUSINESS COMMUNITY 5.A American Business: Threats and Security Requirements Describe, in detail, the threat(s), to which you are exposed and which you believe cryptographic solutions can address. Please provide actual incidents of U.S. business experiences with economic espionage which could have been thwarted by applications of cryptographic technologies. What are the relevant standards of care that businesses must apply to safeguard information and what are the sources of those standards other than Federal standards for government contractors? What are U.S. business experiences with the use of cryptography to protect against economic espionage, (including current and projected investment levels in cryptographic products)? 5.B American Business: Use of Cryptography Describe the types of cryptographic products now in use by your organization. Describe the protection they provide (e.g., data encryption or data integrity through digital signatures). Please indicate how these products are being used. Describe any problems you have encountered in finding, installing, operating, importing, or exporting cryptographic devices. Describe current and future uses of cryptographic technology to protect commercial information (including types of information being protected and against what threats). Which factors in the list below inhibit your use of cryptographic products? Please rank: -- no need -- no appropriate product on market -- fear of interoperability problems -- regulatory concerns -- a) U.S. export laws -- b) foreign country regulations -- c) other -- cost of equipment -- cost of operation -- other Please comment on any of these factors. In your opinion, what is the one most important unaddressed need involving cryptographic technology? Please provide your views on the adequacy of the government-developed "key escrow" chip technological approach for the protection of all your international voice and data communication requirements. Comments on other U.S. Government cryptographic standards? 6. OTHER Please describe any other impacts arising from Federal government cryptographic policies and regulations. Please describe any other impacts upon the Federal government in the protection of unclassified computer systems. Are there any other comments you wish to share? The Board agenda will include a period of time, not to exceed ten hours, for oral presentations of summaries of selected written statements submitted to the Board by May 27, 1993. As appropriate and to the extent possible, speakers addressing the same topic will be grouped together. Speakers, prescheduled by the Secretariat and notified in advance, will be allotted fifteen to thirty minutes to orally present their written statements. Individuals and organizations submitting written materials are requested to advise the Secretariat if they would be interested in orally summarizing their materials for the Board at the meeting. Another period of time, not to exceed one hour, will be reserved for oral comments and questions from the public. Each speaker will be allotted up to five minutes; it will be necessary to strictly control the length of presentations to maximize public participation and the number of presentations. Except as provided for above, participation in the Board's discussions during the meeting will be at the discretion of the Designated Federal Official. Approximately thirty seats will be available for the public, including three seats reserved for the media. Seats will be available on a first-come, first-served basis. FOR FURTHER INFORMATION CONTACT: Mr. Lynn McNulty, Executive Secretary and Associate Director for Computer Security, Computer Systems Laboratory, National Institute of Standards and Technology, Building 225, Room B154, Gaithersburg, Maryland 20899, telephone: (301) 975-3240. SUPPLEMENTARY INFORMATION: Background information on the government- developed "key escrow" chip proposal is available from the Board Secretariat; see address in "for further information" section. Also, information on the government-developed "key escrow" chip is available electronically from the NIST computer security bulletin board, phone 301-948-5717. The Board intends to stress the public and social policy aspects, the legal and Constitutional consequences of this technology, and the impacts upon American business and industry during its meeting. It is the Board's intention to create, as a product of this meeting, a publicly available digest of the important points of discussion, conclusions (if any) that might be reached, and an inventory of the policy issues that need to be considered by the government. Within the procedures described above, public participation is encouraged and solicited. /signed/ Raymond G. Kammer, Acting Director May 10, 1993 8<--------- End forwarded message ---------------- I didn't see "Clipper" or "Capstone" or "SkipJack" mention once in the entire post. What did they do -- drop the name? I'm starting on my own submission for presentation tonight... Cheers. Paul Ferguson | Boycott AT&T, Network Integrator | Write your elected Centreville, Virginia USA | Representatives. fergp@sytex.com | Do the right thing. Just say "NO" to the Wiretap (Clipper/Capstone) Chip(s) I love my country, but I fear its government. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: spencew@BIX.com Date: Tue, 11 May 93 16:14:14 PDT To: cypherpunks@toad.com Subject: Unsubscribe Message-ID: <9305111905.memo.22609@BIX.com> MIME-Version: 1.0 Content-Type: text/plain Please remove me from the list. Spencer K. Whetstone From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Matthew J Miszewski Date: Tue, 11 May 93 18:49:22 PDT To: cypherpunks@toad.com Subject: BYTE article Message-ID: <23051120482662@vms2.macc.wisc.edu> MIME-Version: 1.0 Content-Type: text/plain Shheeesh. I wasnt even implying the article was bad. To the contrary it was one of the best mainstream articles I have ever seen on the subject. That is why I posted the note to the list. I thought some list members could find the explanations useful. The refinement I was refering to was the authors implied acceptance of Micali's "fair crypto system" as a "solution". I could be wrong, and Im sure I will be corrected if i am, but my feelings were that this system still depended on the trustworthiness of the branches to which the "pieces" of your key would be distributed. If these were all TLAs, we still have a Denning problem, no? I thought I made it clear in the last post that i thought that the article was very good. If not I am sorry. And if your listening Peter, Great Article! --------------------------------------- Matt (Respectfully Questioning in part) mjmiski@macc.wisc.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nmh@thumper.bellcore.com (Neil Haller) Date: Tue, 11 May 93 17:52:46 PDT To: jet@nas.nasa.gov Subject: Re: CALLER ID? Message-ID: <9305120052.AA10916@latour.bellcore.com> MIME-Version: 1.0 Content-Type: text/plain That means your office is served by a PBX. With PBX service you have some incoming trunks and outgoing trunks (technically they are lines, but let's ignore that). The number of lines in your company is much greater than the number of incoming and outgoing trunks. The ANI data is the line id of your outgoing trunk. Incoming calls must pass your extension id and connect through an incoming trunk. Neil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Robert Luscombe Date: Tue, 11 May 93 19:55:18 PDT To: Cypherpunks Subject: PGP for 4.3 BSD Unix Message-ID: MIME-Version: 1.0 Content-Type: text/plain I want to install PGP 2.2 in my Unix account, and may need some assistance. I have never needed to compile anything before, and need some guidance. Actually, if someone has an executable for 4.3 BSD, that is all i really need. Otherwise, would anyone care to help? I really don't know what other info i need to provide to make this easier... i did see in the makefile.unx that there was a target for BSD with gcc; gcc -v here shows that version 2.3.3 is here. Email me if anyone can help. Thanks, bob BTW- Thanks to Eric Hughes for helping me install some stuff. It seems like cypherpunks is a list where people don't only talk, they actually accomplish something, thanks to people like Eric. --Robert Luscombe------------------------------------------------------ - Internet: ral@telerama.pgh.pa.us Voice:412/488-0941 - - robert@well.sf.ca.us (Finger for PGP Pub Key) - ----------------------------------------------------------------------- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: markh@wimsey.bc.ca (Mark C. Henderson) Date: Tue, 11 May 93 22:54:49 PDT To: cypherpunks@toad.com Subject: Re: [Torbjorn Granlund: GNU Multiple Precision Arithmetic Library] Message-ID: MIME-Version: 1.0 Content-Type: text/plain > Well, I've done some comparison between gmp 1.3 and RSAREF (as distributed > with RIPEM 1.07) on a RS6000/320 > > The key generation speeds turned out to be almost exactly the same using > the "aixgcc/xlc mixed" version of RSAREF/RIPEM and gmp compiled entirely > with IBM's xlc compiler. > > (for those who haven't poked around in RIPEM, I'll say that this RS6000 > version of RIPEM uses the "long long" data type to get 32 bit by 32 bit > multiplications with 64 bit results quickly). > > So, it wouldn't surprise me if some clever person could optimize > gmp for the RS6000 and end up with something faster than what's > provided in RIPEM 1.07. In fact, after reading some code, I noticed the optimisations are in there, if one compiles with gcc (a few bytes of RS6k assembler makes a significant difference!). Anyway, the particular benchmark I'm playing with (key generation) is now about 20% faster with gmp than with the routines provided with RIPEM. Mark -- Mark Henderson markh@wimsey.bc.ca RIPEM key available by key server/finger/E-mail MD5OfPublicKey: F1F5F0C3984CBEAF3889ADAFA2437433 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: George A. Gleason Date: Wed, 12 May 93 02:21:41 PDT To: jet@nas.nasa.gov Subject: Re: CALLER ID? Message-ID: <199305120921.AA05565@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Getting the wrong number: That can happen if you're in a PBX with a separate outgoing and incoming trunk group. Particularly if your incoming number is a Direct Inward Dialing (DID) number, which means that people in the Outside World can call right to your desk by dialing (area code +) 7-digits. There is no facility on most PBXs to have DID numbers or other station directory numbers follow outgoing calls, though you might have a call accounting system hooked up to provide information to your company about which extensions are making which outside calls; but again, that's entirely within your own system. If you do have an outgoing trunk group, I would advise setting it up so that incoming calls on that group at least ring to the receptionist's console, and then give out those numbers to company folks who might have reason to need a way to get through in a pinch if everything else is down. Also the outgoing group will be regular loop- or ground-start trunks, and as a last-ditch backup you can terminate them on single-line jacks for use with emergency phones in case of a system crash or an extended power failure. You can also use the outgoing group to provide night service, where calls to various lines in that group would ring to specified extensions in the areas where people may be working after hours. -gg From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Satan Date: Wed, 12 May 93 11:21:37 PDT To: cypherpunks@toad.com Subject: Re: CALLER ID? In-Reply-To: <199305120921.AA05565@well.sf.ca.us> Message-ID: <199305121821.AA13501@orion.oac.uci.edu> MIME-Version: 1.0 Content-Type: text/plain well i have the same problem because i am also on a pbx system where you can call me by extension inside or the 7 digit outside but isnt/wasnt there a phone company number you could call i forget what it was 631 4231 or something? hell.. and besides.. 800 numbers get your phone number the same way your caller gets your number when you call collect THEY ARE PAYING FOR THE CALL they kinda have a right to know what they are paying for From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peb@PROCASE.COM Date: Wed, 12 May 93 12:00:25 PDT To: cypherpunks@toad.com Subject: The Halting Problem Message-ID: <9305121900.AA09630@banff> MIME-Version: 1.0 Content-Type: text/plain It occurred to me that determining whether a set of random bytes is actually a crypto message could be reduced to the halting problem. Given this, it would be theoretically impossible to prove that an uncrackable message was indeed a crypto message. The revelation here (for me, anyway) is that if arbitrary crypto were made illegal, the burden of proof would be on the prosecution which would have to crack the message (at least partially). Paul E. Baclace peb@procase.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: stig@netcom.com (Jonathan Stigelman) Date: Wed, 12 May 93 13:14:45 PDT To: eaeu362@orion.oac.uci.edu Subject: Re: CALLER ID? Message-ID: <9305122015.AA24570@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain > From: Satan > Subject: Re: CALLER ID? > > and besides.. 800 numbers get your phone number the > same way your caller gets your number when you call collect > THEY ARE PAYING FOR THE CALL > they kinda have a right to know what they are paying for > You're confused or you miswrote: 800 number owners pay for your calls, people with caller ID boxes do not. So, do you think that the "privacy protecting 900 number" ($2/min) uses your number (remember that they DO have it) for privacy junk mailing purposes? Stig >> Jonathan Stigelman, stig@netcom.com, PGP key on request << From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: eric@Synopsys.COM Date: Wed, 12 May 93 13:27:51 PDT To: Sandy <72114.1712@compuserve.com> Subject: Re: CALLER ID? In-Reply-To: <930511191724_72114.1712_FHF57-1@CompuServe.COM> Message-ID: <199305122027.AA11739@gaea.synopsys.com> MIME-Version: 1.0 Content-Type: text/plain >>>>> On 11 May 93 15:17:25 EDT, Sandy <72114.1712@compuserve.com> said: SS> A special 800 number has been set up to demonstrate this. It's: SS> 1-800-235-1414 SS> Call it, and it will recite your phone number back to you. The voice at the other end laughed and said "This wouldn't happen to be YOUR phone number, would it?". I had to laugh back, because it wasn't. This is a great way to find out just how much information they really are getting about you. I work for a company with several hundred employees, and when I called, it recited the company's main switchboard number. Without my company's cooperation, there'd be no way for trace a particular call back to me. Does our phone system even log 800 number calls? I don't know. -eric messick (eric@synopsys.com) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peb@PROCASE.COM Date: Wed, 12 May 93 13:47:56 PDT To: mab@crypto.com Subject: Re: The Halting Problem Message-ID: <9305122047.AA09694@banff> MIME-Version: 1.0 Content-Type: text/plain >From mab@crypto.com Wed May 12 13:26:04 1993 >I don't see how determining that a particular string is an encrypted >message reduces to the halting problem. Consider that the cyphertext is a program for an abstract machine called the cyphercracker which returns TRUE if a message is encoded otherwise FALSE. Such a system for determining message-ness could take an arbitrary amount of cpu time and no amount of static analysis could determine the return value quicker. Paul E. Baclace peb@procase.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Satan Date: Wed, 12 May 93 14:59:19 PDT To: cypherpunks@toad.com Subject: Re: CALLER ID? Message-ID: <199305122136.AA02867@orion.oac.uci.edu> MIME-Version: 1.0 Content-Type: text/plain > You're confused or you miswrote: 800 number owners pay for your calls, > people with caller ID boxes do not. > > So, do you think that the "privacy protecting 900 number" ($2/min) uses > your number (remember that they DO have it) for privacy junk mailing > purposes? i realize that caller ID box owners are not paying for your call but this system was talking about 800 numbers two things i will grant 1) most 800 numbers are pro-watts or whatever it is and pay just one huge charge a month and dont deal with each bill seperately so they dont get charged for your specific call BUT it is a great way to get marketting stuff ive wroked for companies that do that 2) most peopel dont know that an 800 number isnt anonymous but that goes to educating the public and i really dont think the public cares enough to want to know From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Mr. Noise" Date: Wed, 12 May 93 12:07:33 PDT To: cypherpunks@toad.com Subject: Re: CALLER ID? Message-ID: <9305121907.AA21109@titan.ucs.umass.edu> MIME-Version: 1.0 Content-Type: text > and besides.. 800 numbers get your phone number the > same way your caller gets your number when you call collect > THEY ARE PAYING FOR THE CALL > they kinda have a right to know what they are paying for Maybe...but what about 'crisis hotlines' and number for 'anonymous referrals'? The average person is probably unaware that the folks at the 800 number they're calling can get their number... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Mr. Noise" Date: Wed, 12 May 93 12:31:13 PDT To: cypherpunks@toad.com Subject: Phil Zimmerman on the Radio Message-ID: <9305121931.AA22199@titan.ucs.umass.edu> MIME-Version: 1.0 Content-Type: text > FYI, for those of you in the NYC area, I'm going to be conducting a > brief interview with Phil Zimmerman (author of PGP) on my radio show > tomorrow to discuss the recent NSA/Big Brother crypto developments > (see the front page of today's New York Times). > > WFMU, East Orange, NJ, 91.1 FM. My show airs from noon-3:00 local time, > and the interview will start at around 1:00. > > N.B.: I will NOT be taping the show, so I can't make tapes for anyone. > Anyone else listening is free to make copies and do whatever they want > with them, of course. ACK! My mailbox has been so backlogged that I read this message a month late! *Did* anyone tape the show? I'd really like a copy...maybe to replay on the radio at WCNI (New London, 91.1) if it's really good (if that's o.k....?)... If someone has a tape, please let me know at mrnoise@econs.umass.edu, or if you're feeling both ambitious & altruistic, please mail a copy to me at P.O. Box 109, Bozrah, CT...I'll mail you back $$ for the tape & postage. Thanks in advance for any help on this one... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Wed, 12 May 93 15:50:22 PDT To: eaeu362@orion.oac.uci.edu Subject: Re: CALLER ID? Message-ID: <9305122249.AA00229@servo> MIME-Version: 1.0 Content-Type: text/plain Interesting. As expected, when I called 1-800-235-1414 from a PBX extension here at work, it read back the trunk number, not my actual extension number. The same for a developmental CDMA digital cellphone, since we use PBX-style trunks from our switch. But when I called it from a conventional AMPS (FM) cell phone using Pac Tel Cellular, I also got a number that was different than my mobile's real number. And when I called it back, I got a number-not-valid intercept. Interesting. Apparently one real cellular switch also looks like a PBX as far as ANI goes. I wonder how widespread this is. Anybody with a cell phone on a service other than Pac Bell who is willing to give it a try? Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: x62727g2@usma8.USMA.EDU (Gatlin Anthony CDT) Date: Wed, 12 May 93 13:05:01 PDT To: cypherpunks@toad.com Subject: Publications Message-ID: <9305121958.AA14189@usma8.usma.edu> MIME-Version: 1.0 Content-Type: text/plain Greetings fellow crypto warriors, I am attempting to locate several publications to see if they are still in existence and where I might them or archives of previous issues. The publications I am interested in are TAP, NIA, AOTD, NARC, etc. If anyone knows where I might be able to obtain these or similar publications, please let me know. Also, does anyone know where any "interesting" ftp sites which carry files or other data related to these type publications? Thanks, Anthony J. Gatlin |-------------------------------------| Cadet Private, Co. G-2 |PGP Public Key available on request. | United States Military Academy |-------------------------------------| From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Matt Blaze Date: Wed, 12 May 93 13:26:22 PDT To: peb@procase.com Subject: Re: The Halting Problem In-Reply-To: <9305121900.AA09630@banff> Message-ID: <9305122009.AA08373@crypto.com> MIME-Version: 1.0 Content-Type: text/plain > >It occurred to me that determining whether a set of random bytes is >actually a crypto message could be reduced to the halting problem. >Given this, it would be theoretically impossible to prove that an >uncrackable message was indeed a crypto message. The revelation here >(for me, anyway) is that if arbitrary crypto were made illegal, the >burden of proof would be on the prosecution which would have to crack >the message (at least partially). > > >Paul E. Baclace >peb@procase.com > I don't see how determining that a particular string is an encrypted message reduces to the halting problem. For an arbitrary cipher, you can't prove anything about any given potential ciphertext, since the cipher could be a one-time pad. (for one time pads, where keylength=message length, any string can encrypt to any other string by selecting the right key). So it's true that you can't prove anything about arbitrary ciphertext, but that doesn't involve the halting problem. If the cipher is known, on the other hand, there are perfectly deterministic methods to determine whether a particular ciphertext may coresponds to some given plaintext, simply by exhaustive search of the keyspace. However, I do agree with your basic conclusion - there is no way to determine, by the bitstream alone, whether something has been encrypted with an arbitrary cipher. -matt From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Brian.Hawthorne@East.Sun.COM (Brian Holt Hawthorne - SunSelect Engineering) Date: Wed, 12 May 93 13:48:44 PDT To: peb@PROCASE.COM Subject: Re: The Halting Problem Message-ID: <9305122045.AA01782@sea.East.Sun.COM> MIME-Version: 1.0 Content-Type: text/plain > The revelation here > (for me, anyway) is that if arbitrary crypto were made illegal, the > burden of proof would be on the prosecution which would have to crack > the message (at least partially). I believe the burden would actually be on them to crack the message entirely. Otherwise, you are applying arbitrary algorithms to what may be a random stream. If you get something comprehensible out, you have either partially cracked the message, or run into the British Museum problem (AKA 100 monkeys with typewriters). From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peb@PROCASE.COM Date: Wed, 12 May 93 17:01:21 PDT To: cypherpunks@toad.com Subject: Re: The Halting Problem Message-ID: <9305130000.AA09703@banff> MIME-Version: 1.0 Content-Type: text/plain >From pmetzger@lehman.com Wed May 12 15:28:22 1993 >you missed the word "particular". Well, I was considering this an unknown--that is, the cryptoanalyzer does *not* know the particular Turing machine, so it is an arbitrary machine, although the program is finite. That is, I am suggesting a decrypt-machine that is turing-complete, however, as: >From: Marc.Ringuette@GS80.SP.CS.CMU.EDU points out: >So for >any encryption method which allows the recipient to verify in polynomial time >that his decryption is the only possible intended message, we know that the >decryption problem is in NP. a practical crypto algorithm must allow decrypt in P time and since NP problems do theoretically halt, then the halting problem is not a blanket defense. The realities Brian.Hawthorne@East.Sun.COM mentions are all too real: Anonymous remailers could be effectively broken by requiring tracability (say, they way banks must fill out special forms for any transaction over $10k (which is why Oliver North sent money to the Contras in $9.7k packets)); in the same law, the remailer would be shut down if it did not comply. I think the widespread use of video phones would make steganography easier, however. Paul E. Baclace peb@procase.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc.Ringuette@GS80.SP.CS.CMU.EDU Date: Wed, 12 May 93 15:16:57 PDT To: cypherpunks@toad.com Subject: Re: The Halting Problem Message-ID: <9305122216.AA16730@toad.com> MIME-Version: 1.0 Content-Type: text/plain peb> It occurred to me that determining whether a set of random bytes is peb> actually a crypto message could be reduced to the halting problem. I think I can prove this can't be done for most kinds of messages. For a wide range of cases we can know trivially that decryption is in NP. The line of reasoning is this: one definition of the class NP is the class of all problems whose solutions can be verified in polynomial time. So for any encryption method which allows the recipient to verify in polynomial time that his decryption is the only possible intended message, we know that the decryption problem is in NP. These conditions are met in the following cases: - Conventional public key encryption - Any cryptosystem with a short key and a space of allowable messages which is sparse enough that there's a low probability of two messages corresponding to the same ciphertext. This includes most cases in which a digital signature or CRC is added to the end of a message. -- Marc Ringuette (mnr@cs.cmu.edu) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Wed, 12 May 93 14:40:58 PDT To: Brian.Hawthorne@East.Sun.COM (Brian Holt Hawthorne - SunSelect Engineering) Subject: Re: The Halting Problem In-Reply-To: <9305122045.AA01782@sea.East.Sun.COM> Message-ID: <9305122140.AA11117@dun-dun-noodles.aktis.com> MIME-Version: 1.0 Content-Type: text/plain This is all very nice. But if the government can get away with outlawing crypto, it's a simple matter for them to outlaw any stream of data they can't read or don't like. And who says that the burden of proof will remain on them? Think about RICO. You're not necessarily dealing with rational, technically aware people. You're dealing with law enforcement, judges, and juries. Is this paranoia? Maybe. There was recently a series of stories on RISKS recently about people who had warrants issued and their houses entered on the basis of unusual electrical consumption or heat output. Yes, people were monitoring these things. Do you not think that if crypto were outlawed, that they couldn't get a warrant to enter your house or office based on unidentifiable or suspicious data coming out of it? And even if they couldn't prove anything, you still need to convince them to give back your computer and every other piece of digital equipment they confiscated. Steganography is useful to keep them from noticing you. But it's still low-bandwidth, because unless you're in the business of distributing video, you're going to look really strange sending megabytes of gif's over and over again to the same strange addresses (anonymous remailers). Once they do notice you, you're going to have to be a lot more careful. I see steganography to be useful in sending short messages, once codewords, etc. have been agreed upon out-of-band. It's just not useful for anything like the cypherpunks mailing list, or even for personal messages unless it is used sparingly. Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Wed, 12 May 93 14:49:10 PDT To: peb@PROCASE.COM Subject: Re: The Halting Problem In-Reply-To: <9305122047.AA09694@banff> Message-ID: <9305122149.AA11140@dun-dun-noodles.aktis.com> MIME-Version: 1.0 Content-Type: text/plain >> Consider that the cyphertext is a program for an abstract machine >> called the cyphercracker which returns TRUE if a message is encoded >> otherwise FALSE. Such a system for determining message-ness could >> take an arbitrary amount of cpu time and no amount of static >> analysis could determine the return value quicker. Nope. Such a system will take no more than O(2^n) time, where n is the number of bits in the key. You can never do worse than brute-force. Now, you still might not be able to determine if a message is encoded, since maybe I was just encoding true random noise from a radioactive source. And you might have false positives, too, esp. with one-time pads. But it will always halt. The failure modes have nothing to do with the halting problem, they have to do with the fact that is-encoded(message) cannot be formally defined. Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: speth@cats.UCSC.EDU Date: Wed, 12 May 93 18:14:54 PDT To: cypherpunks@toad.com Subject: Re: CALLER ID? Message-ID: <9305130114.AA27275@am.ucsc.edu> MIME-Version: 1.0 Content-Type: text/plain Years ago, when I crossed the country with a regular cell-phone, I tried calling another ANI demo at points along the way. The result was just the same, in a couple different calling areas: the demo always read back some strange number with the area code of the place I was in. I figured it must just go out of some line at the cell-site like a regular phone call. I never tried calling the number that was read back though. ________________________________________________________________________________ james speth email for pgp compatible public-key speth@cats.ucsc.edu ________________________________________________________________________________ Have you ever had your phones tapped by the government? YOU WILL and the company that'll bring it to you... AT&T From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Matt Blaze Date: Wed, 12 May 93 15:46:01 PDT To: peb@procase.com Subject: Re: The Halting Problem In-Reply-To: <9305122047.AA09694@banff> Message-ID: <9305122233.AA08689@crypto.com> MIME-Version: 1.0 Content-Type: text/plain >>From mab@crypto.com Wed May 12 13:26:04 1993 > >>I don't see how determining that a particular string is an encrypted >>message reduces to the halting problem. > >Consider that the cyphertext is a program for an abstract machine >called the cyphercracker which returns TRUE if a message is encoded >otherwise FALSE. Such a system for determining message-ness could >take an arbitrary amount of cpu time and no amount of static >analysis could determine the return value quicker. > > >Paul E. Baclace >peb@procase.com > > Well, that formulation is a bit fuzzy, but I think you've got your reduction technique backwards. To reduce something to the halting problem, you need to show that you could use a machne that solves your problem to solve halting, not the other way around. -matt From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Wed, 12 May 93 18:36:45 PDT To: cypherpunks@toad.com Subject: Re: The Halting Problem Message-ID: <9305130136.AA09123@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain >It occurred to me that determining whether a set of random bytes is >actually a crypto message could be reduced to the halting problem. >Given this, it would be theoretically impossible to prove that an >uncrackable message was indeed a crypto message. The revelation here >(for me, anyway) is that if arbitrary crypto were made illegal, the >burden of proof would be on the prosecution which would have to crack >the message (at least partially). > >Paul E. Baclace Sorry I was out today and missed the halting problem debate! Paul's intuition (or perhaps proof) is correct, at least according to a paper Len Adleman wrote some years back, showing this. (I don't have the paper, but I heard Len describe the results at the Crypto '88 Conference. As with most such results, the result probably depends on a very careful statement of what the terms mean, so take my comments as being only indicative of the flavor of the results.) What follows is not from Adleman's talk or paper, but from information theory. The Kolmogorov-Chaitin view of "randomness" is very similar in spirit: how does one know whether a sequence/string is "effectively random" (short definition: effectively random means there is no shorter description of a sequence than itself) or is instead describable by some shorter sequence? Thus the string "31415926535897932384626433" is recognizable to most agents (people, smart programs) as the first 25 digits of pi (however, it *could* be something else, but I won't get into that right now). But the string "67902371045873651853" is probably not recognizable as anything other than this string. Kolmogorov complexity is defined as the length of the shortest programs which can generate (print) the object. Thus, "alternating 1s and Os" is very short, "the digits of pi" is slightly longer, and the digit mentioned above ("679023...") may not have any shorter program than itself. (The famous Berry Paradox enters here: "The shortest not nameable in under ten words." Does this number exist? If so, what is it?) Finding the generating program is very similar to decrypting a message (I suspect there's a way to formalize the equivalence of encryption and Kolmogorov complexity, beyond this admitted hand-waving, but I don't know it offhand). Strings or expressions which "appear" random but which are actually very regular, or easy to describe, with the proper "key" are called "crypto-regular." Encrypted messages are clearly crypto-regular. Cover and Thomas, in "Elements of Information Theory," 1991, write: "One of the consequences of the non-existence of an algorithm for the halting problem is the non-computability of Kolmogorov complexity. The only way to find the shortest program in general is to try all short programs and see which if them can do the job. However, at any time some of the short programs may not have halted and there is no effective (finite mechanical) way to tell whether they will halt or not and what they will print out. Hence, there is no effective way to find the shortest program to print a given string." (By the way, exhaustive search of a keyspace--as someone suggested--is also not enough, as the cryptostring above (""679023...") may result in several syntactically valid English expressions, such as "attack at dawn," "whopper with fries," "robins migrate peripherally." Knowing when to stop further crypanalysis of a message might be called the "crypto halting problem.") Fascinating stuff! (To my current thinking, the core of the universe!) I recommend Gregory Chaitin's "Algorithmic Information Theory" and "Algorithms and Randomness." And the Cover and Thomas book. A (mundane) consequence for cypherpunks is that the sending of any random-looking stuff may be banned, someday. (No doubt it is in many countries, if they bother to look. Sending unreadable stuff is grounds for a visit by the Federales.) And clearly even "real messages," like this one, like Peter Wayner's baseball scores, like GIF images, etc., can have messages attached. If simple cryptanalysis reveals simple English-like messages, Occam's razor suggests a decryption has been made. But it can never be known for sure whether other messages exist. --Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: by arrangement From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Wed, 12 May 93 16:08:32 PDT To: karn@qualcomm.com (Phil Karn) Subject: Re: CALLER ID? In-Reply-To: <9305122249.AA00229@servo> Message-ID: <9305122308.AA00601@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain Phil Karn says: > Interesting. As expected, when I called 1-800-235-1414 from a PBX > extension here at work, it read back the trunk number, not my actual > extension number. The same for a developmental CDMA digital > cellphone, since we use PBX-style trunks from our switch. > > But when I called it from a conventional AMPS (FM) cell phone using > Pac Tel Cellular, I also got a number that was different than my > mobile's real number. And when I called it back, I got a > number-not-valid intercept. > > Interesting. Apparently one real cellular switch also looks like a PBX > as far as ANI goes. I wonder how widespread this is. Anybody with a > cell phone on a service other than Pac Bell who is willing to give it > a try? I have an even stranger datum to report -- when called from the ISDN PBX here, ANI gets not just the building trunks but *MY* phone number. Yes, it got the extension right, on the other side of the PBX. Hmmm... .pm From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Wed, 12 May 93 18:56:10 PDT To: x62727g2@usma8.USMA.EDU (Gatlin Anthony CDT) Subject: Re: Publications In-Reply-To: <9305121958.AA14189@usma8.usma.edu> Message-ID: <9305130155.AA03463@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain > Greetings fellow crypto warriors, > I am attempting to locate several publications to see if they are still > in existence and where I might them or archives of previous issues. The > publications I am interested in are TAP, NIA, AOTD, NARC, etc. If anyone > knows where I might be able to obtain these or similar publications, please > let me know. Also, does anyone know where any "interesting" ftp sites which > carry files or other data related to these type publications? Please post them to the list. Thanx. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | | But, I was mistaken. |available| | +-----------------------------+---------+ | mdiehl@triton.unm.edu | "I'm just looking for the opportunity | | mike.diehl@fido.org | to be Politically Incorrect! | | (505) 299-2282 | | +-----------------------+---------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: rjc@gnu.ai.mit.edu Date: Wed, 12 May 93 17:50:18 PDT To: eaeu362@orion.oac.uci.edu (Satan) Subject: Re: CALLER ID? In-Reply-To: <199305122136.AA02867@orion.oac.uci.edu> Message-ID: <9305130049.AA90390@hal.gnu.ai.mit.edu> MIME-Version: 1.0 Content-Type: text/plain I sent out a reply to this thread by replied normally instead of with group reply (I'm so used to the extropians list automatically changing the Reply-To). Could the person who received this message forward it to the list? -- Ray Cromwell | Engineering is the implementation of science; -- -- EE/Math Student | politics is the implementation of faith. -- -- rjc@gnu.ai.mit.edu | - Zetetic Commentaries -- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jas@netcom.com Date: Wed, 12 May 93 23:01:14 PDT To: cypherpunks@toad.com Subject: Talking Chips! Message-ID: <9305130601.AB24838@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Hiya guys! Does anybody know of or read the book Talking Chips by Nelson Morgan (Mcgraw-Hill). It's supposed to mention something about DSP chips. Can some one tell me something about the book or recommend a reference manual or something close to a ref. man. related to DSP(I need to look up some specs) jas@netcom.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Thu, 13 May 93 00:11:38 PDT To: speth@cats.UCSC.EDU Subject: Re: CALLER ID? Message-ID: <9305130711.AA03137@servo> MIME-Version: 1.0 Content-Type: text/plain Well, gee. If I can avoid caller ID and 800 number ANI by simply using any old cellular carrier for $0.40/minute (cheaper off peak), then why should I pay $1.95/minute for the same service to 1-900-STOPPER? Yeah, I know, that $1.95 probably includes the long distance portion too, but I doubt there are any ordinary domestic calls that cost as much as $1.55/minute... Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Nickey MacDonald Date: Wed, 12 May 93 21:57:37 PDT To: cypherpunks list Subject: Re: CALLER ID? In-Reply-To: <9305120025.AA27965@boxer.nas.nasa.gov> Message-ID: MIME-Version: 1.0 Content-Type: text/plain It also gets (analog, I don't know if digital is available elsewhere, its not here yet) cellular phones wrong... Apparently it gets the number of one of the towers instead... This may be handy if you want to be anonymous, and you have access to a cellular phone... (And can afford the prime time rates... :-) Its not my phone, I had a friend test it for me... (isn't conference calling wonderful... :-) --- Nick MacDonald | NMD on IRC i6t4@jupiter.sun.csd.unb.ca | PGP 2.1 Public key available via finger On Tue, 11 May 1993, J. Eric Townsend wrote: > Too bad it gets the wrong number for my work #: > > My number: 415.604.4311. The number it claims I'm at: 415.967.7227 > (No one answers the second number, fyi.) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: rjc@gnu.ai.mit.edu Date: Thu, 13 May 93 00:28:25 PDT To: karn@qualcomm.com (Phil Karn) Subject: Re: CALLER ID? In-Reply-To: <9305130711.AA03137@servo> Message-ID: <9305130728.AA49407@hal.gnu.ai.mit.edu> MIME-Version: 1.0 Content-Type: text/plain Phil Karn writes: > > Well, gee. If I can avoid caller ID and 800 number ANI by simply using > any old cellular carrier for $0.40/minute (cheaper off peak), then why > should I pay $1.95/minute for the same service to 1-900-STOPPER? > > Yeah, I know, that $1.95 probably includes the long distance portion too, > but I doubt there are any ordinary domestic calls that cost as much as > $1.55/minute... > > Phil I sent this out before, but it got lost. You can avoid ANIs for $0.00 in most areas by dialing your local operator and saying "Could you please dial this 800 number, I am having problems getting through to it." The ANI returns a bogus number, and toll free operator assistance costs nothing here (C&P bell). -- Ray Cromwell | Engineering is the implementation of science; -- -- EE/Math Student | politics is the implementation of faith. -- -- rjc@gnu.ai.mit.edu | - Zetetic Commentaries -- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "gone, like tears in the rain. 13-May-1993 0910" Date: Thu, 13 May 93 06:09:28 PDT To: cypherpunks@toad.com Subject: Caller ID Message-ID: <9305131309.AA19729@enet-gw.pa.dec.com> MIME-Version: 1.0 Content-Type: text/plain > You can avoid ANIs for $0.00 in most areas by dialing your local >operator and saying "Could you please dial this 800 number, I am having >problems getting through to it." The ANI returns a bogus number, and >toll free operator assistance costs nothing here (C&P bell). Well, that would be the truth here! I haven't been able to complete the call to the 800 number *yet*. My home phone gets a couple of clicks, and then a fast busy, my work phone goes immediately to fast busy. *sigh* -Bill From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Matthew J Miszewski Date: Thu, 13 May 93 07:37:50 PDT To: cypherpunks@toad.com Subject: CLIP: CNN Message-ID: <23051309332459@vms2.macc.wisc.edu> MIME-Version: 1.0 Content-Type: text/plain Cypherpunks, Rumor has it CNN is carrying a clip on the Wiretap Chip Today. (I, Being the poor Law Student that I am, have neither cable nor the time to waatch it). Could someone type up an extract so we can gage our effectiveness? Thanx, Matt From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: markh@wimsey.bc.ca (Mark C. Henderson) Date: Thu, 13 May 93 11:07:03 PDT To: speth@cats.UCSC.EDU Subject: Re: CALLER ID? Message-ID: MIME-Version: 1.0 Content-Type: text/plain > Well, gee. If I can avoid caller ID and 800 number ANI by simply using > any old cellular carrier for $0.40/minute (cheaper off peak), then why > should I pay $1.95/minute for the same service to 1-900-STOPPER? > > Yeah, I know, that $1.95 probably includes the long distance portion too, > but I doubt there are any ordinary domestic calls that cost as much as > $1.55/minute... > > Phil Of course, for Canadians, the services which allow one to dial U.S. 800 numbers (for a fee) work really nicely to defeat ANI. 1-800-235-1414 reports my phone number is 1-206-441-8364 (somewhere in Western Washington state). Mark -- Mark Henderson markh@wimsey.bc.ca RIPEM key available by key server/finger/E-mail MD5OfPublicKey: F1F5F0C3984CBEAF3889ADAFA2437433 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jet@nas.nasa.gov (J. Eric Townsend) Date: Thu, 13 May 93 13:03:34 PDT To: Matthew J Miszewski Subject: CLIP: CNN In-Reply-To: <23051309332459@vms2.macc.wisc.edu> Message-ID: <9305132003.AA08865@boxer.nas.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain Matthew J Miszewski writes: > Rumor has it CNN is carrying a clip on the Wiretap Chip Today. (I, Being > the poor Law Student that I am, have neither cable nor the time to waatch > it). Could someone type up an extract so we can gage our effectiveness? I saw the lame short on CNN. They usually know better than to try and do something technical in too short a time. Oh well, maybe they ran something on CNN Regular? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Round Waffle Date: Thu, 13 May 93 13:08:04 PDT To: x62727g2@usma8.USMA.EDU (Gatlin Anthony CDT) Subject: Re: Publications In-Reply-To: <9305121958.AA14189@usma8.usma.edu> Message-ID: <9305131957.AA22819@titan.ucs.umass.edu> MIME-Version: 1.0 Content-Type: text Possessed by The Unholy, Gatlin Anthony CDT scrawled the following in blood: > > Greetings fellow crypto warriors, > I am attempting to locate several publications to see if they are still > in existence and where I might them or archives of previous issues. The > publications I am interested in are TAP, NIA, AOTD, NARC, etc. If anyone > knows where I might be able to obtain these or similar publications, please > let me know. Also, does anyone know where any "interesting" ftp sites which > carry files or other data related to these type publications? > To my knowledge, none of those publications are still being put out. However, all of them (with the exception of TAP, which was a paper 'zine -- although they did put out one online issue) are archived at ftp.eff.org, in the /pub/cud directory. > Thanks, > > Anthony J. Gatlin |-------------------------------------| > Cadet Private, Co. G-2 |PGP Public Key available on request. | > United States Military Academy |-------------------------------------| > +- eggo@titan.ucs.umass.edu --><-- Eat Some Paste -+ +- Yorn desh born, der ritt de gitt der gue, -+ +- Orn desh, dee born desh, de umn bork! bork! bork! -+ +----------------- The Durex Blender Corporation -----------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jas@netcom.com Date: Thu, 13 May 93 23:20:32 PDT To: cypherpunks@toad.com Subject: Banning Laptops! Message-ID: <9305140621.AA14219@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain I was just siting at home watching a local newscast while reading my favorite alt. newsgroup when the news on the t.v mentioned something about banning laptops and cd players on airplanes. The story did not mention any reason behind this ban on our favourite machines except quote " something is causing problems to our intsruments and we can't figure out what " What else are they gonna ban on flights? My freq jammer. Anyway I'm just wondering what will happen to those new planes that have ports on the seats. So that we can download our e-mail. ( Would we still call it downloading even if we were flying over the site we were downloading the e-mail from ) ^^^^ -jas From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "DrZaphod" Date: Fri, 14 May 93 07:58:44 PDT To: CypherPunks@toad.com Subject: RE: Banning Laptops! Message-ID: <1892.drzaphod@ncselxsi> MIME-Version: 1.0 Content-Type: text/plain In Message Thu, 13 May 93 23:20:59 PDT, netcom!jas@netcomsv.netcom.com writes: >banning laptops and cd players on airplanes. Maybe we should invest in some TEMPEST bags for our stuff.. better yet.. maybe there's a market for selling these at airports.. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- - DrZaphod #Don't Come Any Closer Or I'll Encrypt! - - [AC/DC] / [DnA][HP] #Xcitement thru Technology and Creativity - - [drzaphod@ncselxsi.uucp]# [MindPolice Censored This Bit] - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Fri, 14 May 93 02:07:43 PDT To: jas@netcom.com Subject: Re: Banning Laptops! Message-ID: <9305140907.AA10114@servo> MIME-Version: 1.0 Content-Type: text/plain You may be referring to the clip that appeared on CNN today that said American Airlines had banned the use of laptop computers and CD players *during takeoff and landing*. Use during cruise is OK. I think this policy has been in effect for a while. I've been flying American lately and have heard it mentioned. Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: George A. Gleason Date: Fri, 14 May 93 03:03:51 PDT To: jas@netcom.com Subject: Re: Banning Laptops! Message-ID: <199305141003.AA12460@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Here's what's up: some alarming malfunctions of navigational instruments were traced to consumer electronics in use by passengers. The worst offenders were CD players, but laptops etc were also found to cause trouble. Eventually, aircraft will be retrofitted for greater immunity to this, and of course laptops will probably be developed with reduced RF emissions so that business travellers can use them in flight. (In case it isn't clear, all of these devices emit radio frequency energy which can seriously fuck up radio frequency navigational equipment and onboard computers.) Anyway, until the tech upgrades come down the line, leave your laptop and CD player in the overhead luggage rack. The small increment of pleasure or convenience gained by using these things in the air can't begin to compare with the risk of causing a fatal accident. -gg From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wtap@mindvox.phantom.com (Wire Tap!) Date: Fri, 14 May 93 07:54:38 PDT To: cypherpunks@toad.com Subject: Re: Banning Laptops! Message-ID: MIME-Version: 1.0 Content-Type: text/plain When I was flying overseas a year ago I was told to keep my paltry laptop off during takeoff. I questioned why and was told that it causes instruments only used in takeoff and landing to fluctuate, but it rarely happened, if at all. So were someone to sneak a flip of the power switch on a laptop during takeoff, most likely the pilots would never know. But hey, this IS airplanes we are talking about. Even a little flucuation is too much for me. Piloting a plane is a precision art, and I would hate to be the one to throw the wrench in the works. One of the more interesting things dealing with this is even getting them on the plane. I had to unpack my carry case, power it up, give the fed type guy a dir listing (he said he had to see words), pull out the battery (I suppose to prove it wasn't a really small battery and a stick of dynamite stuffed in there), etc. Joking about a bomb when boarding a plane is a federal offense too. wtap@mindvox.phantom.com PGP key available upon request. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Craig Nottingham Date: Fri, 14 May 93 10:40:54 PDT To: cypherpunks@toad.com Subject: Navigation Prblems and Laptops... Message-ID: <9305141740.AA18653@toad.com> MIME-Version: 1.0 Content-Type: text/plain There are NO documented reports of malfunction of navigational or other instruments on aircraft due to personal electronic devices. The FAA has done studies and conducted investigations and they do not have a singledocumented case of interfence. (Lovely what you can learn from TV thses days) ----- Craig Nottingham -Reality is for people who lack imagination NeXTmail-I hate to advocate drugs, alcohol, violence or insanity to anyone, but they've always worked for me. <=> Hunter S ThompsonZ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jet@nas.nasa.gov (J. Eric Townsend) Date: Fri, 14 May 93 14:32:12 PDT To: cypherpunks@toad.com Subject: computer and privacy on all things considered (bay area, 1430, fri) Message-ID: <9305142132.AA18476@boxer.nas.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain Fri/1430/Mountain View just heard NPR/All Things Considered announcement that they're going to do a bit on data privacy. I dunno the freq, right above 88. (Damn analog jam box. :-) -eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: smb@research.att.com Date: Fri, 14 May 93 12:07:30 PDT To: Craig Nottingham Subject: Re: Navigation Prblems and Laptops... Message-ID: <9305141907.AA19079@toad.com> MIME-Version: 1.0 Content-Type: text/plain There are NO documented reports of malfunction of navigational or other instruments on aircraft due to personal electronic devices. The FAA has done studies and conducted investigations and they do not have a singledocumented case of interfence. (Lovely what you can learn from TV thses days) According to one report (in the NY Times, I believe), SwissAir reports one incident where the apparent interference not only stopped when electronic devices were turned off, it resumed when the pilot gave permission for people to start using them again. ``Documented'' is the wrong word. There have been plenty of cases of trouble attributed to electromagnetic interference; what's lacking is controlled studies that demonstrate an effect, as opposed to anecdotal evidence from the pilots of various aircraft. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Fri, 14 May 93 15:10:50 PDT To: jet@nas.nasa.gov (J. Eric Townsend) Subject: Re: computer and privacy on all things considered (bay area, 1430, fri) Message-ID: <9305142210.AA19678@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain >Fri/1430/Mountain View > >just heard NPR/All Things Considered announcement that they're going >to do a bit on data privacy. I dunno the freq, right above 88. (Damn >analog jam box. :-) > >-eric As soon as I read this (and thankfully the toad.com machine was sending stuff through in a timely way), I flicked on KQED (San Francisco), where the NPR report was already underway. The hacker spokesman was, I think, a "Fred Davis." An unimpressive interview, in my opinion. Confusing stuff about how if your computer has "wires going into it, hackers can get in" (paraphrased from the hacker's comments, not the interviewers). Perhaps the time allotted was just too short to make any reasonable points. Those who didn't hear it, didn't miss much. -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: by arrangement From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Phil Fry" Date: Fri, 14 May 93 15:19:16 PDT To: cypherpunks@toad.com Subject: NPR coverage of Clipper/PGP 5/14/93 Message-ID: <9305142218.AA24538@wrpyr4.us.oracle.com> MIME-Version: 1.0 Content-Type: text/plain In the hopes that this can reach at least some of you before NPR airs locally, there is a reasonably in-depth discussion of Clipper (its problems), PGP (its benefits), etc. at about 50 minutes into the program today (5/14/93). Phil Fry pfry@oracle.com Oracle Consulting Cincinnati, Ohio 513 651 4444 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Fri, 14 May 93 15:34:35 PDT To: cypherpunks@toad.com Subject: Questions to the White House from the Digital Privacy and Security Working Group Message-ID: <9305142234.AA20885@toad.com> MIME-Version: 1.0 Content-Type: text/plain Cypherpunks will recognize some of the questions from the brainstorming session of a few weeks ago. ------- Forwarded Message From: djw@eff.org (Daniel J. Weitzner) ... The Digital Privacy and Security Working Group, coordinated by the Electronic Frontier Foundation, sent the following questions to the White House, the Department of Commerce, and key members of Congress. ================== Digital Privacy and Security Working Group 666 Pennsylvania Ave, SE Suite 303 Washington, DC 20003 Jerry Berman or Daniel J. Weitzner 202/544-9237 Leah Gurowitz 202/544-6909 ISSUES AND QUESTIONS REGARDING THE ADMINISTRATION'S CLIPPER CHIP PROPOSAL A. Process by Which the Proposal Was Developed 1. Why the secrecy in which the encryption code scheme was developed? Were any members of the computer, communications, or security industries consulted? Were any privacy experts consulted? Has the Justice Department or the White House Office of Legal Counsel considered the constitutional implications? 2. The Administration's announcement implies that a policy review on encryption has been commenced; but at the same time, it appears that a decision has already been reached to support the Clipper proposal or some other key-escrow scheme. Is any review of the Clipper chip itself now underway? What progress has been made? When will this expedited review be complete? 3. What role has the National Security Agency played in the development and selection of the Clipper Chip and key escrow system? What will NSA's role be in the deployment and evaluation of the system? Are these roles consistent with the principle of civilian control of computer security, as required by the Computer Security Act of 1987? 4. What efforts are underway to improve the government's ability to decrypt non-Clipper algorithms which are likely to be used by criminals? Can the government decrypt all commercially available hardware sold domestically and abroad? If not, wouldn't it be a better policy to direct U.S. resources in that direction instead of the Clipper approach? 5. What percentage of the 800 to 900 annual Title III interceptions encounter encrypted communications? What percentage of law enforcement encountered encryption is estimated to be Clipper as opposed to the other encryption schemes? Is this a solution in search of a problem? 6. Did the government consider commercially-available encryption schemes and reject them? If so, why were they rejected, and is that analysis available? If not, why not? 7. Capstone is the successor to Clipper with the addition of public key exchange and digital signature capabilities. Is Clipper just an intermediate step before Capstone is released? Why did the White House press release not mention Capstone? 8. How will this relate to the FBI's Digital Telephony Proposal? Has the Administration committed to supporting, discarding or reintroducing the proposal in a new form? 9. What is the history of the proposal? How long has this been under consideration? 10. How long has the Clipper Chip and escrow concept been in development? Which agency originated these concepts? B. Secrecy of the Algorithm 11. Will the Clipper proposal have the same degree of public review that other NIST standards, such as DSS have gone through? 12. How can the public trust the security and reliability of an algorithm that is kept classified? 13. If American firms are not able to have their encryption experts examine the algorithm, how can they be sure that there is no "trap door" that would allow any Clipper Chip security system to be overridden? Dr. Kammer of NIST has said that "respected experts from outside the government will be offered access" to the algorithm. How do interested parties go about obtaining this access to the classified material about the Clipper algorithm and participate in the analysis of the design to search for trap doors and other weaknesses? What specific reports from this process will serve to reassure users regarding the integrity of the Clipper Chip? 14. What will be the consequence if the algorithm is published? Will it become less secure? If publication (i.e., de-classification) would make it less secure, how secure can it be? 15. If the Clipper Chip is too weak to protect classified government communications, why should it be used for sensitive proprietary private sector communications? 16. Executive Order 12356 has procedures on classification and declassification of information. Is the algorithm being classified under the framework of this order? What agency is in charge of classification/ declassification? 17. How much effort has the government put into the design and cryptoanalysis of the Clipper Chip as compared to the public analysis of the Data Encryption Standard during the last 16 years? 18. Is the Skipjack algorithm being used by the Clipper Chip derived from codes used in the management of our nuclear arsenal? Is this why the algorithm is being kept secret? If this is so, why are we using this secret system for a dubious commercial standard? If there is a national security justification to avoid having this encryption technique revealed, why risk compromising it by integrating it into publicly distributed products? 19. If the algorithm is classified, how will it be legal to distribute the chips to users not qualified to handle classified encryption equipment? This seems contrary to Facility Security Clearance procedures and the Personal Security Clearance requirements of DoD 5220.222-M, Industrial Security Manual for Safeguarding Classified Information. 20. Is it illegal to reverse engineer the Clipper Chip? If it were reverse engineered, would it then be illegal to reveal the algorithm? C. Voluntariness of Clipper System 21. Will this system be truly voluntary? If so, won't criminals and terrorists just use some other type of encryption? 22. If the use of the Clipper Chip is "voluntary," why would any party desiring privacy or secrecy of communications use it, knowing that the US. government has a process to allow decryption? If the Administration's ultimate goal is to ban other forms of encryption for use domestically, what is the legal basis for such an approach? 23. Isn't the Administration doing more than "encouraging" use of Clipper? (E.g., discontinuing DES at the end of the current certification cycle, directing NIST to adopt Clipper as a Federal standard, and maintaining export restrictions on hardware/software using different algorithms?) 24. Does the government have any plans to campaign for the implementation of the Clipper Chip as a standard for data cryptography? 25. What impact will the introduction of Clipper have on the market for other encryption technologies? Will the government otherwise try to discourage other cryptographic mechanisms from being marketed domestically and abroad? 26. Isn't the government dictating the design of technology into commercial products rather than allowing market demand to dictate? 27. What prevents a sender of information from encrypting with secure, easy to obtain software using DES or RSA algorithms before sending data through a channel encrypted with the Clipper system? 28. Would the Administration ever consider making the Clipper Chip or other key escrow system mandatory? D. Key Escrow System 29. How can the government assure us that the keys held in escrow are not compromised? What public or private agencies have sufficient integrity and public trust to serve as escrow agents? 30. How can the public be sure that keys will only be revealed upon proper warrant? Will there be clerks who actually operate the equipment who could get anyone's keys? Or will judges have personal keys, which would be directly authenticated to the escrow agents' equipment that protects the users' keys? 31. Once the keys are obtained from the escrow holders, is it envisioned that electronic surveillance can be done "real-time," or will recording and post-processing be required? 32. To hear both sides of a conversation, does law enforcement need the keys of both participants? 33. After law enforcement has properly obtained a pair of unit keys from the escrow agents and conducted a wiretap, will the keys be "returned" to the agents? What safeguards exist to prevent law enforcement from re-using the keys without authorization in the future? 34. Once in possession of the unit keys, can the government pretend to be ("spoof") the original unit owner? 35. What is the smallest number of people who would be in a position to compromise the security of the system? 36. Can an escrow agent exercise discretion in the release of key information? E.g., can they refuse an inappropriate request? (Phone companies ensure that court orders are facially valid.) Can they publicize an inappropriate request? Can they tell the person whose communications were intended to be violated? 37. Who will be responsible for auditing the escrow process and the use of revealed keys? 38. How will the government ensure that unanticipated uses of the escrow database are prevented in the long term? (E.g., the Census database was supposed to stay confidential for 75 years, but was released during World War Two to allow Japanese-Americans to be imprisoned without cause. What protections are in place to make sure that this never happens again? 39. What happens when one discovers that the keys have been captured through theft? How difficult would it be to change keys? What is done in the meanwhile? How difficult is it to reprogram the chip, or do you need a replacement? 40. If the chip can be reprogrammed, how do you prevent covert changes that will not be discovered until authorization to tap is received and execution of the warrant is forestalled? 41. It appears that once a given chip has been compromised due to use of the escrowed keys, the chip and the equipment it is used in are vulnerable forever. Is there any mechanism or program to re-key or replace compromised hardware? Is there any method for a potential acquiring party to verify whether the keys on a given chip have been compromised? Who should bear the cost of replacement or re-keying of compromised hardware? 42. What safeguards will be used when transporting the escrow keys? 43. What are the national security implications of widespread deployment of Clipper? Does it make our communications more susceptible to disruption or jamming? 44. Doesn't the two-escrowee approach make these locations targets of opportunity for any party or foreign government that wants to gain access to sensitive US. information? If an escrow location is compromised, all chip data contained there is compromised. Wouldn't these locations also become targets of opportunity for any criminal or terrorist organization that wanted to disrupt US. law enforcement? What back-up or physical security measures are envisioned? If multiple copies are kept, doesn't this increase the threat of compromise? E. Choice of Agents for the Keys 45. Who will be the agents for the keys? How secure will they be from the outside and from the inside? What is the cost of maintaining the escrow system? Who will pay? Who will profit? 46. When will the escrow agents be announced? Will there be a process to allow input into the selection of these individuals/agencies? 47. Although it has been reported that the escrow holders will not be the FBI, DoD, CIA or NSA, is it envisioned that one or both of the escrow locations will be non-government entities? Can one or both be private parties? What will the process be to determine what private party will be awarded the contract for key holder? 48. Can the set of escrow agents be changed after the initial selection? How can the government be prevented from moving the escrow contract to a more pliable escrow agent, if one of the agents stands up against the government for the rights of the people whose keys they are protecting? 49. Will escrow agents be immune from prosecution during their term of office, like Members of Congress, the President, and Justices of the Supreme Court? If not, what will prevent the government from harassing the agents during a dispute with the Justice Department? 50. Will there be a mechanism for particular people to keep their keys out of the key escrow database, or to obtain Clipper Chips with keys that have not been escrowed? (E.g. Judges, law enforcement officers, NSA officials, the President, etc.) F. Level of Security of Clipper Chip Encryption 51. How will the government assure American businesses that their proprietary information is not compromised? Given the extremely competitive nature of the high-tech industries, and the importance of intellectual property, how can American firms be adequately protected? 52. How will the government assure American citizens that the privacy of their electronic communications and the security of personal information that is transmitted in electronic form will all be secure under the Clipper Chip? 53. f the Administration is so confident about the level of security of the Clipper Chip scheme, why will classified information not be encrypted with it? 54. What warranty is the US. government prepared to make regarding the security of the Clipper Chip compared to other algorithms, and indemnity for failures for breaches of the algorithm, chips that are compromised due to failures in the security of the escrow system, or other failures in the Clipper approach? 55. What effect does Clipper have on other NSA and DOD programs aimed at encryption and authentication of unclassified messages (e.g., MOSAIC)? 56. If Clipper is not approved for classified traffic, what government agencies will be utilizing Clipper, and for what applications? 57. Normal security procedures involve changing cryptography keys periodically, in case one has been compromised. But the family and unit keys cannot be changed by the user. If these keys are compromised, it won't matter how frequently the user changed their session keys. Doesn't the long use of the same family and unit keys increase the likelihood that these keys will be compromised while they are still in use? Doesn't this also eliminate a significant degree of the user's control of the level of security that their his or her system provides? 58. If the government discovered that the algorithm or family key had been discovered by a foreign government or private individuals, would it tell the public that the system had been compromised? Are there plans to restore privacy and authentication if the algorithm is compromised? 59. How secure is the Clipper algorithm if it is attacked by a person with half the key? G. Level of Privacy Protection 60. Given the dramatic growth in transmission and storage of personal information in electronic form, does the Administration recognize that private individuals, as well as large organizations, need access to affordable, robust encryption systems? 61. Is law enforcement permitted to identify the specific piece of communications equipment without obtaining a warrant? If encrypted communications include the serial number ("chip family key"), will law enforcement be able to keep track of communications traffic and track private citizens without even securing the keys from the escrow agents? 62. Does the Administration believe that all household phones are going to be replaced with secure versions over some period of time? At what cost? 63. It has been impossible to keep any large collection of information completely private, including Social Security records, tax information, police files, motor vehicle records, medical records, video rentals, highly classified military information, and information on abuses of power. How will users be able to tell when this happens to the key escrow information? H. Constitutional/Legal Implications 64. Has the Administration fully considered the constitutional implications of the Clipper Chip and other key escrow systems? 65. Does forcing someone to disclose a key for future law enforcement access infringe the fundamental right against self incrimination embodied in the Fifth Amendment? 66. Does requiring key disclosure in conjunction with a particular technology violate users' right to free speech under the First Amendment? Courts frown most severely on any government attempts to compel a particular form of speech. 67. Does the escrow system violate the letter or the spirit of the Fourth Amendment protections which safeguard citizens against intrusive law enforcement practices? 68. When the Administration says "nor is the U.S. saying that 'every American, as a matter of right, is entitled to an unbreakable commercial encryption product,'" are they therefore saying the inverse, that every American is not allowed to have an unbreakable commercial encryption product? 69. Does the Administration see the need for any new legislation to implement its Clipper Chip proposal? If so, specifically identify. 70. In the event that one or more escrow keys are obtained through unauthorized means, what liability, if any, might the equipment manufacturer have to bear? 71. What will be the relationship between Federal and state law enforcement? Will the policy pre-empt state law? How will state law enforcement access the "key" system? 72. What is the statutory authority for regulation of domestic encryption? Are any of these statutes cold war relics? Should the efficacy of all statutes that effect civilian encryption be reviewed? 73. What protections do we have against blackmailing by escrow agents, or by others who have gained possession of escrowed keys? Is there civil or criminal liability for escrow agents who reveal keys illegally? 74. What is the impact on society if the right to hold a truly private conversation is withdrawn? 75. Is strong encryption technology important for protecting intellectual property in a digital network environment? I. Logistics of Chip Development and Manufacture 76. Why weren't other Chip manufacturers given the chance to bid on the chip production process? Why was the choice made to have only one manufacturer? 77. Since the Clipper Chip design data will need to be released to manufacturers, how will we be assured that this information, in itself, will not allow the user systems to be compromised? 78. What assurances will there be that the manufacturer is not keeping a record of all keys issued? 79. We have read Dorothy Denning's explanation of how the two 80-bit keys will be created in the SCIF. Is this description accurate? If not, how would this process occur? If so, is the system feasible? What will the cost be for this process and for the increased security of the involved government agents? 80. The chips will be programmed in a Secure Compartmented Information Facility (SCIF). Does this suggest that the chips should at some point be classified Secret or Top Secret? What is the classification of the Clipper and Capstone chips and the Skipjack algorithm? How will these chips be declassified once leaving the SCIF? 81. Some of the press reports imply that AT&T has had access to this information in order to incorporate Clipper into some of its equipment designs. Is that implication accurate? 82. Can this scheme be implemented in software? If so, why haven't we seen information on that software? If not, were issues of how this hardware solution would affect continued use of software encryption adequately evaluated? Were the comparative costs of software and hardware encryption schemes evaluated? Is this evaluation available for analysis? 83. Current high speed DES processors have encryption rates of approximately 200 megabits per second, while the Clipper Chip has a throughput of 12.5 megabits per second. Within two to five years, 100 Mbs+ technologies, such as Fast Ethernet, FDDI and ATM, will become commonplace. How will the Clipper technology be used in environments where data is sent at 100 Mbs or faster? J. Feasibility/Implementation 84. What testing has been done to verify the ability of Clipper to work across the panoply of new emerging technologies? If the underlying digital transport protocol drops a bit or two, will that interfere with Clipper operation? How critical is synchronization of the bit stream for Clipper operation? Has this technology been tested with ISDN, TDMA, Cellular, CDMA Cellular, ATM, SONET, SMDS, etc. and other emerging technologies? What effect does Clipper have on the Cellular Authentication and Voice Encryption (CAVE) algorithm? Are these differences for key generation, authentication, or voice privacy? 85. Does the Administration seek to extend the Clipper Chip proposal to the TDMA and CDMA digital cellular standards? 86. When will the government publish the various Modes of Operation and other documents for Clipper, together with a physical implementation standard (similar to the old FS-1027)? 87. Will the government consider the development of alternate sources for the chip or will vendors be limited to a single, monopoly supplier? 88. Initially, the Clipper Chip is being proposed for telephone technology, but the White House specifically mentions that the technology will be used for electronic data transmission. What is the timetable for implementing this? 89. What is the scope that the Administration envisions for the Clipper Chip's algorithm use? What about Capstone? Is it limited to choice, or does it encompass electronic mail, network encryption, security modems, long-haul bulk encryptors, video applications, computer password protection, Intelligent Vehicle Highway Systems ("IVHS"), satellite communications -- both transport and control, electronic funds transfers, etc.? 90. What is the Administration's policy on other security mechanisms beyond privacy, such as message authentication codes for banking and EFT, and for integrity and digital signatures for sender authentication and non-repudiation? What is the impact on international standards such as X.500 and X.509? 91. Since Clipper, as currently defined, cannot be implemented in software, what options are available to those who can benefit from cryptography in software? Was a study of the impact on these vendors or of the potential cost to the software industry conducted? 92. What is are the success criterion for the Clipper initiative? Would the government abandon its initiative if the Clipper is shown to be unsuccessful beyond government use? 93. What is the expected useful lifetime of the Clipper technology? What do you expect will render it useless at some point? 94. Is it true that the name "Clipper Chip" is the intellectual property of another company? K. Impact on American Competitiveness 95. As the key-escrow approach is designed to ensure the ability of the American government to access confidential data, do NIST and NSA expect overseas customers (who do not have the protection of due process) to purchase the chip for data protection? 96. In testimony before the House Telecommunications Subcommittee, Mr. Kammer of NIST indicated that if he were a foreign customer, he would not purchase devices that included the Clipper Chip. Doesn't this raise serious balance-of-trade problems? 97. Will the technology, or the Chip itself, be shared with other allied governments (e.g., the UK), or will US. producers of data security products, forced by government standards to develop clipper-based products for the US. market, be permanently closed out of the overseas security market? 98. If Clipper won't be commercially accepted abroad, and export controls continue to prohibit the exportation of other encryption schemes, isn't the US. government limiting American companies to a US. market? 99. Given the restrictions on who can build Clipper devices, how will Clipper keep up with advances in semiconductor speed, power, capacity and integration? Openly available devices, such as Intel-compatible microprocessors, have seen dramatic gains, but only because everyone was free to try to build a better version. 100. Will the Clipper Chip be used nationally and internationally? How will multinational operations accommodate this new system? 101. Banking and finance are truly global today. Most European financial institutions use technology described in standards such as ISO 9796. Many innovative new financial products and services will employ the reversible cryptography described in these standards. Clipper does not comply with these standards. Will US. financial institutions be able to export Clipper? If so, will their overseas customers find Clipper acceptable? 102. If overseas companies provide systems based on algorithms that do not have key escrow schemes that encrypt faster and more securely, how will we compete internationally? We are market leaders in applications software and operating systems. our world leadership in operating systems is dependent on integrating security in internationally distributed systems. 103. Internet Privacy Enhanced Mail (PEM) is becoming an internationally recognized system for encrypting Electronic Mail. Would Skipjack encryption become a US. standard for encrypting electronic mail while the rest of the world used PEM? How would E-mail traffic between the US. and other countries be encrypted? L. Effect on Export Control Policy 104. In light of the Clipper initiative, will export restrictions on hardware and software encryption regimes using DES and RSA algorithms (which are widely available abroad) remain in place? 105. Will American firms be allowed to sell devices containing the Clipper Chip abroad? Under which governmental regulatory regime would exports of devices containing the Clipper Chip fall? What conditions would be applied to exports of devices containing the Clipper Chip? (E.g., would American firms be allowed to export devices to non-US. customers without the escrow requirement? If not, who would hold the keys?) 106. What governmental regulations will apply to imports of devices containing the Clipper Chip? Given that most US. companies source most customer premise equipment (e.g., telephones, fax machines, etc.) offshore, how will the logistics be handled for the export of the Clipper Chip as a component, and the subsequent import of the device containing the chip? Will the US. permit non-US. manufacturers to have the Clipper algorithm? If not, how will the Administration justify this trade barrier? 107. If the Clipper Chip cannot be reverse-engineered, and if the US. government is capable of decrypting, why would there be any reason to limit Clipper products from being exported? 108. If Clipper is allowed to be exported, does the US. government foresee a problem with other governments? Would the US. government's access to escrow keys be viewed as an exercise of extraterritorial jurisdiction? M. Implications for Installed-Base/Existing Products 109. What are the implications of NSA/NIST withdrawing the certification of DES? Although it may -- at some point in the future -- no longer be used for government purposes, that is not going to effect commercial or private users' applications of DES. What about the embedded base of DES hardware? 110. Will existing systems need to be replaced? 111. What efforts were spent to make the new encryption approach compatible with the embedded base of equipment? If DES was becoming weak (vulnerable), wouldn't merely extending the DES key length to 80 bits have solved that problem? 112. There are a number of companies that employ non-escrowed cryptography in their products today. These products range from secure voice, data, and fax, to secure e-mail, electronic forms, and software distribution, to name but a few. With over a million such products in use today, what does the Clipper scheme foretell for these products and the many corporations and individuals that are invested in them and use them? Will the investment made by the vendors in encryption-enhanced products be protected? If so, how? Is it envisioned that they will add escrow features to their products or be asked to employ Clipper? N. Process by which Input Will Be Received from Industry/Public Interest Groups 113. If the outcome of the policy review is not pre-ordained, then the process to analyze the issues and arrive at solutions would seem to need a great deal of definition. What roles have been identified for Congress, the private sector, and other interested parties? Who is coordinating the process? 114. Why does the Presidential directive on the review process remain classified? o o o o o ------- End of Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Barna Janos Date: Sat, 15 May 93 04:46:28 PDT To: cypherpunks@toad.com Subject: cyberpunk Message-ID: <9305151146.AA01438@toad.com> MIME-Version: 1.0 Content-Type: text/plain ******************************************************************************* ******************************************************************************* | ***** * ****** ******* ***** ****** ****** ***** | | * *** ** ** * * * ** ** ** * | | **** ** ** *** * **** * ** ** **** | | * ** ** *** * * * ** ** **** * | | * ********* ** ** * * * ** ** ** * | | ***** ** ** ****** * ***** ****** ****** ***** | ******************************************************************************* ******************************************************************************* SEARCHING CONTACTS TO JOIN & | Cyberart & tech | ESTABLISH WORLDNET 4 FUTURE ******************* HELP! We are the first forming cyberpunk group in the Eastern block. We NEED YOUR informations, datas, opinion and knowledge about CYBERPUNK CULTURE, CYBERARTS, HACKERS, NEW EDGE CYBER TECHNOLOGIES, VIRTUAL REALITY, MIND MACHINES, ARTIFICAL INTELLIGENCE BRAIN BOOSTER DRUGS, BBS, WETWARE, INTERACTIVE AND HYPERMEDIA UNDERGROUND CULTURE WAVES, SLANG, MUSIC, GRAPHICS, etc. We have great difficulties in ordering books, mags, fanzines or any kind of brochure, so please let us get some if you can : Molnar Daniel Our answers will contain short stories,graphics: H-6723, Szeged, Csorba u. 9/A novels, musics and experiences on this them. : Hungary BITNET mail: jzp1102@huszeg11 /Barna Janos/ -=PAX WITH YOU=- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Arthur R. McGee" Date: Fri, 14 May 93 17:34:40 PDT To: Sandy <72114.1712@CompuServe.COM> Subject: Re: CALLER ID? In-Reply-To: <930511191724_72114.1712_FHF57-1@CompuServe.COM> Message-ID: MIME-Version: 1.0 Content-Type: text/plain Of course! How else would the phone company be able to bill for those calls if they couldn't put the number of the person calling on the customer's phone bill?! Damn! I thought we were safe here in CA. :-( From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Arthur R. McGee" Date: Fri, 14 May 93 17:45:42 PDT To: cypherpunks@toad.com Subject: Anonymous Email From Finland (fwd) Message-ID: MIME-Version: 1.0 Content-Type: text/plain ---------- Forwarded message ---------- Date: Wed, 12 May 1993 06:54:50 CDT From: "Michael S. Hart" To: Multiple recipients of list GUTNBERG Subject: Anonymous Email From Finland Peter Graham recently posted a comment about a Finnish service allowing for the anonymous sending of email. Can someone provide any details? Thanks. ===================================================== Michael S. Hart, Professor of Electronic Text Executive Director of Project Gutenberg Etext Illinois Benedictine College, Lisle, IL 60532 No official connection to U of Illinois--UIUC hart@uiucvmd.bitnet and hart@vmd.cso.uiuc.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Sat, 15 May 93 00:27:02 PDT To: cypherpunks@toad.com Subject: mixed plaintext and crypted text. Message-ID: <9305150726.AA05075@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain Hey again, all. I've RTFM'd, and I don't even know if it can be done, but does anyone know how I can have pgp display the un-encrypted AND the decrypted parts of a message? Lets say my message goes like this: This is a plaintext message to tell you stuff that needs not be private. BTW, can you find the subliminal message? ;^)j -------- begin pgp block ----- asdfkasjd;fThEjsflajslfjaslfjadfajs;flasjdaslfjasldfjalsj asjlgfiuituqoNsAj;slkjasdifuoejrqlwfiasuokjel;rqwiuasdsii asdfasljdflasjfdSuXsldfjalsjljeqljerwljrlejqlwjerlqwjerlq elqrkjlasjl 134as -------- end pgp block ------- Thanx a lot Yours virtually, +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | | But, I was mistaken. |available| | +-----------------------------+---------+ | mdiehl@triton.unm.edu | "I'm just looking for the opportunity | | mike.diehl@fido.org | to be Politically Incorrect! | | (505) 299-2282 | | +-----------------------+---------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: John S. Lee Date: Sat, 15 May 93 07:40:15 PDT To: cypherpunks@toad.com Subject: PGP 4 da MAC Message-ID: <199305151439.AA21760@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Is there a program or source for PGP for the Mac. Where can I get it? Thanks! From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Sat, 15 May 93 07:45:12 PDT To: cypherpunks@toad.com Subject: Receipt acknowleged? Message-ID: MIME-Version: 1.0 Content-Type: text/plain This is a transcript of a letter that I received in the mail from Senator John Warner of Virginia - 8<------ Begin transcript ------------------ JOHN WARNER Virginia Committees: Armed Services Select Committee on Intelligence Environment and Public Works Rules and Administration United States Senate May 11, 1993 Mr. Paul Ferguson

Centreville, Virginia 22020 Dear Mr. Ferguson, Thanks you very much for writing to inform me of President Clinton's new initiative in telecommunications encryption technology. I was not aware of this proposal as presented by the new Administration. Your letter does reveal that you are very knowledgeable in the details of the "Clipper Chip". You have expressed clearly the impact the "Clipper Chip" technology and program would have on government and private business. I will seek more information concerning this new initiative from the Clinton Administration. I appreciate being made aware of this proposal and learning of your specific insights. With kind regards, I am Sincerely, /*signed*/ John Warner 8<-------- End transcript ------------ Paul Ferguson | Boycott AT&T, Network Integrator | Write your elected Centreville, Virginia USA | Representatives. fergp@sytex.com | Do the right thing. Just say "NO" to the Wiretap (Clipper/Capstone) Chip(s) I love my country, but I fear its government. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: whitfield.diffie@Eng.Sun.COM Date: Sun, 16 May 93 14:23:48 PDT To: cypherpunks@toad.com Subject: Diffie Statement to Boucher's Committee Message-ID: <9305151803.AA02490@morale.Eng.Sun.COM> MIME-Version: 1.0 Content-Type: text/plain The Impact of a Secret Cryptographic Standard on Encryption, Privacy, Law Enforcement and Technology Whitfield Diffie Sun Microsystems 11 May 1993 I'd like to begin by expressing my thanks to Congressman Boucher, the other members of the committee, and the committee staff for giving us the opportunity to appear before the committee and express our views. On Friday, the 16th of April, a sweeping new proposal for both the promotion and control of cryptography was made public on the front page of the New York Times and in press releases from the White House and other organizations. This proposal was to adopt a new cryptographic system as a federal standard, but at the same time to keep the system's functioning secret. The standard would call for the use of a tamper resistant chip, called Clipper, and embody a `back door' that will allow the government to decrypt the traffic for law enforcement and national security purposes. So far, available information about the chip is minimal and to some extent contradictory, but the essence appears to be this: When a Clipper chip prepares to encrypt a message, it generates a short preliminary signal rather candidly entitled the Law Enforcement Exploitation Field. Before another Clipper chip will decrypt the message, this signal must be fed into it. The Law Enforcement Exploitation Field or LEEF is tied to the key in use and the two must match for decryption to be successful. The LEEF in turn, when decrypted by a government held key that is unique to the chip, will reveal the key used to encrypt the message. The effect is very much like that of the little keyhole in the back of the combination locks used on the lockers of school children. The children open the locks with the combinations, which is supposed to keep the other children out, but the teachers can always look in the lockers by using the key. In the month that has elapsed since the announcement, we have studied the Clipper chip proposal as carefully as the available information permits. We conclude that such a proposal is at best premature and at worst will have a damaging effect on both business security and civil rights without making any improvement in law enforcement. To give you some idea of the importance of the issues this raises, I'd like to suggest that you think about what are the most essential security mechanisms in your daily life and work. I believe you will realize that the most important things any of you ever do by way of security have nothing to do with guards, fences, badges, or safes. Far and away the most important element of your security is that you recognize your family, your friends, and your colleagues. Probably second to that is that you sign your signature, which provides the people to whom you give letters, checks, or documents, with a way of proving to third parties that you have said or promised something. Finally you engage in private conversations, saying things to your loved ones, your friends, or your staff that you do not wish to be overheard by anyone else. These three mechanisms lean heavily on the physical: face to face contact between people or the exchange of written messages. At this moment in history, however, we are transferring our medium of social interaction from the physical to the electronic at a pace limited only by the development of our technology. Many of us spend half the day on the telephone talking to people we may visit in person at most a few times a year and the other half exchanging electronic mail with people we never meet in person. Communication security has traditionally been seen as an arcane security technology of real concern only to the military and perhaps the banks and oil companies. Viewed in light of the observations above, however, it is revealed as nothing less than the transplantation of fundamental social mechanisms from the world of face to face meetings and pen and ink communication into a world of electronic mail, video conferences, electronic funds transfers, electronic data interchange, and, in the not too distant future, digital money and electronic voting. No right of private conversation was enumerated in the constitution. I don't suppose it occurred to anyone at the time that it could be prevented. Now, however, we are on the verge of a world in which electronic communication is both so good and so inexpensive that intimate business and personal relationships will flourish between parties who can at most occasionally afford the luxury of traveling to visit each other. If we do not accept the right of these people to protect the privacy of their communication, we take a long step in the direction of a world in which privacy will belong only to the rich. The import of this is clear: The decisions we make about communication security today will determine the kind of society we live in tomorrow. The objective of the administration's proposal can be simply stated: They want to provide a high level of security to their friends, while being sure that the equipment cannot be used to prevent them from spying on their enemies. Within a command society like the military, a mechanism of this sort that allows soldiers' communications to be protected from the enemy, but not necessarily from the Inspector General, is an entirely natural objective. Its imposition on a free society, however, is quite another matter. Let us begin by examining the monitoring requirement and ask both whether it is essential to future law enforcement and what measures would be required to make it work as planned. Eavesdropping, as its name reminds us, is not a new phenomenon. But in spite of the fact that police and spies have been doing it for a long time, it has acquired a whole new dimension since the invention of the telegraph. Prior to electronic communication, it was a hit or miss affair. Postal services as we know them today are a fairly new phenomenon and messages were carried by a variety of couriers, travelers, and merchants. Sensitive messages in particular, did not necessarily go by standardized channels. Paul Revere, who is generally remembered for only one short ride, was the American Revolution's courier, traveling routinely from Boston to Philadelphia with his saddle bags full of political broadsides. Even when a letter was intercepted, opened, and read, there was no guarantee, despite some people's great skill with flaps and seals, that the victim would not notice the intrusion. The development of the telephone, telegraph, and radio have given the spies a systematic way of intercepting messages. The telephone provides a means of communication so effective and convenient that even people who are aware of the danger routinely put aside their caution and use it to convey sensitive information. Digital switching has helped eavesdroppers immensely in automating their activities and made it possible for them to do their listening a long way from the target with negligible chance of detection. Police work was not born with the invention of wiretapping and at present the significance of wiretaps as an investigative tool is quite limited. Even if their phone calls were perfectly secure, criminals would still be vulnerable to bugs in their offices, body wires on agents, betrayal by co-conspirators who saw a brighter future in cooperating with the police, and ordinary forensic inquiry. Moreover, cryptography, even without intentional back doors, will no more guarantee that a criminal's communications are secure than the Enigma guaranteed that German communications were secure in World War II. Traditionally, the richest source of success in communications intelligence is the ubiquity of busts: failures to use the equipment correctly. Even if the best cryptographic equipment we know how to build is available to them, criminal communications will only be secure to the degree that the criminals energetically pursue that goal. The question thus becomes, ``If criminals energetically pursue secure communications, will a government standard with a built in inspection port, stop them. It goes without saying that unless unapproved cryptography is outlawed, and probably even if it is, users bent on not having their communications read by the state will implement their own encryption. If this requires them to forgo a broad variety of approved products, it will be an expensive route taken only by the dedicated, but this sacrifice does not appear to be necessary. The law enforcement function of the Clipper system, as it has been described, is not difficult to bypass. Users who have faith in the secret Skipjack algorithm and merely want to protect themselves from compromise via the Law Enforcement Exploitation Field, need only encrypt that one item at the start of transmission. In many systems, this would require very small changes to supporting programs already present. This makes it likely that if Clipper chips become as freely available as has been suggested, many products will employ them in ways that defeat a major objective of the plan. What then is the alternative? In order to guarantee that the government can always read Clipper traffic when it feels the need, the construction of equipment will have to be carefully controlled to prevent non-conforming implementations. A major incentive that has been cited for industry to implement products using the new standard is that these will be required for communication with the government. If this strategy is successful, it is a club that few manufacturers will be able to resist. The program therefore threatens to bring communications manufacturers under an all encompassing regulatory regime. It is noteworthy that such a regime already exists to govern the manufacture of equipment designed to protect `unclassified but sensitive' government information, the application for which Clipper is to be mandated. The program, called the Type II Commercial COMSEC Endorsement Program, requires facility clearances, memoranda of agreement with NSA, and access to secret `Functional Security Requirements Specifications.' Under this program member companies submit designs to NSA and refine them in an iterative process before they are approved for manufacture. The rationale for this onerous procedure has always been, and with much justification, that even though these manufacturers build equipment around approved tamper resistant modules analogous to the Clipper chip, the equipment must be carefully vetted to assure that it provides adequate security. One requirement that would likely be imposed on conforming Clipper applications is that they offer no alternative or additional encryption mechanisms. Beyond the damaging effects that such regulation would have on innovation in the communications and computer industries, we must also consider the fact that the public cryptographic community has been the principal source of innovation in cryptography. Despite NSA's undocumented claim to have discovered public key cryptography, evidence suggests that, although they may have been aware of the mathematics, they entirely failed to understand the significance. The fact that public key is now widely used in government as well as commercial cryptographic equipment is a consequence of the public community being there to show the way. Farsightedness continues to characterize public research in cryptography, with steady progress toward acceptable schemes for digital money, electronic voting, distributed contract negotiation, and other elements of the computer mediated infrastructure of the future. Even in the absence of a draconian regulatory framework, the effect of a secret standard, available only in a tamper resistant chip, will be a profound increase in the prices of many computing devices. Cryptography is often embodied in microcode, mingled on chips with other functions, or implemented in dedicated, but standard, microprocessors at a tiny fraction of the tens of dollars per chip that Clipper is predicted to cost. What will be the effect of giving one or a small number of companies a monopoly on tamper resistant parts? Will there come a time, as occurred with DES, when NSA wants the standard changed even though industry still finds it adequate for many applications? If that occurs will industry have any recourse but to do what it is told? And who will pay for the conversion? One of the little noticed aspects of this proposal is the arrival of tamper resistant chips in the commercial arena. Is this tamper resistant part merely the precursor to many? Will the open competition to improve semiconductor computing that has characterized the past twenty-years give way to an era of trade secrecy? Is it perhaps tamper resistance technology rather than cryptography that should be regulated? Recent years have seen a succession of technological developments that diminish the privacy available to the individual. Cameras watch us in the stores, x-ray machines search us at the airport, magnetometers look to see that we are not stealing from the merchants, and databases record our actions and transactions. Among the gems of this invasion is the British Rafter technology that enables observers to determine what station a radio or TV is receiving. Except for the continuing but ineffectual controversy surrounding databases, these technologies flourish without so much as talk of regulation. Cryptography is perhaps alone in its promise to give us more privacy rather than less, but here we are told that we should forgo this technical benefit and accept a solution in which the government will retain the power to intercept our ever more valuable and intimate communications and will allow that power to be limited only by policy. In discussion of the FBI's Digital Telephony Proposal --- which would have required communication providers, at great expense to themselves, to build eavesdropping into their switches --- it was continually emphasized that wiretaps were an exceptional investigative measure only authorized when other measures had failed. Absent was any sense that were the country to make the proposed quarter billion dollar inventment in intercept equipment, courts could hardly fail to accept the police argument that a wiretap would save the people thousands of dollars over other options. As Don Cotter, at one time director of Sandia National Laboratories, said in respect to military strategy: ``Hardware makes policy.'' Law, technology, and economics are three central elements of society that must all be kept in harmony if freedom is to be secure. An essential element of that freedom is the right to privacy, a right that cannot be expected to stand against unremitting technological attack. Where technology has the capacity to support individual rights, we must enlist that support rather than rejecting it on the grounds that rights can be abused by criminals. If we put the desires of the police ahead of the rights of the citizens often enough, we will shortly find that we are living in police state. We must instead assure that the rights recognized by law are supported rather than undermined by technology. At NSA they believe in something they call `security in depth.' Their most valuable secret may lie encrypted on a tamper resistant chip, inside a safe, within a locked office, in a guarded building, surrounded by barbed wire, on a military base. I submit to you that the most valuable secret in the world is the secret of democracy; that technology and policy should go hand in hand in guarding that secret; that it must be protected by security in depth. Recommendations There is a crying need for improved security in American communication and computing equipment and the Administration is largely correct when it blames the problem on a lack of standards. One essential standard that is missing is a more secure conventional algorithm to replace DES, an area of cryptography in which NSA's expertise is probably second to none. I urge the committee to take what is good in the Administration's proposal and reject what is bad. \begdis o The Skipjack algorithm and every other aspect of this proposal should be made public, not only to expose them to public scrutiny but to guarantee that once made available as standards they will not be prematurely withdrawn. Configuration control techniques pioneered by the public community can be used to verify that some pieces of equipment conform to government standards stricter than the commercial where that is appropriate. o I likewise urge the committee to recognize that the right to private conversation must not be sacrificed as we move into a telecommunicated world and reject the Law Enforcement Exploitation Function and the draconian regulation that would necessarily come with it. o I further urge the committee to press the Administration to accept the need for a sound international security technology appropriate to the increasingly international character of the world's economy. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Sun, 16 May 93 00:02:19 PDT To: cypherpunks@toad.com Subject: Forestalling paranoia Message-ID: <9305160702.AA03390@toad.com> MIME-Version: 1.0 Content-Type: text/plain The Little Garden network, which connects toad.com to the Internet, was down today due to some scheduled power outages in a building that our link goes through. Fear not...if you sent something to cypherpunks, it will get through when the power comes back on. John From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@alumni.cco.caltech.edu Date: Sun, 16 May 93 13:24:42 PDT To: cypherpunks@toad.com Subject: No Subject Message-ID: <9305160934.AA12398@alumni.cco.caltech.edu> MIME-Version: 1.0 Content-Type: text/plain This is the second of two documents I received anonymously. Maybe they're real, maybe they're forgeries. Decide for yourself. >Here are exerpts of the .......... of Mykotronx, > >the Torrance Based Big-Brother outfit that is going > >to make the Clinton Clipper wiretap chip. I have > >left off their chart of accounts numbers, since you > >don't care about that. ......... > >Period: 01/01/93 to 04/30/93 (first 4 months of 1993) > > > >Acct Descr Beg Bal Debits Credits > > > >==1000 series== > >Shearson Lehman 286,511 2,620,096 2,670,822 > >Paine Webber 95,602 868 0 > >Dean Whitter 55,391 484 0 > >Petty Cash 3,000 0 0 > >Union bank payroll act 13,408 900,000 816,443 > >Accts rcvbl -customer 1,185,829 1,981,356 2,562,064 > >Accts rcvbl - eployees 7,125 48,450 55,575 > >Franchise tx rcvbl 2,165 0 0 > >Unbilled costs&fees 567,792 533,347 0 > >Raw inventory 172,252 0 76,064 > >Prepaid taxes 1,116 0 0 > >Prepaid sales tax 688 0 688 > >Equp/mach/furn 383,038 20,695 0 > >Accum depreciation 234,425 0 23,000 > >Deposits 9,272 0 0 > > > >==2000 series== > >Accts Payable 482,895CR 1,869,477 1,684,555 > >Sales tax payable 147CR 176 0 > >Sales tax paid 0 0 0 > >FIT withheld 0 10,854 135,741 > >FICA withheld 0 0 56,622 > >CA state IT withh 0 0 36,163 > >CA state disability 0 0 8,730 > >SUI pybl employer 0 0 5,788 > >FUTA payable 0 0 2,007 > >FICA employer 0 0 56,621 > >Pd Payroll txs withh 0 290,820 0 > >401K withheld 0 0 42,712 > >Accrued payroll 25,637CR 343,682 318,045 > >Dental withheld 0 0 674 > >Dental plan pd 0 674 0 > >Withh 401K pd 0 42,712 0 > >Accrued bonuses 214,040 341,240 127,200 > >(holy shit - I wish I worked for a place that paid bonuses like that!) > >Accrued Vacation 44,252 0 0 > >Excess billings 139,216 154,706 55,036 > >Gross payroll 0 751,859 0 > >Gross payroll distrd 0 2,552 754,412 > >Lease obligations 4,911CR 0 0 > > > >==3000 series== > >Common Stock 169,320 0 61,435 > >Capital disbursement 916,675 222,230 0 > >Retd Earnings, begng 2,385,020CR 0 0 > > > >==4000 series== > >Sales, returns&allowc 0 6,014 2,577,323 > >Interest income 0 0 1,353 > >Int income tax free 0 0 2,490 > > > > > >==5000 series== > >Consultants 0 47,395 47,395 > >Subcontracts 0 932,210 110,419 > >Other direct costs 0 62,265 5,454 > >Printing/repro costs 0 542 0 > >Equipment rental/leasg 0 1,537 1,537 > >Maint, repairs 0 1,761 0 > >Delivery 0 3,217 0 > >Postage 0 960 0 > >Materials/parts 0 186,252 22,423 > >Telephone 0 93 0 > >Travel 0 10,437 0 > >Inv Cost of Mfg Prod 0 76,064 0 > >Direct labor-Engnrg 0 240,341 54,172 > >Direct labor-Technician 0 129,839 37,459 > >Direct labor-Adminst 0 47,542 10,081 > > > > > >==6000 series== > >Indirect labor 0 60,319 0 > >Holidays 0 32,867 27,331 > >Sick leave 0 3,276 0 > >Vacation 0 38,096 25,976 > >Retroactive pay 0 4,400 0 > >Job advertisments 0 655 0 > >Grp Med Ins non sharhl 0 25,522 1,818 > >Mykotronx pd payrl txs 0 64,417 0 > >Workers comp 0 9,554 1,418 > >Interest pd 0 0 0 > >Consultants 0 2,013 0 > >ADP Acctg 0 1,493 0 > >Real World Acct Suppt 0 1,485 0 > >Bank charges 0 155 0 > >Blueprints/repro 0 390 0 > >Proposals 0 2,817 0 > >Copier expense 0 514 0 > >Depreciation - elec eq 0 23,000 0 > >Dues & memberships 0 749 0 > >Education & Training 0 2,850 0 > >Employee relations 0 4,531 0 > >Business expense 0 7,431 0 > >Equip rental/lsng 0 4,458 0 > >Computer software 0 2,114 0 > >Insurance 0 9,061 1,380 > >Janitorial 0 20 0 > >Licenses & Permits 0 175 0 > >Maint, repairs 0 2,096 0 > >Delivery 0 995 13 > >Postage 0 942 0 > >Amort organiz expense 0 0 0 > >Taxes - franchise 0 2,763 0 > >Real & Pers prop tax 0 0 0 > >Rent 0 54,080 0 > >Subscriptions/books 0 325 0 > >Office/lab supplies 0 14,183 446 > >Telephone 0 7,961 36 > >Travel 0 10,296 1,303 > >Utilities 0 5,833 0 > >LTD Ins, non sharehld 0 2,877 594 > >401K Mykotronx contrib 0 17,411 0 > > > > > >==7000 series== > >Special Bonus 0 132,200 123,200 > >(Double holy shit!) > >G&A Labor 0 103,4520 0 > >Legal Services 0 5,895 0 > >Board of Dir Expnse 0 1,078 0 > >Financial Svc 0 7,505 0 > > > >Totals 0 12,555,101 12,555,101 > > > > > > > >Other little items: > > > >Locks at Mykotronx installed and maintained by Torrance Lock and Key, > >2421 Torrance Bl. Torrance, CA 90501 (310) 320-8840 For some > >reason, Mykotronx is over 90 days late paying a lousy $50 invoice. > > > >Mykotronx has a Mossler safe. It cost $1,693 when they bought it > >11/27/90. They have never changed the combination. > > > >Outstanding VLSI purchase orders: > >VLSI Tech (Capstone) $212,000 > >AT&T (Myk-78) $71,200 > >Motorola (Myk-77) $76,200 > >AT&T (Misc) $100,000 > >Compass (Software) $159,400 > >VLSI Tech (Myk-78) $66,200 > >Litronics (PCMCIA Crypto) $225,000 > >VLSI Tech (Expoteniator) $163,000 > >VLSI Tech (Capstone TFQP) $10,000 > >VLSI Tech (Myk-78 fix) $68,500 > >VLSI Tech (Myk-78A proto) $11,000 > >VLSI Tech (Myk-78A prod.) $220,000 > >VLSI Tech (Myk-80 #1) $48,000 > >VLSI Tech (Myk-80 #2) $33,750 > >VLSI Tech (Myk-82) $80,000 > >VLSI Tech (Myk-79) $79,500 > > > > > > > >Their LAN was installed by Strategies, Inc for about $14,000. > > >-- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Anonymous Date: Sun, 16 May 93 12:34:09 PDT To: cypherpunks@toad.com Subject: No Subject Message-ID: <9305160940.AA13873@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain Info on Mykotronx! First of Two Documents. (This info was sent to me anonymously. I have no idea if it's real, accurate, bogus, etc. Maybe it's real. This may help us in some way. Considering what Mykotronx has planned for us, publishing this stuff is justified. Just take it with a grain of salt. It could be fake.) >Howdy. The following is a sampling of the information I was >able to grab.... .......[stuff deleted to better protect source]...... >and their entire general ledger. Will post more as I get the >time. Do not disclose the origin of this document (me) but >you can publish it if you like to show that the people the >government wants us to trust to keep the Clipper design >secret, don't know jack shit about security. > > > >Information: > >Mykotronx Inc. >357 Van Ness Way (1 blk so. of Del Amo) >Suite 200 >Torrance CA 90501 >(310) 533-8100 >fax (310) 533-0527 >STU III (310) 533-0738 >Founded 1979 > >Resale # SR-AB 12-711252 >Dunn & Bradstreet # 00-611-5281 > >Banking: Shearson Lehman Brothers > Attn: Steve Scerra > Acct # 509 24261 12011 > 21250 Hawthorne Bl > Torrance, CA 90509 > (310) 540-9511 > >Employee Names: > >Bob Gottfried, CEO >Leonard J. Baker, President >Ralph O' Connell, aka "The Father of COMSEC", NSA Lobbyist >Mike Furusawa, Space COMSEC Manager >Patti Linahan, Executive Secretary >Kikuo Ogawa, Buyer >R. Todd, W. Greenfield, KG-44B (Outrunner) Project >John C. Droge, Personnel >Bob Todd, Manufacturing Manager >Landy Riley, Engineering > >Federal Express Acct # 1122-7492-8 > >NSA Contact Home Address: >Ralph O' Connell >1401 Woodbridge Road >Baltimore, MD 21228 >(301) 747-6276 >Principle NSA Technical Contact: >National Security Agency >Maryland Procurement Office >Attn: N244 (CEB) (MDA904-92-G-0354/J.O. 5001) >9800 Savage Road >Fort George G. Meade, MD 20755-6000 >(301) 688-8086 > >NSA Accounting Contact: >National Security Agency >Maryland Procurement Office >Finance and Accounting Office >9800 Savage Road >Fort George G. Meade, MD 20755-6000 >(301) 859-6715 > >KG-46 Tactical Decryptor Unit and >KG-48B Outrunner Provisioning Conference participants: >Robert Todd, Mykotronx >Bill Greenfield, Mykotronx >G. Burgio, NSA >J. Gochnour, NSA >J. Wimpy, Air Force Computer Systems Command >S. Solis, Air Force Computer Systems Command > >To Be Discussed at meeting May 18 & 19, 1993 > >Outrunner Project Milestone Payments: > >1. Preliminary Studies $268,074 2/14/92 >2. Place Subcontract w/ VLSI $47,917 2/22/92 >3. Complete PDR KG-44B $61,431 4/13/92 >4. Complete PDR VLSI $71,090 5/19/92 >5. Complete SFA Review VLSI $78,470 7/12/92 >6. Complete CDR VLSI $106,638 7/17/92 >7. Complete first KG-44B $166,641 8/12/92 >8. Complete CDR $132,454 6/18/92 >9. Complete tests 1st KG-48B $151,957 12/16/92 >10. Complete fab VLSI $203,941 11/17/92 >11a.Deliver 2 KG-44B to NSA $81,080 9/8/92 >11b.Deliver 2 KG-44B to NSA $81,081 10/7/92 >12. Complete Cryto Verif VLSI $152,223 12/16/92 >13. Deliver 4 KG-44B to NSA $171,571 3/2/93 >14a.Deliver 2 KG-44B to NSA $30,432 3/30/93 >14b.Deliver 2 KG-44B to NSA $30,432 4/20/93 >15. Deliver 4 KG-44B to NSA $60,864 4/24/93 >16a.Deliver 1 KG-44B to NSA $15,216 4/28/93 >16b.Deliver 3 KG-44B to NSA $45,648 5/12/93 >17. Deliver 4 KG-44B to NSA $42,840 5/13/93 > >Total: $2,000,000 > > >KG-44 VLSI Procurement: >United Technologies Microelectronics Center >1575 Garden of the Gods Road >Colorodo Springs, CO 80907 >PO#5703-44ACN1 Feb 19, 1992 >Invoice Date Feb 5, 1993 >"Customer to pick up parts. Secret item handling. >Secret Design KG-44LSI. Mykotronx P/N M20/00301XXX" >Government contract # MDA904-92-C-A027 >Group C Testing: $4,400 >5 Parts @ $675ea $3,375 >Job #BE-7281 Group C Samples >PIC Number: HP67AG84WTDLC >"Note: Group B samples also included with this shipment (ref >Packlist #10128" >"The export of this product is controlled by the US Government. >The export of this product or the disclosure of related technical >data to foreign nationals without the appropriate export license >is prohibited by law." > >Test Plan for MYK-80: >Statement of Work for Exatron Inc. 5/13/93 >Develop test interface board for MYK-80 (176 pin TQFP) and >I.M.S. tester. Interface to utilize "particle interconnect" >system. Data on MYK-80 I.O. and IMS tester to be supplied >by Mykotronx. >Interface board to be installed in a work station which utilizes >Exatron "PET" handler, tooled for the MYK-80; a vacuum pick-up >device (manual, pencil type); work surfaces for JEDEC tray >storage and operator support. The IMS tester will mount directly >under the "PET" handler. Two "PET" handlers are to be quoted >with two sets of specific nesting tools for the MYK-80. >Installation in place at Mykotronx and initial operator and >maintenance training to be included. >Design review of the interface board layout, prior to release of >the board to fabrication is to be held at Mykotronx. > > > >Manuals and Training Manuals subcontracted to: > >ELITE Technical Corporation >Warren A. Griswold, President >1903 B Marshallfield Lane >Redondo Beach, CA 90278 >(310) 372-5616 > > >CAPSTONE Financial Commitments by Mykotronx > >Basic VII Cap VLSI 10 $212,000 >Sun 1 Yr maint hw&sw $2,700 >Compass $159,400 >IKOS Systems & sw $57,500 >ELITE Technical Corp $8,000 >IMS/Sun $119,000 >Versatec Plotter $36,500 >SJ (1) $71,200 >SJ (2) $76,200 >Exatron Test System $78,000 >ROM Cell $60,000 >AT&T $100,000 >Surf Mgt (real estate) $13,900 >Universal Shielding (Tempest) $20,600 >Plotter maint $5,000 >Litronics $225,000 >Spyrus (1) $45,600 >Spyrus (2) $44,800 >Compass (2) $110,000 >VLSI Tech $30,000 >VLSI Tech (2) $163,000 >VLSI Tech CAPSTONE TQFP $10,000 >New Media NRE Design $18,700 >South Coast Designers $14,600 >South Coast $6,000 >VLSI Tech Exponeniator Tamper Sys $163,000 >Conres logic analyzer $3,200 >VLSI Myk-78 tester $33,800 > ..end... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: deltorto@aol.com Date: Sun, 16 May 93 12:32:05 PDT To: cypherpunks@toad.com Subject: End of the Universe Hacked Message-ID: <9305160615.tn21936@aol.com> MIME-Version: 1.0 Content-Type: text/plain Hi Everybody, This is FYI. Apologies for any overlaps if you get this twice. Note: I was in the Netherlands last year and crashed/partied with these guys and gals and they're ALL RIGHT kinds-a folks. This should be a real feth-ti-val for those who can make it over there. The central Netherlands area is noted for the lack of a "There" there, but what they lack in "There-ness," they more than make up for with a wonderful sense of wackiness. Subliminal Hint: l e t ' s a l l g o ... Peace, ^ ^ dave '[' ...Clip the Clipper Chip! u ------------------------------------------------------------------- H A C K I N G A T T H E E N D O F T H E U N I V E R S E ------------------------------------------------------------------- An 'in-tents' summer congress H U H? ------- Remember the Galactic Hacker Party back in 1989? Ever wondered what happened to the people behind it? We sold out to big business, you think. Think again, we're back! That's right. On august 4th, 5th and 6th 1993, we're organising a three-day summer congress for hackers, phone phreaks, programmers, computer haters, data travellers, electro-wizards, networkers, hardware freaks, techno-anarchists, communications junkies, cyberpunks, system managers, stupid users, paranoid androids, Unix gurus, whizz kids, warez dudes, law enforcement officers (appropriate undercover dress required), guerilla heating engineers and other assorted bald, long-haired and/or unshaven scum. And all this in the middle of nowhere (well, the middle of Holland, actually, but that's the same thing) at the Larserbos campground four metres below sea level. The three days will be filled with lectures, discussions and workshops on hacking, phreaking, people's networks, Unix security risks, virtual reality, semafun, social engineering, magstrips, lockpicking, virusses, paranoia, legal sanctions against hacking in Holland and elsewhere and much, much more. English will be the lingua franca for this event, although some workshops may take place in Dutch. There will be an Internet connection, an intertent ethernet and social interaction (both electronic and live). Included in the price are four nights in your own tent. Also included are inspiration, transpiration, a shortage of showers (but a lake to swim in), good weather (guaranteed by god), campfires and plenty of wide open space and fresh air. All of this for only 100 dutch guilders (currently around US$70). We will also arrange for the availability of food, drink and smokes of assorted types, but this is not included in the price. Our bar will be open 24 hours a day, as well as a guarded depository for valuables (like laptops, cameras etc.). You may even get your stuff back! For people with no tent or air matress: you can buy a tent through us for 100 guilders, a matress costs 10 guilders. You can arrive from 17:00 (that's five p.m. for analogue types) on August 3rd. We don't have to vacate the premises until 12:00 noon on Saturday, August 7 so you can even try to sleep through the devastating Party at the End of Time (PET) on the closing night (live music provided). We will arrange for shuttle buses to and from train stations in the vicinity. H O W ? ------- Payment: In advance only. Even poor techno-freaks like us would like to get to the Bahamas at least once, and if enough cash comes in we may just decide to go. So pay today, or tomorrow, or yesterday, or in any case before Friday, June 25th 1993. Since the banks still haven't figured out why the Any key doesn't work for private international money transfers, you should call, fax or e-mail us for the best way to launder your currency into our account. We accept American Express, even if they do not accept us. But we are more understanding than they are. Foreign cheques go directly into the toilet paper recycling bin for the summer camp, which is about all they're good for here. H A ! ----- Very Important: Bring many guitars and laptops. M E ? ----- Yes, you! Busloads of alternative techno-freaks from all over the planet will descend on this event. You wouldn't want to miss that, now, would you? Maybe you are part of that select group that has something special to offer! Participating in 'Hacking at the End of the Universe' is exciting, but organising your very own part of it is even more fun. We already have a load of interesting workshops and lectures scheduled, but we're always on the lookout for more. We're also still in the market for people who want to help us organize this during the congress. In whatever way you wish to participate, call, write, e-mail or fax us soon, and make sure your money gets here on time. Space is limited. S O : ----- > 4th, 5th and 6th of August > Hacking at the End of the Universe (a hacker summer congress) > ANWB groepsterrein Larserbos (Flevopolder, Netherlands) > Cost: fl. 100,- (+/- 70 US$) per person (including 4 nights in your own tent) M O R E I N F O : ------------------- Hack-Tic Postbus 22953 1100 DL Amsterdam The Netherlands tel : +31 20 6001480 fax : +31 20 6900968 E-mail : heu@hacktic.nl V I R U S : ----------- If you know a forum or network that you feel this message belongs on, by all means slip it in. Echo-areas, your favorite bbs, /etc/motd, IRC, WP.BAT, you name it. Spread the worm, uh, word. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: x62727g2@usma8.USMA.EDU (Gatlin Anthony CDT) Date: Sun, 16 May 93 13:26:35 PDT To: cypherpunks@toad.com Subject: List Message-ID: <9305162022.AA13690@usma8.usma.edu> MIME-Version: 1.0 Content-Type: text/plain I think I may have somehow gotten wiped off the mailing list. I haven't received in cypherpunk mail in 3 days. Anthony J. Gatlin |-------------------------------------| Cadet Private, Co. G-2 |PGP Public Key available on request. | United States Military Academy |-------------------------------------| From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Paco Xander Nathan Date: Tue, 18 May 93 07:43:27 PDT To: x62727g2@usma8.USMA.EDU (Gatlin Anthony CDT) Subject: Re: Publications In-Reply-To: <9305121958.AA14189@usma8.usma.edu> Message-ID: <9305170042.AA15814@wixer> MIME-Version: 1.0 Content-Type: text/plain "Sent from the cyberdeck of: Gatlin Anthony CDT" > Greetings fellow crypto warriors, > I am attempting to locate several publications to see if they are still > in existence and where I might them or archives of previous issues. The > publications I am interested in are TAP, NIA, AOTD, NARC, etc. If anyone > knows where I might be able to obtain these or similar publications, please > let me know. Also, does anyone know where any "interesting" ftp sites which > carry files or other data related to these type publications? > > Thanks, > > Anthony J. Gatlin |-------------------------------------| > Cadet Private, Co. G-2 |PGP Public Key available on request. | > United States Military Academy |-------------------------------------| Geez, this is great.. I was a cadet in F-2 company, but I forget which company Leary was in - glad to see our subversion has taken hold in all the old bastions!! paco xander nathan From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: poier@sfu.ca (na-Baron Feyd-Rautha Harkonnen) Date: Sun, 16 May 93 22:37:55 PDT To: cypherpunks@toad.com Subject: Double encryption Message-ID: <9305170537.AA17406@malibu.sfu.ca> MIME-Version: 1.0 Content-Type: text/plain Hi. Being the security freak that I am, even with military grade encryption (for whatever THATS worth) I feel a little insecure, as most routines are, as far as I can tell, still succeptable to at the least brute force attacks. I was wondering: how to cracking programs determine that they have successfully decrypted a file? Does it simply look for english text (or file headers etc)? If so, how about double-encrypting a file with two completely different and very complex programs? Then, even if it did get the first, it couldn't tell because the resulting data would still be largely gobbledegook. Probably a stupid question, but I was curious. Skye -- "Thppt bwach oop ack" - Bill the Cat | -----====> Skye Merlin Poier <====----- PGP Public Key available on request | Undergrad in CMPT/MATH (Virtual Reality) !!!!!!! FIGHT CLIPPER / LEEF !!!!!!! | email: poier@sfu.ca From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mike Godwin Date: Sun, 16 May 93 22:01:01 PDT To: cypherpunks@toad.com Subject: Washington Post story Message-ID: <199305170501.AA01977@eff.org> MIME-Version: 1.0 Content-Type: text/plain Look for a major story in the Washington Post about Clipper, Digital Telephony, and related matters. It will be coming any day now and should get major play. The reporters are John Schwartz and John Mintz. -Mike From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Not MY universe! 17-May-1993 0927 Date: Mon, 17 May 93 06:51:23 PDT To: cypherpunks@toad.com Subject: re: Double encryption Message-ID: <9305171347.AA19553@enet-gw.pa.dec.com> MIME-Version: 1.0 Content-Type: text/plain Skye asks (upon brute-force attacks): >If so, how about double-encrypting a file with two completely different and >very complex programs? Then, even if it did get the first, it couldn't tell >because the resulting data would still be largely gobbledegook. Maybe. The question is the same as the mathematical question "does the encryption algorithm form a group?". "Groupness" refers to whether two applications of an encryption can be collapsed (by some arbitrary key) into a single application of the same encryption. [or, for two differing encryptions, a single application of some algorithm either less complex than the sum of the two original encryptions, or using a key shorter than the two original keys...] For example, consider Caesar rotations. Here, the key is just a number from 0 to 26 and rot13 (rotation by 13, a->n, being the USENET standard for encrypting dirty jokes). We can "collapse" any pair of Caesar rotations into a new single rotation; it's just rotate for the sum of the two keys. So, Caesar rotations form a group, and it does no good to encrypt twice, because brute force needs to solve only one problem, not two, as combinatorics would suggest. But what about something more... interesting? Say, a Caesar rotation followed by a N-skipped version of the alphabet (for N=1, this is the identity alphabet, for N=2, the alphabet is "a,c,e,g,i,k,m,o,q,s,u,w, y,b,d,f,h,j,l,n,p,r,t,v,x,z", for N=3, it's "a,d,g,...".) Now, there's no possibility of collapsing the two encryptions into one operation; no Caesar rotation can give any of the N-skip alphabets (except the trivial case of N=0), and most pairings of Caesar rotations followed by skipping alphabets cannot be faked by either a Caesar rotation or a skip-alphabet alone. Thus, we can say that Caesar followed by N-skip "does not form a group" and so is as hard to crack by brute force as combinatorics suggest. Back in the early days of DES, it was not known if DES encryption followed by another DES encryption formed a group. That's why triple DES encryption was designed to use an intermediate DEcryption (not encryption) stage, so that even if double-DES-encryption formed a group, encryption/decryption/encryption would not (since it's possible to DES-encrypt any possible message stream, therefore some set of cyphertext bits corresponds to some possible plaintext, and that plaintext can be reencoded) and so it would not be possible to collapse the first two operations into a single DES encode, collapse the and the third into yet another single encode and thereby save much time for the brute force attack. However, it's now been proven that DES encode followed by DES encode does NOT form a group, and so it doesn't really matter any more. >Probably a stupid question, but I was curious. No, it's an *excellent* question. -Bill From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Mon, 17 May 93 09:07:36 PDT To: cypherpunks@toad.com Subject: Double encryption In-Reply-To: <9305171347.AA19553@enet-gw.pa.dec.com> Message-ID: <9305171604.AA28888@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Re: group properties of ciphers, speaking of E1 D2 E3 DES mode: >Back in the early days of DES, it was not known if DES encryption >followed by another DES encryption formed a group. That's why triple >DES encryption was designed to use an intermediate DEcryption (not encryption) That's not at all the reason. One of the properties of groups is that inverses exist. If an inverse existed to DES encryption, then to every encryption key K, there would correspond some unique other encryption key L, such that that encryption by L was the same as decryption by K. Thus if DES formed a group, mixing inverses would have no effect. The reason for the inverses is for backward compatibility. By setting all the keys equal to each other, its the same as a single DES. If you encrypt EEE, you can't get backward compatibility since no DES key yields the identity function. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric S Theise Date: Mon, 17 May 93 13:21:27 PDT To: nobody@well.sf.ca.us (Jeremy Hillary Boob) Subject: May Modern Times event Message-ID: <199305172021.AA03202@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Thought some of you might be interested in Wednesday's Jacking In/Cyberspace Literacy event ... Jacking In: A Series on Cyberspace Literacy presents ONLINE COMMUNITIES AROUND THE BAY: THE INNS AND THEIR KEEPERS Every computer-based conferencing system lets its subscribers access relevant community information and discuss topics ranging from Apple Computers to zymurgy. While these systems are all based on the same conceptual model, each one evolves its own personality and community standards based on underlying software, management policies, and, ultimately, the subscribers it attracts. This installment of Jacking In will feature a talk about building and nourishment of online community, followed by community-conscious demonstrations of several San Francisco-based conferencing systems. In cyberspace, community is not geography. John Coate, "Building Online Community" Wayne Gregori, SF Net Alex Liberman, 101 Online Gail Ann Williams, The WELL Wednesday, May 19, 7:30 p.m. $3-$5 sliding scale Modern Times Bookstore 888 Valencia (19th/20th) San Francisco, CA 94110 (415) 282-9246 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Mon, 17 May 93 14:39:40 PDT To: cypherpunks@toad.com Subject: NIST answers to RSADSI questions Message-ID: <9305172136.AA23367@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Date: Mon, 17 May 93 14:04:46 PDT From: jim@RSA.COM (Jim Bidzos) Subject: [ROBACK@ECF.NCSL.NIST.GOV: Answers to Your Questions] FYI. NIST has responded to my questions. Feel free to distribute. -Jim Date: Mon, 17 May 1993 16:44:28 -0400 (EDT) From: ROBACK@ECF.NCSL.NIST.GOV Subject: Answers to Your Questions To: jim@RSA.COM X-Vmsmail-To: SMTP%"jim@rsa.com" To: Mr. Jim Bidzos, RSA Data Security, Inc. From: Ed Roback, NIST Mr. Ray Kammer asked me to forward to you our answers to the questions you raised in your e-mail of 4/27. We've inserted our answers in your original message. ------------------------------------------------------ From: SMTP%"jim@RSA.COM" 27-APR-1993 03:13:12.75 To: clipper@csrc.ncsl.nist.gov CC: Subj: Clipper questions From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Mon, 17 May 93 15:53:59 PDT To: cypherpunks@toad.com Subject: No Subject Message-ID: <9305172250.AA01413@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Date: Mon, 17 May 93 14:04:46 PDT From: jim@RSA.COM (Jim Bidzos) Subject: [ROBACK@ECF.NCSL.NIST.GOV: Answers to Your Questions] FYI. NIST has responded to my questions. Feel free to distribute. -Jim Date: Mon, 17 May 1993 16:44:28 -0400 (EDT) From: ROBACK@ECF.NCSL.NIST.GOV Subject: Answers to Your Questions To: jim@RSA.COM X-Vmsmail-To: SMTP%"jim@rsa.com" To: Mr. Jim Bidzos, RSA Data Security, Inc. From: Ed Roback, NIST Mr. Ray Kammer asked me to forward to you our answers to the questions you raised in your e-mail of 4/27. We've inserted our answers in your original message. ------------------------------------------------------ From: SMTP%"jim@RSA.COM" 27-APR-1993 03:13:12.75 To: clipper@csrc.ncsl.nist.gov CC: Subj: Clipper questions From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Mon, 17 May 93 16:20:46 PDT To: cypherpunks@toad.com Subject: Third time's the charm Message-ID: <9305172317.AA05426@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain OK. This time this should work. The previous file had some periods on lines by themselves; this was causing my sendmail overhere to think the end of transmission had arrived. Damn in-band signalling. Eric ----------------------------------------------------------------------------- Date: Mon, 17 May 93 14:04:46 PDT From: jim@RSA.COM (Jim Bidzos) Subject: [ROBACK@ECF.NCSL.NIST.GOV: Answers to Your Questions] FYI. NIST has responded to my questions. Feel free to distribute. -Jim Date: Mon, 17 May 1993 16:44:28 -0400 (EDT) From: ROBACK@ECF.NCSL.NIST.GOV Subject: Answers to Your Questions To: jim@RSA.COM X-Vmsmail-To: SMTP%"jim@rsa.com" To: Mr. Jim Bidzos, RSA Data Security, Inc. From: Ed Roback, NIST Mr. Ray Kammer asked me to forward to you our answers to the questions you raised in your e-mail of 4/27. We've inserted our answers in your original message. ------------------------------------------------------ From: SMTP%"jim@RSA.COM" 27-APR-1993 03:13:12.75 To: clipper@csrc.ncsl.nist.gov CC: Subj: Clipper questions Date: Tue, 27 Apr 93 00:11:50 PDT From: jim@RSA.COM (Jim Bidzos) Here are some questions about the Clipper program I would like to submit. Much has been said about Clipper and Capstone (the term Clipper will be used to describe both) recently. Essentially, Clipper is a government-sponsored tamper-resistant chip that employs a classified algorithm and a key escrow facility that allows law enforcement, with the cooperation of two other parties, to decipher Clipper-encrypted traffic. The stated purpose of the program is to offer telecommunications privacy to individuals, businesses, and government, while protecting the ability of law enforcement to conduct court-authorized wiretapping. The announcement said, among other things, that there is currently no plan to attempt to legislate Clipper as the only legal means to protect telecommunications. Many have speculated that Clipper, since it is only effective in achieving its stated objectives if everyone uses it, will be followed by legislative attempts to make it the only legal telecommunications protection allowed. This remains to be seen. >>>> NIST: There are no current plans to legislate the use of Clipper. Clipper will be a government standard, which can be - and likely will be - used voluntarily by the private sector. The option for legislation may be examined during the policy review ordered by the President. The proposal, taken at face value, still raises a number of serious questions. What is the smallest number of people who are in a position to compromise the security of the system? This would include people employed at a number of places such as Mikotronyx, VSLI, NSA, FBI, and at the trustee facilities. Is there an available study on the cost and security risks of the escrow process? >>>> NIST: It will not be possible for anyone from Mykotronx, VLSI, NIST, NSA, FBI (or any other non-escrow holder) to compromise the system. Under current plans, it would be necessary for three persons, one from each of the escrow trustees and one who knows the serial number of the Clipper Chip which is the subject of the court authorized electronic intercept by the outside law enforcement agency, to conspire in order to compromise escrowed keys. To prevent this, it is envisioned that every time a law enforcement agency is provided access to the escrowed keys there will be a record of same referencing the specific lawful intercept authorization (court order). Audits will be performed to assure strict compliance. This duplicates the protection afforded nuclear release codes. If additional escrow agents are added, one additional person from each would be required to compromise the system. NSA's analysis on the security risks of the escrow system is not available for public dissemination. How were the vendors participating in the program chosen? Was the process open? >>>> NIST: The services of the current chip vendors were obtained in accordance with U.S. Government rules for sole source procurement, based on unique capabilities they presented. Criteria for selecting additional sources will be forthcoming over the next few months. AT&T worked with the government on a voluntary basis to use the "Clipper Chip" in their Telephone Security Device. Any vendors of equipment who would like to use the chips in their equipment may do so, provided they meet proper government security requirements. A significant percentage of US companies are or have been the subject of an investigation by the FBI, IRS, SEC, EPA, FTC, and other government agencies. Since records are routinely subpoenaed, shouldn't these companies now assume that all their communications are likely compromised if they find themselves the subject of an investigation by a government agency? If not, why not? >>>> NIST: No. First of all, there is strict and limited use of subpoenaed material under the Federal Rules of Criminal Procedure and sanctions for violation. There has been no evidence to date of Governmental abuse of subpoenaed material, be it encrypted or not. Beyond this, other Federal criminal and civil statutes protect and restrict the disclosure of proprietary business information, trade secrets, etc. Finally, of all the Federal agencies cited, only the FBI has statutory authority to conduct authorized electronic surveillance. Electronic surveillance is conducted by the FBI only after a Federal judge agrees that there is probable cause indicating that a specific individual or individuals are using communications in furtherance of serious criminal activity and issues a court order to the FBI authorizing the interception of the communications. What companies or individuals in industry were consulted (as stated in the announcement) on this program prior to its announcement? (This question seeks to identify those who may have been involved at the policy level; certainly ATT, Mikotronyx and VLSI are part of industry, and surely they were involved in some way.) >>>> NIST: To the best of our knowledge: AT&T, Mykotronx, VLSI, and Motorola. Other firms were briefed on the project, but not "consulted," per se. Is there a study available that estimates the cost to the US government of the Clipper program? >>>> NIST: No studies have been conducted on a government-wide basis to estimate the costs of telecommunications security technologies. The needs for such protection are changing all the time. There are a number of companies that employ non-escrowed cryptography in their products today. These products range from secure voice, data, and fax to secure email, electronic forms, and software distribution, to name but a few. With over a million such products in use today, what does the Clipper program envision for the future of these products and the many corporations and individuals that have invested in and use them? Will the investment made by the vendors in encryption-enhanced products be protected? If so, how? Is it envisioned that they will add escrow features to their products or be asked to employ Clipper? >>>> NIST: Again, the Clipper Chip is a government standard which can be used voluntarily by those in the private sector. We also point out that the President's directive on "Public Encryption Management" stated: "In making this decision, I do not intend to prevent the private sector from developing, or the government from approving, other microcircuits or algorithms that are equally effective in assuring both privacy and a secure key-escrow system." You will have to consult directly with private firms as to whether they will add escrow features to their products. Since Clipper, as currently defined, cannot be implemented in software, what options are available to those who can benefit from cryptography in software? Was a study of the impact on these vendors or of the potential cost to the software industry conducted? (Much of the use of cryptography by software companies, particularly those in the entertainment industry, is for the protection of their intellectual property.) >>>> NIST: You are correct that, currently, Clipper Chip functionality can only be implemented in hardware. We are not aware of a solution to allow lawfully authorized government access when the key escrow features and encryption algorithm are implemented in software. We would welcome the participation of the software industry in a cooperative effort to meet this technical challenge. Existing software encryption use can, of course, continue. Banking and finance (as well as general commerce) are truly global today. Most European financial institutions use technology described in standards such as ISO 9796. Many innovative new financial products and services will employ the reversible cryptography described in these standards. Clipper does not comply with these standards. Will US financial institutions be able to export Clipper? If so, will their overseas customers find Clipper acceptable? Was a study of the potential impact of Clipper on US competitiveness conducted? If so, is it available? If not, why not? >>>> NIST: Consistent with current export regulations applied to the export of the DES, we expect U.S. financial institutions will be able to export the Clipper Chip on a case by case basis for their use. It is probably too early to ascertain how desirable their overseas customers will find the Clipper Chip. No formal study of the impact of the Clipper Chip has been conducted since it was, until recently, a classified technology; however, we are well aware of the threats from economic espionage from foreign firms and governments and we are making the Clipper Chip available to provide excellent protection against these threats. As noted below, we would be interested in such input from potential users and others affected by the announcement. Use of other encryption techniques and standards, including ISO 9796 and the ISO 8730 series, by non-U.S. Government entities (such as European financial institutions) is expected to continue. I realize they are probably still trying to assess the impact of Clipper, but it would be interesting to hear from some major US financial institutions on this issue. >>>> NIST: We too would be interested in hearing any reaction from these institutions, particularly if such input can be received by the end of May, to be used in the Presidentially-directed review of government cryptographic policy. Did the administration ask these questions (and get acceptable answers) before supporting this program? If so, can they share the answers with us? If not, can we seek answers before the program is launched? >>>> NIST: These and many, many others were discussed during the development of the Clipper Chip key escrow technology and the decisions-making process. The decisions reflect those discussions and offer a balance among the various needs of corporations and citizens for improved security and privacy and of the law enforcement community for continued legal access to the communications of criminals. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: poier@sfu.ca (na-Baron Feyd-Rautha Harkonnen) Date: Mon, 17 May 93 18:24:11 PDT To: cypherpunks@toad.com Subject: The Clipper (clip on clip off ) Message-ID: <9305180123.AA12170@malibu.sfu.ca> MIME-Version: 1.0 Content-Type: text/plain One question regarding the proposed Clipper chip: What exactly is the key escrow facility? From what I can tell, it seems to be the bit that allows the LEEF... Skye -- "Thppt bwach oop ack" - Bill the Cat | -----====> Skye Merlin Poier <====----- PGP Public Key available on request | Undergrad in CMPT/MATH (Virtual Reality) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: kelly@pleiku.netcom.com Date: Mon, 17 May 93 21:31:02 PDT To: cypherpunks@toad.com Subject: No Subject Message-ID: <9305180430.AA29340@toad.com> MIME-Version: 1.0 Content-Type: text/plain >From kelly Mon May 17 21:31:11 0700 1993 remote from pleiku To: netcoms!longs.lance.colostate.edu!ld231782 cc: toad.com!cypherpunks Subject: Re: I'M GOING CRAZY! FWEE! In-reply-to: Your message of "Mon, 17 May 1993 22:07:22 MDT." <9305180408.AA15369@longs.lance.colostate.edu> Priority: urgent Date: Mon, 17 May 1993 21:31:11 -0700 From: "Stop the Big Brother CHip" Received: from pleiku by pleiku.netcom.com; Mon, 17 May 1993 21:31 PDT Content-Type: text Content-Length: 1375 OK So I am extremely irritating... :)(I sincerely hope I am the biggest BURR under the saddle the government has had in a long time) I too am disappointed... it had been my understanding that julf was going to newgroup alt.whistleblowers... no action on that front... I will be bringing up C-news this week and I will see about it after that... you shouldnt have to wait too long... cheers kelly -- Parts of this .sig borrowed with permission from T.C.May. Perhaps it will indeed get me busted also. .......................................................................... Kelly Goen | Crypto Anarchy: encryption, digital money, kelly@netcom.com | anonymous networks, digital pseudonyms, zero Intelligence Systems | knowledge, reputations, information markets, Specialists Inc. | black markets, face banks, data havens, dark | tech, covert channels, shared secrets, | alt.whistleblowers, collapse of governments. Technical Monkeywrench | Public Key: PGP 2.2. | .......................................................................... PGP 2.2 Key available from PGP Keyservers on the Internet. pub 1024/1BA573 1992/09/09 kelly Key fingerprint = EF 7A 38 99 22 84 E3 3B 90 2A DB 80 DC 65 DA 31 STOP THE WIRETAP CHIP(Clipper Chip)!! From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ""L. Detweiler"" Date: Mon, 17 May 93 21:09:09 PDT To: cypherpunks@toad.com Subject: I'M GOING CRAZY! FWEE! Message-ID: <9305180408.AA15369@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain RECIPE FOR INSANITY =================== I'm extremely FRUSTRATED and DEJECTED on the progress the `whistleblowing newsgroup' has undergone as a cypherpunk pet-project: pathetically negligible and STYMIED, from my point of view. It has been many weeks since a rowdy, visionary, and consistently irritating cypherpunk first proposed it and immediate ringing endorsements came from eminent and venerable members of the list, e.g. T.C. May. It has generated quite a bit of traffic and ideas on the list. In spirit and intent is probably as central to the cypherpunk cause, as, say, PGP. WHERE'S THE GROUP? ================== I swear I am going to go INSANE waiting for some patriotic cyberpunk with a smidgeon of skill, courage, impatience, knowledge, and access to send out a NEW GROUP command for alt.whistleblower! Did I miss it? Where the heck is it? Please, I IMPLORE SOMEONE to PUT ME OUT OF MY MISERY! FIRE NOW! Damn, we have the stench of alt.fan.dick-depew wafting as easily as most mortal people create directories! PLEASE, I swear whoever gets alt.whistleblower gets to be in my personal historical all-time CYPHERPUNK HALL OF FAME and have my everlasting gratitude! Never before in the history of Usenet has something so trivial thwarted so many for so long! Sheesh, I thought it would be SIMPLE for someone to effect SOMETHING to happen in this area. I thought I wouldn't have to slave away entirely personally in going through the RFD and voting process, if even that was necessary! For once I thought this would be a project that every cypherpunk could bite off a piece somewhere, and that some COLLECTIVE MOMENTUM could be established! I thought this could happen faster than the speed of electricity. Instead it is happening slower than the SPEED OF BUREACRACY. Am I starting to sound enough like a CRACKPOT YET? well I really hope so. I think I am going to break down and cry. Please, someone, have some humanity in you, and PULL THE TRIGGER. Are we waiting for a triplicate directive from Clinton, or the NSA, or what?! Do we have to make sure every vacillating cypherpunk likes the idea or every last senator is personally prepared with their Official WhistleBlower Kit and Decoder Ring? Who cares what anyone thinks! JUST DO IT! BOILING A TOAD? =============== Gad, it is such a g*dawful tragedy this simple take-out-the-trash chore has not been done yet. Look, I don't know about the authenticity of the recent Mycotronx postings, they make me SHUDDER! They are PERFECT AMMUNITION (whether true or not) for getting some MAJOR HEAT on the maintainers of this fragile mailing list! Does anyone have any idea how paranoid and POWERFUL the NSA is? Do you think that they just shrug their shoulders and say `oh well' when confidential information sneaks out? Do you know what kind of unpleasantness a wounded bureacrat can summon? Multiply that uncountably many times and you have a tiny facet of the decimating wrath of a betrayed horde of spies sanctioned by a vast government! Gad, this could all have been ENTIRELY AVOIDED if they were posted to a newsgroup! As I've pointed out, the critical *resilient* aspect there is that a newsgroup is *distributed* -- post from anywhere, spreads everywhere like a virus, how can a sinister federal agency clamp down on a cloud? It can't! On the other hand, if anyone decided to clamp down on toad.com, after a certain amount -- certainly a great deal but definitely a lot less than that required to shutdown Usenet -- it would CROAK! PARANOID DELUSIONS ================== Yes, I really am going insane. Clark Reynard posted a few weeks ago he was starting the RFD for soc.whistleblowers. In my silly naivete I thought enough cypherpunks would drop by to make it a landslide, and that I'd mosey on over after hearing about all the excitement. Review the debate, balance the points, post something fiery and visionary and inspiring, sit back and watch the fireworks. Finally, I thought, someone who knew what they were doing could get this silly thing HAPPENING. Someone could be a LEADER and take RESPONSIBILITY. Someone could give some DIRECTION to the pervasive cypherpunk malaise, stalemate, and bickering. Someone who was forging AHEAD irrespective of counterproductive and sabotaging griping. What the heck happened? Did anything happen? This is not only dead without a bang, it is dead without a whimper! Mr. Reynard posts on Tue May 4: >Based on the responses of a few cypherpunk members, >I have decided not to post a second RFD for soc.whistleblowers >unless I receive a significant amount of email requesting >that I do so. Nor will I post a CFV. My sanity is teetering precipitously. Who were these cypherpunk `members'? Mr. Reynard refuses to identify `them' to me in email. He says that someone has asked him NOT to personally start the whistleblower group! and that this person deserves his trust because of his reputed contributions to the cypherpunk cause! Gee, I asked, who could this be that would ask to HALT PROGRESS for some vague, nebulous, unspecified reason that even Mr. Reynard was not aware of? Look, I would have gladly saved all this bilge for private email, but I DON'T KNOW WHO TO TALK TO! Supposedly this person, for some unfathomable reason, specifically told Mr. Reynard NOT to reveal his identity! I will not quote email, but Mr. Reynard kindly sympathizes with my frenzy, but still refuses to tell me anything informative! So ever since May 4 and trading several barren and excruciatingly exasperating missives with Mr. Reynard, I am BOILING OVER! This mystery person is supposedly going to post something on the whistleblower project, acc. to Mr. Reynard, Real Soon Now to the list that will absolutely dazzle everyone with its magnificent splendor. Well, WHERE IS IT? (Note to the clueless: *this* is certainly not IT!) MUSHROOMS AND PUDDING ===================== I find it OUTRAGEOUS the weaselly and underhanded way this mystery individual, apparently wholly intentionally, has TOTALLY STYMIED and THWARTED the SOLE cypherpunk progress in this area. Cypherpunks, do you feel like trampled mushrooms yet? well I DO. Not only that, Mr. Reynard wrote cryptically: >While I find the imputation that I ought to be executed as >an Enemy of the People both offensive and absurd, it seems >that I could be acting retrogressively, though no sane reason >why I am doing so has been presented to me. who is it that levelled these atrocious, filthy accusations? Mr. Reynard took it upon himself to do a PUBLIC SERVICE. Who is it that suggested that it was anything but valiant heroism? Speak, I demand it! Reveal yourself! From whence comes this treasonous, traitorous slime? Where is the DOUBLE AGENT in our midst? >I will allow others to continue their efforts, >and would be pleased to help in whatever manner I can, but do >not wish to foment further splintering of what is already a >divided group. Please Mr. Reynard, isn't it clear that the cypherpunks will forever have more splinters than a shredded beam? Who CARES what anybody else thinks! Isn't there any SCRAP of INTRINSIC MERIT in this project? Is `cypherpunks' just the brand name for MUSHY GUTLESS SPINELESS PUDDING? Look, if somebody is doing a lot to get the whistleblower group going, I PRAISE AND COMMEND YOU. But so far I see ABSOLUTELY NO SIGNS anything is happening! After weeks of hypothetical hyperventilating, we have nothing but a DEAD CORPSE! In this fragile and critical period, I would rather make a fool of myself shouting than be silent as it LANGUISHES INTO OBLIVION. >If interest warrants, or opinion seems different than what >I understand it to be, I reserve the right to change my mind. INTEREST WARRANTS! CHANGE YOUR MIND! If not you, then SOMEBODY! If not now, then IMMEDIATELY! CAVEAT ====== Ok, so others on the list will find my rantings most unpalatable and tell me so in email and on the list, perhaps even humiliating me with epithets and personal attacks, despite that, while bordering precariously, this note is free of them. I DON'T CARE! I'm a desperate man! This thing is just too IMPORTANT for me to care about STEPPING ON SOME TOES or BLOODYING MY NOSE. It is the first feeble step toward a kingdom of Electronic Democracy, and we are just tripping and falling over each other like drunken legislators! Yes, some will say `what are you doing about it personally?' I am WAITING FOR THE GROUP TO BE CREATED so a tentative FAQ CAN BE POSTED THERE! (FAQs do not arise in vacuums, they are forged from posting and feedback! I speak from experience!) No, my worthless, prejudiced, personal FAQ for whistleblowers is NOT WRITTEN, because right now, for strange and mysterious reasons I will leave to the reader to prophesize, to do so currently would SCANDALOUS WASTE OF MY TIME! 'scuze me while I go get some water, i'm getting hoarse... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: trimm@netcom.com (Trimm Industries) Date: Mon, 17 May 93 22:07:27 PDT To: cypherpunks@toad.com Subject: mykotronx Message-ID: <9305180507.AA16085@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Howdy. I was the "anonymous" poster of the Mykotronx information. It is genuine, for samples I can fax you parts of it, or snail mail or whatever. Or, simply call me: Gary Watson Engineer Trimm Industries (800) 423-2024 trimm@netcom.com I am in the process of piecing together the Selectric ribbon that the executive secretary of Mykotronx carelessly threw into the routine office trash. I'm cutting into 8" strips and taping it to white paper, but this is a tedious process, and it may be after my Atlanta Comdex trip before I post on it again. See ya, GW (thanks for the confidentiality) -- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: poier@sfu.ca (na-Baron Feyd-Rautha Harkonnen) Date: Mon, 17 May 93 23:15:50 PDT To: cypherpunks@toad.com Subject: Request for requests Message-ID: <9305180615.AA20183@malibu.sfu.ca> MIME-Version: 1.0 Content-Type: text/plain Hi. Please email me (or post directly) as to any companies in the Vancouver/Seattle area doing encryption research for any governmental agency. I wish to keep tabs on such companies, and I'd be more than willing to share any findings. Feyd Eli -- -----====> Skye Merlin Poier <====----- Undergrad in CMPT/MATH (Virtual Reality) |||| |||| email: poier@sfu.ca o-OO <--> OO-o THINK PGP Public Key available on request \== ==/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ""L. Detweiler"" Date: Mon, 17 May 93 22:55:28 PDT To: cypherpunks@toad.com Subject: a valuable spy... In-Reply-To: <9305180507.AA16085@netcom.netcom.com> Message-ID: <9305180555.AA16744@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain [G. Watson] >I was the "anonymous" poster of the Mykotronx information. >I am in the process of piecing together the Selectric ribbon >that the executive secretary of Mykotronx carelessly threw into >the routine office trash. [PALE CRINGE] Mr. Watson, I commend you for your efforts but you make an atrocious spy! By revealing your source so carelessly and readily you have jeopardized the possibility of any future, even more significant discoveries from the same outlet! You could have still gotten the information without revealing it, and it was so littered, laced, and inundated with facts and data that it could have *easily* been verified by outside means. I think the damage has been done, but cypherpunks -- maybe some attempt should be made to prevent the spread of those postings, or at least preserve Mr. Watson's confidentiality. But I think it is a lost cause. It is very likely that NSA agents subscribe directly to this list. Oh, oh, oh, I'm going to cry. Q. How many cypherpunks does it take to change a light bulb? A. They can't. Haven't figured out how yet. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Tue, 18 May 93 00:11:16 PDT To: ld231782@longs.lance.colostate.edu Subject: Re: a valuable spy... Message-ID: <9305180711.AA03652@servo> MIME-Version: 1.0 Content-Type: text/plain The note from Watson could well be a decoy to draw the NSA off the track of the *real* spy... :-) Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: poier@sfu.ca (na-Baron Feyd-Rautha Harkonnen) Date: Tue, 18 May 93 02:12:15 PDT To: cypherpunks@toad.com Subject: Question Message-ID: <9305180912.AA23491@malibu.sfu.ca> MIME-Version: 1.0 Content-Type: text/plain Hi... What does GCHQ stand for, and what does it do? Is it similar to the NSA? Feyd Eli -- -----====> Skye Merlin Poier <====----- Undergrad in CMPT/MATH (Virtual Reality) |||| |||| email: poier@sfu.ca p-OO <--> OO-q THINK PGP Public Key available on finger \== ==/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: miron@extropia.wimsey.com (Miron Cuperman) Date: Tue, 18 May 93 00:49:17 PDT To: cypherpunks@toad.com Subject: Re: NIST answers to RSADSI questions In-Reply-To: <9305172317.AA05426@soda.berkeley.edu> Message-ID: <1993May18.072613.18907@extropia.wimsey.bc.ca> MIME-Version: 1.0 Content-Type: text/plain From the wording of NIST's response, is seems to me that they intend to outlaw all non-escrow encryption schemes. -- Miron Cuperman | NeXTmail/Mime ok Unix/C++/DSP, consulting/contracting | Public key avail AMIX: MCuperman | Laissez faire, laissez passer. Le monde va de lui meme. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: elee9sf@Menudo.UH.EDU Date: Tue, 18 May 93 05:44:39 PDT To: cypherpunks@toad.com Subject: Re: Question In-Reply-To: <9305180912.AA23491@malibu.sfu.ca> Message-ID: <199305181244.AA04972@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain > > What does GCHQ stand for, and what does it do? Is it similar to the NSA? > > Feyd Eli Government Communications HQ or something like that. It is similar to the NSA. Rumor has it that each agency taps the other's domestic calls, so both may truthfully say that they don't engage in domestic survellience... I beleive the U.K. still denies the existence of the GCHQ, despite there being a large building with satellite dishes and antennas all over it in Cheltenham (?). I read that a government minister said in response to a statement made by a former GCHQ chief that he worked at the "GCHQ" that this didn't necessarily mean that GCHQ existed before his tenure, nor does it imply the GCHQ existed after he left... (This from the book _SpyCatcher_?) /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu@cygnus.com Date: Tue, 18 May 93 08:30:12 PDT To: cypherpunks@toad.com Subject: Ethernet 20th birthday retrospective at Sun Message-ID: <9305181530.AA00245@cygnus.com> MIME-Version: 1.0 Content-Type: text/plain This is slightly off-topic, but seeing the history of an important networking technology may be interesting for Bay Area cypherpunks. Apologies to the rest of the list. John * please forward this announcement within the Bay area * * and post to any appropriate internal aliases * Bay Area Computer History Perspectives "Ethernet 20th Birthday---Early History of the Ethernet" A panel discussion with David Boggs, Ron Crane, Robert Metcalfe, and John Shoch 5:30 PM, Tuesday, May 25 Stanford Room Sun Microsystems Bldg. 6 2750 Coast Ave. Mt. View May 22, 1973, was the birthday of the Ethernet. On that date, Bob Metcalfe used the word Ethernet in a memo to describe a project previously known as the Alto Aloha net. And Ethernet has been a major part of Local Area Networks ever since. In this panel discussion, four of the most influential individuals in the history of Ethernet will come together again, to look back at the situation and events of 20 years ago. Among other possible topics: - What were the initial goals? How did they change over time? - What were Ethernet's main competitors in 1973? Why didn't they succeed? - Why was the intial data transfer rate fixed at exactly 2.94 Mbit/sec? How did it eventually get set at 10 Mbit/sec? - How did Intel and DEC get involved? - How did Ethernet become a standard? Where there any compromises? - And a glimpse at the future of Ethernet today Topics such as these can suggest some of the value of learning from history. The lessons can be useful right now, today, and also in the future. After you take a look back into the past of the computer industry, you may look at your own work differently the very next day. Bay Area Computer History Perspectives is a series of programs organised by Peter Nurkse and Jeanie Treichel, of Sun Microsystems, to explore and record our local Bay area computer history. Programs are videotaped for the archives of The Computer Museum in Boston, which maintains collections on the history of the international computer industry. This program is open to the public and free of charge. Copies of the new ACM History of Electronic Computing poster, a full color timeline 5.5 feet long, will be available at the cost price of two dollars (cash only). After a summer break, the next program in this series will be on the ERMA project at Bank of America, on Sept. 28 (ERMA may have been the first major Bay area contribution to the history of computing). Suggestions for further programs are welcome, and can be faxed to Jeanie Treichel at 415/691-0756, or e-mailed to nurkse@eng.sun.com. If you are willing to appear on a panel, or can contact someone whom you suggest be included, that additional information would be very helpful. Directions to Sun Building 6 in Mt. View: take San Antonio Road North exit from highway 101 in Mt. View. Go a block past the traffic lights at the intersection, and then - turn right on Casey Ave. - go one block on Casey Ave., then turn right again on Marine Way - go one block on Marine Way, then turn left on Coast Ave. - go down to the end of Coast Ave., and Building 6 is on your right From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Harry Shapiro Date: Tue, 18 May 93 05:53:40 PDT To: cypherpunks@toad.com (Good Guys) Subject: This is "telling" Message-ID: <199305181253.AA10326@sun.Panix.Com> MIME-Version: 1.0 Content-Type: text/plain The answer to this question is "telling." Escrow or no encryption!!! /harry From: jim@RSA.COM (Jim Bidzos) FYI. NIST has responded to my questions. Feel free to distribute. There are a number of companies that employ non-escrowed cryptography in their products today. These products range from secure voice, data, and fax to secure email, electronic forms, and software distribution, to name but a few. With over a million such products in use today, what does the Clipper program envision for the future of these products and the many corporations and individuals that have invested in and use them? Will the investment made by the vendors in encryption-enhanced products be protected? If so, how? Is it envisioned that they will add escrow features to their products or be asked to employ Clipper? >>>> NIST: Again, the Clipper Chip is a government standard which can be used voluntarily by those in the private sector. We also point out that the President's directive on "Public Encryption Management" stated: "In making this decision, I do not intend to prevent the private sector from developing, or the government from approving, other microcircuits or algorithms that are equally effective in assuring both privacy and a secure key-escrow system." You will have to consult directly with private firms as to whether they will add escrow features to their products. Since Clipper, as currently defined, cannot be implemented in software, what options are available to those who can benefit from cryptography in software? Was a study of the impact on these vendors or of the potential cost to the software industry conducted? (Much of the use of cryptography by software companies, particularly those in the entertainment industry, is for the protection of their intellectual property.) >>>> NIST: You are correct that, currently, Clipper Chip functionality can only be implemented in hardware. We are not aware of a solution to allow lawfully authorized government access when the key escrow features and encryption algorithm are implemented in software. We would welcome the participation of the software industry in a cooperative effort to meet this technical challenge. Existing software encryption use can, of course, continue. Banking and finance (as well as general commerce) are truly global today. Most European financial institutions use technology described in standards such as ISO 9796. Many innovative new financial products and services will employ the reversible cryptography described in these standards. Clipper does not comply with these standards. Will US financial institutions be able to export Clipper? If so, will their overseas customers find Clipper acceptable? Was a study of the potential impact of Clipper on US competitiveness conducted? If so, is it available? If not, why not? >>>> NIST: Consistent with current export regulations applied to the export of the DES, we expect U.S. financial institutions will be able to export the Clipper Chip on a case by case basis for their use. It is probably too early to ascertain how desirable their overseas customers will find the Clipper Chip. No formal study of the impact of the Clipper Chip has been conducted since it was, until recently, a classified technology; however, we are well aware of the threats from economic espionage from foreign firms and governments and we are making the Clipper Chip available to provide excellent protection against these threats. As noted below, we would be interested in such input from potential users and others affected by the announcement. Use of other encryption techniques and standards, including ISO 9796 and the ISO 8730 series, by non-U.S. Government entities (such as European financial institutions) is expected to continue. I realize they are probably still trying to assess the impact of Clipper, but it would be interesting to hear from some major US financial institutions on this issue. >>>> NIST: We too would be interested in hearing any reaction from these institutions, particularly if such input can be received by the end of May, to be used in the Presidentially-directed review of government cryptographic policy. Did the administration ask these questions (and get acceptable answers) before supporting this program? If so, can they share the answers with us? If not, can we seek answers before the program is launched? >>>> NIST: These and many, many others were discussed during the development of the Clipper Chip key escrow technology and the decisions-making process. The decisions reflect those discussions and offer a balance among the various needs of corporations and citizens for improved security and privacy and of the law enforcement community for continued legal access to the communications of criminals. -- Harry Shapiro habs@panix.com List Administrator of the Extropy Institute Mailing List Private Communication for the Extropian Community since 1991 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Tue, 18 May 93 06:45:15 PDT To: cypherpunks@toad.com Subject: Mykotoxic anon post Message-ID: MIME-Version: 1.0 Content-Type: text/plain I was the on who posted the Mykotoxin anonymously to the group. It was genuine, bona fide, inspected and rejected. Don't ask me how I did it. It's a secret. Paul Ferguson | "... certain unalienable Rights, Network Integrator | that among these, are Life, Liberty, Centreville, Virginia USA | and the pursuit of Happiness." fergp@sytex.com | -- The Declaration of Independence Stop the Wiretap (Clipper/Capstone) Chip. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ggoebel@sun1.ruf.uni-freiburg.de (Garrett Goebel) Date: Tue, 18 May 93 03:53:48 PDT To: cypherpunks@toad.com Subject: mykotronx Message-ID: <9305181053.AA23420@sun1.ruf.uni-freiburg.de> MIME-Version: 1.0 Content-Type: text Hi, I was also the "anonymous" poster of the Mykotronx information :) ^^^^ It is genuine. Don't ask me how I did it. It's a secret. Besides, you probably wouldn't believe me anyways :( See ya, Garrett (thanks for the confidentiality) -- C. Garrett Goebel From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Tue, 18 May 93 10:12:07 PDT To: karn@qualcomm.com (Phil Karn) Subject: Re: a valuable spy... In-Reply-To: <9305180711.AA03652@servo> Message-ID: <9305181711.AA01156@dun-dun-noodles.aktis.com> MIME-Version: 1.0 Content-Type: text/plain >> The note from Watson could well be a decoy to draw the NSA off the track >> of the *real* spy... :-) Or, it could be from the NSA, trying to collect names and numbers of people who are interested in insider information on Mykotronx. :-( Marc P.S. We could probably escalate paranoia indefinitely here.... P.P.S. Because they are attractive targets, it is illegal to disclose the identities and home addresses of intelligence agents, which is what "Mr. Watson" did. It is not illegal to possess this information, however. (This is what I am told by an ex-NSA employee.) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: anon03e2@nyx.cs.du.edu (Fallen Angel) Date: Tue, 18 May 93 14:41:46 PDT To: cypherpunks@toad.com Subject: Neural Nets to decrypt? Message-ID: <9305181912.AA05130@nyx.cs.du.edu> MIME-Version: 1.0 Content-Type: text/plain I am naive on a couple of fronts, so apologies if this is off-base. As computing evolves, would it be very possible to use a neural net or like system to design an ideal code-breaking engine? From my u understanding, code-breakers are only as good as their designer's knowledge of the algorithim. Such a hypothetical system would develop its own cracking alogorithim which could be more efficient by several factors. I think another variation would the use of GA's to create a more efficient code-breaker. I know that GAs have been used to achieve near-ideal results in least-step sorting algorithims. Would code-breaking be the same in principle? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: AOLCHTNN@vax1.tcd.ie Date: Tue, 18 May 93 06:51:32 PDT To: cypherpunks@toad.com Subject: GCHQ in the UK Message-ID: <01GYBP23B51G0026OX@vax1.tcd.ie> MIME-Version: 1.0 Content-Type: text/plain Can someone tell me whether what I've heard about GCHQ in the UK?? A lot of books and magazines of fairly serious political content have alleged that GCHQ taps _all_ Irish telephone calls and screens them electronically for "keywords", to find the interesting conversations. (The IRA is alleged to have something similar, although not quite so sophisticated) What I want to know is whether digital voice-recognition monitoring on such a scale is really possible? Thanx in advance Antoin O Lachtnain, Trinity College Dublin. PS Iis there anyone in the UK or Ireland who'd be willing to send me a copy of PGP 2.2, if I send them a couple o' blank disks? AOL From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Sandy <72114.1712@CompuServe.COM> Date: Tue, 18 May 93 12:42:45 PDT To: Subject: CALLER ID? Message-ID: <930518193336_72114.1712_FHF64-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain _________________________________________________________________ SANDY SANDFORT ssandfort@attmail.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Punksters! I think some of you are seriously missing the point about the ANI capture of telephone numbers on calls made to 800 numbers. Yes, yes, yes, we are all smart cookies on this list. We can avoid having ANI capture our number if we want to. SO WHAT? The insidious thing about the use of ANI is that the *general public* has no idea it exists. And this is because of the of lack of candor on the part of telcos and 800 companies. As an example, the Bank of America includes a newsletter with their statement. In a recent issue there was an item about WeTip, an 800 hotline. Here is an excerpt of what it said: "If you want to report information about any criminal activity, call WeTip at 1-800-78-CRIME and remember, DON'T give the interviewer your name. You will be assigned a code name and number." Now, WE know all that "code name" BS is just a smoke screen to make the mark think he is anonymous. Unfortunately, most folks don't know what we know. (Did YOU know your 800 calls were compromised, before I posted the callback number?) The folks at 1-800-STOPPER and FULL DISCLOSURE tell me that while most cellular phone systems currently release only trunk numbers to ANI, this is changing. One by one, they are being programmed to release the number of the actual cellular phone. Presumably, this is being done in preparation for Caller ID (and maybe to assist *legitimate* law enforcement needs?). S a n d y (arbitration volunteer) >>>>>>>> Please address e-mail to: ssandfort@attmail.com <<<<<<<< _________________________________________________________________ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peb@PROCASE.COM Date: Tue, 18 May 93 15:37:54 PDT To: anon03e2@nyx.cs.du.edu Subject: Re: Neural Nets to decrypt? Message-ID: <9305182236.AA11199@banff> MIME-Version: 1.0 Content-Type: text/plain In my experience, neural nets are good at generalizing across sparse data for recognizing patterns not seen before. GAs are more useful for converging (at an exponential rate giving Holland's schema theorem) on a solution to a problem. A GA is easier to train if the score is a continuous real number while most neural network implementations expect actual examples of what is in the set of things to be recognized. For a GA cryptoanalysis tool, a vector representing an experiment would be used as a genotype and the result could be the output of a specialized message detector (==1 if the text looks like plain English, ==.0001 if only a few words are seen, etc. (and of course it would need to detect file formats like that of compress)). Given this, a GA could find a solution. However, in learning theory, there are problems considered to be unlearnable and the standard example is encrypted information! The solution space could be like a plane with a single "needle" in it that is the solution with no hills in the general direction of the needle. This kind of solution space requires exhaustive search, unfortunately. It is difficult to characterize a solution space, but it is the key part--the mapping of a gene vector to a fraction representing the completeness of the solution is critical--and if it is completely flat with a needle, then it is not worth it. Alternatively, if it is completely random, then it also is not worth it. The solution space must be somewhere in these two extremes to be useful for a GA. Based on my limited experience with cbw (crypt breakers workbench), it is possible to get partial results (e.g., ex*lo*e -> explore and other words are then filled in) and zoom in the full solution, so based on that, a GA would be helpful. cbw is for an Enigma type machine and newer algorithms are much more sophisticated, so I don't know if the same kind of partial knowledge applies for RSA, DES3, IDEA cracking. Paul E. Baclace peb@procase.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: meyer Date: Tue, 18 May 93 19:46:55 PDT To: cypherpunks@toad.com Subject: Mixing ciphertext and plaintext Message-ID: <9305182056.AA12121@wixer> MIME-Version: 1.0 Content-Type: text/plain >Return-Path: >Subject: mixed plaintext and crypted text. >Date: Sat, 15 May 93 1:26:55 MDT > >Hey again, all. I've RTFM'd, and I don't even know if it can be done, but >does anyone know how I can have pgp display the un-encrypted AND the >decrypted parts of a message? Lets say my message goes like this: > >This is a plaintext message to tell you stuff that needs not be private. >BTW, can you find the subliminal message? ;^)j >-------- begin pgp block ----- >asdfkasjd;fThEjsflajslfjaslfjadfajs;flasjdaslfjasldfjalsj >asjlgfiuituqoNsAj;slkjasdifuoejrqlwfiasuokjel;rqwiuasdsii >asdfasljdflasjfdSuXsldfjalsjljeqljerwljrlejqlwjerlqwjerlq >elqrkjlasjl >134as >-------- end pgp block ------- > >Thanx a lot > >Yours virtually, >+-----------------------+-----------------------------+---------+ >| J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | >| | But, I was mistaken. |available| If you wish to mix plaintext and ciphertext in an email message then you can use Dolphin Encrypt. Let's say your message is to consist of P1/C2/P3, plaintext/ciphertext/plaintext, where C2 is ciphertext derived from plaintext P2. What you do is put P2 into a file F.TXT, then run Dolphin Encrypt with a command such as: DE E F.TXT F.ENC /t After you give Dolphin Encrypt the encryption key F.ENC will be a file which consists of pseudo-uuencoded ciphertext (that's what the "/t" is for). Run your mailer program. Write your P1. ASCII-upload F.ENC, which is your C2. (No need to mark the beginning/end of the ciphertext block.) Finish off with your P3 and send your message. The recipient captures the entire message as, say, G.ENC, then runs: DE D G.ENC G.DEC /t (Of course, she has to know the encryption key.) Dolphin Encrypt skips over P1 to get at C2 and writes G.DEC containing P2. Voila! For further info send me a snailmail address. -- Peter Meyer From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Duncan Frissell <76630.3577@CompuServe.COM> Date: Tue, 18 May 93 13:30:57 PDT To: Subject: GCHQ Question Message-ID: <930518202352_76630.3577_EHK24-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain >>>What does GCHQ stand for, and what does it do? Is it similar to the NSA?<< (Feyd Eli) The Royal Signals Establishment at Cheltenham, Gloucestershire, England is known as General Communications Head Quarters (GCHQ). It is also called 'Cheltenham' after its location. It performs many of the same sigint jobs as the NSA. There was a controversy a few years ago when the US wanted Maggie to outlaw (socialist) union membership by the Civil Service employees at GCHQ because the Regan administration considered it a security risk. Duncan From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: TWEETYBIRD@U.WASHINGTON.EDU Date: Tue, 18 May 93 17:44:57 PDT To: cypherpunks@toad.com Subject: It was I Message-ID: <34D32987CB3F8046E7@MAX.U.WASHINGTON.EDU> MIME-Version: 1.0 Content-Type: text/plain who was the source of the anonymous Mykotronix postings. Through certain leads I have been able to find more info and will let cypherpunks know as soon as is feasible. Please don't ask how I am doing it, I don't think I should reveal my sources. If anyone feels the need to verify my postings, please go ahead and post the results to this list. thank you, Tweetybird (Whistleblower From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Rusty Hoover Date: Tue, 18 May 93 16:01:56 PDT To: cypherpunks@toad.com Subject: macpgp question Message-ID: <199305182301.AA28005@sun.Panix.Com> MIME-Version: 1.0 Content-Type: text/plain Hi. Can anyone answer a question about MacPGP? My MaccPGP 2.2 seems to have developed a curious problem. I'm using it on a Mac Classic with system software 6.07. Both yesterday and today, I received a message from a friend, encrypted with my public key. When I downloaded this message from my Unix account to my Mac, it appeared on my screen as an MS Word icon. (MS Word is the word processing program I use.) I launched MacPGP, and selected "Open/Decrypt" from the file menu, and up came the box with the list of files to choose from. I chose the just-downloaded message, and then, in the PGP message area, PGP gave me the following message: "File is encrypted. Secret key is required to read it. This message can only be read by: keyID: xxx You do not have the secret key needed to decrypt this file." But the key ID number listed **is** in fact MY valid, working key ID !! Would anyone have any suggestions about why this is happening? Thanks, enormously, in advance. =============================================================================== Rusty Hoover | PGP 2.2 public key | Too much time, so little to do ... rusty@panix.com | by finger & e-mail | no, reverse that ... =============================================================================== From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Tue, 18 May 93 10:14:16 PDT To: kelly@pleiku.netcom.com Subject: Re: In-Reply-To: <9305180430.AA29340@toad.com> Message-ID: <9305182001.aa07917@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > it had been my understanding > that julf was going to newgroup alt.whistleblowers... Er... I definitely remember somebody else announcing he was going to create it... Anon.penet.fi (and especially MK II alias penet.anon.com) will definitely support it. Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 18 May 93 20:39:40 PDT To: cypherpunks@toad.com Subject: Mixing ciphertext and plaintext In-Reply-To: <9305182056.AA12121@wixer> Message-ID: <9305190336.AA04656@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >If you wish to mix plaintext and ciphertext in an email message then >you can use Dolphin Encrypt. What cryptosystem does Dolphin Encrypt use? Is the algorithm published somewhere? Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: anon03e2@nyx.cs.du.edu (Fallen Angel) Date: Tue, 18 May 93 22:25:45 PDT To: cypherpunks@toad.com Subject: PGP and offline-readers Message-ID: <9305190525.AA15440@nyx.cs.du.edu> MIME-Version: 1.0 Content-Type: text/plain I am getting involved in networking some local BBS' and message bases. One of the primary functions of this network will be to serve as a library for PGP keys and to use PGP in sending messages. Now, if people read their messages offline, is there any offline readers that exist that integrate PGP (all this is IBM based) or is there an easy way to do this. Ideally, I want to avoid having to decrypt each message individually and would like PGP interfaced so that it could recognize a message header, apply th eright key, and output in the reader. I am probablky asking for too much. Does anyone have any experience/advice w/ this tpye of large scale implementation of PGP? I know the need to encrypt most of the messages will be small, but I think it is important to get these people so familar w/ encryption, they won't be scared and will defend it when the need arises. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Tue, 18 May 93 23:03:06 PDT To: anon03e2@nyx.cs.du.edu (Fallen Angel) Subject: Re: PGP and offline-readers In-Reply-To: <9305190525.AA15440@nyx.cs.du.edu> Message-ID: <9305190602.AA27639@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain > I am getting involved in networking some local BBS' and message bases. > One of the primary functions of this network will be to serve as a > library for PGP keys and to use PGP in sending messages. > > Now, if people read their messages offline, is there any offline > readers that exist that integrate PGP (all this is IBM based) or I'm working on one myself. I'm testing it now; its still kinda alpha at the moment. > is there an easy way to do this. Ideally, I want to avoid having to > decrypt each message individually and would like PGP interfaced so > that it could recognize a message header, apply th eright key, and > output in the reader. I am probablky asking for too much. Not at all. My system is currently geared toward UNIX, but can be modified to work with anything. ;^) Right now, I have to select the mail by hand, but the software xfers it and indexes it automaticly. Then I can select read and I get a menu of my messages to be read....index, sender, and subject. I have delete working. Also, I have send working quite well. You select Create to create a message. You then have a choice of editor. After you create a file, you have the option of calling the encryption menu to encrypt/sign it. Then you select send. You give the program the name of the file, who it goes to, and a subject. I have a script which dials the system, and uploads the mail with- out me being there. The benefits are that the plaintext never spends time on the mainframe, and you control the keys. I have a few features to add. I want to add multiple-hosts capability, aliases, and automatic encryption. I'm writing this sytem in 4dos batch language and telix communication scripts. I'm doing it this way because it's a great developement language with lots of high-lever tools. I'm quite prowd of how it's working. I'm also thinking of porting it to C. > Does anyone have any experience/advice w/ this tpye of large scale > implementation of PGP? I know the need to encrypt most of the messages > will be small, but I think it is important to get these people so > familar w/ encryption, they won't be scared and will defend it when > the need arises. I agree totally! This is important. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | | But, I was mistaken. |available| | +-----------------------------+---------+ | mdiehl@triton.unm.edu | "I'm just looking for the opportunity | | mike.diehl@fido.org | to be Politically Incorrect! | | (505) 299-2282 | | +-----------------------+---------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Derek Atkins Date: Tue, 18 May 93 23:19:25 PDT To: J. Michael Diehl Subject: Re: PGP and offline-readers In-Reply-To: <9305190602.AA27639@triton.unm.edu> Message-ID: <9305190619.AA23157@toxicwaste.MEDIA.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain If at all possible, I recommend using the Key Servers for Key Distribution... It already solves the key distribution problem not only on your own network, but around the world... No reason to re-invent the wheel... Enjoy! -derek From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: sjw@liberty.demon.co.uk (Stephen J. Whitrow) Date: Tue, 18 May 93 21:39:19 PDT To: cypherpunks@toad.com Subject: Re: Question (GCHQ) Message-ID: <3223@sjw@liberty.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain I live not too far away from Cheltenham, and I can confirm that the UK Government would have rather a hard job ever denying the existence of GCHQ. As you leave the M5 motorway at junction 11, taking the dual carriageway into Cheltenham, the signposts for GCHQ can't be missed. (Left at the second roundabout.) The building is visible to anyone driving into Cheltenham. (If you carry on towards the town centre for another mile or so, the Police HQ building has a rather impressive aerial on its roof, albeit comparable to other Police HQs.) It seems reasonable to believe that the various secret service agencies have reciprocal arrangements to tap each other's citizens. E.g. the American agencies tap the Royals' phones, then repeatedly rebroadcast the tapes using powerful transmitters, so they're almost certain to be picked up by some radio ham, or retired bank manager with a scanner, within a day or two. Steve Whitrow sjw@liberty.demon.co.uk From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stanton McCandlish Date: Wed, 19 May 93 04:15:09 PDT To: cypherpunks@toad.com Subject: No FTP? You can still get PGP *UTILITIES*! Message-ID: <9305191115.AA09497@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain Due to legal threats from RSA, I cannot distribute PGP itself. I am not sure about the legalities of distributing source code for it. Anyone know? ANYWAY: if you need the latest PGP/RSA utils, likely useful for any number of encryption programs, and can't get them via FTP, try calling the BBS listed in the .sig below. Look in the CRYPTO file area. You may logon as Anonymous, password GUEST, if you wish. I have the latest versions of the utils distributed with PGP22, much improved over that release, and direct from the author. I also have Fido-tech mail utils, public key-rings, etc. Due to a corrupt user data file, the system will be down for a few days, but try calling AFTER May 20th, and get the goodies you need! Please keep in mind that after 11pm, and on weekends, tends to be the cheapest rate periods for most phone extortionists I mean companies. PS: there is no charge, other than standard phone extortion of course, for utilizing NitV BBS. Full access on first call. -- Testes saxi solidi! ********************** Podex opacus gravedinosus est! Stanton McCandlish, SysOp: Noise in the Void Data Center BBS IndraNet: 369:1/1 FidoNet: 1:301/2 Internet: anton@hydra.unm.edu Snail: 8020 Central SE #405, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stanton McCandlish Date: Wed, 19 May 93 05:03:08 PDT To: cypherpunks@toad.com Subject: BBSs under fire! (or on fire, if BATF gets into the act!) Message-ID: <9305191203.AA09712@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain I'd like to invite discussion, either private or listwise, on: Why is the govt. targetting BBSs? I note Eric S. Raymond accuses the govt and its mouthpieces of using the largely manufactured horror of 'kiddie porn' as a "fait acompli", to yank the rug from under our feet when we take exception to the idea that the U.S. Govt. should have the authority to inspect our private lives and operations. Not to mention also using the treat of 'terrorism' and 'dangers to national security' et al. ad nauseum. I'd like to tell you a short anecdote: I frequently grep the entire disk system here for accessible .GIF files. I need them for my BBS, and even though this grepping about hogs CPU time, it is certainly less bandwidth costly than firing up a full FTP session to go hunting for such "warez". Inevitably, many of these graphics files are 'porno'. Also inevitably a few are 'illegal' porno, such as that featuring beastiality and or nude children. Most of these appear to originate from the orient and from Europe. I have no use for such materials, but apparently someone does. I did an experiment. Noting the filenames, I looked about in alt.binaries.pictures.erotica, and did an xarchie search, and many of these files are available from US educational institutions, via both FTP archives (usually in the uploads area -- I am confident that the maintainers of such sites ditch this stuff in a jiffy. There are exceptions, however) and the UseNet system. Now, maybe I missed something, but I have yet to see the secret service raid ftparchive.blah.edu, or UNM where I work, for 'pandering'. Yet BBSs get raided for SUSPICION of having such material, and get their equipment con- fiscated. I am pissed off enough that I am having a hard time even formulating my displeasure into a logical post, but here goes anyway: 1) who gave the govt the right to distribute this material, and deny others to do so (for whatever reason) - these universities ARE part of the govt. 2) why is the govt scapegoating BBSs? Are we THAT 'dangerous and subversive'? 3) why is it that people in general cannot see this BS for the BS it is? Is it REALLY so hard to see that "terrorism" and "kiddie porn" are not real threats, but that stomping all over our privacy rights IS? 4) why is nothing much really being done about these civil rights violations? The SJG case is a case in point. EFF did plenty to help out, but where was the ACLU? I see lots of NETTERS mad about clipper, but where is the media blitz? Where are the demonstrations on the White House lawn? Are the people in this country really so apathetic? Where is the outcry over the Waco massacre? For a govt to willy-nilly burn a bunch of children to death and lie like hell to the people the whole time, is enough to start a civil war in a lot of places, yet here it's just another "oh well". Well before I really get lost here, I will just finish up by saying that I became a BBS system operator with enthusiasm and happiness, and now find my self embroiled in the fringes of a bitter war, and one which the general populace seems 100% ignorant of. I don't care what Mike Godwin says, the media DO see BBSs as a threat. I just got word that the article that was supposed to be done by a local paper on BBSs in our area was nixed. I don't like conspiracy theories, but christ, it is almost impossible to get the media to do anything on the online world that is not negative; the only VR-oriented movie I have ever seen was a horror film designed to turn people OFF the idea (_Lawnmower_Man_), MTV wants to do stories about neo- nazis using BBS for their goals; the media worked hand in hand with the govt in the Waco mess, and now the media are generally silent, even supportive, about the clipper; I try to do my part in distributing crypto, and get legal threats from a govt. contractor... What gives? How far is this going to go? -- Testes saxi solidi! ********************** Podex opacus gravedinosus est! Stanton McCandlish, SysOp: Noise in the Void Data Center BBS IndraNet: 369:1/1 FidoNet: 1:301/2 Internet: anton@hydra.unm.edu Snail: 8020 Central SE #405, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stanton McCandlish Date: Wed, 19 May 93 05:39:12 PDT To: cypherpunks@toad.com Subject: Dolphin Encrypt Message-ID: <9305191239.AA09886@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain I too would like more info on this subject! Guess all us yokels at UNM are clueless or something. My question is, how does the recipient get the key, and how do they (she, whatever) know to use that long de command? What would happend if they didn't, just get gibberish? > > The recipient captures the entire message as, say, G.ENC, then runs: > > DE D G.ENC G.DEC /t > > (Of course, she has to know the encryption key.) Dolphin Encrypt > skips over P1 to get at C2 and writes G.DEC containing P2. Voila! > > For further info send me a snailmail address. See below for snail address... -- Testes saxi solidi! ********************** Podex opacus gravedinosus est! Stanton McCandlish, SysOp: Noise in the Void Data Center BBS IndraNet: 369:1/1 FidoNet: 1:301/2 Internet: anton@hydra.unm.edu Snail: 8020 Central SE #405, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: judic@sunnyside.com (Judi Clark) Date: Wed, 19 May 93 07:03:42 PDT To: Stanton McCandlish Subject: Re: BBSs under fire! (or on fire, if BATF gets into the act!) Message-ID: <199305191403.AA03433@snyside.sunnyside.com> MIME-Version: 1.0 Content-Type: text/plain >I'd like to invite discussion, either private or listwise, on: Why is the govt. >targetting BBSs? Welcome to the real, growing, dangerous world, Stanton, where all your fears are true. judi From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stanton McCandlish Date: Wed, 19 May 93 07:21:03 PDT To: cypherpunks@toad.com Subject: Re: MCI, Sprint or bust ... In-Reply-To: Message-ID: <9305191420.AA11446@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain > AT&T won't get my business until they discontinue using Clipper. > Somehow, I get the feeling that may be when hell freezes over. ... > I urge anyone who is seriously concerned over Clipper to put their > money where their mouth is - boycott AT&T. Already done so. Using MCI also, though their "Friends and Family " plan stinks of bigbro also. What better why to catch up with those who skip out on their phone bills than getting the names and phone numbers of all their "friends and family", eh? In case any corporate spies from AT&T are reading: Not only do you lose my phone service, but your AT&T-Paradyne branch just lost out on modem sales too. Which is just too bad. AT&T-P. had THE best sysop-discount deal on 14400bps modems. I was all ready to buy a couple of them. Tsk tsk. -- Testes saxi solidi! ********************** Podex opacus gravedinosus est! Stanton McCandlish, SysOp: Noise in the Void Data Center BBS IndraNet: 369:1/1 FidoNet: 1:301/2 Internet: anton@hydra.unm.edu Snail: 8020 Central SE #405, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stanton McCandlish Date: Wed, 19 May 93 07:37:20 PDT To: judic@sunnyside.com (Judi Clark) Subject: Re: BBSs under fire! (or on fire, if BATF gets into the act!) In-Reply-To: <199305191403.AA03433@snyside.sunnyside.com> Message-ID: <9305191436.AA11807@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain > >I'd like to invite discussion, either private or listwise, on: Why is the govt. > >targetting BBSs? > > Welcome to the real, growing, dangerous world, Stanton, where all your fears > are true. Doesn't help much. >:) I just want to know what it is about BBSing that scares the out of the govt. Why are porno, crypto, and people saying what the want to, somehow more threating on BBSs than about 10x as many people doing the same thing on govt "controlled" educational systems? If the govt really really sees these things as dangerous, would it not be wiser to take care of the "cancer" in one's own body than worry about the health of others? Maybe the govt. is just totally irrational, or something. Not saying anyone should put a stop to alt.binaries.pictures.erotica, I could care less if people like spending inorinate amounts of time uudecoding spotty nudie pics. But the whole rationale behind attacking BBSs seems, like I said, ir- rational... -- Testes saxi solidi! ********************** Podex opacus gravedinosus est! Stanton McCandlish, SysOp: Noise in the Void Data Center BBS IndraNet: 369:1/1 FidoNet: 1:301/2 Internet: anton@hydra.unm.edu Snail: 8020 Central SE #405, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Arthur R. McGee" Date: Wed, 19 May 93 09:03:42 PDT To: Stanton McCandlish Subject: Re: BBSs under fire! (or on fire, if BATF gets into the act!) In-Reply-To: <9305191436.AA11807@hydra.unm.edu> Message-ID: MIME-Version: 1.0 Content-Type: text/plain It's VERY simple Stanton. Look at the difference. BBSs are still relatively small standalone "islands", even when they are hooked up to Fido, RIME, etc. networks. They are a LOT easier to pick on. The "net" however is essentially many seperate systems and one HUGE system all at the same time. They realize that to tackle one particular site or even many sites, really doesn't do anything. The net is like a funhouse with too many "mirrors." The only way to have any effect would be to change the rules of the net itself, saying that, for example, "pornography" is not allowed. This, as we all know, along with all the other rules they would likely impose, would kill the net DEAD("yeah", I know, poor english, but you get my point). Also, the size of the net and the somewhat seemless connection between the numerous networks, would STILL allow people to pass the information around without law enforcement having a clue. In addition, the fact that so much of the net is in some way either owned by, sanctioned by, or located on government or university property(as you mentioned), pretty much precludes law enforcement from doing anything. They can't cut off their own arm. It would be the gov't vs. the gov't. Like a dog chasing it's own tail trying to bite it. Like Internal Affairs. Like "Independant" Internal Investigation. Right! They don't mean a d**n thing. Art On Wed, 19 May 1993, Stanton McCandlish wrote: > I just want to know what it is about BBSing that scares the matter here> out of the govt. Why are porno, crypto, and people saying > what the want to, somehow more threating on BBSs than about 10x as many people > doing the same thing on govt "controlled" educational systems? > If the govt really really sees these things as dangerous, would it not be wiser > to take care of the "cancer" in one's own body than worry about the health of > others? Maybe the govt. is just totally irrational, or something. Not saying > anyone should put a stop to alt.binaries.pictures.erotica, I could care less > if people like spending inorinate amounts of time uudecoding spotty nudie > pics. But the whole rationale behind attacking BBSs seems, like I said, ir- > rational... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Wed, 19 May 93 06:45:12 PDT To: cypherpunks@toad.com Subject: MCI, Sprint or bust ... Message-ID: MIME-Version: 1.0 Content-Type: text/plain I changed my telco service to MCI yesterday. "We want you back." AT&T won't get my business until they discontinue using Clipper. Somehow, I get the feeling that may be when hell freezes over. It leaves a bit to the imagination what the "i" in the "i" plan really stands for. Intelligence? Integrity-busters? Insecurity? I urge anyone who is seriously concerned over Clipper to put their money where their mouth is - boycott AT&T. Cheers. Paul Ferguson | "... certain unalienable Rights, Network Integrator | that among these, are Life, Liberty, Centreville, Virginia USA | and the pursuit of Happiness." fergp@sytex.com | -- The Declaration of Independence Stop the Wiretap (Clipper/Capstone) Chip. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: anon03e2@nyx.cs.du.edu (Fallen Angel) Date: Wed, 19 May 93 08:31:18 PDT To: cypherpunks@toad.com (cypher punks) Subject: Random numbers Message-ID: <9305191531.AA15131@nyx.cs.du.edu> MIME-Version: 1.0 Content-Type: text/plain One of the main factors in crypto seems to be a source of random numbers which most computers don't really have. Wouldn't it be ppossible to apply the Mafia-numbers-game solution? i.e. For your numbers (or seed for a large volume of numbers) take a random pubically accessible number like the last 3 digits of the attendance of a sporting event. I have never seen any formalizations, but that type of number should be as close to totally random as possible. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Clive" Date: Wed, 19 May 93 02:05:05 PDT To: "cypherpunks" Subject: REF ... GCHQ Message-ID: <9305190904.AA22545@toad.com> MIME-Version: 1.0 Content-Type: text/plain Ref the GCHQ question, I have posted to this group previously, ie yesterday, details on GCHQ, and I wish to take issue with >>>Duncan Frissell <76630.3577@CompuServe.COM> To: Original Question >>>What does GCHQ stand for, and what does it do? Is it similar to the NSA? Duncan replied >> The Royal Signals Establishment at Cheltenham, Gloucestershire, >> England is known as General Communications Head Quarters (GCHQ). >> It is also called 'Cheltenham' after its location. >> It performs many of the same sigint jobs as NSA. THIS IS WRONG ..... GCHQ stands for the Government Communications HeadQuarters. They are part of the Foreign and Commonwealth Office. They have NOTHING to do with the Ministry of Defence. The Royal Signals Establishment, when it existed, it closed in about 1970 was located at Christchurch. It amalgamated with the Royal Radar Establishment at Malvern to form the Royal Signals & Radar Establishment (RSRE) with the prime site being at Malvern. They were once more reformed 2 years ago to become the Defence Research Agency, which includes the prime non-nuclear research establishments in the UK. FYI these are RSRE at Malvern, at Fort Halstead the Royal Armaments Research & Develeopment Establishment, at Farnborough the Royal Aircraft Establishment and at Portland, the Admiralty Research Establishment (They upset the monarchy about the turn of the century and as a result have never received the Royal Charter) Let me say again that GCHQ or it's groups have nothing at all to do with the MoD and that the Royal Signals Establishment (or even the Royal Signals & Radar Establishment) are not located at Cheltenham and are not associated with GCHQ!!!! Clive Walmsley Walmsley@ccint1.rsre.mod.uk From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: stub23 Date: Wed, 19 May 93 10:03:36 PDT To: cypherpunks@toad.com Subject: Boycotts Message-ID: <199305191703.AA19033@orion.oac.uci.edu> MIME-Version: 1.0 Content-Type: text/plain well i dont know about boycotting AT&T if you do, i would reccomend that you write a letter to them telling them EXACTLY why you dropped their service because boycotting someone without telling them that you are doing it is pointless i like AT&T more than Sprint or MCI as companies but then again i used to work for AT&T so im kinda biased... but i can guarentee that SPrint and MCI are more evil than AT&T and using ANI was something i did as part of my life its how i worked out billing, although it DOES provide a means for finding out your phone number whne you might not want it known its main use is billing and NO, most people dont know about it so what do WE do to educate them? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peter honeyman Date: Wed, 19 May 93 07:44:07 PDT To: cypherpunks@toad.com Subject: Re: MCI, Sprint or bust ... In-Reply-To: Message-ID: <9305191444.AA01544@toad.com> MIME-Version: 1.0 Content-Type: text/plain i think it's naive to boycott at&t over clipper. i'm sure mci and sprint are the same sort of villains as at&t. what makes more sense is to buy some at&t shares and force the issue at the next stockholders' meeting. in fact, this might be a great consciousness-raising vehicle: we could get a statement included in the proxy booklet and force a stockholder vote. as a stockholder (of about 20 shares, due to my previous life as a bell labs mts), i see cranks getting space in the booklet every year. how do they do that? peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peb@PROCASE.COM Date: Wed, 19 May 93 11:24:47 PDT To: anton@hydra.unm.edu Subject: Re: MCI, Sprint or bust ... Message-ID: <9305191822.AA11429@banff> MIME-Version: 1.0 Content-Type: text/plain >though their "Friends and Family " plan stinks of bigbro also Hah! Sprint is even better at this. They have a new service where they `help you move'; you give them the addresses of all entities that need address changes (!) and they do it all for you. They pay for the postage, all you have to do is eliminate your privacy in exchange. Paul E. Baclace peb@procase.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Wed, 19 May 93 08:45:41 PDT To: Stanton McCandlish Subject: Re: BBSs under fire! (or on fire, if BATF gets into the act!) In-Reply-To: <9305191203.AA09712@hydra.unm.edu> Message-ID: <9305191545.AA01568@dun-dun-noodles.aktis.com> MIME-Version: 1.0 Content-Type: text/plain >> Now, maybe I missed something, but I have yet to see the secret service raid >> ftparchive.blah.edu, or UNM where I work, for 'pandering'. You missed it. It has happened. MIT used to run an alt.sex.bondage stories server. Someone would read a.s.b., cull out the stories and make them available for anonymous ftp. Well, a while ago (2-3 years) a guy named Joe Abernathy from the Houston Chronicle wrote a story about the Internet, and mentioned the asb archive. This got up to the highest level of the NSF management, and MIT was threatened to take down the server, or have their connection cut. This was a big deal within MIT, since MIT is extrememly progressive about virtual data. They have a policy to take the ECPA seriously, and they really did regard this as censorship. But the NSF did not seem to be bluffing, so MIT told the organization running the server that it had to be taken down, and why. The organization agreed, since they didn't want to be cut off the net either. It takes an extremely strong idealist to stand up to this sort of pressure, and MIT just wasn't up to it. I really can't blame them. Today, maybe they could do it, since the net is much more in the public's eye, and there are organizations like EFF and CPSR to support them. So, don't feel singled out. The gov't isn't just targetting the little guys. >> 1) who gave the govt the right to distribute this material, and deny >> others to do so (for whatever reason) - these universities ARE part of >> the govt. Laziness, not intent. If someone made a big stink, unm would feel it, I promise. >> 2) why is the govt scapegoating BBSs? Are we THAT 'dangerous and >> subversive'? No, you're easy targets, and closing down kiddie porn distribution looks real good on the personnel evaluation. >> 3) why is it that people in general cannot see this BS for the BS it is? >> Is it REALLY so hard to see that "terrorism" and "kiddie porn" are not real >> threats, but that stomping all over our privacy rights IS? People in this country are soft. They don't see the government as a threat. They also smoke too much and rot their brains with TV. "Never attribute to malice that which can be adequately explained by stupidity." >> 4) why is nothing much really being done about these civil rights >> violations? The SJG case is a case in point. EFF did plenty to help >> out, but where was the ACLU? The EFF did a fine job. The ACLU wasn't needed here. If they were, I hope they would have done something. The fact is, you haven't experienced any civil rights violations, and the Clipper Chip, although enabling them, does not cause them. You can't take the government to court because you think they're evil. They have to screw up first, and they are, in general, careful about provably screwing up. >> I try to do my part in distributing crypto, and get legal threats from >> a govt. contractor... They have rights to that software. Plaster the universe with DES software; nobody will touch you. RSA does not want to cut off all crypto; they're just trying to make money off what they own. Would you be upset if Playboy's lawyers sent you a letter ordering you to get the digitized centerfolds off your BBS? It's exactly the same thing. >> What gives? Look at the newspaper. Open to a random page. Do you see a story about public service in your town, or about a police officer who got shot yesterday? Happy, peaceful, nice doesn't sell. The media focuses on death, violence, and stuff like that because it's what people want to watch. Nazis (Oops. It's a flame. The Nazis got mentioned :-) and pornography are just the equivalents in the networking world. People could care less about all the good things that happen. They want to be reminded about all the bad things in the world, so their own lives seem a little less miserable. >> How far is this going to go? Too far. It already has. I wish I could tell you when it would stop. Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Wed, 19 May 93 11:55:18 PDT To: cypherpunks@toad.com Subject: FTP: new materials on the archive Message-ID: <9305191851.AA19299@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain I've done a bit of archive maintenance in the last week. A bunch of the Clipper info I had has been cleaned up and posted. I've put up the sci.crypt FAQ, which I would like everyone who has basic questions to read, as well as L. Detweiler's Anonymity on the Internet FAQ. Enjoy. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Wed, 19 May 93 09:22:44 PDT To: CYPHERPUNKS Subject: Re: BBSs under fire! Message-ID: <930519161458_74076.1041_FHD73-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- I agree with Stanton that BBS's have a rather unsavory image in the media and the public at large, compared with Usenet. A lot of people think of BBS's as meeting grounds for malicious hackers, whereas most people have never heard of Usenet. Here are some possible reasons for the difference: 1) BBS's are often used by kids. Parents see them using the computer to access BBS's. Usenet is available mostly to college campuses, research labs, and corporations. Lay people never see it operating. Usenet is largely based on Internet, which exists for research purposes. 2) People who use Internet tend to be college students and professional adults. They are more articulate and better able to defend their interests than most BBS users. 3) Usenet is decentralized but largely accountable. People who post objectionable material can be traced and recorded. On BBS's most posters are completely anonymous - only the operators are known. Perhaps the govern- ment feels more comfortable being able to monitor those who post material it doesn't want to see. And there are many cases where people have gotten into trouble for Usenet postings. A few months ago there was discussion on comp.org.eff.talk about a student at a large Northeastern university who got in legal trouble for posting possible child porn, including visits from the FBI. A few weeks ago in comp.admin.policy there was discussion about someone who posted what could be interpreted as a desire that Clinton die, and whose office was visited by the Secret Service shortly afterward. These things could not be done on a BBS, or only the operator could be investigated. Note also that our efforts for providing anonymity on Usenet threaten this capability. It's interesting to see how many of the vested interests on Usenet (system operators and such) opposed anonymity and have been working to shut it down. 4) All Usenet traffic could be monitored from a central location. To monitor all postings on all BBS's would be far more difficult. There could be all kinds of wild things being discussed on random BBS's here and there and the government would never know about it. This isn't true of Usenet. 5) Some BBS's have had illegal activities as their major purpose, including telephone fraud (exchanging stolen credit card numbers). Such activities would not be possible on Usenet. 6) BBS's often have cute or clever names that make them sound frivolous or childish. Usenet newsgroups and systems have functional names. Here is a list of local BBS systems I found: The Birdhouse BBS The Bowhead Whale BBS Buddha's Place BBS The Cat's Meow Network /dev/bbs Eco BBS The Enright House Enterprize BBS Fat Aggies The Haunted Castle of Alchemists The Haunted Manor Idiots Eternal Legal Plus Service BBS The Library Annex Manhattan Network XXIII Prevailing Winds Research BBS Reality Ltd. Santa Barbara Jaycees BBS SBCC BBS Swagland BBS The Seaside The Silican Embassy The Thunder Penguin The Wett BBS The Wimp There are some legitimate-sounding systems here, but a lot of them sound like they don't have a useful purpose. === In making these comparisons I don't mean to attack BBS operators or users, just to identify some differences in perception between BBS's and Usenet, which after all do have a lot of similarities in how they are used. I think that as more BBS systems connect to the net the line between BBS's and Usenet will blur. Also, if our efforts succeed to provide anonymity on the Internet the government will not be able to track objectionable postings to their source. Probably at that time Usenet itself will be attacked due to the threat it will present to those in power. Hal Finney 74076.1041@compuserve.com -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK/oyD6gTA69YIUw3AQEY5QP/V3nsvcpJfJKq/91KB2iX9B3mmDriYZ1j XY2lr9+0p8/EutEd/AGvcn8p5LkUqERqvylzSSAhswrinqB9lw+bjf8T0PpjsoxX 01ftHNPHiZO/uPCWvsjmsaKATduNesnOmNgOFxMFN7Dp+KmcchjKwl3coBQbOY9J W9Ijlv2RV/I= =JERo -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Wed, 19 May 93 09:57:20 PDT To: jrk@information-systems.east-anglia.ac.uk (Richard Kennaway) Subject: Re: alt.whistleblowers In-Reply-To: <9667.9305191619@sys.uea.ac.uk> Message-ID: <9305191657.AA01659@dun-dun-noodles.aktis.com> MIME-Version: 1.0 Content-Type: text/plain >> It would seem in keeping with the spirit of alt.whistleblowers for the >> newgroup to be performed anonymously. Does anon.penet.fi support the >> control newsgroup? :-) More seriously, why doesn't everyone who knows how >> and wants the group created simply forge an anonymous creation message? Because then all the news admins who don't like anonymity (most of them) will refuse to honor the newgroup, and the group will die. Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Wed, 19 May 93 11:15:13 PDT To: cypherpunks@toad.com Subject: RICO Message-ID: MIME-Version: 1.0 Content-Type: text/plain Can anyone suggest an available electronic transcript containing the verbage of the RICO Act? I'm sending an ARCHIE search, but I thought someone on the list may know where to find this info. Cheers. Paul Ferguson | "... certain unalienable Rights, Network Integrator | that among these, are Life, Liberty, Centreville, Virginia USA | and the pursuit of Happiness." fergp@sytex.com | -- The Declaration of Independence Stop the Wiretap (Clipper/Capstone) Chip. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: corwin@Cayman.COM (Lord Among Panthers) Date: Wed, 19 May 93 11:11:05 PDT To: cypherpunks@toad.com Subject: A good venue for distributing Clipper info perhaps Message-ID: <9305191810.AA17912@cuba.Cayman.COM> MIME-Version: 1.0 Content-Type: text/plain Topic> npr Station: Internet Multicasting Service Channel: Internet Town Hall Program: National Public Radio meets the Internet Release: May 21, 1993, 2-3PM EDT Content: Talk of the Nation/Science Friday On May 21, we will be joining the Internet to National Public Radio for a special edition of Talk of the Nation/Science Friday. Host Ira Flatow will field questions from users sitting in front of computers as well as users sitting next to telephones. Questions from the Internet will come from videoconferencing tools on the Multicast Backbone (MBONE) using a gateway provided by Ron Fredrick and Steve Deering of Xerox PARC. (If you don't have MBONE connectivity now, you probably won't have it by Friday. To learn more about the multicast backbone, ftp to isi.edu and get the file /mbone/faq.txt. If you do have MBONE connectivity, check SD for a listing for Internet Town Hall.) In addition to the audio link, we will have two other ways to participate. First, starting now, you can send mail to ira@radio.com with your comments and questions. Some of this mail may be read as part of the show. We encourage you to narrow your your comments to the subject of the Internet, how it is used, and the future of networking in the western world. Second, with the help of Rick Gates, we will be conducting an Internet Treasure Hunt and reading the results over the air. The purpose of the hunt is to illustrate the diversity of methods and data available on the network. The questions will be posted on the network 24 hours before the show and will be read by Ira Flatow at the beginning of the show. Even if you don't participate with a computer for this show, we hope you will listen to your local National Public Radio affiliate. Guests will include Carl Malamud, Brewster Kahle, and Tim O'Reilly. For those of you that have computers but no NPR affiliate, we will tape the show and send it out as an audio file approximately 48 hours after it airs. Participants in the Internet Town Hall include Cornell University, the National Press Club, the National Science Foundation, O'Reilly & Associates, Sun Microsystems, WAIS, Inc., Xerox PARC, and many others. Network connectivity for the Internet Town Hall is provided by UUNET Technologies. For information on Internet Talk Radio, write to info@radio.com. More information on Internet Town Hall will be available shortly. For a current, partial listing of sites, write to sites@radio.com. corwin From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Wed, 19 May 93 12:46:32 PDT To: cypherpunks@toad.com Subject: RE: MCI, Sprint or bust ... Message-ID: <978s4B1w165w@sytex.com> MIME-Version: 1.0 Content-Type: text/plain On Wed, 19 May 1993 10:43:53 -0400 peter honeyman wrote - > i think it's naive to boycott at&t over clipper. i'm sure mci > and sprint are the same sort of villains as at&t. Perhaps, but at least MCI or SPRINT has not publicly acknowledged the use of Government sponsored crypto. Insistance of naivete is subjective opinion. > what makes more sense is to buy some at&t shares and force the > issue at the next stockholders' meeting. Easier said than done. Cheers. Paul Ferguson | "... certain unalienable Rights, Network Integrator | that among these, are Life, Liberty, Centreville, Virginia USA | and the pursuit of Happiness." fergp@sytex.com | -- The Declaration of Independence Stop the Wiretap (Clipper/Capstone) Chip. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marianne Mueller Date: Wed, 19 May 93 14:43:05 PDT To: cypherpunks@toad.com Subject: Consider "Working Assets" phone service instead of AT&T Message-ID: <199305192142.AA25642@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Another option to AT&T long distance service is something called Working Assets. Quoting from their bill, "Every time you call long distance with Working Assets, a percentage of your charge goes to nonprofit action groups that are working for a better world. These donations are made by Working Assets at no extra cost to you. ... For a list of groups Working Assets has funded in the past, send a self-addressed stamped envelope to 701 Montgomery Street #400 San Francisco, CA 94111 ... You automatically get a discount of up to 15% on interstate calls, depending on your monthly calling volume. And you automatically get a 20% Friendship Discount (indicated by and "F" on the bill) when you call another member of the Working Assets Long Distance network. ... Working Assets is the only phone company to sign the Valdez Principles, committing ourselves to environmental responsibility." (The bills are on 100% postconsumer recycled paper, unbleached, and they plant 17 trees for every ton of paper they use.) You can contact Working Assets by calling 1-800-788-8588 (let's face it, a phone company is going to know your number) or write them at the above address. If you tell them I recommended you, I get $10 off my bill, but you don't have to do that. I'm recommending them because I think they are a great option to AT&T, not because I want $10 off my bill! I chose Amnesty International as the nonprofit that gets donations when I make long distance calls. I think Working Assets has dozens of nonprofits you can choose from. And hey, celebrity endorsement: Ralph Nader goes around urging everyone to sign up with Working Assets. Cheerios, Marianne From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: sneal@muskwa.ucs.ualberta.ca (Sneal) Date: Wed, 19 May 93 13:49:36 PDT To: cypherpunks@toad.com Subject: BBSs under fire! Message-ID: <9305192048.AA14496@muskwa.ucs.ualberta.ca> MIME-Version: 1.0 Content-Type: text/plain Stanton McCandlish writes: >I'd like to invite discussion, either private or listwise, on: Why is >the govt. targetting BBSs? I suspect that a lot of law enforcement agencies are worried about their budgets right now, and in response, they've made a point of going after easy targets with high publicity value: i.e. people who lack resources to mount a strong defense, and who are looked upon with suspicion by the mainstream. BBSs, Branch Davidians, and now health food stores, fall nicely into this category. To be a successful bully, you've got to find victims who can't fight back. Further, if LawEnf can push a lot of hot buttons in their press releases about the raid ("kiddypornterroristdrugdealingmurphybrownpotatoe"), they can count on lots of media attention, which is always good when budget time comes... politicians are reluctant to put the axe to the heroes of the day. I also suspect that Big Brother is becoming peripherally aware that the uncontrolled, unmonitored, and extremely rapid flow of information via "new media" (a disreputable phrase, but there ya go) is a threat to the existing power structure. Alvin Toffler does a good number on this in "Powershift" (nice title, thanks a LOT, Alvin; why don't you just TELL the bad guys what's going on??!). The spooks and their bedfellows (ENCRYPTED OFFENSIVE STATEMENT FOLLOWS Bt Epspuiz Efoojoh mjlft up tbz, "Uif OTB dbo bmxbzt gjmm jo uif ipmft!" END OFFENSIVE STATEMENT) have always counted on being able to keep tabs on who's saying what, and to find and squelch troublemakers that get too far out of line. The proliferation of BBSs drastically increases the number of "pressure points" needed to control information flows in any meaningful way. Add strong crypto to geometrically expanding information paths, and you've got a spook's nightmare. Not only does the head of the NSA have to hire new guys to monitor all the BBSs, but now he's got to buy a bunch more Crays to keep up with the crypto traffic. The poor guy must be swimming in his shorts..."My GOD! What if somebody SAYS something BAD and I DON'T KNOW ABOUT IT??!". -- Steve From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Paco Xander Nathan Date: Thu, 20 May 93 12:11:48 PDT To: cypherpunks@toad.com Subject: Re: MCI, Sprint or bust ... In-Reply-To: <9305191444.AA01544@toad.com> Message-ID: <9305191949.AA28828@wixer> MIME-Version: 1.0 Content-Type: text/plain "Sent from the cyberdeck of: peter honeyman" > > what makes more sense is to buy some at&t shares and force the issue > at the next stockholders' meeting. in fact, this might be a great > consciousness-raising vehicle: we could get a statement included > in the proxy booklet and force a stockholder vote. as a stockholder > (of about 20 shares, due to my previous life as a bell labs mts), i > see cranks getting space in the booklet every year. > how do they do that? Hear, hear from another former Bell Labbie MTS.. (of course, we were in Network Support and used to have our _vendors_ call back collect if we knew they used Sprint, because the sound was so much better :-) AT&T *does* have a lot of twisted stockholder proposals. They also have more "ma & pa" individual investors than most large firms, as opposed to VC & institutional votes, so the mgt feels VERY sensitive toward shareholder votes. That's the price a firm must pay for cutting a regular dividend for N decades.. In fact, the mgt is so sensitive that they even have a near-mandatory payroll deduction program for employees to support their PAC. Really fucked! All it takes is just one share and you can propose an item for vote, but I think you need many more shareholders to join in before the vote will get anywhere near the proxy ballot. You can bet that AT&T mgt will do everything they can to discredit and/or block any vote they haven't initiated themselves. Even so, we researched this form of "protest" as a much more effective alternative to "boycotts" (which are frankly impossible in a post-industrial economy anyways) during the piss-test conflict at . Any brokers or VC's here, ie. field experts? Twas part of my "12-Step Program To Kill Corporate Drug Testing" published recently in Urine Nation News. The other corporate juggler vein to swat with a machete is to approach to a firm's first/second tier customers and find a neato way to give them the shivers about the firm's offensive programs.. Like Apple wasn't exactly pleased when started mumbling about insuring that all its biz partners enforced drug testing as well so that they could chalk up even more Malcum Balddick awards from the Republicans.. Mind you that AT&T earns its lunch money from corp & govt work combined with legislative tax breaks, not so much from Jane R. Consumer.. If there was anyway to make AT&T's corp/govt customers paranoid about the Wiretap chip (as they well should be!) then AT&T might reconsider - quickly!! It's happened before.. Let's see, who among AT&T's bevy of cash cows might have a lil' sumthin' to fear from having their secure comm tapped by the Feds.. Let's see, how about mainland China? Or possibly Mobile Oil? Let's apply the leverage where it will ouch the most.. pxn. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Kent Hastings" Date: Thu, 20 May 93 09:21:10 PDT To: cypherpunks@toad.com Subject: Hargis T-raid Message-ID: <199305201620.AA04061@aerospace.aero.org> MIME-Version: 1.0 Content-Type: text/plain Hargis T-raid#000# The offices of Anthony L. Hargis were visited 5-18-93 by Treasury agents. Since 1976, Hargis operated a "bank that isn't a bank," using a Massachusetts Business Trust structure. The theory of operation was that a Trust recording gold Deposits and Transfer Orders was legally different than a Bank with Accounts and Checks. This bluff worked well for 15 years. Anthony's recent involvement with the State Citizens (a new tax protestor approach) may have triggered the raid. Or perhaps ALH was allowed to exist all these years to suck in more IRS victims. Account holders can assume the worst. Customers were not allowed in the door, and the computer records were not encrypted, despite my, and others, frequent suggestions. "Citizens don't need encryption" was the response in a nutshell. Citizens Do. Now, secure physical data links (perhaps using spread-spectrum modulation of radio and microwave) appear necessary for financial privacy. All the nice little tricks with mail drops and trusts may work in the short term, but only strong encryption and signal hiding will insure long term survival. Kent - kent_hastings@qmail2.aero.org. and From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jet@nas.nasa.gov (J. Eric Townsend) Date: Wed, 19 May 93 15:20:09 PDT To: cypherpunks@toad.com Subject: Consider "Working Assets" phone service instead of AT&T In-Reply-To: <199305192142.AA25642@well.sf.ca.us> Message-ID: <9305192220.AA00742@boxer.nas.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain The only downside to WA is that they won't issue a phonecard-only account (which is what I have with US Splice). From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Wed, 19 May 93 14:22:23 PDT To: sneal@muskwa.ucs.ualberta.ca (Sneal) Subject: Re: BBSs under fire! In-Reply-To: <9305192048.AA14496@muskwa.ucs.ualberta.ca> Message-ID: <9305192121.AA21257@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain > I suspect that a lot of law enforcement agencies are worried > about their budgets right now, and in response, they've made a point > of going after easy targets with high publicity value: i.e. people > who lack resources to mount a strong defense, and who are looked upon > with suspicion by the mainstream. BBSs, Branch Davidians, and now > health food stores, fall nicely into this category. To be a > successful bully, you've got to find victims who can't fight back. Nope, that's not it. If you can accuse a BBS sysop of a feloney, YOU CAN SIEZE HIS DAMN COMPUER!!!!!! And guess who gets the money from the sale of the (expensive) computer equipment....the LEA who "made the bust." Oh ya, and you come out smelling like a rose in ink too. Not a bad proposition for some District Attorney who wants to make a name for himself, hypotheticly speaking. > Further, if LawEnf can push a lot of hot buttons in their press > releases about the raid > ("kiddypornterroristdrugdealingmurphybrownpotatoe"), they can count > on lots of media attention, which is always good when budget time > comes... politicians are reluctant to put the axe to the heroes of > the day. Most laymen don't even understand what email is. So, "obviously those computer users are doing something illegal," so the thinking goes. And when the "authorities" say [insert your favorite subversive action], the average person believes it. > I also suspect that Big Brother is becoming peripherally aware > that the uncontrolled, unmonitored, and extremely rapid flow of > information via "new media" (a disreputable phrase, but there ya go) > is a threat to the existing power structure. Alvin Toffler does a > good number on this in "Powershift" (nice title, thanks a LOT, Alvin; > why don't you just TELL the bad guys what's going on??!). The spooks > and their bedfellows (ENCRYPTED OFFENSIVE STATEMENT FOLLOWS Bt > Epspuiz Efoojoh mjlft up tbz, "Uif OTB dbo bmxbzt gjmm jo uif ipmft!" > END OFFENSIVE STATEMENT) have always counted on being able to keep > tabs on who's saying what, and to find and squelch troublemakers that > get too far out of line. The proliferation of BBSs drastically > increases the number of "pressure points" needed to control > information flows in any meaningful way. That scares the Hell out of em, I'm sure. BTW, am I going to have to compile Cryptographic Work Bench, or is this crypt trivial and I'm too tired to see it? > Add strong crypto to geometrically expanding information paths, > and you've got a spook's nightmare. Not only does the head of the NSA > have to hire new guys to monitor all the BBSs, but now he's got > to buy a bunch more Crays to keep up with the crypto traffic. The poor > guy must be swimming in his shorts..."My GOD! What if somebody SAYS > something BAD and I DON'T KNOW ABOUT IT??!". I'm not even going to touch this one.... +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | | But, I was mistaken. |available| | +-----------------------------+---------+ | mdiehl@triton.unm.edu | "I'm just looking for the opportunity | | mike.diehl@fido.org | to be Politically Incorrect! | | (505) 299-2282 | | +-----------------------+---------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: smb@research.att.com Date: Wed, 19 May 93 12:34:02 PDT To: Marc Horowitz Subject: Re: BBSs under fire! (or on fire, if BATF gets into the act!) Message-ID: <9305191933.AA09988@toad.com> MIME-Version: 1.0 Content-Type: text/plain >> Now, maybe I missed something, but I have yet to see the secret ser vice raid >> ftparchive.blah.edu, or UNM where I work, for 'pandering'. You missed it. It has happened. MIT used to run an alt.sex.bondage stories server. Someone would read a.s.b., cull out the stories and make them available for anonymous ftp. It's happening again, even as we speak. The UNC public access system is being criticized by the local Fox TV station for providing access to ``pornography'' to kids. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Wed, 19 May 93 12:44:55 PDT To: smb@research.att.com Subject: Re: BBSs under fire! (or on fire, if BATF gets into the act!) In-Reply-To: <9305191933.AA09988@toad.com> Message-ID: <9305191944.AA05533@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain smb@research.att.com says: > >> Now, maybe I missed something, but I have yet to see the secret ser > vice raid > >> ftparchive.blah.edu, or UNM where I work, for 'pandering'. > > You missed it. It has happened. MIT used to run an alt.sex.bondage > stories server. Someone would read a.s.b., cull out the stories and > make them available for anonymous ftp. > > It's happening again, even as we speak. The UNC public access system > is being criticized by the local Fox TV station for providing access to > ``pornography'' to kids. Rupert Murdoch rides again -- hypocritical yellow journalism at its finest. I imagine the Fox folks would never dream of criticizing the Page 3 girls in all of Murdoch's UK papers -- which, after all, any kid can paruse at will. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: meyer Date: Thu, 20 May 93 12:12:42 PDT To: cypherpunks@toad.com Subject: Reply to queries concerning DE Message-ID: <9305192114.AA01882@wixer> MIME-Version: 1.0 Content-Type: text/plain >From: Stanton McCandlish >Subject: Dolphin Encrypt >To: cypherpunks@toad.com >Date: Wed, 19 May 93 6:39:04 MDT > >> The recipient captures the entire message as, say, G.ENC, then runs: >> >> DE D G.ENC G.DEC /t >> >> (Of course, she has to know the encryption key.) Dolphin Encrypt >> skips over P1 to get at C2 and writes G.DEC containing P2. Voila! > >My question is, how does the recipient get the key, >and how do they (she, whatever) know to use that long de command? >What would happen if they didn't, just get gibberish? 1. I'm sure Stanton is aware (though perhaps there are some people who are not) that there were cryptosystems in existence before PGP, and before public key cryptography was invented. DES is an example. Such cryptosystems (in contrast to PGP) are called "symmetric key" systems since the key used to encrypt is the same as the key used to decrypt. This being so, there is the problem of how to get the key to the person decrypting the received ciphertext. (This is as true for DES as for any other symmetric key system.) There are ways, more or less secure. A secure way is to use PGP to transmit the encrypted key. If your only encryption need is transmitting encrypted email then PGP may be all you need. If you want to encrypt lots of 1MB database files, either to keep around or to transmit, then a faster encryption process is needed. 2. They know how to use "that long de command" (actually I think it's quite short) because they've RTFM or had it explained to them, just as for PGP. 3. If they didn't use it they'd just have a block of what looks like uuencoded stuff in the middle of the received message. If they put a wrapper around it and uudecoded they'd get *real* gibberish. >From: Eric Hughes >To: cypherpunks@toad.com >Subject: Mixing ciphertext and plaintext > >>If you wish to mix plaintext and ciphertext in an email message then >>you can use Dolphin Encrypt. > >What cryptosystem does Dolphin Encrypt use? Is the algorithm >published somewhere? > >Eric The encryption process was developed and refined, with no input from any government agency, during the last few years. A general description of it is given in the manual that comes with Dolphin Encrypt. I shall post this description in the following message. Comments are welcome. Although this description is quite detailed, it is not sufficient to work through the process with pencil and paper, since it is too complex. The complete details can only be understood from a study of the C source code, which is provided with the Dolphin Encryption Library, a C library usable by programmers to add encryption capabilities to application programs. More details available by snailmail; requests by email or to 512-479-9208. (We finally had our cute executive secretary record the message; sounds better now - and, no, she doesn't throw the Selectric typewriter ribbons in the trash. In fact, we feed *all* our cast-off confidential data to the hogs out back. Best security method we've ever used, though the dobermans are pretty good too.) -- Peter Meyer P.S. Info going out by snailmail to all who requested it. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: meyer Date: Thu, 20 May 93 12:12:46 PDT To: cypherpunks@toad.com Subject: DE encryption method Message-ID: <9305192120.AA02004@wixer> MIME-Version: 1.0 Content-Type: text/plain The Dolphin Encryption Process The encryption process is a symmetric block cipher, where the block is any size from 1 byte to about 16K. The encryption key consists of a string of from 10 to 60 ASCII characters. The key is converted into six seed numbers using the MD5 message digest algorithm. These numbers are used to seed several pseudo-random-number generators (PRNGs). The key is also used to randomize other elements of the system. During encryption a series of extended and encrypted derivatives of the key are used to scramble the plaintext. The resulting ciphertext is further combined with a portion of the adjacent plaintext (in a way that depends on the key). The enciphered block is then expanded by the random addition of random bytes. Finally the enciphered block is shuffled in a way depending on the key. The explanation of the encryption process has the following sections: (a)PRNGs used (b)Key input (c)General initialization (d)Block initialization (e)Block encryption (a) PRNGs used The process employs two kinds of PRNG: (i) Multiplicative congruential This kind of PRNG is described in D. Knuth, The Art of Computer Programming, Volume 2, pp. 9-20, and in S. Park and K. Miller, "Random Number Generators: Good Ones are Hard to Find", Communications of the ACM, Vol. 31 No. 10 (October 1988), pp. 1192-1201. Three multiplicative PRNGs are used in the encryption process. (ii) Additive This kind of PRNG is described in D. Knuth, The Art of Computer Programming, Volume 2, pp. 27-31, and in S. Kirkpatrick and E. Stoll, "A Very Fast Shift-Register Sequence Random Number Generator", Journal of Computational Physics, 40 (1981), pp. 517-526. Five additive PRNGs are used in the encryption process. (b) Key input The process makes use of a user-input key and six seed numbers which are derived from that key. The user may enter any string of typeable characters. All lower case characters are converted to upper case, and all characters except the following 68 are eliminated: ABCDEFGHIJKLMNOPQRSTUVWXYZ 0123456789`~!@#$%^&*()_+|-=\[]{};':",./<>? The resulting string is called the input key. The input key must consist of at least ten characters and at most sixty, and it must contain at least six different characters. If not then it is rejected. (c) General initialization Once an acceptable input key has been entered, there are two operations that are performed using this key before any actual data encryption occurs. (i) Six seed numbers in the range 4,000,000 through 1,431,655,765 are generated from the input key using the MD5 message digest algorithm. (ii) The three multiplicative PRNGs are used in different ways in the encryption process. Based on the key the particular ways in which they are to be used are determined at this stage. (d) Block initialization The block size must be specified. For each block the encipherment process occurs as follows: (i) The block is assigned a number in the range 0 - 65,535. (ii) The three multiplicative PRNGs are initialized using three of the seed numbers and the block number. (iii) A set of five additive PRNGs is randomly chosen from a set of thirty. They are initialized using five of the seed numbers, the block number and numbers generated by the multiplicative PRNGs. (iv) A sub-block length is randomly selected using one of the multiplicative PRNGs. Its value depends on the key, but lies in the range 30 through 180. (e) Block encryption Block encryption consists of three processes: scrambling, interpolation and shuffling. (i) Scrambling Scrambling involves two parallel encipherment processes: (1) A series of character strings are generated from the input key. The length of each string is at least 250 and at most 500 bytes and is chosen so as not to be divisible by the previously mentioned sub-block length; otherwise the length of the string is random. Each byte in this string is derived from a combination of a byte randomly selected from the input key and a value returned by one of the additive PRNGs. As each string is generated its MD5 message digest is also generated. The block is divided into a set of non-overlapping variable-length sub-blocks corresponding to the lengths of the strings thus generated. Each byte in each sub-block is modified by combination with a byte in the string, a byte in the MD5 message digest of the current string and a value obtained by using one of the PRNGs. (2) In the second, concurrent, process the block is divided into fixed-length non-overlapping sub-blocks which have the previously mentioned sub-block length. The bytes in each ciphertext sub-block are combined with some or all of the bytes in the corresponding plaintext sub-block in a manner involving the use of one of the PRNGs. (ii) Interpolation Meaningless bytes are now interpolated among the bytes of the ciphertext. This is done in a random way using one of the PRNGs and so that these interpolated random bytes can be eliminated during decipherment. This step generally increases the size of the block by 2% to 10%. (iii) Shuffling The bytes are then permuted (or in other words, shuffled) randomly by a process that again uses one of the PRNGs and the input key, and which is reversible if and only if the key is known. The completes the encipherment of the data block. This process may be performed on each block of data making up any larger block, such as a disk file. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: TO1SITTLER@APSICC.APS.EDU Date: Wed, 19 May 93 15:52:59 PDT To: cypherpunks@toad.com Subject: No Subject Message-ID: <930519164946.84b@APSICC.APS.EDU> MIME-Version: 1.0 Content-Type: text/plain From: SMTP%"Postmaster" 14-MAY-1993 22:58:16.22 To: CC: Subj: Undeliverable Mail Date: Fri, 14 May 1993 22:58:09 -0600 (MDT) From: Postmaster@APSICC.APS.EDU Subject: Undeliverable Mail To: Bad address -- Error -- Nameserver error: Unknown host Start of returned message Date: Fri, 14 May 1993 22:58:07 -0600 (MDT) From: TO1SITTLER@APSICC.APS.EDU Message-Id: <930514225807.c83d@APSICC.APS.EDU> Subject: Tempest To: drzaphod@ncselxsi.uucp X-Vmsmail-To: SMTP%"drzaphod@ncselxsi.uucp" Where can I find more info about tempest? Is it a roomwide thing, is it implemented in the cables and housings, or what? I understand that the purpose of Tempest is to prevent people from spying on you via electronic emissions detection. Is this just a glorified Faraday cage? End of returned message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jrk@information-systems.east-anglia.ac.uk (Richard Kennaway) Date: Wed, 19 May 93 09:00:04 PDT To: cypherpunks@toad.com Subject: Re: Random numbers Message-ID: <9279.9305191556@sys.uea.ac.uk> MIME-Version: 1.0 Content-Type: text/plain Fallen Angel writes: >Wouldn't it be ppossible to apply the Mafia-numbers-game solution? >i.e. For your numbers (or seed for a large volume of numbers) take >a random pubically accessible number like the last 3 digits of the >attendance of a sporting event. > >I have never seen any formalizations, but that type of number should be >as close to totally random as possible. How do you know that these numbers aren't already in use as a code system, under the control of someone who may not have your interests at heart? Mafia numbers indeed! -- ____ Richard Kennaway __\_ / School of Information Systems Internet: jrk@sys.uea.ac.uk \ X/ University of East Anglia uucp: ...mcsun!ukc!uea-sys!jrk \/ Norwich NR4 7TJ, U.K. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: trimm@netcom.com (Trimm Industries) Date: Wed, 19 May 93 16:59:15 PDT To: cypherpunks@toad.com Subject: tempest Message-ID: <9305192359.AA16487@netcom4.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Reply to TO1SITTLER re: tempest TEMPEST is NACSIM 5100A (there are some new numbers which I can't remember), a NSA specification for the emission of compromising EMI from computers and other digital data processing equipment. It is a Faraday cage, except that they divide the system into "black" noise circuits and "red" noise circuits. An example of black emissions would be the constant 50 KHz signal emitted by a switcher power supply, that contains no useful information. You can emit as much black as you want. You cannot emit ANY red information, that is, CRT guns, data busses, data transmission lines, etc. Red information can be reconstructed easily bu passive interception. Your PC, for example, has a monitor that emits enough information to allow unintended interception up to a mile away. If you need more details, write back. Gary trimm@netcom.com -- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: baumbach@atmel.com (Peter Baumbach) Date: Wed, 19 May 93 14:51:49 PDT To: cypherpunks@toad.com Subject: false positives Message-ID: <9305192112.AA04939@carp.chp.atmel.com> MIME-Version: 1.0 Content-Type: text/plain I have an encryption question: Has anyone tried to create a strong encryption algorithm that cannot be broken by brute force? If the algorithm relied on a dictionary, for instance, then the wrong key could still return something that resembles english. It would be even better if for any arbitrary text, a KEY could be generated which maps the encrypted real message to the arbitrary text. With this system, even if your true key could be figured out (maybe you wrote it on a napkin!), you could easely deny the accuracy of the decryption. A decrypted message would only be useful for information, but never for evidence. This is more of an idea than a question. What do you think? In liberty, Peter Baumbach baumbach@atmel.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jrk@information-systems.east-anglia.ac.uk (Richard Kennaway) Date: Wed, 19 May 93 09:27:33 PDT To: cypherpunks@toad.com Subject: Re: alt.whistleblowers Message-ID: <9667.9305191619@sys.uea.ac.uk> MIME-Version: 1.0 Content-Type: text/plain Julf writes: >> it had been my understanding >> that julf was going to newgroup alt.whistleblowers... > >Er... I definitely remember somebody else announcing he was going to >create it... Anon.penet.fi (and especially MK II alias penet.anon.com) >will definitely support it. It would seem in keeping with the spirit of alt.whistleblowers for the newgroup to be performed anonymously. Does anon.penet.fi support the control newsgroup? :-) More seriously, why doesn't everyone who knows how and wants the group created simply forge an anonymous creation message? -- ____ Richard Kennaway __\_ / School of Information Systems Internet: jrk@sys.uea.ac.uk \ X/ University of East Anglia uucp: ...mcsun!ukc!uea-sys!jrk \/ Norwich NR4 7TJ, U.K. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: poier@sfu.ca (Skye Merlin Poier) Date: Wed, 19 May 93 17:58:23 PDT To: cypherpunks@toad.com Subject: Where are the key servers? Message-ID: <9305200058.AA00956@malibu.sfu.ca> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Hi.. What are the address(es) of the worldwide key server(s)? I thought I had them around here somewhere.... thx skye - -- - -----====> Skye Merlin Poier <====----- Undergrad in CMPT/MATH (Virtual Reality) |||| |||| email: poier@sfu.ca p-OO <--> OO-q THINK PGP Public Key available on finger \== ==/ -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK/rXky0bkpXW3omvAQHvNAQAjQ1yBeBEp2bjd+nx0eq33YO68wAN+V1c mSZIWPnFDXCsJoBB3Ol7T9pzENr0kCH7EtvetyrwFhbzQYrIUPFs34hPs7AgMcYj OXB82X8wQ38KaQJTcyL3eLkbegrnxdYzU8kLKgGVs6QCQqHGE8ZG0WlSntXZHcYy xbZqaIYndsg= =uT12 -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jordan@imsi.com (Jordan Hayes) Date: Wed, 19 May 93 18:12:15 PDT To: cypherpunks@toad.com Subject: Re: MCI, Sprint or bust ... Message-ID: <9305192204.AA12542@IMSI.COM> MIME-Version: 1.0 Content-Type: text/plain >>> what makes more sense is to buy some at&t shares ... Looks like someone did that. AT&T is up about $8 in the past four days, up another 4.8% today ... /jordan From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@soda.berkeley.edu Date: Wed, 19 May 93 18:17:28 PDT To: cypherpunks@toad.com Subject: No Subject Message-ID: <9305200114.AA01985@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain TEMPEST Information (Might be a bit old) ---------------------------------------- HETRA Computers Inc. George Brazel 45472 Holiday Dr. #1 Sterling, VA 22170 Vox: (703) 709-0800 Fax: (703)709-8181 [God I love this list] =8^( From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Wed, 19 May 93 15:41:16 PDT To: Marianne Mueller Subject: Re: Consider "Working Assets" phone service instead of AT&T In-Reply-To: <199305192142.AA25642@well.sf.ca.us> Message-ID: <9305192239.AA05954@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain Marianne Mueller says: > Another option to AT&T long distance service is something called > Working Assets. > > Quoting from their bill, > > "Every time you call long distance with Working Assets, a percentage > of your charge goes to nonprofit action groups that are working for a > better world. These donations are made by Working Assets at no extra > cost to you. I don't want to get into an argument on politics, but I will point out for the large libertarian contingent that Working Assets puts their money into "Progressive", i.e. what libertarians would think of as socialist, causes. Myself, I'd rather not fund lobbying for more regulations, thank you very much. > I chose Amnesty International as the nonprofit that gets donations > when I make long distance calls. I think Working Assets has dozens of > nonprofits you can choose from. And hey, celebrity endorsement: Ralph > Nader goes around urging everyone to sign up with Working Assets. Reason enough for libertarians not to touch it with a ten foot pole... Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Wed, 19 May 93 15:45:18 PDT To: baumbach@atmel.com Subject: Re: false positives In-Reply-To: <9305192112.AA04939@carp.chp.atmel.com> Message-ID: <9305192245.AA02194@dun-dun-noodles.aktis.com> MIME-Version: 1.0 Content-Type: text/plain Yes. It's called a one-time pad. Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com Date: Wed, 19 May 93 18:12:27 PDT To: cypherpunks@toad.com Subject: TEMPEST Message-ID: <9305200112.AA02467@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text > Where can I find more info about tempest? Is it a roomwide thing, is it > implemented in the cables and housings, or what? I understand that the > purpose of Tempest is to prevent people from spying on you via electronic > emissions detection. Is this just a glorified Faraday cage? Both techniques are used. You can either buy TEMPEST-designed equipment, which is designed for low emissions, separation of signals between classified and unclassified components, shielded cables, etc., or you can build a shielded box or room and use special filtered power supplies, fiber optics, etc. The exact standards are classified, but they're a lot stricter than FCC Class A or B. The shielded-room vendors out there also sell to the electromagnetic-compatibility- testing market, who want to have nice quiet rooms to measure emissions from their equipment in. Last time I saw one of these rooms built, about 5 years ago, typical construction used plywood sheets with thick sheet metal on each side, fancy connectors between plywoods, copper-wool crammed in any cracks, and special waveguide meshes for air vents and fiber-optic communication cables, and gives about 100-120 dB shielding for frequencies up to about 1-10GHz. Twenty years ago, typical construction used copper screening and was good to ~60dB. About 3-4 years ago, the typical cost for a TEMPEST PC was ~$4000 more than the non-TEMPEST equivalent, and the equipment was maybe 1 year behind the commercial models due to integration and testing time. TEMPEST mini-computers, if they were small enough, generally took the approach of putting the standard versions of the machine in a box built like the TEMPEST rooms; TEMPEST PCs had a somewhat more integrated design, though they were starting to use commercial motherboards. Bill Stewart From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: catalyst@netcom.com (Scott Collins) Date: Thu, 20 May 93 00:43:40 PDT To: cypherpunks@toad.com Subject: Re: false positives Message-ID: <9305200743.AA02030@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain >Has anyone tried to create a strong encryption algorithm that cannot >be broken by brute force? ^^^^^^ Brute force = exhaustive search. Therefore, if there is a solution, and the search terminates, the answer will be found. Your point was, can an encryption system be designed such that an exhaustive search yields multiple equally good, different (preferably contradictory) decryptions, for any given encrypted message. In "Communications Theory of Secrecy Systems", Bell Systems Technical Journal, Vol 28, pp. 656-715, Shannon measures the efficacy of an encryption system by the average number of plaintext messages that map to an arbitrary cyphertext (via different keys). Later, Hellman (in "An Extension of the Shannon Theory Approach to Cryptography", IEEE Transactions on Information Theory, vol 23, No. 3, pp. 289-284) emphasized Shannon's point about using compression with encryption so that decryption will yield more false positives. Ross Williams discusses this in his book: "Adaptive Data Compression". Note the limited definition of meaningful in these papers as 'makes words'. Given sufficient context, a correct decryption would not be able to hide in a forest of 'meaningul' false positives. (e.g. "Hmmmm, do you think it's 'cats often enjoy', or 'be ready by tuesday'). Of course, a one time pad affords a very large space of meaningful (much more meaningful than just 'makes words') decryptions for each encryption, hence its information-theoretically perfect security. A system which provides arbitrary mappings at the message level and no derivable component context enjoys this property as well. (e.g. a code book: 1-->be ready by tuesday; 2-->expect a guest. What does the message '1' mean? It can mean any message in the world, exactly as (when using a one time pad) the 17th character might mean any character in the world.) So in answer to your question: yes, a one time pad is just such a system. -- Scott + Scott Collins + "Few people realize what + + catalyst@netcom.com | tremendous power there is in one | + of these things." -- Willy Wonka + From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Anonymous Date: Thu, 20 May 93 00:15:35 PDT To: cypherpunks@toad.com Subject: No Subject Message-ID: <9305200718.AA28431@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain Personally, I think that this is required reading. Practically, I'd like to think that most of you folks will comment and edit this document to the point where each and every one of us will be proud to sign our _names_ to it. Please forgive me for adapting a consecrated public document for this venue, however I feel that this is the best adaptive vehicle for this statement. #include_statement THE DECLARATION OF INDEPENDENCE FROM GOVERNMENTALLY IMPOSED CRYPTOGRAPHY Proposed to Cypherpunks-at-large, May 20, 1993 When, in the Course of human events, it becomes necessary for one people to disregard and challenge the communicative and neo-political bands which have connected them with their Government, and to assume among the powers of the earth, the separate and equal station to which the Laws of Nature and of Nature's God entitle them, a decent respect to the opinions of mankind requires that they should declare the causes which impel them to the opposition. We hold these truths to be self-evident, that all Communications should be designed equally and, that they are endowed by their creators with certain unalienable technical aspects, that among these, are Privacy, Communications Liberalism, and the pursuit of Cryptographic Freedom. That, to secure these rights to publicly available crypto, the Government which was once instituted among Men, and derived their just powers from the consent of the governed, that, whenever any Form of Government once became destructive of these ends, it was once the Right of the People to alter or to abolish it, and to institute new Government, laying its foundation on such principles, and organizing its powers in such form, as to them shall seem most likely to effect their Communications Safety and Happiness. Prudence, indeed, will dictate that Governments long established, should not be changed for light and transient causes; and, accordingly, all experience hath shown, that mankind is more disposed to suffer, while evils are sufferable, than to right themselves by abolishing the forms to which they are accustomed. But, when a long train of abuses and usurpations, pursuing invariably the same Object, evidences a design to reduce them under absolute Despotism, it is their right, it is their duty, to throw off such Government abuses and to provide new Guards for their future communications security.--- Such has been the patient sufferance of these Cryptographic soldiers; and such is now the necessity which constrains them to attempt to alter their former Systems of Government. The history of the present President of The United States of America is a brief history of repeated injuries and usurpations, all having in direct object the establishment of an absolute Tyranny and imposition over individual rights to communicative privacy. To prove this, let Facts be submitted to a candid world. He has implemented a policy which may possibly usurp the citizens privacy in electronic communications, which at least, will indeed submit private communications to unjust scrutiny under his agencies surveillance. He has attempted to impose these standards without academic or public scrutiny. We have not been wanting in attentions to our cryptographic practices; this is true. It does not, however, indicate that we are guilty of crimes of any sort. We have alerted our governmental representatives, from time to time, of attempts made by their legislature to extend an unwarrantable jurisdiction over us. We have reminded them of the circumstances of our professional and private idealisms. We have appealed to their native justice and magnanimity, and we have conjured them by the ties of our common kindred to disavow these usurpations, which would inevitably interrupt our connections and correspondence. They too have been deaf to the voice of justice and of consanguinity. We must, therefore, acquiesce in the necessity, which denounces our united objection, and hold them, as we hold the rest of mankind, Enemies in War, in Peace Friends. We, therefore, the Representatives of the Cryptographic partners resident in the computing networks and establishments, in General Consensus, Assembled, appealing to the legislative bodies of the United States of America for the rectitude of our intentions, do, in the Names, and by Authority of the good People of the Networks, solemnly publish and declare, That the computer community is, and of Right ought to be, Free and Independent of governmentally imposed cryptographic restrictions; that they are Absolved from all Allegiance to the proposals implemented by the National Security Agency, The National Institute of Standards and Technology and the Clipper purveyors by-and-large, and that all political connection between them and the United States of America, and ought to be, totally dissolved: and that, as Free and Independent communicators, they have absolute rights to private electronic communications without Governmentally imposed sanctions which may unethically submit their communications to Governmental scrutiny. And, for the support of this Declaration, with a firm reliance on the protection of divine Providence, we mutually pledge to each other our sacred Honor. Quis Custodiet Ipsos Custodes? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Thu, 20 May 93 01:24:51 PDT To: cypherpunks@toad.com Subject: Constitution... Message-ID: <9305200824.AA07474@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain < We hold these truths to be self-evident, that all Communications | | (505) 299-2282 | | +-----------------------+---------------------------------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: stig@netcom.com (Stig) Date: Thu, 20 May 93 03:46:25 PDT To: cypherpunks@toad.com Subject: Encripted huffman-like compression Message-ID: <9305201046.AA10293@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain At the first bay c-punks meeting I attended, someone mentioned a variation on huffman encoding that used your key to initialize the compression tables. (This was a while ago, so I probably garbled that description...) Anyway, could the person who mentioned this scheme please mail or post a pointer to code or references? Thanks, Stig From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Thu, 20 May 93 08:17:28 PDT To: cypherpunks@toad.com Subject: Forwarded messages from RISKS Message-ID: MIME-Version: 1.0 Content-Type: text/plain These messages were extracted from RISKS Digest (14.64) - 8<------- Snip, Snip ------------- Date: Wed, 19 May 1993 16:32:46 -0400 (EDT) From: esr@snark.thyrsus.com (Eric S. Raymond) Subject: Re: Clipper (Denning, RISKS-14.60; Rotenberg, RISKS-14.62) In Marc Rotenberg wrote: > Denning has to be kidding. The comments on the proposed DSS were > uniformly critical. Both Marty Hellman and Ron Rivest questioned > the desirability of the proposed standard. Mr. Rotenberg, as a public figure operating in the political arena, has to exercise a certain diplomatic restraint in responding to Ms. Denning's claims. I am, thankfully, under no such requirement. As a long-time RISKS reader and contributor, I observe that that this is not the first time that Ms. Denning has apparently operated as a mouthpiece for the NSA's anti-privacy party line on DES and related issues. I believe Ms. Denning's remarks must be understood as part of a continuing propaganda campaign to marginalize and demonize advocates of electronic privacy rights. Other facets of this campaign have attempted to link privacy advocates to terrorists and drug dealers by suggesting that only criminals need fear wiretapping. These are serious charges. I make them because, in the wake of the Clipper proposal, I do not believe civil libertarians can afford any longer to assume that their opponents are persons of good will with whom they can simply debate minor differences of institutional means in a collegial way. It's time for someone to say, in public and on this list, what I know many of us have been thinking. The future is *now*. Electronic privacy issues are no longer a parlor game for futurologists; they are the focus of a critical political struggle, *and the opponents of privacy are fighting their war with all the tools of force, deception, and propaganda they can command*. The histories of the DES, the FBI wiretap proposal, and now the Clipper proposal must be considered against a wider background of abuses including the Steve Jackson case, "Operation Longarm", and the routine tapping of U.S. domestic telecommunications by NSA interception stations located outside the geographic borders of the United States. These form a continuing pattern of attempts by agencies of the U.S. government to pre-empt efforts to extend First and Fourth Amendment privacy protections to the new electronic media. In each case, the attempt was made to present civil libertarians with a fait accompli, invoking "national security" (or the nastiness of "kiddie porn") to justify legislative, judicial and practical precedents prejudicial against electronic privacy rights. While I would not go so far as to claim that these efforts are masterminded by a unitary conspiracy, I believe that the interlocking groups of spies, bureaucrats and lawmen who have originated them recognize each other as cooperating fellow-travelers in much the same way as opposing groups like the EFF, CPSR and the Cypherpunks do. Their implicit agenda is to make the new electronic communications media transparent to government surveillance and (eventually) pliant to government control. One of the traits of this culture of control is the belief that manipulative lying and dissemblage can be justified for a `higher good'. I believe that Ms. Denning's disingenuous claim that the DSS "is now considered to be just as strong as RSA" is no mere technical misapprehension. I believe it is propaganda aimed at making objectors non-persons in the debate. I cannot know whether Ms. Denning actually believes this claim, but it reminds me all too strongly of the classic "Big Lie" technique. It is important for us to recognize that the propaganda lie is not an aberration, but a routine tool of the authoritarian mindset. And the authoritarian mindset is, ultimately, what we are confronting here --- the mindset that regards the fighting of elastically-defined `crime' as more important than privacy, that presumes guilt until innocence is proven, that demands for government a license to override any individual's natural rights at political whim. We cannot trust representatives of an institutional culture that was *constructed* to deal in information control, lies, secrecy, paranoia and deception to tell us the truth. We cannot accept the authoritarians' unverified assurances that the sealed interior of the Clipper chip contains no `trapdoor' enabling the NSA to eavesdrop at will. We cannot trust the authoritarians' assertions that they have no intention of outlawing cryptographic technologies potentially more secure than the Clipper chip. We cannot believe the authoritarians' claims that `independent' key registries will prevent abuse of decryption keys by government and/or corrupt individuals. We cannot --- we *must not* --- cede control of encryption technology to the authoritarians. To do so would betray our children and their descendants, who will work and *live* in cyberspace to an extent we can barely imagine. We cannot any longer afford the luxury of treating the authoritarians as honest dealers with whom compromise is morally advisable, or even possible. Whatever their own valuation of themselves, the thinly-veiled power grab represented by the Clipper proposal reveals a desire to institutionalize means which a free society, wishing to remain free, *cannot tolerate*. Big Brother must be stopped *here*. *Now.* While it is still possible. Eric S. Raymond - -- Date: Wed, 19 May 93 18:37:24 EDT From: denning@cs.cosc.georgetown.edu (Dorothy Denning) Subject: Re: Clipper (Raymond, RISKS-14.64) Eric Raymond has accused me of being part of a propaganda campaign and a "Big Lie." Among his wild speculations, he wrote: I believe that Ms. Denning's disingenuous claim that the DSS "is now considered to be just as strong as RSA" is no mere technical misapprehension. I believe it is propaganda aimed at making objectors non-persons in the debate. I cannot know whether Ms. Denning actually believes this claim, but it reminds me all too strongly of the classic "Big Lie" technique. Frankly, I don't know how to respond his allegations other than by saying that I am not and have never been on the payroll of NIST, NSA, or the FBI and that every word I have published has been completely on my own initiative. While I frequently speak with people in these agencies (mainly to ask them questions so that I can be informed) and have considerable respect for them, I am operating on my own initiative and making my own independent evaluations based on all the evidence I can find. I try to avoid pure speculation as much as possible. My objective in responding to Sobel in the first place was to point out that, in my best judgement, the DSS as revised is as secure as RSA. I did that so that readers would not be led to believe the contrary. Let me elaborate more. The security of the DSS is based on the difficulty of computing the discret log. (The Diffie-Hellman key exchange, invented in 1976, is likewise so based.) The security of the RSA is based on factoring. My understanding is that the computational difficulty of these two problems is about the same for comparable key lengths, and indeed, the fastest solutions with both come using the same basic technique, namely the number field sieve. If I'm wrong here, I am happy to be corrected by someone who knows more than I do about this. There are other factors, of course, that must be taken into account. With both schemes, you have to make sure you get good primes. In the case of the DSS, you want really random ones so that you don't get ones with "trapdoors." This is readily done and the chances of getting a trapdoor one are minuscule. For a reference, see Daniel Gordon's paper from Crypto '92. I still remember the day when George Davida called me up to say that he had cracked RSA. It turned out that he had found a way of exploiting the digital signatures to get access to plaintext (but not keys). I generalized his mathematics and published a paper in CACM (April 84). The solution is to hash messages before they are signed, which has other advantages anyway. I also remember various articles by people pointing other potential vulnerabilities with RSA if the primes weren't picked right. There are potential weaknesses in all of these public-key methods, but they can be resolved. As near as I can tell, NIST has resolved the potential problems with the DSS, and I am confident that if new ones are found, they will resolve them too. Dorothy Denning Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp@sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Wayner Date: Thu, 20 May 93 08:01:41 PDT To: stig@netcom.com Subject: Re: Encripted huffman-like compression Message-ID: <199305201501.AA07930@access.digex.net> MIME-Version: 1.0 Content-Type: text/plain I wrote something on this in Cryptologia several years back. I believe it is the April Issue of 1988. It describes how to scramble the tree of the Huffman compression to achieve more cryptographically useful compression. Why is this necessary? Because people often assume that compression removes many of the redundancies of the language. Well, it only does this in a theoretical sense. The patterns are still there. If the Huffman encoding maps "T" to "01", "H" to "1001" and "E" to "11", then the pattern "01100111" is going to be very common in English text, but "10010111" is going to much less common. -Peter Wayner From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: root@pleiku.netcom.com Date: Thu, 20 May 93 11:01:56 PDT To: cypherpunks@toad.com Subject: No Subject Message-ID: <9305201801.AA19223@toad.com> MIME-Version: 1.0 Content-Type: text/plain >From root Thu May 20 11:02:46 0700 1993 remote from pleiku To: netcoms!sytex.com!fergp (Paul Ferguson) cc: toad.com!cypherpunks, root Subject: Re: TEMPEST and other "neat stuff" In-reply-to: Your message of "Thu, 20 May 1993 12:15:09 EDT." Priority: urgent Date: Thu, 20 May 1993 11:02:46 -0700 From: "Stop the Big Brother CHip" Received: from pleiku by pleiku.netcom.com; Thu, 20 May 1993 11:02 PDT Content-Type: text Content-Length: 1220 I would like the complete text Paul... JFK really said all this... fascinating... puts a WHOLE new perspective on the assasination with taken in combination with "DEEP BLACK, Puzzle Palace and Deadly Deceits" REALLY makes me wonder.... kelly -- Parts of this .sig borrowed with permission from T.C.May. Perhaps it will indeed get me busted also. .......................................................................... Kelly Goen | Crypto Anarchy: encryption, digital money, kelly@netcom.com | anonymous networks, digital pseudonyms, zero Intelligence Systems | knowledge, reputations, information markets, Specialists Inc. | black markets, face banks, data havens, dark | tech, covert channels, shared secrets, | alt.whistleblowers, collapse of governments. Technical Monkeywrench | Public Key: PGP 2.2. | .......................................................................... PGP 2.2 Key available from PGP Keyservers on the Internet. pub 1024/1BA573 1992/09/09 kelly Key fingerprint = EF 7A 38 99 22 84 E3 3B 90 2A DB 80 DC 65 DA 31 STOP THE WIRETAP CHIP(Clipper Chip)!! From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Thu, 20 May 93 09:45:29 PDT To: cypherpunks@toad.com Subject: TEMPEST and other "neat stuff" Message-ID: MIME-Version: 1.0 Content-Type: text/plain This is an interesting extract that I came across this morning. I thought that I'd post a portion of it (the entire paper is almost 900 lines) to the group since the topic of TEMPEST had surfaced - 8<------ Snip, Snip ------[ edited ]------ (c) 1990 Christopher J. Seline cjs@cwru.cwru.edu cjs@cwru.bitnet Eavesdropping On the Electromagnetic Emanations of Digital Equipment: The Laws of Canada, England and the United States This document is a rough draft. The Legal Sections are overviews. T h e y w i l l b e significantly expanded in the next version. We in this country, in this generation, are -- by destiny rather than choice -- the watchmen on the walls of world freedom.[1] -President John F. Kennedy _____________________ 1. Undelivered speech of President John F. Kennedy, Dallas Citizens Council (Nov. 22, 1963) 35-36. In the novel 1984, George Orwell foretold a future where individuals had no expectation of privacy because the state monopolized the technology of spying. The government watched the actions of its subjects from birth to death. No one could protect himself because surveillance and counter- surveillance technology was controlled by the government. This note explores the legal status of a surveillance technology ruefully known as TEMPEST[2]. Using TEMPEST technology the information in any digital device may be intercepted and reconstructed into useful intelligence without the operative ever having to come near his target. The technology is especially useful in the interception of information stored in digital computers or displayed on computer terminals. The use of TEMPEST is not illegal under the laws of the United States[3], or England. Canada has specific laws criminalizing TEMPEST eavesdropping but the laws do more to hinder surveillance countermeasures than to prevent TEMPEST surveillance. In the United States it is illegal for an individual to take effective counter-measures against TEMPEST surveillance. This leads to the conundrum that it is legal for individuals and the government to invade the privacy of others but illegal for individuals to take steps to protect their privacy. The author would like to suggest that the solution to this conundrum is straightforward. Information on _____________________ 2. TEMPEST is an acronym for Transient Electromagnetic Pulse Emanation Standard. This standard sets forth the official views of the United States on the amount of electromagnetic radiation that a device may emit without compromising the information it is processing. TEMPEST is a defensive standard; a device which conforms to this standard is referred to as TEMPEST Certified. The United States government has refused to declassify the acronym for devices used to intercept the electromagnetic information of non-TEMPEST Certified devices. For this note, these devices and the technology behind them will also be referred to as TEMPEST; in which case, TEMPEST stands for Transient Electromagnetic Pulse Surveillance Technology. The United States government refuses to release details regarding TEMPEST and continues an organized effort to censor the dissemination of information about it. For example the NSA succeeded in shutting down a Wang Laboratories presentation on TEMPEST Certified equipment by classifying the contents of the speech and threatening to prosecute the speaker with revealing classified information. [cite coming]. 3. This Note will not discuses how TEMPEST relates to the Warrant Requirement under the United States Constitution. Nor will it discuss the Constitutional exclusion of foreign nationals from the Warrant Requirement. protecting privacy under TEMPEST should be made freely available; TEMPEST Certified equipment should be legally available; and organizations possessing private information should be required by law to protect that information through good computer security practices and the use of TEMPEST Certified equipment. Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp@sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tribble@memex.com (E. Dean Tribble) Date: Fri, 21 May 93 00:35:39 PDT To: whitaker@eternity.demon.co.uk (Russell E. Whitaker) Subject: [esr@snark.thyrsus.com: CLIPPER: Published version of my rant] Message-ID: <9305202001.AA29900@memexis.memex.com> MIME-Version: 1.0 Content-Type: text/plain This is the version of my post that went to RISKS 14.64. It was edited by me to remove assertions which might expose the RISKS digest to libel action. Permission to redistribute this version as you see fit is explicitly granted. Please do *not* redistribute the old version. ------------------------------- CUT HERE ------------------------------------- From: esr@snark.thyrsus.com (Eric S. Raymond) To: risks@csl.sri.com Subject: Re: Clipper (Rotenberg, RISKS-14.62) In Marc Rotenberg wrote: > Denning has to be kidding. The comments on the proposed DSS were uniformly > critical. Both Marty Hellman and Ron Rivest questioned the desirability of > the proposed standard. Mr. Rotenberg, as a public figure operating in the political arena, has to exercise a certain diplomatic restraint in responding to Ms. Denning's claims. I am, thankfully, under no such requirement. As a long-time RISKS reader and contributor, I observe that that this is not the first time that Ms. Denning has apparently operated as a mouthpiece for the NSA's anti-privacy party line on DES and related issues. I believe Ms. Denning's remarks must be understood as part of a continuing propaganda campaign to marginalize and demonize advocates of electronic privacy rights. Other facets of this campaign have attempted to link privacy advocates to terrorists and drug dealers by suggesting that only criminals need fear wiretapping. These are serious charges. I make them because, in the wake of the Clipper proposal, I do not believe civil libertarians can afford any longer to assume that their opponents are persons of good will with whom they can simply debate minor differences of institutional means in a collegial way. It's time for someone to say, in public and on this list, what I know many of us have been thinking. The future is *now*. Electronic privacy issues are no longer a parlor game for futurologists; they are the focus of a critical political struggle, *and the opponents of privacy are fighting their war with all the tools of force, deception, and propaganda they can command*. The histories of the DES, the FBI wiretap proposal, and now the Clipper proposal must be considered against a wider background of abuses including the Steve Jackson case, "Operation Longarm", and the routine tapping of U.S. domestic telecommunications by NSA interception stations located outside the geographic borders of the United States. These form a continuing pattern of attempts by agencies of the U.S. government to pre-empt efforts to extend First and Fourth Amendment privacy protections to the new electronic media. In each case, the attempt was made to present civil libertarians with a fait accompli, invoking "national security" (or the nastiness of "kiddie porn") to justify legislative, judicial and practical precedents prejudicial against electronic privacy rights. While I would not go so far as to claim that these efforts are masterminded by a unitary conspiracy, I believe that the interlocking groups of spies, bureaucrats and lawmen who have originated them recognize each other as cooperating fellow-travellers in much the same way as opposing groups like the EFF, CPSR and the Cypherpunks do. Their implicit agenda is to make the new electronic communications media transparent to government surveillance and (eventually) pliant to government control. One of the traits of this culture of control is the belief that manipulative lying and dissemblage can be justified for a `higher good'. I believe that Ms. Denning's disingenuous claim that the DSS "is now considered to be just as strong as RSA" is no mere technical misapprehension. I believe it is propaganda aimed at making objectors non-persons in the debate. I cannot know whether Ms. Denning actually believes this claim, but it reminds me all too strongly of the classic "Big Lie" technique. It is important for us to recognize that the propaganda lie is not an aberration, but a routine tool of the authoritarian mindset. And the authoritarian mindset is, ultimately, what we are confronting here --- the mindset that regards the fighting of elastically-defined `crime' as more important than privacy, that presumes guilt until innocence is proven, that demands for government a license to override any individual's natural rights at political whim. We cannot trust representatives of an institutional culture that was *constructed* to deal in information control, lies, secrecy, paranoia and deception to tell us the truth. We cannot accept the authoritarians' unverified assurances that the sealed interior of the Clipper chip contains no `trapdoor' enabling the NSA to eavesdrop at will. We cannot trust the authoritarians' assertions that they have no intention of outlawing cryptographic technologies potentially more secure than the Clipper chip. We cannot believe the authoritarians' claims that `independent' key registries will prevent abuse of decryption keys by government and/or corrupt individuals. We cannot --- we *must not* --- cede control of encryption technology to the authoritarians. To do so would betray our children and their descendants, who will work and *live* in cyberspace to an extent we can barely imagine. We cannot any longer afford the luxury of treating the authoritarians as honest dealers with whom compromise is morally advisable, or even possible. Whatever their own valuation of themselves, the thinly-veiled power grab represented by the Clipper proposal reveals a desire to institutionalize means which a free society, wishing to remain free, *cannot tolerate*. Big Brother must be stopped *here*. *Now.* While it is still possible. -- Eric S. Raymond ------------------------------- CUT HERE ------------------------------------- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Mr. Noise" Date: Thu, 20 May 93 11:12:10 PDT To: cypherpunks@toad.com Subject: The New Mykotronix phones... Message-ID: <9305201811.AA03465@titan.ucs.umass.edu> MIME-Version: 1.0 Content-Type: text Please forgive me for replying to a message that's already a month old, but I was in the process of wading through the messages that have swamped my mailbox while I was doing end-of-the-semester stuff & didn't come across any replies...so just a brief note or two before I submerge again to study for my last Ph.D. comprehensive: > Okay, let's suppose that the NSA/NIST/Mykotronix Registered > Key system becomes standard and I'm able to buy such a system > from my local radio shack. Every phone comes with a built in > chip and the government has the key to every phone call. > I go and buy a phone and dutifully register the key. > > What's to prevent me from swapping phones with a friend or > buying a used phone at a garage sale? Whooa. The secret registered > keys just became unsynchronized. When the government comes > to listen in, they only receive gobbledly-gook because the > secret key registered under my name isn't the right one. This is a good, creative response to fascist technology, but I wonder if I'm the only one on this list who's noticed a parallel between the government's attitude toward small arms & its attitude approach to cryptography? (After all, cryptographic technology *is* dealt with as a 'munition' in the export laws, right?) While this means that many of the same defenses apply to crypto as to arms--as in "When codes are outlawed, only outlaws will have codes," a tagline I made up when I first started using PGP--it also means that we can expect the government (& other opponents) to use similar tactics in trying to deny us our right to privacy. So how might the government respond if we were to use the tactic described above? Well, just consider what they would do if you loaned someone your handgun & they committed a crime with it: they hold you responsible as well. If we allow a system of key registry to be instituted in any form, I think we can expect the same boneheaded legislation restricting our freedom to use cryptography as is currently inflicted on would-be gun owners. If nothing else, "key permits" would represent a new source of revenue for the tax-crazed Clinton administration & governors across the fruited plains! Consider that, in order to obtain local & state permits to carry a handgun in my home state of Connecticut it costs a total of $50 for the first year alone & $25 per year to renew the liscence (it may cost even more in other towns, I don't know)! & then there's the paperwork, & the wait, &.... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Mr. Noise" Date: Thu, 20 May 93 11:23:12 PDT To: cypherpunks@toad.com Subject: WER #79 Message-ID: <9305201822.AA04856@titan.ucs.umass.edu> MIME-Version: 1.0 Content-Type: text Having received my copy of the latest Whole Earth Review yesterday, I expected to see a pile of messages about the article by Kevin Kelly on "Cypherpunks, E-Money, & Technologies of Disconnection"...but maybe, like me, you've all been too busy to read the article all the way through. Anyway, I thought those of you who don't subscribe would appreciate a mention of the article so you could run right out & buy the mag. There's also some good sci-fi stuff (they give it some kind of fancy name, you know WER...) by Kelly & Brian Eno. & the cover is by R. Crumb! Well, anyway, it seems Mr. Kelly has spent some time talking to list member (guru?) Tim May, Phil Zimmerman, & a bunch of other cypherpunk folk, so how about some reactions to the article from those he talked to? ...& is it me, or is the WER/WELL/cypherpunks/Wired/EFF/etc. crowd starting to get just a *little* inbred? (In a nice way, of course...) I feel as though Kelly, Sterling, Brand, Levy, et al. are my best buddies & I don't think we've ever exchanged e-mail (well, once or twice maybe), they just keep popping up everywhere I turn. Heck, I may even have to write R.U.Sirius into my will, he feels like such an old pal... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: smb@research.att.com Date: Thu, 20 May 93 12:07:01 PDT To: fergp@sytex.com (Paul Ferguson) Subject: Re: TEMPEST and other "neat stuff" Message-ID: <9305201906.AA20919@toad.com> MIME-Version: 1.0 Content-Type: text/plain This is an interesting extract that I came across this morning. I thought that I'd post a portion of it (the entire paper is almost 900 lines) to the group since the topic of TEMPEST had surfaced - I'd like to see the whole thing, but I don't guarantee I'll read it. In fact, I don't believe it. The use of TEMPEST is not illegal under the laws of the United States[3], or England. Canada has specific laws criminalizing TEMPEST eavesdropping but the laws do more to hinder surveillance countermeasures than to prevent TEMPEST surveillance. In the United States it is illegal for an individual to take effective counter-measures against TEMPEST surveillance. I can't speak for England or Canada, but neither statement is true about the U.S. Note the text of footnote [3]: 3. This Note will not discuses how TEMPEST relates to the Warrant Requirement under the United States Constitution. Nor will it discuss the Constitutional exclusion of foreign nationals from the Warrant Requirement. The ``warrant'' requirement is precisely the point. Spying on individuals who have a reasonable expectation of privacy is prohibited. In the case of wiretaps, that was in a Supreme Court ruling in, as I recall, 1967. In fact, the original wiretap statute (18 USC 2510 et seq), later amended by the ECPA, was passed (as part of the Ombnibus Safe Streets and Crime Control Act of 1968) in direct response to that ruling, to set forth procedures, grounds, etc., for legal wiretaps and surveillance. I don't have the citation handy, but the concept was discussed clearly and at some length in Kemp v Block (1985) 607 F Supp 1262. A TEMPEST pickup would appear to run afoul of the wiretap laws. Consider the following language in 18 USC 2511(2)(f): procedures in this chapter and the Foreign Intelligence Surveillance Act of 1978 shall be the exclusive means by which electronic surveillance, as defined in section 101 of such Act, and the interception of domestic wire and oral communications may be conducted. I'll return to the FISA later; note, though, that it and 18 USC 2510 are the *only* means by which anything resembling TEMPEST surveillance can be performed. The only grounds on which such intercepts can be justified, given the language of this section, is from 18 USC 2511(3)(g): It shall not be unlawful under this chapter or chapter 121 of this title for any person -- (i) to intercept or access an electronic communication made through an electronic communication system that is configured so that such electronic communication is readily accessible to the general public; Is TEMPTEST ``readily accessible to the general public''? At least since the adoption of the FCC requirements on spurious RFI, I'd tend to doubt it. And as I noted earlier, eavesdropping of any sort is legal if and only if the targets have no reasonable expectation of privacy; given that 99+% of the American public has never heard of TEMPEST, I'd call it a fair bet that someone using a computer in a private room does, in fact, assume that he or she has such an expectation. The Foreign Intelligence Surveillance Act (50 USC 1801 et seq.) specifies the conditions under which foreign agents may be subject to surveillance. Unless there is ``no substantial likelihood'' that an American's conversations will be observed, an order from a special court is needed. Again -- for the most part, there is a requirement for due process. Now -- I'm certainly not going to claim that these niceties are always observed. But that they're ignored doesn't make them legal. Finally, the claim that taking counter-measures against TEMPEST is illegal strikes me as balloon juice, plain and simple. Last I heard, the FCC wanted you to do anything you could to reduce spurious emissions. True, they're not telling how sensitive their detectors are -- but that's a far cry from saying you're not allowed to try to defeat them. Please -- there are real enemies to personal freedom. Let's not waste energy chasing chimeras. --Steve Bellovin From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fnerd@smds.com (FutureNerd Steve Witham) Date: Thu, 20 May 93 12:59:13 PDT To: cypherpunks@toad.com Subject: Huffman and Crypto Message-ID: <9305201955.AA05279@smds.com> MIME-Version: 1.0 Content-Type: text/plain Sorry if these questions have been answered in posts I recently deleted, but... 1) Instead of modifying Huffman coding, isn't it more sensible to just use arithmetic coding, which is more efficient anyway, and doesn't use fixed bit patterns? 2) I would assume there's a branch of cryptography devoted to studying the protections or lack thereof, afforded by compression schemes, both by themselves and in addition to other types of cryptography. I would guess that Huffman and LZ-family codes have been studied a lot...right?? But also more general studies of the weakness of (even secret) compression algorithms as crypto methods? I mean, compression methods would tend to use methods (like table lookup) that simpler cyphers have used for a long time, only without having been designed with crypto expertise...right?? 3) Does anyone know of an easy-to-get-sources, easy-to-use arithmetic coding compression program? quote me -fnerd From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: James Still Date: Thu, 20 May 93 15:01:22 PDT To: 'Cypherpunks List' Subject: Large Scale Implementation of PGP Message-ID: <2BFC0DBF@kailua.colorado.edu> MIME-Version: 1.0 Content-Type: text/plain > Does anyone have any experience/advice w/ this tpye of large scale > implementation of PGP? I know the need to encrypt most of the messages > will be small, but I think it is important to get these people so > familar w/ encryption, they won't be scared and will defend it when > the need arises. Bravo! Widespread use of PGP now is analogous to Ben Franklin's pre- revolutionary attempts at setting up and popularizing a post office. People are interested, but aren't ready to take the initiative and accept "new" ideas. If I might put in a selfish plug, get ahold of PGPSHEL2.ZIP at the soda.berkeley.edu site and give it to co-workers and "Windows types" (you all know who those newcomers are :-) ) who are vaguely interested in secure communications. I've discovered that non-DOS folks will let PGP sit on their hard drives for months without exploring it, but once they use PGPShell, begin taking an active interest in what PGP is and does. With all the discussion about what the difference is between Usenet and BBS's, this is probably an important difference as well. BBS users are still enamored with the *concept* of public key encryption, while the more experienced Usenet users take it for granted. They know there's something going on "up there" but aren't too sure what all this PGP talk is all about. The BBS users are an excellent place to "spread the word" about encryption and shouldn't be ignored. With their help encryption will be as normal and every day as the post office is today. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: baumbach@atmel.com (Peter Baumbach) Date: Thu, 20 May 93 14:47:02 PDT To: cypherpunks@toad.com Subject: strong encryption as virus protection Message-ID: <9305202108.AA05477@carp.chp.atmel.com> MIME-Version: 1.0 Content-Type: text/plain Hello all, It seems that an easely available (legal) software verification system needs to be made. If one were widely used, virus worries of people could be channeled into a demand for strong encryption. Tell people that the Crippler Chip might prevent this from ever happening. Peter Baumbach baumbach@atmel.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: poier@sfu.ca (Skye Merlin Poier) Date: Thu, 20 May 93 17:44:20 PDT To: cypherpunks@toad.com Subject: Re: Crypto constitution Message-ID: <9305210044.AA04138@malibu.sfu.ca> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- One suggestions for improving the constitution: change all occurances of "Men" or "man" to "the people" and make all pronouns gender-neutral. If this is going to be a constitution for the new age, lets have the wording reflect the ideals we hold. Skye - -- - -----====> Skye Merlin Poier <====----- Undergrad in CMPT/MATH (Virtual Reality) |||| |||| email: poier@sfu.ca p-OO <--> OO-q THINK PGP Public Key available on finger \== ==/ -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK/wlyi0bkpXW3omvAQE6pQP8CApOVKoEn1mHFz/n7BkcKbwsi7E5a7Vh Cmc9HefbtR01PvPa1qNeQv5g1vwiatINfVCX3UkZHw30HNIa5grXNXGnPvoG4adX DZ6pLfWNZGzaQDE6pctA6V6qiyae3B3Rxoq50/91Qaex5gK0SZPg+bMKdxCxBmn2 71WNckM7usY= =rm+w -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com Date: Thu, 20 May 93 16:30:18 PDT To: cypherpunks@toad.com Subject: Re: TEMPEST and other "neat stuff" Message-ID: <9305202233.AA23544@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text Paul Ferguson, fergp@sytex.com, posts excerpts from an article on TEMPEST. With all due respect :-), the article is largely nonsense. > 8<------ Snip, Snip ------[ edited ]------ > (c) 1990 Christopher J. Selin cjs@cwru.cwru.edu cjs@cwru.bitnet > Eavesdropping On the Electromagnetic Emanations of Digital Equipment: > The Laws of Canada England and the United States > This document is a rough draft. The Legal Sections are overviews. > ..... > In the United States it is illegal for an > individual to take effective counter-measures against > TEMPEST surveillance. This leads to the conundrum that it > is legal for individuals and the government to invade the > privacy of others but illegal for individuals to take steps > to protect their privacy. This is distinctly not the case. You can take any countermeasures you want. The precise standards are classified (some SECRET, some CONFIDENTIAL COMSEC), so you can't find out how good the government's abilities to eavesdrop are, or precisely what level of protection the government thinks is necessary to protect classified information, or how good the NSA thinks the Russians are, but as long as you're not using classified information as your sources, you can do anything you want. (If you're not protecting yourself *enough*, the FCC will get on your case, but over-protection is fine.) > 2. TEMPEST is an acronym for Transient Electromagnetic Pulse > Emanation Standard. TEMPEST isn't particularly about transients or electromagnetic pulses, it's about overall electromagnetic emissions. Electromagnetic Pulses are the big fast spikes you get from nuclear explosions (or similar slower spikes from lightning, etc.) and the techniques you use for protection against EMP don't solve your TEMPEST problems, and vice versa, though both kinds of protection are some help for the other. In my previous incarnation as a Tool of the Military-Industrial Complex, I never saw TEMPEST expanded as an acronym in any of the documents I read. > TEMPEST is a defensive standard; a device which > conforms to this standard is referred to as TEMPEST Certified. More specifically, a device that's been tested by an NSA-approved testing lab and has all the paperwork blessed by the NSA is TEMPEST-certified. The NSA puts out an "Evaluated Products List" (the name changes every couple of years) which has approved TEMPEST hardware, NCSC-Orange-Book rated operating systems, etc. > The United States government refuses to release details > regarding TEMPEST and continues an organized effort to censor the > dissemination of information about it. For example the NSA > succeeded in shutting down a Wang Laboratories presentation on > TEMPEST Certified equipment by classifying the contents of the > speech and threatening to prosecute the speaker with revealing > classified information. [cite coming]. The Wang Labs people probably had access to the classified documents - if you have them, you're responsible for not giving out classified information, and material derived from classified information might deserve classification. But that's not the same as saying it's "born classified", which is how nuclear weapons design information is treated (no comments on the legality of that approach...) Now, it may be that the NSA are overzealous in presuming the classified nature of the material in the presentation before hearing it; I don't know the details of the case, but access to classified material legitimately affects your ability to discuss its contents in public. > 3. This Note will not discuses how TEMPEST relates to the > Warrant Requirement under the United States Constitution. > Nor will it discuss the Constitutional exclusion of foreign nationals > from the Warrant Requirement. (*My* copy of the Constitution doesn't say that foreign nationals are excluded from "the people" who have specific rights to due process, and the 14th Amendment clearly requires at least the States not to deprive *any* person of life, liberty, or property without due process, and not to deny equal protection to anyone within its jurisdiction, as well as not abridging privileges or immunities of U.S. citizens. Somehow the recent governments haven't felt that applies to them or something...) In the case of the Crippler Chip, however, you knew it had a built-in wiretap when you bought it, which changes some of the reasonable expectations about privacy a bit. Bill Stewart From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: esr@snark.thyrsus.com (Eric S. Raymond) Date: Thu, 20 May 93 18:04:28 PDT To: cypherpunks@toad.com Subject: hello, all Message-ID: MIME-Version: 1.0 Content-Type: text I've just joined the list. I did so because I'm mad as hell about the Clipper proposal (some of you may have seen my incendiary post to RISKS on the topic). Some of you know me. Others have probably seen my work, which includes (among much else) major packages in Emacs 19, a moderately popular netnews suite, the /dev/speaker driver for PC-clones, and editing the Jargon File. I want to know what I can do to help block the Feds from `surveilling' everybody and to spread crypto-anarchy. I'm not up to speed on technical cryptography yet (though I know a lot about the pre-computer kind, Vigenere ciphers and such) but I'm chasing references and hope to be soon. There may be other ways I can contribute. Besides being a skilled hacker, I'm also good with English. I have a lot of experience at maintaining successful FAQs (I'm handling six now, including the monthly three-part buyer's guide for ISA UNIX software and hardware). If the cypherpunks FAQ is still in preparation, I can probably be of substantial help with it. -- Eric S. Raymond From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Thu, 20 May 93 22:18:07 PDT To: poier@sfu.ca (Skye Merlin Poier) Subject: Re: Crypto constitution In-Reply-To: <9305210044.AA04138@malibu.sfu.ca> Message-ID: <9305210517.AA08527@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain > One suggestions for improving the constitution: change all occurances of > "Men" or "man" to "the people" and make all pronouns gender-neutral. I would suggest that we don't use "people," but instead use "Mankind." Or, better yet, lets use "Earthlings," since this will cover people who haven't yet declared their gender. And as far as gender-neutral pronouns, this is also a problem. To many, "chairperson" immediately implies "female-chair-man." This obviously won't work. Well, I guess we could use "he/she." But that won't work either since it gives precedence to (gasp!) "HE." Clearly, we need to come up with a new word in order to satisfy everybody. (I use the word "everybody" to mean "the people," and not just because it has the word "body" in it, which would be the stereotypically-male thing to think about) So, I propose that we, Cypherpunks, adopt my favorite Politically Correct term for "person:" "Generic-Colorless-raceless-carbon-based-bipedial-inhabitant-of-the-third- spherical-object-from-the-bright-mass-in-the-center-of-the-solar-system" As far as I've been able to tell, this term doesn't discriminate against anyone, so I feel this is a good substitue for "man," "men," and "the people." :Satire Mode Off. :Reality Mode On. > If this is going to be a constitution for the new age, lets have the wording > reflect the ideals we hold. I've always thought that fighting over this kind of trivia was kinda childish. It used to be that when someone said, "...and one giant step for mankind...," that we understood this to include EVERYBODY! Lets pick our fights better than this, shall we? Sorry, just couldn't resist..... ;^) +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: poier@sfu.ca (Skye Merlin Poier) Date: Thu, 20 May 93 23:20:59 PDT To: cypherpunks@toad.com Subject: Re: Crypto constitution In-Reply-To: <9305210517.AA08527@triton.unm.edu> Message-ID: <9305210620.AA22924@malibu.sfu.ca> MIME-Version: 1.0 Content-Type: text/plain [reality check on] > :Satire Mode Off. > :Reality Mode On. > >> If this is going to be a constitution for the new age, lets have the wording >> reflect the ideals we hold. > >I've always thought that fighting over this kind of trivia was kinda childish. > It used to be that when someone said, "...and one giant step for mankind...," > that we understood this to include EVERYBODY! Lets pick our fights better > than this, shall we? Excuse me, but it seems that you are being very defensive. I was not picking a fight. It is evident that you cling to "It used to be that" ideals. Just because something "used to be" is not justification for its perpetuation. Is it such a drastic step to replace a couple words that you feel necessary to ridicule something that I consider important? As far as I am concerned, Mr.Diehl it is YOU who are being childish. Wake up, will you? And please refrain from using the word "we". I do not enjoy being patronized. > Sorry, just couldn't resist..... ;^) Obviously. You are indeed a man of tremendous wit and satire. > +------"I'm just looking for the opportunity to be -------------+ > | Politically Incorrect!" | Also plainly obvious. Skye Poier -- -----====> Skye Merlin Poier <====----- Undergrad in CMPT/MATH (Virtual Reality) |||| |||| email: poier@sfu.ca p-OO <--> OO-q THINK PGP Public Key available on finger \== ==/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Fri, 21 May 93 00:03:17 PDT To: cypherpunks@toad.com Subject: Why So Many Articles on Cypherpunks? In-Reply-To: <9305201822.AA04856@titan.ucs.umass.edu> Message-ID: <9305210703.AA13490@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Mr. Noise writes: > Having received my copy of the latest Whole Earth Review yesterday, I > expected to see a pile of messages about the article by Kevin Kelly on > "Cypherpunks, E-Money, & Technologies of Disconnection"...but maybe, > like me, you've all been too busy to read the article all the way through. .... > Well, anyway, it seems Mr. Kelly has spent some time talking to list > member (guru?) Tim May, Phil Zimmerman, & a bunch of other cypherpunk > folk, so how about some reactions to the article from those he talked to? I haven't seen the newstand issue yet and haven't thought too much about it. Kevin Kelly first contacted me last fall because of some posts I'd made on sci.crypt (Round 1 of the "key registration" battle, before we knew the government planned this key escrow thing, happened when I wrote an article for Extropians, Cypherpunks (very young then), and sci.crypt entitled "A Trial Balloon to Ban Encryption?"). Kelly talked to me, Eric Hughes, John Gilmore, circa December, and attended two Cypherpunks physical meetings. (We had a debate around then about whether journalists should be allowed, invited, or ignored...the eventual outcome was that help should be provided to journalists interested in these issues.) Kevin Kelly visited my house near Santa Cruz and we talked for several hours. He was also commissioning an article for "Wired" by Steven Levy, who also talked to several of us. Hence the double articles, which were both written at about the same time. (There's also a Julian Dibell piece for "The Village Voice" in the works...maybe the stuff he's aleady written is *it* , maybe there's going to be more.) > ...& is it me, or is the WER/WELL/cypherpunks/Wired/EFF/etc. crowd starting > to get just a *little* inbred? (In a nice way, of course...) I feel as > though Kelly, Sterling, Brand, Levy, et al. are my best buddies & I don't > think we've ever exchanged e-mail (well, once or twice maybe), they just > keep popping up everywhere I turn. Heck, I may even have to write R.U.Sirius > into my will, he feels like such an old pal... I agree with Mr. Noise about this and am trying to "lay low" as much as possible. However, if journalists are interested in our kinds of topics, they'll write stories. The Cypherpunks list doesn't "assign" members to be interviewed....the journalists sniff the air for interesting hooks and angles to center a piece on. The work of Zimmermann is very obvious (though he's not on the list...he did attend one meeting), as are the obvious battles with the NSA being fought by John Gilmore. I can think of several others who have stuff going on that would make interesting stories. For now, the "cyberspace" community is largely defined by the magazines mentioned, and a few others ("Boing Boing," 'Extropy,"....). Hence the incestuous nature. (Also, the editors and writers know each other and have longstanding credentials in the hacker community.) I hope this little summary gives some perspective on why so many articles are now appearing. The timing is perfect, even if 98% of Americans have never heard of Clipper. -Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: George A. Gleason Date: Fri, 21 May 93 02:35:39 PDT To: jet@nas.nasa.gov Subject: Re: Consider "Working Assets" phone service instead of AT&T Message-ID: <199305210935.AA00447@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Phonecard-only account: minor inconvenience to support a major principle. As far as I'm concerned, "convenience" is the biggest hook that Big Bro has to use on us these days, but it only works if we're lazy enough to go for it. So sign with Working Assets and write them a note telling them you want to see a phonecard-only option soon, and chances are they'll be responsive if they get enough of those. Especially if they're getting them from people who used to have accounts with teh Big Three. -gg From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: elee9sf@Menudo.UH.EDU Date: Fri, 21 May 93 07:39:13 PDT To: cypherpunks@toad.com Subject: Re: Huffman and Crypto In-Reply-To: <9305201955.AA05279@smds.com> Message-ID: <199305211439.AA00169@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain > 3) Does anyone know of an easy-to-get-sources, easy-to-use arithmetic > coding compression program? > I have a book titled "Data Compression" or something like that, which explains Huffman and Huffman-type coding, arithmetic coding, dictionary compressers (sliding window LZ* types), and JPEG compression. The book comes with source code, so if anybody else has it and has a scanner... As I recall, arithmetic compression works well, but is really cpu intensive, even with a math-coprocessor. Plus, you need to have a rough idea of the statistical breakdown of the plaintext for arithmetic compression to work as well as it can. The Zimpel-Lev type sliding window compressors are popular because they work well on most inputs, with little or no pre-computation or statistics. Isn't Phil Karn on this list? I'm sure he can tell you everything you want to know about compression :-) /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Patrick Tufts Date: Fri, 21 May 93 07:16:11 PDT To: gg@well.sf.ca.us Subject: Consider "Working Assets" phone service instead of AT&T In-Reply-To: <199305210935.AA00447@well.sf.ca.us> Message-ID: <9305211418.AA10692@berry.cs.brandeis.edu> MIME-Version: 1.0 Content-Type: text/plain Date: Fri, 21 May 1993 02:35:20 -0700 From: George A. Gleason [....] it. So sign with Working Assets and write them a note telling them you want to see a phonecard-only option soon, and chances are they'll be responsive if they get enough of those. Especially if they're getting them from people who used to have accounts with teh Big Three. ^^^ ^^^^^ Isn't Working Assets just a reseller of AT+T (or is it Sprint) LD? As such, you're still giving business to one of "the Big Three". From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Fri, 21 May 93 11:42:25 PDT To: cypherpunks@toad.com Subject: SIGINT and TEMPEST follies Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Thu, 20 May 93 18:33:52 EDT, Bill_Stewart wrote - > This is distinctly not the case. You can take any countermeasures > you want. The precise standards are classified (some SECRET, some > CONFIDENTIAL COMSEC), so you can't find out how good the > government's abilities to eavesdrop are, or precisely what level of > protection the government thinks is necessary to protect classified > information, or how good the NSA thinks the Russians are, but as long > as you're not using classified information as your sources, you can > do anything you want. (If you're not protecting yourself *enough*, > the FCC will get on your case, but over-protection is fine.) I beg your pardon, but this is _not_ the case. TEMPEST requirements are _not_ classified and are available for public scrutiny. (You obviously do not know where to look.) I _know_ this to be true: I working in the COMSEC arena within the US military for the better part of five years. In fact, I helped design and construct the first tactically-based, X.25 packet switched, PC based, uHF interfaced network in Europe back in the early '80's using Zenith Z-248's and KG-84's. We did everything from designing the cabling pin-out's on up. > TEMPEST isn't particularly about transients or electromagnetic pulses, > it's about overall electromagnetic emissions. You're trying to separate issues that are one and the same. With the proper equipment, I can put you and an IBM Selectric (tm) typewriter on a wooden raft in the middle of Lake Superior, monitor and realize every keystroke that you make and you'd not be the wiser. This type of monitoring is easily defeated by low yield TEMPEST requirements. I've worked in this area, Bill, and have tested these _facts_. I don't care how you care to word it, it _is_ transient electromagnetic emissions. > Electromagnetic Pulses are the big fast spikes you get from nuclear > explosions (or similar slower spikes from lightning, etc.) and the > techniques you use for protection against EMP don't solve your > TEMPEST problems, and vice versa, though both kinds of protection > are some help for the other. > In my previous incarnation as a Tool of the Military-Industrial > Complex, I never saw TEMPEST expanded as an acronym in any of the > documents I read. As I stated above (and I place myself in jeopardy of being accosted by Big Brother by admitting it), I was a COMSEC flunky during my junket with the US Army. Originally, I was a 31S(ierra) and later a 29S(ierra) when two MOS's (Military Occupational Specialties, in Army jargon) were later merged. I was also a COMSEC Custodian (alternate, actually) and I can admit that I have a deep understanding of cryptographic key systems, cryptographic theory, cryptographic hardware design and integration and "BLACK" and "RED" separation principles. This type of technology does not require a rocket scientist (trust me, I've worked with them too at NASA)(oh yeah, I forgot -- I've also done contract work for Bell Labs and AT&T Secure Systems). > In the case of the Crippler Chip, however, you knew it had a built-in > wiretap when you bought it, which changes some of the reasonable > expectations about privacy a bit. This issue is one where I must disagree with you emphatically. The majority of the American public don't even know about Clipper. Hell, most of them think those AT&T commercials (Aretha singing "Freedom") are cute. Personally, I think its pretty sick, considering how they worked in collusion with Big Brother (No Such Agency) and announce that they would be immediately using this "technology" on the same day that the NIST made its announcement that Clipper would be the "weapon of choice" in their war on drugs, would-be criminals and the American public (April 16, 1993). I know the technical specifics of TEMPEST (it is an acronym, BTW) and the reason it was developed as a SIGINT (SIGnal INTelligence) standard. Cheers. Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp@sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jordan@imsi.com (Jordan Hayes) Date: Fri, 21 May 93 08:01:17 PDT To: cypherpunks@toad.com Subject: Re: Crypto constitution Message-ID: <9305211451.AA06984@IMSI.COM> MIME-Version: 1.0 Content-Type: text/plain I think I was able to cryptoanalyze the last few messages (steganography is *so* cool!), but it looks like some of the line noise from my modem messed up the codebook. Can someone tell me if that was "gender-inspecific pronoun" or "gather prolific dingdong" in the second exchange? /jordan From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Al Billings Date: Fri, 21 May 93 11:10:46 PDT To: "J. Michael Diehl" Subject: Re: Crypto constitution In-Reply-To: <9305210517.AA08527@triton.unm.edu> Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Thu, 20 May 1993, J. Michael Diehl wrote: > I've always thought that fighting over this kind of trivia was kinda childish. > It used to be that when someone said, "...and one giant step for mankind...," > that we understood this to include EVERYBODY! Lets pick our fights better > than this, shall we? Unfortunatly for you (in a small way), people teaching English do not agree. I have done more than my share of term papers and articles and in the cases where I have used "man" for "humanity," it HAS been noticed. There is no reason NOT to use gender neutral terms. It isn't going to hurt you to do so and some people out there will appreciate it and will notice if gendered terms are used. Why not then? Wassail, Al Billings From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jet@nas.nasa.gov (J. Eric Townsend) Date: Fri, 21 May 93 11:21:27 PDT To: cypherpunks@toad.com Subject: Re: Consider "Working Assets" phone service instead of AT&T In-Reply-To: <199305210935.AA00447@well.sf.ca.us> Message-ID: <9305211821.AA19054@boxer.nas.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain George A. Gleason writes: > Phonecard-only account: minor inconvenience to support a major principle. You miss my point -- I *can't* get an account with them because I don't have a phone line to tie it to. There is a phone where I stay, but it's not mine. So, I'm stuck with US Splint. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Fri, 21 May 93 10:49:10 PDT To: cypherpunks@toad.com Subject: re: Constitution. Message-ID: <9305211749.AA28087@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain Sorry all, but I had to reply to this letter, and since it was net-wide distribution, I felt I should reply in kind. >[reality check on] :Fantacy Mode Off. >>> If this is going to be a constitution for the new age, lets have the wording >>> reflect the ideals we hold. >> >>I've always thought that fighting over this kind of trivia was kinda childish. >> It used to be that when someone said, "...and one giant step for mankind...," >> that we understood this to include EVERYBODY! Lets pick our fights better >> than this, shall we? >Excuse me, but it seems that you are being very defensive. I was not picking >a fight. It is evident that you cling to "It used to be that" ideals. Just >because something "used to be" is not justification for its perpetuation. Is >it such a drastic step to replace a couple words that you feel necessary to >ridicule something that I consider important? As far as I am concerned, Mr.Diehl >it is YOU who are being childish. Wake up, will you? And please refrain from >using the word "we". I do not enjoy being patronized. Defensive? I don't think so. I am simply pointing out how silly this though- control business really is. I wasn't personally injured by it; it's just too silly to worry so much about. Perhapse "fight" wasn't the correct word. I'm sorry. Tell me, what is wrong with "'It used to be that' ideals?" I hope you don't believe that "mankind" only refers to "malekind." This is furthest from the truth. To answere you'r question, no, it is not such a drastic step, but it bothers me that people feel it necessary to traditional and natural language into something that is artificial and restrictive. You go on to state that this is something that you feel strongly about; fine, but you don't hold a monopoly on opinion. Then you go on to say that I am childish and that I should wake up. I'll just say that I consider this to be a mere personal attack and remind you that I made no such attack to you; and I'll leave it at that. Then you reqest that I refrain from using the word "we." Let me requote something you wrote: >>> If this is going to be a constitution for the new age, lets have the wording >>> reflect the ideals we hold. -----------------------^ Since when is it ok for you, but in bad taste for me? Especially since you are attributing "ideals we hold" to people without asserting what these ideals are. And your asserting that we need special, approved language to express these ideals. I can't decide if the ideal at hand is gender-equallity, or language- neutrality. Remember that this little discussion is NET-WIDE, so "we" refers to Cypherpunks, not YOU in particular. Perhapse you are being a bit defensive? >> Sorry, just couldn't resist..... ;^) >Obviously. You are indeed a man of tremendous wit and satire. Thank you! Even if you are being sarcastic. I'm too gullible to know the difference. ;^) Actually, I hope it was at least amusing even if you didn't agree. > +------"I'm just looking for the opportunity to be -------------+ > | Politically Incorrect!" | >Also plainly obvious. If I lived under a dictatorship, this would read, "I'm just.....to be democratic." This is my protest against an "ideal" that I find smacking of censorship, 1984, and class-hatred. Under PC, other people have the right to tell me what I can and can not say, as you did above. PC would restrict my sometimes limited use of language even further by mandating that I use only approved words and phrases. Eventually, I'll not even be able to talk about such things as gender-differences because this (amoung many others) will have been deemed "unfit for correct conversation." "And now, back to our regularly scheduled program...." +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: esr@snark.thyrsus.com (Eric S. Raymond) Date: Fri, 21 May 93 10:24:02 PDT To: cypherpunks@snark.thyrsus.com Subject: Proposed Cypherpunks FAQ outline Message-ID: MIME-Version: 1.0 Content-Type: text After exchanging email with Eric Hughes and other listmembers, I find that the previous attempt at putting together a cypherpunks FAQ seems to be moribund. I have a lot of experience building FAQs, and maintain several popular ones on USENET, including: * The PC-UNIX Hardware and Software Buyer's Guides * The list of Publicly Known Bugs in USL UNIX * So You Want To Be A UNIX Wizard? (The Loginataka) * Telebit Trailblazer how-to FAQ Accordingly, I'm able and willing to take on this job. The hardest thing about writing a FAQ is to define its scope and level of detail. Accordingly, SOP if you know what you're doing is to start by generating a list of questions to be answered, and/or an outline. I've done this below. 1. Why cypherpunks? a. Privacy is essential to freedom. b. The government cannot be relied on to protect your privacy rights. c. Technology can give individuals leverage against would-be oppressors, but only if we're sufficiently smart and dedicated to build the levers. d. Cypherpunks exists to build and propagate privacy software. 2. What are the essentials of privacy software? a. Public-key cryptosystems for secure communication. b. Unforgeable electronic signatures for message authentication. c. DC-net or similar protocols to thwart spoofing. 3. What are the potential applications of good privacy software? a. Secure communications. b. Digital cash. c. Electronic voting. d. Electronic contracts. e. 4. What are the key algorithms, tools, and implementations for privacy software? a. RSA b. DES c. Clipper/Capstone/DSS d. PGP e. Possible non-RSA trapdoor functions. 5. What are the social and political implications of good privacy software? a. Drastically lower transaction costs for trade. b. Expansion of the counter-economy. c. Disempowerment of government. 6. What are the legal, political, and technical obstacles? a. The Clipper/Capstone/DSS power grab. b. The RSA patent and the PGP/RSA fight. c. RSA's base problem may not be NP-complete. 7. What can I do to help? a. Work on cryptographic software. b. Agitate against the Clipper/Capstone/DES standard. Each subsection should be written by a list expert and include pointers to published sources and other FAQs. You can help in one of three ways: 1) Volunteer to write one of the sections or subsections above. 2) Suggest more questions. 3) Identify yourself to me as a technical expert on a particular area in the outline, even if you're not willing to commit to writing it. That way I'll know whose brains to pick. I think an edited version of Tim May's glossary should go at the end. Tim, are you willing? -- Eric S. Raymond From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Fri, 21 May 93 11:42:21 PDT To: cypherpunks@toad.com Subject: FOIA info Message-ID: MIME-Version: 1.0 Content-Type: text/plain A quick addendum to my post on alt.privacy yesterday. After making a few phone calls, I found that these are the correct addresses to send requests for information under the Freedom of Information Act (FOIA): Central Intelligence Agency: Mr. John H. Wright Information and Privacy Coordinator Central Intelligence Agency Washington, DC 20505 Federal Bureau of Investigation: Federal Bureau of INVESTIGATION J. Edgar Hoover Building 9th and Pennsylvania Avenue, N.W., Washington, DC 20535 ATTN: FOIA/PA Section National Security Agency: Director, NSA/CSS 9800 Savage Road Fort George G. Meade, Maryland 20755-6000 ATTN: FOIA/N5 For those who live in The Commonwealth of Virginia, this is the address of the Richmond field office: Federal Bureau of Investigation 111 Greencourt Road Richmond, Virginia 23228 ATTN: FOIA/PA Section Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp@sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: edgar@spectrx.Saigon.COM (Edgar W. Swank) Date: Fri, 21 May 93 14:48:56 PDT To: Cypherpunks Subject: LISTBIZ: Unsub during my abscence/USA-Legal PGP Message-ID: MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Distribution: Cypherpunks Request Cypherpunks Please stop sending the Cypherpunks mailing list to edgar@spectrx.saigon.com (Edgar W. Swank) until further notice. I anticipate rejoining the list soon after my wife and I return from travel abroad around the end of June. (Since I'm retired I guess I can't say "vacation" or "holiday", can I?) For the general list: I would greatly appreciate it if someONE would save to E-mail me after my return any postings here or to alt.security.pgp about the progress of the USA-Legal PGP project or availability, or any response by Jim Bidzos or RSA to Phil Z's letter of early this month, asking permission to use non-standard RSAREF entry points. -----BEGIN PGP SIGNATURE----- Version: 2.2.1/EWS iQCVAgUBK/yZrt4nNf3ah8DHAQEQVwP8Cx6lG7kR4GnlRyka1B+l1BJisvcxfBGt i/YioZA0WF/4nlFOnj45vMMuPwWLfAFc/BtzjLmk3Iammiw2ZlUfs29rcF9peq+w YWjjVCePIbKE08pYiCUzaSlHT5l1II5Fl0Ex9NoMgjNfYCY2RxzGzrhlObeNZCra J+WXauK0l18= =Ipsd -----END PGP SIGNATURE----- -- edgar@spectrx.saigon.com (Edgar W. Swank) SPECTROX SYSTEMS +1.408.252.1005 Cupertino, Ca From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dmandl@lehman.com (David Mandl) Date: Fri, 21 May 93 11:29:14 PDT To: cypherpunks@toad.com Subject: Re: Proposed Cypherpunks FAQ outline Message-ID: <9305211828.AA16694@disvnm2.shearson.com> MIME-Version: 1.0 Content-Type: text/plain > From: esr@snark.thyrsus.com (Eric S. Raymond) An obvious addition... > 7. What can I do to help? > a. Work on cryptographic software. > > b. Agitate against the Clipper/Capstone/DES standard. c. Promote the use of encrypted communication, help spread PGP and other appropriate tools far and wide (both to help get a better foothold to thwart the Clipper monopoly and its ilk, and to work towards making crypto as commonplace as envelopes). I guess this is a superset of b. --Dave. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dmandl@lehman.com (David Mandl) Date: Fri, 21 May 93 11:38:32 PDT To: cypherpunks@toad.com Subject: Re: Proposed Cypherpunks FAQ outline Message-ID: <9305211838.AA16816@disvnm2.shearson.com> MIME-Version: 1.0 Content-Type: text/plain > From: esr@snark.thyrsus.com (Eric S. Raymond) ...also, there should of course be information on anonymous remailers. This could fit in both > 3. What are the potential applications of good privacy software? > a. Secure communications. > b. Digital cash. > c. Electronic voting. > d. Electronic contracts. e. Secure anonymous remailers. and > 5. What are the social and political implications of good privacy software? > a. Drastically lower transaction costs for trade. > b. Expansion of the counter-economy. > c. Disempowerment of government. d. Anonymity for whistleblowers and others desiring or requiring anonymity on the net. --Dave. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peb@PROCASE.COM Date: Fri, 21 May 93 14:40:43 PDT To: anton@hydra.unm.edu Subject: Re: cypto + compression Message-ID: <9305212138.AA12666@banff.procase.com> MIME-Version: 1.0 Content-Type: text/plain >Why not compress this AGAIN If your compression algorithm is any good, it should *not* be able to compress the output a second time. Compressing before encryption is vital--it makes brute force and plaintext attacks much more difficult. On compression forever: I read a science fiction short story once where (not sure of title or author, but it is a classic) a bunch of geniuses are ostensibly sent to another planet to "explore", but the people sending them had a different motive: get them away from Earth and give them time to dream up cool stuff. Okay, so they dream up way cool stuff, but have this problem with transmission bandwidth back to Earth. Then they figure out that any message can be encoded in prime numbers like: 2^a * 3^b * 5^c * 7^d... where a b c d are the character values (ascii or letter A==0, B==1, etc.). After a message is encoded, the result is a *big number*. This number is not more compact than the original message, but the clever geniuses flying to Tau Ceti (or wherever) figured out how to factor the number down to things like M^N + P^Q, where the number of bits needed to write down the factorization was very small, say, 100 bits or so. THEN, they ship this factorization back to Earth and save bandwidth and it encodes the whole Encyclopedia Gallactica. This scheme doesn't work because factoring is much harder than using other compression techniques. Paul E. Baclace peb@procase.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stanton McCandlish Date: Fri, 21 May 93 13:48:17 PDT To: cypherpunks@toad.com Subject: Dec. of Ind. < Govt. Imposted Crypto Restrictions Message-ID: <9305212048.AA17631@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain I'd sure lend a .signature to ratify that! -- Testes saxi solidi! ********************** Podex opacus gravedinosus est! Stanton McCandlish, SysOp: Noise in the Void Data Center BBS IndraNet: 369:1/1 FidoNet: 1:301/2 Internet: anton@hydra.unm.edu Snail: 8020 Central SE #405, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stanton McCandlish Date: Fri, 21 May 93 14:00:19 PDT To: cypherpunks@toad.com Subject: cypto + compression In-Reply-To: <9305200743.AA02030@netcom.netcom.com> Message-ID: <9305212100.AA18233@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain Just thought of something (I hope it gives someone a business idea, I have plenty to spare at the moment.) OK: compression, simplified, works (in several of its manifestations at least) by replacing redunant parts with a single part that represents 1) what the replaced parts are, and 2) how many there are. Thus "feed" could be compressed as "f!d" where ! = "2 e's". I know, I know this is a terrible oversimplifica- tion, but that's the juice of the fruit, no? OK well if you encrypt a compressed file, there are bound to be lots more new redundencies created in the encryption process (unless it is something like ROT-13). Why not compress this AGAIN, squeezing more space out of the data? Sure you can do this manually but things like DES are slow. What I am thinking is: have something like zip or compress that compresses, encrypts, then recompresses, and repeats this process until it can compress no more. Compression/extraction time will slow down, but for those that NEED heavy- duty compression, big deal. It shouldn't really be TOO bad, since this almost 1/2-assed encryption need not be secure in any way, it could have a very short key. Any ideas? What is wrong with this idea? (something must be, or it would've been done by now, I am guessing.) I don't know the math, so I suspect I must've erred gravely somewhere. -- Testes saxi solidi! ********************** Podex opacus gravedinosus est! Stanton McCandlish, SysOp: Noise in the Void Data Center BBS IndraNet: 369:1/1 FidoNet: 1:301/2 Internet: anton@hydra.unm.edu Snail: 8020 Central SE #405, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Kent Hastings" Date: Fri, 21 May 93 15:33:31 PDT To: cypherpunks@toad.com Subject: PI Compression Message-ID: <199305212233.AA07890@aerospace.aero.org> MIME-Version: 1.0 Content-Type: text/plain PI Compression It may have been discussed here months ago, but my favorite bogus compression scheme is "pi compression". Any number like pi or SQRT(2) can be represented as an infinite sequence of non-repeating bits (there are repetitive patterns, but eventually the sequence breaks out). A finite bit string can be represented simply as the starting location and length in pi. Since all possible finite bit strings are, by definition, contained in the unending cavalcade of bits in pi, all literary works, radio programs, TV, 3D holos, feelies, etc for all sentient species from the remotest past to the distant future, in every possible alternate universe is in little old pi. PI has been in the public domain from antiquity, therefore all parts of pi are public domain, just like every chapter, paragraph, sentence, word and bit are parts of a book. Who would dare argue against these reasonable assertions? Kent - kent_hastings@qmail2.aero.org. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: technopagan priest Date: Fri, 21 May 93 12:55:02 PDT To: cypherpunks@toad.com Subject: Cryptography show for ITR? Message-ID: <199305211954.AA28275@rac2.wam.umd.edu> MIME-Version: 1.0 Content-Type: text/plain This week's NPR "Talk of the Nation/Science Friday" was on the internet. Both telephone callers, and internet "callers" were accepted. The show included the founder of Internet Talk Radio. There was a question along the lines of "how can internet mail privacy be assured?" Unfortunately, the experts only breifly mentioned public-key cryptosystems. I was wondering if they would go into a longer discussion about electronic privacy and crypto issues. I wonder if we could get a "cypherpunk" onto Internet Talk Radio to discuss cryptography and it's privacy concerns. Any ideas? -Thomas From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Fri, 21 May 93 15:59:03 PDT To: cypherpunks@toad.com Subject: PI Compression In-Reply-To: <199305212233.AA07890@aerospace.aero.org> Message-ID: <9305212255.AA02687@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >Since all possible finite bit strings are, by definition, contained >in the unending cavalcade of bits in pi, Definition? I have seen not this asserted even by theorem. Not surprising, since the statement is patently false. There are 2^{\aleph_0} finite bit strings, and only \aleph_0 of those are subsequences of pi. For those of you without a math background, this means "They all just don't fit." Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Watt Forste Date: Fri, 21 May 93 15:59:10 PDT To: Stanton McCandlish Subject: Re: cypto + compression In-Reply-To: <9305212100.AA18233@hydra.unm.edu> Message-ID: <199305212303.AA21876@joes.GARAGE.COM> MIME-Version: 1.0 Content-Type: text/plain Stanton McCandlish wrote: OK well if you encrypt a compressed file, there are bound to be lots more new redundencies created in the encryption process In fact there are not. You can test this out; use PGP to encrypt any file you please, and then use any compression software you like to compress it. You will get no significant compression. Eric Watt Forste arkuat@joes.garage.com 1800 Market St #243 San Francisco CA 94102 "Expectation foils perception." -- Pamela C. Dean From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "John (FuzzFace/Fast-Eddie) McMahon" Date: Fri, 21 May 93 13:18:37 PDT To: tedwards@wam.umd.edu Subject: Re: Cryptography show for ITR? Message-ID: <01GYFYUSBADK002QNU@Eisner.DECUS.Org> MIME-Version: 1.0 Content-Type: text/plain I just forwarded your suggestion to the guys who run ITR. Hopefully, it will go somewhere :-) Cheers! Fuzz From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: sommerfeld@apollo.hp.com Date: Fri, 21 May 93 13:16:34 PDT To: cypherpunks@toad.com Subject: looking for distributed systems/crypto textbook. Message-ID: <9305212016.AA25837@toad.com> MIME-Version: 1.0 Content-Type: text/plain At work, we're thinking of organizing an internal self-study seminar on areas related to distributed systems security. I know of Denning's textbook in the area, but would prefer not to use it for what should be obvious reasons. I also know of and have read the "Contemporary Cryptography" book by Simmons, but it seems to be a little too heavily oriented towards crypto/math as opposed to applications. Undoubtedly many of you would have opinions in this area; let me know what they are and I'll summarize to the list. - Bill From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Clive" Date: Fri, 21 May 93 08:51:48 PDT To: "cypherpunks" Subject: Ref Strong Encryption Message-ID: <9305211551.AA22478@toad.com> MIME-Version: 1.0 Content-Type: text/plain Hi, am I missing something .... From: baumbach@atmel.com (Peter Baumbach) >> It seems that an easely available (legal) software verification system >> needs to be made. If one were widely used, virus worries of people >> could be channeled into a demand for strong encryption. Tell people >> that the Crippler Chip might prevent this from ever happening. How can the case be made for strong encryption, based upon the worries of people over viruses??? I fail to see how the worries over viruses can be countered, channelled into the need for strong encryption. ??? Clive Walmsley Walmsley@ccint1.rsre.mod.uk From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: smb@research.att.com Date: Fri, 21 May 93 14:26:25 PDT To: Stanton McCandlish Subject: Re: cypto + compression Message-ID: <9305212126.AA27376@toad.com> MIME-Version: 1.0 Content-Type: text/plain OK well if you encrypt a compressed file, there are bound to be lots more new redundencies created in the encryption process (unless it is something like ROT-13). Why not compress this AGAIN, squeezing more space out o Actually, you've got it backwards. A decent encryption algorithm, including DES, generates something with very little redundancy, and hence which cannot be compress further. $ compress vmunix.Z $ des -e -k foo vmunix.Z.des des: WARNING: using software DES algorithm $ compress vmunix.Z.des.Z -rwxr-xr-x 1 root 1875490 Jan 7 16:59 /vmunix $ des -e -k foo vmunix.des.Z des: WARNING: using software DES algorithm $ ls -l /vmunix vmunix* -rwxr-xr-x 1 root 1875490 Jan 7 16:59 /vmunix -rw-rw-r-- 1 smb 794374 May 21 17:17 vmunix.Z -rw-rw-r-- 1 smb 794376 May 21 17:18 vmunix.Z.des -rw-rw-r-- 1 smb 1066555 May 21 17:18 vmunix.Z.des.Z -rw-rw-r-- 1 smb 2538235 May 21 17:21 vmunix.des.Z As you can see, compressing after encrypting *increases* the size of the file. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Fri, 21 May 93 14:56:50 PDT To: Stanton McCandlish Subject: Re: cypto + compression In-Reply-To: <9305212100.AA18233@hydra.unm.edu> Message-ID: <9305212156.AA03491@dun-dun-noodles.aktis.com> MIME-Version: 1.0 Content-Type: text/plain >> Any ideas? What is wrong with this idea? (something must be, or it >> would've been done by now, I am guessing.) I don't know the math, so >> I suspect I must've erred gravely somewhere. You have indeed erred gravely :-) One of the information theoretical concepts we are dealing with here is that of information density. The whole reason compression works is that in most files, the information density is not "perfect"; that is, there is repeated information in the file. This reflects what we see when we compress a file: the more which is repeated, the better compression is. Graphics compress much better than executeables. Well, one of the reasons encryption works is because I can't tell from the encrypted text what kind of patterns exist. Consider a letter-substitution cipher. If I were to apply one to this message, you could probably decrypt it, because much of the structure is still there: common english words, letter frequencies, etc. This makes letter-substitution a pretty poor cipher. What about DES? Well, this is interesting. Without the key, the information density of an encrypted file looks the same as the density of a compressed file, or of noise. This is why you could claim something was just noise, not encrypted data. It's also why a common "good" PRNG is formed by feeding the numbers through some crypto algorithm, because it makes the numbers appear random. It is because encrypted data appears to have a very high information density that it will not compress much, if at all. Compressing encrypted data, from some standpoints, is tatamount to actually decrypting it. Examples: A is a file with 1000 lines of 79 "A"'s followed by a newline. A.Z is the file, compressed. A.x is the file, encrypted (unix crypt, lame, I know) A.x.Z is the encrypted file, compressed wiht the -f option. -rw-rw-r-- 1 marc 80000 May 21 17:26 A -rw-rw-r-- 1 marc 1466 May 21 17:26 A.Z -rw-rw-r-- 1 marc 80000 May 21 17:47 A.x -rw-rw-r-- 1 marc 106577 May 21 17:47 A.x.Z Note that A.x doesn't compress at all. In fact, it grows! Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Fri, 21 May 93 18:00:57 PDT To: cypherpunks@toad.com Subject: Oops. Message-ID: <9305220057.AA09270@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain There are not 2^{\aleph_0} finite sequences, there are \aleph_0. Excuse me. My brain was out to lunch. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Thomas W. Strong, Jr." Date: Fri, 21 May 93 18:20:18 PDT To: cypherpunks@toad.com Subject: Re: cypto + compression In-Reply-To: <9305212138.AA12666@banff.procase.com> Message-ID: MIME-Version: 1.0 Content-Type: text/plain peb@PROCASE.COM writes: > Compressing before encryption is vital--it makes brute force and plaintext > attacks much more difficult. Be careful doing that. It's fine if you are using a compression algorithm that is designed for use with encryption, but if you're just using compress and you make that known, then an opponent just has to look for the magic numbers and headers that compress puts in the front of every file. Instead of believing that strings like "the" will appear somewhere, the opponent now knows exactly what the encrypted document starts with. ----------------------------------------------------------------- Tom Strong N3NBB ts49+@andrew.cmu.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: zimm@alumni.cco.caltech.edu (Mark Edward Zimmerman) Date: Fri, 21 May 93 18:26:06 PDT To: peb@procase.com Subject: Godelization, sf, etc. (was: Re: cypto + compression) Message-ID: <9305220125.AA26590@alumni.cco.caltech.edu> MIME-Version: 1.0 Content-Type: text/plain the sf story that you're alluding to is, I believe, Fred Pohl's "Gold at the Starbow's End" --- a cover story in ANALOG magazine ca. 1968 --- which I remember fondly precisely because of the idea used which you mention, namely, encoding a big message compactly as the sum of various powers of small numbers ... though the author got it pretty badly wrong, as I pointed out in a letter published some months later in the same magazine --- the sum of powers that he gave in the story was *much* too small to hold a significant amount of information, and (worse) he thought that one couldn't get any of the answer without writing the entire number --- obviously wrong, as a little modular arithmetic can get out the powers quite easily.... but it's a nice idea and the story was quite good otherwise.... :-) ^z From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Ian S. Nelson" Date: Fri, 21 May 93 17:47:07 PDT To: arkuat@joes.garage.com (Eric Watt Forste) Subject: Re: cypto + compression In-Reply-To: <199305212303.AA21876@joes.GARAGE.COM> Message-ID: <199305220046.AA02144@bvsd.Co.EDU> MIME-Version: 1.0 Content-Type: text/plain > OK well if you encrypt a compressed file, there are bound to be lots more > new redundencies created in the encryption process > In fact there are not. You can test this out; use PGP to encrypt any > file you please, and then use any compression software you like to > compress it. You will get no significant compression. Isn't encrypted data supposed to be random, and thus not compressable? You might be able to creat some redundencies by decrypting it though. -- Ian S. Nelson I speak for only myself. Finger for my PGP key. If you are a beautiful woman, it is mandatory that you reply to this message. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: rclark@nyx.cs.du.edu (Robert W. F. Clark) Date: Fri, 21 May 93 17:56:12 PDT To: cypherpunks@toad.com Subject: Inside Dope on Mykotronx Message-ID: <9305220056.AA10233@nyx.cs.du.edu> MIME-Version: 1.0 Content-Type: text/plain Received from an undisclosed source, for release to all appropriate electronic media, concerning Mykotronx, Inc. The following material was publicly available, but I still am not at liberty to disclose my source: Information: Mykotronx Inc. 357 Van Ness Way (1 blk so. of Del Amo) Suite 200 Torrance CA 90501 (310) 533-8100 fax (310) 533-0527 STU III (310) 533-0738 Founded 1979 Resale # SR-AB 12-711252 Dunn & Bradstreet # 00-611-5281 Banking: Shearson Lehman Brothers Attn: Steve Scerra Acct # 509 24261 12011 21250 Hawthorne Bl Torrance, CA 90509 (310) 540-9511 Employee Names: Bob Gottfried, CEO Leonard J. Baker, President Ralph O' Connell, aka "The Father of COMSEC", NSA Lobbyist Mike Furusawa, Space COMSEC Manager Patti Linahan, Executive Secretary Kikuo Ogawa, Buyer R. Todd, W. Greenfield, KG-44B (Outrunner) Project John C. Droge, Personnel Bob Todd, Manufacturing Manager Landy Riley, Engineering Federal Express Acct # 1122-7492-8 NSA Contact Home Address: Ralph O' Connell 1401 Woodbridge Road Baltimore, MD 21228 (301) 747-6276 Principle NSA Technical Contact: National Security Agency Maryland Procurement Office Attn: N244 (CEB) (MDA904-92-G-0354/J.O. 5001) 9800 Savage Road Fort George G. Meade, MD 20755-6000 (301) 688-8086 NSA Accounting Contact: National Security Agency Maryland Procurement Office Finance and Accounting Office 9800 Savage Road Fort George G. Meade, MD 20755-6000 (301) 859-6715 KG-46 Tactical Decryptor Unit and KG-48B Outrunner Provisioning Conference participants: Robert Todd, Mykotronx Bill Greenfield, Mykotronx G. Burgio, NSA J. Gochnour, NSA J. Wimpy, Air Force Computer Systems Command S. Solis, Air Force Computer Systems Command To Be Discussed at meeting May 18 & 19, 1993 Outrunner Project Milestone Payments: 1. Preliminary Studies $268,074 2/14/92 2. Place Subcontract w/ VLSI $47,917 2/22/92 3. Complete PDR KG-44B $61,431 4/13/92 4. Complete PDR VLSI $71,090 5/19/92 5. Complete SFA Review VLSI $78,470 7/12/92 6. Complete CDR VLSI $106,638 7/17/92 7. Complete first KG-44B $166,641 8/12/92 8. Complete CDR $132,454 6/18/92 9. Complete tests 1st KG-48B $151,957 12/16/92 10. Complete fab VLSI $203,941 11/17/92 11a.Deliver 2 KG-44B to NSA $81,080 9/8/92 11b.Deliver 2 KG-44B to NSA $81,081 10/7/92 12. Complete Cryto Verif VLSI $152,223 12/16/92 13. Deliver 4 KG-44B to NSA $171,571 3/2/93 14a.Deliver 2 KG-44B to NSA $30,432 3/30/93 14b.Deliver 2 KG-44B to NSA $30,432 4/20/93 15. Deliver 4 KG-44B to NSA $60,864 4/24/93 16a.Deliver 1 KG-44B to NSA $15,216 4/28/93 16b.Deliver 3 KG-44B to NSA $45,648 5/12/93 17. Deliver 4 KG-44B to NSA $42,840 5/13/93 Total: $2,000,000 KG-44 VLSI Procurement: United Technologies Microelectronics Center 1575 Garden of the Gods Road Colorodo Springs, CO 80907 (719) 594-8000 fax (719) 594-8032 PO#5703-44ACN1 Feb 19, 1992 Invoice Date Feb 5, 1993 "Customer to pick up parts. Secret item handling. Secret Design KG-44LSI. Mykotronx P/N M20/00301XXX" Government contract # MDA904-92-C-A027 Group C Testing: $4,400 5 Parts @ $675ea $3,375 Job #BE-7281 Group C Samples PIC Number: HP67AG84WTDLC "Note: Group B samples also included with this shipment (ref Packlist #10128" "The export of this product is controlled by the US Government. The export of this product or the disclosure of related technical data to foreign nationals without the appropriate export license is prohibited by law." Test Plan for MYK-80: Statement of Work for Exatron Inc. 5/13/93 Develop test interface board for MYK-80 (176 pin TQFP) and I.M.S. tester. Interface to utilize "particle interconnect" system. Data on MYK-80 I.O. and IMS tester to be supplied by Mykotronx. Interface board to be installed in a work station which utilizes Exatron "PET" handler, tooled for the MYK-80; a vacuum pick-up device (manual, pencil type); work surfaces for JEDEC tray storage and operator support. The IMS tester will mount directly under the "PET" handler. Two "PET" handlers are to be quoted with two sets of specific nesting tools for the MYK-80. Installation in place at Mykotronx and initial operator and maintenance training to be included. Design review of the interface board layout, prior to release of the board to fabrication is to be held at Mykotronx. Manuals and Training Manuals subcontracted to: ELITE Technical Corporation Warren A. Griswold, President 1903 B Marshallfield Lane Redondo Beach, CA 90278 (310) 372-5616 CAPSTONE Financial Commitments by Mykotronx Basic VII Cap VLSI 10 $212,000 Sun 1 Yr maint hw&sw $2,700 Compass $159,400 IKOS Systems & sw $57,500 ELITE Technical Corp $8,000 IMS/Sun $119,000 Versatec Plotter $36,500 SJ (1) $71,200 SJ (2) $76,200 Exatron Test System $78,000 ROM Cell $60,000 AT&T $100,000 Surf Mgt (real estate) $13,900 Universal Shielding (Tempest) $20,600 Plotter maint $5,000 Litronics $225,000 Spyrus (1) $45,600 Spyrus (2) $44,800 Compass (2) $110,000 VLSI Tech $30,000 VLSI Tech (2) $163,000 VLSI Tech CAPSTONE TQFP $10,000 New Media NRE Design $18,700 South Coast Designers $14,600 South Coast $6,000 VLSI Tech Exponeniator Tamper Sys $163,000 Conres logic analyzer $3,200 VLSI Myk-78 tester $33,800 Here are exerpts of the general ledger of Mykotronx, the Torrance Based Big-Brother outfit that is going to make the Clinton Clipper wiretap chip: Period: 01/01/93 to 04/30/93 (first 4 months of 1993) Acct Descr Beg Bal Debits Credits ==1000 series== Shearson Lehman 286,511 2,620,096 2,670,822 Paine Webber 95,602 868 0 Dean Whitter 55,391 484 0 Petty Cash 3,000 0 0 Union bank payroll act 13,408 900,000 816,443 Accts rcvbl -customer 1,185,829 1,981,356 2,562,064 Accts rcvbl - eployees 7,125 48,450 55,575 Franchise tx rcvbl 2,165 0 0 Unbilled costs&fees 567,792 533,347 0 Raw inventory 172,252 0 76,064 Prepaid taxes 1,116 0 0 Prepaid sales tax 688 0 688 Equp/mach/furn 383,038 20,695 0 Accum depreciation 234,425 0 23,000 Deposits 9,272 0 0 ==2000 series== Accts Payable 482,895CR 1,869,477 1,684,555 Sales tax payable 147CR 176 0 Sales tax paid 0 0 0 FIT withheld 0 10,854 135,741 FICA withheld 0 0 56,622 CA state IT withh 0 0 36,163 CA state disability 0 0 8,730 SUI pybl employer 0 0 5,788 FUTA payable 0 0 2,007 FICA employer 0 0 56,621 Pd Payroll txs withh 0 290,820 0 401K withheld 0 0 42,712 Accrued payroll 25,637CR 343,682 318,045 Dental withheld 0 0 674 Dental plan pd 0 674 0 Withh 401K pd 0 42,712 0 Accrued bonuses 214,040 341,240 127,200 [Those are some nice bonuses, aren't they?] Accrued Vacation 44,252 0 0 Excess billings 139,216 154,706 55,036 Gross payroll 0 751,859 0 Gross payroll distrd 0 2,552 754,412 Lease obligations 4,911CR 0 0 ==3000 series== Common Stock 169,320 0 61,435 Capital disbursement 916,675 222,230 0 Retd Earnings, begng 2,385,020CR 0 0 ==4000 series== Sales, returns&allowc 0 6,014 2,577,323 Interest income 0 0 1,353 Int income tax free 0 0 2,490 ==5000 series== Consultants 0 47,395 47,395 Subcontracts 0 932,210 110,419 Other direct costs 0 62,265 5,454 Printing/repro costs 0 542 0 Equipment rental/leasg 0 1,537 1,537 Maint, repairs 0 1,761 0 Delivery 0 3,217 0 Postage 0 960 0 Materials/parts 0 186,252 22,423 Telephone 0 93 0 Travel 0 10,437 0 Inv Cost of Mfg Prod 0 76,064 0 Direct labor-Engnrg 0 240,341 54,172 Direct labor-Technician 0 129,839 37,459 Direct labor-Adminst 0 47,542 10,081 ==6000 series== Indirect labor 0 60,319 0 Holidays 0 32,867 27,331 Sick leave 0 3,276 0 Vacation 0 38,096 25,976 Retroactive pay 0 4,400 0 Job advertisments 0 655 0 Grp Med Ins non sharhl 0 25,522 1,818 Mykotronx pd payrl txs 0 64,417 0 Workers comp 0 9,554 1,418 Interest pd 0 0 0 Consultants 0 2,013 0 ADP Acctg 0 1,493 0 Real World Acct Suppt 0 1,485 0 Bank charges 0 155 0 Blueprints/repro 0 390 0 Proposals 0 2,817 0 Copier expense 0 514 0 Depreciation - elec eq 0 23,000 0 Dues & memberships 0 749 0 Education & Training 0 2,850 0 Employee relations 0 4,531 0 Business expense 0 7,431 0 Equip rental/lsng 0 4,458 0 Computer software 0 2,114 0 Insurance 0 9,061 1,380 Janitorial 0 20 0 Licenses & Permits 0 175 0 Maint, repairs 0 2,096 0 Delivery 0 995 13 Postage 0 942 0 Amort organiz expense 0 0 0 Taxes - franchise 0 2,763 0 Real & Pers prop tax 0 0 0 Rent 0 54,080 0 Subscriptions/books 0 325 0 Office/lab supplies 0 14,183 446 Telephone 0 7,961 36 Travel 0 10,296 1,303 Utilities 0 5,833 0 LTD Ins, non sharehld 0 2,877 594 401K Mykotronx contrib 0 17,411 0 ==7000 series== Special Bonus 0 132,200 123,200 [Special bonus? $132,000.00; I wonder which Federal Agency this money went to.] G&A Labor 0 103,4520 0 Legal Services 0 5,895 0 Board of Dir Expnse 0 1,078 0 Financial Svc 0 7,505 0 Totals 0 12,555,101 12,555,101 Other little items: Locks at Mykotronx installed and maintained by Torrance Lock and Key, 2421 Torrance Bl. Torrance, CA 90501 (310) 320-8840 For some reason, Mykotronx is over 90 days late paying a lousy $50 invoice. Mykotronx has a Mossler safe. It cost $1,693 when they bought it 11/27/90. They have never changed the combination. Outstanding VLSI purchase orders: VLSI Tech (Capstone) $212,000 AT&T (Myk-78) $71,200 Motorola (Myk-77) $76,200 AT&T (Misc) $100,000 Compass (Software) $159,400 VLSI Tech (Myk-78) $66,200 Litronics (PCMCIA Crypto) $225,000 VLSI Tech (Expoteniator) $163,000 VLSI Tech (Capstone TFQP) $10,000 VLSI Tech (Myk-78 fix) $68,500 VLSI Tech (Myk-78A proto) $11,000 VLSI Tech (Myk-78A prod.) $220,000 VLSI Tech (Myk-80 #1) $48,000 VLSI Tech (Myk-80 #2) $33,750 VLSI Tech (Myk-82) $80,000 VLSI Tech (Myk-79) $79,500 Their LAN was installed by Strategies, Inc for about $14,000. More information is forthcoming. Please forward to all appropriate electronic media, and reproduce as desired. Will someone post this to alt.privacy.clipper and sci.crypt, or is this a bad idea? ---- Robert W. Clark rclark@nyx.cs.du.edu PGP signature available by mail or finger From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Fri, 21 May 93 16:41:07 PDT To: "Kent Hastings" Subject: Re: PI Compression In-Reply-To: <199305212233.AA07890@aerospace.aero.org> Message-ID: <9305212339.AA18403@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain "Kent Hastings" says: > PI Compression > It may have been discussed here months ago, but my favorite bogus > compression scheme is "pi compression". Any number like pi or > SQRT(2) can be represented as an infinite sequence of non-repeating > bits (there are repetitive patterns, but eventually the sequence > breaks out). A finite bit string can be represented simply as the > starting location and length in pi. > > Since all possible finite bit strings are, by definition, contained > in the unending cavalcade of bits in pi, all literary works, radio > programs, TV, 3D holos, feelies, etc for all sentient species from > the remotest past to the distant future, in every possible alternate > universe is in little old pi. Bull. You cannot prove that all strings are contained as substrings of PI. The mere fact that a bit string is infinite and non-repeating does not mean that it is wholely random. For instance, I can very readily construct infinite sequences that do not contain arbitrary bit strings. See, as an example, this non-repeating bit string 101001000100001000001.... > Who would dare argue against these reasonable assertions? Me. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pigeon@idr.org (Larissa Carlson) Date: Fri, 21 May 93 18:18:40 PDT To: zippy@berry.cs.brandeis.edu Subject: Consider "Working Assets" phone service instead of AT&T In-Reply-To: <9305211418.AA10692@berry.cs.brandeis.edu> Message-ID: <9305220118.AA17621@wombat.gnu.ai.mit.edu> MIME-Version: 1.0 Content-Type: text/plain I used to sell Working Assets. In answer to the question about reselling of the lines, it works like this: 1. All the phone companies lease some lines from other companies in order to access all regions in order to provide equal access and competitivesness. This opened the door for small start up companies to lease lines instead of setting up whole new systems. There are quite afew companies who do this. Working Assets leases from Sprint. They, unlike AT&T don't provide all the communication system contracts for the govt. and military. 2. In response to the person who said that WA's plan of calling on specific issues wreaks of the same type of Big Brotherism as the others: Everyone has a choice as to what they say to the people targetted. Plus the phone call IS free. Third if the privacy opponents and right wingers and conservatives are wielding havoc on our system why shouldn't we have access to the same methods to affect govt. policy as they do. WA has actually published # that while public are not listed in any directories. This is a useful tool. Lets not waste the resources we have. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Clark Reynard Date: Fri, 21 May 93 18:50:27 PDT To: cypherpunks@toad.com Subject: Whoops; and a question on information theory and encryption Message-ID: <9305220230.AA00987@metal.psu.edu> MIME-Version: 1.0 Content-Type: text/plain Just noticed that my last note had been posted already; sorry. In addition, I'm wondering whether a plaintext/cyphertext pair is considered to have a one-to-one isomorphism; in particular, in the case where you have a plaintext/cyphertext pair but no knowledge of the method of encryption, is there a one-to-one isomorphism? In the case of a one-time pad, is there isomorphism, and if so, of what sort? Thank you. ---- Robert W. Clark Just Say No! to the rclark@nyx.cs.du.edu Big Brother Chip From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Sat, 22 May 93 00:49:32 PDT To: cypherpunks@toad.com Subject: pgp menu Message-ID: <9305220749.AA16667@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain I have included, below, a copy of my pgp menu system. It is a 4dos batch file. With this program, you can encrypt, sign and decrypt a message, and generate, delete, extract keys, wipe files. I've been trying to iron out some of the bugs for about a month now. (BTW where did all my alpha testers go?) I think it's pretty stable now, so I'm posting it. To be able to use the program, you MUST BE USING 4DOS as your command interpreter on your PC. But, I've found that this little requirement is well worth the utility that (I hope) my program From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Sat, 22 May 93 01:03:06 PDT To: cypherpunks@toad.com Subject: Lets see that again... Message-ID: <9305220802.AA17065@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain Well, what can I say about that last message. That is a rather bothersome but in my automatic mail system that I've not been able to track down. In fact, I can't even duplicate it. For the record, my system send 2 other messages before this one, and they were fine. Oh well. Anyway, here is the full message. I have included, below, a copy of my pgp menu system. It is a 4dos batch file. With this program, you can encrypt, sign and decrypt a message, and generate, delete, extract keys, wipe files. I've been trying to iron out some of the bugs for about a month now. (BTW where did all my alpha testers go?) I think it's pretty stable now, so I'm posting it. To be able to use the program, you MUST BE USING 4DOS as your command interpreter on your PC. But, I've found that this little requirement is well worth the utility that (I hope) my program provides. 4dos is a command.com replacement that features disk swapping, aliases, file- name completion, and an extended batch language. You can get it via anon ftp at wuarchive.wustl.edu in the /mirrors/msdos/4dos directory. It's very much worth the effort to investigate. For those of you who do make this effort, I hope you enjoy using my menu syste. I hope to hear from you soon. Thanx. Well, here it is: rem @echo off setlocal break on :main cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 4 29 16 49 2 red on black scrput 1 27 blue on black Mike's PGP shell ver. 0.0. scrput 3 35 blue on black MAIN MENU scrput 5 32 red on black Encrypt a file. scrput 7 32 red on black Decrypt a file. scrput 09 32 red on black siGn a file. scrput 11 32 red on black Wipe file. scrput 13 32 red on black Next menu. scrput 15 32 red on black Quit. scrput 18 5 white on black Select an option by typing the corisponding capitalized letter. scrput 19 5 white on black For example, to encrypt a file, you would press the E key. inkey /K"EeDdGgWwNnQq" %%in goto menu1-%in :menu1-q screen 17 26 pause cls endlocal quit :menu1-e cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 6 3 8 74 2 red on black scrput 18 5 white on black Here you will be asked for the name of a file to be scrput 19 5 white on black encrypted. Then you will be asked for the names of scrput 20 5 white on black the people who should be able to read the file. scrput 21 5 white on black Enter them all on the line separated by a space. scrput 7 5 red on black Enter the name of the file to encrypt. screen 7 52 input %%file if exist %file goto menu1-e-good scrput 15 10 red on black That file is not in the current directory! screen 16 10 pause goto menu1-e :menu1-e-good drawbox 10 3 12 74 2 red on black scrput 11 5 red on black Enter the name(s) of the recipients. screen 11 52 input %%in cls rem I never claimed that this would be elegent.... drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black scrput 18 5 white on black Here you are asked if you want to mark this message "For Your Eyes Only," scrput 19 5 white on black and if you want to sign the message. If you reply 'y' to the first scrput 20 5 white on black question, the recipient will only be ablt to display the message. He scrput 21 5 white on black won't be to save it. If you reply 'y' to the second question, the scrput 22 5 white on black recipient will know for certain that the message is from you. drawbox 6 3 8 74 2 red on black scrput 7 5 red on black Would you like to mark this "For Your Eyes Only?" inkey /K"ynN" %%f drawbox 10 3 12 74 2 red on black scrput 11 5 red on black Would you like to sign this message? inkey /K"ynN" %%s if "%f" == "y" goto f if "%s" == "y" goto s cls pgp -e %file %in goto encrypted :f if "%s" == "y" goto sf cls pgp -me %file %in goto encrypted :sf cls pgp -mes %file %in goto encrypted :s cls pgp -es %file %in :encrypted echo %@name[%file].asc is the name of the encrypted file. pause goto main :menu1-d cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 6 3 8 74 2 red on black scrput 18 5 white on black Here you will be asked for the name of a file to be scrput 19 5 white on black read. Then you will be asked if you want to save the scrput 20 5 white on black plaintext file. If you do, you will be asked for a scrput 21 5 white on black new filename. scrput 7 5 red on black Enter the name of the file to read. screen 7 52 input %%file if exist %file goto menu1-d-good scrput 15 10 red on black That file is not in the current directory! screen 16 10 pause goto main :menu1-d-good cls pgp -m %file goto main :menu1-g cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 6 3 8 74 2 red on black scrput 18 5 white on black Here you will be asked for the name of a file to be scrput 19 5 white on black signed. If you sign a message, it can be proved that scrput 20 5 white on black it came from you. There is no "Plausible Deniability." scrput 7 5 red on black Enter the name of the file to signed. screen 7 52 input %%file if exist %file goto menu1-g-good scrput 15 10 red on black That file is not in the current directory! screen 16 10 pause goto main :menu1-g-good cls pgp -s %file echo %@name[%file].asc is the name of the signed file. pause goto main :menu1-w cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 6 3 8 74 2 red on black scrput 18 5 white on black Here you will be asked for the name of a file to be scrput 19 5 white on black wiped. Remember, after a file is wiped... scrput 20 5 blink white on black There is no way to retrieve the file! scrput 7 5 red on black Enter the name of the file to wiped. screen 7 52 input %%file if exist %file goto menu1-w-good scrput 15 10 red on black That file is not in the current directory! screen 16 10 pause goto main :menu1-w-good cls pgp -w %file goto main :menu1-n cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 4 29 16 49 2 red on black scrput 1 27 blue on black Mike's PGP shell ver. 0.0. scrput 3 35 blue on black SECOND MENU scrput 5 32 red on black Add a key. scrput 7 32 red on black Extract a key. scrput 09 32 red on black View a key. scrput 11 32 red on black Fingerprint. scrput 13 32 red on black Next menu. scrput 15 32 red on black Quit. scrput 18 5 white on black Select an option by typing the corisponding capitalized letter. scrput 19 5 white on black For example, to add a key to your ring, you would press the A key. inkey /K"AaEeVvFfNnQq" %%in goto menu2-%in :menu2-q goto menu1-q :menu2-a cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 6 3 8 74 2 red on black scrput 18 5 white on black Here you will be asked for the name of a file that scrput 19 5 white on black contains the keys to be added to your public key ring. scrput 7 5 red on black Enter the name of the file to read. screen 7 52 input %%file if exist %file goto menu2-a-good scrput 15 10 red on black That file is not in the current directory! screen 16 10 pause goto main :menu2-a-good cls pgp -ka %file pause goto main :menu2-e cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 6 3 8 74 2 red on black scrput 18 5 white on black Here you will be asked for the key ID to be extracted. scrput 19 5 white on black Then you will be asked for the names of the file to scrput 20 5 white on black put the key in. scrput 7 5 red on black Enter the key ID to extract. screen 7 52 input %%in drawbox 10 3 12 74 2 red on black scrput 11 5 red on black Enter the name of the file that is to hold the key. screen 11 59 input %%file if not exist %file goto menu2-e-good scrput 10 10 red on black That file already exists in the current directory! screen 16 10 pause goto main :menu2-e-good cls pgp -kx %in %file echo %@name[%file].asc contains the key for %in. pause goto main :menu2-v cls pgp -kv pause goto main :menu2-f cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 6 3 8 74 2 red on black scrput 18 5 white on black Here you will be asked for the name of the person who's key fingerprint you scrput 19 5 white on black want to examine. scrput 7 5 red on black Enter the name of the person. screen 7 52 input %%in cls pgp -kvc %in echo Remember to write this information down! pause goto main :menu2-n cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 4 29 16 49 2 red on black scrput 1 27 blue on black Mike's PGP shell ver. 0.0. scrput 3 35 blue on black THIRD MENU scrput 5 32 red on black Generate a key. scrput 7 32 red on black Remove a key. scrput 09 32 red on black Disable a key. scrput 13 32 red on black Next menu. scrput 15 32 red on black Quit. scrput 18 5 white on black Select an option by typing the corisponding capitalized letter. scrput 19 5 white on black For example, to generate a new key, you would press the G key. inkey /K"GgRrDdNnQq" %%in goto menu3-%in :menu3-g cls pgp -kg pause goto main :menu3-r cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 6 3 8 74 2 red on black scrput 18 5 white on black Here you will be asked for the name of the key to be scrput 19 5 white on black removed. scrput 7 5 red on black Enter the name of the key to remove. screen 7 52 input %%in cls pgp -kr %in pause goto main :menu3-q goto menu1-q :menu3-d cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 6 3 8 74 2 red on black scrput 18 5 white on black Here you will be asked for the name of the key to be scrput 19 5 white on black either disabled or re-enabled. scrput 7 5 red on black Enter the name of the key. screen 7 52 input %%in cls pgp -kd %in pause goto main :menu3-n goto main From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: George A. Gleason Date: Sat, 22 May 93 02:35:30 PDT To: zippy@berry.cs.brandeis.edu Subject: Re: Consider "Working Assets" phone service instead of AT&T Message-ID: <199305220934.AA21970@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Yes, Working Assets buys SPRINT in bulk and re-sells it. The thing is though, they're getting it wholesale and selling it to the public at regular prices, so this slices a chunk of Sprint's profits and gives it to WA. Certainly better than giving the whole chunk to Sprint. See the thing is, someone has to run all that fiber all over the continent, and tie into something else which runs out to the rest of the world. In the 70s all of this was being developed, but by now it's pretty much in place and there probably is no economic basis to develop any new routes. So you end up with telephone pyramid scenes where each company is selling someone else's trunks. Now I want to get into local competition, and there is probably room for WA to expand that way. I may go as far as talking to them about setting up some exchanges as a joint venture. Could be interesting. -gg From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mbriceno@aol.com Date: Fri, 21 May 93 23:54:04 PDT To: cypherpunks@toad.com Subject: Re: Forwarded messages from RISKS Message-ID: <9305220255.tn18218@aol.com> MIME-Version: 1.0 Content-Type: text/plain > We cannot trust the authoritarians' assertions that they have no > intention of outlawing cryptographic technologies potentially more > secure than the Clipper chip. Some mightsay that outlawing all unsupervised communication and activities by its citizens is-and always will be-a goal of all governments. Protection from authoritarian eyes is one of the main causes for the ever increasing use of crypto. Government issued crypto can never satisfy the peoples desire to find a means that guarantees secure communications. If the government wants its Clipper scheme to succeed, the government will have to dramatically limit the availability of good crypto. One of the more obious methods to accomplish this is to outlaw non-government approved crypto. -- Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mbriceno@aol.com Date: Fri, 21 May 93 23:54:04 PDT To: cypherpunks@toad.com Subject: Re: The New Mykotronix phones... Message-ID: <9305220255.tn18219@aol.com> MIME-Version: 1.0 Content-Type: text/plain > This is a good, creative response to fascist technology, but I wonder > if I'm the only one on this list who's noticed a parallel between the > government's attitude toward small arms & its attitude approach to > cryptography? I am glad that someone is finally mentioning this. The parallels are quite clear. Both small arms and crypto can give the people protection from criminals, while at the same time decreasing the citizens need for government. If everybody would be armend, we would no longer look at the government as the sole provider of protectios from violent crimes, rape, or muggings. If everyone used crypto, we would no longer have to rely on ineffecive laws that prohibit the reading of someone elses mail or listening to someone elses phone conversations. The laws against both eavesdropping and violent crimes do not seem to deter the perpetrators. Consequently, the helpless citizen demands a steped up surveilance of potential "criminals," while offering less privacy in return. Similarily, an individual facing armed criminals on the street often asks for stronger gun contoll. The government is all too willing to grant this wish, since it knows that the unarmed citizen believes that he is unable to exist without the protection (read: controll) of the government. -- Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sat, 22 May 93 09:29:25 PDT To: cypherpunks@toad.com Subject: WB: alt.whistleblower Message-ID: <9305221625.AA28081@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain This is an open letter to L. Detweiler. You've been hot to trot, eager to go, and ready for action. What you have interpreted as silence from others has in some case been work. As you may recall, we were getting ready to go online two months ago, with Julf's machine as the server. Right after that, the penet controversy started and things were put on the back burner for a time. Let me review some of the arguments about the mechanisms of the alt.whistleblower newsgroup: 1. We want all postings to be anonymous. 2. That every posting be anonymous requires software intervention. 3. The software has to sit on some machine or machines, because it cannot easily be put into every posting client. 4. Someone will own these machines. 5. Whoever owns them must agree with the political goals of the service and be willing to take some heat for it. 6. This excludes most machines. 7. Whatever mechanism the servers use to connect with the net must also be reasonably proof against pressure. 8. The link between the newsgroup posting and the anonymity server was to be the group moderator's address, which in this case maps to a piece of software ratherthan a person. 9. A further desideratum is that multiple machines be able to perform the service, given the constraints of the deployed base of news software, which require (to my knowledge) a single address. 10. In order to have multiple machines be able to map to a single address, you need to involve DNS, Domain Name Service. 11. In order to use DNS, you need a primary server and some secondaries and someone with access to the primary DNS server to do maintenance. Now, I'll tell you what I've been doing. I've put a machine on the Internet in the last two months. Never having been a Unix system-level weenie before, I can say that I've learned a lot the details of batty software. This machine, because of the details of its connectivity, is not suitable as a worldwide server, but it would be suitable as a server for alt.whistleblower.ba, a Bay Area distribution version of the same. I've also gotten up to speed on DNS, and in fact, am running name service on said machine. (For all of you who want to know what this machine is, I'm not telling. There are still too many half configured things, like sendmail. I hate sendmail.) I would recommend that if you are interested in newsgroup creation that you read RFC 1036, which is the format for Usenet news messages. (RFC's are available from nic.ddn.mil via anon-ftp.) That plus knowing that anybody can create an alt group, and you'll be set. I hope you have your server system set up correctly before you proceed. The internet world has been without a whistleblower's newsgroup for many years; a delay of a few months will not matter much. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Sandy <72114.1712@CompuServe.COM> Date: Sat, 22 May 93 10:42:43 PDT To: Subject: PHONECARDS Message-ID: <930522173652_72114.1712_FHF73-2@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain _________________________________________________________________ SANDY SANDFORT ssandfort@attmail.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Eric wrote about phonecards: ". . . I *can't* get an account with them because I don't have a phone line to tie it to. There is a phone where I stay, but it's not mine. So, I'm stuck with US Splint." Au contraire, several companies offer anonymous phonecards. See my upcoming "Norman French" article in MONDO 2000, issue #10. S a n d y (arbitration volunteer) >>>>>>>> Please address e-mail to: ssandfort@attmail.com <<<<<<<< _________________________________________________________________ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uni@acs.bu.edu (Shaen Bernhardt) Date: Sat, 22 May 93 11:03:22 PDT To: ld231782@longs.lance.colostate.edu Subject: Re: a valuable spy... Message-ID: <9305221802.AA17648@acs2.bu.edu> MIME-Version: 1.0 Content-Type: text/plain Ego + Espionage = Death From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: esr@snark.thyrsus.com (Eric S. Raymond) Date: Sun, 23 May 93 19:06:45 PDT To: cypherpunks@snark.thyrsus.com Subject: draft FAQ Message-ID: MIME-Version: 1.0 Content-Type: text Here's the first draft of the FAQ. You'll see that it's basically a frame, an outline, and an intro. If you can fill in one of the sections, please do so and mail it to me. --- DRAFT VERSION ---- DRAFT VERSION ---- DRAFT VERSION ---- DRAFT VERSION --- This is the Cypherpunks FAQ. It explains the projects and purposes of the Cypherpunks mailing list. It is also intended to serve as a general introduction to privacy and encryption issues. For details on the technical and theoretical aspects of computer cryptography, see the sci.crypt FAQ, available for FTP from rtfm.mit.edu (18.172.1.27) in the directory pub/usenet-by-group/sci.crypt. The cypherpunks archive is available for FTP at soda.berkeley.edu:pub/cypherpunks This site contains code, information, rants, and other miscellany, including the most up-to-date version of this FAQ. This FAQ is maintained by Eric S. Raymond ; send additions and corrections to that address. Sections contributed by others are credited to individual authors. We gratefully acknowledge, in addition, feedback and comments from David Mandl and Eric Hughes . 1. Why cypherpunks? Because privacy is essential to freedom. If the government (or any other oppressor that behaves like one) can effectively monitor communications, it can control or suppress them. And it will do so, because the natural tendency of controllers is always to seek more control. The government cannot be relied on to protect your privacy rights. Nor can anyone else --- certainly not your employer, or the corporations that want to know all about you so they can sell you things. Given half the chance, governments and corporations will always push for security standards that protect *them*, but not *you*. Computer technology can help protect you against would-be snoopers, but only if somebody is sufficiently smart and dedicated to build the tools. The Cypherpunks list exists to build and propagate privacy software. Our aim is to give you the tools to communicate with other people and computers in ways snoopers cannot tap. 2. What are the essentials of privacy software? a. Public-key cryptosystems for secure communication. b. Unforgeable electronic signatures for message authentication. c. DC-net or similar protocols to thwart spoofing. 3. What are the potential applications of good privacy software? a. Secure communications. b. Digital cash. c. Electronic voting. d. Electronic contracts. e. Secure anonymous remailers and posters. f. 4. What are the key algorithms, tools, and implementations for privacy software? a. RSA b. DES c. Clipper/Capstone/DSS d. PGP e. Possible non-RSA trapdoor functions. 5. What are the social and political implications of good privacy software? a. Drastically lower transaction costs for trade. b. Expansion of the counter-economy. c. Disempowerment of government. d. Anonymity for whistleblowers. 6. What are the legal, political, and technical obstacles? a. The Clipper/Capstone/DSS power grab. b. The RSA patent and the PGP/RSA fight. c. RSA's base problem may not be NP-complete. 7. What can I do to help? a. Work on cryptographic software. b. Agitate against the Clipper/Capstone/DES standard. c. Promote the use of encrypted communication, help spread PGP and other appropriate tools far and wide (both to help get a better foothold to thwart the Clipper monopoly and its ilk, and to work towards making crypto as commonplace as envelopes). To join the cypherpunks mailing list, send a request to: cypherpunks@toad.com Working with us could be your best shot at stopping Big Brother. So if you have skills to contribute, act now. The freedom you save could be your own. --- DRAFT VERSION ---- DRAFT VERSION ---- DRAFT VERSION ---- DRAFT VERSION --- -- >>eric>> From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Patrick Tufts Date: Sat, 22 May 93 11:56:36 PDT Subject: a valuable spy... Message-ID: <9305221858.AA17048@berry.cs.brandeis.edu> MIME-Version: 1.0 Content-Type: text/plain From the cypherpunks mailing list, I got the following short message: From: uni@acs.bu.edu (Shaen Bernhardt) Date: Sat, 22 May 93 14:02:51 -0400 Ego + Espionage = Death Taking other well-known identities: Silence = Death Energy = Mass x Speed-o-Light^2 and the assumption that the energy of one's ego cannot exceed one's maximum potential energy (which has great explanatory powers re. the Limbaugh Effect). I get: Silence = Ego + Espionage <= MC^2 + Espionage solving for Espionage, Espionage >= Silence - MC^2 which raises some interesting points: 1. Espionage can be measured in existing SI units, thus 2. Espionage is a creation of the French Item 2 is supported by the following etymology espionage (es pi o nage; es p n azh , - nij, es p n azh ) n. 1 n. the practice of spying on others. 2 n. the systematic use of spies by a government to discover the military and political secrets of other nations. Etymology: F espionnage, MF espionage, equiv. to espionn(^B er)(to) spy(deriv. of espion spy It spione Gmc; akin to G sp ahen to look out) - age - AGE Further anecdotal support - the French use an unbreakable code in most of their communications. A clear affront in the face of the government's Clipper Chip proposal that all encrypted messages must be based on a key escrow system. Of course, the French could go far to mollifying U.S. intelligence interests by supplying either their Platinum-Irridium Espionage standard, or adopting a U.S. approved cipher system. For the latter, I think the US would be happy to approve "rot13" for export. --Pat "McElwaine, without the caps" From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mlshew@dixie.com (Mark Shewmaker) Date: Sun, 23 May 93 04:35:23 PDT To: extropians@gnu.ai.mit.edu Subject: Meeting: Suggest Meeting at Comdex Wednesday Afternoon Message-ID: MIME-Version: 1.0 Content-Type: text/plain A number of people on cypherpunks and extropians will be in Atlanta at Comdex next week, so we have an opportunity to get together. One great location would be in the Omni food court (Now the CNN Center), which is right by the World Congress Center where Comdex will be held. There are a lot of fast food places and a very large commons dining area. I'd suggest meeting, say, at 1:00 Wednesday afternoon or so, not for any formal meeting, but just to get together for a while at lunch to talk, trade keys, and so forth. (You'll have probably been there before Wednesday, as it's a convenient place to go for lunch at the convention. If you don't know which building it is by Wednesday, ask anyone anywhere around you to point you towards "The Omni" or "CNN Center" or "where CNN is", go in the building, and you can't miss the food court.) Don't forget to bring copies of your public keys, or some pieces of paper or business cards with your PGP fingerprint hash written on them. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Sat, 22 May 93 10:59:56 PDT To: Eric Hughes Subject: Re: WB: alt.whistleblower In-Reply-To: <9305221625.AA28081@soda.berkeley.edu> Message-ID: <9305222044.aa04112@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > 1. We want all postings to be anonymous. > 2. That every posting be anonymous requires software intervention. > 3. The software has to sit on some machine or machines, because it > cannot easily be put into every posting client. > 4. Someone will own these machines. > 5. Whoever owns them must agree with the political goals of the service > and be willing to take some heat for it. > 6. This excludes most machines. > 7. Whatever mechanism the servers use to connect with the net must > also be reasonably proof against pressure. > 8. The link between the newsgroup posting and the anonymity server > was to be the group moderator's address, which in this case maps > to a piece of software ratherthan a person. Well, Telecom Finland has now informed me that the final final final final delivery date for my international connection is May 26... Let's keep our fingers (and toes) crossed... Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ""L. Detweiler"" Date: Sat, 22 May 93 21:59:58 PDT To: cypherpunks@toad.com Subject: fwee! are we having fun yet? In-Reply-To: <9305221625.AA28081@soda.berkeley.edu> Message-ID: <9305230459.AA25350@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain This is an open letter to E. Hughes. Let me review my arguments for starting the group immediately. 1. Anonymous postings are highly controversial and will remain so for a long time. Complete respectability is probably unattainable. We should start the group and let users judge for themselves the safety of posting their material. 2. No new software is required under this scheme. 3. No new machines are required. 4. No sponsors for machines need to be sought out. In fact, under this scheme we tap into an existing vast network supplying both software and machines called `Usenet'. I think there're some RFC's on it somewhere. 5. No one other than the poster takes heat. The poster should not post if they are concerned about the risk. 6. This scheme doesn't exclude posting currently, whereas absence of anonymous servers does. 7. People already have a method of connecting to the net and posting. Reinventing the wheel is great but it will take a painful amount of time. It's been tens of thousands of years since the wheel was invented, why start from the beginning? 8. We should be extremely careful about people relying on the moderator address to forward mail. My understanding is that not all posting systems automatically do so. It seems this could easily break or be unreliable (egad!). The user should explicitly assure himself anonymity by sending to the anonymous server, not relying on this implicit approach. 9. Multiple machines for anonymity take longer to set up. We haven't even got one for Usenet posting right now (?). 10. DNS (Domain Name Service) is a great idea when n>1 machines are available. Currently n=0. 11. DNS complicates the picture, more room for error, and takes more time to pull off correctly. Does anybody have a clear idea that it would work, and if so how to implement it? Under your daunting list of prerequisites and requirements, I think we will be lucky to get something running before the next century. They are all *fine* and *genuine* as possibilities and opportunities, but they are *unnecessary* and *unbearable* as prerequisites and requirements. >The internet world has been without a whistleblower's newsgroup for >many years; a delay of a few months will not matter much. The internet sees new groups all the time, and alt groups get created at the slightest provocation and whim, and it would be ridiculous to delay the introduction of something this critical and useful, when far less useful and far more frivolous groups litter the cyberspace like bales of discarded data packets, ankle-deep. Look, apparently you haven't got any heat on the Mycotronx postings, but wouldn't you feel a hell of a lot more comfortable if they *weren't* funneled through your single machine? Ask Steve Jackson what paranoid and degenerate agents can accomplish when they have an easily-identified, portable target and some vague suspicions! The 911 document has all the criminality of a wedding announcement compared to the Mycotronx stuff! Don't these postings demonstrate there is an *immediate* need? Here's the deal. Despite how it may appear, I am not (consciously!) demeaning or downplaying anyone's efforts in this group and idea. I think it is great that a lot of people have a lot of ideas and are looking at the big picture and long run, making commitments. I am too! But I think we absolutely *must* start immediately. We are not going to get anywhere if someone says ``oh, *I'm* the one that's working on that---don't worry about it, just you wait, something real neat-o is going to come along any day now, wink wink.'' Haven't we been through all this before? I have nothing to do nor do a lot of others until *something* is in place! I think major improvements in software only come in the heat of use, not in the languid comfort of theory and planning. We can be exploring the weakness and the uses of the system *immediately*. We don't have to have controversial postings to the group, starting out. Currently, though, I just think there is just no momentum without a group. Which comes first, the anonymous servers or the group? Obviously, the *group*! Here's my idea. For *now*, lets just use alt.whistleblower as a *clearinghouse* of material that was *already posted* elsewhere on the net. That is, nobody takes any personal risk. They just keep their eyes out for stuff that appears in other places that fits into the `whistleblowing' category and forwards it to that group. If there is any heat they just point to the original posting and say `I did nothing but forward it, don't talk to me about it.' (By the way, the Mycotronx posting is awesome whistleblower stuff, the kind that legends are made of, but I think it still might be a bit risky to post that to a Usenet group yet, even an `alt', even anonymously). Also, we can just forward interesting stuff from newspapers and magazines. No risk there. If anybody thinks they have a solid way to remain anonymous (we're talking about cypherpunks here, I'm sure they'll find a way) they can post *now* using old-fashioned methods. I really like the idea of a big unveiling of some great new shining, sparkling, shrink-wrapped Personal All-Purpose Guaranteed Anonymous Home Whistleblower Kit (tm) by Cypherpunks, Inc. accompanied by a blaring and pretentious Official Whistleblower Press Release. But (leaving aside the sheer hilarious implausibility of that *ever* happening) that would give all our evil enemies a lot of ammunition to claim that we're `violating the status quo'. There're some things that should be loudly unveiled to the witless masses, and some things that should just be silently uncovered by sharp individuals! This is in the latter category! What more can I say? Isn't the immediate need transparently clear? Does *anyone* read what I write? Am I nothing but a babbling, deranged lunatic? Just *watch* how fast I get a FAQ there, if it *ever* starts... There are now several hundred quasi-official cypherpunks, and I think a lot of them are agitated and itching for something to do! Not to mention the vast hordes out on Usenet who will be attracted to something extraordinary. Let's get the group going and turn everybody loose to have some fun! This is something that *everyone* can contribute to directly *now*, once the group is started! Let it be a funnel for our ingenuity! But we have nothing but a bunch of impatient, dissipated, wasted energy otherwise. What a shameful tragedy. I can't be a part of it. Someday, everything we're rattling about will be refined to the point of excruciating blandness and `dulldom', and we will be telling our grandkids about the heavy burdens we had to suffer to get there (back in the ol' days we had to get anonymity *by hand!* and even then people hated it and called 'em `forgeries'!). At our current impoverished rate, though, our grandkids will consider us nothing but mad eccentrics overflowing with bizarre and impractical ideas that never saw the light of day, with a few strange insights tragically ahead of time, sluggishly mired in the bogs of politics and personalities. Cypherpunks? No, more like the hapless Babbage Ciphers, stuck endlessly in the minors. ``Yeah, just wait 'til next year, we'll really show 'em then.'' From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Sat, 22 May 93 22:44:36 PDT To: ld231782@longs.lance.colostate.edu (L. Detweiler) Subject: Re: fwee! are we having fun yet? In-Reply-To: <9305230459.AA25350@longs.lance.colostate.edu> Message-ID: <9305230544.AA06451@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain > This is an open letter to E. Hughes. > > Let me review my arguments for starting the group immediately. > > 5. No one other than the poster takes heat. The poster should not post > if they are concerned about the risk. I'm curious as to what good this will be then. > Look, apparently you haven't got any heat on the Mycotronx postings, > but wouldn't you feel a hell of a lot more comfortable if they > *weren't* funneled through your single machine? Ask Steve Jackson what > paranoid and degenerate agents can accomplish when they have an > easily-identified, portable target and some vague suspicions! The 911 > document has all the criminality of a wedding announcement compared to > the Mycotronx stuff! Don't these postings demonstrate there is an *immediate* need? The distributed nature of a usenet group would be nice.... > have controversial postings to the group, starting out. Currently, > though, I just think there is just no momentum without a group. Which > comes first, the anonymous servers or the group? Obviously, the *group*! Without controversial postings, no one will read the group. What is the point, then? > Here's my idea. For *now*, lets just use alt.whistleblower as a > *clearinghouse* of material that was *already posted* elsewhere on the > net. That is, nobody takes any personal risk. They just keep their eyes > out for stuff that appears in other places that fits into the > `whistleblowing' category and forwards it to that group. If there is > any heat they just point to the original posting and say `I did nothing > but forward it, don't talk to me about it.' (By the way, the Mycotronx > posting is awesome whistleblower stuff, the kind that legends are made > of, but I think it still might be a bit risky to post that to a Usenet > group yet, even an `alt', even anonymously). Also, we can just forward > interesting stuff from newspapers and magazines. No risk there. If > anybody thinks they have a solid way to remain anonymous (we're talking > about cypherpunks here, I'm sure they'll find a way) they can post > *now* using old-fashioned methods. Some time ago, I joined the bandwagon in opposing this "hasty" decision to form the WB group. But, I like this idea. My reason for opposing it the first time was that people's lives/jobs could be at stake. This might be a germination point for the full-blown WB group, but without the risks to it's contributers. I like this idea. > > What more can I say? Isn't the immediate need transparently clear? > Does *anyone* read what I write? Am I nothing but a babbling, deranged > lunatic? Just *watch* how fast I get a FAQ there, if it *ever* starts... I'm reading it. And (for once?) I agree on this subject. > There are now several hundred quasi-official cypherpunks, and I think a > lot of them are agitated and itching for something to do! Not to I know the feeling..... ;^) +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Sat, 22 May 93 23:02:56 PDT To: cypherpunks@toad.com Subject: Dolphin Encrypt. Message-ID: <9305230602.AA06626@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain Hi all. I just received my demo version of Dolphin Encrypt which was shamelessly advertised on this list. ;^) I haven't had much time to play with it yet, but I thought I'd post my initial reactions. BTW, I don't think I've ever received anything in such a timely manner. Good job guys. The disk came with several pages of documentation, and advertising. The docs indicate that "the encryption process relies partly on the RSA Data Security, Inc., MD5 Message Digest Algorithm." I wonder what they mean by "partly." Interestingly, a decrypt-only version is available. Apparently, a C/C++ library of functions is available for $128 with commercial licensing offered. The documentation indicates that the encryption key can be from 10 to 60 characters in length, with case NOT SIGNIFICANT. I ran the demo but didn't have time, at the moment, to really get into it, yet. The demo indicated that the package supports a script language, which seemed to be very powerfull. In fact, part of the demo was writen with the scripting language. I think this is a novel idea. The demo seemed fairly intuitive and presented all (maybe too much?) of the needed information and status indicators. This is the extent of my comments after a VERY superficial examination of the software. I will take a better look at it later this week. If there is any interest, I will write a more in depth review. ...just my $.02 worth. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jordan@imsi.com (Jordan Hayes) Date: Sun, 23 May 93 10:16:00 PDT To: cypherpunks@toad.com Subject: Re: The New Mykotronix phones... Message-ID: <9305231707.AA12544@IMSI.COM> MIME-Version: 1.0 Content-Type: text/plain From mbriceno@aol.com Sat May 22 03:56:25 1993 If everybody would be armend, we would no longer look at the government as the sole provider of protectios from violent crimes, rape, or muggings. I'm sure lots of people could give examples of areas where "everyone" *is* armed, and while they certainly don't rely on "the government" (i.e., local police forces) for protection, most would agree the situation is not desirable ... /jordan From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Sunah Cherwin Date: Sun, 23 May 93 15:31:49 PDT To: cypherpunks@toad.com Subject: privacy graphics archive Message-ID: <9305232232.AA15865@netcom2.netcom.com> MIME-Version: 1.0 Content-Type: text/plain I would like to assemble an archive (electronic *and* paper) of graphics relating to privacy and encryption. These could be made available for republication in books and magazines, so any items not already in the public domain ought to be accompanied by source citations so that permissions may be obtained. I'd be interested in graphs, diagrams, flowcharts, cartoons, line drawings, photos, and any other graphical content you can think of. More specifically, graphs (e. g. comparing the difficulty of breaking various encryption methods, encryption time as a function of RSA key length, etc.), diagrams (such as Hal Finney's excellent flowcharts in Extropy #10), cartoons (e. g. political cartoons about various government attempts to control/stifle encryption), and photos (of commercial software product packaging, photos of secure phone systems such as marketing depts would produce, photos of famous cypherpunks, cryptographers, and crypto programmers) Items on paper as well as items in electronic format will both be welcomed. Send the former to 1800 Market St, #243, San Francisco CA 94102. Send the latter to slippery@netcom.com in uuencode or BinHex4 format. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: bcox@gmu.edu (Brad Cox) Date: Sun, 23 May 93 13:50:58 PDT To: jordan@imsi.com (Jordan Hayes) Subject: Police protection Message-ID: <9305232050.AA29804@gmuvax2.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain >I'm sure lots of people could give examples of areas where "everyone" >*is* armed, and while they certainly don't rely on "the government" >(i.e., local police forces) for protection, most would agree the >situation is not desirable ... Yep. Switzerland for sure (every draft age citizen keeps an assault rifle and ammo). Similarly for most US rural states; Oregon, South Carolina, Texas and Arizona come to mind. So do shooting ranges and guns shows most anywhere. I've never felt safer than in such places, and most would say most such places are desirable, compared to say Washington DC or New York where guns have been outlawed for ages. Except for of course, those in the hands of the state and the criminals. Why in the world would you say otherwise? -- Brad Cox; bcox@gmu.edu; 703 968 8229 Voice 703 968 8798 Fax George Mason Program on Social and Organizational Learning From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Mr. Paul Danckaert (ACS)" Date: Sun, 23 May 93 14:12:14 PDT To: cypherpunks@toad.com Subject: Unix Security Message-ID: <199305232111.AA15613@umbc7.umbc.edu> MIME-Version: 1.0 Content-Type: text/plain Hey all.. I'm writing a program to see just how secure some of this unix password security is, and I would like to know more about how the final result in the passwd file is encrypted.. where could I get such information? Thanks.. (We are going kerberos here so that should help matters some atleast.. :) Paul --- Paul Danckaert - pauld@umbc.edu --------------------------------------- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: smb@research.att.com Date: Sun, 23 May 93 14:56:18 PDT To: bcox@gmu.edu (Brad Cox) Subject: Re: Police protection Message-ID: <9305232156.AA04712@toad.com> MIME-Version: 1.0 Content-Type: text/plain I've never felt safer than in such places, and most would say most such places are desirable, compared to say Washington DC or New York where guns have been outlawed for ages. Except for of course, those in the hands of the state and the criminals. Why in the world would you say otherwise? -- I think because he's thinking of places like Beirut, Somalia, Bosnia, and so on. You know -- places without any effective central government. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jet@nas.nasa.gov (J. Eric Townsend) Date: Sun, 23 May 93 18:35:17 PDT To: bcox@gmu.edu (Brad Cox) Subject: Police protection In-Reply-To: <9305232050.AA29804@gmuvax2.gmu.edu> Message-ID: <9305240134.AA23462@boxer.nas.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain Brad Cox writes: > and ammo). Similarly for most US rural states; Oregon, South Carolina, > Texas and Arizona come to mind. So do shooting ranges and guns shows most Just so you know, gun control laws in Texas are about as strict as those in Calif. On the other hand, Louisiana has an "open-carry" law (with exceptions for banks, bars, and a few other places). I'm not sure if I felt safer in Louisiana or California. I know that we were a bit more polite in Louisiana, but then again, it was a more rural state where *everybody* was poor, not just members of a couple of ethnic groups. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: bbyer@BIX.com Date: Sun, 23 May 93 21:11:53 PDT To: cypherpunks@toad.com Subject: Re: cypto + compression Message-ID: <9305232037.memo.36584@BIX.com> MIME-Version: 1.0 Content-Type: text/plain In-Reply-To: <199305212303.AA21876@joes.GARAGE.COM> > In fact there are not. You can test this out; use PGP to encrypt any > file you please, and then use any compression software you like to > compress it. You will get no significant compression. I don't know if there will be any new redundancies or not, but PGP compresses it's output so you would naturally get no further compression. Ben Byer From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mbriceno@aol.com Date: Sun, 23 May 93 19:18:38 PDT To: cypherpunks@toad.com Subject: Re: Police protection Message-ID: <9305232219.tn33171@aol.com> MIME-Version: 1.0 Content-Type: text/plain > I've never felt safer than in such places [where lawabiding citezens are armed], and most would say > most such places are desirable, compared to say Washington DC > or New York where guns have been outlawed for ages. Except for > of course, those in the hands of the state and the criminals. > > Why in the world would you say otherwise? -- > > I think because he's thinking of places like Beirut, Somalia, Bosnia, > and so on. You know -- places without any effective central > government. Perhaps my post needed some clarification: I do not believe that a lawfull governmental police force becomes unneccessary once we hand every citizen a gun. Just as the police can not grant an unarmed public's security, an armed populace alone is no guarantee for safe streets. Only the combination of a well prepared public working together with a responsible government can make our lifes truely safe from infringementes by anti-social individuals. I beleive that if people were allowed to used crypto in all communication and carry a gun at all times, crime-be it street crime or white collar- would be reduced to levels far below the present rate. --Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Watt Forste Date: Sun, 23 May 93 22:58:48 PDT To: bbyer@BIX.COM Subject: Re: cypto + compression In-Reply-To: <9305232037.memo.36584@BIX.com> Message-ID: <199305240602.AA17283@joes.GARAGE.COM> MIME-Version: 1.0 Content-Type: text/plain Ben Byer wrote: I don't know if there will be any new redundancies or not, but PGP compresses it's output so you would naturally get no further compression. Dhoh! I should have specified that PGP's built-in compression be turned off. Even without precompressing, encryption destroys almost all the redundancy that compression can take advantage of. Eric Watt Forste arkuat@joes.garage.com 1800 Market St #243 San Francisco CA 94102 "Expectation foils perception." -- Pamela C. Dean From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: stig@netcom.com (Stig) Date: Mon, 24 May 93 01:44:03 PDT To: prz@sage.cgd.ucar.edu Subject: PGP: Environment protection for UNIX Message-ID: <9305240844.AA22961@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Phil & Cypherpunks: Here's a little program that demostrates a fairly simple way to immprove pgp security on multi-user systems.... main (int argn, char **argv, char **envv) { for ( ; *envv ; ++envv) { if (!strncmp(*envv,"PGP",3)) { char *c=*envv; while (*c) *c++=' '; } /* end of if */ } /* end of for */ system("printenv"); sleep(10); } It deletes from it's own environment any environment variable that begins with the string "PGP". It ain't bullet-proof but just by grepping the environment of netcom, I've identified several PGP users: yonder nickt centaur henderso This hack would prevent that... 'Course for UNIX, PGPPATH should default to $HOME/.pgp anyway. Not doin' the work I oughta be doing, Stig... /* Jonathan Stigelman, Stig@netcom.com, PGP public key on request */ /* fingerprint = 32 DF B9 19 AE 28 D1 7A A3 9D 0B 1A 33 13 4D 7F */ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: meyer Date: Mon, 24 May 93 05:42:30 PDT To: cypherpunks@toad.com Subject: FAQ Message-ID: <9305240651.AA16024@wixer> MIME-Version: 1.0 Content-Type: text/plain Damned line noise zapped this last time just as I was about to send it. I don't think it went (uustat apparently knew nothing of it), so here it is again: From Eric Raymond's draft FAQ: >The Cypherpunks list exists to build and propagate privacy software. Our >aim is to give you the tools to communicate with other people and computers >in ways snoopers cannot tap. > >2. What are the essentials of privacy software? > a. Public-key cryptosystems for secure communication. > b. Unforgeable electronic signatures for message authentication. > c. DC-net or similar protocols to thwart spoofing. Privacy extends to more than just invulnerability to eavesdropping upon one's communications. One may have private records which are viewed only by oneself, and never communicated. A cryptosystem suitable for encryption of such non-communicated information need not be a public-key cryptosystem. Thus: 2 d. Cryptosystems for protecting privately-held information against unauthorized access. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Mon, 24 May 93 08:28:42 PDT To: cypherpunks@toad.com Subject: Another license server begs for cryptanalysis Message-ID: <9305241528.AA04488@toad.com> MIME-Version: 1.0 Content-Type: text/plain I love these servers where "a short encrypted string" can enable access to all sorts of things... ---------------------------------------------------------------------------- The Florida SunFlash Third Party Announcements SunFLASH Vol 53 #30 May 1993 ---------------------------------------------------------------------------- Subject: Viman Software Ships LicenseServ 3.0 - License Manager Newsgroups: comp.newprod Contact: Vikram Duvvoori Organization: Viman Software, Santa Cruz, California Phone: (800) 827-4590 (USA, Canada, Mexico); Ph: (408) 459-0678 FAX: (408) 458-2862 email: info@viman.com Viman Software Ships LicenseServ 3.0 on all major workstations. Santa Cruz, CA., Th. April 29, 1993 - Viman Software today announced the release of its next generation of network license manager, LicenseServ 3.0, for all major workstation platforms (including Sun, HP, NeXT, IBM RS/6000, DEC, SGI, Apollo and IBM PCs). LicenseServ is a licensing software package that allows software developers to support a wide range of licensing options including usage based licensing and full-featured evaluation copies. Existing customers who have been shipping their products with LicenseServ for over a year now have been extremely satisfied with their experience. Some complex applications were licensed by earlier customers within a few minutes and were shipping globally within one week. With a comprehensive set of features at an affordable price, LicenseServ brings sophisticated licensing within the reach of even small software developers. LicenseServ is available on more than twenty Unix platforms. Integration is straightforward as it only involves adding a few (3 in many cases) function calls to the application code. The licensing is transparent to end-users and the tools which come with LicenseServ make license management simple for system administrators at the end-user sites. This release introduces several new licensing features along with function-level compliance with the LS API 1.0 - a recent standard in license management. Software vendors license their applications by linking them to the LicenseServ libraries. The vendors then have a rich set of choices. A small sample of the range of licensing options includes: - Personal/Group Licenses (restricting usage to a set of users/machines) - Component Licenses (licensing different modules within an application) - Shared licenses (several users/machines sharing a single license) - Site licenses (usage restricted to a particular site) - Version control (licensing different versions of the same software) The licenses can be customized for each of the copies shipped. The software can be restricted to a limited number of concurrent copies running on the network, or node-locked to a particular set of machines. The vendor can easily create full-featured demo copies of applications that can be sent with a "time-bomb" which would prevent them from running beyond a certain date. Extensions of this date, or upgrading the demo to a full release, could then be done by simply sending a short encrypted string over the phone or facsimile. The basic version, LicenseServ Standard, lists at $2000 for the first platform and $1000 for each additional platform. The advanced version, LicenseServ Extended, lists at $ 5000 for the first platform and $ 2000 for each additional platform. All prices include 1 year of free technical support, upgrades and a 30 day money back guarantee. Viman Software is headquartered at 1320 Mission Street, Suite 5, Santa Cruz, CA 95060, USA. For more information please send email to info@viman.com or call toll-free (800) 827-4590 (408-459-0678 outside North America) or send a fax to (408) 458-2862 ---------------- LicenseServ, LS API 1.0, Sun, HP, NeXT, IBM RS/6000, DEC, SGI, Apollo and IBM are trademarks of their respective owners. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Benjamin.Britton@UC.Edu Date: Mon, 24 May 1993 08:29:51 -0400 (EDT) To: geoffw@nexsys.net Subject: on privacy in digital communications Message-ID: MIME-Version: 1.0 Content-Type: text/plain _______________________________________________________________________________ On Privacy in Digital Communications Taxpayers, legislators, social and governmental leaders do not yet realize that use of the "Clipper Chips" would make their most intimate, most highly private and proprietary information completely accessible through online information links to organized crime, foreign governments and the American national intelligence community. Anyone who has grown up wondering why they did not prosecute the assassination of President Kennedy has reason to fear the "Clipper Chip" technology. There is no need for absolute intrusability into the private lives or public records of American citizens. On the contrary, responsible governmental efforts should seek to rebuild such privacy by outlawing databases based on Social Security numbers and by codifying legal remedies against businesses which have illegally compromised public or private information. We should move, not away from citizens' rights in the new age of computing; rather we should use a blend of American democracy and high technology to make sure we retain the rights guaranteed to us by the American Constitution. It should be made illegal to encode a database of personnel information based on the Social Security numbers of the individuals. Such databases are inherently inaccurate and encourage covert searches for private information. Alphabetic listings of individuals names can be encoded with a unique key by an institution holding a database of personal information, for purposes of information retrieval. This key should be enciphered on a timely basis, such as during annual board meetings, by individuals in positions of legal responsibility in the organization. If the key is leaked by the organization, legal suit should be able to be brought to determine how the leak occurred, to punish the offenders if appropriate, and to establish a new key to the database with participation from the prosecuting judge and the defendant. Database encoding with this new key should then be legally required and enforced, and periodic encipherment of the code by the database holders should continu! e as before. A new function of law enforcement will need to develop; police, rather than being some of the greatest abusers of private information held in data networks, will have to become the enforcers of privacy and data security. If the police don't want to do this job, or if they feel they cannot, they should be fired and new police willing and able to guarantee the rights of citizens should be hired. Data security in cyberspace is a real concern, not only for the federal government, but also for local governments, businesses and individuals. The police will enforce the laws only if the laws are established, and they can serve as guardians of private data and personal information if such responsibilities are levied upon them. Data security, personal privacy, and the gross abuses of digital databases in the hands of white collar criminals are issues which lie at the heart of America's present malaise. If the government of the United States is not morally capable of taking on the challenge of instituting privacy in digital communications, we may look forward to years of gross criminality and abuses of human rights which will make the S&L scandals of the 1980's pale by comparison. But no government intent on enslaving the citizens who continuingly create it can stand. If our representatives in the Federal government cannot squirm free of the grips of organized crime, we may look forward to a distant national revolution. But no country, intent on guaranteeing the rights of its citizens, run by leaders with moral authority and free will, would seek consciously to hand the people over as slave/cattle to the organizers of international criminal cartels. The "Clipper Chip" technology as outlined in ! national press releases would guar antee and constitute such a wholesale handover of Americans. It would codify, promulgate and direct the destruction of privacy rights for all individuals by guaranteeing the availability of all information to anyone wealthy and corrupt enough to buy it. The alternative course is for our government to turn around completely, to build ways of defending the privacy of the individual against unnecessary search and seizure. The term privacy and its root word private will take on new meanings in the coming years. For example, records containing the votes you have cast in public elections during your life may be considered private, although the public institution of government is your only guarantor of that privacy. Goverment acts (supposedly) as conscious guarantor of the privacy and security of your participation in public affairs. They could certainly make the same efforts to secure your tax information, your demographic information, your legal records, your personal information derived during security background checks by intelligence agencies; but they do not. They encode all this with your social security number guaranteeing its accessibility to international criminal cartels operating outside the control of our government. The term "privatization" has come into vogue through its promotion by the international monetary fund during the 1980's (and continuing today); it has meant the han! ding over of publicly guaranteed e nforcement of citizens' rights to private individuals not accountable through democratic processes. Such handovers are a public concern, because they threaten the structure of legal enforcement which is the original reason for a democracy. Privatization conflicts with privacy, because it is through the self-interest of private citizens involved in participation in legal processes of government, such as through election to public office or participation in jury duties, that make a democracy work for the welfare of its individual citizens. When control is taken out of the hands of the public and handed over in the form of privatization, no citizen, except he or she who controls the private company, may defend their legal rights successfully and without preemption by default. The government exists to enable citizens' participation; such participation must be an inherent part of securing personal privacy in digital communications. I suggest that computing necessitates a reaction from government, and that reaction should properly be to defend the rights of citizens, including the right to privacy. A change in direction is called for; our government should support individuality. Public participation is essential to establish that no one has the right to our privacy. One may envision a 21st century public ceremony of encoding the National Database: A one-year-old child taps on a keyboard, and nationwide in realtime others do alike. This would be no guarantee of privacy, but far better than a quarantee of no privacy. Benjamin J. Britton May 24, 1993 Assistant Professor Electronic Art, Fine Arts University of Cincinnati Benjamin.Britton@uc.edu ________________________________________________________________________________ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: geoffw@nexsys.net (Geoff White) Date: Mon, 24 May 93 09:03:47 PDT To: cypherpunks@toad.com Subject: on privacy in digital communications Message-ID: <9305241546.AA02235@nexsys.nexsys.net> MIME-Version: 1.0 Content-Type: text/plain Here is a post from a friend of mine who has been following the Clipper debacle. He told me to post it to whatever groups would be interested. ----- Begin Included Message ----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peb@PROCASE.COM Date: Mon, 24 May 93 10:33:14 PDT To: strong+@cmu.edu Subject: Re: cypto + compression Message-ID: <9305241730.AA13070@banff.procase.com> MIME-Version: 1.0 Content-Type: text/plain >if you're just using compress and you make that known Yes, this is worth pointing out; the main idea is to keep the opponent from knowing the format. Increasing the entropy via compressions is good in its own right since it makes the encoding more complex and provides more stumbling blocks. Cypher chaining seems to be even better for confounding opponents, but I'll let someone else commment on that. Paul E. Baclace peb@procase.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Mon, 24 May 93 10:49:41 PDT To: geoffw@nexsys.net Subject: Re: on privacy in digital communications Message-ID: <9305241749.AA05999@servo> MIME-Version: 1.0 Content-Type: text/plain >From UC.Edu!Benjamin.Britton@cdp.igc.org Mon May 24 06:12:53 1993 > Anyone >who has grown up wondering why they did not prosecute the assassination >of President Kennedy has reason to fear the "Clipper Chip" technology. Because the only credible suspect was killed two days later, and there is no provision for posthumous trials in the US? This reminds me of that great exchange in the movie "Sneakers" between Dan Ackroyd and Sidney Poitier. From memory: Ackroyd: "You know, the NSA shot Kennedy". Poitier: "What? Now you're telling me that the NSA was responsible for the JFK assassination??" Ackroyd: "No, they only shot him. He's still alive..." I think it would help enormously if we Cypherpunks stayed focused on our core issue: the use of strong cryptography to protect personal privacy against all potential intruders, private or government. It will not help us to gain mainstream acceptance to blur our image with fringe conspiracy theorists, gun nuts, survivalists and the like. Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Mon, 24 May 93 11:17:32 PDT To: cypherpunks@toad.com Subject: Caller ID Question In-Reply-To: Message-ID: <9305241813.AA17842@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >I know Caller ID for the common man didn't go through here in Cal., >despite the fact we have call return. This is the distinction. The underlying hardware and switching protocols all have the capability for calling-number identification, but the PUC didn't allow the consumer service "Caller-ID" to exist. As a result, Pac Bell now offers services which use it in indirect ways. Not only do we have Call Return, but also Call Screen, Priority Ringing, Select Call Forwarding, and Call Trace. I just spoke to the business office and Caller-ID is not available even on their business lines, not even the Pac Bell 800 offerings. It looks like the only way to do this is to get 800 service from another carrier. Even then, I'm not sure that intra-California service will be available. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Mon, 24 May 93 11:20:03 PDT To: cypherpunks@toad.com Subject: MacWorld Special Report In-Reply-To: <9305241529.AA15822@disvnm2.shearson.com> Message-ID: <9305241816.AA18098@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Re: MacWorld Kudos to Mitch Ratcliffe for the MacWorld coverage. He's a strong advocate of privacy issues and makes sure his magazine covers them. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dmandl@lehman.com (David Mandl) Date: Mon, 24 May 93 08:29:48 PDT To: cypherpunks@toad.com Subject: MacWorld Special Report Message-ID: <9305241529.AA15822@disvnm2.shearson.com> MIME-Version: 1.0 Content-Type: text/plain There's a pretty solid Special Report in the new issue of Macworld (July, 1993) on the ever-increasing threats to electronic privacy. Part One is called "Bosses with X-Ray Eyes: Your Employer may be Using Computers to Keep Tabs on You"; Part Two is "Privacy in Peril: How Computers are Making Private Life a Thing of the Past." Highlights: The reporters performed a little test to see how easy it is to get information on people electronically. They managed to get stacks of personal, legal, and financial data on, among others, Janet Reno, Clint Eastwood, Edwin Meese, George Lucas, Joe Montana, William Hearst, and the CEO of Bank of America with very little trouble. A poll on employers' invasions of workers' privacy found that 21.6% of companies search employees' files. There's also a sidebar on the insecurity of email. Favorite quote: "The U.S. is a laughingstock among privacy experts because we protect video- tape-rental records, but not medical records." In the same issue, columnist Stephen Levy is harshly critical of the Digital Telephony Bill. He goes off on a tangent about cryptography, and, while he doesn't mention Clipper, he speculates that if the bill is passed, the banning of strong crypto would very likely be next. He mentions PGP in passing. These pieces are all very strongly pro-privacy. It's nice to see this kind of coverage. I think articles like these are a tremendous help in furthering cypherpunk goals. --Dave. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Mon, 24 May 93 12:06:14 PDT To: cypherpunks@toad.com Subject: privacy graphics archive In-Reply-To: <9305232232.AA15865@netcom2.netcom.com> Message-ID: <9305241902.AA23897@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Re: graphic archive A graphical archive for paper publication is a really wonderful idea. I can keep or mirror the electronic archive on soda. One of the projects that has been discussed is getting together a presentation that we can hand out to people who will present it at local meetings. One necessary for any presentation is graphics. Here are some suggestions: 1. What the 'channel' model is. Sender, Receiver, Eavesdropper. 2. How symmetric key crypto works over a channel. [The New York Times had a good graphic of this. My favorite part was that the secret information decrypted to "... and get a quart of milk. No, make that a half gallon." An excellent subtlety to show that privacy is for everybody.] 3. How public key crypto works over a channel. 4. How key escrow works. 5. How key escrow fails to work. Not neglecting the obvious, I would suggest that any drawings such as these, in whatever form they might have been created in, also be made available in postscript. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: chrmsync@mindvox.phantom.com (Chrome Sync) Date: Mon, 24 May 93 09:42:52 PDT To: cypherpunks@toad.com Subject: Caller ID Question Message-ID: MIME-Version: 1.0 Content-Type: text/plain [Lurker Mode : OFF] I know Caller ID for the common man didn't go through here in Cal., despite the fact we have call return. I have a friend in politics who'd like caller ID to screen out 'junk' calls. Is it possible to implement it, and if so, where would any hardware mods be necessary (or is it strictly a Pac.Bell switching thing). [He wants to know if there a way, legal or not, to do so strictly from his end]. Thanks in advance ... [ Cyber-Renaissance Man ] || || || Chrome Sync || || || [ ** & CypherPatriot ** ] From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Timothy Newsham Date: Mon, 24 May 93 16:10:16 PDT To: cypherpunks@toad.com Subject: matrix - rsa Message-ID: <9305242310.AA18309@toad.com> MIME-Version: 1.0 Content-Type: text/plain Hi , I was reading through some books at the library the other day and came across this, has anyone given any thought to implementing this scheme? Matrix Extensions of the RSA Algorithm Chih-Chwen Chuang and James George Dunham CRYPTO '90 , page 140. They suggest a matrix extension of the RSA algorithm which uses much less computation time. They go on to prove that the security of the system is equivalent to RSA and the hash function used: "Under a chosen plaintext attack on the key, the securityof the new algorithm is equivalent to that of the RSA algorithm. Under a known plaintext attack on themessage, the security of the system rests upon that of the one-way function." Sounds like something worth looking into , as computation times are *much* faster than that of normal RSA. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: cp@jido.b30.ingr.com (Serrzna Penvt Cerffba) Date: Mon, 24 May 93 12:20:01 PDT To: cypherpunks@toad.com Subject: Re: The New Mykotronix phones... In-Reply-To: <9305231707.AA12544@IMSI.COM> Message-ID: <199305241918.AA19188@jido.b30.ingr.com> MIME-Version: 1.0 Content-Type: text/plain In <9305231707.AA12544@IMSI.COM>, Jordan Hayes writes: |> From mbriceno@aol.com Sat May 22 03:56:25 1993 |> |> If everybody would be armend, we would no longer look at the |> government as the sole provider of protectios from violent |> crimes, rape, or muggings. |> |> I'm sure lots of people could give examples of areas where "everyone" |> *is* armed, and while they certainly don't rely on "the government" |> (i.e., local police forces) for protection, most would agree the |> situation is not desirable ... "Most would agree"? What a silly statement. You're in a big virtual room with lots of different people, but a lot of them are "card-carrying" libertarians who most certainly don't agree with that. However, Marc also said, "I am glad that someone is finally mentioning [the parallel between crypto and arms]." which is vacuous in light of the _endless_ discussion on this very point on Usenet (sci.crypt and elsewhere) in the beginnings of the wiretap chip flap. Which leads me to my main point: please take this off-list before it turns into the same flamewar that currently rages on talk.politics.guns and for whatever weird reason, sci.skeptic. ^ / ------/---- cp@jido.b30.ingr.com (Freeman Craig Presson) / / Gun Control: The belief that the government, with its great wisdom and moral superiority, can be trusted with a monopoly on deadly force. -- Clayton E. Cramer From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: kqb@whscad1.att.com Date: Mon, 24 May 93 11:59:53 PDT To: cypherpunks@toad.com Subject: Steganography and Steganalysis Message-ID: <9305241859.AA11273@toad.com> MIME-Version: 1.0 Content-Type: text/plain Summary: Steganography is essential for private communication since well-encrypted messages stand out too easily and no "solidarity" of sophisticated cryptography users is likely to make such messages less obvious any time soon. By "steganography" I mean inserting a hidden message into ordinary text in such a way that even if the algorithm for inserting the hidden message is public, only the intended receiver can read the hidden message or even show that a hidden message exists. I list several types of measures of "normal" English text that may be useful for steganalysis and then I present calculations suggesting that English has a steganographic capacity of about 10 percent. Note: This is my "newbie" post to cypherpunks. It asks many questions because there is a lot that I do not know, but I hope it also has several thought-provoking ideas. I am mostly trying to elicit feedback from those who are more knowledgeable about cryptology-related matters by providing them with some problems that are both useful and mentally stimulating. Failed PGP Social Program In his introduction to PGP, Phil Zimmerman compares plaintext messages to mail sent on postcards and encrypted messages to mail in sealed envelopes. Currently, using envelopes does not arouse suspicion because almost everyone uses envelopes, but using encryption does arouse suspicion because almost nobody uses encryption. Zimmerman's proposed solution is for almost everyone to use encryption routinely, so that encrypted messages will be the norm. I do not believe that this will succeed, at least not in the way Zimmerman hopes. Even though PGP is highly regarded, free, and fairly readily accessible, no "solidarity" of PGP users will arise unless email with PGP encryption becomes transparently convenient to use and also does not invite civil lawsuits or criminal charges. (An RSAREF version of PGP would help, though.) The kinds of encryption that *will* become readily available, easy-to-use, and legally hassle-free will be the crippled kinds of encryption. Encryption that is not crippled always will be suspect, perhaps illegal. By using sufficiently intelligent steganographic techniques, however, we will not need any "solidarity" from other people at all. If our "envelopes" look like "postcards," they will not arouse the stormtroopers. Steganography and Steganalysis A few people have experimented with inserting messages into image files. But most of our email traffic is text, so I am most interested in steganographic techniques for normal English prose. Furthermore, we need to have a reasonably high efficiency for inserting the hidden message while not contorting the text too far from normal. Peter Wayner's Mimic functions for producing a baseball game commentary are notable. (No, I still haven't done the C conversion of the Think Pascal version I received almost two years ago. But I haven't forgotten!) I am not certain how efficiently his program encodes the hidden message, but I do want the resulting text to be less conspicuous. Imagine thousands of messages per day consisting of similar sounding commentary on the Whappers and the Blogs! That's too obvious. Gus Simmons [CRYPTO83] has described subliminal messages, which certainly are suitably innocuous, but unfortunately far too low bandwidth. A good steganographic system should insert encrypted messages into English text so unobtrusively that nobody but the intended receiver can show that a hidden message exists, even if the algorithm for the steganographic system is made public. (Perhaps I should call this "stealthography"?) The examples of steganography described in [KAHN] all fail this test. Similarly, so do silly kinds of "steganography" such as the following "SECRET": So how have you been doing? Everything is fine here. Can we visit soon? Remember when we went white-water rafting? Everyone got soaked! That would be fun to do again! This is silly not only because the hidden message is not encrypted but also because anyone who knows the insertion algorithm can readily discover that a hidden message does indeed exist. To create a good cryptographic system, one must first do cryptanalysis. Similarly, I suggest that to create a good steganographic system, one should first do steganalysis. For that reason, the next section of this message focuses on potential tools for steganalysis. Perhaps people more knowledgeable about steganalysis will tell how best to make use of these, and other, tools for steganalysis. Disclaimer: I admit that my knowledge of steganalysis is limited. Perhaps at this point I should just ask what I should read to learn more about this, but I suspect that the public literature is sparse and scattered. For example, we have the words "encryption" and "decryption", but what do we call the corresponding words for steganography: steganization and desteganization? If we don't even have good terminology for the process, I suspect that we do not have much well-organized literature on it, either. What follows is my best guess concerning steganographic issues. The first goal of steganalysis is to determine that a hidden message is likely. The second goal is extracting that hidden message and the third goal is decrypting that hidden message. To be able to infer that a hidden message is likely, we need measures that distinguish normal from unusual English text. Measures of Normal English Text What is normal English text? In general, this is unsolvable, and not even well-defined. It depends on the context, author, subject, etc. Nevertheless, I can think of several kinds measures that are likely to be useful and I hope that other people can suggest more. (1) letter frequency Letter frequency is just the first order Markov model for English. Shannon showed how 2nd order, 3rd order, etc. Markov models enable increasingly English-like output from a memoryless source. How much deviation from these standard frequencies is normal? What other kinds of letter frequency-related statistics might be useful? For example, if you measure the number of characters between each occurrence of a particular character, what type of distribution of intervals should you get? (An exponential distribution? A Poisson distribution? An Erlang distribution?) (2) word frequency Shannon also constructed 1st order, 2nd order, etc. Markov approximations to English using words rather than characters as the elements. How much variation should we expect from these approximations in ordinary English? Zipf's Law [WELSH, p. 97] states that the word frequency for a language obeys the formula: p(n) = A / n where A is a constant chosen so that: SUM p(n) = 1 n For example, in English, the most frequently used words are, in order, "the", "of", "and", and "to". According to Zipf's Law, the word "the" should be used about twice about as often as the word "of" and about four times as often as the word "to". Mandelbrot suggested a more complex formula: p(n) = A / (n + V)^(1/D) where V and D are independent parameters. I suppose that the intelligence agencies have even more sophisticated models. (3) compressibility According to [WELSH, p. 96], Shannon's experiments measured the entropy of English (over a 26 letter alphabet plus a space) as only 0.6 to 1.3 bits per character. Since normal English text has both upper and lower case, digits, and other characters, perhaps a better value for normal English is about 2.5 bits per character. (If so, then shouldn't compression programs be able to achieve about a factor of 8 / 2.5 > 3 compression?) Is "dense" writing less compressible than "fluff"? Apparently so, since measurements of the redundancy of various English texts [WELSH, p. 100] show significant differences. Since well-encrypted messages are incompressible, will a message that hides an encrypted message be less compressible than normal English text? (4) grammar, style, and readability Grammar checkers can distinguish normal sentences from text such as: "Distinguish normal can grammar checkers text sentences from." that may satisfy other statistics for normal English text. But what is an ordinary distribution of legal grammars of English sentences? Also, how does one allow for the different conventions in formal, written English vs. conversational English vs. slang vs. email/USENET netspeak vs. special sublanguages such as computer languages or mathematics? Bear in mind that netspeak has several distinguishing features. For example, email addresses of the form xxx@xxx.xxx.xxx, quoted text with a ">" in column 1, and smilies are typical net conventions. Mail headers and signatures (especially PGP signatures) have a special structure, too. Can a grammar checker help to distinguish normal text from text that may have a hidden message? What useful clues may style and (Kincaid, Coleman-Liau, Flesch, etc.) readability scores give? An interesting experiment would be to compare automated readability scores with the compressibility of the text. (5) semantic continuity and logic Do the sentences in a paragraph relate somehow to each other, or are they separate, independent constructions? How can that be measured automatically? (6) message context Does the content of the message look normal in its context? (For example, a baseball play-by-play would look out-of-place in sci.med.) How can that be measured automatically? (7) obvious Some people are known suspects, no matter how innocuous-looking their messages are. All their messages are suspect. (8) other measures What other measures might be useful for detecting the likely presence of a hidden message? The distribution of number of words in a sentence? The distribution of number of sentences (or words) in a paragraph? What programs and/or databases are readily available for making these measures? Steganographic Capacity of English Text If the public English text is N characters long, how long can a perfectly hidden message within that public text be? I think that it can be about N/10 characters long, for a steganographic capacity of 10%. I will show two ways to hide information in the public text: (1) the grammatical structure of the sentence and (2) the word choice in the sentence. (These are not the only methods, but they may be the two best methods.) Do you recall back in school when you "diagrammed" sentences in your English class? That was actually imposing a parenthesization on the sentence. For example, the sentence: The tall boy ate the big pie. becomes: (The (tall boy)) (ate (the (big pie))) The number of possible parenthesizations of a sentence of N words is related to the number of ways to match N pairs of parentheses. The number of matchings is the Nth Catalan number: C(2N, N) N-2 X(N) = -------- >= 2 [AHU, p. 73] N + 1 where C(2N, N) is the number of combinations of 2N objects, taken N at a time, which is (2N)!/(N!^2). The number of parenthesizations is the N-1st Catalan number. If all parenthesizations were equally likely, then the parenthesization of a sentence of N words would give greater than (N-1)-2 = N-3 bits of information for 1 - 3/N bits per word. (Of course, not all parenthesizations are equally likely. But X(N) is also much larger than 2^(N-2), so for now I'll assume that those two roughly cancel out.) Since the average word length in English is about 4 characters [WELSH, p. 101], or 5 characters counting a separating space, and each ASCII character has 8 bits, we get a steganographic efficiency of (1 - 3/N) / 40. (Notice that I am ignoring punctuation in my count of characters in English text. Since this count is just a rough approximation anyway, the effect of punctuation should get lost in the noise.) Another way to hide information in the public text is with the choice of words. Since English has a large vocabulary, I think that almost always we can get one bit of information per word, just from the word choice alone. (Unusual words should not be used often, though, since normal English text does not use them often.) For example, we might XOR all the bits of all the characters of the word and use its parity. Can we get two bits per word? Probably most of the time. Suppose that we try to get two bits per word from our word choice but succeed only with probability p. The channel capacity of a BSC is: 1 + p log p + (1-p) log (1-p) which is: 1 - H(p) By Shannon's noiseless coding theorem, we should be able to achieve an error correcting coding that approaches this capacity. (Use of that encoding unfortunately may alter the statistics of the hidden message sufficiently to expose the use of steganography, however.) For what values of p will it be worthwhile to insert an uncertain two bits per word rather than a (nearly) certain one bit? Since H(0.11) = 0.5 (approximately), p had better be .89 or higher. If p is .95, then H(p) = .29 (approximately), giving 1.4 bits / word rather than just 1 bit / word. I doubt that we can get better than 1.4 bits per word with this method and still have normal looking English, though, because of Zipf's Law. The normal frequencies of the four words "the", "of", "and", and "to" are high, totalling at least 10%, so the public text has to include many of them, whether we want their particular parity bit patterns or not. We can improve the efficiency by attempting two bits of information only for the long words and attempting only one bit for the short words. Maybe we should attempt to achieve |K/5| bits for words of K characters, where "|x|" means "x rounded down to the next integer". Or maybe we should not try to hide any bits at all in the extremely short words. I don't have enough information about typical English to analyze that. What is the total steganographic efficiency we achieve by exploiting both the grammatical structure and the word choice? My estimates total: ( (1 - 3/N) + 1.4 ) / 40 = 0.06 - 3/(40N) Just to get a number, let's assume that N = 10 words per sentence. That gives us 0.0525, which I'll round down to 0.05. That actually gives us much better than 5%, though, because the hidden message is first compressed and then encrypted. If compression halves the length of the hidden message, we get effectively a 10% efficiency for the Steganographic capacity of English. This estimate will decrease by whatever amount typical English parenthesization departs from uniform over all possibilities but it will increase by improved exploitation of word choice and, especially, by improved compression. Of course, the effectiveness of this camouflage depends on the sophistication of one's model of English text. Perhaps normal English has enough variation that a good, but not perfect, model of English will yield public text that is indistinguishable from normal text, even to the more resourceful eavesdroppers. Kevin Q. Brown INTERNET kqb@whscad1.att.com or kevin_q_brown@att.com AHU - The Design and Analysis of Computer Algorithms, Aho, Hopcroft, and Ullman, Addison-Wesley, 1974. KAHN - The Codebreakers, David Kahn, Macmillan, 1967. WELSH - Codes and Cryptography, Dominic Welsh, Claredon Press, 1988. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mike Godwin Date: Mon, 24 May 93 12:03:29 PDT To: dmandl@lehman.com (David Mandl) Subject: Re: MacWorld Special Report In-Reply-To: <9305241529.AA15822@disvnm2.shearson.com> Message-ID: <199305241904.AA24485@eff.org> MIME-Version: 1.0 Content-Type: text/plain Dave writes: > In the same issue, columnist Stephen Levy is harshly critical of the Digital > Telephony Bill. He goes off on a tangent about cryptography, and, while he > doesn't mention Clipper, he speculates that if the bill is passed, the banning > of strong crypto would very likely be next. I don't think that's a tangent, Dave. Thanks for the pointer. --Mike From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Mon, 24 May 93 12:22:56 PDT To: jordan@imsi.com (Jordan Hayes) Subject: Re: The New Mykotronix phones... In-Reply-To: <9305231707.AA12544@IMSI.COM> Message-ID: <9305241922.AA06652@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain Jordan Hayes says: > From mbriceno@aol.com Sat May 22 03:56:25 1993 > > If everybody would be armend, we would no longer look at the > government as the sole provider of protectios from violent > crimes, rape, or muggings. > > I'm sure lots of people could give examples of areas where "everyone" > *is* armed, and while they certainly don't rely on "the government" > (i.e., local police forces) for protection, most would agree the > situation is not desirable ... Actually I can give such examples and show that the result id desirable, but are we discussing cryptography or anarchism here? .pm From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ghoast@gnu.ai.mit.edu Date: Mon, 24 May 93 13:55:50 PDT To: kqb@whscad1.att.com Subject: Re: Steganography and Steganalysis In-Reply-To: <9305241859.AA11273@toad.com> Message-ID: <9305242055.AA69775@hal.gnu.ai.mit.edu> MIME-Version: 1.0 Content-Type: text/plain What about reverse 'stealthography' where instead of first creating your message, then attempting to create some larger ody of text in which to hide the message, one would first generate the message to be hidden, then take an existing body of text (something large enough, like Shakespear's MacBeth) and then attempt to find some concise algorithm by which the recieving end would extract the message? -Devin ---- ghoast@gnu.ai.mit.edu ---- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: greg@ideath.goldenbear.com (Greg Broiles) Date: Mon, 24 May 93 17:50:11 PDT To: cypherpunks@toad.com Subject: Oregon, guns, etc. Message-ID: MIME-Version: 1.0 Content-Type: text/plain Brad Cox (bcox@gmu.edu) writes: > >I'm sure lots of people could give examples of areas where "everyone" > >*is* armed, and while they certainly don't rely on "the government" > >(i.e., local police forces) for protection, most would agree the > >situation is not desirable ... > > Yep. Switzerland for sure (every draft age citizen keeps an assault rifle > and ammo). Similarly for most US rural states; Oregon, South Carolina, > Texas and Arizona come to mind. So do shooting ranges and guns shows most > anywhere. This is absolutely untrue of Oregon - at least in the Willamette Valley. I see fewer guns (and gun-racks in pickup trucks) here than I did when I lived in Southern California. It is difficult for me to express how uninterested I am in the prospect of debating gun control here in cypherpunks. I will compromise with "very, very, uninterested." -- Greg Broiles greg@goldenbear.com Golden Bear Computer Consulting +1 503 465 0325 Box 12005 Eugene OR 97440 BBS: +1 503 687 7764 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uni@acs.bu.edu (Shaen Bernhardt) Date: Mon, 24 May 93 15:43:12 PDT To: cypherpunks@toad.com Subject: espionage Message-ID: <9305242242.AA15212@acs2.bu.edu> MIME-Version: 1.0 Content-Type: text/plain I get: Taking other well-known identities: Silence = Ego + Espionage <= MC^2 + Espionage solving for Espionage,o-Light^2 Espionage >= Silence - MC^2of one's ego cannot exceed one's maximum potential energy (which has great explanatory powers re. the which raises some interesting points: [Portions deleted, no value judgement implied] I meant to suggest that the poster who compromised himself should have put his/her ego aside and overcome the urge to brag. hence espionage + ego = death. I like your analysis however. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Mon, 24 May 93 16:47:12 PDT To: cypherpunks@toad.com Subject: Correction Message-ID: MIME-Version: 1.0 Content-Type: text/plain [HOn Sat, 22 May 1993 14:20:25 -0400 (EDT), Eric S. Raymond wrote - > To join the cypherpunks mailing list, send a request to: > cypherpunks@toad.com Not to be a nit-picker, but shouldn't that be: cypherpunks-request@toad.com Subsequent posts to the list should be to: cypherpunks@toad.com Cheers. Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp@sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Mon, 24 May 93 17:47:38 PDT To: cypherpunks@toad.com Subject: FOIA INFO 1/2 Message-ID: MIME-Version: 1.0 Content-Type: text/plain Phil Karn e-mailed me about posting dotted "i"s and crossed "t" FOIA sample letters. These are perhaps the best that I've seen and work well, however, I would suggest that takers have them notorozied prior to sending them the agengies in question. - -- FOIA FILES KIT - INSTRUCTIONS USING THE FREEDOM OF INFORMATION ACT REVISED EDITION Fund for Open Information and Accountability, Inc. 339 Lafayette Street, New York, NY 10012 (212) 477-3188 INSTRUCTIONS The Freedom of Information Act entitles you to request any record maintained by a federal Executive branch agency. The agency must release the requested material unless it falls into one of nine exempt categories, such as "national security," "privacy," "confidential source" and the like, in which case the agency may but is not compelled to refuse to disclose the records. This kit contains all the material needed to make FOIA requests for records on an individual, an organization or on a particular subject matter or event. HOW TO MAKE A COMPLETE REQUEST Step 1: Select the appropriate sample letter. Fill in the blanks in the body of the letter. Read the directions printed to the right of each letter in conjunction with the following instructions: For organizational files: In the first blank space insert the full and formal name of the organization whose files you are requesting. In the second blank space insert any other names, acronyms or shortened forms by which the organization is or has ever been known or referred to by itself or others. If some of the organization's work is conducted by sub-groups such as clubs, committees, special programs or through coalitions known by other names, these should be listed. For individual files: Insert the person's full name in the first blank space and any variations in spelling, nicknames, stage names, marriage names, titles and the like in the second blank space. Unlike other requests, the signatures of an individual requesting her/his own file must be notarized. For subject matter or event files: In the first blank space state the formal title of the subject matter or event including relevant dates and locations. In the second blank space provide the names of individuals or group sponsors or participants and/or any other information that would assist the agency in locating the material you are requesting. Step 2: The completed sample letter may be removed, photocopies and mailed as is or retyped on your own stationary. Be sure to keep a copy of each letter. Step 3: Addressing the letters: Consult list of agency addresses. FBI: A complete request requires a minimum of two letters. Sen done letter to FBI Headquarters and separate letter to each FBI field office nearest the location of the individual, the organization or the subject matter/event. Consider the location of residences, schools, work and other activities. INS: Send a request letter to each district office nearest the location of the individual, the organization or the subject matter/event. Address each letter to the FOIA/PA office of the appropriate agency. Be sure to make clearly on the envelope: ATTENTION--FOIA REQUEST. FEE WAIVER You will notice that the sample letters include a request for fee waiver. Many agencies automatically waive fees if a request results in the release of only a small number of documents, e.g. 250 pages or less. Under the Act, you are entitled to a waiver of all search and copy fees associated with your request if the release of the information would primarily benefit the general public. However, in January 1983, the Justice Department issued a memo to all federal agencies listing five criteria which requesters must meet before they are deemed entitled to a fee waiver. Under these criteria, a requester must show that the material sought to be released is already the subject of "genuine public interest" and "meaningfully contributes to the public development or understanding of the subject"; and that she/he has the qualifications to understand and evaluate the materials and the ability to interpret and disseminate the information to th public and is not motivated by any "personal interest." Finally, if the requested information is already "in the public domain," such as in the agency's reading room, no fee waiver will be granted. You should always request a waiver of fees if you believe the information you are seeking will benefit the public. If your request for a waiver is denied, you should appeal that denial, citing the ways in which your request meets the standards set out above. MONITORING THE PROGRESS OF YOUR REQUEST Customarily, you will receive a letter from each agency within 10 days stating that your request has been received and is being processed. You may be asked to be patient and told that requests are handled cafeteria style. You have no alternative but to be somewhat patient. but there is no reason to be complacent and simply sit and wait. A good strategy is to telephone the FOIA office in each agency after about a month if nothing of substance has been received. Ask for a progress report. The name of the person you talk with and the gist of the conversation should be recorded. try to take notes during the conversation focusing especially on what is said by the agency official. Write down all the details you can recall after the call is completed. Continue to call every 4 to 6 weeks. Good record keeping helps avoid time-consuming and frustrating confusion. A looseleaf notebook with a section devoted to each request simplifies this task. Intervening correspondence to and from the agency can be inserted between the notes on phone calls so that all relevant material will be at hand for the various tasks: phone consultations, writing the newsletter, correspondence, articles, preparation for media appearances, congressional testimony or litigation, if that course is adopted. HOW TO MAKE SURE YOU GET EVERYTHING YOU ARE ENTITLED TO ... AND WHAT TO DO IF YOU DO NOT After each agency has searched and processed your request, you will receive a letter that announces the outcome, encloses the released documents, if any, and explains where to direct an appeal if any material has been withheld. There are four possible outcomes: 1. Request granted in full: This response indicates that the agency has released all records pertinent to your request, with no exclusions or withholdings. The documents may be enclosed or, if bulky, may be mailed under separate cover. This is a very rare outcome. Next Step: Check documents for completeness (see instructions below). 2. Requested granted in part and denied in part: This response indicates that the agency is releasing some material but has withheld some documents entirely or excised some passages from the documents released. The released documents may be enclosed or, if bulky, mailed under separate cover. Next step: Check documents released for completeness (see instructions below) and make an administrative appeal of denials or incompleteness (see instructions below). 3. Request denied in full: This response indicates that the agency is asserting that all material in its files pertaining to your request falls under one or the nine FOIA exemptions. These are categories of information that the agency may, at its discretion, refuse to release. Next step: Make an administrative appeal (see instructions below). Since FOIA exemptions are not mandatory, even a complete denial of your request can and should be appeals. 4. No records: This response will state that a search of the agency's files indicates that it has no records corresponding to those you requested. Next step: Check your original request to be sure you have not overlooked anything. If you receive documents from other agencies, review them for indications that there is material in the files of the agency claiming it has none. For example, look for correspondence, or references to correspondence, to or from that agency. If you determine that there are reasonable grounds, file an administrative appeal (see instructions below). HOW TO CHECK FOR COMPLETENESS Step 1: Before reading the documents, turn them over and number the back of each page sequentially. The packet may contain documents from the agency's headquarters as well as several field office files. Separate the documents into their respective office packets. Each of these offices will have assigned the investigation a separate file number. Try to find the numbering system. Usually the lower right hand corner of the first page carries a hand-written file and document number. For instance, an FBI document might be marked "100-7142-22". This would indicate that it is the 22nd document in the 7142nd file in the 100 classification. As you inspect the documents, make a list of these file numbers and which office they represent. In this way you will be able to determine which office created and which office received the document you have in your hand. Often there is a block stamp affixed with the name of the office from whose files this copy was retrieved. the "To/From" heading on a document may also give you corresponding file numbers and will help you puzzle out the origin of the document. When you have finally identified each document's file and serial number and separated the documents into their proper office batches, make a list of all the serial numbers in each batch to see if there any any missing numbers. If there are missing serial numbers and some documents have been withheld, try to determine if the missing numbers might reasonably correspond to the withheld documents. If not, the release may be incomplete and an administrative appeal should be made. Step 2: Read all the document released to you. Keep a list of all document referred to the text--letters, memos, teletypes, reports, etc. Each of these "referred to" documents should turn up in the packet released to you. If any are not in the packet, it is possible they may be among those document withheld; a direct inquiry should be made. In an administrative appeal, ask that each of these "referred to" documents be produced or that the agency state plainly that they are among those withheld. Of course, the totals of unproduced vs. withheld must be within reasons; that is, if the total number of unproduced documents you find referred to the text of the documents produced exceeds the total number of documents withheld, the agency cannot claim that all the referred to documents are accounted for by the withheld category. You will soon get the hand of making logical conclusions from discrepancies in the totals and missing document numbers. Another thing to look for when reading the released documents if the names of persons or agencies to whom the document has been disseminated. the lower left-hand corner is a common location for the typed list of agencies or offices to whom the document has been directed. In addition, there may be additional distribution recorded by hand, there or elsewhere on the cover page. There are published glossaries for some agencies that will help in deciphering these notations when they are not clear. Contact FOIA, Inc., if you need assistance in deciphering the text. Finally, any other file numbers that appear on the document should be noted, particularly in the subject of the file is of interest and is one you have not requested. You may want to make an additional request for some of these files. HOW TO MAKE AN ADMINISTRATIVE APPEAL Under the FOIA, a dissatisfied requester has the right of administrative appeal. the name and address of the proper appeal office will be given to you by each agency in its final response letter. This kit contains a sample appeal letter with suggesting for adapting it to various circumstances. However, you need not make such an elaborate appeal; in fact, you need not offer any reasons at all but rather simply write a letter to the appeals unit stating that "this letter constitutes an appeal of the agency's decision." Of course, if you have identified some real discrepancies, you will want to set them for fully, but even if you have not found any, you may simply ask that the release be reviewed. If you are still dissatisfied after the administrative appeal process, the FOIA gives you the right to bring a lawsuit in federal district court on an expedited basis. SAMPLE FBI REQUEST LETTER Date: To: FOIA/PA Unit Federal Bureau of Investigation This is a request under the Freedom of Information Act. I request a complete and thorough search of all filing systems and locations for all records maintained by your agency pertaining to and/or captioned: ______ _____________________________________________________ [describe records desired and/or insert full and _____________________________________________________ formal name] _____________________________________________________ _____________________________________________________ including, without limitations, files and documents captioned, or whose captions include _____________________________________________________ [insert changes in name, commonly used names, _____________________________________________________ acronyms, sub-groups, and the like] _____________________________________________________ _____________________________________________________ This request specifically includes "main" files and "see references," including, but not limited to numbered and lettered sub files, "DO NOT FILE" files, and control files. I also request a search of the ELSUR Index,a nd the COINTELPRO Index. I request that all records be produced with the administrative pages. I wish to be sent copies of "see reference" cards, abstracts, search slips, including search slips used to process this request, file covers, multiple copies of the same documents if they appear in a file, and tapes of any electronic surveillances. I wish to make it clear that I want all records in you office "identifiable with my request," even though reports on those records have been sent to Headquarters and even though there may be duplication between the two sets of files. [ continued next message ] Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp@sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Mon, 24 May 93 17:48:03 PDT To: cypherpunks@toad.com Subject: FOIA INFO 2/2 Message-ID: <5gw34B2w165w@sytex.com> MIME-Version: 1.0 Content-Type: text/plain [ continued from previous message ] I do not want just "interim" documents. I want all documents as they appear in the "main" files and "see references" of all units of your agency. If documents are denied in whole or in part, please specify which exemption(s) is(are) claimed for each passage or whole document denied. Please provide a complete itemized inventory and a detailed factual justification of total or partial denial of documents. Give the number of pages in each document and the total number of pages pertaining to this request. For "classified" material denied please include the following information: the classification (confidential, secret or top secret); identity of the classifier; date or event for automatic de-classification, classification review, or down-grading; if applicable, identity of official authorizing extension of automatic de-classification or review; and if applicable, the reason for extended classification. I request that excised material be "blacked out" rather than "whited out" or cut out and that the remaining non-exempt portions of documents will be released as provided under the Freedom of Information Act. Please send a memo (copy to me) to the appropriate units in your office to assure that no records related to this request are destroyed. Please advise of any destruction of records and include the date of and authority for such destruction. As I expect to appeal any denials, please specify the office and address to which an appeal should be directed. I believe my request qualifies for a waiver of fees since the release of the requested information would primarily benefit the general public and be "in the public interest." I can be reached at the phone listed below. Please call rather than write if there are any questions or if you need additional information from me. I expect a response to this request within ten (10) working days, as provided for in the Freedom of Information Act. Sincerely, name: _______________________________________________ address: ____________________________________________ ____________________________________________ telephone: __________________________________________ signature: __________________________________________ SAMPLE AGENCY REQUEST LETTER DATE: TO: FOIA/PA Unit This is a request under the Freedom of Information Act. I request a complete and thorough search of all filing systems and locations for all records maintained by your agency pertaining to and/or captioned ______________________________________________________ [describe records desired and/or insert full and ______________________________________________________ formal name] ______________________________________________________ ______________________________________________________ including, without limitation, files and documents captioned, or whose captions include: ______________________________________________________ [insert changes in name, commonly used names, ______________________________________________________ acronyms, sub-groups and the like] ______________________________________________________ ______________________________________________________ I also request all "see references" to these names, a search of the ELSUR Index or any similar technique for locating records of electronic surveillance. This request is also a request for any corresponding files in INS Headquarters or regional offices. Please place any "missing" files pertaining to this request on "special locate" and advise that you have done this. If documents are denied in part or whole, please specify which exemption(s) is(are) claimed for each passage or whole document denied. Please provide a complete itemized inventory and detailed factual justification of total or partial denial of documents. Specify the number of pates in each document and th total number of pages pertaining to this request. For classified material denied, please include the following information: the classification rating (confidential, secret, or top secret); identify the classifier; date or event for automatic de-classification, classification review or downgrading; if applicable, identify the official authorizing extension of automatic de-classification or review; and, if applicable, give the reason for extended classification. I request that excised material be "blacked out" rather than "whited out" or cut out. I expect, as provided by the Freedom of Information Act, that the remaining non-exempt portions of documents will be released. Please send a memo (copy to me) to the appropriate units in your office or agency to assure that no records related to this request are destroyed. Please advise of any destruction of records and include the date of and authority for such destruction. As I expect to appeal any denials, please specify the office and address to which an appeal should be directed. I believe my request qualifies for a waiver of fees since the release of the requested information would primarily benefit the general public and be "in the public interest." I can be reached at the phone listed below. Please call rather than write if there are any questions or if you need additional information from me. I expect a response to this request within ten (10) working days, as provided for in the Freedom of Information Act. Sincerely, name: _______________________________________________ address: ____________________________________________ ____________________________________________ telephone: (___)_______________________________________ signature: __________________________________________ SAMPLE ADMINISTRATIVE APPEAL LETTER Date: To: FOIA/PA Appeals Office RE: Request number [Add this if the agency has given your request a number] This is an appeal pursuant to subsection (a)(6) of the Freedom of Information Act as amended (5U.S.C. 552). On [date], I received a letter from [name of official] of your agency denying my request for [describe briefly the information you are after]. This reply indicated that an appeal letter could be sent to you. I am enclosing a copy of my exchange of correspondence with your agency so that you can see exactly what files I have requested and the insubstantial grounds on which my request has been denied. [Optional paragraph, to be used if the agency has withheld all or nearly all the material which has been requested]: You will note that your agency has withheld the entire (or nearly the entire) document (or file, or report, or whatever) that I requested. Since the FOIA provides that "any reasonably secregable portion of a record shall be provided to any person requesting such record after deletion of the portions which are exempt," I believe that your agency has not complied with the FOIA. I believe that there must be (additional) secregable portions which do not fall within FOIA exemptions and which must be released. [Optional paragraph, to be used in the agency has used the (b)(1) exemption for national security, to withhold information] Your agency has used the (b)(1) exemption to withhold information [I question whether files relating to events that took place over twenty years ago could realistically harm the national security.] [Because I am familiar with my own activities during the period in question, and know that none of these activities in any way posed a significant threat to the national security, I question the designation of my files or portions of my file as classified and exempt from disclosure because of national security considerations.] [Sample optional argument to be used if the exemption which is claimed does not seem to make sense; you should cite as many specific instances as you care to of items withheld from the documents that you have received. We provide two examples which you might want to adapt to your own case.] "On the memo dated _____________ the second paragraph withheld under the (b)(1) exemption appears to be describing a conversation at an open meeting. If this is the case, it is impossible that the substance of this conversation could be properly classified." Or, "The memo dated _____ refers to a meeting which I attended, but a substantial portion is deleted because of the (b)(6) and (b)(7)(c) exemptions for unwarranted invasions of personal privacy. Since I already know who attended this meeting, no privacy interest is served by the withholding." I trust that upon examination of my request, you will conclude that the records I requested are not properly covered by exemption(s) [here repeat the exemptions which the agency's denial letter claimed applied to your request] of the amended FOIA, and that you will overrule the decision to withhold the information. [Use if an itemized inventory is not supplied originally] If you choose instead to continue to withhold some or all of the material which was denied in my initial request to your agency, I ask that you give me an index of such material, together with the justification for the denial of each item which is still withheld. As provided in the Act, I will expect to receive a reply to this administrative appeal letter within twenty working days. If you deny this appeal and do not adequately explain why the material withheld is properly exempt, I intend to initial a lawsuit to compel its disclosure. [You can say that you intend to sue, if that is your present inclination; you may still decide ultimately not to file suit.] Sincerely yours, name: ____________________________________________ address: ____________________________________________ ____________________________________________ signature: ___________________________________________ [Mark clearly on envelope: Attention: Freedom of Information Appeals] FBI ADDRESSES AND PHONE NUMBERS FBI Headquarters, J. Edgar Hoover Bldg, Washington, D.C., 20535, 202-324-5520 (FOI/PA Unit) Field Offices Albany, NY 12207, U.S. Post Office and Courthouse, 518-465-7551 Albuquerque, NM 87101, Federal Office Bldg., 505-247-1555 Alexandria, VA 22314, 300 N. Lee St., 703-683-2681 Anchorage, AK 99510, Federal bldg., 907-272-6414 Atlanta, GA 30303, 275 Peachtree St. NE, 404-521-3900 Baltimore, MD 21207, 7142 Ambassador Rd., 301-265-8080 Birmingham, AL 35203, Room 1400, 2121 Bldg. 205-252-7705 Boston, MA 02203, J.F. Kennedy Federal Office Bldg., 617-742-5533 Buffalo, NY 14202, 111 W. Huron St., 716-856-7800 Butte, MT 59701, U.S. Courthouse and Federal Bldg., 406-792-2304 Charlotte, NC 28202, Jefferson Standard Life Bldg., 704-372-5485 Chicago, IL 60604, Everett McKinley Dirksen Bldg., 312-431-1333 Cincinnati, OH 45202, 400 U.S. Post Office & Crthse Bldg., 513-421-4310 Cleveland, OH 44199, Federal Office Bldg., 216-522-1401 Columbia, SC 29201, 1529 Hampton St., 803-254-3011 Dallas TX 75201, 1810 Commerce St., 214-741-1851 Denver, CO 80202, Federal Office Bldg., 303-629-7171 Detroit, MI 48226, 477 Michigan Ave., 313-965-2323 El Paso, TX 79901, 202 U.S. Courthouse Bldg., 915-533-7451 Honolulu, HI 96850, 300 Ala Moana Blvd., 808-521-1411 Houston, TX 77002, 6015 Fed. Bldg and U.S.Courthouse, 713-224-1511 Indianapolis, IN 46202, 575 N. Pennsylvania St., 317-639-3301 Jackson, MS 39205, Unifirst Federal and Loan Bldg., 601-948-5000 Jacksonville, FL 32211, 7820 Arlington Expressway, 904-721-1211 Kansas City, MO 64106, 300 U.S. Courthouse Bldg., 816-221-6100 Knoxville, TN 37919, 1111 Northshore Dr., 615-588-8571 Las Vegas, NV 89101, Federal Office Bldg., 702-385-1281 Little Rock, AR 72201, 215 U.S Post Office Bldg., 501-372-7211 Los Angeles, CA 90024, 11000 Wilshire Blvd, 213-272-6161 Louisville, KY 40202, Federal Bldg., 502-583-3941 Memphis, TN 38103, Clifford Davis Federal bldg., 901-525-7373 Miami, FL 33137, 3801 Biscayne Blvd., 305-573-3333 Milwaukee, WI 53202, Federal Bldg and U.S. Courthouse, 414-276-4681 Minneapolis, MN 55401, 392 Federal Bldg., 612-339-7846 Mobile, AL 36602, Federal Bldg., 205-438-3675 Newark, NJ 07101, Gateway I, Market St., 201-622-5613 New Haven, CT 06510, 170 Orange St., 203-777-6311 New Orleans, LA 70113, 701 Loyola Ave., 504-522-4671 New York, NY 10007, 26 Federal Plaza, 212-553-2700 Norfolk, VA, 23502, 870 N. Military Hwy., 804-461-2121 Oklahoma City, OK 73118, 50 Penn Pl. NW, 405-842-7471 Omaha, NB 68102, 215 N. 17th St., 402-348-1210 Philadelphia, PA 19106, Federal Office Bldg., 215-629-0800 Phoenix, AZ 85004, 2721 N. central Ave., 602-279-5511 Pittsburgh, PA 15222, Federal Office Bldg., 412-471-2000 Portland, OR 97201, Crown Plaza Bldg., 503-224-4181 Richmond, VA 23220, 200 W. Grace St., 804-644-2531 Sacramento, CA 95825, Federal Bldg., 916-481-9110 St. Louis, MO 63103, 2704 Federal Bldg., 314-241-5357 Salt Lake City, UT 84138, Federal Bldg., 801-355-7521 San Diego, CA 92188, Federal Office Bldg., 619-231-1122 San Francisco, CA 94102, 450 Golden Gate Ave., 415-552-2155 San Juan, PR 00918 U.S. Courthouse and Fed. Bldg., 809-754-6000 Savannah, GA 31405, 5401 Paulson St., 912-354-9911 Seattle, WA 98174, 915 2nd Ave., 206-622-0460 Springfield, IL 62702, 535 W. Jefferson St., 217-522-9675 Tampa, FL 33602, Federal Office Bldg., 813-228-7661 Washington, DC 20535, 9th and Pennsylvania Ave. NW, 202-324-3000 FEDERAL AGENCIES (SELECTED ADDRESSES) Central Intelligence Agency Information and Privacy Coordinator Central Intelligence Agency Washington, D.C. 20505 202-351-5659 Civil Service Commission Appropriate Bureau (Bureau of Personnel Investigation, Bureau of Personnel Information Systems, etc.) Civil Service Commission 1900 E Street, N.W. Washington, D.C. 20415 202-632-4431 Commission on Civil Rights General Counsel, U.S. Commission on Civil Rights 1121 Vermont Ave., N.W. Room 600 Washington, D.C. 20415 202-254-6610 Consumer Product Safety Commission Office of the Secretary Consumer Product Safety Commission 1111 18th St., N.W. Washington, D.C. 20207 202-624-7700 Department of Defense/Dept. of Air Force Freedom of Information Manager Headquarters, USAF/DADF Washington, D.C. 20330-5025 202-697-3467 I'd suggest calling first to insure the correctness of the addresses. Cheers. Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp@sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Steven Levy Date: Mon, 24 May 93 20:17:51 PDT To: cypherpunks@toad.com Subject: macworld Message-ID: <199305250317.AA15360@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain two short comments about the macworld privacy issue we have a long lead time and the column about digital telephone (oops, telephony) was in before the clipper stuff broke and eric, while correct about Mitch Ratcliffe being a fine reporter who is totally on top of privacy stuff, has the publication wrong - Mitch is with MacWeek, not Macworld. Easy to confuse. Steven From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jslee@well.sf.ca.us (John S. Lee) Date: Mon, 24 May 93 21:40:53 PDT To: cypherpunks@toad.com Subject: UUDecode Message-ID: <199305250439.AA04920@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Where can I get the source code for UUEncode/UUdecode for the Mac or UNIX. Either would be great! ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +"The community can rest assured that their interests are very much my own,+ + and that anything I can do to maintain the security of the citizens, will+ + be my primary objective. Be seeing you. b-|" - Number Six->The Prisoner+ + + + from the village of jslee@well.sf.ca.us - a still tongue spills no beans + ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Operator Date: Mon, 24 May 93 23:50:26 PDT To: cypherpunks@toad.com Subject: No Subject Message-ID: <199305250633.AA06800@xtropia> MIME-Version: 1.0 Content-Type: text/plain [ The purpose of this post is to propose an extension of PGP which would result in more widespread use of encryption by the public; and to provoke discussion about the pros/cons of said proposal ] PGP users (mostly, technically adroit e-mail types) are but a subset of computer users in general; who in turn are but a subset of persons engaging in electronic communication of all kinds (including the common telephone); all of whom can be legitimately concerned with privacy issues. If the powers that be are concerned about not being able to listen in on PGP users, at least they can take solace in the fact that PGP users constitute only a tiny fraction of the populace, and hence, in the "big picture", add up to little more than a slight irritation. I am proposing that PGP be expanded beyond its present cadre and into the 2nd group named above - the army of regular users of pc's equipped with data modems. The proposal specifically is to extend PGP beyond file encryption to generalized stream handling. Such streams can be consoles & keyboards, real-time file transfers, and digitized voice; indeed, anything that will pass over a modem or other serial transfer medium. In this scenario, a user wishing a secure interchange would simply place a voice call to another party and, upon establishing voice contact, request a transition to a modem connection. Upon invoking the new program, the user's modem would go online; it would read the party's key from the existing PGP pubkey ring, and use it to perform a DH exchange, establishing a secure session. The program would then use a packet protocol to exchange keyboard/console traffic and/or files. In one scenario, all key management would continue to be performed with the current PGP program; the pubkey ring would be 'read-only' from the standpoint of the new app. Alternatively, key management could be blended into the new app to form a true standalone application. The appeal behind this approach is that it moves the operational paradigm very close to the present one- namely "pick up the phone and dial". No logins, shells, Elm, Compuserve/Prodigy/FidoNet, etc. The user interface could be simple enough for even the most novice user to operate. Real-time voice encryption would obviously be desirable in lieu of a keyboard interface. Unfortunately, such a capability is not yet within the reach of the average pc. Within a few years it will pro- bably be a "done deal", given the movement afoot to put DSP chips in all new pc's (e.g. video compression, multimedia support, etc). For now it must suffice to build a solid technical foundation which can accommodate voice operation when the requisite hardware becomes available. And until that time, many more users will have access to convenient and handy encryption technology. [ An aside, WRT voice coding: I believe the first major opportunity to produce a cheap realtime digital voice channel will be the emergence of chips/chip sets targeted towards the growing market for digital (tapeless) telephone answering machines. This market is large, and very cost sensitive (the perfect combo for opportunistic techno-vultures); this should produce cost effective voice coding solutions within a short period of time (12 months?), given current technology levels. ] Many readers already know that the pieces required to build this new program are already in place- and could be drawn together without much fuss. Indeed, a few fledgling attempts have already been made. From the PGP sources, the necessary functions would be extracted- to perform key lookup, MP arithmetic, DH key exchange, IDEA encryption of comm packets, etc. The resulting library would be linked to the new comm application. Each subsequent revision of PGP would retain a make target that would build the interface library. The net result of building this application would be to make serious levels of security available to more people than ever before - with an ease of use also heretofore unknown. As a result I believe the PGP user base could easily expand by at least an order of magnitude. Does anyone have a better idea? [END] From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Tue, 25 May 93 00:04:28 PDT To: cypherpunks@toad.com Subject: my menu sys. Message-ID: <9305250704.AA02467@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain After I posted my menu batch file for pgp, I realized that I hadn't put my name on it, which I felt I should do. So, here it is, with with my copyleft message attatched. I hope someone enjoys it. rem This is the PGP menu system by Mike Diehl version 0.0. This program rem requires 4dos command.com replacement to run. It may run under norton's rem N-dos. Since I wrote this program for my own use, and in an effort to help rem with the cypherpunk cause, I am releasing this program into the public rem domain. I ask that this message not be removed, and that you do not rem distribute modified copies of this program. Further, I hope that, if you rem think this program makes pgp easier to use, you will send me an (encrypted) rem email message telling me so. It helps my ego to think someone likes my rem program besides me. ;^) I have enclosed my pgp 2.2 public key at the end rem of this file. Take care, and enjoy. Mike Diehl. rem @echo off setlocal break on :main cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 4 29 16 49 2 red on black scrput 1 27 blue on black Mike's PGP shell ver. 0.0. scrput 3 35 blue on black MAIN MENU scrput 5 32 red on black Encrypt a file. scrput 7 32 red on black Decrypt a file. scrput 09 32 red on black siGn a file. scrput 11 32 red on black Wipe file. scrput 13 32 red on black Next menu. scrput 15 32 red on black Quit. scrput 18 5 white on black Select an option by typing the corisponding capitalized letter. scrput 19 5 white on black For example, to encrypt a file, you would press the E key. inkey /K"EeDdGgWwNnQq" %%in goto menu1-%in :menu1-q screen 17 26 pause cls endlocal quit :menu1-e cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 6 3 8 74 2 red on black scrput 18 5 white on black Here you will be asked for the name of a file to be scrput 19 5 white on black encrypted. Then you will be asked for the names of scrput 20 5 white on black the people who should be able to read the file. scrput 21 5 white on black Enter them all on the line separated by a space. scrput 7 5 red on black Enter the name of the file to encrypt. screen 7 52 input %%file if exist %file goto menu1-e-good scrput 15 10 red on black That file is not in the current directory! screen 16 10 pause goto menu1-e :menu1-e-good drawbox 10 3 12 74 2 red on black scrput 11 5 red on black Enter the name(s) of the recipients. screen 11 52 input %%in cls rem I never claimed that this would be elegent.... drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black scrput 18 5 white on black Here you are asked if you want to mark this message "For Your Eyes Only," scrput 19 5 white on black and if you want to sign the message. If you reply 'y' to the first scrput 20 5 white on black question, the recipient will only be ablt to display the message. He scrput 21 5 white on black won't be to save it. If you reply 'y' to the second question, the scrput 22 5 white on black recipient will know for certain that the message is from you. drawbox 6 3 8 74 2 red on black scrput 7 5 red on black Would you like to mark this "For Your Eyes Only?" inkey /K"ynN" %%f drawbox 10 3 12 74 2 red on black scrput 11 5 red on black Would you like to sign this message? inkey /K"ynN" %%s if "%f" == "y" goto f if "%s" == "y" goto s cls pgp -pe %file %in goto encrypted :f if "%s" == "y" goto sf cls pgp -mep %file %in goto encrypted :sf cls pgp -mesp %file %in goto encrypted :s cls pgp -pes %file %in :encrypted echo %@name[%file].asc is the name of the encrypted file. pause goto main :menu1-d cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 6 3 8 74 2 red on black scrput 18 5 white on black Here you will be asked for the name of a file to be scrput 19 5 white on black read. Then you will be asked if you want to save the scrput 20 5 white on black plaintext file. If you do, you will be asked for a scrput 21 5 white on black new filename. scrput 7 5 red on black Enter the name of the file to read. screen 7 52 input %%file if exist %file goto menu1-d-good scrput 15 10 red on black That file is not in the current directory! screen 16 10 pause goto main :menu1-d-good cls pgp -m %file goto main :menu1-g cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 6 3 8 74 2 red on black scrput 18 5 white on black Here you will be asked for the name of a file to be scrput 19 5 white on black signed. If you sign a message, it can be proved that scrput 20 5 white on black it came from you. There is no "Plausible Deniability." scrput 7 5 red on black Enter the name of the file to signed. screen 7 52 input %%file if exist %file goto menu1-g-good scrput 15 10 red on black That file is not in the current directory! screen 16 10 pause goto main :menu1-g-good cls pgp -s %file echo %@name[%file].asc is the name of the signed file. pause goto main :menu1-w cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 6 3 8 74 2 red on black scrput 18 5 white on black Here you will be asked for the name of a file to be scrput 19 5 white on black wiped. Remember, after a file is wiped... scrput 20 5 blink white on black There is no way to retrieve the file! scrput 7 5 red on black Enter the name of the file to wiped. screen 7 52 input %%file if exist %file goto menu1-w-good scrput 15 10 red on black That file is not in the current directory! screen 16 10 pause goto main :menu1-w-good cls pgp -w %file goto main :menu1-n cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 4 29 16 49 2 red on black scrput 1 27 blue on black Mike's PGP shell ver. 0.0. scrput 3 35 blue on black SECOND MENU scrput 5 32 red on black Add a key. scrput 7 32 red on black Extract a key. scrput 09 32 red on black View a key. scrput 11 32 red on black Fingerprint. scrput 13 32 red on black Next menu. scrput 15 32 red on black Quit. scrput 18 5 white on black Select an option by typing the corisponding capitalized letter. scrput 19 5 white on black For example, to add a key to your ring, you would press the A key. inkey /K"AaEeVvFfNnQq" %%in goto menu2-%in :menu2-q goto menu1-q :menu2-a cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 6 3 8 74 2 red on black scrput 18 5 white on black Here you will be asked for the name of a file that scrput 19 5 white on black contains the keys to be added to your public key ring. scrput 7 5 red on black Enter the name of the file to read. screen 7 52 input %%file if exist %file goto menu2-a-good scrput 15 10 red on black That file is not in the current directory! screen 16 10 pause goto main :menu2-a-good cls pgp -ka %file pause goto main :menu2-e cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 6 3 8 74 2 red on black scrput 18 5 white on black Here you will be asked for the key ID to be extracted. scrput 19 5 white on black Then you will be asked for the names of the file to scrput 20 5 white on black put the key in. scrput 7 5 red on black Enter the key ID to extract. screen 7 52 input %%in drawbox 10 3 12 74 2 red on black scrput 11 5 red on black Enter the name of the file that is to hold the key. screen 11 59 input %%file if not exist %file goto menu2-e-good scrput 10 10 red on black That file already exists in the current directory! screen 16 10 pause goto main :menu2-e-good cls pgp -kx %in %file echo %@name[%file].asc contains the key for %in. pause goto main :menu2-v cls pgp -kv pause goto main :menu2-f cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 6 3 8 74 2 red on black scrput 18 5 white on black Here you will be asked for the name of the person who's key fingerprint you scrput 19 5 white on black want to examine. scrput 7 5 red on black Enter the name of the person. screen 7 52 input %%in cls pgp -kvc %in echo Remember to write this information down! pause goto main :menu2-n cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 4 29 16 49 2 red on black scrput 1 27 blue on black Mike's PGP shell ver. 0.0. scrput 3 35 blue on black THIRD MENU scrput 5 32 red on black Generate a key. scrput 7 32 red on black Remove a key. scrput 09 32 red on black Disable a key. scrput 13 32 red on black Next menu. scrput 15 32 red on black Quit. scrput 18 5 white on black Select an option by typing the corisponding capitalized letter. scrput 19 5 white on black For example, to generate a new key, you would press the G key. inkey /K"GgRrDdNnQq" %%in goto menu3-%in :menu3-g cls pgp -kg pause goto main :menu3-r cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 6 3 8 74 2 red on black scrput 18 5 white on black Here you will be asked for the name of the key to be scrput 19 5 white on black removed. scrput 7 5 red on black Enter the name of the key to remove. screen 7 52 input %%in cls pgp -kr %in pause goto main :menu3-q goto menu1-q :menu3-d cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 6 3 8 74 2 red on black scrput 18 5 white on black Here you will be asked for the name of the key to be scrput 19 5 white on black either disabled or re-enabled. scrput 7 5 red on black Enter the name of the key. screen 7 52 input %%in cls pgp -kd %in pause goto main :menu3-n goto main I may be reached by any of these addresses. mdiehl@triton.unm.edu, al945@cwns9.ins.cwru.edu Or, in care of Rory McManus at r.mcmanus4@genie.geis.com -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.2 mQA9Aiu/jVAAAAEBgM2F5mSlCA+KRd6TXIrqmPfiiAEytwSttZs7Yua939GMu2mP JL+5Qpi/ZKqF2nAJAwAFEbQsSi4gTWljaGFlbCBEaWVobCwgMSwgPG1kaWVobEB0 cml0b24udW5tLmVkdT4= =lyvx -----END PGP PUBLIC KEY BLOCK----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "George A. Gleason" Date: Tue, 25 May 93 02:06:14 PDT To: hughes@soda.berkeley.edu Subject: Re: Caller ID Question Message-ID: <199305250905.AA25844@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Caller ID in California: the question you need to ask is regarding ANI, Automatic Number Identification. That is available on 800-numbers and can be delivered in realtime if you have enough traffic to justify a T1. And of course you can get it from any carrier you wish. ANI is *not* Caller ID, they work differently, use different signalling systems. -gg From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Tue, 25 May 93 01:02:18 PDT To: CYPHERPUNKS Subject: Digital cash issues... Message-ID: <930525075401_74076.1041_FHD58-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain Reading the article in the Whole Earth Review reminded me of our discussions several months ago about digital cash. I would be interested in seeing an implementation of digital cash suitable for email or Internet use. Chaum is working on "off-line" cash systems, where you don't have to check with the bank for every transaction. But I think there are problems with this in the network environment. The big issue in digital cash is double-spending. Someone could send the same piece of cash to more than one seller. (We say "double-spending" but really it could be triple- or worse.) Each seller can check that the cash was properly signed by the bank and not a forgery, but if they honor the cash only one of them can be reimbursed by the bank. On-line systems require the sellers to check with the bank to make sure a particular piece of cash has not been spent before. As long as the bank handles such queries sequentially, and adds each piece of cash to a database of "spent cash" as it sends an "OK" response back to a seller, then each piece of cash can only be spent once. Double-spending is prevented. Off-line systems are more complicated. They are designed so that the anonymity of the spender is lost if the cash is double-spent. This is achieved by having an exchange of messages between seller and spender, in which the seller specifies some random information and the spender responds based on the seller's message. Chaum's fancy mathematics guarantees that the spender's anonymity is protected if he only uses each piece of cash once. But if he uses it twice, the random information will be different for each transaction, and this will cause him to reveal more information about himself, enough information that the bank can deduce his identity. This process is problematical in the Internet environment, though. The need for a protocol between spender and seller might be tolerable for systems with direct TCP connections, but the universe of potential users of cash is much larger than this. I think it will be necessary for cash to work just via email. And in that case the requirement for three messages (spender to seller, seller to spender, spender to seller) for every transaction will be very cumbersome. Also, if double-spending is discovered it's not clear what you do about it. Ideally, if the customer has a large enough bank balance to cover the extra spending the bank can just dip into the account (once the customer's anonymity is broken by Chaum's algorithms) and pay off the sellers. But if this is not the case then it isn't clear who would take the loss or what legal redress the bank would have against the customer. All this seems to require some legal infrastructure which would delay the acceptance of digital cash. In an on-line system, transactions are somewhat easier. Customers send cash to sellers, sellers check the cash with the bank, and proceed with the sale. There are still three messages, but two of them are with the bank, so it is simpler because these always go to the same place. Spenders have it especially easy as they just send off their cash. So, I would think an on-line system would be more appropriate for the net environment as it exists today. Another big issue is the legality of cash. How legitimate does an initial implementation of digital cash need to be? PGP's acceptance has been hampered by its infringement of patents. Digital cash would have a worse time of it, probably; it infringes on RSA (for the bank signatures) as well as Chaum's patents. In the Whole Earth article Chaum indicated that he had the whole field pretty well locked up with patents. With PGP we can at least make a moral argument that non-commercial, personal use should be OK, but it's not clear that the concept "non-commercial" can really apply to digital money. Even if it could, RSAREF does not provide at all the functionality that is needed since it is the direct mathematics of RSA that provides the basis for blind signatures. So one would need to get permission to call the "pure RSA" entry points in RSAREF. Then some kind of agreement would be needed with Chaum. This is quite a daunting list. Whether you satisfy the patent lawyers or just decide to go with an under- ground approach, you then have the issue of backing the cash and the tax consequences. When I looked into this several months ago it looked to me like a digital cash system would be much like the "barter exchanges" which have been tried from time to time, and which have stringent tax reporting requirements, with associated serious penalties. England is apparently less strict about this than the U.S., with several cases of barter exchanges having been publicized recently. Perhaps that would be a better forum for launching a cash system. As for backing, I believe that the best way to give digital cash value is to make it possible to exchange it for regular cash. If you know that you can take received digital cash, email it to the bank, and receive a check in the mail a few days later for that amount, you will be likely to accept it. I have a Disney Dollar on my desk for which it is possible to take it to a Disney store and exchange it for a regular dollar. If the same thing can be done for digital cash then I think it will be accepted. All told, there are a lot of obstacles standing in the way of digital cash. The technology is complicated, patent issues arise at every turn, and the complexity of the tax and banking laws will have to be faced. It's not clear how soon we can expect to be able to tackle these problems. Hal From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Do you know what's in the trunk? 25-May-1993 0917 Date: Tue, 25 May 93 06:18:18 PDT To: cypherpunks@toad.com Subject: re:pi compression Message-ID: <9305251318.AA14593@enet-gw.pa.dec.com> MIME-Version: 1.0 Content-Type: text/plain > >>Since all possible finite bit strings are, by definition, contained >>in the unending cavalcade of bits in pi, > >Definition? I have seen not this asserted even by theorem. Not >surprising, since the statement is patently false. There are >2^{\aleph_0} finite bit strings, and only \aleph_0 of those are >subsequences of pi. Um, it doesn't follow to me that it's _obvious_ that 2^Aleph_0 is larger than Aleph_0. It might be- but I'd like to see the proof. Now, Aleph_0 ^ Aleph_0, on the other hand... -Bill (wondering why this thread of recursively nonenumerable transfinite ordinal stuff keeps cropping up in *all* his mailing lists) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Timothy Newsham Date: Tue, 25 May 93 10:45:07 PDT To: wixer!wixer.bga.com!cat@cactus.org (Dr. Cat) Subject: Re: PGP voice encryption In-Reply-To: <9305251601.AA21567@wixer> Message-ID: <9305251745.AA21151@toad.com> MIME-Version: 1.0 Content-Type: text/plain > > Actually, if somebody wants to start developing PC based voice encryption, > there's a pretty significant installed base of machines that can handle it > already. By the end of 1992, there were about 3 million machines with sound > cards, by the end of 93 it's projected to reach 6 million. Anyone that has a > Soundblaster or Soundblaster compatible has both a DAC output and a > microphone input. On a machine with a 9600 or 14,400 kilobaud modem, > sufficient real-time compression of voice to fit within the modem bandwidth > is a quite reasonable objective. I know of at least three people in the > computer game industry that have been working on it, and at least one of them > already has functional code. I'm sure there's a pretty fair number of > Macintoshes out there that have all the hardware to support real-time > encrypted voice communications also, though I don't follow the numbers in the > Mac market these days... The biggest problem is CPU power. The compression schemes that work best are very computationally expensive. Add to that the fact that you need to do simultaneous encryption and compression, and if you want full duplex make that simultaneous encryption, decryption, compression and decompression. You also have to send it over the modem, and probably frame it too. I'm currently implementing one scheme (LPC) on a DSP chip. Hopefully my end product will be <$50. I plan put its own ADC/DAC chip on board (to save computer<->DSP bandwidth). Possibly some high end CPU's like 486 and 040 could handle the load, but wouldnt leave much cpu for anything else. > Dr. Cat / no .sig, why bore people? > From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peter honeyman Date: Tue, 25 May 93 05:45:17 PDT To: jslee@well.sf.ca.us (John S. Lee) Subject: Re: UUDecode In-Reply-To: <199305250439.AA04920@well.sf.ca.us> Message-ID: <9305251245.AA11776@toad.com> MIME-Version: 1.0 Content-Type: text/plain bsdj has uuencode and uudecode. i can mail you a copy. peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Tue, 25 May 93 08:46:32 PDT To: kqb@whscad1.att.com Subject: Re: Steganography and Steganalysis In-Reply-To: <9305241859.AA11273@toad.com> Message-ID: <9305251546.AA17642@toad.com> MIME-Version: 1.0 Content-Type: text/plain Someone is probably doing steganography in netnews and/or mailing lists right now! (Besides cypherpunks, I mean.) How would we find them? Someone with a news feed and some CPU time and hacking time on their hands could come up with some analysis tools that scan news or email articles, looking for unusual patterns. You can debug them on something with a small flow, then gradually speed and smarten them up to be able to run across the whole netnews flow (at multiple sites). If nothing else, such a package would provide a way to winnow signal from noise on Usenet, by tweaking the parameters until they kicked out a reasonable number of messages per day. E.g. "give me the ten messages from rec.books that use the most varied vocabulary", or "locate C source code with lots of comments for my friend who's learning C". And, if some of us work on ways to hide information in the flow, and others work on ways to locate and extract it, the two efforts will complement each other. Think of it as "quality assurance" or "testing" for the information-hiding effort. We certainly won't be the only people looking! So let's see what NSA, KGB, etc are finding... Bill Tuthill's "hum" (humanities department support) package from comp.sources may give you some ideas. It's not 100% useful for this, but it's there: A new package of programs for literary and linguistic computing is available, emphasizing the preparation of concordances and supporting documents. Both keyword in context and keyword and line generators are provided, as well as exclusion routines, a reverse concordance module, formatting programs, a dictionary maker, and lemmatization facilities. There are also word, character, and digraph frequency counting programs, word length tabulation routines, a cross reference generator, and other related utilities. The programs are written in the C programming language, and implemented on several Version 7 Unix systems at Berkeley. hum/Part01: v10i27: Bull Tuthill's "hum" text concordance package, Part01/03 hum/Part02: v10i28: Bull Tuthill's "hum" text concordance package, Part02/03 hum/Part03: v10i29: Bull Tuthill's "hum" text concordance package, Part03/03 hum.pch: v11i065: Hum concordance package update kit in ftp.uu.net:/usenet/comp.sources.unix/volume10 and volume11. John Gilmore gnu@toad.com -- gnu@cygnus.com -- gnu@eff.org Creating freedom, rather than longer chains, bigger cages, better meals, . . . From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: kelly@pleiku.netcom.com Date: Tue, 25 May 93 09:34:33 PDT To: cypherpunks@toad.com Subject: No Subject Message-ID: <9305251634.AA18989@toad.com> MIME-Version: 1.0 Content-Type: text/plain >From kelly Tue May 25 16:34:55 +0000 1993 remote from pleiku To: netcomsv.netcom.com!toad.com!gnu (John Gilmore) cc: whscad1.att.com!kqb, toad.com!cypherpunks, toad.com!gnu, kelly Subject: Re: Steganography and Steganalysis In-reply-to: Your message of "Tue, 25 May 1993 08:46:27 MST." <9305251546.AA17642@toad.com> Priority: urgent Date: Tue, 25 May 1993 16:34:55 +0000 From: "Stop the Big Brother CHip" Received: from pleiku by pleiku.netcom.com; Tue, 25 May 1993 09:34 PDT Content-Type: text Content-Length: 1907 Hi John, In addition I suggest still some more tools newsclip(by clarinet... provides for news clipping) newsfind(on soda.berkley.edu for searches of NNTP servers) agrep(Fuzzy set searches) expn(expanding mail aliases) addr-check(expanding and tracing mail aliases) netfind(email address searches) Xmosaic(hypertest gui... has some useful location features) whois(standard NS prog) For tracing that mysterious person on the end of the line... cypherpunks may want to consider "How to investigate by computer" by Ralph D Thomas In-detail explanation of commercial access to xcross, criminal justice/public records/postal forwarding/ credit info... And the infamous "How to get everything on anybody" Vols 1 and 2 by Lee Lapin and Scott French "The Big Brother Game" same "Ninja 1990" same... -- Parts of this .sig borrowed with permission from T.C.May. Perhaps it will indeed get me busted also. .......................................................................... Kelly Goen | Crypto Anarchy: encryption, digital money, kelly@netcom.com | anonymous networks, digital pseudonyms, zero Intelligence Systems | knowledge, reputations, information markets, Specialists Inc. | black markets, face banks, data havens, dark | tech, covert channels, shared secrets, | alt.whistleblowers, collapse of governments. Technical Monkeywrench | Public Key: PGP 2.2. | .......................................................................... PGP 2.2 Key available from PGP Keyservers on the Internet. pub 1024/1BA573 1992/09/09 kelly Key fingerprint = EF 7A 38 99 22 84 E3 3B 90 2A DB 80 DC 65 DA 31 STOP THE WIRETAP CHIP(Clipper Chip)!! From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Dr. Cat Date: Tue, 25 May 93 09:22:06 PDT To: extropia.wimsey.com!root@cactus.org (Operator) Subject: PGP voice encryption In-Reply-To: <199305250633.AA06800@xtropia> Message-ID: <9305251601.AA21567@wixer> MIME-Version: 1.0 Content-Type: text/plain Actually, if somebody wants to start developing PC based voice encryption, there's a pretty significant installed base of machines that can handle it already. By the end of 1992, there were about 3 million machines with sound cards, by the end of 93 it's projected to reach 6 million. Anyone that has a Soundblaster or Soundblaster compatible has both a DAC output and a microphone input. On a machine with a 9600 or 14,400 kilobaud modem, sufficient real-time compression of voice to fit within the modem bandwidth is a quite reasonable objective. I know of at least three people in the computer game industry that have been working on it, and at least one of them already has functional code. I'm sure there's a pretty fair number of Macintoshes out there that have all the hardware to support real-time encrypted voice communications also, though I don't follow the numbers in the Mac market these days... Dr. Cat / no .sig, why bore people? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Dr. Cat Date: Tue, 25 May 93 09:22:13 PDT To: CompuServe.COM!74076.1041@cactus.org (Hal) Subject: Re: Digital cash issues... In-Reply-To: <930525075401_74076.1041_FHD58-1@CompuServe.COM> Message-ID: <9305251612.AA26796@wixer> MIME-Version: 1.0 Content-Type: text/plain Regarding the issue of what to do under Chaum's scheme when someone double- spends a piece of digital cash & their identity is revealed... While this might be a problem for a cypherpunk style "kick society in the pants and get this going early" implementation of digital banking, I don't think it's going to be a serious hindrance in the long term. While I'm sure all big retail chains and the like will have terminals that can instantly verify a piece of cash, if there are niches for an offline system, there's a very significant economic infrastructure set up for collecting on bad debts. Any credit card company, phone company, or other corporation that does a lot of billing already has staff dedicated solely to that function, with collection agencies providing a second tier of functionality for the tougher cases. Dr. Cat / Dragon's Eye / New traditions for the next century From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Doug.Brightwell@Corp.Sun.COM (Doug Brightwell) Date: Tue, 25 May 93 11:57:58 PDT To: TO1SITTLER@APSICC.APS.EDU Subject: Re: License plates Message-ID: <9305251854.AA01809@media.Corp.Sun.COM> MIME-Version: 1.0 Content-Type: text/plain > My understanding is that in many states, the Department of Motor Vehicles Records > indexed on license plate number, and containing the name, address, and other > information about the owner, is public or semi-public. How would an interested > party go about finding this information? How difficult or costly is it? And > what all is actually listed in the record? Several weeks following a car accident that I was involved in, I received a notice from the California DMV notifying me that someone had filed a request for the information on my vehicle registration. From the name and address on the notice, I figured out that it was the other driver's attorney, probably wanting to know where to send a subpoena. Apparently, anyone can walk into a DMV office, fill out a form, pay $1.00 (or whatever) and get the info because it's public record. However, at least the DMV also alerts the "investigatee" to the fact that someone now has their home address, and provides the name and address of the requestor. Doug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: poier@sfu.ca (Skye Merlin Poier) Date: Tue, 25 May 93 13:55:34 PDT To: root@extropia.wimsey.com (Operator) Subject: Re: your mail In-Reply-To: <199305250633.AA06800@xtropia> Message-ID: <9305251856.AA10704@malibu.sfu.ca> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- :) The proposal specifically is to extend PGP beyond file encryption :) to generalized stream handling. Such streams can be consoles & :) keyboards, real-time file transfers, and digitized voice; indeed, :) anything that will pass over a modem or other serial transfer medium. This is already being attempted: Ytalk version 2.1 has both a single key stream encryption feature and a PGP encryption feature ( I haven't been able to get the PGP encryption feature to work, however.). It is still in beta testing, but it looks like it will be out soon... Skye - -- - -----====> Skye Merlin Poier <====----- Undergrad in CMPT/MATH (Virtual Reality) |||| |||| email: poier@sfu.ca p-OO <--> OO-q THINK PGP Public Key available on finger \== ==/ -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLAJrzy0bkpXW3omvAQEwZQQAobdu4F3v9rGfeKTrWTwz0CgLHGj9j1eJ FTecY3x4H3h4hra3QpztpwidizyOvvbyeJFrPZc0k+lJxYjFkLduiI7F9GpL+jSe ha10iPcRDUcKxJ74nyVWTupLpnznbYmZaQ7eh7BJi3GNo6M2GeUgccPt7j47F+Fy lzSvE05eYJw= =bvHZ -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Tue, 25 May 93 09:17:06 PDT To: cypherpunks@toad.com Subject: VinCrypt Message-ID: MIME-Version: 1.0 Content-Type: text/plain Has anyone heard of this product or know how to get in touch with its authors/developers? 8<-------- Snip, Snip ----------- Journal: Computerworld March 1 1993 v27 n9 p6(1). -------------------------------------------------------------------- Title: Hackers switch sides, offer security package. (includes related article on the VinCrypt data security application) (Product Announcement) Author: Daly, James Abstract: Notorious computer hackers introduce their $159 VinCrypt encryption package, which enhances data security. The DOS-based application has been created by highly skilled underground systems programmers. Co-developer Ian Murphy, who is president of Secure Data Systems Inc, also will distribute the application. He indicates that VinCrypt has not gained the approval of any government agency, but he does not seek government approval. Murphy believes that data encryption packages based on the Data Encryption Standard or RSA Data Security Inc's standards are not secure because their basic algorithms have been given to the National Security Agency. VinCrypt's source code will not be passed around, but some experts suggest that it then will be difficult to evaluate the package's real security effectiveness. ----------------------------------------------------------------------- Type: product announcement Product: VinCrypt Topic: Data security Software Packages Product Introduction Computer hackers Encryption Standards 8<----- End of plea for assistance -------- Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp@sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Watt Forste Date: Tue, 25 May 93 11:57:41 PDT To: Eric Hughes Subject: Re: privacy graphics archive In-Reply-To: <9305241902.AA23897@soda.berkeley.edu> Message-ID: <199305251901.AA16261@joes.GARAGE.COM> MIME-Version: 1.0 Content-Type: text/plain >I can keep or mirror the electronic archive on soda. Thanks very much for your offer. It would be great if you could keep the electronic part at soda, since we only have five megabytes on Netcom, and Joe's Garage is no the most reliable system in the world. When Sunah and I start getting stuff, I'll send mail. Arkuat From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Tue, 25 May 93 09:18:20 PDT To: CYPHERPUNKS Subject: Steganography... Message-ID: <930525161307_74076.1041_FHD47-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Kevin Brown makes some interesting points about steganography and steganalysis. The issue of recognizing whether a message has or might have a hidden message has two sides. One is for the desired recipient to be clued that he should try desteganizing and decrypting the message, and the other is for a possible attacker to discover illegal uses of cryptography. Steganography should be used with a "stealthy" cryptosystem (secret key or public key), one in which the cyphertext is indistinguishable from a random bit string. You would not want it to have any headers which could be used to confirm that a desteganized message was other than random noise. This would allow some public standard to be used for steganizing messages. Ideally, the standard would be chosen so that typical real messages, when desteganized by the standard technique, would produce close to a random bit pattern. Maybe Kevin's idea about taking the parity of each (four- letter or greater?) word in the message would work. With stealthy cryptography and a "random" standard steganographic technique people could use steganography without much fear that their messages will attract attention, or that they could be proven to be using this technology just by analysis of their messages. Only the desired recipient would discover the hidden message by achieving success in decrypting the random bit string that comes from the desteganography. He would have to try this on all messages and it would only work on those fraction with hidden messages aimed at him. A big problem right now is that none of Kevin's proposed approaches seem to be capable of being fully automated. I don't think that word substitution can be done safely, at least not by some simplistic algorithm. Words have many meanings and it is not easy for software to choose an appropriate synonym. This is a similar problem to machine translation, and I think those systems still require a lot of human supervision. In the olden days, spies used the "window" method of steganography. They had a piece of paper with randomly-scattered holes in it. They would put it on top of another piece of paper and write their secret message in the holes. Removing the "window" paper left a sheet of paper with some widely scattered letters. The spy then wrote a cover message among the letters, choosing his words so that the letters fit in. The recipient then had a paper with the same window positions so that he could read the message. We could do a similar thing - position the letters of a hidden (and encrypted) message at every 5th (or 10th, or whatever) position, and have a special word processor that let you compose a message but allowed you to see the forthcoming stega letters so that you could try to make your words fit around them. This might be harder than for the paper case because we have no ability to change the spacing of our letters in order to fit around the fixed letters more easily. Steganography will be more labor-intensive than ordinary encryption. You have to write two messages: the encrypted one you want to send, and a cover message that is five to ten times longer. Plus you may need to massage the cover message to one degree or another depending on how automatic the stego insertion is. This might be reasonable if crypto is outlawed and you are part of an underground group fighting the government, but for ordinary use I don't see how to make it both easy and safe. Hal -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLAIau6gTA69YIUw3AQFW6wQAk5r3TVkn3VI4LS+9103J/yQMNs1kypkt qkdX3FRHll7O9KeIipYdDvJUGeIfFzQobyBy6pGvSQZKV0tdb+ZM+3BG9LlpUFZZ Y1wGX0aJChvY+/L2RugxxLGROYOdZJzeijBj5L6swgmtsschHnsfo7j7A3md6gDq rJyFvOaU5ms= =g99M -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: TO1SITTLER@APSICC.APS.EDU (Kragen Sittler) Date: Tue, 25 May 93 11:15:03 PDT To: cypherpunklist Subject: License plates Message-ID: <930525121307.302f@APSICC.APS.EDU> MIME-Version: 1.0 Content-Type: text/plain My understanding is that in many states, the Department of Motor Vehicles Records indexed on license plate number, and containing the name, address, and other information about the owner, is public or semi-public. How would an interested party go about finding this information? How difficult or costly is it? And what all is actually listed in the record? How about medical records? How private are they? How about other records which are, to me, private or appear to be private, but can actually be read by anyone without my consent? Kragen From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Tue, 25 May 93 09:13:33 PDT To: cypherpunks@toad.com Subject: Noise on the list Message-ID: <9305251613.AA04301@dun-dun-noodles.aktis.com> MIME-Version: 1.0 Content-Type: text/plain Would it be incorrect to say that people flailing randomly on the list trying to invent the next great encryption scheme is both a waste of bandwidth, and inappropriate to the list? I guess what I'm trying to say is that I see cypherpunks as a gathering of people trying to encourage privacy via technology. As such, technical discussions of how to implement a remailer would be appropriate, but it seems that garbage about how to make MacBeth decrypt into your plaintext should be reserved for sci.crypt.flame. There's also a lot of other inappropriate traffic, like the recent "espionage" thread. Save it for talk.bizarre. Should I crawl back into my hole, or am I not the only one who thinks that a lot of the random spewage on the list is just that? (flame off) I think this is a valuable list. I like being on it, most of the time. But we've already seen many people remove themselves because they were drowning in email. Can we please try to keep the messages appropriate, and the signal-to-noise ratio high? Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pat@tstc.edu (Patrick E. Hykkonen) Date: Tue, 25 May 93 10:44:14 PDT To: marc@GZA.COM (Marc Horowitz) Subject: Re: Noise on the list In-Reply-To: <9305251613.AA04301@dun-dun-noodles.aktis.com> Message-ID: <9305251744.AA13138@tstc.edu> MIME-Version: 1.0 Content-Type: text/plain > I think this is a valuable list. I like being on it, most of the > time. But we've already seen many people remove themselves because > they were drowning in email. Can we please try to keep the messages > appropriate, and the signal-to-noise ratio high? Of all the lists I'm subscribed to, this is the only one that I read *every* article in. Even the "noise" articles. Humans being what they are, the noise is needed to help decide the direction of the group. Besides, for those of us who are just starting on our journey through crypto-underworld need the noise to help familiarize ourselves with how crypto works. I've learned more from the informal ramblings than I've gathered out of all the formal and/or mathematical postings to date. I don't mind tech... but let's not do away with the noise either. Thanks. One persons opinion. -- Pat Hykkonen, N5NPL Texas State Technical College at Waco {pat,postmaster,root,GOD}@tstc.edu Instructional Network Services 3801 Campus Dr. Waco, Tx 76705 V:(817) 867-4830 F:(817) 799-2843 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Timothy Newsham Date: Tue, 25 May 93 16:24:57 PDT To: uri@watson.ibm.com Subject: Re: PGP voice encryption In-Reply-To: <9305251805.AA19930@buoy.watson.ibm.com> Message-ID: <9305252324.AA29081@toad.com> MIME-Version: 1.0 Content-Type: text/plain > > Timothy Newsham says: > > The biggest problem is CPU power. The compression schemes that work > > best are very computationally expensive. Add to that the fact that > > you need to do simultaneous encryption and compression, and if you > > want full duplex make that simultaneous encryption, decryption, > > compression and decompression. You also have to send it over the > > modem, and probably frame it too. > > You're right. But if the voice-modem, or a smart voice card (like > SoundBlaster, maybe? Can it do CELP? Can any other available card?) I'm not sure. My understanding of SoundBlaster was that it could produce sounds and had digitizing capabilities (ie. A/D D/A card) If this is so it couldnt do any computations itself. Somoene mentioned Xyxel's modems will do CELP in and of themselves. > will handle full-duplex voice in and out, and then a smart data > modem will pump it through the line (again, full duplex), then > all the CPU has to do is simultaneous encryption/decryption, > plus frame management (moving frames to/from Blaster and > modem). There is no doubt that the CPU can handle the encrypion + framing, this is what I plan to do. > > Am I missing anything? > > > I'm currently implementing one scheme (LPC) on a DSP chip. Hopefully > > my end product will be <$50. I plan put its own ADC/DAC chip on > > board (to save computer<->DSP bandwidth). Possibly some > > high end CPU's like 486 and 040 could handle the load, but > > wouldnt leave much cpu for anything else. > > What DSP are you playing with? How expensive is it? Can I buy > such a chip from somewhere (assuming the price won't scare me > out)? I am using the ADSP2105 from Analog Devices. The list price is about $12. It has internal memory (1 kwords instruction, 512 words data, 24 and 16 bits wide respectively), and boots instruction memory off of an eeprom. Minimum setup would probably be ADSP2105, xtal, eeprom (4k), max232 (interface voltage levels), DAC/ADC chip and a power supply. You can reach Analog Devices at (617) 329-4700, they send out spec sheets for free. > -- > Regards, > Uri uri@watson.ibm.com scifi!angmar!uri N2RIU > ----------- > > > From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peb@PROCASE.COM Date: Tue, 25 May 93 13:41:13 PDT To: fergp@sytex.com Subject: Re: VinCrypt Message-ID: <9305252040.AA15879@banff.procase.com> MIME-Version: 1.0 Content-Type: text/plain I saw their package at Fry's last weekend. It has a double DES mode too. It seems to have only manual encrypt/decrypt. The right way to do it is have a device driver do it for you (say, a Mach user level pager for a crypto disk). Data Encryption Standard or RSA Data Security Inc's standards are not secure because their basic algorithms have been given to the National Security Agency. VinCrypt's source code will not be passed around, Great spin, but not much more than spin. Paul E. Baclace peb@procase.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Tue, 25 May 93 11:46:18 PDT To: cypherpunks@toad.com Subject: Bill O' Rights Message-ID: MIME-Version: 1.0 Content-Type: text/plain I remember reading this in the March ACM and thinking,"Man. He hit that right on the head." When I ran across this transcript in Computer Select earlier this morning (while looking for various encryption products, no less), I thought those of you who had not already seen it would be struck by John Perry's insights. BTW, I also have the full transcripts of Dorothy Denning's, William A. Bayse's (Assistant Director, FBI Technical Services Division) and Lewis M. Branscomb's (Harvard University) articles which appeared in the same issue with regards to Digital Telephony, if anyone cares for me to post them. Looking back on the progression of events, beginning with the debate of the Digital Telephony proposal and subsequently the proposal currently (officially) referred to as the "Key Escrow" Chip (and its associated escrow scheme), I can't help but surmise that the whole ball of wax is geared towards allowing the Government the ability to effectively eavesdrop on its citizens communications in the face of advancing technology, without regard to privacy matters. 8<---- Begin forwarded text --------- Journal: Communications of the ACM March 1993 v36 n3 p21(3) * Full Text COPYRIGHT Association for Computing Machinery Inc.1993. ---------------------------------------------------------------------- Title: Bill o' rights. (impact of technology on basic civil rights; humor) (Electronic Frontier) Author: Barlow, John Perry ---------------------------------------------------------------------- Full Text: *Note* Only Text is presented here; see printed issues for graphics. It has been almost three years since I first heard of the Secret Service raids on Steve Jackson Games and the cyberurchins from the Legion of Doom. These federal exploits, recently chronicled in Bruce Sterling's book Hacker Crackdown, precipitated the formation of the Electronic Frontier Foundation and kicked loose an international digital liberties movement which is still growing by leaps and conferences. I am greatly encouraged by the heightened awareness among the citizens of the Global Net of our rights, responsibilities, and opportunities. I am also heartened that so many good minds now tug at the legal, ethical, and social riddles which come from digitizing every damned thing. The social contract of Cyberspace is being developed with astonishing rapidity, considering that we are still deaf, dumb, and disembodied in here. Meanwhile, back in the Physical World, I continue to be haunted by the words of the first lawyer I called on behalf of Steve Jackson, Phiber Optik, and Acid Phreak back in the spring of 1990. This was Eric Lieberman of the prestigious New York civil liberties firm Rabinowitz, Boudin, Standard, Krinsky, and Lieberman. I told him how the Secret Service had descended on my acquaintances and taken every scrap of circuitry or magnetized oxide they could find. This had included not only computers and disks, but clock radios and audio cassettes. I told him that, because no charges had been filed, the government was providing their targets no legal opportunity to recoup their confiscated equipment and data. (In fact, most of the victims of Operation Sun Devil still have neither been charged nor had their property returned to them.) [This issue has been somewhat resolved with the recent ruling in favor of Steve Jackson and the subsequent award of damages.] The searches were anything but surgical and the seizures appeared directed less at gathering evidence than inflicting punishment without the bothersome formality of a trial. I asked Lieberman if the Secret Service might not be violating the Fourth Amendment's assurance of "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures." He laughed bitterly. "I think if you take a look at case law for the last ten years or so, you will find that the Fourth Amendment has pretty much gone away," he said. I did. He was right. A lot of what remained of it was flushed a year later when the Rehnquist Court declared that in the presence of "probable cause" ...a phrase of inviting openness...law enforcement officials could search first and obtain warrants later. Furthermore, I learned that through such sweeping prosecutorial enablements as RICO and Zero Tolerance, the authorities could entract their own unadjudicated administrative "fines" by keeping much of what they seized for their own uses. (This incentive often leads to disproportionalities between "punishment" and "crime" which even Kafka might have found a bit over the top. I know of one case in which the DEA acquired a $14 million Gulfstream bizjet from a charter operator because one of its clients left half a gram of cocaine in its washroom.) I tried to image a kind of interactive Bill of Rights in which amendments would fade to invisibility as they became meaningless, but I knew that was hardly necessary. The citizens of Stalin's Soviet Union had a constitutional guarantee of free expression which obviously, like our own, allowed some room for judicial interpretation. It occurred to me then that a more honest approach might be to maintain a concordant Bill of Rights, running in real time and providing up-to-the-minute weather reports from the federal bench, but I never got around to it. Recently I started thinking about it again. These thoughts were inspired partly by Dorothy Denning's apology for the FBI's digital telephony proposal (which appears in this issue). I found her analysis surprisingly persuasive, but I also found it fundamentally based on an assumption I no longer share: the ability of the Bill of Rights to restrain government, now or in the future. The men who drafted the U.S. Constitution and its first ten amendments knew something that we have largely forgotten: Government exist to limit freedom. That's their job. And to the extent that utterly unbridled liberty seems to favor the reptile in us, a little government is not such a bad thing. But it never knows when to quit. As there is no limit to either human imagination or creativity in the wicked service of the Self, so it is always easy for our official protectors to envision new atrocities to prevent. Knowing this, James Madison and company designed a government which was slightly broken up front. They intentionally created a few wrenches to cast into the works, and these impediments to smooth governmental operation were the Bill of Rights. Lately though, we find ourselves living in a world where the dangers we perceive are creatures of information rather than experience. Since the devil one knows is always less fearsome than the worst one can imagine, there is no limit to how terrifying or potent these dangers can seem. Very few of us, if any, have ever felt the malign presence of a real, live terrorist or drug lord or Mafia capo or dark-side hacker. They are projected into our consciousness by the media and the government, both of which profit directly from our fear of them. These enemies are, in our (tele)visions of them, entirely lacking in human decency or conscience. There is no reason they should be mollycoddled with constitutional rights. And so, we have become increasingly willing to extend to government what the Founding Fathers would not: real efficiency. The courts have been updating the Bill of Rights to fit modern times and perils, without anyone having to go through the cumbersome procedure of formal amendment. The result, I would suggest with only a little sarcasm or hyperbole, has come to look something like this: Bill O' Rights AMENDMENT 1 Congress shall encourage the practice of Judeo-Christian religion by its own public exercise thereof and shall make no laws abridging the freedom of responsible speech, unless such speech is in a digitized form or contains material which is copyrighted, classified, proprietary, or deeply offensive to non-Europeans, nonmales, differently abled or alternatively preferenced persons; or the right of the people peaceably to assemble, unless such assembly is taking place on corporate or military property or within an electronic environment, or to make petitions to the government for a redress of grievances, unless those grievances relate to national security. AMENDMENT 2 A well-regulated militia having become irrelevant to the security of the state, the right of the people to keep and bear arms against one another shall nevertheless remain uninfringed, excepting such arms as may be afforded by the poor or those perferred by drug pushers, terrorists, and organized criminals, which shall be banned. AMENDMENT 3 No soldier shall, in time of peace, be quartered in any house, without the consent of the owner, unless that house is thought to have been used for the distribution of illegal substances. AMENDMENT 4 The right of the people to be secure in their persons, houses, papers and effects against unreasonable searches and seizures, may be suspended to protect public welfare, and upon the unsupported suspicion of law enforcement officials, any place or conveyance shall be subject to immediate search, and any such places or conveyances or property within them may be permanently confiscated without further judicial proceeding. AMENDMENT 5 Any person may be held to answer for a capital, or otherwise infamous crime involving illicit substances, terrorism, or child pornography, or upon any suspicion whatever; and may be subject for the same offense to be twice put in jeopardy of life or limb, once by the state courts and again by the federal judiciary; and may be compelled by various means, including the forced submission of breath samples, bodily fluids, or encryption keys, to be a witness against himself, refusal to do so constituting an admission of guilt; and may be deprived of life, liberty, or property without further legal delay; and any property thereby forfeited shall be dedicated to the discretionary use of law enforcement agencies. AMENDMENT 6 In all criminal prosecutions, the accused shall enjoy the right to a speedy and private plea bargaining session before pleading guilty. He is entitled to the assistance of underpaid and indifferent counsel to negotiate his sentence, except where such sentence falls under federal mandatory sentencing requirements. AMENDMENT 7 In suits at common law, where the contesting parties have nearly unlimited resources to spend on legal fees, the right of trail by jury shall be preserved. AMENDMENT 8 Sufficient bail may be required to ensure that dangerous criminals will remain in custody, where cruel punishments are usually inflicted. AMENDMENT 9 The enumeration in the Constitution of certain rights, shall not be construed to deny or disparage others which may be asserted by the government as required to preserve public order, family values, or national security. AMENDMENT 10 The powers not delegated to the U.S. by the Constitution, shall be reserved to the U.S. Departments of Justice and Treasury, except when the states are willing to forsake federal funding. [John P. Barlow is a technological author and the cofounder (with Mitch Kapor) of the Electronic Frontier Foundation. He currently lives in Wyoming, New York and "in Cyberspace." His email address is barlow @eff.org.] Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp@sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: andrew m. boardman Date: Tue, 25 May 93 11:56:53 PDT To: cypherpunks@toad.com Subject: Steganography and Steganalysis In-Reply-To: <9305251546.AA17642@toad.com> Message-ID: <199305251856.AA08939@ground.cs.columbia.edu> MIME-Version: 1.0 Content-Type: text/plain Someone is probably doing steganography in netnews and/or mailing lists right now! (Besides cypherpunks, I mean.) How would we find them? Food for thought: that, at least as of recently, the NSA bought weekly dumps of all usenet articles on tape. I highly doubt they were for their reading pleasure... andrew From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: baumbach@atmel.com (Peter Baumbach) Date: Tue, 25 May 93 12:29:52 PDT To: cypherpunks@toad.com Subject: Re: License plates Message-ID: <9305251859.AA06461@carp.chp.atmel.com> MIME-Version: 1.0 Content-Type: text/plain > My understanding is that in many states, the Department of Motor Vehicles Records > indexed on license plate number, and containing the name, address, and other > information about the owner, is public or semi-public. How would an interested > party go about finding this information? How difficult or costly is it? And > what all is actually listed in the record? Mathew Lesko has several books out that are all about finding this type of information. I have a couple of these books, they are available at most book stores. "Information USA" is about federal sources of information, and a newer book, that I don't remember the name of, is about state sources of information. I remember seeing a listing, by state, of motor vehicle license and registration data for sale. For Maryland, a magnetic tape of complete license or registration data is available for $300! > How about medical records? How private are they? > > How about other records which are, to me, private or appear to be private, but > can actually be read by anyone without my consent? > I don't know what else. Credit information "requires" your permission to be read by someone. > Kragen > The work of cypherpunks will make this information less private. Laws will not make it more private. Crypto cash will buy this information anonomously. The work of cypherpunks will also make this information more private. You all know more about this than I do; how do you cypherpunks suggest we keep this information private? Peter Baumbach baumbach@atmel.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Tue, 25 May 93 15:27:33 PDT To: cypherpunks@toad.com, gnu Subject: Re: Steganography and Steganalysis In-Reply-To: <9305252149.AA27051@toad.com> Message-ID: <9305252227.AA27968@toad.com> MIME-Version: 1.0 Content-Type: text/plain My favorite scheme was to encode messages in trailing spaces and/or tabs in netnews messages. You could also put internal tabs in place of spaces. In fact, you could do this with news messages that flow "through" your site, (if the messages aren't protected with a crypto checksum), so that you would not be the message's sender (and it wouldn't be addressed to anyone either -- recipients get very good privacy). This would be one way for a Unix "worm" program to report back to its master...and/or receive instructions. John Gilmore PS: You could put short interesting stuff just in your message-ID's! Not to mention the low order bits of timestamps (exactly *what* second did it arrive, now?). From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Doug Porter <76244.315@CompuServe.COM> Date: Tue, 25 May 93 13:14:15 PDT To: Cypherpunks Subject: How to make encryption w Message-ID: <930525200629_76244.315_CHN82-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain Until many people use encryption those who encrypt will be targets. The biggest barrier to widespread use of encryption is that you have to leave your mail package to work with separate encryption programs and message files. To overcome this people need a messaging system which makes encrypting and decrypting as easy as pushing a button. The package should allow plugging and unplugging encryption programs. This lets people make their own technical, ethical and legal choices. The package also must be significantly better than the mail packages people use now, or they won't switch, and therefore won't encrypt. We've done it: Cyberdesk automates access to cyberspace and supports third party encryption programs seamlessly. Today Cyberdesk manages CompuServe (both email and forums), MCI Mail, cc:Mail (both local LAN and remotely), and The WELL (both email and conferences), with more to follow. It runs under Windows and includes features such as distribution lists and a spelling checker. Cyberdesk is in Beta now and fast approaching release. All you need is a simple interface to use an encryption program with Cyberdesk. This interface is usually just two short batch files, one for encryption and another for decryption. In some cases it may be a small program. We do not plan to provide these interfaces or any specific encryption. In addition to allowing people flexibility in their choices, we hope this approach will make ITAR irrelevant. Yep, I'm asking you to support a commercial package without monetary compensation from us. You may decide to charge users for your interface, of course. We'll give a copy of Cyberdesk to anyone who creates an interface for an unsupported encryption package. We have a chance to make it easy, and therefore common, for people to encrypt. All we need is the interfaces. Cypherpunks write code. Doug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: RYAN Alan Porter Date: Tue, 25 May 93 13:16:55 PDT To: cypherpunks@toad.com Subject: Re: License plates In-Reply-To: <9305251854.AA01809@media.Corp.Sun.COM> Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Tue, 25 May 1993, Doug Brightwell wrote: > > > My understanding is that in many states, the Department of Motor Vehicles Records > > indexed on license plate number, and containing the name, address, and other > > information about the owner, is public or semi-public. How would an interested > > party go about finding this information? How difficult or costly is it? And > > what all is actually listed in the record? > > Several weeks following a car accident that I was involved in, I > received a notice from the California DMV notifying me that someone had > filed a request for the information on my vehicle registration. From > the name and address on the notice, I figured out that it was the other > driver's attorney, probably wanting to know where to send a subpoena. > Apparently, anyone can walk into a DMV office, fill out a form, pay > $1.00 (or whatever) and get the info because it's public record. > However, at least the DMV also alerts the "investigatee" to the fact > that someone now has their home address, and provides the name and > address of the requestor. Here in Florida, the information is supposed to be confidential. Operation Rescue (a group of fanatical Christians intent on harassing abortion clinics and patients) has an employee in the DMV who snatches the number somehow, however. They now sit around in front of the clinics and jot down the license numbers of patients and use their inside contact to find the name and address of the patient and harass them. ObRelation2Cypherpunks: We are now trying to justify using the computer privacy laws to prosecute specifically for the fact that the records are being held electronically and Operation Rescue is illegally obtaining this information and not going through proper channels. Hugs and kisses, -Ryan the barcode guy From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: poier@sfu.ca (Skye Merlin Poier) Date: Tue, 25 May 93 16:20:04 PDT To: cypherpunks@toad.com Subject: Anonymity on the net Message-ID: <9305252319.AA26265@malibu.sfu.ca> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- I know of several anonymous remailers: would it not be a good idea to "link up" several of these hosts so that one mails the first remailer, which mails another and so on and so on.... This would be a real pain in the butt to retrace, as surely the owner info wont be rubber hosed out of all of the host bosses.... Skye - -- - -----====> Skye Merlin Poier <====----- Undergrad in CMPT/MATH (Virtual Reality) |||| |||| email: poier@sfu.ca p-OO <--> OO-q THINK PGP Public Key available on finger \== ==/ -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLAKpgS0bkpXW3omvAQFwgAQAzXstBcts8h5U3chnu7SQe67DFgsj4dG1 Jz3BrK2QFHMspkVtxShAC+xBfIYwvR3eCIInKFFjxdzBxbprEJk+pwaNibFvtqDS IkMM86gr6dsu0UtY0jh73I63M1aZukWVUOzO2TpPL++fibKFBYQDJFD7xeOJWHx7 OeTEAL3gedk= =rKKD -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com Date: Tue, 25 May 93 13:29:40 PDT To: cypherpunks@toad.com Subject: Re: Something just sunk in... Message-ID: <9305252029.AA24538@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text > enforcement agency that has to tap a family such as my own. We have (at > last count) 6 phones on two lines. Thats two lines to monitor for one of > 6 different unit keys. Are they going to get one court order for each > phone? or will the one court order do for all of the keys... Presumably one court order will cover any phones involved in conversations with your, er, the alleged perpetrator of some as-yet-unidentified crime's house. After all, they can't tell in advance what phones would actually be in use, since serial numbers are presumably not registered at time of purchase, and it's possible to move the phones around. Assuming symmetric use of keys, it's more efficient for them to only subpoena keys for phones actually in the house, since this catches both ends of the conversation, but that depends on what they can talk a judge into permitting. > Am I supposed to pay to replace all 6 phones?? ... Have they considered this? Since there have been no statements from the Feds about who pays for *single* phones, except Ed Meese's line about "People who are innocent usually aren't suspects", the case of all 6 phones isn't much different, though if you are tried and found innocent you may be able to force them to disclose which of your phones they've actually subpoenaed keys for. It's probably viewed as a "not our problem" issue, just as your legal costs for your defense aren't usually reimbursed unless they've been grossly out of line and you sue them successfully, a la Steve Jackson. The White House press releases haven't answered the question of exactly who gets access to your keys once subpoenaed, or whether they have to destroy them if you're found innocent, or not eventually charged with a crime, or whatever. It will probably be left up to the courts to decide. Bill Stewart, pessimistically reporting from New Jersey. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Tue, 25 May 93 13:48:36 PDT To: amb@cs.columbia.edu Subject: Say again? Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Tue, 25 May 1993 14:56:48 -0400, andrew m. boardman wrote - > Food for thought: that, at least as of recently, the NSA bought > weekly dumps of all usenet articles on tape. I highly doubt they > were for their reading pleasure... Is this hearsay, innuendo or fact? If fact, what can you site as reference to support your statement? If you know this to be fact, please cite your references and provide as much detail as possible. Cheers. Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp@sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Nickey MacDonald Date: Tue, 25 May 93 12:49:21 PDT To: cypherpunks list Subject: Something just sunk in... Message-ID: MIME-Version: 1.0 Content-Type: text/plain I have been way behind in my email, and I've been catching up... I was just reading some of the Clipper mail (To be called the "Huge Clipper Email Burst of 93"???? ;-) when something just sort of sunk in... Asumme for a minute that Clipper was enforced and it got to the point that it was embedded in *every* phone... What of the poor (this is sarcasm) law enforcement agency that has to tap a family such as my own. We have (at last count) 6 phones on two lines. Thats two lines to monitor for one of 6 different unit keys. Are they going to get one court order for each phone? or will the one court order do for all of the keys... Am I supposed to pay to replace all 6 phones?? I didn't see any mention of having more than one chip with the same key (not that I would want that anyway)... Have they considered this? --- Nick MacDonald | NMD on IRC i6t4@jupiter.sun.csd.unb.ca | PGP 2.1 Public key available via finger From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Tue, 25 May 93 17:02:06 PDT To: cypherpunks@toad.com Subject: Re: Anonymity on the net Message-ID: <9305260002.AA12104@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Skye Merlin Poier writes: >-----BEGIN PGP SIGNED MESSAGE----- > >I know of several anonymous remailers: would it not be a good idea to "link up" >several of these hosts so that one mails the first remailer, which mails >another >and so on and so on.... This would be a real pain in the butt to retrace, as >surely the owner info wont be rubber hosed out of all of the host bosses.... Chaining remailers is of course the basic idea of using remailers. "Linking up" the remailers would sort of defeat the purpose of the remailers, wouldn't it? The idea is for only the sender to really know the sequence of remailers. (Of course, some of us aren't always using encrypted remailers--though we really should be--and hence the first remailer node theoretically knows who sent the message and where it's going. (Later remailers won't know, as all header info gets stripped out, so most of the benefits are retained.) Longterm, this will have to fixed, by more and easier encryption. For now, just using remailers as I show below is a good exercise.) Using remailers is easily done, and in fact I do this for nearly all of the "remailed" messages I send (no, I won't say which of the "anonymous" or "nobody" messages I sent...if more people used remailers, we'd all be better off). I encourage everyone out there who has not yet played with remailers to give them a quick try. You can see for yourself in the next 10 minutes what this all means, just by sending yourself an "anonymous" message! Here's an example script I use. Note that I favor the "double colon" (sounds like a medical condition, doesn't it?) format, as my mailer doesn't have a convenient way of messing with the headers. (You are of course free to try the other remailer format, described in the documentation for the remailers.) To use the double colon method, simply place a "::" on a blank line in the _body_ of your message (not the header) followed by a line with "Request-Remailing-To: next address" in it. And then another blank line, and then your message. The forms below should make this clearer. Then _another_ such remailer form can be included, and another, and another, and so forth. Very easy to use. (Whoever came up with the double colon format, please keep it in future versions!) Karl Barrus occasionally publishes a list of operating remailers. I occasionally test these remailers by sending messages to myself, to assure myself they're still up and running and are sending stuff through promptly. I keep a small database of "functional remailers," with their speeds (most remail within seconds) and such. Once I've "pinged" these remailers, I feel more confidant about chaining several of them together. Example of Several Hops: To: ebrandt@jarthur.claremont.edu :: Request-Remailing-To: hh@cicada.berkeley.edu :: Request-Remailing-To: elee7h5@rosebud.ee.uh.edu :: Request-Remailing-To: final address This is a test message. Several hops. Even more remailer addresses could of course be included here. {this went through in just a few minutes} To use this yourself, replace the "final address" with your own address. You should get an "anonymous" or "nobody" message in just a few minutes. Naturally, you can vary the order of the remailers, use others, etc. Check out the list of remailers Karl Barrus publishes (and maybe it's even in the soda archives?) and "roll your own." Even use PGP with the sites that support it (and at least one of the sites *requires* PGP, last time I checked). If the last address is one of the mail-to-NetNews sites, you've just posted anonymously. Happy anonymous remailing! -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: by arrangement Note: I put time and money into writing this posting. I hope you enjoy it. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Tue, 25 May 93 14:11:34 PDT To: fergp@sytex.com (Paul Ferguson) Subject: Re: Say again? In-Reply-To: Message-ID: <9305252111.AA08399@dun-dun-noodles.aktis.com> MIME-Version: 1.0 Content-Type: text/plain >> Is this hearsay, innuendo or fact? If fact, what can you site as >> reference to support your statement? If you know this to be fact, >> please cite your references and provide as much detail as possible. Rick Adams of UUNET confirmed on the com-priv list that his organization had been selling the FBI a usenet feed on tape. I could find the exact reference if you want. I don't know for sure that the NSA has a feed, or from whom, but it wouldn't surprise me. However, the obvious next point is, so what? It's a public system. Any idiot can pay $20/month and get a public access account. If you say something in a news post which you wouldn't want the FBI or NSA or whoever to see, you're the person who has done something stupid. Tapping a news feed isn't like tapping a phone line. It's more like turning on the television. Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Tue, 25 May 93 14:15:35 PDT To: cypherpunks@toad.com Subject: Re: Steganography and Steganalysis In-Reply-To: <199305251856.AA08939@ground.cs.columbia.edu> Message-ID: <9305252115.AA13580@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain andrew m. boardman says: > Someone is probably doing steganography in netnews and/or mailing > lists right now! (Besides cypherpunks, I mean.) How would we find them? > > Food for thought: that, at least as of recently, the NSA bought weekly > dumps of all usenet articles on tape. I highly doubt they were for > their reading pleasure... Many organizations buy complete dumps of usenet -- its a way of getting a newsfeed if your organization is too paranoid to let you get a network connection. I don't know if the NSA was such an organization, but it would not suprise me. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: andrew m. boardman Date: Tue, 25 May 93 14:27:18 PDT To: fergp@sytex.com Subject: Say again? In-Reply-To: Message-ID: <199305252126.AA14245@ground.cs.columbia.edu> MIME-Version: 1.0 Content-Type: text/plain Is this hearsay, innuendo or fact? If fact, what can you site as reference to support your statement? If you know this to be fact, please cite your references and provide as much detail as possible. This was based on a verbal conversation at Interop with someone from uunet, from whom the tapes are purchased. I or they could be mis[led|informed|remembering], but if you really care, ask uunet. andrew From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peb@PROCASE.COM Date: Tue, 25 May 93 17:41:46 PDT To: tcmay@netcom.com Subject: Re: Anonymity on the net Message-ID: <9305260041.AA15894@banff.procase.com> MIME-Version: 1.0 Content-Type: text/plain In case you missed it...Wall Street Journal of May 24, page B1 had an article by Wm. F. Buckley on Internet anonymous messages. The article was about some professor who wrote a program to erase anon messages automatically and how he got "shouted down" and withdrew his program (it only ran on his netnews site anyway). The analogy Buckley used was that of self-policing coffee houses where people doing anti-social things are shouted out by the crowd. I guess Buckley is into anon remailers (or at least their use as free speech devices) since he portrayed the guy wiping out anon messages as being anti-social. Paul E. Baclace peb@procase.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jordan@imsi.com (Jordan Hayes) Date: Tue, 25 May 93 15:01:37 PDT To: cypherpunks@toad.com Subject: Re: dumps of USENET ... Message-ID: <9305252142.AA29071@IMSI.COM> MIME-Version: 1.0 Content-Type: text/plain From Tue May 25 17:37:46 1993 Many organizations buy complete dumps of usenet -- its a way of getting a newsfeed if your organization is too paranoid to let you get a network connection. I had "always heard" that mimsy.umd.edu was the machine where the Ft. Meade guys-n-gals (let's not start that *again*) hung out to read/post USENET ... /jordan From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: kqb@whscad1.att.com Date: Tue, 25 May 93 14:49:12 PDT To: cypherpunks@toad.com Subject: Re: Steganography and Steganalysis Message-ID: <9305252149.AA27051@toad.com> MIME-Version: 1.0 Content-Type: text/plain I have received some useful feedback to yesterday's message on steganography and steganalysis. Here are some clarifications to my cryptic presentation and a correction. I was most interested in finding if the steganographic capacity of English is high enough to make steganography practical for everyday use, so I didn't even address the meaningfulness of the output. For example, if I could only produce a capacity of a tenth of one percent, the meaningfulness would not even be an issue because nobody would want to send large messages via steganography anyway. A capacity of 10%, requiring the public text to be only 10 times as long as the hidden text, may be good enough for everyday use. If that can be achieved, then the next step is to see if meaningful output can have a high steganographic content. If so, then I expect that several cypherpunks would want to pursue that. (FYI: I plan to do more analysis on my own, even if nobody else does.) My guesstimate for the steganographic capacity of English did not provide a steganographic algorithm. For example, I haven't even looked into how to map a bit string to a parenthesis grouping; I was just noting that if you have X(N-1) possibilities, there must be log (X(N-1)) bits available, assuming all possibilities are equally likely. Is there a simple-to-compute mapping of the numbers 1 through X(N-1) to the X(N-1) parenthesizations of an N word sentence? Fortunately, N rarely gets large for ordinary English sentences, so a general solution may be unnecessary. My presentation mistakenly implied that a good steganographic algorithm may have the form: E(K, M) = E2( E1(K,M) ) where E1 is a cryptographically secure encryption function with public key K and hidden message M, E2 somehow converts the encrypted message to ordinary English text, and E1, K, and E2 are publicly known. Unfortunately, if the inverse of E2 (let's call it D2), is easily found, then the presence of a hidden message can be detected easily, even though that message cannot be decrypted easily. This is because the output of E1, which is incompressible, is easily distinguishable from D2(ordinary English text). Here is a better formulation for the steganographic schema: E(K1, K2, M) = E3( E2(K2, E1(K1,M) )) where: E1(K1,M) converts the hidden message M to a cryptographically secure cyphertext by using the key K1. E1 and K1 are public, but the decryption function D1 is difficult to compute without the private key PK1. E3(C) converts a bit string to ordinary-looking English text. Assume that both E3 and its inverse D3 are public. E2(K2, C) converts the cyphertext C into another bit string such that E2(K2, C) has the same statistical characteristics as D3(ordinary English text). Assume that E2 and K2 are public, but D2 is difficult to compute without the private key PK2. Function E1 is normal public key cryptography, which produces an incompressible cyphertext. I hope that function E3 has a high enough steganographic capacity to make steganalysis worthwhile. Function E2 cannot be a normal encryption function because its output needs to be as compressible as D3(ordinary English text). Both functions E2 and E3 are new types of functions that require more research to work well. I still haven't seen any references to this type of steganography being done before, but thanks to the various people who gave pointers to tools that may help in building it. Kevin Q. Brown INTERNET kqb@whscad1.att.com or kevin_q_brown@att.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 25 May 93 18:07:48 PDT To: poier@sfu.ca Subject: Anonymity on the net In-Reply-To: <9305252319.AA26265@malibu.sfu.ca> Message-ID: <9305260104.AA20217@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >I know of several anonymous remailers: would it not be a good idea to >"link up" several of these hosts so that one mails the first >remailer, For the complete details about this system, please see the ftp site: soda.berkeley.edu::pub/cypherpunks/remailer There is complete source code to the cypherpunks remailer system, instructions for use, scripts to set up encrypted paths, etc. More generally speaking, if you have a question which you think might be a newbie question, please check the archive site first. For basic cryptography questions, the sci.crypt FAQ (Frequently Asked Questions) is available. The full remailer is available, as well as a fairly good collection of primary and secondary source documents on the government wiretap chips. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: norm@netcom.com (Norman Hardy) Date: Tue, 25 May 93 18:08:12 PDT To: cypherpunks@toad.com Subject: Steganography Message-ID: <9305260108.AA22729@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Here is a pitfall to be avoided in Steganography using low bits of AD converter output. Such converters may be biased in their low bit. If you hid 2,000,000 bits in a digitized image you would probably get from 998,000 to 1,002,000 one bits if you took no precautions. A real digitizer might well be expected to produce more than 1,100,000 one bits or less than 900,000. Falling too close to 50% would be a clue that the data was not the yield of a AD converter. Stuffing a few percent of extra one bits according to a random number generator known to the receiver makes the data look more typical. There may be statictical dependencies with the next more significant bit as well. Some elementary statistics can be done on the yield of a real image scanner to examine this issue. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Matt Blaze Date: Tue, 25 May 93 15:44:59 PDT To: andrew m. boardman Subject: Re: Say again? In-Reply-To: <199305252126.AA14245@ground.cs.columbia.edu> Message-ID: <9305252228.AA06769@crypto.com> MIME-Version: 1.0 Content-Type: text/plain > Is this hearsay, innuendo or fact? If fact, what can you site as > reference to support your statement? If you know this to be fact, > please cite your references and provide as much detail as possible. > >This was based on a verbal conversation at Interop with someone from >uunet, from whom the tapes are purchased. I or they could be >mis[led|informed|remembering], but if you really care, ask uunet. > >andrew Actually, the most alarming revelation here could be that someone at uunet is going around casually disclosing information about their customers. Most communications companies, especially those that seek to be regarded as "common carriers", make quite clear to their employees that customer data are among their most proprietary and that revealing any of it is grounds for lightning-speed dismissal. (Obviously, they reveal data that they SELL about their customers, and will disclose anything on a court order, but that's not what we're talking about here). -matt (who has signed his share of non-disclosure agreements with big, bad communications companies) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 25 May 93 18:43:54 PDT To: cypherpunks@toad.com Subject: Anonymity on the net In-Reply-To: <9305260041.AA15894@banff.procase.com> Message-ID: <9305260140.AA22229@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >In case you missed it...Wall Street Journal of May 24, page B1 had an >article by Wm. F. Buckley on Internet anonymous messages. If someone will type this in, I'll add to to the rants/ directory on the archive. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: andrew m. boardman Date: Tue, 25 May 93 16:14:07 PDT To: mab@crypto.com Subject: Say again? In-Reply-To: <9305252228.AA06769@crypto.com> Message-ID: <199305252313.AA17325@ground.cs.columbia.edu> MIME-Version: 1.0 Content-Type: text/plain >This was based on a verbal conversation at Interop with someone from >uunet, from whom the tapes are purchased. I or they could be >mis[led|informed|remembering], but if you really care, ask uunet. Having just spoken to someone who contracts at the NSA (and no, this name I will not post), he does not believe they get such a beast, although, as many people have pointed out, the FBI did. That, then, would be the origin of that, along with some TLA confusion. Actually, the most alarming revelation here could be that someone at uunet is going around casually disclosing information about their customers. A lot of people perceive the government as having neither a right nor a need to privacy. Certainly there are also quite a few who label themselves "privacy advocates" whose standards do a 180 when the privacy involved is that of the likes of Mykotronx... andrew From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Aaron Mahler Date: Tue, 25 May 93 16:49:32 PDT To: cypherpunks@toad.com Subject: REMOVE Message-ID: <9305252352.AA27835@cvgs.schools.virginia.edu> MIME-Version: 1.0 Content-Type: text/plain Due to a lack of free time (and an overflowing mailbox) I regretfully have to resign from reading The List. I hope to keep up with events as much as possible from afar. My heart is with you guys. -AM -- --------------- Aaron Mahler - Internet: amahler@cvgs.schools.virginia.edu | BIX: amahler Interactive Media, Inc - 307 Rivermont Avenue, Lynchburg, Va 24504 "To search for perfection is all very well, but to look for Heaven is to live here in Hell." - Sting, Consider Me Gone From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: miron@extropia.wimsey.com (Miron Cuperman) Date: Tue, 25 May 93 22:09:24 PDT To: cypherpunks@toad.com Subject: Encrypted UNIX "talk" available Message-ID: <199305260407.AA16052@xtropia> MIME-Version: 1.0 Content-Type: text/plain Last revised Tue May 25 21:05:50 PDT 1993. What is YTalk? ============== YTalk is a multi-user drop-in replacement for the UNIX "talk" program. I have added encryption facilities to it, including private key and PGP authentication. Features ======== - Multi user capabilities. - Drop in replacement for /usr/ucb/talk. - Diffie-Hellman exponential key exchange for session keys. - IDEA encryption in CFB mode. - Password authentication. - PGP authentication. - Logging of conversations to a file. Known bugs and misfeatures ========================== - No security the first time you use it, until the random seed file is created (around 300 keystrokes). - Some problems with the talk daemons on Ultrix and SCO-Unix. - Port to Alpha (64bit) incomplete. Availability ============ Version 2.1 Ftp: soda.berkeley.edu:/pub/cypherpunks/applications Bug reporting ============= All bugs to miron@extropia.wimsey.com. -- Miron Cuperman | NeXTmail/Mime ok Unix/C++/DSP, consulting/contracting | Public key avail AMIX: MCuperman | Laissez faire, laissez passer. Le monde va de lui meme. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 25 May 93 21:14:46 PDT To: cypherpunks@toad.com Subject: RSA in CMOS? In-Reply-To: <9305260322.AA26830@longs.lance.colostate.edu> Message-ID: <9305260411.AA29308@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >Does anyone know of the existence of an RSA chip? To the best of my >knowledge they do not exist. Cylink makes one, as well as Mykotronx. I don't have data sheets here, but the Cylink chips are a fairly old design, do modular exponentiation, multiplication, and addition. One is 512 bits wide (roughly), the other is 1024; these sizes are inexact--the actual width differ by a few bits. They run at 16 Mhz (or at least one of them does). They're implemented in an old design process; just reimplementing them in .8 micron could speed them up a lot. They've been out for a few years. The design is patented; I've read the patent, and there are plenty of other ways to do the calculations. The Mytronx chip, the MYK-80, has a full modular exponentiator on it, as well as SkipJack. The other name of the chip is Capstone. It's not yet shipping. I take it, though, that this is unsuitable. There are also at least four commercial announcements of European exponentiator chips that I have seen, as well as some academic work which is going to silicon in Britain. There's no shortage of the chips, just the will to deploy them and the market awareness for the need for them. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ""L. Detweiler"" Date: Tue, 25 May 93 20:22:55 PDT To: cypherpunks@toad.com Subject: a reaction to Mycotronx intelligence data Message-ID: <9305260322.AA26827@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain I'm disappointed at the *nonexistent* serious response to the Mycotronx postings on the list (I guess we do have some new algebraic formulas, though.) Apparently, these are just to hot for anyone to handle. I think these should be getting our utmost scrutiny as a group for tactical rewards. Are we at war or aren't we? So once again I have to do some dangerous limbwalking because all the other cyphersheep are clutching mommy's apron :). Okay, here goes. I'm sure there will be many inaccuracies but I think it is better here to be loud and wrong than to be silent and let it die with a whimper and nary a peep. I'd like to hear other reactions surely much superior to my own unauthoritative wanderings. I'll put in many questions; if anyone has insights into them please forward them to me and I will summarize (writing about each point to the list will probably take up too much traffic). * Also, if anyone can independently *verify* *any* of these pieces of information, please say so. * If you have access to databases that record relevant info from accounts listed and that kind of thing, and aren't at risk in doing so, please query them. * What about the people listed? Ever encountered them? * Interpretations of codenames and numbers especially of interest. * The possibilities for a little creative and ingenious `social engineering' (esp. with all the phone numbers in part 1) are absolutely unlimited for some really nervy cypherpunks, but I'm not going to encourage it... * Have there been any `repercussions' to the posting on cypherpunks? We need to know how afraid people are of us. Tighter security? Disconnected phone numbers? New code names? In sending me mail, please tell me if I can quote you or your address in the summary or just attribute it anonymously. Also, do not assume that email is secure. If a PGP key of mine will make the difference between your sending me email and not, I'll send it to you. * * * First of all, as a very preliminary opinion, it all looks believable and plausible. Ironically, there is almost too *much* information! The first document was forwarded anonymously to the list by nobody@alumni.cco.caltech.edu. Both documents contain some comments apparently inserted by the source, the first only at the beginning, the second at the beginning and in the middle. In the first a statement is quoted >the >government wants us to trust to keep the Clipper design >secret, don't know jack shit about security. this comment makes sense in the light of a later message that purportedly revealed the source of the data. The statement also refers to `general ledger' probably referring to the second posting. The second posting came forwarded anonymously from nobody@alumni.cco. The contributor talks of leaving out account numbers. Also made two comments on the employee bonuses. * * * In posting 1 we have a great deal of very critical information on people involved in the company, current projects, company contacts, amazingly detailed cost/finance records. We even know their bank and banker! NSA contacts listed! It's not clear that all these diverse records would be stored in one volume of information. They appear to be pasted together from various sources, with some continuity in places. A later posting also suggests the reason for this long-term `snapshot' of company activity at the highest level. The most critical `big-picture' elements of posting 1 are probably the companies mentioned. It paints a clear picture of Mycotronx as a sort of `middleman' in coordinating and contracting other companies to do chip fabrication and testing, apparently with the NSA as their sole customer. AT&T was paid $100K under `Capstone Financial Commitments.' The companies VLSI Tech (fabrication?) and Exatron (testing?) figure prominently. Technical documentation by ELITE. Most amazing is the list of employees and their occupations. If it is complete, then it is remarkable in the number of employees, 10. There is a wide range of occupations from engineer to secretary to president that suggests the list may be complete. Chips: posting 1 refers to MYK80 for testing. Many references to KG44B, with several hundred thousand dollars worth of deliveries to the NSA. KG-48B appears to still be in testing phases. Part of the `Outrunner' project. The `Outrunner' project figures very prominently, what is it? Maybe a specialized chip for Air Force security (appears to be cryptographic because of KG-46 `Tactical Decryptor'). Capstone shows up at the end under `Financial commitments'. It's not clear if Clipper is referenced anywhere. There are many product codes that may refer to it. * * * In posting 2 we have an incredibly detailed, perhaps complete, financial ledger for the company listing everything from employee costs to office supplies. An accountant would probably find it much more readable than me. Because of the probable single source, the information is more focused (into financial categories) than that in posting 1. There are three columns in each series, beginning balance, debits, and credits, supposedly for first four months of 93. Series are probably some Federal or IRS categories for reporting. It is organized into `series' with 1000 recording various brokerage agencies. This may reflect that employees have stock options in the company. Other entries are customer and employee accounts receivable. 2000 series records employee benefits with `accued bonuses' of $341K for the period (given 10 employees, this could be astronomical for someone). Payroll is $343K for the period -- bonuses are as much as salaries. These are very high numbers for 10 employees. Probably the `upper echelon' of a few is making six figure salaries. 3000 series lists more stock. 4000 series lists sales of $2.5M for the 4 month period. 5000 lists consultant fees at $47K, subcontracts at $932K debited and $110K credited. Direct labor for Engineering came to 186K, Technician 93K, Administrative 37K. 6000 lists a lot of different categories (miscellaneous) mostly debits. 7000 series lists another `special bonus' $132K debit, $123. Net money debited and credited at the end of the statement is given as $12.5M for the four month period. Finally the source lists some `outstanding VLSI purchase orders'. It is not clear if these are owed to Mycotronx or Mycotronx owes someone else, but in the first posting the same figure $100K is mentioned for AT&T under `Capstone Financial Commitments', so these are probably payments by Mycotronx. In this document we see that `Compass' is software, a total of $160K. Motorola $76K, VLSI Tech (for the Capstone project) $212K. Myk78 (Clipper?) figures prominently with VLSI Tech: $66K, fix $68K, 78A prototype $11K, 78A production $220K. Also Myk 80 #1 and #2 $48K and $33K, and Myk82 and Myk 79 (80K and 79K). VLSI Tech `Expoteniator' (sic?) $163K. The exponentiator might be a general purpose digital exponentiator suitable for integration with many cryptographic techniques (Diffie Hellman, RSA, etc.) * * * Battle plan: *If* Mykotronx is to be harassed, the things that might be useful to focus on are the large bonuses. Where is all that cold cash going? If it ended up in the hands of a few (or even one) it would not be good PR, to say the least. Also, Mykotronx is clearly heavily dependent on VLSI Tech, and the company does not appear to sell to anyone other than the NSA currently. So those are the jugular veins, so to speak. I suppose if we were really extremists, like animal rights activists, we might individually harass members of the company. I don't encourage anyone to do this unless they do something to provoke it. However, a little friendly getting-to-know 'em type interaction might be interesting and help make sense of our current horde or glean other information. In particular, if anyone in the company feels (shall we say) undercompensated that could be another Achilles heel after they hear how much bonuses are coming out (bonus? I haven't heard about any bonuses! You heard of any bonuses?) Following is the mostly raw undistilled stuff. As noted, please comment on *anything* to me personally in email, and I'll try to organize, compile, and make sense of it all. Special thanks to the `anonymous' individual who was willing to risk potentially severe repercussions to bring the outrageous secrecy concerning the chip to glaring lighted public exposure and those who went out of their way to help `him'. Hey, even though this person could greatly benefit from Introductory Espionage 101 we love you anyway. You'll probably be the main character when Cypherpunks get their own sitcom or Monday Night Movie... posting 1 ======== * address, phone, FAQ of company * bank that holds company account(s)? Shearson Lehman Brothers. Acct #509 24261 12011. * Fed Ex Acct #1122-7492-8 * List of employees names and occupations. There are 10 employees listed. >Bob Gottfried, CEO >Leonard J. Baker, President >Ralph O' Connell, aka "The Father of COMSEC", NSA Lobbyist >Mike Furusawa, Space COMSEC Manager >Patti Linahan, Executive Secretary >Kikuo Ogawa, Buyer >R. Todd, W. Greenfield, KG-44B (Outrunner) Project >John C. Droge, Personnel >Bob Todd, Manufacturing Manager >Landy Riley, Engineering * Has anyone heard of an `NSA lobbyist'? This is very interesting. Later O'Connell is listed as `NSA Contact'. * Also, `COMSEC manager'? * `Buyer' of what? All major parts? * What about the code KG-44B Outrunner project? Under `Principle NSA Technical Contact' we have the NSA address (`Maryland Procurement Office) and code >Attn: N244 (CEB) (MDA904-92-G-0354/J.O. 5001) * Code names: what are these? People involved are clues. We already know KG-48B is also `Outrunner' and 48B and 46 are related somehow. * 46 is a `Tactical decryptor unit' -- sounds like a military application. Involvement of Air Force agents confirms it. * What is `Computer Systems Command'? That would really nail it, probably. * Capstone is being built by Mycotronx, right? It's likely Clipper and Capstone are also named KG-?. I don't think KG-46 and 48B are Clipper and Capstone due to the `tactical' Air Force involvement. Also, Clipper is MYK78, right? >KG-46 Tactical Decryptor Unit and >KG-48B Outrunner Provisioning Conference participants: >Robert Todd, Mykotronx >Bill Greenfield, Mykotronx >G. Burgio, NSA >J. Gochnour, NSA >J. Wimpy, Air Force Computer Systems Command >S. Solis, Air Force Computer Systems Command >To Be Discussed at meeting May 18 & 19, 1993 * This is an amazing piece of intelligence. These meetings were scheduled *after* this posting appeared for us. I think there are a lot of NSA agents having nightmares right now. * It is not clear, but it may be that `Outrunner Project Milestone Payments' were the subject of the May 18,19 meetings. (What is a `milestone payment'? Is that an NSA term? Military?) The meeting was very likely on Outrunner given the rest of the information. * The dates for payments are 2/14/92 (Preliminary Studies) to 5/13/93 (Deliver 4 KG-44B to NSA). What is a known project under those dates? * Most categories refer to chip design with terms like VLSI and `complete fab' and `complete tests', `crypto verif'. Also, is VLSI a company? * Entires 11a,11b,13-17 are deliveries to the NSA, batches of 44B. What is chip 44B? Very important. No deliveries of 48B to NSA listed. Since this is in the `outrunner' categories we now know that KG48B, 44B, 46 are all related. Also, the KG number appears to be some parameter on the device code. * What are these keywords: `Complete PDR' (preliminary design review?) `Complete CDR' (concluding design review?) `SFA review VLSI'? Next sounds like a `Invoice' for KG-44LSI. Mykotronx P/N M20/00301XXX KG44 VLSI Procurement to >United Technologies Microelectronics Center >Colorodo Springs, CO 80907 Can't spell! The part I like is ``Secret item handling''. The invoice is fairly small, refers to Group B and Group C testing (?). Also a statement `export of this product is controlled by U.S. Disclosure of related technical data to foreign nationals without the appropriate export license is prohibited by law.' Test plan for MYK-80: Work for Exatron. MYK-80. 176 pin TQFP might pinpoint the chip. IMS tester? Installation of PET (Positron Electron Tomography? Like a microscope?) `handlers' at Mykotronx. Training & Manuals (for MYK-80?) subcontracted to ELITE Technical Corp (Redondo Beach, CA). `Capstone financial commitments' * ``Basic VII Cap VLSI 10'' $212,000. Sun 1 yr maintenance warranty. `Compass' $160K? IKOS System. ELITE Tech. Corp. Plotter. SJ (1) and (2), $71k and $76k. * AT&T, $100K (?) What is Mycotronx *paying* AT&T 100K for Capstone? * Another `Compass' $110K. VLSI Tech $30K and $163K. VLSI Tech Capstone TQFP $10K. Hm, both VSLI Tech. and Exatron do TQFP. * VLSI Tech Exponeniator Tamper System $163K? * $225K for `Litronics'? posting 2 ======== >Acct Descr Beg Bal Debits Credits >Shearson Lehman 286,511 2,620,096 2,670,822 > >Paine Webber 95,602 868 0 > >Dean Whitter 55,391 484 0 > >Petty Cash 3,000 0 0 * Why is so much stock being traded? What is it for? Employee bonuses? Ownership of child companies? >Raw inventory 172,252 0 76,064 * not much, although what is it in? reconfirms picture as just an intermediate company, almost just a `reseller'. >Accrued payroll 25,637CR 343,682 318,045 >Accrued bonuses 214,040 341,240 127,200 * how does this break down among employees? >Common Stock 169,320 0 61,435 > >Capital disbursement 916,675 222,230 0 > >Retd Earnings, begng 2,385,020CR 0 0 * more stock. What does it mean? Retd? disbursement? >Subcontracts 0 932,210 110,419 * almost $1M debit for 4 months. Most of the action is here. >Materials/parts 0 186,252 22,423 * for what? >Direct labor-Engnrg 0 240,341 54,172 > >Direct labor-Technician 0 129,839 37,459 > >Direct labor-Adminst 0 47,542 10,081 * why are these in a different category than employee costs? What's the difference? >Special Bonus 0 132,200 123,200 * Comes out to $9K. What does it mean? >G&A Labor 0 103,4520 0 * G&A means? 100K is fairly large; more than consulting fees for example. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ""L. Detweiler"" Date: Tue, 25 May 93 20:23:03 PDT To: cypherpunks@toad.com Subject: RSA in CMOS? Message-ID: <9305260322.AA26830@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain Many people have been talking about cryptographic applications in hardware on the list. I suspect these will be largely untapped until a chip that does general-purpose RSA encryption comes along. There are many DES implementations that could be integrated with such a chip and then worked into computer cards, telephones, cryptography kits, etc. Does anyone know of the existence of an RSA chip? To the best of my knowledge they do not exist. Are there any plans for an RSA chip? The chip would ideally *not* be constrained to work with DES, or at least the DES encryption would be an option in addition to just pure RSA encryption of arbitrary data, for reasons of potential insecurity in DES and emergence of other superior algorithms (which upon appearance would not automatically make a general-purpose chip obsolete). From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ""L. Detweiler"" Date: Tue, 25 May 93 20:23:12 PDT To: cypherpunks@toad.com Subject: PGP-RSAREF rumors Message-ID: <9305260323.AA26837@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain Nothing has appeared on this list on this subject since the initial flurry sparked by PGP-RSAREF negotiations. I thought I would just post a few short comments based on inside sources and speculations for all the cypherpunks waiting on the edge of their consoles to hear some word. In no way should this be construed to be representative of positions on either side. I just hope to give members a little current insight and encouraging glimpse, but also show how the difficulties involved in the negotiations mean this is not as simple as Bidzos and Zimmerman shaking hands without snarling (although that's certainly part of it). A rather serious obstacle to RSAREF integration into PGP is that the RSAREF routines only `ostensibly' allow RSA encryption of DES session keys. For novices on the list, the background for this is that RSA is too slow to use to encode an entire message, so that one uses RSA to encode a randomly generated key for each session (hence the name) that is contained in the transmission. The remainder of the transmission includes the message encrypted under the private-key algorithm (e.g. DES) with the generated session key. Since the key is shorter than the message and the private-key algorithm faster than the public-key approach, this scheme results in a net gain of speed, but with security only `as strong' as the private key algorithm. Because of suspected weaknesses in DES, Zimmerman chose to use the Swiss IDEA algorithm for the session keys, and for obvious reasons prefers to continue to do so. However, the RSAREF routines have a `published interface' that only permits the system using a DES key. There are `low level' routines that do pure unadulterated RSA encryption of arbitrary data, crucial to PGP functions, but by the terms of the license the programmer is *not* allowed to call them! The reason for this restriction is presumably that a high-degree of backward-compatibility is required of the library, so that a strict adherence to use through `official' entry points must be preserved. However, this `hamstring connected' means that by no stretch of the imagination can RSAREF be considered a `general purpose RSA cryptography library' (in fact, it appears to be designed solely for meeting the PEM standard). It also means that the cryptographic security of RSAREF is quite curiously limited to that of DES. Rumor has it that Mark Riordan got permission to put in triple DES into RSAREF for RIPEM but so far it is unclear if Zimmerman and Bidzos can/will/have hammer(d) out something that allows the current PGP IDEA cipher. The backward compatibility of all previous PGP versions, and ultimately the integration of RSAREF into PGP, is at stake. Rumor has it that even Rivest (the R in RSA!) may be helping forge something favorable to everyone. Another complication of RSAREF that most on this list are probably familiar with is that it is not permitted to be used outside the U.S. Hence parallel versions of PGP must be maintained even if RSAREF would allow an IDEA implementation. One other complication is that Mr. Zimmerman, while apparently never directly profiting from PGP use, has before publicly `reserved the right' to attempt to gain some kind of compensation for his Herculean efforts on PGP, for which he has `a life sentence' and finds that it takes major amounts of his time and commitment, although he is also firm in his promise to keep it free. Of course, the position is not wholly compatible with RSA interests. Finally, I hear that negotiations are on pause while currently Mr. Zimmerman is in the middle of his May 19 - Jun 9 `PRZ EuroCrypt Tour' and is meeting PGP fanatics, groupies, and developers all over Europe! In fact, here's an excerpt from a message that made the rounds among some PGP contributors: >From 27 May until maybe 30 May, more or less, I'll be traveling >by train from Bergan, Norway, through Oslo, then on down to Copenhagen, >down to Hamburg, and over to Amsterdam. I'll be stopping along the way to >see some sights, having never been to Europe before. > >From 30(?) May til 6 June, I'll be hanging around Amsterdam and the >surrounding area, to see some things from something other than a train seat. > >From 6 June to 9 June, I'll be in Washington DC, giving a talk at the >7 June CPSR conference in DC. Then I'm going home. > >If any of you want to pass this on to the PGP fans in Europe, who are >fanatical enough to meet me over there in my travels, feel free. If I >play my cards right, I'll never have to buy lunch while I'm in Europe. Maybe with enough encouragement and hospitality he'll make it through the subsequent negotiations without strangling anyone or being strangled :) (You may be able to reach PRZ at prz@acm.org.) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 25 May 93 21:26:45 PDT To: cypherpunks@toad.com Subject: VinCrypt In-Reply-To: <9305252040.AA15879@banff.procase.com> Message-ID: <9305260423.AA29839@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Re: vincrypt package blatherings Can someone post the addresses of this company so that product literature might be ordered? I'm tempted to do a consumer education article exposing the danger of secret and unreviewed ciphers, non-trustable encryption packages, etc. It looks like these folks are prime candidates. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com Date: Tue, 25 May 93 19:10:51 PDT To: cypherpunks@toad.com Subject: Re: SIGINT and TEMPEST follies Message-ID: <9305260126.AA20182@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text In cypherpunks, fergp@sytex.com (Paul Ferguson) replied to my article (elisions[...] added) > > [...] The precise standards are classified (some SECRET, some > > CONFIDENTIAL COMSEC), [...], but as long > > as you're not using classified information as your sources, you can > > do anything you want. [...] > I beg your pardon, but this is _not_ the case. TEMPEST requirements > are _not_ classified and are available for public scrutiny. (You > obviously do not know where to look.) Ok, there may be standards that aren't classified. (Good!) I was referring to NACSIM 5100, 5100A, 5203, and their friends; different generations of the documents are NACSEM rather than NACSIM. > > TEMPEST isn't particularly about transients or electromagnetic pulses, > > it's about overall electromagnetic emissions. > > You're trying to separate issues that are one and the same. With the > proper equipment, I can put you and an IBM Selectric (tm) typewriter > on a wooden raft in the middle of Lake Superior, monitor and realize > every keystroke that you make and you'd not be the wiser. This type > of monitoring is easily defeated by low yield TEMPEST requirements. > I've worked in this area, Bill, and have tested these _facts_. I > don't care how you care to word it, it _is_ transient > electromagnetic emissions. I'm not arguing about whether the stuff works, I believe that :-) VT100s and Brother electronic typewriters are two other classic emitters; I hadn't heard that the IBM was loud, but it's certainly a good target. The wording *is* relevant when you're discussing whether a proposed acronym is real or made-up-to-fit, and as I said, > > I never saw TEMPEST expanded as an acronym in any of the > > documents I read. and the proposed expansions are really stretching credibility, as were the quoted article's contentions that using TEMPEST protection was illegal. > I know the technical specifics of TEMPEST (it is an acronym, BTW) If it really is, it sounds like they made up the name TEMPEST first and stretched the words *real* hard to fit, since it's not really about EMP. > > In the case of the Crippler Chip, however, you knew it had a built-in > > wiretap when you bought it, which changes some of the reasonable > > expectations about privacy a bit. > This issue is one where I must disagree with you emphatically. > The majority of the American public don't even know about Clipper. Sure, but if you're a pro-government court trying to rationalize the behavior of government officials, as the courts have been doing lately, the fact that most Americans haven't read the White House Press Releases or the New York Times won't be given much respect - they've found a presumed lack of privacy in the use of cordless phones, and I'll bet you a floppy disk they'll find some excuse to support unauthorized wiretapping of Crippler* phones if the things become widespread. > Stop the Wiretap (Clipper/Capstone) Chip. Yeah. Actually, I won't mind much if government officials use the system when for their internal communications; it's presumably fairly secure, and makes it possible to subpoena "secure" conversations by government officials if we need to, though it does risk giving the NSA more power over the rest of the government if they've stolen the keys. Bill Stewart * Clipper is a trademark of Intergraph. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com Date: Tue, 25 May 93 19:04:18 PDT To: cypherpunks@toad.com Subject: Re: Steganography Message-ID: <9305260134.AA21012@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text > Here is a pitfall to be avoided in Steganography using > low bits of AD converter output. Such converters may be biased > in their low bit. [...] Falling too close to 50% would be a clue that the data That's not too risky for graphics, since many scanned pictures aren't based on raw A/D converter output; they've been processed and squashed down to some smaller number of bits. A more serious concern is compressibility - a real image file is probably more compressible than a file with the low-order bit replaced by a crypto-bit, since the real data has moderate correlation and the crypto-bits are random. I doubt the Feds will immediately start looking to see if you're shipping GIF files that have significantly worse compression than average, but they'd probably find something if they did it. Bill Stewart From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Tue, 25 May 93 20:47:08 PDT To: jim@sytex.com Subject: Just the facts, ma'am. Message-ID: <9qX54B2w165w@sytex.com> MIME-Version: 1.0 Content-Type: text/plain Okay, folks. Let's bring this into focus. I don't like unfounded allegations, especially when they are involving my own communications providers, but let's let the truth be known. I'd like to summarize to the list several trains of thought and track this down to a reliable source. If, in fact, a UUNet operator/provider has, indeed, stated that this has been common practice, I think that it may behoove them to own-up to these allegations. Before I do confront the UUNet staff, however, I must get the allegations correct, and I therefore rely on you crypto-rebels to provide them for me. Please. In my original message I stated: >From: uunet!sytex.com!fergp (Paul Ferguson) Message-Id: Date: Tue, 25 May 93 16:30:06 EDT Organization: Sytex Communications, Inc On Tue, 25 May 1993 14:56:48 -0400, andrew m. boardman wrote - > Food for thought: that, at least as of recently, the NSA bought > weekly dumps of all usenet articles on tape. I highly doubt they > were for their reading pleasure... Is this hearsay, innuendo or fact? If fact, what can you site as reference to support your statement? If you know this to be fact, please cite your references and provide as much detail as possible. Cheers. - -- In subsequent posts, we received these replies. (I'd like to have additional affidavits, if necessary. If you do not care to get involved, fine. If you care, please re-affirm.) From: > Date: Tue, 25 May 1993 17:11:22 -0400 > From: Marc Horowitz >> Is this hearsay, innuendo or fact? If fact, what can you site as >> reference to support your statement? If you know this to be fact, >> please cite your references and provide as much detail as possible. > Rick Adams of UUNET confirmed on the com-priv list that his > organization had been selling the FBI a usenet feed on tape. I could > find the exact reference if you want. I don't know for sure that the > NSA has a feed, or from whom, but it wouldn't surprise me. I would like. Specifically, an e-mail address other than "postmaster." The point is this, Marc: Those of us who subscribe to UUNet through third party services have no idea that our communications may be recorded or archived for intelligence purposes (I know, but that's beside the point). If UUNet _is_ doing this without a broad policy statement, then I think a change is in order. Also, (and I do not implicitly imply that UUNet is responsible), I've had some very interesting problems passing encrypted traffic. For some strange reason, it just disappears. Fancy that. Should I question that? You bet. And I shall. I, and my comm provider, pays in good faith for our Internet services. We are protected under Law, and as far I know, UUNet does not expressly forbid encrypted _private_ communications. But, it happens. They just disappear sometimes. Go figure. > However, the obvious next point is, so what? It's a public system. > Any idiot can pay $20/month and get a public access account. If you > say something in a news post which you wouldn't want the FBI or NSA or > whoever to see, you're the person who has done something stupid. I beg your pardon. Since when does stupidity become a prerequisite for privacy rights violations? I'm not talking about Usenet or List posts, Marc, but private e-mail. > Tapping a news feed isn't like tapping a phone line. It's more like > turning on the television. Of course it is. This is not an issue. > Date: Tue, 25 May 1993 17:26:58 -0400 > From: andrew m. boardman > This was based on a verbal conversation at Interop with someone from > uunet, from whom the tapes are purchased. I or they could be > mis[led|informed|remembering], but if you really care, ask uunet. Thank you for your insights. I will ask UUNet, but I'm beginning to wonder if other local comm providers practice the same deceptions. Does anyone have any experiences with digex.com that they would like to share? If so, it would aid in our attempts to bring these unknown anomalies to light. I don't like spending money to have my private e-mail compromised. > Date: Tue, 25 May 93 18:28:31 EDT > From: Matt Blaze > Actually, the most alarming revelation here could be that someone at > uunet is going around casually disclosing information about their > customers. Actually, I find this possibility both extremely disturbing, yet possible. I don't wish that this what we will find out; I hope that legal inquiries will not be necessary. However, if information concerning these topics is not divulged voluntarily, then we must take legal action to bring this to the surface. > Most communications companies, especially those that seek to be > regarded as "common carriers", make quite clear to their employees > that customer data are among their most proprietary and that > revealing any of it is grounds for lightning-speed dismissal. > (Obviously, they reveal data that they SELL about their customers, > and will disclose anything on a court order, but that's not > what we're talking about here). Indeed, we are not speaking of the dissemination of USENet or List information, but rather private e-mail. > Date: Tue, 25 May 1993 19:13:37 -0400 > From: andrew m. boardman > Having just spoken to someone who contracts at the NSA (and no, > this name I will not post), he does not believe they get such a > beast, although, as many people have pointed out, the FBI did. > That, then, would be the origin of that, along with some TLA > confusion. I'd have to be presented with factual documentation to actually believe that. > A lot of people perceive the government as having neither a right > nor a need to privacy. Certainly there are also quite a few who > label themselves "privacy advocates" whose standards do a 180 > when the privacy involved is that of the likes of Mykotronx... Funny how that works, huh? The dumpster divers band together when t comes to stuff like that, from what I'm told. Cheers Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp@sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Anonymous Date: Tue, 25 May 93 20:47:09 PDT To: cypherpunks@toad.com Subject: No Subject Message-ID: <9305260350.AA27590@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain On Tue, 25 May 93 21:26:20 EDT, Bill_Stewart wrote - [ ... referring to earlier discussions on TEMPEST, ELINT and COMINT topics] > I'm not arguing about whether the stuff works, I believe that :-) It does, and I can expand further in subsequent paragraphs. > VT100s and Brother electronic typewriters are two other classic > emitters; I hadn't heard that the IBM was loud, but it's > certainly a good target. He used a very simplistic example, one which is electro-mechanical, as another list participant already pointed out. The same ELINT potential eavesdropping techniques exist, which range from keyboard monitoring (passive and active) to synchronic monitoring of "visual displays," which by all rights, parallels the electronic equivalent of monitoring your "visual" data; what is written to your visual display. > The wording *is* relevant when you're discussing whether a proposed > acronym is real or made-up-to-fit, and as I said, > > I never saw TEMPEST expanded as an acronym in any of the > > documents I read. > and the proposed expansions are really stretching credibility, > as were the quoted article's contentions that using TEMPEST protection > was illegal. TEMPEST was/is a specification that was written/developed to safeguard classified communications which were transmitted electronically, and rightly so. Digital Cryptanalysis is easy to record, measure and study; emissions are emissions. Its a well known fact that INT agencies were/are active in monitoring secure communications _recording_ for years, simply on the basis that the keys would be eventually compromised. The technical specifications of TEMPEST implementations on _SECURE_ systems are classified, likewise, the tempest requirements on confidential and FOUO (For Official Use Only) communications are less classified, at least to the level of their traffic. This was/is done in anticipation of secure, captured traffic analysis being eventually compromised. I have reason to believe that this exactly the tactics being mined now by the FBI/NIST/NSA. (whoops, slap my wrist) Traffic analysis is a dangerous concept when used in the wrong context, especially in a big brother capacity. Additionally (no classified information divulged here!), both the US INT agencies and the KGB sponsored intelligence agencies, recorded _all_ intercepted communications regardless of cryptographic tolerance, eventually under the guise that they would be compromised. This idealism alluded to the fact that compromised keys could be used to analyze past communications and provide information on future strategies. > *Clipper is a trademark of Intergraph. Oh, don't be silly. Uncle Sugar has already "officially" re-dubbed the chip the "Key Escrow" Chip. Silly, isn't it? Our Government is cheating us. Something needs to be done. Who's going to do it? Personally, I'm going to take fergp's suggestion and "question the powers that be." If any of you have a conscious, I'd suggest doing the same. To Eric Raymond: Include info on anon remailers and why they are important. Tell 'em "nobody" sent you. ;-) Quis Custodiet Ipsos Custodes? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: meyer Date: Tue, 25 May 93 21:14:20 PDT To: cypherpunks@toad.com Subject: AT&T Message-ID: <9305260406.AA02988@wixer> MIME-Version: 1.0 Content-Type: text/plain I recently switched my long distance carrier from AT&T to another, since they bribed me to do so with an offer of $35. Tonight a lady from AT&T called to ask why I switched. "They bribed me," I said. I said that I also had a problem with AT&T's support of the Clipper (or Wiretap) Chip. She had never heard of this, but I said to write this down on her report so that some higher-up in AT&T would get the message. She then offered to pay me $50 to switch back to AT&T. I thought, if I keep switching, and they keep upping the amount, eventually I can pay my rent this way. But no. I said: As long as AT&T supports the Clipper Chip I'll never return to AT&T! Ah, the pleasure of occupying the moral high ground. (Now, if they'd offered $500 ...) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Tue, 25 May 93 22:33:31 PDT To: hughes@soda.berkeley.edu (Eric Hughes) Subject: Re: VinCrypt In-Reply-To: <9305260423.AA29839@soda.berkeley.edu> Message-ID: <9305260533.AA12486@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain > Re: vincrypt package blatherings > Can someone post the addresses of this company so that product > literature might be ordered? > I'm tempted to do a consumer education article exposing the danger of > secret and unreviewed ciphers, non-trustable encryption packages, etc. > It looks like these folks are prime candidates. Don't just be tempted! Do it! It's your patriotic duty...or some such nonsense. Thanx in advance. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: stig@netcom.com (Stig) Date: Tue, 25 May 93 23:45:43 PDT To: prz@sage.cgd.ucar.edu Subject: Re: PGP: Environment protection for UNIX Message-ID: <9305260645.AA14381@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain I wrote: > > > main (int argn, char **argv, char **envv) > { > for ( ; *envv ; ++envv) { > if (!strncmp(*envv,"PGP",3)) { > char *c=*envv; > while (*c) *c++=' '; > } /* end of if */ > } /* end of for */ > system("printenv"); > sleep(10); > } > And I should've enclosed it in #ifdef STUPID ... #endif. I misread the putenv(3) man page and didn't realize that you could just use putenv("PGPPATH="); putenv("PGPPASS="); To wipe those variables out of your environment... They still might get caught by a 'ps -eaxuww' but chances are slim. Is it posible to alter your arguments so they're not visible to 'ps -auxww'? Well as a matter of fact, it does seems to work on my sparcstation: main (int argn, char **argv, char **envv) { system("ps -uww"); for (;*argv;++argv) { while (**argv) { *(*argv)++ = ' '; } /* end of while */ } /* end of for */ puts("--------------------------------"); system("ps -uww"); } Not elegant, but that's what makes it a GLP (grungy little program). So, is there a more elegant way to do this? How portable is it? Finally, of how much use is it? Stig /* Jonathan Stigelman, Stig@netcom.com, PGP public key on request */ /* fingerprint = 32 DF B9 19 AE 28 D1 7A A3 9D 0B 1A 33 13 4D 7F */ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peter honeyman Date: Tue, 25 May 93 20:58:09 PDT To: wcs@anchor.ho.att.com Subject: Re: Steganography In-Reply-To: <9305260134.AA21012@anchor.ho.att.com> Message-ID: <9305260358.AA07063@toad.com> MIME-Version: 1.0 Content-Type: text/plain > A more serious concern is compressibility - > a real image file is probably more compressible than a file with the > low-order bit replaced by a crypto-bit, since the real data has moderate > correlation and the crypto-bits are random. I doubt the Feds will immediately > start looking to see if you're shipping GIF files that have significantly > worse compression than average, but they'd probably find something if they did it. how many bits are we talking about here? suppose it's two in sixteen. 7/8 of the compressible bits remain. so if the normal compressibility is 2:1, taking two out of sixteen bits would leave 1.75:1 compression. is that a "notable" difference? i haven't been paying close enough attention -- is two out of sixteen a realistic amount? it seems high to me. if it's one out of sixteen, the effect is only a 6.25% reduction in compression. is that notable? peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Z3KPW@ttacs1.ttu.edu Date: Tue, 25 May 93 22:46:53 PDT To: cypherpunks@toad.com Subject: Re: VinCrypt Message-ID: <01GYM1VTYBEG8Y629U@ttacs1.ttu.edu> MIME-Version: 1.0 Content-Type: text/plain Hey, an older version of VinCrypt has been out and freely distributable for months. It's a Video Vindicator release, so you could get it from a VV site like Demon Roach Underground BBS or the cDc ftp site (zero.cypher.com) if you wanted to take a look at an old version. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: stig@netcom.com (Stig) Date: Wed, 26 May 93 00:55:28 PDT To: J. Michael Diehl Message-ID: <9305260755.AA18959@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain On May 26, 1:07am, J. Michael Diehl wrote: > Well, I like this one. It lets you put little messages in place of argv[0]. > > #include > > char buff[100]; > int esc = 27; > > void main(int argc, char *argv[]) > { > puts("Enter message.\n"); > scanf("%s", buff); > execl("/nfs/dorado/unsup/bin/ftp", buff, NULL); > } > Yeah, I like that too... 'cept if you need to pass args, it doesn't provide a covert channel. I confess to not having read my PGP manuals yet, but is there an interactive mode to PGP? If there WERE (hint), then it could be run as a subprocess of emacs or a mail program and thus be a) more convenient and b) the whole hub-bub about people snooping your environment would be a non-issue. Stig /* Jonathan Stigelman, Stig@netcom.com, PGP public key on request */ /* fingerprint = 32 DF B9 19 AE 28 D1 7A A3 9D 0B 1A 33 13 4D 7F */ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Wed, 26 May 93 00:07:48 PDT To: stig@netcom.com (Stig) Subject: Re: PGP: Environment protection for UNIX In-Reply-To: <9305260645.AA14381@netcom.netcom.com> Message-ID: <9305260707.AA15163@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain > I wrote: > > main (int argn, char **argv, char **envv) > > { > > for ( ; *envv ; ++envv) { > > if (!strncmp(*envv,"PGP",3)) { > > char *c=*envv; > > while (*c) *c++=' '; > > } /* end of if */ > > } /* end of for */ > > system("printenv"); > > sleep(10); > > } > And I should've enclosed it in #ifdef STUPID ... #endif. I misread > the putenv(3) man page and didn't realize that you could just use > > putenv("PGPPATH="); > putenv("PGPPASS="); > > To wipe those variables out of your environment... They still might > get caught by a 'ps -eaxuww' but chances are slim. Is it posible to > alter your arguments so they're not visible to 'ps -auxww'? Well, I like this one. It lets you put little messages in place of argv[0]. #include char buff[100]; int esc = 27; void main(int argc, char *argv[]) { puts("Enter message.\n"); scanf("%s", buff); execl("/nfs/dorado/unsup/bin/ftp", buff, NULL); } +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: meyer Date: Wed, 26 May 93 01:11:08 PDT To: cypherpunks@toad.com Subject: Funny bounce Message-ID: <9305260718.AA20903@wixer> MIME-Version: 1.0 Content-Type: text/plain My previous message to cypherpunks, the one which had subject heading "AT&T" and which began: "I recently switched my long distance carrier from AT&T to another, since they bribed me to do so with an offer of $35." seemed to be posted OK (it apparently came back to me as expected) but I also got this funny bounce message: >From attmail.com!uucp@cactus.org Tue May 25 23:37:59 1993 >Received: by wixer (5.65/1.35) > id AA10857; Wed, 26 May 93 00:16:57 -0500 >From: attmail.com!uucp@cactus.org >Received: from att.att.com by cactus.org (4.1/SMI-4.1) > id AA17609; Tue, 25 May 93 23:37:59 CDT >Message-Id: <9305260437.AA17609@cactus.org> >Date: 25 May 93 20:30:47 GMT >To: wixer!wixer.bga.com!meyer@cactus.org >Report-Version: 2 >Received: by /C=US/AD=ATTMAIL;Wed May 26 04:28:34 -0000 1993 >Received: by /C=US/AD=ATTMAIL/PD=DCA;Tue May 25 20:30:47 GMT 1993 >Confirming-Mts-Message-Id: >Confirming-Ua-Content-Id: >Original-Date: Wed May 26 04:27:53 GMT 1993 >Not-Delivered-To: mhs!dca/G=bryan/S=petty/OU=dcaicc due to 01 Invalid Address Specification >Content-Type: message >Status: RO > >Message-Version: 2 >From: internet!cactus.org!wixer!wixer.bga.com!meyer/S=meyer >UA-Content-ID: >End-of-Header: >EMail-Version: 2 >Subject: AT&T >UA-Message-ID: >To: internet!cactus.org!wixer!wixer.bga.com!internet!toad.com!cypherpunks >End-of-Protocol: >Content-Type: text >Content-Length: 755 > >I recently switched my long distance carrier from AT&T to another, >since they bribed me to do so with an offer of $35. > >[Rest of message deleted - PM.] This seems odd. What's going on? Do all messages with "AT&T" in the subject line get siphoned off somewhere for review? Did this one generate a bounce message because the account of Bryan Petty, AT&T spy, wasn't receiving tonight? OK, I'm just paranoid. (Paranoia - that's your state of mind when you finally realize what's really going on.) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: meyer Date: Wed, 26 May 93 01:24:53 PDT To: cypherpunks@toad.com Subject: Request for proposals Message-ID: <9305260817.AA18988@wixer> MIME-Version: 1.0 Content-Type: text/plain We've just released new versions of Dolphin Encrypt and Dolphin Encrypt Advanced Version, and have a few of the older manuals left over (almost the same as the new ones). If you'care to propose writing a review of this encryption software (to appear where?) and you're not obviously a government spy, then send me a message and I'll probably allow myself to be persuaded to send you a complimentary review copy (older manuals, but newest version of the software). You'll have to agree to allow your email address to be given to the other recipients of complimentary copies so that you have the opportunity to exchange email among yourselves encrypted using Dolphin Encrypt. Offer good while supplies last. Offer void whererohibited. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Pat Farrell" Date: Wed, 26 May 93 05:33:08 PDT To: cypherpunks@toad.com Subject: Mike's bummer moving adventure Message-ID: <30838.pfarrell@cs.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain This is a bit off topic, please excuse the list bandwidth... Today's (5/26/93) Washington Post has a story on page 1 of the Style section about net-lawyer and occasional cypherpunk poster Mike Godwin (mneumonic@eff.org). Seems that Mike just moved from Cambridge to Washington DC, and the moving truck that had all his stuff caught fire and burned. He lost "90%" of his stuff, books, clothes, records, family photos, etc. Serious bummer. The article says that he went onto the WELL and the electronic community offered to help replace some of his books, etc. A word or two from our community might help raise his spirits. Pat Pat Farrell Grad Student pfarrell@cs.gmu.edu Department of Computer Science George Mason University, Fairfax, VA Public key availble via finger #include From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jthomas@kolanut.mitre.org (Joe Thomas) Date: Wed, 26 May 93 06:15:32 PDT To: cypherpunks@toad.com Subject: Re: Just the facts, ma'am. Message-ID: <9305261314.AA07134@kolanut> MIME-Version: 1.0 Content-Type: text/plain Paul Ferguson writes: > Okay, folks. Let's bring this into focus. > > I don't like unfounded allegations, especially when they are involving > my own communications providers, but let's let the truth be known. I'd > like to summarize to the list several trains of thought and track this > down to a reliable source. If, in fact, a UUNet operator/provider has, > indeed, stated that this has been common practice, I think that it may > behoove them to own-up to these allegations. Before I do confront the > UUNet staff, however, I must get the allegations correct, and I > therefore rely on you crypto-rebels to provide them for me. Please. > > [summary deleted] > > Thank you for your insights. I will ask UUNet, but I'm beginning to > wonder if other local comm providers practice the same deceptions. > Does anyone have any experiences with digex.com that they would like > to share? Nothing but good ones. Doug Humphrey even posted to the list a few times as I recall. I'm still not sure I see a problem with someone providing a newsfeed to the NSA, FBI, or anyone else, though. > [some good stuff elided, but nothing relevant to the following statement:] > Indeed, we are not speaking of the dissemination of USENet or List > information, but rather private e-mail. What? When did we start speaking of that? I'd be very interested in hearing more about this. Joe From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mark Date: Tue, 25 May 93 16:39:51 PDT To: cypherpunks@toad.com Subject: Re: Say again? Message-ID: <9305252339.AA29243@toad.com> MIME-Version: 1.0 Content-Type: text/plain > >This was based on a verbal conversation at Interop with someone from > >uunet, from whom the tapes are purchased. I or they could be > >mis[led|informed|remembering], but if you really care, ask uunet. > >Having just spoken to someone who contracts at the NSA (and no, this name >I will not post), he does not believe they get such a beast, although, as >many people have pointed out, the FBI did. That, then, would be the >origin of that, along with some TLA confusion. Wouldnt the NSA just get a feed to their internet machines, say maybe dockmaster.ncsc.mil? All they would have to pay for is the line, which is there anyway. No need to buy tapes. Makes more sense to me. I assume they have news readers on Multics systems :) Mark mark@coombs.anu.edu.au From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Wed, 26 May 93 07:16:35 PDT To: operator@uunet.uu.net Subject: Questionable instances? Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Wed, 26 May 93 2:18:52 CDT, Peter Meyer wrote - > My previous message to cypherpunks, the one which had > subject heading "AT&T" and which began: > "I recently switched my long distance carrier from AT&T to another, > since they bribed me to do so with an offer of $35." > seemed to be posted OK (it apparently came back to me as expected) > but I also got this funny bounce message: >From attmail.com!uucp@cactus.org Tue May 25 23:37:59 1993 [ remainder of header deleted ] > This seems odd. What's going on? Do all messages with "AT&T" in the > subject line get siphoned off somewhere for review? Did this one > generate a bounce message because the account of Bryan Petty, AT&T spy, > wasn't receiving tonight? OK, I'm just paranoid. (Paranoia - that's > your state of mind when you finally realize what's really going on.) At least I'm not the only one who has recently noticed this. I had to do a double take when I received not only my original post on UUNet questions from cypherpunks-request@taod.com, but I received a second copy with this header: From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uunet!attmail.com!uucpinternet!sytex.com!fergp/G=Paul/S=Ferguson Date: Wed, 26 May 93 03:18 EDT To: sytex.com!fergp Subject: Just the facts, ma'am. Message-ID: <9305260417.AA03910@relay2.UU.NET> MIME-Version: 1.0 Content-Type: message message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Wed, 26 May 93 11:46:47 PDT To: postmaster@uunet.uu.net Subject: Questionable instances? In-Reply-To: <9305261805.AA03358@wendy-fate.UU.NET> Message-ID: <9305261841.AA17459@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >I can only assume that the bounce came to you becasue the >cpypherpounk list isn't set to make bounces go to the list >maintainer. This is the first of these messages we've had for six months, as the bounce messages do in fact go back to the maintainer, me, quite regularly. I get on the order of 300-400 per week, since often a bad address will queue up mail for a few days before bouncing it all. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Wed, 26 May 93 09:17:28 PDT To: jthomas@access.digex.com Subject: Digital Bit Bucket Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Wed, 26 May 93 09:14:50 EDT, Joe Thomas wrote - >> Indeed, we are not speaking of the dissemination of USENet or List >> information, but rather private e-mail. > What? When did we start speaking of that? I'd be very interested in > hearing more about this. Before I say anything further, let me clarify that I am making no specific allegations directed towards anyone. There have just been some questionable occurrences of late that are very weird (read: spooky) which I find little reason to dismiss as coincidental. Vanishing e-mail (both coming and going), duplicate list posts with odd originator headers and routing info. As I said before, I'd just like a few things explained and put into their perspective context. Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp@sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Wed, 26 May 93 09:17:45 PDT To: kelly@netcom.com Subject: Son of Digital Bit Bucket (or, Someone ate my e-mail!) Message-ID: <5kZ64B4w165w@sytex.com> MIME-Version: 1.0 Content-Type: text/plain Kelly Goen: Please attempt to resend all previous unacknowledged traffic. Please excuse my use of the list for off-topic/personal purposes, but due to to some recent unexplained message dissappearances, I'm left with few options. Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp@sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mike Godwin Date: Wed, 26 May 93 09:18:24 PDT To: pfarrell@cs.gmu.edu Subject: Re: Mike's bummer moving adventure In-Reply-To: <30838.pfarrell@cs.gmu.edu> Message-ID: <199305261619.AA04350@eff.org> MIME-Version: 1.0 Content-Type: text/plain Pat Farrell writes: > The article says that he went onto the WELL and the electronic community > offered to help replace some of his books, etc. A word or two from our > community might help raise his spirits. Thanks for the good thoughts, Pat. Anyone who wants the details of my own little disaster down here should send me e-mail--offers of help are appreciated. One request this list could help me with: Does anyone know how I can find a hardbound copy of Kahn's THE CODEBREAKERS. I didn't own a copy before the fire, but I had started my crypto collection, and I'll be continuing to work on it. --Mike From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Wed, 26 May 93 09:32:31 PDT To: stig@netcom.com (Stig) Subject: Re: PGP: Environment protection for UNIX In-Reply-To: <9305260645.AA14381@netcom.netcom.com> Message-ID: <9305261631.AA19652@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain Stig says: [More on environment wiper] The environment wiper seems silly to me. If the enclosing shell still has the environment in question, ps will still reveal it. If the enclosing shell does not have the environment variables in question, then what was the point? .pm From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: TO1SITTLER@APSICC.APS.EDU (Kragen Sittler) Date: Wed, 26 May 93 11:52:16 PDT To: cypherpunks@toad.com(Those rascals...) Subject: Re: Steganography and Steganalysis Message-ID: <930526125012.3b06@APSICC.APS.EDU> MIME-Version: 1.0 Content-Type: text/plain Begin quote from gnu@toad.com on Tue, 25 May 1993 15:27:27 -0700 From: gnu@toad.com (John Gilmore) Message-Id: <9305252227.AA27968@toad.com> To: kqb@whscad1.att.com, cypherpunks@toad.com, gnu@toad.com Subject: Re: Steganography and Steganalysis In-Reply-To: <9305252149.AA27051@toad.com> Date: Tue, 25 May 93 15:27:27 -0700 My favorite scheme was to encode messages in trailing spaces and/or tabs in netnews messages. You could also put internal tabs in place of spaces. In fact, you could do this with news messages that flow "through" your site, (if the messages aren't protected with a crypto checksum), so that you would not be the message's sender (and it wouldn't be addressed to anyone either -- recipients get very good privacy). This would be one way for a Unix "worm" program to report back to its master...and/or receive instructions. John Gilmore PS: You could put short interesting stuff just in your message-ID's! Not to mention the low order bits of timestamps (exactly *what* second did it arrive, now?). ===================================================================== Trailing spaces, however, are likely to be changed by other sites: padded or cut. This might be a good idea if you used mime/PGP's radix-64 or uuencode or something similar. Kragen From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: smb@research.att.com Date: Wed, 26 May 93 09:57:26 PDT To: Mike Godwin Subject: Re: Mike's bummer moving adventure Message-ID: <9305261657.AA28422@toad.com> MIME-Version: 1.0 Content-Type: text/plain Pat Farrell writes: > The article says that he went onto the WELL and the electronic commu nity > offered to help replace some of his books, etc. A word or two from o ur > community might help raise his spirits. Thanks for the good thoughts, Pat. Anyone who wants the details of my own little disaster down here should send me e-mail--offers of help are appreciated. One request this list could help me with: Does anyone know how I can find a hardbound copy of Kahn's THE CODEBREAKERS. I didn't own a copy before the fire, but I had started my crypto collection, and I'll be continuing to work on it. It's still in print: STATUS: Active entry TITLE: The Codebreakers AUTHOR: Kahn, David PUBLISHER: Macmillan PUBLICATION DATE: 09/1967 (670901) LCCN: N/A BINDING: Text ed., $60.00 ISBN: 0-02-560460-0 VOLUME(S): N/A ORDER NO.: N/A IMPRINT: N/A STATUS IN FILE: New, 80-12 SUBFILE: ST (Scientific and Technical Books and Serials in Print) LIBRARY OF CONGRESS SUBJECT HEADINGS: CRYPTOGRAPHY (00118102) PAPERBOUND BOOK SUBJECT HEADINGS: HISTORY-GENERAL-STUDY AIDS (00001338) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fnerd@smds.com (FutureNerd Steve Witham) Date: Wed, 26 May 93 13:47:03 PDT To: Dr. Cat Subject: Re: Digital cash issues... Message-ID: <9305261714.AA04972@smds.com> MIME-Version: 1.0 Content-Type: text/plain > Regarding the issue of what to do under Chaum's scheme when someone double- > spends a piece of digital cash & their identity is revealed... I don't think > it's going to be a serious hindrance in the long term. ... Any credit card > company, phone company, or other corporation that does a lot of billing > already has staff dedicated solely to that function, with collection agencies > providing a second tier of functionality for the tougher cases. > > Dr. Cat / Dragon's Eye / New traditions for the next century Yes, but we would like to steer towards a world where no one you do business with knows or can reconstruct who you are or where you live. "Collection"-- the whole idea of "billing," in fact--is a way of doing business that's rooted in non-privacy. But also it's based on wanting to make transactions easier for people in a world without easy electronic transactions, accounting, budgeting, negotiation, reputations, etc. So maybe with these sorts of things, billing would be unnecessary. Anyway, thinking up variations on offline payment systems is a passtime of mine. Situations where people can't be online with the bank are special cases, so you can make up special-case solutions, like o "Tokens" or gift certificates that you buy in advance, or o Annonymous checks that expire and are refundable if the (specific, annonymous) payees don't cash them in a certain amount of time. Credit as it exists often seems like a trade with the devil of privacy invasion. Jeez, what would the world be like without *credit cards* and *junk mail*!? -fnerd From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Bob Stratton Date: Wed, 26 May 93 10:29:26 PDT To: cypherpunks@toad.com Subject: Re: Just the facts, ma'am. Message-ID: <9305261329.AA11706@horton.legato.com> MIME-Version: 1.0 Content-Type: text/plain > Date: Wed, 26 May 93 09:14:50 EDT > From: jthomas@kolanut.mitre.org (Joe Thomas) > Subject: Re: Just the facts, ma'am. > > > > Thank you for your insights. I will ask UUNet, but I'm beginning to > > wonder if other local comm providers practice the same deceptions. > > Does anyone have any experiences with digex.com that they would like > > to share? > > Nothing but good ones. Doug Humphrey even > posted to the list a few times as I recall. I'm still not sure I see > a problem with someone providing a newsfeed to the NSA, FBI, or anyone > else, though. > As one of the former tech-weenies at Express Access, and now just a friend with no formal association to the business, I feel compelled to give you my thoughts on that particular service provider. Rarely will you find a system administration staff more concerned with your privacy that the guys at Digital Express Group. As I recall, the set of username->real name mappings isn't even on machine readable media on the system. When I was working with them, we had a big book, and people only accessed the book when absolutely necessary, for instance to inform a user of a file system problem or the like. In fact, on several instances, I would ask other staff people who a particular username belonged to when I had a need to contact them - more often than not, they/we couldn't remember, and I had to look it up anyway. This was by design. From day one, there was a policy of not disclosing customer information to ANYONE without a warrant. To date, thankfully, I don't think that it's been put to the test, though I have no doubts as to the grief they'll give those trying to get the information. The original machine room was one of the best jobs of low-cost RFI/EMI shielding construction I've ever seen. (BTW, the foam insulation with foil on both sides is a boon to mankind.) It wasn't really intended to keep people from looking at the emissions as to keep the emissions from wiping out all the shortwave receivers in use, but hey, every little bit helps. I'm still a user there, and I have a hell of a lot of respect for that crew. I would also implicitly trust them as a site for anonymous remailing, key certification, or the like. I hope that becomes a part of their business focus in the future, because we need service providers who won't be intimidated. --Strat From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: meyer Date: Wed, 26 May 93 12:41:18 PDT To: cypherpunks@toad.com Subject: DE platform Message-ID: <9305261837.AA13410@wixer> MIME-Version: 1.0 Content-Type: text/plain My apologies for not thinking to state what platform Dolphin Encrypt currently runs on. It's vanilla MS-DOS. Other versions are planned. The Dolphin Encryption Library (16 or so functions, containing the core encryption functions from DE) is also for MS-DOS (designed to work with the Microsoft and Borland development systems). This is all standard ANSI C code, so should port to other platforms without much problem. Currently there's a Clipper-oriented (that's the database language) version in preparation. Developers on other platforms (Unix, Amiga, etc.) who are interested in porting the library should send me email. I am most interested in contacting someone who can not only port the library but also market it. Porting of the Dolphin Encrypt program is a Stage II task, and depends on successful porting of the library. -- Peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Kyle Jones Date: Wed, 26 May 93 11:05:24 PDT To: fergp@sytex.com (Paul Ferguson) Subject: Questionable instances? In-Reply-To: Message-ID: <9305261805.AA03358@wendy-fate.UU.NET> MIME-Version: 1.0 Content-Type: text/plain I can only assume that the bounce came to you becasue the cpypherpounk list isn't set to make bounces go to the list maintainer. The message was in fact a bounce, as this header testifies. Not-Delivered-To: mhs!dca/G=bryan/S=petty/OU=dcaicc due to 01 Invalid Address Specification From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "John (FuzzFace/Fast-Eddie) McMahon" Date: Wed, 26 May 93 11:22:35 PDT To: cypherpunks@toad.com Subject: Selling Tapes ? Message-ID: <01GYMU6G53OY003ADN@Eisner.DECUS.Org> MIME-Version: 1.0 Content-Type: text/plain > Rick Adams of UUNET confirmed on the com-priv list that his > organization had been selling the FBI a usenet feed on tape. I could > find the exact reference if you want. I don't know for sure that the > NSA has a feed, or from whom, but it wouldn't surprise me. Seems like the low tech way of doing it. Both organizations have machines on the Internet right now. FBI is hooked in via ALTERNet, and the NSA (NCSC) is on the MILnet. % traceroute ard.fbi.gov % traceroute tycho.ncsc.mil (and see what happens) Cheers! Fuzz From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@eli-remailer Date: Wed, 26 May 93 14:26:46 PDT To: cypherpunks@toad.com Subject: Rivest evaluation of SecurID smart card Message-ID: <9305262126.AA05992@toad.com> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- I thought this might be of some interest to the CypherPunks list. DEADBEAT - - - - - - - - - TO: Kenneth P. Weiss, Chairman Security Dynamics, Inc. 2067 Massachusetts Avenue Cambridge, Massachusetts 02140 FROM: Ronald L. Rivest /initials RLR/ DATE: April 7, 1987 RE: Evaluation of SecurID Approach to User Identification This memo provides a brief overall evaluation of your SecurID product, as you have requested, suitable for limited distribution. (It does not contain any of the proprietary information you have disclosed to me.) General Approach The SecurID card generates a pseudorandom sequence of displayed numbers: the displayed number us changed every 60 seconds. The sequence is "pseudorandom" rather than truly "random" in the sense that it is generated by applying a (proprietary) algorithm and secret key to a representation of the current time. Thus, a host computer knowing the algorithm and the secret key in the card can compute the number displayed on the user's card at any moment. Clearly, the numbers produced by such a card can be used in place of a conventional "PIN" or "password" for access control or user authentication, if the host is prepared to compute the number currently displayed on the user's card. That is, the user could enter the displayed number instead of a remembered PIN or password when he is asked to authenticate himself when initiating a login or financial transaction. One can obtain additional security by first combining a user-remembered PIN with the displayed number, so that the user is authenticated both by "what he knows" as well as "what he possesses". For example, if both the displayed number and the user's PIN are decimal numbers, the combining operation could be "add digit-by-digit without carry". The host computer, knowing both the user's PIN and the displayed number, can compute the correct value for comparison. Security Evaluation 1. An End-to-End Approach One major advantage of your approach is that it is an "end-to-end" technique: no intermediate nodes in the communication network are entrusted with any security responsibilities. The only places where secret information needs to be maintained and manipulated are the user's card and his host computer. By contrast, an approach which encrypts PINs and transmits them in encrypted form to the user's host computer may -- in a large, diverse, multiorganization network -- require tremendous complexity in terms of key management overhead and will necessitate a great deal of trust between the participating organizations. In my consulting work I have seen large organizations work very hard to design "end-to-end" authentication protocols because of their intrinsically greater security and simplicity. 2. Pseudo-random number generation As noted above, your card generates a pseudo-random sequence of numbers by applying a proprietary algorithm to a secret key and the current time (measured to the minute). The secret key is known only by the user's card and host computer. The system could be compromised if an "enemy" could predict future numbers to be displayed by the card, from past observed values. (These numbers are transmitted in the clear, and are not encrypted. This makes your approach valuable for logging in from a "dumb" terminal, but makes it possible for a wiretapper to obtain a set of previously values produced by the card.) However, I do not believe this attack can be successfully mounted against your system. I have tried to "break" your system in this manner, without success. The proprietary algorithm (which you have disclosed to me) is based on sound cryptographic principles; it is likely that the best approach to "breaking" this system is a brute-force search for the secret key. Since the secret key you use is longer than that used by DES, I believe that this approach is infeasible in practice. (I should note that while my examination of your algorithm was intensive and covered all aspects of the algorithm, it was of necessity an examination of limited duration. Some of your customers, such as those involved with matters of national security, will certainly want to see your algorithm subjected to additional intensive scutiny [sic] before adopting it for use.) Thus, I believe the sequence of numbers produced by your card will be unpredictable by an "enemy", even if he sees previously produced numbers. Therefore: o The ability to produce the number that is correct for the current time is a sound guarantee that the person logging in actually posesses [sic] the correct SecurID card. o The numbers produced do not need to be encrypted, since knowledge of past values will not allow an enemy to predict future values. Of course, other cryptographic algorithms could be used to produce the pseudo-random number sequence from the secret key and the current time. For example, one could use DES. (Given recent events, the algorithms should perhaps be called "ODES" for the _Old_ Data Encryption Standard".) However, given the shorter key length and greater implementation cost of DES, I don't see any advantage here other than that it is (or was) a standard that withstood at one time a careful review. (This, however, may be significant to some of your customers.) It is also perhaps worth noting that your algorithm, while easier to implement than DES, is more computation-intensive than DES, making a brute-force search substantially more difficult to mount. 3. Combining operations Additional security can be obtained by combining the displayed number with a user-remembered PIN, say by adding them digit-wise with carries omitted. While this combining operation is very simple, it is easy to prove that if the displayed number sequence is unpredictable, then adding a PIN to the sequence won't change this fact. Furthermore, the PIN itself is protected from disclosure, unless the "enemy" can obtain both the current displayed value and the value after the PIN has been added. However, to obtain the first requires access to the card, and to obtain the second requires wiretapping; these are not likely to be simultaneously available. (The risk here seems less than the risk that the keyboard is tapped in a conventional password scheme.) A similar analysis applies to using the displayed number sequence to "encrypt" values other that the PIN; this operation should provide the desired security. Summary The approach used in your SecurID product is novel, and offers security advantages over conventional PIN or password schemes. The cryptographic algorithm employed should provide a high degree of security. Dr. Ronald L. Rivest is a Professor in the Electrical Engineering and Computer Science Department of the Massachusetts Institute of Technology. He is a renowned world class cryptologist. Professor Rivest is one of the co-inventors of the RSA public-key cryptosystem, is a founder of RSA Data Security, Inc., and is on the Board of the International Association for Cryptologic Research. -----BEGIN PGP SIGNATURE----- Version: 2.2 iQBFAgUBLAPfX/FZTpBW/B35AQFSFAF/T+Bcc2a7PWGeyn1UN0rGcWj65u+1vdyv O8Vh5sjyr1J5ELZ99fwEuO29OmQJvwCD =QVMm -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: composer@Beyond.Dreams.ORG (Jeff Kellem) Date: Wed, 26 May 93 11:39:22 PDT To: Bob Stratton Subject: Re: Just the facts, ma'am. In-Reply-To: <9305261329.AA11706@horton.legato.com> Message-ID: <9305261839.AA05185@Beyond.Dreams.ORG> MIME-Version: 1.0 Content-Type: text/plain On the cypherpunks mailing list, Strat wrote... > Rarely will you find a system administration staff more concerned with > your privacy that the guys at Digital Express Group. As I recall, the > set of username->real name mappings isn't even on machine readable media > on the system. Really? That's odd, especially for a unix box, which access.digex.com seems to be. And, as a matter of fact, it does seem to show "Robert Stratton" for the username of "strat". So, it seems they do maintain username to "real name" mappings (even if they allow the user to change the "real name" listed. > When I was working with them, we had a big book, and people only > accessed the book when absolutely necessary, for instance to inform a > user of a file system problem or the like. ... > This was by design. As a side note, this sounds like a bad design.. keeping things on paper for a computer system. Perhaps, a disconnected computer system.. but, when you start talking a few thousand users, the paper begins to really become troublesome for maintaining information on accounts. ;-) FYI... -jeff Jeff Kellem Internet: composer@Beyond.Dreams.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: TO1SITTLER@APSICC.APS.EDU (Kragen Sittler) Date: Wed, 26 May 93 13:57:58 PDT To: cypherpunks-real@toad.com Subject: private e-mail compromising Message-ID: <930526145606.413c@APSICC.APS.EDU> MIME-Version: 1.0 Content-Type: text/plain Where in all of the previous messages about uunet did it say they were selling the NSA anyone's email? If I read it right, all they were doing was selling a netnews feed on tape! Kragen From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: composer@Beyond.Dreams.ORG (Jeff Kellem) Date: Wed, 26 May 93 12:22:49 PDT To: fergp@sytex.com (Paul Ferguson) Subject: Re: Just the facts, ma'am. In-Reply-To: <9qX54B2w165w@sytex.com> Message-ID: <9305261922.AA05288@Beyond.Dreams.ORG> MIME-Version: 1.0 Content-Type: text/plain On the cypherpunks mailing list, Paul Ferguson wrote... > The point is this, Marc: Those of us who subscribe to UUNet through > third party services have no idea that our communications may be > recorded or archived for intelligence purposes (I know, but that's > beside the point). If UUNet _is_ doing this without a broad policy > statement, then I think a change is in order. I think you're jumping to (incorrect, IMO) conclusions here. All that was said was that an organization (the FBI, in this case) bought a USENET feed. Yes, distribution on tapes is still a feed of sorts (albeit a slow one with a bursty latency ;-). There is nothing wrong with that, as it is one of the services which UUNET Technologies provides. There is NO REASON to believe or even assume that UUNET Technologies is archiving other non-publically available communications, such as e-mail, etc. > Also, (and I do not implicitly imply that UUNet is responsible), I've > had some very interesting problems passing encrypted traffic. For some > strange reason, it just disappears. Fancy that. Should I question > that? You bet. And I shall. I, and my comm provider, pays in good > faith for our Internet services. We are protected under Law, and as > far I know, UUNet does not expressly forbid encrypted _private_ > communications. But, it happens. They just disappear sometimes. Go > figure. Sure, question it. But, also look into the problem from a real technical standpoint first, instead of just jumping to conclusions. Talk to the people you're attempting to communicate with -- maybe it's a problem on their end. Talk to your communications provider.. or maybe it's a problem somewhere along the path you're communicating through. Always check potential technical problems before jumping to (probably unfounded and paranoid) conclusions. [I'm not saying you shouldn't keep them in mind, as you should always consider all scenarios when trying to track down a problem. But, they should be in the background, not the foreground, at first.] I've just watched too many people jump to the conclusion that whatever problem was occurring was being done purposely to them.. NOT that it could just be a technical glitch... when, is WAS just a technical problem. Usually, it's just a technical problem that needs to be resolved. > Marc Horowitz wrote... > > However, the obvious next point is, so what? It's a public system. > > Any idiot can pay $20/month and get a public access account. If you > > say something in a news post which you wouldn't want the FBI or NSA or > > whoever to see, you're the person who has done something stupid. > > I beg your pardon. Since when does stupidity become a prerequisite for > privacy rights violations? I'm not talking about Usenet or List posts, > Marc, but private e-mail. But, the discussion previously WAS referring to USENET. When you speak publically, you don't assume that it's private. So, in that context, you're not speaking of privacy rights violations. > Thank you for your insights. I will ask UUNet, but I'm beginning to > wonder if other local comm providers practice the same deceptions. I haven't seen any indication of deceptions. Unless, of course, you're referring to mentioning that the FBI is/was a customer. But, then, I (and anyone else) can find out most UUNET customers who have USENET newsfeeds very easily just by looking through the USENET maps. So, I don't see that as much of a problem, as long as they're not providing other customer details. I trust UUNET's staff on maintaining that privacy, knowing some of them personally. > If so, it would aid in our attempts to bring these unknown anomalies > to light. I don't like spending money to have my private e-mail > compromised. Which is understandable, though I don't believe your e-mail has been compromised from what I've seen posted on cypherpunks. Just some thoughts on the matter... -jeff Jeff Kellem Internet: composer@Beyond.Dreams.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: smb@research.att.com Date: Wed, 26 May 93 12:28:43 PDT To: "John (FuzzFace/Fast-Eddie) McMahon" Subject: Re: Selling Tapes ? Message-ID: <9305261928.AA02631@toad.com> MIME-Version: 1.0 Content-Type: text/plain > Rick Adams of UUNET confirmed on the com-priv list that his > organization had been selling the FBI a usenet feed on tape. I coul d > find the exact reference if you want. I don't know for sure that th e > NSA has a feed, or from whom, but it wouldn't surprise me. Seems like the low tech way of doing it. Both organizations have machines on the Internet right now. FBI is ho oked in via ALTERNet, and the NSA (NCSC) is on the MILnet. % traceroute ard.fbi.gov % traceroute tycho.ncsc.mil (and see what happens) This incident goes back quite a while, to the days when uucp was the normal (and almost the only) way of getting netnews. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jthomas@kolanut.mitre.org (Joe Thomas) Date: Wed, 26 May 93 12:49:49 PDT To: cypherpunks@toad.com Subject: Re: Just the facts, ma'am. Message-ID: <9305261949.AA07621@kolanut> MIME-Version: 1.0 Content-Type: text/plain From: composer@beyond.dreams.org (Jeff Kellem) > > On the cypherpunks mailing list, Strat wrote... > > Rarely will you find a system administration staff more concerned with > > your privacy that the guys at Digital Express Group. As I recall, the > > set of username->real name mappings isn't even on machine readable media > > on the system. > > Really? That's odd, especially for a unix box, which access.digex.com > seems to be. And, as a matter of fact, it does seem to show "Robert > Stratton" for the username of "strat". So, it seems they do maintain > username to "real name" mappings (even if they allow the user to change > the "real name" listed. Digital Express doesn't require that the GECOS field of /etc/passwd contain real names, although they obviously allow it. (Finger jthomas@access.digex.net for my full name, as well as my PGP key :^) I seem to remember that the new user signup script they use explicitly gives you the option of signing up under a pseudonymn, although they'll check up on you by phone if you do (and presumably write your name in the Big Book at that point). I've seen quite a few public access Unix sites advertising "anonymous" accounts lately, especially after Julf's server went down. Joe From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Wed, 26 May 93 12:53:57 PDT To: cypherpunks@toad.com Subject: Re: DE platform In-Reply-To: <9305261837.AA13410@wixer> Message-ID: <9305261953.AA20373@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain Correct me if I'm wrong, but from what I understand, "Dolphin Encrypt" does not use any well examined crypto system -- its something that you guys, without any cryptography credentials, cooked up. On that basis, why should we care about it? Most crypto systems that amateurs come up with are pathetic to say the least, and strong systems, like triple-DES and IDEA, are widely available. Perry meyer says: > My apologies for not thinking to state what platform Dolphin Encrypt > currently runs on. It's vanilla MS-DOS. Other versions are planned. > > The Dolphin Encryption Library (16 or so functions, containing the > core encryption functions from DE) is also for MS-DOS (designed to > work with the Microsoft and Borland development systems). This is all > standard ANSI C code, so should port to other platforms without much > problem. Currently there's a Clipper-oriented (that's the database > language) version in preparation. Developers on other platforms > (Unix, Amiga, etc.) who are interested in porting the library should > send me email. I am most interested in contacting someone who can > not only port the library but also market it. > > Porting of the Dolphin Encrypt program is a Stage II task, and depends > on successful porting of the library. > > -- Peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: sneal@muskwa.ucs.ualberta.ca (Sneal) Date: Wed, 26 May 93 15:00:53 PDT To: cypherpunks@toad.com Subject: Digital cash issuess... Message-ID: <9305262158.AA28845@muskwa.ucs.ualberta.ca> MIME-Version: 1.0 Content-Type: text/plain There's an interesting paper on offline cash systems by Stefan Brands, who I believe is/was a student of David Chaum. The abstract reads: "We present a new off-line electronic cash system based on a problem, called the representation problem, of which little use has been made in the literature thus far. Our system is the first to be entirely based on discrete logarithms. Using the representation problem as a basic concept, some techniques are introduced that enable us to construct protocols for withdrawal and payment that do not use the cut and choose methodology of earlier systems. As a consequence, our cash system is much more efficient in both computation and communication complexity than previously proposed systems." "Another import aspect of our system concerns its provability. Contrary to previously proposed systems, its correctness can be mathematically proven to a very great extent. Specifically, if we make one plausible assumption concerning a single hash-function, the ability to break the systems seems to imply that one can break the Diffie-Hellman problem." "Our system offers a number of extensions that are hard to achieve in previously known systems. In our opinion, the most interesting of these is that the entire cash system (including all the extensions) can be incorporated straightforwardly in a setting based on wallets with observers, which has the important advantage that double-spending can be prevented in the first place, rather than detecting the identity of a double-spender after the fact. In particular, in can be incorporated even under the most stringent requirements conceivable about the privacy of the user, which seems to be impossible to do with previously proposed systems. Another benefit of our system is that framing attempts by a bank have negligible probability of success (independent of conputing power) by a simple mechanism from within the system, which is something that previous solutions lack entirely. Furthermore, the basic cash system can be extended to checks, multi-show cash and divisibility, while retaining its computation efficiency." [...some stuff elided...] "...Using the representation problem, we show in the appendix how to batch the confirmation protoocol of undeniable signatures such that polynomially many undeniable signatures can be verified in four moves." The paper can be found at ftp.cwi.nl /pub/CWIreports/AA/CS-R9323.ps.Z -- Steve From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Wed, 26 May 93 16:29:12 PDT To: cypherpunks@toad.com Subject: Digital cash issuess... In-Reply-To: <9305262158.AA28845@muskwa.ucs.ualberta.ca> Message-ID: <9305262325.AA05097@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >As a consequence, our >cash system is much more efficient in both computation and >communication complexity than previously proposed systems." I take this with a grain of salt; see below. >In our opinion, the most interesting of >these is that the entire cash system (including all the extensions) >can be incorporated straightforwardly in a setting based on wallets >with observers, I am not surprised that they find this interesting; David Chaum has patented all the observer protocols. Having read these protocols in the original, I can say this is not much of an advantage. The observer protocols are tremendously expensive computationally. Anything you build on top of it won't be any faster. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jet@nas.nasa.gov (J. Eric Townsend) Date: Wed, 26 May 93 16:35:31 PDT To: MCMAHON@Eisner.DECUS.Org Subject: Selling Tapes ? In-Reply-To: <01GYMU6G53OY003ADN@Eisner.DECUS.Org> Message-ID: <9305262335.AA18866@boxer.nas.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain "John (FuzzFace/Fast-Eddie) McMahon" writes: > % traceroute ard.fbi.gov > % traceroute tycho.ncsc.mil > (and see what happens) boxer.jet> traceroute fbi.gov [sound of door breaking in] "Freeze! Drop that keyboard! You'll have to come with us Mr. Townsend. You have accessed an FBI computer system without prior authority." From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Clark Reynard Date: Wed, 26 May 93 17:03:41 PDT To: cypherpunks@toad.com Subject: Re: VinCrypt Message-ID: <9305270043.AA02074@metal.psu.edu> MIME-Version: 1.0 Content-Type: text/plain Even as a former 'hacker' myself, the second to last person I would trust not to install a backdoor (next to the NSA) is a hacker. In addition, merely having been a systems hacker hardly qualifies one for writing complex crypto software. Without any assurance as to the authors' qualifications for writing a crypto package, or their integrity. Even if I could trust their integrity, I'm very leery of black-box software. ---- Robert W. Clark Just Say No! to the rclark@nyx.cs.du.edu Big Brother Chip From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: MaxDemon@cup.portal.com Date: Wed, 2 Jun 93 14:26:01 PDT To: cypherpunks@toad.com Subject: PGP Message-ID: <9305261949.2.21834@cup.portal.com> MIME-Version: 1.0 Content-Type: text/plain How do I get the server to send me PGP22.ZIP and PGP22SRC.ZIP without breaking up each file into pieces? I'm on a DOS machine and can't recombine them. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Wed, 26 May 93 16:51:42 PDT To: cypherpunks@toad.com Subject: Re: Digital cash issuess... In-Reply-To: <9305262325.AA05097@soda.berkeley.edu> Message-ID: <9305262351.AA20929@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain Eric Hughes says: > >As a consequence, our > >cash system is much more efficient in both computation and > >communication complexity than previously proposed systems." > > I take this with a grain of salt; see below. > > >In our opinion, the most interesting of > >these is that the entire cash system (including all the extensions) > >can be incorporated straightforwardly in a setting based on wallets > >with observers, > > I am not surprised that they find this interesting; David Chaum has > patented all the observer protocols. > > Having read these protocols in the original, I can say this is not > much of an advantage. The observer protocols are tremendously > expensive computationally. Anything you build on top of it won't be > any faster. As I understand it, "observers" are built in to supposedly uncrackable hardware built into a smart card -- and I'm not a big fan of the notion that you can make hardware non-reverse engineerable... Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com Date: Wed, 26 May 93 17:12:40 PDT To: gnu@toad.com Subject: Re: Steganography and Steganalysis Message-ID: <9305270012.AA10969@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text John Gilmore writes: > My favorite scheme was to encode messages in trailing spaces and/or tabs > in netnews messages. You could also put internal tabs in place of spaces. and other fun things... > In fact, you could do this with news messages that flow "through" your > site, (if the messages aren't protected with a crypto checksum), so that > you would not be the message's sender (and it wouldn't be addressed to anyone > either -- recipients get very good privacy). Hmmm... While this certainly does provide some privacy, it also can break things, which is not nice to do to other people's messages. For example, if other people are encoding messages in trailing spaces or tabs in netnews messages, you'll replace their hidden messages with your own :-) I don't know if there's much news out there with Content-Length: headers or other byte-counting headers that would be disrupted; Lines: is obviously not bothered. On the other hand, if the messages that appear to be flowing through your site are really being generated there, either as forgeries of messages from other people, or forgeries of messages from anonymous posting sites, or are forged messages you're really posting through an anonymous posting site, you gain about the same effect (assuming your forgery is good enough to not attract attention.) (Forging messages from other people is best done either with cooperative people, or fake people, or people who don't mind like MAILER-DAEMON%Fidogate@BAR.BiTNet.) Bill Stewart From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Wed, 26 May 93 19:33:31 PDT To: clark@metal.psu.edu (Clark Reynard) Subject: Re: VinCrypt In-Reply-To: <9305270043.AA02074@metal.psu.edu> Message-ID: <9305270233.AA27245@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain > Even as a former 'hacker' myself, the second to last person I would > trust not to install a backdoor (next to the NSA) is a hacker. Are you meaning to imply that there is a backdoor in this package? If so, how do you justify this claim? > In addition, merely having been a systems hacker hardly qualifies > one for writing complex crypto software. Without any assurance as > to the authors' qualifications for writing a crypto package, or > their integrity. Even if I could trust their integrity, I'm very > leery of black-box software. You seem to know something about them that I do not. Care to share your knowledge? Thanx in advance. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: smb@research.att.com Date: Wed, 26 May 93 17:37:15 PDT To: Clark Reynard Subject: Re: VinCrypt Message-ID: <9305270037.AA11240@toad.com> MIME-Version: 1.0 Content-Type: text/plain Even as a former 'hacker' myself, the second to last person I would trust not to install a backdoor (next to the NSA) is a hacker. In addition, merely having been a systems hacker hardly qualifies one for writing complex crypto software. Without any assurance as to the authors' qualifications for writing a crypto package, or their integrity. Even if I could trust their integrity, I'm very leery of black-box software. ---- Robert W. Clark Just Say No! to the rclark@nyx.cs.du.edu Big Brother Chip Indeed. There were a pair of papers in Cryptologia a few years ago on ``Data Insecurity'' packages. The author cryptanalyzed a number of different PC-based crypto packages, and contrasted that with the glowing advertising copy... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: John_David_Galt@cup.portal.com Date: Wed, 2 Jun 93 14:26:05 PDT To: cypherpunks@toad.com Subject: help: P.S. Message-ID: <9305262054.2.7349@cup.portal.com> MIME-Version: 1.0 Content-Type: text/plain We have ftp here, but pax.tpa.com.au will not accept an ftp connection. If you know of a site that will, that has PGP, please, where is it? thanks. John David Galt From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: meyer Date: Wed, 26 May 93 20:59:27 PDT To: cypherpunks@toad.com Subject: Data Insecurity Packages, etc. Message-ID: <9305270314.AA05215@wixer> MIME-Version: 1.0 Content-Type: text/plain Clark Reynard writes: >Indeed. There were a pair of papers in Cryptologia a few years ago >on ``Data Insecurity'' packages. The author cryptanalyzed a number >of different PC-based crypto packages, and contrasted that with >the glowing advertising copy... This may or may not be one of those papers: Martin Kochanski: "A Survey of Data Insecurity Packages" in Deavours et al., Cryptology, pp. 195 - 209. None of the encryption methods analyzed by Kochanski were particularly complex, even though it did take skill to crack most of them. It turns out that in each case the encryption algorithm used is fairly easy to state (in, say, half a page). Perry Metzger writes: >Correct me if I'm wrong, but from what I understand, "Dolphin Encrypt" >does not use any well examined crypto system -- its something that you >guys, without any cryptography credentials, cooked up. On that basis, >why should we care about it? Most crypto systems that amateurs come up >with are pathetic to say the least, and strong systems, like >triple-DES and IDEA, are widely available. So far the DE method has not been well-examined, except by its developers (who have spent years on this). I took a step toward public examination of the method by posting the natural language description here on cypherpunks a few weeks ago. (Anyone who missed it can get it from me.) This description has been available in the manual for a year now, for anyone who cared to purchase the product. It has also been examined by four cryptologists (professional and/or credentialed) not involved in its development, and it was ridiculed by none of them. As I said, the complete details are in the C code, which is available at present to anyone who purchases the library, and which will be made public sometime down the road. Of course, any crypto system must be made available to public examination before it can be judged strong or otherwise. If I didn't think the DE encryption method was strong I wouldn't be making it public. Just because we have DES and IDEA doesn't mean we should be satisfied with them only. The first task of a cryptanalyst is to discover what method of encryption was used. If that is known (and solving this problem itself may be non-trivial) then cryptanalysis may proceed either by (i) a study of patterns in the ciphertext or (ii) a thorough study of the encryption method used. Statistical tests have not revealed any patterns in DE-encrypted ciphertext so far. We'll see whether analysis of the DE method by others reveals any flaws. Until then I'm reminded of the saying: "Those who can, do; those who can't, criticise." This brings up an interesting question: what charactersistics, if any, do different encryption methods produce in ciphertext? From a study of several large samples of ciphertext produced by a particular encryption method, what clues might there be to the identity of the encryption method used? I'd like to hear if anyone knows of any published work which addresses this question. Since DES in electronic code book mode (which is considered insecure) encrypts 8-byte chunks which are independent of each other, it's entirely possible that the ciphertext can be identified as the product of DES-ECB. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "John (FuzzFace/Fast-Eddie) McMahon" Date: Wed, 26 May 93 21:34:26 PDT To: stig@netcom.com Subject: Re: Selling Tapes ? Message-ID: <01GYNFOTREYQ003IQ1@Eisner.DECUS.Org> MIME-Version: 1.0 Content-Type: text/plain >What does traceroute do? I don't have it on my system... It lists the routers between your point and the destination. Sort of a poor man's mapping tool. It demonstrates that both NCSC and FBI are "openly/obviously" on the Internet. John From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: greg@ideath.goldenbear.com (Greg Broiles) Date: Thu, 27 May 93 00:59:12 PDT To: cypherpunks@toad.com Subject: Re: VinCrypt Message-ID: <5T774B1w164w@ideath.goldenbear.com> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- J. Michael Diehl writes: > > Even as a former 'hacker' myself, the second to last person I would > > trust not to install a backdoor (next to the NSA) is a hacker. > > Are you meaning to imply that there is a backdoor in this package? If so, how > do you justify this claim? It seems safer to assume that the software is insecure, until proven otherwise. This is the approach that's been taken with the Clipper chip, and seemed reasonable in that case - I suggest that it is in this case, as well. > > In addition, merely having been a systems hacker hardly qualifies > > one for writing complex crypto software. Without any assurance as > > to the authors' qualifications for writing a crypto package, or > > their integrity. Even if I could trust their integrity, I'm very > > leery of black-box software. > > You seem to know something about them that I do not. Care to share your > knowledge? Thanx in advance. Rather, the original poster (Clark Reynard) seems to *not* have information - e.g., information about how or why the author(s) of this crypto package are trustable, or why we should consider their software secure if we can't look at the source. If they are so naive as to think that the NSA can't afford a copy of Sourcer and a few person-hours to disassemble VinCrypt, what other (absurd) assumptions have they made? If a machine can execute it, a machine (or a machine and a person) can disassemble it. I can't believe that anyone's willing to take this VinCrypt crap even a little bit seriously. Any dork with a laser printer can print up a press release and mail it out - looks like maybe this was a slow week for the computer press. As far as I can tell, we're supposed to assume that VinCrypt is useful software because of the political/social perspective of its authors. While I share their suspicion of the powers that be, I do not trust them to write software that is free of intentional and/or nonintentional weaknesses. -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLARuSX3YhjZY3fMNAQESdQP+LP7jdBJLzvzDItehb4Lwwwch9Wi1LfS6 5pvPd/+NeXYNb2RDYSbf7RNvQ6nQTgLYvD9cs8Xw5kXAJzhA/6PVULgMj66OsC63 3SMeVzQuu3Ui0Ki0nF+RslKNDL/gffurPSzJ9Pwn4uCiAFiXObjkriYE5M02bJOw Ax7pVUq7ueQ= =Mj7Z -----END PGP SIGNATURE----- -- Greg Broiles greg@goldenbear.com Golden Bear Computer Consulting +1 503 465 0325 Box 12005 Eugene OR 97440 BBS: +1 503 687 7764 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Thu, 27 May 93 08:15:14 PDT To: cypherpunks@toad.com Subject: Re: VinCrypt In-Reply-To: <9305270233.AA27245@triton.unm.edu> Message-ID: <9305271514.AA26019@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain > > In addition, merely having been a systems hacker hardly qualifies > > one for writing complex crypto software. Without any assurance as > > to the authors' qualifications for writing a crypto package, or > > their integrity. Even if I could trust their integrity, I'm very > > leery of black-box software. > > You seem to know something about them that I do not. Care to share your > knowledge? Thanx in advance. Oh, come on. Every decent cryptoweenie knows that you don't trust black box cryptography software. Most amateurs (and the average person writing crypto code is NOT a professional cryptographer) have no idea of what they are doing and produce crap. If you don't know how the program you are buying works, odds are that its one of the majority of programs, i.e. its crap. Throughout the last two thousand years, fools, often individuals who were otherwise rather intelligent, have repeatedly invented new cryptosystems over and over again which were completely worthless. Indeed, virtually everyone thinks that they know enough to build a new cryptosystem -- and virtually no one has bothered to learn how real cryptosystems are broken. This even bites the best of us. Phil Zimmermann tells the story of how he once invented a cryptosystem only to open up a college text on cryptography and see that the problem of breaking his new cryptosystem was so trivial that it was a homework exercise at the end of the first chapter. I, for one, will never use any crypto system for which the algorithm hasn't been extensively published and scrutinized. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Kyle Jones Date: Thu, 27 May 93 10:44:09 PDT To: Eric Hughes Subject: Questionable instances? In-Reply-To: <9305261805.AA03358@wendy-fate.UU.NET> Message-ID: <9305271743.AA04028@wendy-fate.UU.NET> MIME-Version: 1.0 Content-Type: text/plain Eric Hughes writes: > > I can only assume that the bounce came to you becasue the > > cpypherpounk list isn't set to make bounces go to the list > > maintainer. > > This is the first of these messages we've had for six months, as the > bounce messages do in fact go back to the maintainer, me, quite > regularly. I get on the order of 300-400 per week, since often a bad > address will queue up mail for a few days before bouncing it all. If that's so, then it must be that the stupid transport software at AT&T is ignoring the envelope sender information. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: miron@extropia.wimsey.com (Miron Cuperman) Date: Thu, 27 May 93 14:31:49 PDT To: cypherpunks@toad.com Subject: Interim patch for ytalk Message-ID: <199305272044.AA05646@xtropia> MIME-Version: 1.0 Content-Type: text/plain I also intend to change the name of the program to PGTalk. If anybody has better ideas, please let me know. This patch is important for the security of the encryption. The idea was to have cipher feedback (pun intended!). Somehow I reversed a couple of lines. *** ytalk/idea.c Thu May 27 13:40:36 1993 --- pgtalk/idea.c Thu May 27 13:40:52 1993 *************** *** 504,510 **** { idea_ecb(iv,temp, Z); /* encrypt iv_idea, making temp. */ ! if (!decrypt) /* buf is ciphertext */ /* shift in ciphertext to IV... */ cfbshift((byte *)iv,buf,chunksize,IDEABLOCKSIZE); --- 504,510 ---- { idea_ecb(iv,temp, Z); /* encrypt iv_idea, making temp. */ ! if (decrypt) /* buf is ciphertext */ /* shift in ciphertext to IV... */ cfbshift((byte *)iv,buf,chunksize,IDEABLOCKSIZE); *************** *** 511,517 **** /* convert buf via xor */ xorbuf(buf,(byte *)temp,chunksize); /* buf now has enciphered output */ ! if (decrypt) /* buf was plaintext, is now ciphertext */ /* shift in ciphertext to IV... */ cfbshift((byte *)iv,buf,chunksize,IDEABLOCKSIZE); --- 511,517 ---- /* convert buf via xor */ xorbuf(buf,(byte *)temp,chunksize); /* buf now has enciphered output */ ! if (!decrypt) /* buf was plaintext, is now ciphertext */ /* shift in ciphertext to IV... */ cfbshift((byte *)iv,buf,chunksize,IDEABLOCKSIZE); From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Ian S. Nelson" Date: Thu, 27 May 93 12:53:57 PDT To: clark@metal.psu.edu (Clark Reynard) Subject: Re: VinCrypt In-Reply-To: <9305270043.AA02074@metal.psu.edu> Message-ID: <199305271953.AA13069@bvsd.Co.EDU> MIME-Version: 1.0 Content-Type: text/plain > > Even as a former 'hacker' myself, the second to last person I would > trust not to install a backdoor (next to the NSA) is a hacker. > > In addition, merely having been a systems hacker hardly qualifies > one for writing complex crypto software. Without any assurance as > to the authors' qualifications for writing a crypto package, or > their integrity. Even if I could trust their integrity, I'm very > leery of black-box software. I think the line about "not trusting DES or RSA because those algorithms have been given to the NSA" about says it all. -- Ian S. Nelson I speak for only myself. Finger for my PGP key. If you are a beautiful woman, it is mandatory that you reply to this message. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Kent Hastings" Date: Thu, 27 May 93 16:15:55 PDT To: cypherpunks@toad.com Subject: Physical Links Message-ID: <199305272315.AA13892@aerospace.aero.org> MIME-Version: 1.0 Content-Type: text/plain Physical Links Public key and other crypto techniques have been discussed here. So has TEMPEST shielding against eavesdropping. But, there hasn't been a discussion of physical data link options (unless it was "before my time"). IMHO, this topic should have a place in the FAQ. m. Physical Data Links. a. Telco/Dial-up b. Radio 1. VLF 2. MW (near Broadcast AM) 3. Shortwave 4. VHF 5. UHF 6. Microwave c. Infrared/Visible Free Space d. Laser/Maser Beam n. Modulation Techniques. a. AM b. SSB c. ACSSB d. FM e. SSTV f. FSTV g. Spread spectrum (hybrids of the following) 1. FH - frequency hopping 2. DS - direct sequence 3. TH - time hopping 4. TR - transmitted (noise) reference 5. SR - stored (usually pseudo-noise code) reference o. Network elements (?) 1. Wire and cable (underground, disguised) 2. Point-to-point (radio) 3. Simple repeaters/linear translators (transponders) 4. Regenerative repeaters (digital packet) 5. Satellites 6. Meteor scatter 7. Moonbounce I'd like to see pro and con discussion of these items. Having encrypted messages won't do any good if Our Enemy simply pulls the plug at the telephone company. Kent - kent_hastings@qmail2.aero.org. #000# From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: bakunin@gnu.ai.mit.edu Date: Thu, 27 May 93 16:38:09 PDT To: kent_hastings@qmail2.aero.org Subject: Re: Physical Links Message-ID: <9305272337.AA16384@spiff.gnu.ai.mit.edu> MIME-Version: 1.0 Content-Type: text/plain Well, gee. Now, if we do all our encrypting at home, and only encrypted messages make it onto them thar links, wouldn't that help some? Not that physical links aren't a particular weak point. Just that. michael -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.2 mQCNAiwCUMgAAAEEALVBnm7CCroKf8P9qh+yB5c4QCCEhZ8AtaqMnqf7UEHxmHXW WTClI/LGZaMzTZGE6Mw8J8O6EVJK/7WvGg23YPXXm4t+8sLW+QESFbJbhksZjZaG dTmG4QH10b09K9/qYdugh2c7O01VqU7CD1ZgHMpp8VkVHcda0tF7S6aYxdMbAAUR tChNaWNoYWVsIEJha3VuaW4gPGJha3VuaW5AZ251LmFpLm1pdC5lZHU+ =xJ6U -----END PGP PUBLIC KEY BLOCK----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Thu, 27 May 93 21:29:32 PDT To: TO1SITTLER@APSICC.APS.EDU (Kragen Sittler) Subject: Re: Steganography In-Reply-To: <930527213642.3e2f@APSICC.APS.EDU> Message-ID: <9305280429.AA29877@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Kragen Sittler writes: > I headed to the library to check out what they had, crypto-wise. I found one > book copyright 1939, which had a chapter on methods of steganography. > > Some of the suggestions I got from it: > -Use every third letter of each word. > -Use every nth letter of each word, where n varies depending on a key. > (e.g., 2-4-1-5-5-3) > -use every nth word of a sentence ...rest elided... Was this "Cryptanalysis," by Helen Gaines? Or the Herbert S. Zim popularization? Both are very dated. Somehow I don't think 1939 methods will be real useful in a 1993 world. But the book may be educational...you have to crawl before you can walk, etc. (Kahn's "The Codebreakers" has some good stuff on hiding messages, mostly from World War II...think about it, those spies may've used your 1939 book as a tutorial!) There haven't been many recent books dealing explicitly with steganography, though modern crypto texts like Brassard's "Modern Cryptology," the Antichrist's "Cryptography and Data Security" (Dorothy Denning), or Salomaa's "Public Key Cryptography" are good sources. And conference proceedings (annual "Crypto" conferences) should have some articles on "covert channels" and the like. You can find these books in (most) large university libraries or in (many) technical bookstores. If the only crypto book you have access to is from 1939, find a larger library. Happy reading! -Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: TO1SITTLER@APSICC.APS.EDU (Kragen Sittler) Date: Thu, 27 May 93 20:38:36 PDT To: cypherpunks-real@toad.com Subject: Steganography Message-ID: <930527213642.3e2f@APSICC.APS.EDU> MIME-Version: 1.0 Content-Type: text/plain I headed to the library to check out what they had, crypto-wise. I found one book copyright 1939, which had a chapter on methods of steganography. Some of the suggestions I got from it: -Use every third letter of each word. -Use every nth letter of each word, where n varies depending on a key. (e.g., 2-4-1-5-5-3) -use every nth word of a sentence. -encode in base-3 before steganizing. -use the number of syllables in a word. -use the number of words in a sentence. Irrelevant suggestions: -use different fonts. (within the same word.) -use broken and whole pickets in a fence. -use empty and full positions in a cartridge-belt, as in machine gun. -use invisible ink instead, it's easier. :-) Maybe these will help those more able to program than myself. Kragen. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: kocherp@leland.stanford.edu Date: Thu, 27 May 93 22:45:14 -0600 To: ld231782@longs.lance.colostate.edu Subject: Re: Public Apology [ARTICLE IS A FORGERY] Message-ID: <9305280445.AA09696@cardinal.Stanford.EDU.Stanford.EDU> MIME-Version: 1.0 Content-Type: text/plain Here's a copy of the forged note, plus my response. Regards, Paul Kocher kocherp@leland.stanford.edu - ------------------------------------------------------------------------------- Article 499 in alt.privacy.clipper: Path: nntp.Stanford.EDU!headwall.Stanford.EDU!agate!howland.reston.ans.net!usc!c s.utexas.edu!not-for-mail From: strnlght@netcom.com (David Sternlight) Newsgroups: alt.privacy.clipper Subject: Public Apology Date: 27 May 1993 01:58:35 -0500 Organization: DSI/USCRPAC Lines: 36 Sender: daemon@cs.utexas.edu Message-ID: <9305270624.AA00395@silverton.berkeley.edu> NNTP-Posting-Host: cs.utexas.edu In article <9305270624.AA00395@silverton.berkeley.edu> you write: >Dear Friends, > >Many of you have come to know me through my public analysis of >encryption technology and the law as I understand it. I have taken the >past few days to reflect on my positions. I now realize that I myself >have been misled and in turn may have been misleeding some of you. I am >very impressed with the quality and clarity of thought that many of you >on the system have displayed in your numerous and extensive replies to >my ruminations. Unfortunately, I have also been impressed with the >misleading and self-serving views presented by my former friend Jim >Bidzos, and by my colleagues in the United States Government. Recently, >some have called me a dupe, and, understandably, I have reacted >strongly. Only now do I realize how right they have been. > >Let me now try to explain my current thinking: Democracy, as defined by >our founding fathers, and the Greek philosophers before them, has as its >cornerstone free and unfettered public discourse. In our modern world, >privacy and the ability to speak without fear of disclosure or reprisal, >is a prerequisite for all but the most perfunctory such discourse. If >there is one thing I should have learned in my journeys to our spanish- >and portuguese-speaking neighbors to the south, it is that the >government can never be relied upon as the guarantor of privacy. >Contrariwise, it is all too often positioned as the infractor. We should >not, nay, we must not, allow the trivia of narrow-minded export >restrictions and the tyranny of questionable patents to stand in the way >of our personal liberties. > >I therefore undertake to present my public apologies to such enlightened >and forward-thinking members of our community as Daniel Bernstein, >Vesselin Bontchev, Peter Honeyman, Perry Metzger, and especially Phil >Zimmermann. I can only hope they will find the generosity to judge me >not on my past, but on my present and future actions. > >-- >David Sternlight Great care has been taken to ensure the accuracy of > our information, errors and omissions excepted. - ------------------------------------------------------------------------------- My article to sci.crypt and alt.privacy.clipper follows Newsgroups: alt.privacy.clipper,sci.crypt Subject: Re: Public Apology [ARTICLE IS A FORGERY] Summary: Expires: References: <9305270624.AA00395@silverton.berkeley.edu> Sender: Followup-To: alt.privacy.clipper Distribution: Organization: DSG, Stanford University, CA 94305, USA Keywords: In article <9305270624.AA00395@silverton.berkeley.edu> strnlght@netcom.com (David Sternlight) writes: >Only now do I realize how right they have been. I'm quite certain this post is a forgery. Plenty of things seem wrong here. For example, David doesn't usually post through cs.utexas.edu (which is reportedly is one of the least difficult sites to use for forging news articles). Other things are also wrong with the header... FLAME MODE: In my opinion, posting this represents a disgusting violation of net ethics (and the law). It is frightening that someone could be so immature as to attempt to damage David's relationships with Jim Bidzos and others. Hopefully someone can kill the article before it propigates too far... Regards, Paul Kocher kocherp@leland.stanford.edu [I'm sending this to sci.crypt in addition to alt.privacy.clipper, where a supposed "Public Apology" from David Sternlight was posted.] ------- End of Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ""L. Detweiler"" Date: Thu, 27 May 93 22:04:29 PDT To: cypherpunks@toad.com Subject: forged Sternlight posting? Message-ID: <9305280504.AA05292@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain Apparently someone has forged a Sternlight posting on sci.crypt and alt.privacy.clipper. If the author can hear me: you should be severely ashamed. I've said before that Sternlight is actually (in a warped way) a *resource* to the net because of his representation of the NSA and `fuzzy-brained public' opinion. Without him, we'd have nothing but all of ourselves in a bland choir. Cypherpunks, maybe we can help track down the culprit. The forgery says `recently, some have called me a dupe'. Perhaps it is an allusion to a recent flame war wherein the counterfeiter participated. Cypherpunks are sneaky, but not sleazy. I look forward to the day when digital signatures and other authentication methods make forged postings like this a strange historical anachronism. ------- Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: poier@sfu.ca (Skye Merlin Poier) Date: Fri, 28 May 93 21:31:16 PDT To: cypherpunks@toad.com Subject: Modified Vigenere encryption? Message-ID: <9305280735.AA22115@malibu.sfu.ca> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- I was just thinking... What if one were to use Vigenere encryption with a key at least as long as the message (therefore making the incidence of coincidences irrelevant)? A key made of, for instance, words strung together from a dictonary selected pseudorandomly? Are there other weaknesses in the Vigenere system that are escaping me? Perhaps one could use (in the pseudorand words example) distribution / transition / equilibrium proabilities in the english language? If so, are there any other options for generating a long key without the need for a truly random key (which would make using the Vigenere table pointless because it would just be an one- time-pad)? Also, what are the weaknesses of the Playfair cypher? My texts mention it, but don't say much of anything other than how it works... Just pondering at odd hours... Skye - -- - -----====> Skye Merlin Poier <====----- Undergrad in CMPT/MATH (Virtual Reality) |||| |||| email: poier@sfu.ca p-OO <--> OO-q THINK PGP Public Key available on finger \== ==/ -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLAXAvS0bkpXW3omvAQG5EQP/dVH9mxGEvd59ec5e63LKvq45QCwW3K/W QQU9KlkqGsqw6s5R9N3JQeK+BEIDhq2qViPkP9PPDBPmK9nyAx1zLxQ7tP5W+HvT wuFeG+Yqzg5IBsOQXRKPaBeNJcgCyDXUgFSKSRT0fGD1n5XCb7zKScht2p4Cp0CB 07jUWV0cPqQ= =Cydq -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: meyer Date: Fri, 28 May 93 21:32:21 PDT To: cypherpunks@toad.com Subject: Trust, Amateur/Professional, use of PRNGs Message-ID: <9305280750.AA07434@wixer> MIME-Version: 1.0 Content-Type: text/plain >Date: Thu, 27 May 1993 11:33:06 -0400 >From: "Perry E. Metzger" > >meyer says: >> >> Perry Metzger writes: >> >> >Correct me if I'm wrong, but from what I understand, "Dolphin Encrypt" >> >does not use any well examined crypto system -- its something that you >> >guys, without any cryptography credentials, cooked up. On that basis, >> >why should we care about it? Most crypto systems that amateurs come up >> >with are pathetic to say the least, and strong systems, like >> >triple-DES and IDEA, are widely available. >> >> So far the DE method has not been well-examined, except by its >> developers (who have spent years on this). > >In that case, I do not think it is worthy of trust. (See "The >Codebreakers" by David Kahn for dozens upon dozens of stories of >amateurs who spent long times producing cryptosystems that were >essentially junk.) I am not asking that you take it on trust. If I were I wouldn't be revealing the details of the encryption method and I wouldn't be subjecting the software to critical examination. You omit to point out that Kahn also discusses the cryptosystem invented in the late 18th Century by Thomas Jefferson. I'm not aware that Jefferson was a "professional" cryptologist or that he was "credentialed" in this field. Yet his cryptosystem was sufficiently strong that even after 1922 "other branches of the American government used the Jefferson system, generally slightly modified, and it often defeated the best efforts of the 20th-century cryptanalysts who tried to break it down! To this day the Navy uses it." (Kahn, p.195 of the hardbound edition.) This shows that your distinction between "professionals" (by implication, the experts) and "amateurs" (by implication, the self-deluding fools) is false. There is no such clear-cut distinction. Whether a cryptosystem is strong or not has to be decided by an examination of the system itself, not on the basis of whether its author has attended cryptology classes at M.I.T. >> Statistical tests have not revealed any patterns in DE-encrypted >> ciphertext so far. > >Or in 99% of other crypto systems. I can construct completely trivial >and easily broken crypto systems that don't reveal any patterns >without careful analysis. As an example, it takes mere minutes to >break a cryptosystem constructed by XORing the plaintext stream with >the output of a linear congruential pseudorandom number generator -- >but the output will indeed look random to ordinary statistical tests. XORing the plaintext with the outcome of a linear congruential PRNG is a very simple-minded way to use a PRNG. Such operations are certainly amenable to mathematical analysis. No doubt you've read your Abraham Sinkov on "Mathematical Cryptanalysis" and other such works, where the solving of simultaneous equations in several (perhaps many) unknowns may yield a solution in some cases. Yet I fail to understand why you assume that someone (even someone "uncredentialed") who uses PRNGs in a cryptosystem will necessarily do so in a simple-minded way. I can't imagine why any intelligent designer of a cryptosystem would commit that error. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dmandl@lehman.com (David Mandl) Date: Fri, 28 May 93 21:35:12 PDT To: cypherpunks@toad.com Subject: Re: forged Sternlight posting? Message-ID: <9305281244.AA13343@disvnm2.shearson.com> MIME-Version: 1.0 Content-Type: text/plain > From: ""L. Detweiler"" > > Apparently someone has forged a Sternlight posting on sci.crypt and > alt.privacy.clipper. If the author can hear me: you should be severely > ashamed. I've said before that Sternlight is actually (in a warped way) > a *resource* to the net because of his representation of the NSA and > `fuzzy-brained public' opinion. Without him, we'd have nothing but all > of ourselves in a bland choir. > > Cypherpunks, maybe we can help track down the culprit. The forgery says > `recently, some have called me a dupe'. Perhaps it is an allusion to a > recent flame war wherein the counterfeiter participated. I think the forgery was kind of primitive and obvious (OK, I admit I did get a little chuckle out of it). But if it wasn't already clear to everyone that it was a fake, I'm sure Sternlight's and your responses made it clear. I'm strongly opposed to being cops and "tracking down the culprit." It was just an innocent joke, and no one was hurt. If Sternlight's ego was bruised, then (as my mom used to say) "my heart bleeds for him." It's not a big deal. We've got better things to do than help David Sternlight fight his battles (though I agree it's useful to have him around). --Dave. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Fri, 28 May 93 21:39:02 PDT To: wixer!wixer.bga.com!meyer@cactus.org Subject: Data Insecurity Packages, etc. In-Reply-To: <9305270314.AA05215@wixer> Message-ID: <9305281626.AA12145@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >It has also been examined by four cryptologists (professional and/or >credentialed) not involved in its development, and it was ridiculed >by none of them. I hear the sounds of autonecrothaphty (digging one's own grave). Was it recommended by any of them, and did any of the test it? >The first task of a cryptanalyst >is to discover what method of encryption was used. Usually not. This often comes as collateral information related to the intercept. In the case of a PC seizure, having a manual lying around and an executable on the disk usually qualifies. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Fri, 28 May 93 21:37:59 PDT To: cypherpunks@toad.com Subject: VinCrypt In-Reply-To: <9305271514.AA26019@snark.shearson.com> Message-ID: <9305281652.AA13454@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >This even bites the best of us. Phil Zimmermann [...] PGP 1.0 had Phil's Bass-o-matic cipher, which he subsequently dropped. When I first saw that, I thought to myself, "snake oil," but not in those words. I'm glad that lesson got learned. >I, for one, will never use any crypto system for which the algorithm >hasn't been extensively published and scrutinized. I am in total agreement. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Fri, 28 May 93 21:37:49 PDT To: cypherpunks@toad.com Subject: ADMIN: sequencing problems Message-ID: <9305281700.AA13903@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Many have wondered why the mail comes out of order sometimes. The following comments are my surmise of the situation; I haven't done an experimental confirmation of the situation. The sequencing problem comes from the way that toad.com handles mail. If it can't be delivered immediately upon arrival, it goes in the queue. If it can be sent out immediately, then it is sent out. Now toad.com routes to many sites through a relay at uunet; this relay bogs down. If toad.com can't connect to the relay, it queues the mail. The queue is processed only at intervals. The next mail might go out immediately, before the queue has been processed again. I see the same thing at soda. I'm not going to try to fix it. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Watt Forste Date: Fri, 28 May 93 21:36:55 PDT To: cypherpunks@toad.com Subject: crypto product list Message-ID: <199305281748.AA09808@joes.GARAGE.COM> MIME-Version: 1.0 Content-Type: text/plain I'd like to put together a list of all commercially available encryption products, both the good and the bad, both the standalone and the built-in (to nonencryption products), with information about what algorithms are used in encrypting. I'm particularly interested in *commercially-available* (or free) products for telephonic security (cellular, standard, and fax), device-driver-level computer security products that use encryption, any mail software that uses builtin encryption (calls to RIPEM, PGP, whatever), products that license and incorporate RSA (nonproducts that will do this when they are products include Apple's OCE... is the RSA-compliant version of Lotus Notes out yet?), etc. etc. If you can mail information about such products to arkuat@joes.garage.com or to slippery@netcom.com, particularly the addresses of marketing departments that I can write to to get more information, I will compile a text file of this data and, with Eric Hughes permission, put it up in the cypherpunks directory of soda.berkeley.edu. Please send information about products that are commercially available or freely accessible right now. If you have information about products that you are fairly certain will be on the market within the next six months (before the end of 1993), please send the information but clearly indicate that the product in question is not yet available and clearly indicate a *conservative* estimate of the date the product will be available. Let me emphasize that my use of the word "product" is fully intended to include free software, not just monopolized intellectual property. If you know what encryption algorithm(s) is/are used by the product, such as DES (ECB, CBC, CFB), IDEA, RSA, Vigenere, please indicate that. If the manufacturers of the product have not disclosed the encryption algorithm, then please say so. What I myself know least about are the products for secure telephony, so I'd appreciate information on these the most. But I'm sure I have lots of gaps in my knowledge of hard-disk and e-mail security stuff also. I hope to have a preliminary file ready for soda (if soda wants it) before June 10th. If it's still short, I may post it here so y'all can more easily fill in the gaps. Eric Watt Forste arkuat@joes.garage.com 1800 Market St #243 San Francisco CA 94102 "Expectation foils perception." -- Pamela C. Dean From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Fri, 28 May 93 21:38:38 PDT To: cypherpunks@toad.com Subject: Oh, da horrah. Message-ID: MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- On Thu, 27 May 93 23:04:21 -0600, ""L. Detweiler"" wrote - > Apparently someone has forged a Sternlight posting on sci.crypt and > alt.privacy.clipper. If the author can hear me: you should be severely > ashamed. I've said before that Sternlight is actually (in a warped way) > a *resource* to the net because of his representation of the NSA and > `fuzzy-brained public' opinion. Without him, we'd have nothing but all > of ourselves in a bland choir. > Cypherpunks, maybe we can help track down the culprit. The forgery says > `recently, some have called me a dupe'. Perhaps it is an allusion to a > recent flame war wherein the counterfeiter participated. > Cypherpunks are sneaky, but not sleazy. I look forward to the day when > digital signatures and other authentication methods make forged > postings like this a strange historical anachronism. I'm surprised no one realized this before now. My first reaction to this was that of humor. My second reaction was that I felt embarrassed for thinking it was funny. My subsequent reaction was that of irony. As was overheard in the newsgroup - > From: steiner@jupiter.cse.utoledo.edu (Jason 'Think!' Steiner) > Date: 27 May 93 07:09:07 EST > heh. maybe David should start signing his posts with PGP so he won't > have this problem in the future. :^) > [yeah, the irony was deliberatly manufactured by whoever forged that > post, but it's still too good to pass up.] I couldn't agree more. I do, however, agree that it was a pretty sleazy trick on somone's part -- but the irony factor is just too surreal. Cheers. -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLAYovJRLcZSdHMBNAQGLtQP/Y5mGsWAGqtCwHYpiPkq/98ofprvRowq3 AZ1u+w0TJSYXeZpF+jSr6cOLH8boWS1Ud3tugFTUuQA/SD7sMFSwdPlvBzfHAIiE 1BiVs7+SDCFOPXXpttv8PezR0ZspyXwxNofGZVM1wXLG1siPBE3XeEbBjKp2SCev DK5Ez1QbSCI= =2Pne -----END PGP SIGNATURE----- Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp@sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: meyer Date: Fri, 28 May 93 21:34:48 PDT To: cypherpunks@toad.com Subject: Reply to Eric Message-ID: <9305281746.AA11286@wixer> MIME-Version: 1.0 Content-Type: text/plain Eric Hughes writes: >>It has also been examined by four cryptologists (professional and/or >>credentialed) not involved in its development, and it was ridiculed >>by none of them. > >I hear the sounds of autonecrothaphty (digging one's own grave). Was >it recommended by any of them, and did any of the test it? It's true I'm going out on a limb here, but the potential benefit to the world is a new cryptosystem of some value (a deliberately modest claim). And one that was not designed by NSA complete with trapdoors. Anything new always meets with resistance. The description was run by the cryptanalysts for their comment. The consensus was that the method was probably strong, or at least not obviously weak, but that they had insufficient information to judge properly. You may disagree. You may not like the proposed method, but the real question is whether it works. In-house testing has been as rigorous as we can make it, but any outside cryptanalyst is welcome to take a shot at it. >>The first task of a cryptanalyst >>is to discover what method of encryption was used. > >Usually not. This often comes as collateral information related to >the intercept. In the case of a PC seizure, having a manual lying >around and an executable on the disk usually qualifies. Yes, a cryptanalyst looks around for other evidence as to which cryptosystem was used before the hard work of analysing ciphertext. As you say, it may be a manual or an exmcttable. The encipherer himself may reveal it. But in any case, identifying the encryption method *is* the first step in cryptanalysis. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peter honeyman Date: Fri, 28 May 93 21:33:51 PDT To: "" L. Detweiler "" Subject: Re: forged Sternlight posting? In-Reply-To: <9305280504.AA05292@longs.lance.colostate.edu> Message-ID: <9305281918.AA09887@cygnus.com> MIME-Version: 1.0 Content-Type: text/plain > Apparently someone has forged a Sternlight posting on sci.crypt and > alt.privacy.clipper. If the author can hear me: you should be severely > ashamed. ... > > Cypherpunks, maybe we can help track down the culprit. ... > > Cypherpunks are sneaky, but not sleazy. ... go hang with spaf if you want to deal out this kind of bullshit. cypherpunks are not the cops of the net. peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Dave Banisar Date: Fri, 28 May 93 21:30:10 PDT To: CYPHERPUNKS@toad.com Subject: CPSR Seeks Clipper Docs Message-ID: <9305281842.AA46660@hacker2.eff.org> MIME-Version: 1.0 Content-Type: text/plain PRESS RELEASE May 28, 1993 CPSR Seeks Clipper Documents - Brings Suit Against NSA and National Security Council Washington, DC -- Computer Professionals for Social Responsibility filed suit today in federal district court seeking information about the government's controversial new cryptography proposal. The "Clipper" proposal, announced by the White House at an April 16 press conference, is based on a technology developed by the National Security Agency that would allow the government to intercept computer encoded information. Law enforcement agencies say that capability this is necessary to protect court ordered wire surveillance. But industry groups and civil liberties organizations have raised questions about the proposal. They cite the risk of abuse, the potential loss in security and privacy, costs to US firms and consumers, and the difficulties enforcing the policy. Marc Rotenberg, CPSR Washington office director, said "The Clipper plan was developed behind a veil of secrecy. It is not enough for the White House to hold a few press conferences. We need to know why the standard was developed, what alternatives were considered, and what the impact will be on privacy. " "As the proposal currently stands, Clipper looks a lot like 'desktop surveillance,'" added Rotenberg. David Sobel, CPSR Legal Counsel, said "CPSR is continuing its oversight of federal cryptography policy. These decisions are too important to made in secret, without public review by all interested parties." In previous FOIA suits, CPSR obtained records from the General Services Administration questioning the FBI's digital telephony plan, a legislative proposal to require that communications companies design wiretap capability. More recently, CPSR obtained records through the FOIA revealing the involvement of the National Security Agency in the development of unclassified technical standards in violation of federal law. CPSR is a national membership organization, based in Palo Alto, CA. Membership is open to the public. For more information about CPSR, contact CPSR, P.O. Box 717, Palo Alto, CA 9403, 415/322-3778 (tel), 415/322-3798 (fax), cpsr@cpsr.org From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: RAGLAN54%MMC.BITNET@uga.cc.uga.edu Date: Fri, 28 May 93 21:28:10 PDT To: cypherpunks@toad.com Subject: Electronic Contracts Message-ID: <01GYQ0C6AR1U8WX3NV@MMC.BITNET> MIME-Version: 1.0 Content-Type: text/plain Just a thought here. I'm still new to this cryptography thing, taking it seriously, have read through the FAQ and the past week or so of posts here. I just got a copy of PGP tonight, and on reading through the manual, something leaped out at me: electronic signature validation. If your private key acts as validation for a message, then what you have is an electronic signature that could be verified, and thus you could sign a contract online; you're snet the contract in email, you attach your private-key signature to it and email it back, and voila, you've entered into a contractual agreement that would stand up in court. Has there been a test case of this? Are there any lawyers or other legal types on this echo that could give an opinion on the validity of this idea? Or has this issue been discussed before? Andrew *5 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ""L. Detweiler"" Date: Fri, 28 May 93 21:27:30 PDT To: cypherpunks@toad.com Subject: Sternlight forgery Message-ID: <9305290406.AA25605@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain Sheesh, hours spent on the Mycotronx posting are rewarded with uniform deafening apathy, and this gets all the reaction. I'd never have thought I'd be flamed for condemning a forgery. When did it happen that cancelling other's postings and deceitful forgeries wasn't taboo? Ok, ok, maybe it never was, and nothing's sacred in cyberspace; don't flame me with the history of Usenet taboos. Perhaps I didn't make this clear, but the names and themes (Zimmerman, Bidzos, RSA, PGP, other cypherpunk members) in the forged letter suggested to me a cypherpunk subscriber may have been responsible. Otherwise, I would not have posted it here. It's just my modest warning and reminder that while we might be revolutionaries we're not scoundrels. I take exception to the description of the posting as an `innocent joke'. I have no problem with an `innocent joke' like this being posted under someone's name or even anonymously. It seems to me at least some of the intent was rooted in malice and deceit. Ah, but I'm starting to sound like Depew. peter honeyman >go hang with spaf if you want to deal out this kind of bullshit. >cypherpunks are not the cops of the net. Ouch. I assure you Mr. Spafford is not my type, and anyway he has apparently resigned from the position of net.policeman so the point is mute. (At the quasi-demise of anon.penet.fi there was a lot of rumor and speculation that he was the `highly regarded net personality' who sent the poison letter alluded by Helsingius. I wonder if that tipped him over the edge?) Excuse me, I just thought it might give some bored cypherpunk something to do with their afternoon in helping track down the posting. I think I'll just go lurk in a dark Usenet corner. L. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: stig@netcom.com (Stig) Date: Fri, 28 May 93 23:03:42 PDT To: cypherpunks@toad.com Subject: Re: Modified Vigenere encryption? In-Reply-To: <9305280735.AA22115@malibu.sfu.ca> Message-ID: <9305290603.AA16770@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain I must've missed it. Will some kind soul forward to me a description of Vigenere? > > Also, what are the weaknesses of the Playfair cypher? My texts mention it, but > don't say much of anything other than how it works... > Well, a while ago I saw a description of playfair in a novel and it was simple enough that I coded it... I guess I had lots of free time. Don't pick on my code. It's old. Stig /** * playfair.c -- implementation of the playfair cipher * written by stig, 10-mar-91 * * --- TO COMPILE (put this in your makefile) --- * unpf pf: playfair.c * cc $(CFLAGS) -o pf playfair.c * - rm unpf * ln pf unpf * * --- THIS PROGRAM works as a filter--- * pf keyword code_file * unpf keyword my na me is xs ti go ri on at ha nz * * 2) transform each letter pair using the alphabet square: * (i may be written as either i or j) * a) letters appear in the same row -- replace them with letters to * the right. letter to right of rightmost letter is first letter * of the row. (hi -> il (or jl)) * b) letters appear in the same column -- replace them with letters * below. (ha -> ph) * c) otherwise -- replace each letter with the letter occupying the * same row in the grid and the column of the other letter in the * pair. (my -> pk) * * MY NA ME IS XS TI GO RI ON AT HA NZ * pk pd nk lq zq xf le bf es rv ph su */ #include #include #include #include char *Key = 0; char Square[26] = " "; /* 25 spaces */ #define pos(row,col) Square[ (row)*5 + (col) ] #define findrow(c) ((int)(index(Square,c)-Square)/5) #define findcol(c) ((int)(index(Square,c)-Square)%5) #define jtoi(c) (((c)=='j') ? 'i' : (c)) #define ENCODE 1 #define DECODE 4 build_square() { char *key = Key, c; int i = 0; assert(key && *key); while (*key) { *key = tolower(*key); *key = jtoi(*key); if (isalpha(*key) && !index(Square, *key)) Square[i++] = (*key); ++key; } for (c = 'a'; c <= 'z'; ++c) { if (c == 'j' || index(Square, c)) continue; Square[i++] = c; } assert(i == 25); } /* read stdin, place processed data in buf */ prepare(buf, mode) char *buf; int mode; { int c, last = 0; /* last character */ char splitter = 'x'; /* separates repeated letters, 'x' or 'z' */ while ((c = getchar()) != EOF) { if (!isalpha(c)) continue; c = tolower(c); c = jtoi(c); if (c == last && mode == ENCODE) { *buf++ = splitter; splitter = (splitter == 'x') ? 'z' : 'x'; } last = c; *buf++ = c; } *buf = 0; } extern long random(); outchar(c, mode) char c; int mode; { if (c == 'i' && mode == ENCODE && (random() & 4)) c = 'j'; putchar(c); } transform(buf, ofs) char *buf; int ofs; /* 1 encodes, 4 decodes */ { int r1, c1, r2, c2; for (; *buf; buf += 2) { r1 = findrow(buf[0]); c1 = findcol(buf[0]); if (!buf[1]) { buf[2] = 0; buf[1] = 'a'+(random()%26); } r2 = findrow(buf[1]); c2 = findcol(buf[1]); if (r1 == r2) { outchar(pos(r1, (c1 + ofs) % 5), ofs); outchar(pos(r2, (c2 + ofs) % 5), ofs); } else if (c1 == c2) { outchar(pos((r1 + ofs) % 5, c1), ofs); outchar(pos((r2 + ofs) % 5, c2), ofs); } else { outchar(pos(r1, c2), ofs); outchar(pos(r2, c1), ofs); } } putchar('\n'); } main(argn, argv) int argn; char **argv; { char buf[BUFSIZ]; char *cmd; int mode; srandom(getpid()); if (argn != 2) { fprintf(stderr, "Playfair en/decoder\nusage: %s keyword\n", argv[0]); exit(1); } Key = argv[1]; cmd = rindex(argv[0], '/'); cmd = (cmd) ? cmd + 1 : argv[0]; mode = (cmd[0] == 'u') ? DECODE : ENCODE; if (mode == DECODE) printf("NOTE: 'i' may be 'j', 'x' or 'z' may be extra.\n\n"); build_square(); prepare(buf, mode); transform(buf, mode); return (0); } /* Jonathan Stigelman, Stig@netcom.com, PGP public key by finger */ /* fingerprint = 32 DF B9 19 AE 28 D1 7A A3 9D 0B 1A 33 13 4D 7F */ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sat, 29 May 93 00:10:16 PDT To: cypherpunks@toad.com Subject: CIPHERS: Dolphin Encrypt public review In-Reply-To: <9305281746.AA11286@wixer> Message-ID: <9305290706.AA00052@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >The description was run by the cryptanalysts for their comment. I've never seen any names, nor any statements of their analysis. As far as I'm concerned this stands as hearsay. >The consensus was that the method was probably strong, or at least >not obviously weak, but that they had insufficient information to >judge properly. Insufficient information?? And this is all you have for review? Did they even see code, or just an English description of it? Look, if saying they didn't laugh at it is digging your own grave, saying they didn't even look at the full algorithm is acting as your own firing squad. >In-house testing has >been as rigorous as we can make it, but any outside cryptanalyst is >welcome to take a shot at it. Anything as significant as a new cipher needs to be publically examined before it can be trusted. The opportunity for such public examination is not sufficient, only the actual publication and subsequent responses qualify. Therefore, I have a challenge for you to submit your algorithm in full detail to the public scrutiny of the academic cryptographic community. You have unfortunately missed the deadline for papers for CRYPTO 93, but you can always submit a paper to the Journal of Cryptology. If the cipher is to be considered secure, it should be proof against the most sophisticated attacks known; currently this means that it should be proof against differential cryptanalysis. Until this kind of high-level review has been made, I openly and publically recommend that this cipher not be used. As far as a product goes, Dolphin Encrypt would be much more useful if its cipher were trusted. A rewrite to use triple DES would be straighforward and would greatly increase the trustworthiness of the product. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sat, 29 May 93 00:41:19 PDT To: cypherpunks@toad.com Subject: Trust, Amateur/Professional, use of PRNGs In-Reply-To: <9305280750.AA07434@wixer> Message-ID: <9305290737.AA03283@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Re: disclosure >If I were I wouldn't >be revealing the details of the encryption method and I wouldn't >be subjecting the software to critical examination. To my mind, selling the code for the encryption method does not count as revealing the details to a very wide audience. Were it freely available, I would say that you had satisfied that concern. Were it even available on a non-compete covenant basis and free of monetary charge I would be satisfied. Let me see if I can paraphrase. You'll sell me the code, so that I can evaluate it or have someone else do this. This evaluation is much more for your benefit than mine, because where I might use it for myself, this same information accrues much more to the value of the cipher itself, which is yours. Oh, please. Re: An inappropriate historical comparison >You omit to point out that Kahn also discusses the cryptosystem >invented in the late 18th Century by Thomas Jefferson. I'm not >aware that Jefferson was a "professional" cryptologist or that he >was "credentialed" in this field. The single salient difference that you ignore is fifty years of public and intensive research into cryptography, starting with Shannon. I have seen nothing other than vague claims of security and one statistic of flat byte distribution in the ciphertext (necessary and easy to achieve). I have seen very little awareness of any of this work. In particular, the most sophisticated analysis for ciphers to date has been differential cryptanalysis. I have not seen the results of any such examination of your cipher. To give you a clue as to how good this technique is, Biham and Shamir were able to break FEAL-4 with a few dozen chosen plaintexts, and FEAL-8 with somewhat more. Re: levels of expertise >This shows that your distinction between "professionals" (by >implication, the experts) and "amateurs" (by implication, the >self-deluding fools) is false. There is no such clear-cut >distinction. The state of cryptography two hundred years ago is not relevant to the current state of knowledge. Today there is much, much more to know about the subject, and there is a lot of relevant prior art. Should you claim that this prior art is not needful to know in order to design new ciphers, I will not imply that your are a self-deluding fool, I will explicitly declaim you as self-deluding fool. Re: arguments _ad authoritatem_ >Whether a cryptosystem is strong or not has to be >decided by an examination of the system itself, not on the basis of >whether its author has attended cryptology classes at M.I.T. But lacking both criteria, I have no belief at all that your cipher is secure. In fact, given the track record or the uncredentialled in the last twenty years, I have exactly the opposite opinion. Re: cryptanalysis >No doubt you've read >your Abraham Sinkov on "Mathematical Cryptanalysis" and other such >works, These and other such works are by no means the state of the art. If you've learned all your cryptography from these, it's time to do some more reading. >where the solving of simultaneous equations in several >(perhaps many) unknowns may yield a solution in some cases. One of the fundamentals of real cryptography is that exact solution techniques are much less powerful than statistical methods of the appropriate form. Techniques of adding in 'noise' prevent exact methods, but that is largely irrelevant. Every useful statistic will come through just as before, except that a larger data set is needed. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: markh@wimsey.bc.ca (Mark C. Henderson) Date: Sat, 29 May 93 12:32:25 PDT To: cypherpunks@toad.com Subject: lucas encryption beta available Message-ID: MIME-Version: 1.0 Content-Type: text/plain U.S. and Canadian cypherpunks: I have a very early BETA of a free program that uses LUC and triple DES available. (uses gmp-1.3, only runs on Unix-like systems) I'm making it available in the hope that people will grab it, look it over and send comments, criticisms &c. anon ftp to netcom.netcom.com cd /pub/henderso get lucas-0.3.4.tar.z (gzip format) it binary mode. If you need gmp, you can also find it in the same directory. Please don't export this outside of the U.S. and Canada. -- Mark Henderson markh@wimsey.bc.ca (personal account) RIPEM key available by key server/finger/E-mail MD5OfPublicKey: F1F5F0C3984CBEAF3889ADAFA2437433 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jas@netcom.com Date: Sat, 29 May 93 13:50:00 PDT To: cypherpunks@toad.com Subject: HDTV Markey hearings! Message-ID: <9305292128.AA10251@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Hi, I don't think this subject is relevant to this list, but I was flipping through the channels today and caught the last few minutes of the Markey Hearings on HDTV and digital broadcasting on C-Span. I wonder if anybody caught this and could e-mail me about it or posting it on this list. (The outcome of it). -jas. Does anybody know if it was broadcated on internet radio or the mbone?. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jim McCoy Date: Sat, 29 May 93 17:02:37 PDT To: arkuat@joes.garage.com (Eric Watt Forste) Subject: Re: crypto product list In-Reply-To: <199305281748.AA09808@joes.GARAGE.COM> Message-ID: <199305300039.AA04087@tigger.cc.utexas.edu> MIME-Version: 1.0 Content-Type: text > From: Eric Watt Forste > > > I'd like to put together a list of all commercially available encryption > products [...] Source #1 : Information Systems Security Products and Services Catalogue Printed by the Government Printing Office (GPO) For subscription information call (202) 783-3238 or mail to: Superintendant of Documents U.S. Government Printing Office Washington, DC 20402 This is a catalogue of NSA-tested security products for govt agencies and contractors. Think what you like of the organization compiling the info, but this is the "real-world" security stuff people; this covers just about everything from secure satellite uplinks and tempest equipment to encrypting modems. Some of it is not available to the public, but vendor contact numbers are provided, so with a little hunting you might be able to find a nice list of the "high-end" of the spectrum. Source #2 : InfoSecurity Product News. The trade rag of this business. Can't remember the subscription info, but this seems to be where the MIS types shop... jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "George A. Gleason" Date: Sun, 30 May 93 00:36:13 PDT To: cypherpunks@toad.com Subject: >>>>>'s Message-ID: <199305300814.AA05423@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Maybe I'm the only one around here who feels this way, but when I see a posting which begins with a whole bunch of inanely long quotes from previous postings, often going so far as to have whole nests of stacked >>>> symbols in front, I just go, *splat* and ctrl-C, and on to the next. Like, if we're reading this stuff regularly, we've got enough of a sense of the flow to be able to recognise someone's position from an abridged or abbreviated quote. For example, "Dolphin-crypt... an unexamined system (by analysts outside the community)..." does as well to convey the meaning involved, as posting a huge nest of paragraphs quoted entire. So in summary, what d' y'all think of trying to cut down on the swarms of >>>>>>>>>>> lengthy full-paragraph quotes and replace them with something a bit more compact, eh...? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Michael Edward Marotta Date: Sun, 30 May 93 06:32:00 PDT To: cypherpunks@toad.com Subject: An inquiring mind wants to know Message-ID: <199305301409.AA11995@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain (This is for an article in the 1994 Loompanics catalog.) You are familiar with PGP and RIPEM, right?. Jim Bidzos told me about RIPEM when I asked him about PGP. (I wasn't too interested in his relationship -- or lack of one -- with Phil Z. I was more interested in RSA and the Feds.) So, since Mark Riordan was in my back yard, I called him and got a good interview and also his mailer. I got it on a unix system I have an account on and he sent me an MS-DOS version. I also talked with Phil Zimmermann. In fact, I talked to him first. I got PGP from a BBS operator I know via libernet@dartmouth.edu and I have played with it. I've also tried RIPEM. I don't know about you guys, but I find PGP much easier to use. RIPEM has all the hallmarks of unix wizardry. It is poorly documented. The interface is difficult. It grew in ways the designer never contemplated. And I haven't even RUN anything yet... Mark told me that it was primarily a MAILER. OK, I can accept that. But I just don't see it catching on. PGP, on the other hand, shows all the evidences of shareware. It's hard to comment on the obvious. So, I assume that I am in the normal range for a netrunner. I typically log in to fidonet bbses from home. I have a PC clone. I have had accounts on CompuServe, Prodigy and Delphi. I have a couple of email addresses. I can't see myself using RIPEM. I can indeed see myself using PGP. Here are my questions: How do you relate to the above? Do you see "everyone" on the Net happy as clams with privacy- enhanced mailers? Do you expect more people to find out about and rely on PGP? Do you see something else working here that I haven't perceived? Thank you for your time and consideration. Mike Marotta From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: kelly@netcom.com (Kelly Goen) Date: Sun, 30 May 93 11:16:56 PDT To: cypherpunks@toad.com Subject: FWEE: alt.whistleblower possibles Message-ID: <9305301855.AA07356@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Path: netcom.com!netcomsv!decwrl!uunet!digex.com!digex.net!not-for-mail I found this in alt.conspiracy and thought I would forward it to the list.... it looks like we may want to talk to these folks cheers kelly >From: j_wilson@access.digex.net (john m. wilson) >Newsgroups: alt.conspiracy >Subject: TO SYSOP OF ALT.CONSPIRACY >Date: 15 May 1993 22:09:26 -0400 >Organization: Express Access Online Communications, Greenbelt, MD USA >Lines: 26 >Message-ID: <1t47om$el6@access.digex.net> >NNTP-Posting-Host: access.digex.net >Keywords: SYSOP ALT.CONSPIRACY QUESTION > >I am in contact with the Association of National Security Alumni, >a group of ex-security officers and associated professionals. > >They would like to find a place to post electronic copies of >"UNCLASSIFIED" a periodical devoted to government actions of >an unquestionable nature. > >Also I was asked to post a copy of Julianne McKinneys "Microwave >Harrassment & Mind-Control Experimentation" where it would be >available to interested parties. > >I would like to post the previously mentioned document in this >forum when it is delivered to me in electronic form. > >Also I would like to find an FTP site or sympathetic news group >who would keep the copies of "UNCLASSIFIED" online. > >This message is directed to the moderator of alt.conspiracy but >obviously I will entertain any useful response. > >Also I do not condone or endorse any of the veiws stated in the >previously listed documents. > > -John Wilson > The Silicon Service > From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: kelly@netcom.com (Kelly Goen) Date: Sun, 30 May 93 11:16:57 PDT To: cypherpunks@toad.com Subject: (fwd) Re: TO SYSOP OF ALT.CONSPIRACY Message-ID: <9305301855.AA07361@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Path: netcom.com!netcomsv!decwrl!concert!news-feed-1.peachnet.edu!darwin.sura.net!howland.reston.ans.net!noc.near.net!nic.umass.edu!twain.ucs.umass.edu!not-for-mail From: eggo@twain.ucs.umass.edu (Round Waffle) Newsgroups: alt.conspiracy Subject: Re: TO SYSOP OF ALT.CONSPIRACY Date: 17 May 1993 14:05:14 -0400 Organization: The Durex Blender Corporation Lines: 15 Message-ID: <1t8k4qINNa35@twain.ucs.umass.edu> References: <1t47om$el6@access.digex.net> NNTP-Posting-Host: twain.ucs.umass.edu Keywords: SYSOP ALT.CONSPIRACY QUESTION In article <1t47om$el6@access.digex.net> j_wilson@access.digex.net (john m. wilson) writes: > [material deleted] >This message is directed to the moderator of alt.conspiracy but >obviously I will entertain any useful response. > [material deleted] Well, alt.conspiracy has no moderator. Post away. -- +- eggo@titan.ucs.umass.edu --><-- Eat Some Paste -+ +- Yorn desh born, der ritt de gitt der gue, -+ +- Orn desh, dee born desh, de umn bork! bork! bork! -+ +----------------- The Durex Blender Corporation -----------------+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Sandy <72114.1712@CompuServe.COM> Date: Sun, 30 May 93 09:39:23 PDT To: Subject: >>>>>s Message-ID: <930530171111_72114.1712_FHF43-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain _________________________________________________________________ SANDY SANDFORT ssandfort@attmail.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ George A. Gleason wrote: " . . . So in summary, what d' y'all think of trying to cut down on the swarms of >>>>>>>>>>> lengthy full-paragraph quotes and replace them with something a bit more compact, eh...?" Like that, George? You know folks, George is right. It isn't necessary, however, to re-invent the wheel. Literary conventions for text presentation have existed for decades--if not centuries. "NetSpeak" can be oh so clever, but often, it's not very conducive to communication. Almost everyone on this list took English in school (-especially- those NOT educated in the US). If you don't remember your English grammar, spelling or style; buy some books. (Or as we say in NetSpeak, "RTFM"!) RELATED GRIPE: For all the excessive IQ on this list, I see lots of poor reading skills. As an example, I don't know how many of you have sent responses to me at my CompuServe address, even though I clearly request otherwise at the end of every one of my posts. (Didn't you get that far?) Often, I see responses to posts that focus on what the reader -thought- was said, rather than what was -actually- said. Before you go shooting from the hip, be sure you are responding to more than just some emotionally loaded key words. Also, I'm sure not all of you read -your own- posts before you launch them into Cyberspace. S a n d y P.S. Some of you may think this is not a relevant topic for Cypherpunks. If so, I suggest you think again. I leave the proof of relevance as an exercise for the student. >>>>>> Please address e-mail to: ssandfort@attmail.com <<<<<< _________________________________________________________________ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Sun, 30 May 93 15:04:41 PDT To: cypherpunks@toad.com Subject: [daemon@ATHENA.MIT.EDU : National Security Telecommunications 5.27.93] Message-ID: <9305302242.AA20145@bill-the-cat.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain Subject: National Security Telecommunications 5.27.93 Errors-To: Mail-Server@campaign92.org Reply-To: Clinton-Info@campaign92.org Date: Fri, 28 May 1993 09:59-0400 From: The White House <75300.3115@compuserve.com> To: Clinton-News-Distribution@campaign92.org E X E C U T I V E O F F I C E O F T H E P R E S I D E N T 27-May-1993 07:03pm TO: Jeffrey L. Eller TO: Jonathan P. Gill FROM: David Seldin Office of the Press Secretary SUBJECT: NATIONAL SECURITY TELECOMMUNICATIONS ADVISORY COMMISSION THE WHITE HOUSE Office of the Press Secretary For Immediate Release May 26, 1993 PRESIDENT APPOINTS AUGUSTINE TO CHAIR ADVISORY PANEL (Washington, DC) The President announced today that he has appointed Norman R. Augustine as Chair and William T. Esrey as Vice Chair of the President's National Security Telecommunications Advisory Committee (NSTAC). Augustine is Chairman and Chief Executive Officer of Martin Marietta Corporation and has previously served as Vice Chair of NSTAC. Esry is Chairman and Chief Executive Officer of Sprint Corporation. Also named to the NSTAC today were Joseph T. Gorman, the Chairman and CEO of TRW Inc., and Albert F. Zettlemoyer, the President of Paramax Systems Corporation and a Senior Vice President of Unisys Corporation. The President's National Security Telecommunications Advisory Committee is a Federal Advisory Committee designed to provide information and advice to the President regarding telecommunications planning. It is composed of up to 30 telecommunications industry executives. # # # --[0113]-- ------- End forwarded transaction ------- End of Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Thomas W. Strong, Jr." Date: Sun, 30 May 93 17:32:36 PDT To: cypherpunks@toad.com Subject: An editorial comment from comp.risks Message-ID: MIME-Version: 1.0 Content-Type: text/plain In an article about the absurdity of ITAR legislation, Peter Neuman (the moderator) added this comment at the bottom. > [Incidentally, at last week's IEEE Symposium on Research in Security > and Privacy, a rump group decided that because crypto falls under > munitions controls, the right to bear arms must sanction private uses of > cryptography! PGN] Does anyone here have any more information about this? Particularly whether or not it can be backed up? ----------------------------------------------------------------- Tom Strong N3NBB ts49+@andrew.cmu.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Sun, 30 May 93 19:10:07 PDT To: cypherpunks@toad.com Subject: Washington Post article on Clipper/Capstone/Skipjack & Privacy Message-ID: <976D5B1w165w@sytex.com> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- The Washington Post Sunday, May 30, 1993 Pages H1, H4 Business section CHIPPING AWAY AT PRIVACY? Encryption Device Widens Debate Over Rights of U.S. to Eavesdrop by John Mintz and John Schwartz Washington Post Staff Writers The two men were well-dressed, Bill Frezza recalls. They walked into his New Jersey office a few days after his company, Ericsson-G.E. Mobile Data, Inc., announced the introduction of a portable device for sending and receiving electronic messages. The two asked knowledgeable questions about whether the product incorporated "encryption" technology, which scrambles signals to frustrate eavesdroppers. They wanted to buy some of the expensive, high-tech devices. With cash. "They were not tekkies," concluded Frezza, the firm's marketing chief. By the time they left (empty-handed, since there were no devices to sell yet), Frezza had decided they were drug dealers. The New Jersey incident illustrates why law enforcement and intelligence agencies are working so hard to keep a finger on new communications technologies emerging around the world. They fear these advances will give criminals and terrorists a new advantage - -- by making it all but impossible for authorities to tap their telephones and computer lines. The problem, say the feds, is that the bad guys are always the first to get the hot new toys -- whether they are fast cigarette boats, automatic weapons or computerized gadgets that ensure privacy. So the authorities -- over sharp protests from civil libertarians -- are continually looking for ways to defeat encryption technologies and continue monitoring communications. This conflict, simmering for years, came to a boil on April 16, when the White House announced it was imposing a new scheme for encrypting voice and data communications. The system, which employs a scrambler device dubbed the "Clipper Chip," leaves a deciphering "key" in the federal government's pocket. Whitfield Diffie, a pioneering cryptographer at Sun Microsystems Inc., compares Clipper to "the little keyhole in the back of the combination locks used on the lockers of schoolchildren. The children open the locks with the combinations, which is supposed to keep other children out, but the teachers can always look in the lockers by using the key." The government will stock up on phones and computers equipped with Clipper, and many companies that do business with the government will need to buy the same gear. The administration also hopes Clipper will catch on across the business landscape. Meanwhile, federal officials have been drawing up legislation to require telecommunications companies to grant law enforcement special access to U.S. communications networks. "We feel we need these tools to do our job," said James K. Kallstrom, the FBI's chief of investigative technology. Kallstrom said if the FBI can't get industry to make the changes, disaster could occur. "I don't have a lot of dead bodies laying around here or dead children from an airplane explosion that we haven't been able to solve -- yet." For Jim Bidzos, president of a California-based encryption firm called RSA Data Security Inc., the controversy "comes down to one simple question: Do you have the right to keep a phone call or a computer transmission private? The government says no." David Sobel, an attorney with Computer Professionals for Social Responsibility, an advocacy group for high-tech industries, said the fight over Clinton's Clipper chip is the opening shot in "the battle for the future direction of the nation's data highways." Spooking the 'New Agers' The Clinton White House's decision to cast its lot with the FBI and the super-secret National Security Agency (NSA) has its ironies. The young computer wizards who manage the information industry helped elect Clinton, and they share with him a dream of a 21st-century telecommunications revolution. But many of the industry's "new agers," as one White House official calls them, think Clinton is selling out to spooks and spies. The FBI and NSA had won support in the Bush administration for Clipper, first proposed several years ago. Then within weeks of the Democrats' move into the White House, top law enforcement and national security officials won over the Clinton team. One White House official said they were "taken with the aura of making national security decisions inside the White House.... You see the stakes differently." The FBI and state and local law enforcement officials told the incoming Clinton team that resolving this issue was one of their highest priorities, industry sources said. Mike Godwin, counsel for the Electronic Frontier Foundation, which is mobilizing the communications industry against Clipper, said that "like all liberals, Clinton has an interest in being seen as a good law-and-order guy." Clinton's National Security Council is now conducting a closed-door review of those subjects -- which the industry criticizes for being secret, and on Friday corporate critics will converge on the White House. Old Ways, New Days To understand the FBI's and NSA's concern about the new information age, it helps to recall the state of communications a quarter-century ago. In the 1950s and 1960s, there was only one phone company, AT&T, and it worked closely with the NSA and law enforcement, industry experts said. Similarly, the computer business was dominated by International Business Machines Corp. AT&T and IBM were huge, discreet and overtly patriotic bureaucracies -- proud members of the military-industrial complex. When the administration of President Gerald Ford filed an antitrust suit against AT&T in the 1970s, the Defense Department opposed it on national security grounds, since the firm was seen as key to the nation's mastery of the global communications system. When the antitrust suit succeeded in 1984 and a federal judge dismantled AT&T, the NSA was scared, government officials said. Instead of the one mighty AT&T, there are now seven regional "Baby Bell" companies and hundreds of new telecommunications players in the U.S. market, some foreign-owned. The computer business also has been balkanized, with some firms run by youngish rebels of the post-Vietnam War generation who sneer at authority. (The founders of Apple Computer Inc., started in business selling "blue boxes" -- machines that help users scam the phone company -- to students at the University of California at Berkeley.) The FBI and NSA are uncomfortable speaking about the nation's vital communications secrets with some of these newcomers, government officials said. Adding to law enforcement worries is the technology itself: Where the system was once just copper wires on poles, now it's a dizzying tangle of satellites, microwave towers, fiber-optic cables and cable TV systems, all linked up and bouncing signals around in cyberspace. "They feel this onslaught, being drowned by this technology revolution that's overrunning their capabilities," one White House source said of the NSA and FBI. "They're feeling very threatened.... They fear the horse is getting out of the barn." Dealing With Digits The government's response to the new world has been twofold: an attempt to make the nation's phone and communications networks more open to government taps, and a drive to limit the spread of data encryption. The biggest worry for law enforcement is the high-tech modernization of the nation's communications system, especially the "digitalization" of phone networks. This translates conversations and data into the "0"s and "1"s of computer talk. Anyone who has heard the squeal of a fax machine knows it doesn't sound like conversation. The FBI wants a guarantee that when a court approves a wiretap, it can gain access through special "ports" to conversations or data streams that can be retranslated from digital language. The FBI is "panicky," said one Baby Bell executive, over the increasing sophistication of the U.S. phone system. "They're sitting over there with their simple little pair of alligator clips" that were once used to tap phone lines. The FBI's Kallstrom offers an example of the limits imposed by changing technology: In the mid-1980s in New York City, because digital switches that control cellular phone networks were not designed with law enforcement in mind, investigators looking into drug dealers, mobsters, terrorists and all other miscreants had only five "ports," or entry points, from which to tap cellular phones. "For years, criminals had a free pass to engage in criminal activity there," he said. "It's a mini-version of what'll happen in the future." The FBI says it wants to maintain the status quo, meaning its ability to keep monitoring calls. "You want to maintain what?" said Nathan Myhrvold, a Microsoft Corp., vice president. "That's just such a crazy thing to say in the computer industry," where product cycles are measured in months. In March 1992, the FBI took the offensive in the battle to keep the taps open. That's when it surprised industry with a legislative proposal that would require telecommunications firms to guarantee law enforcement access to its new information networks. This "digital telephony" proposal was later withdrawn after a bitter outcry from communications and computer companies. The firms opposed, among other things, provisions that the Federal Communications Commission must draw up rules on this highly complex matter in secret and on a highly expedited schedule, and that the phone companies' customers finance the modifications through rate increases that could cost many billions of dollars. Federal officials have been drafting new legislation, sources said, but have been tight-lipped about its content. Encryption Anxieties On top of the surveillance problems posed by a digital network, law enforcement also is vexed by the rise of inexpensive encryption technologies, used in everything from personal computer messages to electronic commerce. Businesses that zip sensitive secrets across the globe need to guard against industrial espionage, and some encryption systems are virtually unbreakable -- not only by industrial pirates, but also by the NSA and FBI. The government hopes Clipper will replace chips providing unbreakable encryption for conversations. The NSA also is promoting a chip to encrypt data, called "Capstone." Both use a classified encryption algorithm, or formula, called "Skipjack." Using these technologies, government officials retain their own master keys, actually long strings of numbers, to decrypt messages. To assuage the fears of civil libertarians, the government will split each key in two -- like the two pieces of a treasure map torn down the middle -- and place the pieces with two government agencies. A police officer who gets a judge's approval for a wiretap must go to the two agencies to tap the line. Administration sources said that if the current plan doesn't enable the NSA and FBI to keep on top of the technology, then Clinton is prepared to introduce legislation to require use of its encryption technology, which is crackable by the NSA, and ban use of the uncrackable gear. "It's an option on the table," said a White House official. Stephen Bryen -- formerly a top trade security official in the Pentagon and now president of a small Silver Spring-based firm that develops encryption technology -- says that he realized recently that "I've got a competitor, and it's the U.S. government." He said it is almost unprecedented for government to compete directly with industry in this way. "It's hard to compete against taxpayer money," he said. "The playing field's not level." So far, Clipper's launch has been less than auspicious. A coalition of top computer and telecommunications firms and trade groups -- including IBM, Microsoft and about 25 others -- has sent letters to Clinton raising a list of 150 pointed questions about the decision. On Friday, an association of firms that make computers said that with Clipper, government officials may find it "difficult to resist" monitoring communications it shouldn't. It recommended the government slow deliberations on the question. Details about Clipper's technology are classified. Without knowing about it, Clipper's critics say they can't evaluate how secure it is -- the central issue for those wanting privacy. Dorothy Denning, a Georgetown University cryptography expert briefed on the chip by government officials, says Clipper strikes a balance between strong data security and restricted government access. "I was impressed," she said. In any case, many in industry say they doubt Clipper will gain favor in the market. Data security shoppers may avoid a product with a famous security hole installed by the government. Paul Jones, vice president for government marketing at a Virginia-based encryption firm called Guardata, said a security consultant for a big labor union recently told him, "Do you think I'm dumb enough to buy something endorsed by the NSA?" For the same reason, Clipper would be a hard sell overseas, where companies might fear U.S. intelligence agencies would spy on them. The federal government, said Bidzos of RSA Data Security, "is forcing a showdown we just can't win" overseas. Rep. Edward J. markey (D-Mass.), chairman of the House telecommunications subcommittee, fears the government may eventually ban encryption. "In a digitally linked world, where encryption is the key to privacy," he said, "banning encryption may be like banning privacy." Frezza of Ericsson GE said despite his personal reluctance to sell high-tech gear to criminals, the government's effort to limit encryption software is bought so easily. "The genie is already out of the bottle," he said. "We're all going to look back on this date in five years and laugh that anyone tried to control this technology." -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLAloa5RLcZSdHMBNAQGtcgQAjhCYLsOMh/SbxVHEJByUvdXXbMfuf30p l7JFINuhOOaqDx3c2azJMEPSHxFWG4q4yCQ3xOOlAQFMWKycGFR8ZU+hTH0M2ltc K4imn1G4v0hQ3BLauA4P4eOv7Zr4ehhDH6qq/zr6iAr3JTZiANvs9DujetQherb4 YHvOKsvu9Bs= =i5rB -----END PGP SIGNATURE----- Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp@sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "J. J. Larrea" Date: Sun, 30 May 93 20:56:02 PDT To: sea-list@Panix.Com Subject: Wash. Post reveals nasty surprise Message-ID: <199305310424.AA29607@sun.Panix.Com> MIME-Version: 1.0 Content-Type: text/plain Just received this snippet of an article in Sunday's Washington Post. The authors are being contacted to see if permission can be obtained to post the entire piece. > Full cite is Washington Post Business section, pages H1,H4, Sunday, May 30, > 1993. Byline is John Mintz and John Schwartz, Washington Post staff writers. > Near the end, it reads: > > "Administration sources said if the current plan doesn't enable the NSA and > FBI to keep on top of the technology, then Clinton is prepared to introduce > legislation to require use of its encryption technology, which is crackable > by the NSA, and to ban use of the uncrackable gear. > 'It's an option on the table,' said a White House official." Very scary stuff... clearly a strong reaction to the Clipper announcement was *far* from overreaction. - JJ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@pmantis.berkeley.edu Date: Mon, 31 May 93 09:20:21 PDT To: cypherpunks@toad.com Subject: No Subject Message-ID: <9305311700.AA04897@pmantis.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain LOOKING FOR: MS-DOS utilities for cryptanalysis. WHY ON EARTH WOULD I WANT SUCH A THING? I'm analyzing a piece of encryption shareware advertised on comp.archives.msdos.announce. The author proudly claims that: "The algorithm used was developped independently of any literature on the subject of data encryption. The author hasn't read any texts on this subject and any ressemblance that may or may not exist between this algorithm and any previous algorithms is purely coincidental." He charges $15.00 for it too... One of those "secret algorithm" deals... PARTICULAR TOOLS I'D USEFUL... - A binary file editor/composer with hex and ascii displays - A tool for generating and viewing letter frequencies, digram/ trigram frequencies I've been able to get by with stuff I have lying around and quick programs I written as needed. But it sure would be nice if there were some slick utilities made for the job! I looked on soda in pub/cypherpunks/cryptanalysis and found nothing useful. If anyone has anything like this, please, *please* upload it to soda... Thanx... -the Cire From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Mon, 31 May 93 07:39:38 PDT To: CYPHERPUNKS Subject: Clipper harmful to CPs? Message-ID: <930531151140_74076.1041_FHD60-4@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Headline: "Clipper Considered Harmful" ...so what else is new, huh? But I was thinking specifically of Cypherpunks. Reading the article about the group in the Whole Earth Review, an article written before the advent of the Clipper proposal, reminded me of all the things we were working on before the Clipper forced them onto the back burner. Anonymous mail, anonymous posting, steganography, digital cash, whistle- blowers, encryption itself - all the ingredients of Tim's "crypto anarchy" - in many of these areas it seemed we had a certain amount of momentum which has been lost. If "Cypherpunks write code", how much code has been written lately? Now it seems like our motto is changing to "Cypherpunks write letters", to their congressmen. Things are not all black; Miron Cuperman has recently released his encrypted talk program based on PGP technology, and Kevin Brown's postings on stega- nography had some interesting ideas, although they need some development before anything could be coded. But for the most part progress in our previous areas of attention has been slowed if not halted. This can only be welcome to the forces which created the Clipper. Even if the chip fails, they have at least succeeded in distracting the underground crypto community, dividing it to some extent (to PGP or not to PGP?), and delaying the prospect of having to deal with a fully functioning infrastructure for true anonymity and privacy. I know Clipper is an important threat, and I know that many in the Cypherpunks community have helped lead the battle against the chip. But I am encouraged by the widespread opposition to the proposal among technically sophisticated people - not just on the net, but in the trade press as well. The right groups (EFF, CPSR, etc.) are asking the right questions, and Rep. Markey is turning up the heat in Washington. The battle is not yet won, but there is only a limited amount of leverage available in the political process. Our main skills are technical, not political. I contend that our efforts are better spent putting the technology into people's hands, per the group's original charter. We should be working to create new tools which will increase the average computer user's access to strong privacy. We should be pushing the envelope of what is possible today, exploring and experimenting with implementations of these new ideas. I claim that our best response to the threat posed by Clipper is a hearty "screw you" and a rededication to the Cypherpunks goals. Let the powers that be know that we are not intimidated or cowed by their threats. We must continue to oppose Clipper, but at the same time we must make progress on the crypto privacy front. Otherwise our opponents are winning, regardless of the eventual political outcome. Hal Finney 74076.1041@compuserve.com -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLAnyqagTA69YIUw3AQFmpQQAprR81Th1dS8iOr6XnfGF7bCdaLTghKGB y5d16EZwqshZVJjGInR8HIcxviPOYdFggCZXSKOq8PVwIoqQK6L15h/5lbsScPpy mRgLa4gh/jxFloe6Uj28gpoHAjyAPF1CIiAJ260aqsl/vFfsSb7DmPhl9qJ2bghl XKR4UeeA2nE= =sXHm -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Mon, 31 May 93 13:22:01 PDT To: cypherpunks@toad.com Subject: Clipperpunks Write Code? In-Reply-To: <9305311901.AA28803@relay2.UU.NET> Message-ID: <9305312100.AA22836@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain (I've taken the liberty of renaming Hal Finney's thread, mainly since I wasn't sure _what_ it was named...it arrived via the -request list and was missing some headers....) Hal Finney writes: > Headline: "Clipper Considered Harmful" > > ...so what else is new, huh? > > But I was thinking specifically of Cypherpunks. Reading the article > about the group in the Whole Earth Review, an article written before > the advent of the Clipper proposal, reminded me of all the things we > were working on before the Clipper forced them onto the back burner. > > Anonymous mail, anonymous posting, steganography, digital cash, whistle- > blowers, encryption itself - all the ingredients of Tim's "crypto anarchy" - > in many of these areas it seemed we had a certain amount of momentum which > has been lost. If "Cypherpunks write code", how much code has been written > lately? Now it seems like our motto is changing to "Cypherpunks write > letters", to their congressmen. ...stuff elided to save space.... > I claim that our best response to the threat posed by Clipper is a hearty > "screw you" and a rededication to the Cypherpunks goals. Let the powers that > be know that we are not intimidated or cowed by their threats. We must > continue to oppose Clipper, but at the same time we must make progress on > the crypto privacy front. Otherwise our opponents are winning, regardless of > the eventual political outcome. I think Hal is right, though the Clipper controversy has generated a lot of new interest in crypto issues and perhaps even in this list. My guess would be that many of today's readers are on this list now because of the rude awakening Clipper gave them. Having said this, I agree that our real strength lies in technical areas (I'm referring to folks like Hal, Eric Hughes, Miron Cuperman, all the others who're writing C and Perl code, and all those running remailers and the like). The anti-Clipper work is related, but probably isn't the core...fortunately, I doubt there's any conflict, as people will work on what interests them, so the Clipper stuff probably isn't affecting work on other core issues. Maybe at the next Cypherpunks physical meeting we can get some idea of what others are doing? For example, perhaps Hal Finney could communicate by phone for a few minutes? (We did this with the Boston and D.C. Cypherpunks at the emergency Clipper meeting and it worked well.) Others could also call in, or vice versa. Things like digital money will require a lot of effort, probably two or three times what PGP took (just a guess). Wide deployment is even more problematic. These are "social" issues, not just technical issues, of course, so progress is hard to predict. It may take a while. -Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@rosebud.ee.uh.edu Date: Mon, 31 May 93 12:19:16 PDT To: cypherpunks@toad.com Subject: PGP vs. RIPEM Message-ID: <9305311919.AA06505@toad.com> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- ( >>>>>>'s inserted for the benefit of George Gleason ;-) From: Michael Edward Marotta >>>>>> (This is for an article in the 1994 Loompanics catalog.) That's great that Loompanics is covering encryption. >>>>>> I don't know about you guys, but I find PGP much easier to use. >>>>>> RIPEM has all the hallmarks of unix wizardry. It is poorly >>>>>> documented. The interface is difficult. It grew in ways the >>>>>> designer never contemplated. And I haven't even RUN anything >>>>>> yet... Mark told me that it was primarily a MAILER. OK, I can >>>>>> accept that. But I just don't see it catching on. PGP, on the >>>>>> other hand, shows all the evidences of shareware. It's hard to >>>>>> comment on the obvious. I think the existance of two programs is good, helping to promote some rivalry and a certain amount of borrowing of good ideas from each other. PGP now has a contrib directory with information and scripts to help integrate it into mailers, an area which RIPEM has focussed on from the beginning. >>>>>> So, I assume that I am in the normal range for a netrunner. I >>>>>> typically log in to fidonet bbses from home. I have a PC clone. >>>>>> I have had accounts on CompuServe, Prodigy and Delphi. I have a >>>>>> couple of email addresses. I can't see myself using RIPEM. I >>>>>> can indeed see myself using PGP. PGP was originally developed on a PC and then ported to Unix, while for RIPEM it was the other way around, I believe. The workings of RIPEM are more Unix-ish while PGP is more DOS-ish. Which program seems more natural may depend on your background. The user community is more diverse than most people realize. You sound like you have somewhat more of a PC orientation than many people on the net. Most of the people I run into have the opposite problem - they think everything is Unix and that the PC is just some little corner of the world which isn't really relevant. They think that Usenet and Unix workstations are the de facto target environment for any communications utility. Actually, I think your experience is more relevant - PC's at home, hooking up to BBS's, Fidonet, and the commercial services for communications; also, people using PC's at home and dialing into Unix boxes at school or work. Another big area is people using networked PC's at work, although since we are mostly talking about freeware packages here we haven't paid much attention to that. Especially with encryption, which generally can't run securely on multi- user workstations, it makes more sense to think of PC's as the target platform. Some people are starting to have single-user systems which can run Unix, and this may increase with time, but for now DOS is where the emphasis should be. Many of the PC magazines predict that Unix is dead in that market and that Windows is the platform of choice in the future, so that is where we should be aiming, IMO. As Phil Zimmermann says, "skate to where the puck will be." I didn't really mean to open up the standard OS wars here, but it's important to realize that encryption has unique requirements for secrecy and security which may affect the DOS vs Unix debate. (And yes, I know I'm leaving out Macs, Amigas, Ataris, and who knows what else.) >>>>>> Here are my questions: >>>>>> How do you relate to the above? >>>>>> Do you see "everyone" on the Net happy as clams with privacy- >>>>>> enhanced mailers? >>>>>> Do you expect more people to find out about and rely on PGP? >>>>>> Do you see something else working here that I haven't perceived? The big problem, as Eric Hughes has frequently mentioned here, is the need to integrate encryption with mailing. I think what is really needed is some way of dealing with people who read mail on their PC while using some kind of terminal program or similar package to connect to a BBS, commercial service, or Unix box. The problem is that there are so many different programs in use and people probably won't be willing to switch just to get encryption. A lot of programs have fancy features including scripting, macro keys, etc., and switching requires learning new ways of doing all your old stuff. Hal Finney 74076.1041@compuserve.com -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLAi+1agTA69YIUw3AQGPLgQAlyIQOjmSo/Aq+aAUcTClfSVKXKMJiWk1 rYJ5qWiUYhkyyxRzTcLLUcGHg7kMlBwX1Xm8ptdq+/9FRUPXC8zGQjfD+Fn5AoHU FjItmAk6t4JEDRiaYTQAhVlJZnt3LHmnvMADxwCm36He6svjQTWDDXyob0giWw9s 2bQbGLGZG9Y= =yYIN -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: poier@sfu.ca (Skye Merlin Poier) Date: Mon, 31 May 93 15:06:43 PDT To: cypherpunks@toad.com Subject: Crypto anarchy in a VW? (not the bug) Message-ID: <9305312244.AA20903@malibu.sfu.ca> MIME-Version: 1.0 Content-Type: text/plain Has there been any discussion of anonimity / crypto anarchy in a virtual world such as the ones described in _Snow Crash_ or _Neuromancer_? When the nets to support these technologies come into place (and I have no doubt that they will), perhaps a form of anonimity could be written into the architechture, instead of having to add it on later as is the case now.... I would certainly be very interesting, especially with the work being done on creating alternate personas (or avatars, whatever). Also, a while back someone mentioned in passing buried cables.. this stirred up an old idea I had about server anonimity, that is that the actual physical location of a server would be very difficult to pin down... the only way to do this with any real degree of security would be to bounce signals off a satellite but this would be rather costly... Skye -- -----====> Skye Merlin Poier <====----- Undergrad in CMPT/MATH (Virtual Reality) |||| |||| email: poier@sfu.ca p-OO <--> OO-q THINK PGP Public Key available on finger \== ==/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: bakunin@gnu.ai.mit.edu Date: Mon, 31 May 93 13:21:27 PDT To: cypherpunks@toad.com Subject: divers Message-ID: <9305312059.AA24756@spiff.gnu.ai.mit.edu> MIME-Version: 1.0 Content-Type: text/plain In re: > wars chill out. I, too, think people overquote, but I also don't feel compelled to tell them how to post. Let your conscience guide. In re: my gripe overLONG posts. Wilde once wrote a friend words to the effect that '..I do not have time to write you a short letter.' Take the time to be concise. In re: PGP/RIPEM PC/Unix Well, gee. I prefer PGP for my encryption, but unix otherwise. What am I, weird? In re: 2d amendment & encryption Love the idea. I fear the 2d amendment is far too compromised. If gun control coexists with ol' #2, so can encryption control. concisely, michael From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jim McCoy Date: Mon, 31 May 93 15:51:53 PDT To: poier@sfu.ca (Skye Merlin Poier) Subject: Re: Crypto anarchy in a VW? (not the bug) In-Reply-To: <9305312244.AA20903@malibu.sfu.ca> Message-ID: <199305312329.AA10472@ccwf.cc.utexas.edu> MIME-Version: 1.0 Content-Type: text Skye Merlin Poier writes: [...] > Also, a while back someone mentioned in passing buried cables.. this > stirred up an old idea I had about server anonimity, that is that the > actual physical location of a server would be very difficult to pin > down... the only way to do this with any real degree of security would be > to bounce signals off a satellite but this would be rather costly... Try this idea out: several machines agree to "host" a server. Each machine runs a virtual-server process that communicates with the other virtual-server programs. These programs then combine to run the actual server (a sort of shared virtual multi-processor). The server itself _has no physical existence_ and could operate as long as only one of the hosts is able to spare it some CPU and memory slices. The "server" would basically consist of it's instruction packets being bounced around the net. Secure crypto communication between the "processors" with some reflectors scattered around the net to provide easy access points for those wanting to use the services and you have a service that doesn;t really exist, at least not as far as current legal definitions go... :) jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Al Billings Date: Mon, 31 May 93 20:23:47 PDT To: cypherpunks@toad.com Subject: Re: your mail In-Reply-To: <9305311902.AA28956@relay2.UU.NET> Message-ID: MIME-Version: 1.0 Content-Type: text/plain The FCC modem-thing is a rumor that appears about every six months. The original case was years ago and has not been on the books since. Ignore it. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: root@extropia.wimsey.com (Anonymous) Date: Mon, 31 May 93 22:09:02 PDT To: cypherpunks@toad.com Subject: No Subject Message-ID: <199306010527.AA00963@xtropia> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- As shown in Karl Barrus's very useful monthly postings, several people are running remailers that include encryption. This gives users the ability to send messages for which the destination is not visible even to someone monitoring their outgoing messages. By chaining through two or more remailers, no one site can see the mapping between source and destination. There is a big potential security weakness with most of these systems that people should be aware of. In order to run the decryption program (currently PGP) automatically, the pass phrase must be provided for the remailer's secret key. This means that the pass phrase has to exist, in the clear, in the scripts which implement the remailer. Anyone who has root privileges on the machine which is running the remailer therefore can get access both to the remailer's secret key file, and to the pass phrase that unlocks it. Even momentary acquisition of this power is enough to capture the secret key. Unfortunately, many of the encrypted remailers are running on multi-user systems over which we have only limited control. I believe that Miron's "Extropia" remailer is running on his personal system, so he should be relatively immune to this attack. But I think the others are all vulnerable. People should be aware of this when using the remailers. (This limitation is one reason I made my remailer keys only 512 bits; I felt there was little point in going to 1024 bits since the security of the remailer key can be broken so easily.) Until more of us are able to acquire personal Unix boxes it might be wise to include the Extropia remailer as part of a remailing chain for messages whose security we care about. Perhaps Karl could add a notation in his remailer lists about which machines are public and which are private. Hal -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLAqxy6gTA69YIUw3AQG8TgP/eZNHVKw39VQWFK9reR9dFu36yIZtQQ/f wDKfvAPgkzCHxTIv3xrATCpVXd5CCbhWFLgi0/HSD2CV8uwVp5HOenjYnUu0AAZR kV2JYNJ2F2pAajnYnI5hkvDvnm9SUOC4JtNM7lLlNeJVf5hXsMw1YYkEDQfDPafr Yjs8AFodQUw= =5V+X -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peter honeyman Date: Mon, 31 May 93 19:40:24 PDT To: bakunin@gnu.ai.mit.edu Subject: Re: divers In-Reply-To: <9305312059.AA24756@spiff.gnu.ai.mit.edu> Message-ID: <9306010240.AA14354@toad.com> MIME-Version: 1.0 Content-Type: text/plain > overLONG posts. Wilde once wrote a friend words to the effect that > '..I do not have time to write you a short letter.' Take the time > to be concise. yo, je n'ai fait celle-ci plus longue parceque je n'ai pas eu le loisir de la faire plus courte, blaise pascal. wilde, ptui. peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peter honeyman Date: Mon, 31 May 93 20:10:26 PDT To: tcmay@netcom.com (Timothy C. May) Subject: Re: Clipperpunks Write Code? In-Reply-To: <9305312100.AA22836@netcom3.netcom.com> Message-ID: <9306010310.AA14901@toad.com> MIME-Version: 1.0 Content-Type: text/plain > If "Cypherpunks write code", how much code has been written > lately? this is not a major hack, but a fun one. i've never been big on the details of pgp's trust model, with "trusted", "sort of trusted", etc. the keys i trust most are those i have signed. by extension, what i want to know is the "signature distance" of a given key. so here's my hack, a shell script that uses pgp and pathalias to compute signature distance. here's a sample: reno:; ./pgpwho hughes@soda honey peter honeyman Phil Karn Tom Jennings Eric Hughes actually, it's much more verbose than that, but that will change. so far, i find the script useful. here it is. peter =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= #!/bin/sh # usage: pgpwho [ who [ me ] ] # @(#)pgpwho 1.1 93/05/31 # public domain. send comments to honey@citi.umich.edu. case $# in 0) argwho= arglocal=;; 1) argwho=$1 arglocal=;; 2) arglocal=$2 if [ "$1" != "-" ]; then argwho=$1 else argwho= fi;; *) echo usage: pgpwho [ who [ me ] ] exit 1;; esac find kvv pain reach -size 0 -exec rm -f '{}' ';' >/dev/null 2>&1 if [ ! -r kvv ]; then kvv= else kvv=`find kvv -newer $PGPPATH/pubring.pgp -print` fi case "$kvv" in kvv) echo "kvv is up to date";; *) echo "dumping keys (pgp -kvv) ..." pgp -kvv > kvv;; esac if [ ! -r pain ]; then pain= else pain=`find pain -newer kvv -print` fi case "$pain" in pain) echo "pain is up to date";; *) echo "massaging kvv into pain (pathalias input) ..." cat kvv | awk ' $1 == "pub" { num = split($2, bitskeyid, "/"); if (num != 2) { print "???", $0 next; } nkeys++; keyid = bitskeyid[2] user = ""; for (j = 4; j <= NF; j++) user = user " " $j userid[keyid] = user; } $1 == "sig" { if ($2 != keyid) print $2, keyid, "(1)" } END { for (i in userid) print "#", i, userid[i]; } ' > pain;; esac while :; do if [ -z "$arglocal" ]; then echo -n "what is your pgp id? " read arglocal fi grep -i "^pub.*$arglocal" kvv | tee tmp case `wc -l < tmp|sed 's/ //g'` in 0) echo $arglocal not found, try again;; 1) break;; *) echo too many matches for id $arglocal, please narrow it down;; esac arglocal= done local=`awk '{print $2}' tmp | sed 's/.*\///'` while :; do if [ -z "$argwho" ]; then echo -n "who? " read argwho fi grep -i "^pub.*$argwho" kvv | tee tmp case `wc -l < tmp|sed 's/ //g'` in 0) echo $argwho not found, try again;; 1) break;; *) echo too many matches for $argwho, please narrow it down;; esac argwho= done who=`grep "^pub" tmp | awk '{print $2}' | sed 's/.*\///'` if [ ! -r reach ]; then reach= else reach=`find reach -newer pain -print` fi case "$reach" in reach) echo "reach is up to date";; *) echo "running pathalias ..." pathalias -l $local -c pain 2>xxx-errs | tee xxx | awk '$1 < 10000 {print}' > reach;; esac echo "searching for $who ..." grep " $who " reach | sed -e 's/.* //' -e 's/%s//' -e 's/!/ /g' > tmp case `wc -l < tmp|sed 's/ //g'` in 0) echo no signature path to $who exit 1;; 1) ;; *) echo weird error exit -1;; esac set `cat tmp` grep "^# $local" pain | sed -e 's/..........//' for i in $*; do grep "^# $i" pain | sed -e 's/..........//' done rm -f tmp exit From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: RYAN Alan Porter Date: Mon, 31 May 93 20:51:16 PDT To: Skye Merlin Poier Subject: Re: Crypto anarchy in a VW? (not the bug) In-Reply-To: <9305312244.AA20903@malibu.sfu.ca> Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Mon, 31 May 1993, Skye Merlin Poier wrote: > Has there been any discussion of anonimity / crypto anarchy in a virtual world > such as the ones described in _Snow Crash_ or _Neuromancer_? When the nets to > support these technologies come into place (and I have no doubt that they will), > perhaps a form of anonimity could be written into the architechture, instead of > having to add it on later as is the case now.... I would certainly be very > interesting, especially with the work being done on creating alternate personas > (or avatars, whatever). I am glad to see some consideration of possible hypothetical future scenarios here; it is important to have an eye for the future of things. I think that building privacy into the architecture would be inherently dangerous, however, it is a perfect way for the people building the system to oppress the users, all the while convincing them that the system is secure. Clipper is a perfect example of this, anonymity is supposedly being built into the system with the Clipper chip. The trouble, of course, being the inherent INsecurity--but consider how much more dangerous it would be if the insecurities were not even known, yet we were expected to rely on the fact that 'privacy and anonymity are built into the architecture'? No, this is the perfect beginning for a system where the populace is monitored with the argument that "if you had nothing to hide, you would not be going out of your way to hide it, besides, the system has INHERENT, BUILT-IN SECURITY...." The only way to ensure your privacy is to seize it yourself. > Also, a while back someone mentioned in passing buried cables.. this stirred up > an old idea I had about server anonimity, that is that the actual physical > location of a server would be very difficult to pin down... the only way to do > this with any real degree of security would be to bounce signals off a satellite > but this would be rather costly... There are a lot of ways to get a signal around the world without using a satellite, ask any amateur radio enthusiast. Besides, the more diverse the signal transmission methods are, the more difficult the signals will be to both trace and interfere with. I have always been kind of fascinated with the idea of a truly decentralized system, much like the internet is today, where each node had responsibilities to connect to the nodes around it, but the actual interconnection was entirely up to the nodes involved, so that there could be no standard, homogenous method of tracing connections. A pair of nodes could be connected by direct connection, hidden wires, satellite connection, voice grade wires, ionosphere bounce, lunar bounce, repeated packets, lasers, microwaves, IR, whatever... This would provide a tight net that would be almost impossible to control with heavyhanded regulations and oppression. If each node on the net had a seperate public key and all traffic between nodes was decrypted coming in and encrypted going out to the next node, aspiring Big Brothers would have even more of a headache. Why is there not more work being done on encrypting all internode traffic streams? It doesn't seem too hard. An aside: has anyone dealt with the concept of on-the-fly encryption for mass storage, kind of like the way the PCs can be 'stacked' or 'doubled' or whatever with on-the-fly compression? I was thinking about trying to write some drivers for this for a 486 but I have never tried to write a device driver before and was wondering if anyone might have any suggestions. I was thinking of something along the lines of: your entire drive is encrypted with your public key. That way people can send you files and deposit files and all of that jazz no problem. When you boot up the system each time it asks you to insert a floppy with your private key on it. You would keep this floppy on you as if it were an actual, physical key. (perhaps in the future PCMIA cards or something more durable and portable can be used) It asks for your password to verify your key and loads that key somewhere into memory. It then uses they key for the rest of the session to decrypt everything coming from the specified mass storage devices and encrypt everything going to them transparantly. This seems like a great idea to me, my two problems that I was hoping someone might be able to help me with are: 1) these public key algorithms that we are working on are slow as balls, any idea if this would be feasable, given how PC users like to equate hard drive speed with penis size? 2) it seems that having your private key hanging around somewhere in memory the whole session would be horribly insecure, and would make it very easy for someone to walk up to a running PC and run some program that would snatch it from memory (assuming something like this catches on and there are some standard programs out there that poeple become familiar with) so how could I protect the key from getting filched from a running system aside from the standard 'password protect your screen saver' and other insecure hacks like that? > > Skye > -- > -----====> Skye Merlin Poier <====----- > Undergrad in CMPT/MATH (Virtual Reality) |||| |||| > email: poier@sfu.ca p-OO <--> OO-q THINK > PGP Public Key available on finger \== ==/ > Hugs and kisses, -Ryan the Barcode Guy From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com Date: Mon, 31 May 93 20:54:58 PDT To: mmc.bitnet!raglan54@uga.cc.uga.edu Subject: Re: Electronic Contracts Message-ID: <9306010433.AA27082@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text Don't know if there have been specific tests of it in courts, but, yes, signing contracts is definitely something people want digital signatures for. Also, anything else that requires a signature, we'd like to be able to sign digitally, so we can do it online instead of hauling paper around. That's not just a cypherpunk thing, it's what a large fraction of the business community would like to be able to do - it speeds business cycles, cuts ordering time, and means we don't have to keep all this paper around, especially in storage; while the paperless office won't be reality for a while, it would really be nice if we could store the important stuff digitally, where it's easy to retrieve later, and save paper for transient uses like convenient reading, unlike the current situation where digital is for convenience but the important stuff is paper that has to be stored somewhere MIME-Insert-Video-Clip: Indiana Jones, Government Warehouse Scene..... A certain amount of this has been done with the various telex networks; I get the impression from somewhere that a telex can be a legal document for things like sending purchase orders, just like paper can; it will be interesting to see if fax acquires the same status, but forging a fax is terribly easy, just as email is. Bill Stewart From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Darren Reed Date: Mon, 31 May 93 08:23:08 PDT To: cypherpunks@toad.com Subject: Modem Use Fees (fwd) Message-ID: <9305311523.AA03215@toad.com> MIME-Version: 1.0 Content-Type: text/plain Forwarded message: > Date: Mon, 31 May 1993 11:32:11 -0400 (EDT) > From: Stan Bernstein > Subject: Modem Use Fees > Message-Id: > Mime-Version: 1.0 > Content-Type: TEXT/PLAIN; charset=US-ASCII > > > The following, originating from Mr. Tom Justice (CGFS69A [Prodigy]) and > authorized for resubmission to other networks, deals with proposed modem > use fees. It was originally posted on Prodigy a couple of days ago. I would be > interested in anyone's take on the accuracy of this. I apologize for its > length but did not want to distort it too much through truncation. > > "...Two years ago the FCC tried and (with your help and letters of > protest) failed to institute regulations that would impose additional > costs on modem users for data communication. > "Now they are at it again. A new regulation that the FCC is quietly > working on will directly affect you as the user of a computer and modem. > The FCC proposes that users of modems should pay extra charges for the use > of the publc telephone network which carry their data. In addition > computer network services would also be charged as much as $6.00 per hour > per user for the use of the publc telephone network. Obviously these > charges would be passed on to the consumer. The money is to be collected > and given to the telephone company in an effort to raise funds lost to > deregulation. Jim Eason of KGO newstalk radio San Francisco commented on > the proposal during his afternoon radio program during which he said he > learned of the new regulation in an article in the New York Times...." > > In a second post on Prodigy, Mr. Justice suggests writing to various > regulatory officials to convey the following suggested text: > > "Dear Sir: > "Please allow me to express my displeasure with the FCC proposal which > would authorize a surcharge for the use of modems on the telephone > network. This regulation is nothing less than an attempt to restrict free > exchange of information among the growing number of comptuer users. Calls > placed using modems require no special telephone equipment, and users of > modems pay the phone company for use of the network in the form of a > monthly bill. > "In short, a modem call is the same as a voice call and therefore > should not be subject to any additional regulation...." > > Mr. Justice ends his second post with the following: > > "It is important that you act now. The bureaucrats already have it in > their heads that modem users should subsidize the phone company and are > now listening to public comment. Please stand up and make it clear that we > will not stand for any government restriction on the free exchange of > information. > "Pleae deal with this in a TIMELY manner. We can't wait and watch, or > we will be walked over by government regulations that are trying to > strangle us." > # # # > Stanley Bernstein (sbernst@panix.com) > > > > > > > > From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: smb@research.att.com Date: Tue, 1 Jun 93 00:41:32 PDT To: wcs@anchor.ho.att.com Subject: Re: Electronic Contracts Message-ID: <9306010741.AA20187@toad.com> MIME-Version: 1.0 Content-Type: text/plain Digital signatures on contracts are probably legal. I did some checking on the subject a while back; someone forwarded me the following official opinion from the U.S. Controller General. The specific reasoning applies only to the U.S. government, but most of the principles generalize. I'll add one note of my own -- from what I've read lately of the Federal rules of evidence, printouts of data recorded on disk, tape, etc., are considered to be equally original, as it were. A reference I haven't checked is Benjamin Wright, ``The Law of Electronic Commerce- EDI, Fax, and Email: Technology, Proof, and Liability''. It is a 1991 book published by Little Brown and Co., 1991. --Steve Bellovin United States General Accounting Office [Comptroller General] MEMORANDUM DATE: June 19, 1991 TO: Assistant Director, AFMD/ASA - John C. Martin FROM: Assistant General Counsel, OCG/AFMD - Thomas H. Armstrong Subject: Electronic Contracting (B-238449) This responds to your request for our opinion regarding whether agencies can use Electronic Data Interchange (EDI) technologies to create valid contractual obligations that can be recorded consistent with 31 U.S.C. (s) 1501 (section 1501). For the reasons stated below, we conclude that they can. BACKGROUND EDI is the electronic exchange of business information between parties, usually via a computer, using an agreed upon format. EDI is being used to transmit shipping notices, invoices, bid requests, bid quotes and other messages. Electronic contracting is the use of EDI technologies to create contractual obligations. EDI allows the parties to examine the contract, usually on video monitors, but sometimes on paper facsimiles, store it electronically (for example on magnetic tapes, on discs or in special memory chips), and recall it from storage to review it on video monitors, reproduce it on paper or even mail it via electronic means. Using EDI technologies, it is possible for an agency to contract in a fraction of the time that it now takes. The "paperless" nature of the technology, however, has raised the question of whether electronic contracts constitute obligations which may be recorded against the government. DISCUSSION Section 1501 establishes the criteria for recording obligations against the government. The statute provides, in pertinent part, as follows: "(a) An amount shall be recorded as an obligation of the United States Government only when supported by documentary evidence of-- (1) a binding agreement between an agency and another person (including an agency) that is-- (A) in writing, in a way and form, and for a purpose authorized by law. . . ." 31 U.S.C. (s) 1501(a)(1)(A). Under this provision, two requirements must be satisfied: first, the agreement must bind both the agency and the party with whom the agency contracts; second, the agreement must be in writing. Binding Agreement The primary purpose of section 1501(a)(1) is "to require that there be an _offer_ and an _acceptance_ imposing liability on both parties." 39 Comp. Gen. 829,831 (1960) (emphasis in original). Hence the government may record an obligation under section 1501 only upon evidence that both parties to the contract willfully express the intent to be bound. A signature traditionally has provided such evidence. _See_ _generally_ 65 Comp. Gen. 806, 810 (1986). Because of its uniqueness, the handwritten signature is probably the most universally accepted evidence of an agreement to be bound by the terms of a contract. _See_ 65 Comp. Gen. at 810. Courts, however, have demonstrated a willingness to accept other notations, not necessarily written by hand. _See_, _e.g._, _Ohl_&_Co._v._Smith_Iron_Works_, 288 U.S. 170, 176 (1932) (initials); _Zacharie_v._Franklin_, 37 U.S. (12 Pet.) 151, 161-62 (1838) (a mark); _Benedict_v._Lebowitz_, 346 F.2d 120 (2nd Cir. 1965) (typed name); _Tabas_v._Emergency_Fleet_ _Corporation_, 9 F.2d 648, 649 (E.D. Penn. 1926) (typed, printed or stamped signatures); _Berryman_v._Childs_, 98 Neb. 450, 153 N.W. 486, 488 (1915) (a real estate brokerage used personalized listing contracts which had the names of its brokers printed on the bottom of the contract in the space where a handwritten signature usually appears). As early as 1951, we recognized that a signature does not have to be handwritten and that "any symbol adopted as one's signature when affixed with his knowledge and consent is a binding and legal signature." B-104590, Sept. 12, 1951. Under this theory, we approved the use of various signature machines ranging from rubber stamps to electronics encryption 2 B-238449 devices. _See_ 33 Comp. Gen. 297 (1954); B-216035, Sept. 20, 1984. For example, we held that a certifying officer may adopt and use an electronic symbol generated by an electronic encryption device to sign vouchers certifying payments. B-216035, _supra_. The electronic symbol proposed for use by certifying officers, we concluded, embodied all of the attributes of a valid, acceptable signature: it was unique to the certifying official, capable of verification, and under his sole control such that one might presume from its use that the certifying officer, just as if had written his name in his own hand, intended to be bound. EDI technology offers other evidence of intent to be bound with the same attributes as a signature--for example, a "message authentication code," like that required by the National Institute of Standards and Technology (NIST) for the electronic transmission of data._1_/ In our opinion, this form of evidence is acceptable under section 1501. A message authentication code is a method designed to ensure the authenticity of the data transmitted; it is a series of characters that identifies the particular message being transmitted and accompanies no other message. As envisioned by NIST's Federal Information Processing Standard (FIPS) 113,_2_/ a message authentication code could be generated when the sender inserts something known as a "smart card"_3_/ into a system and inputs the data he wants to transmit. Encoded on a circuit chip located on the smart card is the sender's key. ____________________ _1_/ The Congress has mandated that NIST (formerly the National Bureau of Standards) establish minimum acceptable practices for the security and privacy of sensitive information in federal computer systems. Computer Security Act of 1987, Pub. L. No. 100-235, (s) 2, 101 Stat. 1724 (1988). _2_/ FIPS 113 adopts American National Standards Institute (ANSI) standard X9.9 for message authentication. It outlines the criteria for the cryptographic authentication of electronically transmitted data and for the detection of inadvertent and/or intentional modifications of the data. By adopting the ANSI standard, FIPS 113 encourages private sector applications of cryptographic authentication; the same standard is being adopted by many financial institutions for authenticating financial transactions. _3_/ A smart card is the size of a credit card. It contains one or more integrated circuit chips which function as a computer. 3 B-238449 The key is a secret sequence of numbers or characters which identifies the sender, and is constant regardless of the transmission. The message authentication code is a function of the sender's key and the data just loaded into the system. After loading his data into the system, the sender notifies the system that he wants to "sign" his transmission. The system sends the data first to the chip on the smart card; the chip then generates the message authentication code by applying a mathematical procedure known as a cryptographic algorithm. The card returns the data along with the just- generated message authentication code to the system, which will transmit the data and code to the recipient. When a contracting officer notifies the system that he wants to sign a contract being transmitted to a contractor, he is initiating the procedure for generating a message authentication code with the intention of binding his agency to the terms of the contract. The message authentication code evidences that intention, as would a handwritten or other form of signature. The code, incorporating the sender's key, is unique to the sender; and, the sender controls access to and use of his "smart card," where his key is stored. It is also verifiable. When the recipient receives the contract, either a notation identifying the message authentication code and the sender, usually by name. The recipient can verify its authenticity by putting the data that he just received into his system and asking his system to generate a message authentication code. That code should match the one annotating the message received._4_/ Writing To constitute a valid obligation under section 1501(a)(1)(A), a contract must be supported by documentary evidence "in writing." Some have questioned whether EDI, because of the paperless nature of the technology, fulfills this requirement. We conclude that it does. Prior to the enactment of section 1501, in the Supplemental Appropriations Act of 1955,_5_/ the was no "clean cut definition of obligations." H.R. Rep. No. 2266, 83rd Cong., 2d Sess. 50 (1954). Some agencies had recorded questionable obligations, including obligations based on oral contracts, in ____________________ _4_/ For the sake of simplicity, this example does not describe the complicated system of controls used to ensure that no human knows the keys that are used to generate message authentication codes. _5_/ Pub. L. No. 663, 68 Stat. 800, 830 (1954) 4 B-238449 order to avoid withdrawal and reversion of appropriate funds. _See_ 51 Comp. Gen. 631, 633 (1972). Section 1501 was enacted not to restrict agencies to paper and ink in the formation of contracts, but because, as one court noted, "Congress was by asserting oral contracts." _United_States_v._American_ _Renaissance_Lines_, 494 F.2d 1059, 1062 (D.C. Cir.), _cert_. _denied_, 419 U.S. 1020 (1974). The purpose of section 1501 was to require that agencies submit evidence that affords a high degree of certainty and lessens the possibility of abuse. _See_ H.R. Rep. No. 2266 at 50. While "paper and ink" offers a substantial degree of integrity, it is not the only such evidence. Some courts, applying commercial law (and the Uniform Commercial Code in particular), have recognized audio tape recordings, for example, as sufficient to create contracts. _See_, _e.g._, _Ellis_Canning_Company_v._Bernstein_, 348 F. Supp. 1212 (D. Colo. 1972). The court, citing a Colorado statute, stated that the tape recording of the terms of a contract is acceptable because it is a "reduc[tion] to tangible form."_6_/ _Id_. at 1228. In a subsequent case, the United States Court of Appeals held that an audio tape recording of an agreement between the Gainesville City Commission and a real estate developer was sufficient to bind the Commission. _Londono_v._City_of_Gainesville_, 768 F.2d 1223 (11th Cir. 1985). The court held that the tape recording constituted a "signed writing." _Id_. at 1228. In our opinion, EDI technology, which allows the contract terms to be examined in human readable form, as on a monitor, stored on electronic media, recalled from storage and reviewed in human readable form, has an integrity that is greater than an audio tape recording and equal to that of a paper and ink contract. Just as with paper and ink, EDI technology provides a recitation of the precise terms of the contract and avoids the risk of error inherent in oral testimony which is based on ____________________ _6_/ Some courts, interpreting the laws of other states, have held that a tape recording is not acceptable. _See_Roos_v._ _Aloi_, 487 N.Y.S. 2d 637 (N.Y. Sup. Ct. 1985), _aff'd_, 489 N.Y.S. 2d 551 (N.Y. App. Div.); _Sonders_v._Roosevelt_, 476 N.Y.S. 2d 331 (N.Y. App. Div. 1984). 5 B-238449 human memory._7_/ Indeed, courts, under an implied-in-fact contract theory, have enforced contracts on far less documentation than would be available for electronic contracts. _See_ _Clark_v._United_States_, 95 U.S. 539 (1877). _See_ _also_ _Narva_Harris_Construction_Corp._v._United_States_, For the purpose of interpreting federal statutes, "writing" is defined to include "printing and typewriting and _reproductions_ _of_visual_symbols_ by photographing, multigraphing, mimeographing, manifolding, or _otherwise_." 1 U.S.C. (s) 1 (emphasis added). Although the terms of contracts formed using EDI are stored in a different manner than those of paper and ink contracts, they ultimately take the form of visual symbols. We believe that it is sensible to interpret federal law in a manner to accommodate technological advancements unless the law by its own terms expressly precludes such an interpretation, or sound policy reasons exist to do otherwise. It is evident that EDI technology had not been conceived nor, probably, was even anticipated at the times section 1501 and the statutory definition of "writing" were enacted. Nevertheless, we believe that, given the legislative history of section 1501 and the expansive definition of writing, section 1501 and 1 U.S.C. (s) 1 encompass EDI technology. cc: Mr. F. Jackson ____________________ _7_/ Of course, just as with any contact or other official document, an agency must take appropriate steps to ensure the security of the document, for example, to prevent fraudulent modification of the terms. Agencies should refer to NIST standards in this regard. _See_, _e.g._, FIPS 113 _supra_ (regarding message authentication codes). In addition, agencies should refer to the GSA regulations regarding the maintenance of electronic records. _See_ 41 C.F.R. (s) 201-45.2. 6 B-238449 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@cicada.berkeley.edu Date: Tue, 1 Jun 93 05:47:56 PDT To: cypherpunks@toad.com Subject: National Security Telecommunications 5.27.93 Message-ID: <9306011324.AA17033@cicada.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Some names we should all note... ============================================================================ E X E C U T I V E O F F I C E O F T H E P R E S I D E N T 27-May-1993 07:03pm TO: Jeffrey L. Eller TO: Jonathan P. Gill FROM: David Seldin Office of the Press Secretary SUBJECT: NATIONAL SECURITY TELECOMMUNICATIONS ADVISORY COMMISSION THE WHITE HOUSE Office of the Press Secretary For Immediate Release May 26, 1993 PRESIDENT APPOINTS AUGUSTINE TO CHAIR ADVISORY PANEL (Washington, DC) The President announced today that he has appointed Norman R. Augustine as Chair and William T. Esrey as Vice Chair of the President's National Security Telecommunications Advisory Committee (NSTAC). Augustine is Chairman and Chief Executive Officer of Martin Marietta Corporation and has previously served as Vice Chair of NSTAC. Esry is Chairman and Chief Executive Officer of Sprint Corporation. Also named to the NSTAC today were Joseph T. Gorman, the Chairman and CEO of TRW Inc., and Albert F. Zettlemoyer, the President of Paramax Systems Corporation and a Senior Vice President of Unisys Corporation. The President's National Security Telecommunications Advisory Committee is a Federal Advisory Committee designed to provide information and advice to the President regarding telecommunications planning. It is composed of up to 30 telecommunications industry executives. # # # From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@cicada.berkeley.edu Date: Tue, 1 Jun 93 07:56:33 PDT To: cypherpunks@toad.com Subject: Re: National Security Telecommunications 5.27.93 Message-ID: <9306011532.AA19547@cicada.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- It is at best ironic to see the Chairman and CEO of TRW appointed to the President's National Security Telecommunications Advisory Committee, given the sieve-like nature of TRW's data collection. DEADBEAT -----BEGIN PGP SIGNATURE----- Version: 2.2 iQBFAgUBLAt1nfFZTpBW/B35AQE6kwF/S54u0IVgGwA0wj1FSFlfmhYsX6cdjwYM N68FWvVtdEanPm6tri84ziNkWvjEGtr4 =S7j2 -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jordan@imsi.com (Jordan Hayes) Date: Tue, 1 Jun 93 06:06:36 PDT To: cypherpunks@toad.com Subject: Re: Electronic Contracts Message-ID: <9306011235.AA08210@IMSI.COM> MIME-Version: 1.0 Content-Type: text/plain I believe if you really want it to hold up, you should use the Bellcore document signing service. Has anyone heard of a company that would provide this on a non-research basis? /jordan From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Ian S. Nelson" Date: Tue, 1 Jun 93 07:09:44 PDT To: cypherpunks@toad.com Subject: How do I unsubscribe? Message-ID: <199306011447.AA14254@bvsd.Co.EDU> MIME-Version: 1.0 Content-Type: text/plain I'm taking off for summer, so how do I unsubscribe from the list? Also, whoever sends me info on that, please send me a message that will tell me how to get back on when I come back. thanks, -- Ian S. Nelson I speak for only myself. Finger for my PGP key. If you are a beautiful woman, it is mandatory that you reply to this message. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 1 Jun 93 08:19:29 PDT To: cypherpunks@toad.com Subject: Software infrastructure In-Reply-To: <9305311919.AA06505@toad.com> Message-ID: <9306011553.AA16160@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >I think what is really needed is >some way of dealing with people who read mail on their PC while using >some kind of terminal program or similar package to connect to a BBS, >commercial service, or Unix box. I think Hal is largely accurate here. Certainly the "DOS box as terminal" problem needs to be solved. With the advent of 386BSD, however, home Unix is going to be increasingly common. As an aside, I want to harp again on what I call the software infrastructure problem. If email and telecomm systems were well structured, instead of exhibiting so much history in themselves, most encryption freatures would be extremely easy to implement--just grab the right hook. Unfortunately this is not the situation. Hence my conclusion: The most important software development for wide scale deployment of cryptography has nothing _per se_ to do with cryptography. Let's go back to the DOS-as-terminal issue. The politics and economics of DOS shareware is such that source code is almost never made available. Gnu public license software is rare in the DOS world. I propose that interested cypherpunks write a DOS terminal program which _is_ free software. In order to overcome the inertia which Hal properly observes is endemic to any software change, I submit that to have source code available to fix or add features deemed desirable will be a key factor in acceptance of this software. I have my own ideas about multiplexing the channel to support background POP and file transfer, but I'll leave that for later. Such software, of course, would be properly layered to be able to add encryption at the key junctures. It would be entirely appropriate to discuss such architecture here on the cypherpunks list. When the developers's effort starts, I promise to find a way for them to have their own mailing list. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 1 Jun 93 08:30:06 PDT To: cypherpunks@toad.com Subject: Crypto anarchy in a VW? (not the bug) In-Reply-To: <9305312244.AA20903@malibu.sfu.ca> Message-ID: <9306011604.AA16401@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >this >stirred up an old idea I had about server anonimity, that is that the >actual physical location of a server would be very difficult to pin >down... This presumes a model where the logical server is a single machine. That doesn't have to be the case. By using a secret sharing protocol (M out of N reconstruction), one can multiply site any database, with sites anywhere in the world. A database then is in actuality not in any single place. >the only way to do this with any real degree of security >would be to bounce signals off a satellite but this would be rather >costly... Cryptography is all economics. If you are doing something where the location of a machine must not be revealed, then you've got the money to pay for a satellite link. High security means high expense, and there is no way around that. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 1 Jun 93 08:41:02 PDT To: cypherpunks@toad.com Subject: No Subject In-Reply-To: <199306010527.AA00963@xtropia> Message-ID: <9306011614.AA16663@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >This means that the pass phrase [for the remailer secret key] has to >exist, in the clear, in the scripts which implement the remailer. Currently that is the easiest way, to be sure. Another way would be to store the passphrase encrypted in a file so that at least it's not findable with strings(1). Here a quick hack for someone who's looking for a project: a passphrase storage process which accepts requests from a slightly modified PGP. Hal's basic point, however is not mitigated. Nothing is secure from a clever root. >Perhaps Karl could add a notation in his >remailer lists about which machines are public and which are private. An excellent suggestion. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 1 Jun 93 08:54:26 PDT To: cypherpunks@toad.com Subject: Crypto anarchy in a VW? (not the bug) In-Reply-To: Message-ID: <9306011628.AA17049@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >I think that building privacy into the architecture would be inherently >dangerous, however, it is a perfect way for the people building the system >to oppress the users, all the while convincing them that the system is >secure. We build the privacy into the system, not the government. The question is _who decides_? If we decide by creating, then more privacy will exist by fiat. >The only way to ensure your privacy is to seize it yourself. Absolutely. This does not contradict our activity of building the privacy into the system. Any privacy system you can build on top of an insecure network such as the internet can also be built on top of a privacy-friendly network. >There are a lot of ways to get a signal around the world without using a >satellite, ask any amateur radio enthusiast. One of the really great techniques I've hear about recently is a data channel that runs at 90% T1 speed over the ~900 MHz spread spectrum band. The legal limit is 1W transmitter power and 4W antenna gain (transmitted energy focusing). From what I hear, though, the antenna gain requirements are being ignored by lots of folks. What this means in practice is that you can set up a directional antenna and easily get a twenty mile hop on one of these units. >Why is there not more work being done on encrypting all internode traffic >streams? It doesn't seem too hard. Cylink has had a T1 link encrypter out for years. It uses D-H for key exchange. It's also costs (not-known-to-be-accurate) about 10K$ per end. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 1 Jun 93 08:59:13 PDT To: cypherpunks@toad.com Subject: Electronic Contracts In-Reply-To: <9306011235.AA08210@IMSI.COM> Message-ID: <9306011633.AA17111@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >I believe if you really want it to hold up, you should use the >Bellcore document signing service. Has anyone heard of a company >that would provide this on a non-research basis? The Bellcore service is properly a timestamping service and not a signature service. Their timestamp is constructed out of hash functions, not digital signatures. The algorithm is patented. Contact Bellcore for licensing. I'm not sure they are going to license; they may decide that they want all the timestamping revenue themselves. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 1 Jun 93 09:22:44 PDT To: cypherpunks@toad.com Subject: Clipperpunks Write Code? In-Reply-To: <9305312100.AA22836@netcom3.netcom.com> Message-ID: <9306011656.AA17722@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >The anti-Clipper work is related, but >probably isn't the core...fortunately, I doubt there's any conflict, as >people will work on what interests them, so the Clipper stuff probably >isn't affecting work on other core issues. We are trying to build a sandbox, and the government is trying to restrict the use of sand. My apologies to non-US readers for the diatribe on US politics. Unfortunately, if the US restricts cryptography, others are likely to follow, either by coercion or by example. I had dinner last night with, among others, John Gilmore and John Barlow, who have just been to DC with the rest of the EFF Board to talk to politicos. Without being too specific (I leave it to those who were there to decide the propriety of the details), but several things became clear. 1. Clinton has signed onto Clipper full-bore 100%. Bush started it, but Clinton, the ever-moderate, has told the eavesdropping community that he can take their side on some issues. 2. They're going to deploy Clipper without regard to public sentiment. That means that to be influenced by public sentiment, it is going to have to be huge. Educational efforts are going to have to be large. 3. Our government is looking at the "example of other governments" to justify that restrictions on cryptography are not beyond the pale. This is serious, make no mistake. If, as in the White House statement as reprinted in the Post, the government does restrict everything to be Clipper, all anonymity and pseudonymity efforts are worthless. That said, I also urge those who are writing code to continue. To those of you not writing code, however, I say start talking to your friends and neighbors and communities and newspapers. Now. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 1 Jun 93 09:27:23 PDT To: cypherpunks@toad.com Subject: No Subject In-Reply-To: <9305311901.AA28793@relay2.UU.NET> Message-ID: <9306011701.AA17888@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >I'm analyzing a piece of encryption shareware advertised on >comp.archives.msdos.announce. Could you post a more complete pointer to this? >PARTICULAR TOOLS I'D USEFUL... >- A binary file editor/composer with hex and ascii displays >- A tool for generating and viewing letter frequencies, digram/ >trigram frequencies Since you are going to be writing some of these, presumably, I take it you'll be sharing your code with us. Yes? >I looked on soda in pub/cypherpunks/cryptanalysis and found >nothing useful. The directory is there as much to inspire the writing of such software as it is to distribute it. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 1 Jun 93 10:16:40 PDT To: cypherpunks@toad.com Subject: crypto '93: deadline for stipend Message-ID: <9306011750.AA19860@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain For those of you who want to go to CRYPTO 93 and get paid to do so, the deadline is this Friday. The conference is Aug 22 et seq. in Santa Barbara. Details from the announcement are below. Eric ----------------------------------------------------------------------------- A very limited number of stipends are available to those unable to obtain funding. Applications for stipends should be sent to the General Chair before June 4, 1993. ---------------------- For other information, contact the General Chair: Paul C. Van Oorschot, Crypto '93 Bell-Northern Research (MAIL STOP 000) 3500 Carling Ave. Nepean, Ontario K2H 8E9 Canada Telephone: (613)-763-4199 Fax: (613)-763-2626 Internet: crypto93@bnr.ca From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 1 Jun 93 10:46:28 PDT To: cypherpunks@toad.com Subject: Crypto anarchy in a VW? (not the bug) In-Reply-To: <199306011712.AA08151@ccwf.cc.utexas.edu> Message-ID: <9306011820.AA21028@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain > The actual file encryption/decryption >must be done in hardware if you want to have any sort of speed at all. Please, everyone who is working on this, remember. You can't do hard disk encryption in software on the host CPU. Thanks to Jim for reminding me to stress this. >Lacking an available IDEA chip I will have to use >DES (multi-pass or some other variant to get around the limits on DES >keyspace) in order to get the necessary throughput on the disk. DES hardware is already available and tested. Use it. Use a triple-keyed EDE version of DES. Is someone selling a raw DES chip on an ISA card? If so, use that so that others don't have to hack together their own hardware. >Such a system would not be completely secure but would provide some >protection for files, which is more than they get now... The keying material for the disk should not be one key for the whole disk. The keying material could easily be one key per track without the keys growing too large. Ideally this keying material would be held on a removable PCMCIA card and would talk directly to the device encryptor hardware with a protected channel. That will have to wait. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Timothy Newsham Date: Tue, 1 Jun 93 14:32:10 PDT To: jthomas@kolanut.mitre.org (Joe Thomas) Subject: Re: Software infrastructure In-Reply-To: <9306011816.AA10998@kolanut> Message-ID: <9306012132.AA11983@toad.com> MIME-Version: 1.0 Content-Type: text/plain > I may be able to help out in a DOS project (though I seem to be migrating > quickly to Linux as it stabilizes...) Perhaps the GPL'ed program term > would be useful in serial multiplexing applications. It's quite nice for > Unix boxes, letting all kinds of streams coexist (even redirecting TCP/IP > ports over serial without the overhead of SLIP/PPP). I believe I've on a similar note the DNET protocol for amiga is quite nice. It comes with a nice socket like library. Works quite efficiently but contains no information about addressing (it is strictly point to point so it doesnt use any addressing). From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jim McCoy Date: Tue, 1 Jun 93 09:35:14 PDT To: ryan@rtfm.mlb.fl.us (RYAN Alan Porter) Subject: Re: Crypto anarchy in a VW? (not the bug) In-Reply-To: Message-ID: <199306011712.AA08151@ccwf.cc.utexas.edu> MIME-Version: 1.0 Content-Type: text Ryan Alan Porter writes: [...] > An aside: has anyone dealt with the concept of on-the-fly encryption for > mass storage, kind of like the way the PCs can be 'stacked' or 'doubled' > or whatever with on-the-fly compression? I was thinking about trying to > write some drivers for this for a 486 but I have never tried to write a > device driver before and was wondering if anyone might have any suggestions. Sort of. I am still trying to work out a few design problems on a system such as this for unix hosts. At the moment it looks like I will be doing this in linux but I still have a few issues to hammer out before I start coding. > 1) these public key algorithms that we are working on are slow as > balls, any idea if this would be feasable, given how PC users like to > equate hard drive speed with penis size? The PKE stuff would only need to handle the key management, so this could conceivably be done in software. The actual file encryption/decryption must be done in hardware if you want to have any sort of speed at all. This is actually the part I am still trying to figure out. A research lab in Switzerland designed a chip to do IDEA rather quickly, but I have still not been able to get any information on how/when this might be marketed or available outside the research lab (although I might be able to get one for research purposes...) Lacking an available IDEA chip I will have to use DES (multi-pass or some other variant to get around the limits on DES keyspace) in order to get the necessary throughput on the disk. > 2) it seems that having your private key hanging around somewhere in > memory the whole session would be horribly insecure, [...] This I why I am hoping to use linux. For those who don't know what linux is, it is a fairly popular free unix for 386/486 intel machines. With linux I can start by burying the private key in the kernel during runtime to give it some protection against snooping and hope to add a few kernel hacks to make it a little more secure against examination. Linux provides a dos emulator for those who need PC programs and unix/x11/whatever for the rest of us... Such a system would not be completely secure but would provide some protection for files, which is more than they get now... jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@eli-remailer Date: Tue, 1 Jun 93 11:55:12 PDT To: cypherpunks@toad.com Subject: No Subject Message-ID: <9306011855.AA08017@toad.com> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- I don't think the idea of a "virtual server" for anonymity will really accomplish much. Even if you somehow manage to spread the software over several machines, you still need to publicize the entry and exit points for remailing requests. If the net police determine to shut down the server, they can go after those machines which are publically known to be the places where the anonymous messages come from and shut them down. Sure, if you have a network of machines you might be able to bring another one online pretty quickly to replace this one which has been shut down. But then the net police can go after that one. And so on. You'd get the same effect just by having a bunch of conventional remailing servers, only announcing one of them publically, and then having each one come online only after the one before it got shut down. The hard part in either of these scenarios is collecting more people who will run anonymity servers. I don't see that doing tricky stuff with virtualizing the calculations helps you much. Similarly, trying to put a machine at an unknown site, or perhaps in a friendly country, won't necessarily help. If the machine itself is inaccessible, the net police will go after its feeds, the points at which it connects into the network. Look at what happened to Julf. His machine was safe, sitting in a back room of his house. They went after his net feeds instead. The real answer is to publically defend remailers. I argue for remailing servers on the basis of preventing traffic analysis. Most people accept that the use of encryption is justified for email in order to protect individual privacy. I claim that remailing servers extend this protection to include not only the content of a message, but its destination as well. The net does little today to keep the facts private about whom you communicate with. Remailers provide that confidentiality. If we had enough remailers that we could confidentally run a virtualized system, knowing that we could keep brining them online faster than they could be shut down, I'd argue that a better use of those resources would be to publically identify all of the remailers and let them all operate on their own. This would provide a united front to oppose the anti-privacy forces, giving political strength to our goals. Hal Finney 74076.1041@compuserve.com -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLAtoGqgTA69YIUw3AQGFeQQAsnAHwZpe+BRzhp9umLJzWJDFgcHYYYwu Bp5GJI2LmhQWB1pNluLxupW/ZZZqlO78HApOcU9jL/eFEhZakoAd4RJPVBjXpadm w1vkfSDQ6qXKnPyj28FM1sm3eSyfRu3evAd8+MfGNFOlCeyrYNfya6G3OBOcwpf1 bJFe7upKVVQ= =8apG -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mmidboe@cs.uah.edu (digital saint) (Computer Science Dept., Univ. of Alabama-Huntsville) Date: Tue, 1 Jun 93 09:51:52 PDT To: cypherpunks@toad.com Subject: Remailers on networks like Fido or WWIV Message-ID: <9306011729.AA17003@uahcs2.cs.uah.edu> MIME-Version: 1.0 Content-Type: text I've seen a lot about remailers on Internet but has anyone done any work with remailers on Fidonet, or WWIVNet style networks? I've been thinking about a WWIVNet anonymous remailer and can easily implement one for email, but the public postings would be much harder although I do have some ideas on that. If anyone else out there has any ideas, or has started on this already I'd really like to hear about it. d. saint From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl Barrus Date: Tue, 1 Jun 93 10:48:49 PDT To: cypherpunks@toad.com Subject: Remailers 06/01/93 Message-ID: <199306011826.AA09799@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Q1: What cypherpunk remailers exist? A1: 1: hh@pmantis.berkeley.edu 2: hh@cicada.berkeley.edu 3: hh@soda.berkeley.edu 4: nowhere@bsu-cs.bsu.edu 5: remail@tamsun.tamu.edu 6: remail@tamaix.tamu.edu 7: ebrandt@jarthur.claremont.edu 8: hal@alumni.caltech.edu 9: remailer@rebma.mn.org 10: elee7h5@rosebud.ee.uh.edu 11: phantom@mead.u.washington.edu 12: hfinney@shell.portal.com 13: remailer@utter.dis.org 14: 00x@uclink.berkeley.edu 15: remail@extropia.wimsey.com NOTES: #1-#6 remail only, no encryption of headers #7-#12 support encrypted headers #15 special - header and message must be encrypted together #9,#13,#15 introduce larger than average delay (not direct connect) #14 public key not yet released ====================================================================== Q2: What help is available? A2: Check out the pub/cypherpunks directory at soda.berkeley.edu (128.32.149.19). Instructions on how to use the remailers are in the remailer directory, along with some unix scripts and dos batch files. Mail to me (elee9sf@menudo.uh.edu) for further help and/or questions. ====================================================================== -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLAufF4OA7OpLWtYzAQGsEwQAkAcRFuEUBlNVdObcvTMZL3RFsK0MPZXw EyjAKEIkJgScdkeIN8uiN4Glz14+BkiLYWwu9fGRJAhV0ytKx1F/RYNcseXG0Em6 en69SAKrf6rgWMuA3im/k0uWe3FPoCVWyXYU7g9gDxvyQcgBkF1o+Fj4Sr3PtUCR LcIEvwSM+pM= =jIRN -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 1 Jun 93 13:06:15 PDT To: cypherpunks@toad.com Subject: Crypto anarchy in a VW? (not the bug) In-Reply-To: <199306011955.AA29541@flubber.cc.utexas.edu> Message-ID: <9306012040.AA27161@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain I argue that encrypted hard disks should be encrypted at the transfer level. >Actually I was sort of thinking of the keying being done on a per-user >basis. Never fear. Layered encryption is the way of the future. One layer of encryption for the disk as a whole, another for the users. When the stuff gets cheap enough, it will be everywhere. The question is "Who is your opponent?" If you are concerned with the users against each other, then use user level encryption. If you are concerned with the outside world against the machine, then encrypt at the disk controller or device driver level. If you are concerned about both, then do both. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 1 Jun 93 13:09:11 PDT To: cypherpunks@toad.com Subject: Crypto anarchy in a VW? (not the bug) In-Reply-To: Message-ID: <9306012042.AA27310@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >> You can't do hard >> disk encryption in software on the host CPU. >Well thanks for the advice, but you fergot to mention why... Performance. Look at how long it take to do encryption via software and how long by hardware. Consider that a Unix box can do other processor tasks while the disk is stepping. Re: EPROM as key A fragile device makes privacy for hackers only. General privacy will require something significantly more physically robust. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl Barrus Date: Tue, 1 Jun 93 11:15:59 PDT To: cypherpunks@toad.com Subject: ANON/REMAIL: Remailers June 1, 1993 Message-ID: <199306011853.AA12217@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain ...teach me to not read my mail first... :-) -----BEGIN PGP SIGNED MESSAGE----- Q1: What cypherpunk remailers exist? A1: 1: hh@pmantis.berkeley.edu 2: hh@cicada.berkeley.edu 3: hh@soda.berkeley.edu 4: nowhere@bsu-cs.bsu.edu 5: remail@tamsun.tamu.edu 6: remail@tamaix.tamu.edu 7: ebrandt@jarthur.claremont.edu 8: hal@alumni.caltech.edu 9: remailer@rebma.mn.org 10: elee7h5@rosebud.ee.uh.edu 11: phantom@mead.u.washington.edu 12: hfinney@shell.portal.com 13: remailer@utter.dis.org 14: 00x@uclink.berkeley.edu 15: remail@extropia.wimsey.com NOTES: #1-#6 remail only, no encryption of headers #7-#12 support encrypted headers #15 special - header and message must be encrypted together #9,#13,#15 introduce larger than average delay (not direct connect) #14 public key not yet released #9,#13,#15 running on privately owned machines ====================================================================== Q2: What help is available? A2: Check out the pub/cypherpunks directory at soda.berkeley.edu (128.32.149.19). Instructions on how to use the remailers are in the remailer directory, along with some unix scripts and dos batch files. Mail to me (elee9sf@menudo.uh.edu) for further help and/or questions. ====================================================================== -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLAulOYOA7OpLWtYzAQHLfQP/XDSipOUPctZnqjjTq7+665MWgysE1ex9 lh3Umzk2Q647KyqhoCo8f7nVrieAZxK0HjRFrRQnQCwjTSQrve2eAQ1A5PmJjyiI Y55E3YIXYmKrQekIHUKaMyATfnhNc6+2MT8mwaWz2kiOTRkun/SlNI3Cv3Qt8Emy Y6Zv0kk/7rs= =simY -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 1 Jun 93 13:31:05 PDT To: cypherpunks@toad.com Subject: No Subject In-Reply-To: <9306011855.AA08017@toad.com> Message-ID: <9306012105.AA28350@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >I don't think the idea of a "virtual server" for anonymity will really >accomplish much. For just plain old reliability in the face of expected hardware and connectivity failure, it is reason enough. When one examines intended such failures, the analysis must be more subtle. >... you still need to publicize the entry and exit points Yes. On any system at all, the portals that guard privacy are public. For whatever architecture you chose, you still need an actual email address that resolves down to some physical internet machine to gain access to that service. >If the net police determine to shut down the server Shutting down service is all economics. It you must simultaneously shut down even two machines, that is a larger cost that shutting down one, since there must be coordination. >one online pretty quickly to replace this one which has been shut down. >But then the net police can go after that one. And so on. Cost, cost, cost. What is possible and what is fiscally available are two different things. Two machines might be in the realm of possibility, but where is the cutoff exactly? >You'd get the same effect just by having a bunch of conventional remailing >servers, only announcing one of them publically, and then having each >one come online only after the one before it got shut down. No, there is a single and incredibly salient difference--communicating the change of address to all those who use the service. Right now, this changed information must either end up in people's head, or in their alias files, or in their scripts. Wherever it is, it would have to change. This effectively puts a fairly small upper bound on the user base for such a service, given the characterstic time it takes to communicate such changes. Plus, if you want pseudonymous return paths, then you have to make sure that data is transferred to a new system. >The hard part in either of these scenarios is collecting more people who >will run anonymity servers. The scenario I envision for virtualized databases is a business running such a network themselves or in partnership with other companies. Doing this all on netcom shell accounts just won't happen. The hard part here is trying to get someone to pay for the secure service. >If the machine itself is inaccessible, the net police will go after >its feeds, the points at which it connects into the network. If there is a single point of failure, that's a problem. This is a design criterion, not an overwhelming roadblock. >Look at what happened to Julf. His machine >was safe, sitting in a back room of his house. They went after his net >feeds instead. One-point failure! The politics of the connecting network are crucial in the long run. I have a separate message about that. >The real answer is to publically defend remailers. I see no reason why these two approaches are exclusive. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jthomas@kolanut.mitre.org (Joe Thomas) Date: Tue, 1 Jun 93 10:39:17 PDT To: cypherpunks@toad.com Subject: Re: Software infrastructure Message-ID: <9306011816.AA10998@kolanut> MIME-Version: 1.0 Content-Type: text/plain Eric Hughes writes: > I propose that interested cypherpunks write a DOS terminal program > which _is_ free software. In order to overcome the inertia which Hal > properly observes is endemic to any software change, I submit that to > have source code available to fix or add features deemed desirable > will be a key factor in acceptance of this software. I have my own > ideas about multiplexing the channel to support background POP and > file transfer, but I'll leave that for later. Such software, of > course, would be properly layered to be able to add encryption at the > key junctures. I may be able to help out in a DOS project (though I seem to be migrating quickly to Linux as it stabilizes...) Perhaps the GPL'ed program term would be useful in serial multiplexing applications. It's quite nice for Unix boxes, letting all kinds of streams coexist (even redirecting TCP/IP ports over serial without the overhead of SLIP/PPP). I believe I've heard someone on comp.os.linux or gnu.misc.discuss talk about hacking DES into term, so it sounds doable. I'm not sure how much the code assumes Unix serial device handing, but I'll have a look at the code. Joe From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: stig@netcom.com (Stig) Date: Tue, 1 Jun 93 13:52:09 PDT To: Eric Hughes Subject: Re: Software infrastructure In-Reply-To: <9306011553.AA16160@soda.berkeley.edu> Message-ID: <9306012130.AA17995@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain To quote: Eric Hughes > > Let's go back to the DOS-as-terminal issue. The politics and > economics of DOS shareware is such that source code is almost never > made available. Gnu public license software is rare in the DOS world. > > I propose that interested cypherpunks write a DOS terminal program > which _is_ free software. In order to overcome the inertia which Hal > Let's generalize a bit: Since PC based unix is more available, this package should run on either PC or UNIX platforms. Tip doesn't cut it as a terminal program for UNIX and I don't know of another... SLIP has it's disadvantages. So, what I'm proposing is that the OS interface stuff be crammed into an interface layer. One intriguing application: Write an interface layer that uses SOCKETS for connectivity. We want to avoid the kitchen sink mentality, BUT if we're going to spend lots of time on this package, then why have it all go to waste when time comes to port the sucker? Stig /* Jonathan Stigelman, Stig@netcom.com, PGP public key by finger */ /* fingerprint = 32 DF B9 19 AE 28 D1 7A A3 9D 0B 1A 33 13 4D 7F */ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jim McCoy Date: Tue, 1 Jun 93 12:18:22 PDT To: hughes@soda.berkeley.edu (Eric Hughes) Subject: Re: Crypto anarchy in a VW? (not the bug) In-Reply-To: <9306011820.AA21028@soda.berkeley.edu> Message-ID: <199306011955.AA29541@flubber.cc.utexas.edu> MIME-Version: 1.0 Content-Type: text Eric Hughes writes: [...] > > >Such a system would not be completely secure but would provide some > >protection for files, which is more than they get now... > > The keying material for the disk should not be one key for the whole > disk. The keying material could easily be one key per track without > the keys growing too large. Actually I was sort of thinking of the keying being done on a per-user basis. The user would supply a key (with the pub key kept online and the private part stored in kernel memory during the user session) that would be used for thier files and the system key would only be used to provide a secure channel between the user and the system (user encrypts thier key pair with the system key and transmits it). I have several ideas on how to close up some of the holes on the OS side, but at the moment I am trying to concentrate on finishing up the details of just the filesystem side so I can get coding. Right now I am working on making the system provide security such that the only way to get at a file is to either have the legitimate user's private key or to have the system private key and run the system as a sort of trojan horse collecting keys as users login. Having the system private key will not give you any sort of "replay" data (you will not be able to use the system key to get any past user keys or much of anything else...) and having the physical hardware without the system private key will give you nothing at all. jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peb@PROCASE.COM Date: Tue, 1 Jun 93 14:32:55 PDT To: fnerd@smds.com Subject: Re: Verifying Privacy as an Upload/AI? Message-ID: <9306012209.AA17679@banff.procase.com> MIME-Version: 1.0 Content-Type: text/plain I think you are headed in the right direction wrt a capability system, however, they are predicated on tamper proof hardware. Since you stipulate human being copying and torturing (sounds like tampering to me), I think this is not ultimate privacy. Hmm, perhaps you should set up a key escrow system (!) so that you need to call your most trusted friends to assemble your session key. The session key works only once, assuming a tamper proof, capability system. When you call them, they can quiz you on your mental and physical health to determine whether they should give you the keys...thus limiting the ability of a torturer. Paul E. Baclace peb@procase.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fnerd@smds.com (FutureNerd Steve Witham) Date: Tue, 1 Jun 93 12:38:04 PDT To: cypherpunks@toad.com Subject: Verifying Privacy as an Upload/AI? Message-ID: <9306011936.AA19298@smds.com> MIME-Version: 1.0 Content-Type: text/plain (Posted to both extropians and cypherpunks.) Is there any way for a process running in a computer to verify that it has privacy? How could an AI, for instance, ever know that it had privacy? How could a person preparing to be uploaded provide for their continuing privacy? Assume these things, for the sake of argument: Strong public key crypto. Truly tamper-proof computers. Capability-based operating systems with proven protection between processes. We might ask Norm Hardy for a rundown on some of the wonderful things that are possible in these types of systems. You might even assume that... Humans can memorize things, and these things can't be decoded from their uploads' memory dumps. (See note on torture below). The process/person seeking assurance of privacy is capable of being downloaded into a humanoid robot with enough compute power. Can you prevent the bad guys from copying you and torturing information out of the copy? Can you be secure even if they can do that? Even with the best assumptions, I find this question tough. But then I'm dense sometimes. -fnerd From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: RYAN Alan Porter Date: Tue, 1 Jun 93 12:33:23 PDT To: Eric Hughes Subject: Re: Crypto anarchy in a VW? (not the bug) In-Reply-To: <9306011820.AA21028@soda.berkeley.edu> Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Tue, 1 Jun 1993, Eric Hughes wrote: > > The actual file encryption/decryption > >must be done in hardware if you want to have any sort of speed at all. > > Please, everyone who is working on this, remember. You can't do hard > disk encryption in software on the host CPU. Thanks to Jim for > reminding me to stress this. Well thanks for the advice, but you fergot to mention why... > >Lacking an available IDEA chip I will have to use > >DES (multi-pass or some other variant to get around the limits on DES > >keyspace) in order to get the necessary throughput on the disk. > > DES hardware is already available and tested. Use it. Use a > triple-keyed EDE version of DES. > > Is someone selling a raw DES chip on an ISA card? If so, use that so > that others don't have to hack together their own hardware. I would be very interested in a card like this, if anyone can find one. > >Such a system would not be completely secure but would provide some > >protection for files, which is more than they get now... > > The keying material for the disk should not be one key for the whole > disk. The keying material could easily be one key per track without > the keys growing too large. > > Ideally this keying material would be held on a removable PCMCIA card > and would talk directly to the device encryptor hardware with a > protected channel. That will have to wait. Another possibility until then, and one that would be fun for people who like to play with EPROMS, is a card that had a cable leading to an external EPROM socket that you could lay on your desk or on top of the case or wherever. You burn your keys for the HD into a chip and use it as a key, physically inserting the chip in the socket each time. There are lots on new ways to make chips easy to plug in and out, I'm sure it wouldn't be too hard. I still don't see why all of the actual encryption couldn't be done in software though... > Eric -Ryan the Bit Wallah From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: markh@wimsey.bc.ca (Mark C. Henderson) Date: Tue, 1 Jun 93 16:18:27 PDT To: cypherpunks@toad.com Subject: wimsey.bc.ca archive is back on line Message-ID: MIME-Version: 1.0 Content-Type: text/plain Due to a disk failure the anonymous ftp cryptography archive at wimsey.bc.ca (/pub/crypto) was off line for a couple of months. Well, it is back. (If you haven't used it before, we're on the other end of a slip link, so be please be patient, downloads take a while). As usual I'm asking that this archive not be used to illegally export cryptographic products from Canada and the U.S. -- Mark Henderson markh@wimsey.bc.ca (personal account) RIPEM key available by key server/finger/E-mail MD5OfPublicKey: F1F5F0C3984CBEAF3889ADAFA2437433 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: m5@vail.tivoli.com (Mike McNally) Date: Tue, 1 Jun 93 14:26:07 PDT To: stig@netcom.com (Stig) Subject: Re: Software infrastructure In-Reply-To: <9306012130.AA17995@netcom.netcom.com> Message-ID: <9306012202.AA14863@vail.tivoli.com> MIME-Version: 1.0 Content-Type: text/plain > Let's generalize a bit: Since PC based unix is more available, this > package should run on either PC or UNIX platforms. Tip doesn't cut it > as a terminal program for UNIX No kidding. > and I don't know of another... Kermit? > SLIP has it's disadvantages. Like, try making it work reasonably on a DOS platform. > We want to avoid the kitchen sink mentality, BUT if we're going to > spend lots of time on this package, then why have it all go to waste > when time comes to port the sucker? Why not just distribute a package of patches for the Kermit sources? Mike McNally From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peb@PROCASE.COM Date: Tue, 1 Jun 93 16:42:52 PDT To: marc@GZA.COM Subject: Re: Verifying Privacy as an Upload/AI? Message-ID: <9306020020.AA17715@banff.procase.com> MIME-Version: 1.0 Content-Type: text/plain >From marc@GZA.COM Tue Jun 1 15:44:15 1993 >But if you don't give me the password, the guy >holding the phone has some very unpleasant looking surgical equipment Alarm systems use duress codes for this that trigger a silent alarm when the password is entered. I'm not sure the proposed system here (a capability system) could have an extra channel that the bad guys don't know about. Using a hierarchy of escrow agents would be interesting--then by calling me up for part of the key would require me to get back to you after I called up the person at the next level. (Note that a hierarchy is a special case of a general graph, so the webs of trust idea is important here (could provide some redundancy).) Now, back to Steve's actual question, >From: fnerd@smds.com (FutureNerd Steve Witham) >given that you SEEM to be inside a secure system, how can you know >that you are not inside a simulation Ultimately, there is no proof you are not currently a simulation on a big computer. Why is time travel is not possible? It's too expensive on the current platform. (E.g, if SimEarth inhabitants could time travel, you would have a hard time keeping track of what they did and your machine would slow down considerably). On an upload, how many people can be in the same room? Can you make arbitrary video phone calls? Anything that stretches the compute resources could potentially make the bad guys impatient and blow their trojan horse universe. Paul E. Baclace peb@procase.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu@cygnus.com Date: Tue, 1 Jun 93 16:48:55 PDT To: cypherpunks@toad.com Subject: The new PEM release supports non-authoritarian certificates Message-ID: <9306020026.AA02946@cygnus.com> MIME-Version: 1.0 Content-Type: text/plain You can generate your own certificates using the new PEM code from TIS. This, in some ways, models the PGP "web of trust" model. At least it's a lot closer than the original PEM "you trust us, we don't trust you" model. They have also done something with the email address space, but I'm not sure what. Previously PEM required that you abandon your Internet email address and use an X.400 based address in certificates and such. More details will be available when the PEM release is out for FTP (within days, I think). John From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fnerd@smds.com (FutureNerd Steve Witham) Date: Tue, 1 Jun 93 15:05:54 PDT To: cypherpunks@toad.com Subject: Re: Verifying Privacy as an Upload/AI? Message-ID: <9306012223.AA21470@smds.com> MIME-Version: 1.0 Content-Type: text/plain Just want to reinforce that my question is not how can an AI or upload BE secure, but how can they KNOW that they are secure. That is, given that you SEEM to be inside a secure system, how can you know that you are not inside a simulation that actually has a trap door? -fnerd From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ""L. Detweiler"" Date: Tue, 1 Jun 93 16:49:22 PDT To: cypherpunks@toad.com Subject: Newsweek Clipper Coverage Message-ID: <9306020026.AA27360@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain Under `Society -- Technology' in Newsweek of June 7 1993 p.70 appears the headline `The Code of the Future' subhead `Uncle Sam wants you to use ciphers it can crack'. This 1 page article is pretty ambitious for what it tries to cover. The figure shows a flowchart for encryption over a phone using a key. (Not particularly illuminating. In particular the role & point of the key is ambiguous.) At the bottom 1/4 page we have a sidebar ``Great Moments in Cryptography' with 1st known encryption (Egyptian), the Zimmerman Telegram role in WWI, the Japanese Purple breakthrough prior to Pearl Harbor (the picture is apparently Friedman holding the machine), and finally Nov 4 1952 (a day that will live in infamy), Truman creates the NSA, `master of math based codes'. The article notes in the lead-in a cute & useful `hook' for the public & popular role of cryptography I have been drawing for a long time for nontechnical friends, saying that with it Queen Elizabeth could have been spared the spectacle of the steamy Prince Charles phone revelations and eavesdroppers would have heard nothing but a hiss, and `no signal analyzer, no supercomputer, no wiretap could have decoded the white noise.' Fortunately, they attribute this `reputation saving magic' not to Clipper but a DES chip. ``That's what America's supersecret spymasters, the NSA, intended when they designed the cryptographic system in the 70s with IBM.'' (glaring errata; their involvement has always been officially claimed as *secondary* and *subsidiary* to IBM's, if even at all. But, it is an error in our favor.) Article doesn't mention Clipper by name, but says it was essentially a response to the unbreakable aspects of DES using key system. Eric Hughes, `computer security expert [at] Berkeley': ``The government is saying, `If you want to lock something up, you have to [give us] the key'.'' Next, the motivation. Our networks are insecure, Internet ``broken into 90 percent more times than 1991'' (where'd that little statistic come from? Gene Spafford?). Security of medical records, credit-card purchases, video rentals, cellular phones at stake. NSA chip used by AT&T would take a supercomputer over a billlion years to solve, says R. Kammer of NIST. Problems: NSA hasn't revealed the algorithm so nobody knows if its `hackproof'; agencies holding keys are vulnerable to `recreational hackers, foreign spooks, and industrial spies.' Here comes the gut-wrencher. ``For now now one is forced to use the NSA chip. But manufacturers who put a rival chip into, say, their modems would likely be denied government contracts, as well as export licenses for the NSA-proof products. Even that may not appease the spymasters. ***No one rules out a mandatory encryption standard,'' says NIST spokesman Mat Heyman.***'' Is that quote from the point of view `our concerns on this have not been allayed' or in the vein `all the NSA henchmen I know are chomping at the bit to legislate a monopoly or outlaw non-Clipper chips'? Overall, I'd say a favorable article that covers the basics, and rather excellent editing given the severe space limitation (less than many newspaper articles). Written by Sharon Begley with Melinda Liu in Washington and Joshua Cooper Ramo. * * * Cypherpunks, I'm extremely concerned about these little quotes popping up in the media. Just a few days ago we hear in the Washington Post: > Administration sources said that if the current plan doesn't >enable the NSA and FBI to keep on top of the technology, then Clinton >is prepared to introduce legislation to require use of its encryption >technology, which is crackable by the NSA, and to ban use of the >uncrackable gear. > "It's an option on the table," said a White House official. I sure hope that `official' has absolutely nothing to do with Clipper, but that's unlikely. It seems to me these are the sounds of a slow, sinister rumbling underway. Sometimes quotes like these are `floated trial balloons' but other times they are grotesque flickers of real internal machinations. The more I hear them the more I think they are in the latter category. So far, the administration and media just don't `get it' that a firestorm is in the making over any hair-thin deviation from the standard of `no domestic regulation of encryption'. If NSA & the administration thinks that the Clipper brouhaha was containable, just wait until they go a nanometer past it in the wrong direction. Actually, a Supreme Court case on cryptography issues seems in some ways to be inevitable. Wow, I'd say there'd probably be enough artillery to seriously damage NSA in that confrontation. Cypherpunks, I'd like to compile a list of all quotations on the `regulation of domestic cryptography' topic. That way we'll have a propaganda poster all ready if any idiot bureacrat thinks they can thumb their nose any further. I have the original announcement text and the Washington Post text above. It seems to me that an NIST representative claimed there were `no plans' to outlaw other cryptography. Where was that? Can everyone send me whatever they have on this topic? P.S. Many tx. to E.H. for the thorough and excellent collection in soda.berkeley.edu:/pub/cypherpunks/clipper. - - - For reference, here are the original Orwellian weasel words form the April 16 announcement: Q: If the Administration were unable to find a technological solution like the one proposed, would the Administration be willing to use legal remedies to restrict access to more powerful encryption devices? A: This is a fundamental policy question which will be considered during the broad policy review. The key escrow mechanism will provide Americans with an encryption product that is more secure, more convenient, and less expensive than others readily available today, but it is just one piece of what must be the comprehensive approach to encryption technology, which the Administration is developing. The Administration is not saying, "since encryption threatens the public safety and effective law enforcement, we will prohibit it outright" (as some countries have effectively done); nor is the U.S. saying that "every American, as a matter of right, is entitled to an unbreakable commercial encryption product." There is a false "tension" created in the assessment that this issue is an "either-or" proposition. Rather, both concerns can be, and in fact are, harmoniously balanced through a reasoned, balanced approach such as is proposed with the "Clipper Chip" and similar encryption techniques. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "John (FuzzFace/Fast-Eddie) McMahon" Date: Tue, 1 Jun 93 14:48:54 PDT To: cypherpunks@toad.com Subject: Re: crypto '93 Message-ID: <01GYVGNSU5IM000DDC@Eisner.DECUS.Org> MIME-Version: 1.0 Content-Type: text/plain *Sigh* Crypto '93 conflicts with Interop San Francisco (apparently). From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Tue, 1 Jun 93 15:06:14 PDT To: peb@PROCASE.COM Subject: Re: Verifying Privacy as an Upload/AI? In-Reply-To: <9306012209.AA17679@banff.procase.com> Message-ID: <9306012243.AA11249@dun-dun-noodles.aktis.com> MIME-Version: 1.0 Content-Type: text/plain >> Since you stipulate human being copying and torturing (sounds like >> tampering to me), I think this is not ultimate privacy. >> When you call them, they can quiz you on your mental and physical health >> to determine whether they should give you the keys...thus limiting the >> ability of a torturer. Oh, sure. "Hi, Paul? This is Marc. I need your piece of my private key. How am I? Just fine. But if you don't give me the password, the guy holding the phone has some very unpleasant looking surgical equipment and there isn't an anaesthesiologist in sight, so I won't be fine for long. Just read it out loud, someone will key it in." Need I say more? Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stanton McCandlish Date: Tue, 1 Jun 93 17:18:13 PDT To: cypherpunks@toad.com Subject: Re: Electronic Contracts In-Reply-To: <9306010433.AA27082@anchor.ho.att.com> Message-ID: <9306020055.AA13186@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain Regarding "test cases" for digital signatures, not sure if this is 100% relevant but what the hell... In this area at least, when the UPS folk bring you a package that you must sign for, you no longer sign on paper, but on this funky electronic tablet. Now granted this thing is recording your "real" signature, and thus differs greatly, but still there may be something to this. Not sure where one would look for material having to do with such devices, and their relevance to a court case, but then again no one pays me legal consulting fees either. >:) -- When marriage is outlawed only outlaws will be inlaws! Stanton McCandlish, SysOp: Noise in the Void DataCenter Library BBS Internet anton@hydra.unm.edu IndraNet: 369:1/1 FidoNet: 1:301/2 Snail: 1811-B Coal Pl. SE, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Tue, 1 Jun 93 18:18:27 PDT To: Cypherpunks@toad.com Subject: "Newsweek" Article on Clipper and Encryption Message-ID: <9306020156.AA27555@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain The following appeared in this week's "Newsweek," June 7, 1993, p. 70. Our own Eric Hughes is briefly quoted. Any mistakes are the fault of either me or my OCR program. The Code of the Future Uncle Sam wants you to use ciphers it can crack Forget the castle. If only Queen Elizabeth had given Chuck and Di a thumbnail-size computer chip for their wedding, she would have been spared reading in the London tabs how her son" wanted to live in [his lover's] trousers," among other excerpts from taped phone conversations. Instead, the chip would have converted their words into "hsssssss." No signal analyzer, no supercomputer, no wiretap could have decoded the white noise. The device that works this reputation-saving magic is called a Data Encryption Standard (DES) chip, and there's no practical way to crack it. That's what America's supersecret spymasters, the National Security Agency, intended when they designed the cryptographic system in the 1970s with IBM. While that delights industry and privacy advocates, it's come back to haunt the government: wiretaps are useless against any suspect using a DES-encrypted phone. So in April the Clinton administration announced it was backing the NSA in its push to impose a universal encryption standard to which the Feds alone would hold the keys. The agency argues that's the only way to ensure it will always be able to decode foreign communications. Civil libertarians and corporations don't see it that way. Says computer-security expert Eric Hughes of Berkeley," The government is saying, 'If you want to lock something up, you have to [give us] the key'." No one doubts that the nation's voice, data, electronic mail and other communications need locks, and fast. Industrial spies grab fax, e-mail and other computer and microwave transmissions out of the air. Hackers broke into Internet, a world-wide computer network, 773 times last year, 90 percent more than in 1991. Hackers also peek into computers that hold medical records, credit-card purchases, even video rentals. Cellular phones offer as much privacy as going on "Oprah." The FBI can't keep up with all the cybercrime. Secret codes can, and since World War, II codes have been based on algorithms--formulas that transform one set of numbers into another. NSA's new chip, to be used in a secure phone sold by AT&T, encrypts computer transmissions and phone conversations with an algorithm so complex "it would take a CRAY YMP [supercomputer] over a billion years to solve," says Raymond Kammer of the National Institute of Standards and Technology (NIST), which worked with NSA on the algorithm. Yet the principle is simple. A sending phone and a receiving phone electronically choose one algorithm, out of millions, for their conversation (diagram). The only way to unscramble the resulting 10001100101s is to obtain the "keys," which will be held by two agencies chosen by the attorney general. The agencies-this is the part NSA likes-would give them to officials who have the requisite wiretap warrant. But industry has a couple of problems with this. First, NSA has yet to explain how the chip works, so outside verification that it's hackproof will have to wait. Worse, with millions of NSA chips in use, the agencies holding the keys would have to store them on computers, which are vulnerable to recreational hackers, foreign spooks and industrial spies. For now, no one is forced to use the NSA chip. But manufacturers who put a rival chip into, say, their modems would likely be denied government contracts, as well asexport licenses for the NSA-proof products. Even that may not appease the spymasters. "No one rules out a mandatory encryption standard," says NIST spokesman Mat Heyman. That's industry's greatest fear, which NIST will attempt to allay in meetings this week. And next week Rep. Edward Markey holds hearings on whether NSA can keep the keys to its codes safe from hackers. Or even Fleet Street. SHARON BEGLEY with MELINDA LIU in Washington and JOSHUA COOPER RAMO From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Clark Reynard Date: Tue, 1 Jun 93 15:47:44 PDT To: hughes@soda.berkeley.edu Subject: Re: Clipperpunks Write Code? Message-ID: <9306020003.AA02785@metal.psu.edu> MIME-Version: 1.0 Content-Type: text/plain Actually, I think that writing letters is somewhat useful; especially those of us who aren't very good at writing real code. I plug cypherpunks a bit in a Phrack article I just finished concerning my bust by the police a few years back; maybe you'd like to check it out, since it may be YOU if this damn Clipper thing goes through. This makes me glad I voted Marrou/Lord, and that I resisted the temptation to be suckered by that sellout bastard Clinton. I was worried that he would turn out to be a Jimmy Carter, but it's far worse than that. Carter, at least, had some human decency. Clinton has turned into the nightmare resurrection of Lyndon B. Johnson, and is probably stupid enough to get us into a war. Damn all politicians. If any of you read the Phrack article (I will not forward my article to the cypherpunks list, as it is well over 100K; those who wish to check it out can see it when and if it comes out; in all likelihood, Phrack 43, which is due to be out in a week or so), and believe that there is another publication which might be interested in it (I am willing to re-write for lay-persons); send me the info. Anyone who just absolutely can't WAIT to read it can request a copy from me, and I'll send it in three parts. While my article touches only tangentially on the issue of encryption (and my experience with weak encryption and with NOT having encryption), it may be of interest. Simply for your interest in cryptography, it is apparent that we are about to face a McCarthyesque witch-hunt. The government has already defined the terms of this conflict, and has declared war on basic human liberty. We must act accordingly. I advocate that the Clipper algorithm be discovered, if at all possible, by the comparison of the unlimited plaintext/ciphertext pairs which will be available to anyone with a Clipper phone and a computer, and the skills for differential cryptanalysis and/or IC Reverse Engineering. If the algorithm is made public, anonymously, within a year, and in so many copies that it is impossible to stop its distribution in electronic or samizdat form, Clipper is doomed. And it must be doomed. It's them or us. ---- Robert W. Clark Just Say No! to the rclark@nyx.cs.du.edu Big Brother Chip From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@eli-remailer Date: Tue, 1 Jun 93 18:55:59 PDT To: cypherpunks@toad.com Subject: Re: request for cryptanalysis tools Message-ID: <9306020155.AA19081@toad.com> MIME-Version: 1.0 Content-Type: text/plain Eric Hughes asked about the piece of software I'm cryptanalyzing... > Could you post a more complete pointer to this? The program is "ncrypt". Available on garbo.uwasa.fi, /pc/crypt/ncrypt31.zip About pub/cypherpunks/cryptanalysis... I'll post anything useful that I write... > The directory is there as much to inspire the writing of such software > as it is to distribute it. Point taken! -cire From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: bakunin@gnu.ai.mit.edu Date: Tue, 1 Jun 93 16:13:41 PDT To: cypherpunks@toad.com Subject: things Message-ID: <9306012350.AA02271@spiff.gnu.ai.mit.edu> MIME-Version: 1.0 Content-Type: text/plain In re: tested telexes for those who don't know, telexes have been made 'secure' by use of a simple testing system for, say, banks to 'wire' money with. This extant paradigm gives me hope that electronic contracts are coming. In re: Wilde, ptui Pascal, SCHMASCAL. "Schlup.. schlup schlup." -WSB In re: govmnt nastiness Well, gee, I thought Carter was a pig, too. Lookit East Timor. But as Slick Willie goes, I dunno. I believe propagation of technology may outflank any intentions he may have. Maybe. be cool, michael From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phil Karn Date: Tue, 1 Jun 93 19:55:14 PDT To: cypherpunks@toad.com Subject: eavesdropping druggies Message-ID: <9306020332.AA16441@unix.ka9q.ampr.org> MIME-Version: 1.0 Content-Type: text/plain Today's San Diego Union Tribune has a locally-written article on the investigation into the murder of the Mexican cardinal by drug gangs. The title is "Drug gangs eavesdrop on rivals", and begins as follows:L "TIJUANA - The two rival drug gangs whose attempts to kill each other's leadership have left a Mexican cardinal and six others dead apparently have been using sophisticated electronic gear to monitor each other's movements, Mexican authorities reported yesterday. "In addition to the assault rifles, grenades and police and army uniforms being discovered in a series of safe houses, Mexican federal police are reporting finding devices designed to trace and monitor calls made from cellular telephones. "They also are finding sophisticated communications-monitoring equipment, walkie-talkies, tape recorders and pages upon pages of documents." The article continues with other developments in the investigation unrelated to electronic eavesdropping. A few (semi-serious) thoughts come to mind: 1. Perhaps the government doesn't want secure telephones in the hands of the drug lords not so much because it will thwart wiretapping by law enforcement, but because it will protect the gangs from each other -- and they aren't inhibited by Constitutional requirements. 2. Gee. I thought the cellular eavesdropping problem was completely solved by the recent ban on cellular-capable scanners. 3. I can't wait for the Federales to discover computers with PGP in one of these safehouses. And when it does, expect all hell to break loose in the crypto propaganda war. Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 1 Jun 93 20:34:59 PDT To: cypherpunks@toad.com Subject: WH email petition. In-Reply-To: <9306020313.AA20120@triton.unm.edu> Message-ID: <9306020408.AA19558@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >In light of the White House getting on the net, how effective do you all think >an electronic petition, about the BigBrotherChip, would be? It appears that they are going to count responses and make totals pro and con any particular issue that people write about. Thus while the particulars of the petition don't really matter, the basic statements against restrictions on encryption technology do. I also heard no mention that they were going to do any kind of sorting by person or email address. Thus it appears that you get to vote early and often in this public opinion poll. Heh, heh, heh. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Tue, 1 Jun 93 19:33:40 PDT To: cypherpunks@toad.com Subject: What do cypherpunks use? Message-ID: <9306020311.AA19986@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain Since Cypherpunks write code, I thought it might be interesting to find out what kinds of systems cypherpunks USE. If you would be so kind as to fill out the included questionaire, I'll summerize. Thanx in advance. What kind of system do you use? What OS do you use? What mail reader do you use? Which online services do you use? Do you use pgp? Which version? If you use a personal computer, what communications program do you use? +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: marc@Athena.MIT.EDU Date: Tue, 1 Jun 93 17:35:31 PDT To: marc@mit.edu Subject: [daemon@ATHENA.MIT.EDU : FYI: White House EMail] Message-ID: <9306020112.AA09458@bill-the-cat.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain ------- Forwarded transaction [5834] daemon@ATHENA.MIT.EDU (Dave Farber) Commercialization & Privatization of the Internet 06/01/93 20:26 (90 lines) Subject: FYI: White House EMail Date: Tue, 1 Jun 1993 20:25:47 -0500 From: Dave Farber To: com-priv@psi.com THE WHITE HOUSE Office of Presidential Correspondence ______________________________________________________________ For Immediate Release June 1, 1993 LETTER FROM THE PRESIDENT AND VICE PRESIDENT IN ANNOUNCEMENT OF WHITE HOUSE ELECTRONIC MAIL ACCESS Dear Friends: Part of our commitment to change is to keep the White House in step with today's changing technology. As we move ahead into the twenty-first century, we must have a government that can show the way and lead by example. Today, we are pleased to announce that for the first time in history, the White House will be connected to you via electronic mail. Electronic mail will bring the Presidency and this Administration closer and make it more accessible to the people. The White House will be connected to the Internet as well as several on-line commercial vendors, thus making us more accessible and more in touch with people across this country. We will not be alone in this venture. Congress is also getting involved, and an exciting announcement regarding electronic mail is expected to come from the House of Representatives tomorrow. Various government agencies also will be taking part in the near future. Americans Communicating Electronically is a project developed by several government agencies to coordinate and improve access to the nation's educational and information assets and resources. This will be done through interactive communications such as electronic mail, and brought to people who do not have ready access to a computer. However, we must be realistic about the limitations and expectations of the White House electronic mail system. This experiment is the first-ever e-mail project done on such a large scale. As we work to reinvent government and streamline our processes, the e-mail project can help to put us on the leading edge of progress. Initially, your e-mail message will be read and receipt immediately acknowledged. A careful count will be taken on the number received as well as the subject of each message. However, the White House is not yet capable of sending back a tailored response via electronic mail. We are hoping this will happen by the end of the year. A number of response-based programs which allow technology to help us read your message more effectively, and, eventually respond to you electronically in a timely fashion will be tried out as well. These programs will change periodically as we experiment with the best way to handle electronic mail from the public. Since this has never been tried before, it is important to allow for some flexibility in the system in these first stages. We welcome your suggestions. This is an historic moment in the White House and we look forward to your participation and enthusiasm for this milestone event. We eagerly anticipate the day when electronic mail from the public is an integral and normal part of the White House communications system. President Clinton Vice President Gore PRESIDENT@WHITEHOUSE.GOV VICE.PRESIDENT@WHITEHOUSE.GOV ### ------- End of Forwarded Message ------ End of Forwarded Message --[5834]-- ------- End forwarded transaction From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Tue, 1 Jun 93 19:35:53 PDT To: cypherpunks@toad.com Subject: WH email petition. Message-ID: <9306020313.AA20120@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain In light of the White House getting on the net, how effective do you all think an electronic petition, about the BigBrotherChip, would be? Do you think that they would listen? Do you think that, perhapse, we would simply be put on a list of "trouble makers?" I was thinking of writting a petition and distributing it in every way I can think of, and encouraging people to send it to the White House. Any comments? +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Tue, 1 Jun 93 18:14:34 PDT To: cypherpunks@toad.com Subject: Cypherpunks do what? Message-ID: <7NTH5B1w165w@sytex.com> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- I'm all for cypherpunk code-writing; I'm all for crypto for the masses. In fact, I'm working it on a real-time basis, boys and girls. Somehow, I feel a bit slighted, and it goes a little beyond myself, if it need be known. I'm really not stupid enough to squeak without provocation. :-) I'd like to, additionally, see a sub-paragraph in the FAQ concerning non-code-writing exploits, such as the tedious task of accosting politicos. Is this not a desired activity? I shudder to think that cypherpunks would corner themselves in a manner which would exclude political maneuvers. IMHO, any cypherpunk who would close themselves off from political fire is either brilliant or idiotic, dependent upon method or mentality. Me -- I'll take the questionable route; I would rather get the answers I seek, sow the seeds of incongruity and ask questions of pertinent people. I'm asking that Eric Raymond add to "What do Cypherpunks do?" lineage, "Cypherpunks also do a lot of monkey-wrench work." We also run political gauntlets. We also draw attention, while other projects are accomplished. We also encourage other politico brethren of internationalities to join us in our struggle for electronic and cryptographic independence. We also interface with those turkeys on capitol hill (non-caps). Cypherpunks do more than write simple code -- we set precedence, we deliver technology. Cheers. -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLAwBGpRLcZSdHMBNAQHGIQP/YxBKfkjehoJawjExagITkr7emoEp3eMq wnj2Vp54dh8C8wfNdf+ovbT8siOfIT135ucLZQLDifLqp/iUgpnwk80Ur0427WSP Leb/UmLDm8HNO3gLyjDZ4YeLH++/qBiFb3Ej2+6ACyMc4wIUCXwKLnp1Ov3+E9vY 3Tjb25WVtXQ= =pLmj -----END PGP SIGNATURE----- Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp@sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 1 Jun 93 20:58:31 PDT To: cypherpunks@toad.com Subject: Work the work! In-Reply-To: <64VH5B1w165w@sytex.com> Message-ID: <9306020432.AA20624@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Paul, you of all people don't need to feel slighted when I urge people to do something, anything, about the wiretap chips. Therefore, let me rephrase my exhortation to the list at large. If you are doing something, continue. If you are not, start. The particulars of what one does are not so nearly important to me as that one does something. Anyone who understands at least one tenth of this list understands more than your average reporter. While I would like all the details to be perfectly accurate everywhere, this is not going to happen. Even if you don't feel like you are an expert, you are more expert than most. With the aid of the documents in the ftp site, and a few hours time, you can become even more expert. > Is there something going on with the EFF that we should know about? The EFF is going to be involved with the cryptography issue. More than that and I defer to John Gilmore, who is on the EFF board and this list and who can speak more authoritatively than I. >I know what you >mean, however, many of the crypto-warriors which may follow do not. It >may be a good idea to _now_ place a broad policy statement. Here is my own very short version of my policy toward the wiretap chips: "The government has no right to restrict my use of cryptography in any way. They may not forbid me to use whatever ciphers I may like, nor may they require me to use any that I do not like." The hypothetical backdoor in clipper is a charlatan's issue by comparison, as is discussion of how to make a key escrow system 'work.' Do not be suckered into talking about an issue that is not important. If someone want to talk about potential back doors, refuse to speculate. The existence of a front door (key escrow) make back door issues pale in comparison. If someone wants to talk about how key escrow works, refuse to elaborate. Saying that this particular key escrow system is bad has a large measure of complicity in saying that escrow systems in general are OK. Always argue that this particular key escrow system is bad because it is a key escrow system, not because it has procedural flaws. This right issue is that the government has no right to my private communications. Every other issue is the wrong issue and detracts from this central one. If we defeat one particular system without defeating all other possible such systems at the same time, we have not won at all; we have delayed the time of reckoning. Trenchantly yours, Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: smb@research.att.com Date: Tue, 1 Jun 93 18:32:28 PDT To: cypherpunks@toad.com Subject: Re: [daemon@ATHENA.MIT.EDU : FYI: White House EMail] Message-ID: <9306020132.AA18372@toad.com> MIME-Version: 1.0 Content-Type: text/plain Glad to hear the White House in on the net, but where's the PEM certificate for those addressses? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 1 Jun 93 21:35:07 PDT To: cypherpunks@toad.com Subject: "Newsweek" Article on Clipper and Encryption In-Reply-To: <9306020156.AA27555@netcom.netcom.com> Message-ID: <9306020508.AA23195@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain I got a call one week ago today (Tuesday May 25th) from Josh Ramo at the science desk at Newsweek. I spoke to him for about an hour on the technicalities and politics of encryption. He was to my pleasant surprise quite able to follow a telephone description of how Diffie-Hellman key exchange works (!) and was quite conducive to my explanation of some of the less public aspects of the clipper project. I think we got extremely good coverage in this article. Here are some of the aspects involved. -- Josh mentioned that he had Dorothy Denning on his list of people to call. She did not get quoted; I did. There's significance to that. -- The pro-crypto quote came first. Kammer's quote, on technical matters, not political ones, came in the middle. The scary ominous 'mandatory standard' quote, from NIST, came last. -- They did not replay the White House line that skipjack is so much harder to crack than DES. I convinced Josh that by iterating DES, the pracatical security of the underlying ciphers was the same, i.e. impenetrable. Thus, no propagation of half-truths. -- The sub-headline is against false cryptography. -- The phrase "civil libertarians and corporations" was used, implying a united front across liberal/conservative lines against this proposal. This phrase was extremely clever on their behalf to avoid specifically mentioning partisan politics. -- The NSA is protrayed as demanding and coercive. First they'll deny government contracts and export licenses, and if that doesn't work, they'll outlaw it. -- Cellular phone are touted as insecure, implying that something ought to be done about that. -- The sidebar has an example of cryptography four millenia old; that's respectable. -- The article does not play up the escrow aspects of the wiretap chip. Their simplification, that the government has your key, attains the root issue without confusion. -- They mention that the keys wil have to be stored on computers, and are thus vulnerable. This a point I made specifically to Josh, and they took my example of foreign intelligence and *expanded* on it. --They mention that NIST worked on the algorithm with the NSA. All in all, I don't think we could have hoped for better. There's just about nothing flattering said about the wiretap chip, and plenty of things against it. The article is about as anti-Clipper as you might expect given that Newsweek does not want to appear too partisan one way or another. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Tue, 1 Jun 93 19:10:34 PDT To: cypherpunks@toad.com Subject: Work the work! Message-ID: <64VH5B1w165w@sytex.com> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- On Tue, 1 Jun 93 09:56:45 -0700, Eric Hughes wrote - > We are trying to build a sandbox, and the government is trying to > restrict the use of sand. We are indeed doing just this. Although the small minority of us compu-professionals are writing code, flailing congressmen, etc., it takes more than what is currently being acknowledged to get things changed. I will not, however, discontinue my diatribe with my elected representatives on the topic of our electronic rights to privacy under the first and fourth amendments. (I'm having too much fun doing something that I seriously, and perhaps foolishly, believe in.) Is there something going on with the EFF that we should know about? > That said, I also urge those who are writing code to continue. To > those of you not writing code, however, I say start talking to your > friends and neighbors and communities and newspapers. > Now. We are working on it. A vote of confidence towards crypto-freedom. Are we east-coast-niks welcome in this process? Is policy being drawn by a few EFF persona without consultation of the masses? Eric, before you say "Now,", you'd best detail us. I know what you mean, however, many of the crypto-warriors which may follow do not. It may be a good idea to _now_ place a broad policy statement. Cheers. -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLAwNs5RLcZSdHMBNAQFlRAP7BSpktDz4URB0rhWQ5mxb2UcJqEZHdp+2 It+Whxh1MzYTLFi0SfvZRQYjPEZO1wN2ac8bQyl2zOpi7viAg8X+AfEZACWooqUQ y8Dyddup15MNj/p53fJQhzKYaX4K4xD2h6WTWO1X8Q2SPHo0WV48Hu+uO8nyeoqD PJj0d/IHvg4= =6GvE -----END PGP SIGNATURE----- Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp@sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: greg@ideath.goldenbear.com (Greg Broiles) Date: Tue, 1 Jun 93 22:14:46 PDT To: cypherpunks@toad.com Subject: Term software development/design Message-ID: <5y6H5B1w164w@ideath.goldenbear.com> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Re development of crypto term software for PC and/or Unix platform(s): It seems like there are three general ways to approach this problem: 1. Offline reader style - ala QuickMail and its cronies - popular with DOS BBS's. 2. Waffle/UUPC style. 3. As an actual term program, but with an intelligent scrollback buffer/ASCII send module added. I have, several times, wished for a "guerilla offline reader" - a reader to collect all of the messages in all of the newsgroups (from my .newsrc file) that I read on some arbitrary Unix box, collect them into a file, compress it, and send them to my PC with Zmodem, so that I can browse at my leisure. Waffle/UUPC and a newsfeed is a better solution, but requires the cooperation of one's local sysadmin, who isn't necessarily interested in feeding someone news at 2400 bps. The ironic thing is that they don't care if you spend 4 hrs/day using that modem to read news - they just don't want you to tie it up for 45 mins with a small newsfeed. (Yes, there is the spool directory problem - and no, I don't think a flamewar about admins is useful here.) If we/I did something like this - it ought to be possible to do it in a shell script, or shell script + awk - and incorporated the means to receive/unpack a reply packet - I think it might be a good thing. The basic idea is to expand the access one's got via a networked Unix box to one's home machine, without necessarily requiring the permission or knowledge of local sysadmins. (No, I am not unfamiliar with the plight or circumstances of an arbitrary Unix sysadmin. I administrate a small system now, have been in charge of larger ones in the past, and have some experience with users doing peculiar and squirrely stuff with one's machine. :) I also don't think that what I'm proposing breaks either the letter or the intent of a reasonable security policy - but it is the sort of thing to make a control freak sysadmin go nuts.) Seems like the best way to implement the term program would be to add some intelligence to the "scrollback" (a buffer that holds the last 'n' lines of text appearing on the screen) which would allow it to find, extract, and process the --- BEGIN PGP SIGNATURE --- bits. The other side of this would be a process which would, given the name of a file on disk (or an editor buffer) locally, process it (sign,encrypt,whatever) and upload the results. This would be interesting, but I dunno if we'd be able to write something nice enough to become as widespread as Telix, Procomm, or whatever. (I also wonder if it's possible to add hooks to Telix/Procomm to do similar stuff.) For what it's worth, I have experience in C, and have fooled around with little assembly programs to read/write the PC's serial port on an interrupt-driven basis. (The use of a FOSSIL driver seems intelligent here, though.) I have written a PGP keyserver to run as an attachment to a DOS Waffle system, and intend to expand and improve that if I can get some free time. I'm interested in working on this stuff but am less interested in re-inventing any wheels. -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLAw+f33YhjZY3fMNAQHdTAQAr9sk4WdPxC/Bz8i5tEZ/ammwaUt6rEtL 13wMPT+L9JXGrgMNoey6EGjmrHXH9C0DweXGhPYIzq9U8EW9xmsacwEPets+sVJv T90gM/+aeQkixgRb93FIqIpCnRVzF9lQcin0v4e69s6mMk0y6WTQMEJkDXbKvKTM lCK6WBakWws= =QCej -----END PGP SIGNATURE----- -- Greg Broiles greg@goldenbear.com Golden Bear Computer Consulting +1 503 465 0325 Box 12005 Eugene OR 97440 BBS: +1 503 687 7764 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: greg@ideath.goldenbear.com (Greg Broiles) Date: Tue, 1 Jun 93 23:49:54 PDT To: cypherpunks@toad.com Subject: EFF, AT&T, Clipper, and $ Message-ID: MIME-Version: 1.0 Content-Type: text/plain Eric Hughes writes: > The EFF is going to be involved with the cryptography issue. More > than that and I defer to John Gilmore, who is on the EFF board and > this list and who can speak more authoritatively than I. The 5/24/93 issue of "The New Republic" has a (largely uninteresting) cover story about Mitch Kapor and the EFF. One interesting tidbit gleaned from that article, however, was that AT&T has contributed money to the EFF. I am particularly curious to see how AT&T and the EFF will deal with each other with respect to the Clipper chip, and the politics around that. If anyone knows anything more about this, I'd love to hear it. -- Greg Broiles greg@goldenbear.com Golden Bear Computer Consulting +1 503 465 0325 Box 12005 Eugene OR 97440 BBS: +1 503 687 7764 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@soda.berkeley.edu Date: Tue, 1 Jun 93 23:30:32 PDT To: cypherpunks@toad.com Subject: Software infrastructure Message-ID: <9306020704.AA01148@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Subject: Software infrastructure I like Eric's idea of a terminal program which can support encryption easily. Here are some thoughts. As Eric indicates, the issue is not so much building encryption into the program but rather of having _hooks_ by which extra functionality can be added. Encryption should be just one capability. Another might be to automatically drop into a stand-alone zmodem package like dsz or gsz so we don't have to re-implement zmodem ourselves. We had some related discussion on this last year when we were talking about the "crypto dongle". This was going to be a black box which would sit on the serial line between your PC and modem (or terminal and host computer) and would do encryption/decryption as the characters passed through it. Doing it in the terminal program, I could envision a hook which watched constantly for particular strings to be received from the host, like "-----BEGIN PGP MESSAGE-----". Several such watchdogs could be active at once. When one of them matches, it fires off a program. Or perhaps it just starts logging the incoming data to a file, and when it matches another string it fires a program. A simple scripting language could control these activities. The result would be that when you receive an encrypted message, you just list it out to your terminal and then, automatically, PGP fires up and asks you for your pass phrase (unless you SET it ahead of time in the PC's environment). It then displays the message for you. This simple model has several deficiencies. When I log into a Unix system, or Compuserve, or Portal's "Online" service, and read my mail, it is often shown to me a page at a time. This is so that I can read long messages more easily. Then after each message I can delete it, save it, reply to it, etc. If I do reply or if I want to create a new message it will drop me into a text editor to compose the message. The result is that the mail program you are running on the host computer may do some munging on the PGP message, like inserting "Press RETURN for next page" or perhaps some terminal control characters. These would have to be filtered out before PGP could run on the file, or you would have to be able to suppress them when you read this message. Also, assuming we could capture the message and run PGP on it automatically, the resulting decrypted message will have to be saved and given a file name. Then if the user wants to reply to it he is going to have to leave his terminal and run an editor. (At least, that's what I have to do now.) Plus, this only deals with the message-receiving problem, not the sending problem. I'm not sure what the solution is. Maybe the PC program needs to be more than a terminal program, and become more of a whole mail-processing program. Maybe you should just download your mail file en masse from the host to your PC, pre-process it to replace (in place) the incoming encrypted messages with plaintext versions (annotated to show validated signatures), then run a PC program which will display one message at a time, let you reply, save, etc. This way the decryptions are done before you even look at the mail file and incoming encrypted mail is treated on a first class basis (the same as other mail). Then for outgoing mail you'd like to be able to drop into a user-defined editor which is run with a command line causing his file to be saved to some temp file name. Then we can automatically encrypt the outgoing mail for him based on the destination, add a remailer chain if requested, etc. Then he gives a command and all his replies and new mail are uploaded and sent. This would be pretty tough to do since there are so many different ways of sending and receiving mail on host computers. This would again have to be a customizable part of the program, where we could provide modules to deal with the common cases of Unix running "mail", elm, mh, etc., and perhaps some of the commercial services. BBS's would ideally be handled as well. Hackers could contribute scripts for supporting their favorite mail system. I don't know anything about SLIP, or POP, or any other fancy ways of hooking a PC up to a workstation. I just use it as a terminal. Would these other protocols help solve the problems above, problems of how we marry an encryption program which must run on the PC with mail-handling programs which run on another computer? Hal Finney 74076.1041@compuserve.com -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLAwkEagTA69YIUw3AQEuxQQAjeC/gwPHkLQZ0IladVRxiRdgARdE7ziu WWdmsHpaZ2tlq8wAXpSFbMpSZ3MS1U1TT/c/wB2DJOCuWkhs2y6WYoZiqrHz3hjA JyBSkpM1F3dYcZ8MchrjLZsur9KwXe0mIvM7VMu2Fdq+sMMgNwzEzqJoWhulAsnl weuBaeOjv7k= =zEUv -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: RYAN Alan Porter Date: Tue, 1 Jun 93 21:34:12 PDT To: cypherpunks@toad.com Subject: CryptoStacker Message-ID: MIME-Version: 1.0 Content-Type: text/plain Thanks for all of the responses on my questions concerning the CryptoStacker idea. I am kind of sick of talking about it though, and so I went out today and did some research on drivers and such. I am planning to create a software implementation of a PGP driver starting maybe tomorrow (I am being payed real dollars to write other code at the moment) for on-the-fly HD encryption. I haven't quite figured out how to create a commercially distrubutable system yet, but there really is no point sitting around arguing about this and that detail until somebody actually goes out and tries it... I have a feeling that this version will be slow as balls without hardware support, but that's not really the problem, is it? The main focus that I have right now is making the thing work. There have been lots of neat suggestions about multiple layers and suchlike tooalso, which are all fine and dandy, but they kind of missed the point: mainly what I am interested in is preventing access to the data on my HD by anyone but ME, screw LANs and multi-user problems and all of that, I just want to create a system whereby if the Secret Service busts down my door tomorrow while I am not here to throw the drive across the room, they will never be able to fetch out any incriminating evidence by picking apart my system in some lab somewhere. I can also see the advantage of a business worrying about spying, or even government agencies (wouldn't that be ironic) worrying about security and considering networks insecure. Anyway, we can add bells and whistles like network support and multiple layers and suchlike after we figure out how to get the basic engine to work, right? I have also seen everyone suggesting DES instead of PGP. I suppose that would really be a great idea for speed and suchlike, for some reason I was kind of attached to the whole public key idea, but I suppose that would be kind of close-to-worthless in this context, wouldn't it? I suppose we are to the point where I can use some actual technical advice, no need to reinvent the wheel, right? If anyone has any information of the overall architecture of projects like Stacker or DoubleStor, I would appreciate the input. I have used both in the past and I am kind of leaning toward a system like DoubleStor (which maintains directory structures and such, but compresses each file in place) for simplicity, but I am kind of hesitant to leave even a hint of the overall structure of the disk laying around for prying eyes. Trouble is, I don't have much experience screwing around with the FAT and such so I wouldn't want to do anything so bold as munching the entire disk into a single file and suchlike. Any ideas? -Ryan the Bit Wallah From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: RYAN Alan Porter Date: Tue, 1 Jun 93 21:34:13 PDT To: cypherpunks@toad.com Subject: Clipper Message-ID: MIME-Version: 1.0 Content-Type: text/plain Just out of curiosity, does anyone on the cypherpunks list posess the technical skills that would be necessary to begin a project of hacking out a pin compatible version of the Clipper that didn't have the backdoors once the chip is out, a la AMD and CYRIX? If not, it would seem that we need to get some hardware geeks involved, as well as all of these software people around here, since crypto issues are moving more and more into the hardware, VLSI playing field. ("Cypherpunks write code.... and microcode"??) It would seem that one of the most direct ways to attack Clipper would be to pull another PGP, just create a chip that acts just like one, but a chip that we understand and we designed. There would be totally different problems involved, the Feds could much more easily seize chip production facilities, design would be more difficult, free distribution would be more difficult... I think that it would be quite possible, however. I mean, if an attack is truly to be made on the Clipper, writing letters to feds certainly won't help, the only thing that will help is making their proposal ineffective and uneconomical. Think about it, if a truly secure chip existed, it's sale would be almost certain; all of the 'criminals' that the feds are so afraid of would be sure to find us and buy one, not to mention every self respecting cypherpunk and cyberpunk in the universe, law enforcement agencies might even get into buying black market chips to protect themselves from escrow leaks... Also, if all of these shady types that the feds are using for their tactical arguments have truly secure chips anyway, all of the aformentioned arguments are rendered moot. So I guess the really important question is: does anybody know how to reverse engineer a chip and build a duplicate, pin-compatible device from the ground up while hiding from the feds the whole time and still managing to make a living? I guess that's a pretty rough question, but hey, this is war, right? -Ryan the Bit Wallah From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@soda.berkeley.edu Date: Wed, 2 Jun 93 00:10:53 PDT To: cypherpunks@toad.com Subject: Another chaining utility Message-ID: <9306020744.AA02666@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain I am working on a utility I call "chain" which is inspired by Karl Barrus's hopmail and related scripts. I am sending this message with the command: chain -m -s "Another chaining utility" cypherpunks@toad.com caltech jarthur extropia soda The "-m" means for chain to pipe its output into sendmail so that it is actually sent (otherwise it just writes to standard out and you have to arrange to mail it on your own). The "-s" sets the subject for the last leg of the message to the following arg. Then comes the destination address, then a list of remailer nicknames, which are just substrings of the remailers, read from an initialization file. This message is passing through four remailers. The "-m" feature is implemented only on Unix systems. On DOS you always get the output in a file and then send that however you normally would. I also have a "-e" switch which encrypts the message using a public key looked up by the destination address. Cypherpunks doesn't have a public key so that's not appropriate here. But if I wanted to send an encrypted note to, say, Phil Zimmermann, I could just do: chain -em prz@sage.cgd.ucar.edu portal mead Hi, Phil, give me a call when you have a chance -- Hal ^D and it would go via the Portal and Mead remailers, encrypted at each step, and finally to Phil, encrypted with his public key. Pretty easy. I couldn't get Karl's hopmail.bat to run on my PC (not enough environment space?) so I wrote this in C and it works OK. I'll be sending the code to Eric to be archived in a few days. If anyone has any wish lists for features I will be glad to try adding them. (I am composing this on a Unix system in order to demonstrate the -m switch, so I can't cleartext sign as I normally would. I am in the vi editor and I am sending the message with "1G!G", which tells vi to pipe the whole file into a command, followed by the "chain" command line above, verbatim. That's all there is to it.) Hal Finney 74076.1041@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stanton McCandlish Date: Tue, 1 Jun 93 23:10:13 PDT To: cypherpunks@toad.com Subject: Re: Term software development/design In-Reply-To: <5y6H5B1w164w@ideath.goldenbear.com> Message-ID: <9306020647.AA20551@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain All of these ideas (on new term programs for grabbing news, and for getting PGP sigs from scrollback, etc etc) are all very interesting and worthy of more work. However, I think the BEST way to do this, is to convince Mustang Software (or whoever) to add hooks for PGP or other encryption packages, and then the rest should soon follow. Most users WILL NOT quit using QModem (or whatever) for a new term program that has nothing special but crypto. BUT if you can get crypto into the popular packages, then lots of users WILL use it since well it's THERE, and easy to get to and they don't have to switch software. As for the creation of new term programs, I'd have to say making it RELY on a FOSSIL driver is a BAD idea. FOSSILs are becoming less useful and needed over time. Almost NO new door software uses FOSSILs, because companies like Compaq are making more-compatible machines with less proprietary garbage in them. FOSSIL support that is OPTIONAL would be very nice, for those using old or wierd machines that can't handle standard comm routines, but forcing FOSSIL (or anything else) on anyone is a bad idea in my opinion. Also, those into Fido-tech netting should try to get the developers of FrontDoor, InterMail, D'Bridge, Opus, Maximus, VBBS, BinkleyTerm, etc to add support for the ^ENC klugeline (an addition to the FTSC-standard Fido mail headers, that notifies mailer software that the message is encrypted, so it can be properly processed). Without this the Fido SecureMail system is going to remain minor and ignored. With it, cryptomail could fast become the norm in Fido NetMail. For this corner or cyberspace direct support for this sort of thing could be the "make or break" for whether crypto becomes accepted. Just some thoughts. -- When marriage is outlawed only outlaws will be inlaws! Stanton McCandlish, SysOp: Noise in the Void DataCenter Library BBS Internet anton@hydra.unm.edu IndraNet: 369:1/1 FidoNet: 1:301/2 Snail: 1811-B Coal Pl. SE, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Tue, 1 Jun 93 23:12:47 PDT To: hughes@soda.berkeley.edu (Eric Hughes) Subject: Re: WH email petition. In-Reply-To: <9306020408.AA19558@soda.berkeley.edu> Message-ID: <9306020649.AA28007@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain > It appears that they are going to count responses and make totals pro > and con any particular issue that people write about. Thus while the > particulars of the petition don't really matter, the basic statements > against restrictions on encryption technology do. > > I also heard no mention that they were going to do any kind of sorting > by person or email address. Thus it appears that you get to vote > early and often in this public opinion poll. Do you think they'd TELL you that they were putting people on lists? Not OUR government.... +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ""L. Detweiler"" Date: Tue, 1 Jun 93 23:24:34 PDT To: cypherpunks@toad.com Subject: whistle for Whistleblowing! Message-ID: <9306020701.AA03726@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain >A quick update: Telecom Finland finally delivered. My uncontrolled, >no-AUP IP connection via EUnet (Copenhagen-Amsterdam-Alternet) went >operational yesterday. The new 486 box also arrived. Expected to go >into 100% service this weekend! Oh, the bright sun is shining through! This is absolutely perfect timing. I just ran rn and what did it have to report? alt.whistleblowing not in .newsrc -- Add unsubscribed? Cypherpunks, alt.whistleblowing has been created! Special thanks to Miron Cuperman, a First Class Grade A Cypherpunk, who took care of the electronic paperwork on this one after reading my desperate posting(s). (I don't understand though, at my site it didn't appear for over a week since the control message was sent out.) If it's not at your site send mail to your news administrator and ask if there's some kind of conspiracy going on to prevent you from seeing it :) I generally *don't* recommend that the Mycotronx postings be sent there (yet), even if someone can set up an untraceable path. I talked to the poster today and he has many plans for them that might be disrupted by any further publicity. In fact, he told me he *accidentally* posted them to the cypherpunks list! He thought it would just go to the `moderator' (Eric Hughes). Explains a bit. Watch for a FAQ to the group (possibly here first) and advertisements in other groups. Also: HOW TO CONTRIBUTE IMMEDIATELY. Find relevant material from any groups you have ever visited and FORWARD IT. Make sure to be very thorough in citing the source and background of the posting. Let the games begin! The doors are open! Fire away, soldiers! p.s. If anyone wants to run an interesting and critical project, I think that the `control' group should be monitored for message cancels in alt.whistleblower, cancelling parties should be *exposed*, and the cancelled postings in particular should be *preserved*. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Stop the Big Brother CHip" Date: Tue, 1 Jun 93 17:31:39 PDT To: cypherpunks@toad.com Subject: No Subject In-Reply-To: <9306011855.AA08017@toad.com> Message-ID: <9306020109.AA01465@netcomsv.netcom.com> MIME-Version: 1.0 Content-Type: text The actual server entry point could be through a cypherpunks encrypted anonymous remailer block. that could totally conceal the entry oiint given the proper type of remailer... as to the service posting machine... one could maintain a net of open nntp servers by ones confederates, one could then "forge" the posting and give an anonymous remailer block corresponding to the anon id... concealment and high security? given message encryption remailers and a public key for the forging NNTP posting mechanism I dont see many issues coming from that what do the rest of you thinK ... course this scheme depends on a common set of features on anon remailers... i.e. message encryption... cheers kelly -- Parts of this .sig borrowed with permission from T.C.May. Perhaps it will indeed get me busted also. .......................................................................... Kelly Goen | Crypto Anarchy: encryption, digital money, kelly@netcom.com | anonymous networks, digital pseudonyms, zero Intelligence Systems | knowledge, reputations, information markets, Specialists Inc. | black markets, face banks, data havens, dark | tech, covert channels, shared secrets, | alt.whistleblowers, collapse of governments. Technical Monkeywrench | Public Key: PGP 2.2. | .......................................................................... PGP 2.2 Key available from PGP Keyservers on the Internet. pub 1024/1BA573 1992/09/09 kelly Key fingerprint = EF 7A 38 99 22 84 E3 3B 90 2A DB 80 DC 65 DA 31 STOP THE WIRETAP CHIP(Clipper Chip)!! From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Tue, 1 Jun 93 23:34:48 PDT To: ryan@rtfm.mlb.fl.us (RYAN Alan Porter) Subject: Re: WH email petition. In-Reply-To: Message-ID: <9306020712.AA28617@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain > A good idea, but it appears from the announcement that they are just going > to create a database of return addresses and subject lines and sit around > and read that instead of reading the actual messages. > > In that case I would suggest a well written form letter that we could > encourage people to forward to the address with their names on it. That > way after they see the same subject line 12,000 times they might get the > slight urge to read the message going along with it. That would be kind > of equivalent to a petition. YES! I may have been unclear in my presentation, but this is what I had in mind! Comments? > Somebody good at slicking politicos like to draft a nice letter? +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: rclark@nyx.cs.du.edu (Robert W. F. Clark) Date: Tue, 1 Jun 93 23:40:24 PDT To: cypherpunks@toad.com Subject: My letter to the President, for all the good it'll do Message-ID: <9306020717.AA03191@nyx.cs.du.edu> MIME-Version: 1.0 Content-Type: text/plain Well, this and fifty cents will get you a cup of coffee, but here's my letter to the Pres. ------ I oppose the Clipper chip vehemently. As the President, or the duly authorized representative of the President, you will understand that I find the idea that you will monitor my communications reprehensible and intolerable. You have espoused a policy of covert surveillance of American citizens of which Bush would be proud. You, a protester of the Vietnam War, who understands that the government can, and should be opposed when it is wrong, should understand why privacy is necessary to the people of any democracy, lest it cease to be a democracy. Nevertheless, you approved the Clipper Chip proposal, which is the furthest step backward that even a politician could take. Shame on you! Even George Bush's father, Prescott Bush, who despised and opposed Senator McCarthy's Communist witch-hunt, would loathe such a retrogressive move! We computer professionals, who supported your rise to power, feel betrayed by your sudden reversal, by no means unique among your sudden reversals. By siding with those who would rob Americans of those freedoms which are our inalienable right, you have betrayed democracy and made a sham of the Bill of Rights. If, as a White House official suggested, criminalizing alternative, secure encryption standards is an "option on the table," I am disgusted by your betrayal. You, who seemed proud to have protested an unjust war, and should understand why protest, even anonymous protest, should be an inalienable right, have no right even to consider this as an option. If you consider criminalizing privacy, and encryption, you have signed over the soul of the nation to be monitored at will by the NSA and CIA, organizations which you, at one time in your life, opposed. Perhaps, like many Sixties rebels, you have been bought by the government, and no longer care about the rights of the American people. It would not be the only time this has occurred. While I doubt that you, the President, shall read this, perhaps some subordinate shall. Perhaps, if the miraculous is possible, that subordinate shall deem this worthy of your consideration. While I am not used to pleading, I plead that you reconsider this policy, which, if enacted, would doom privacy in the United States, and turn this nation into the sort of nation that the Soviet Union has finally decided not to be. I beg that you consider, at least for a moment, the evil that you may unleash. You may be motivated by an understandable concern for the protection of the American people from drug dealers and mobsters, but it is not the mobsters you shall crush in supporting the Clipper chip. It is those eager, agile young minds who oppose the government when it is wrong, and only wish to be able to have their voice, without being monitored by the CIA and NSA in case that voice occasionally is overly strident. Thank you, Mr. President. I hope that you have carefully studied the holy Consitution of this nation, which you have sworn to uphold. I fear for the consequences if you have not. Robert W. F. Clark 440 S. Franklin St. Bloomfield, IN 47424 Telephone # (812) 384-3465 email addresses: clark@metal.psu.edu rclark@nyx.cs.du.edu  From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Tue, 1 Jun 93 23:49:17 PDT To: anton@hydra.unm.edu (Stanton McCandlish) Subject: Re: Term software development/design In-Reply-To: <9306020647.AA20551@hydra.unm.edu> Message-ID: <9306020726.AA29102@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain > All of these ideas (on new term programs for grabbing news, and for > getting PGP sigs from scrollback, etc etc) are all very interesting and > worthy of more work. However, I think the BEST way to do this, is to > convince Mustang Software (or whoever) to add hooks for PGP or other > encryption packages, and then the rest should soon follow. Most users > WILL NOT quit using QModem (or whatever) for a new term program that has > nothing special but crypto. BUT if you can get crypto into the popular > packages, then lots of users WILL use it since well it's THERE, and easy > to get to and they don't have to switch software. Actually, I've implimented much of this in telix, using it's (C-like) script language. From the command line, I can type in the name of a batch file. That batch file starts telix, logs me in, sends any mail I have created/encrypted on my machine, and downloads all my new mail, to be read from another batch file. My mail reader batch file uses pgp to read my mail and presents a nice message selection menu, too. Totally transparent, and automated. I'm quite prowd of it. The only thing to do is clean it up a bit, and impliment reply-quoting. That should be done by the end of the week. If any one is interested in what I have.....ask me. BTW, I have had a few bug reports on my pgp menu batch file for 4dos. I will also have it fixed by the end of the week and will release it next week. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Wed, 2 Jun 93 00:01:22 PDT To: nobody@soda.berkeley.edu Subject: Re: Software infrastructure In-Reply-To: <9306020704.AA01148@soda.berkeley.edu> Message-ID: <9306020738.AA29392@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain > Subject: Software infrastructure ...other good stuff deleted...I read mail at 2400B. > The result would be that when you receive an encrypted message, you > just list it out to your terminal and then, automatically, PGP fires up > and asks you for your pass phrase (unless you SET it ahead of time in > the PC's environment). It then displays the message for you. > > This simple model has several deficiencies. When I log into a Unix system, > or Compuserve, or Portal's "Online" service, and read my mail, it is often > shown to me a page at a time. This is so that I can read long messages > more easily. Then after each message I can delete it, save it, reply to > it, etc. If I do reply or if I want to create a new message it will drop > me into a text editor to compose the message. > > The result is that the mail program you are running on the host computer > may do some munging on the PGP message, like inserting "Press RETURN for > next page" or perhaps some terminal control characters. These would have > to be filtered out before PGP could run on the file, or you would have to > be able to suppress them when you read this message. If we are talking about an off-line reader, this is solved by a trivial filter routine. If you want to do this on-line, well it might take time. > Also, assuming we could capture the message and run PGP on it automatically, > the resulting decrypted message will have to be saved and given a file > name. Then if the user wants to reply to it he is going to have to leave > his terminal and run an editor. (At least, that's what I have to do now.) Why save the plaintext? I keep it in cyphertext and decrypt it on demand. And when I want to reply, then I decrypt it, quote it and have the user edit that file, which will presumably be re-encrypted. > Plus, this only deals with the message-receiving problem, not the sending > problem. Actually, these are the same problems in different clothes. > > I'm not sure what the solution is. Maybe the PC program needs to be more > than a terminal program, and become more of a whole mail-processing > program. Maybe you should just download your mail file en masse from the > host to your PC, pre-process it to replace (in place) the incoming encrypted > messages with plaintext versions (annotated to show validated signatures), > then run a PC program which will display one message at a time, let you > reply, save, etc. This way the decryptions are done before you even look > at the mail file and incoming encrypted mail is treated on a first class > basis (the same as other mail). > > Then for outgoing mail you'd like to be able to drop into a user-defined > editor which is run with a command line causing his file to be saved to > some temp file name. Then we can automatically encrypt the outgoing mail > for him based on the destination, add a remailer chain if requested, etc. > Then he gives a command and all his replies and new mail are uploaded and > sent. These last 2 paragraphs describe almost exactly what my scripts do! > This would be pretty tough to do since there are so many different ways > of sending and receiving mail on host computers. This would again have > to be a customizable part of the program, where we could provide modules > to deal with the common cases of Unix running "mail", elm, mh, etc., and > perhaps some of the commercial services. BBS's would ideally be handled > as well. Hackers could contribute scripts for supporting their favorite > mail system. I find that I need to be a bit more modular with my scripts so that I can call a different module depending on which type of system I'm on...Working on it at this moment. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: smb@research.att.com Date: Tue, 1 Jun 93 22:39:22 PDT To: "J. Michael Diehl" Subject: Re: WH email petition. Message-ID: <9306020539.AA25821@toad.com> MIME-Version: 1.0 Content-Type: text/plain In light of the White House getting on the net, how effective do you all think an electronic petition, about the BigBrotherChip, would be? Do you think that they would listen? Do you think that, perhapse, we would simply be put on a list of "trouble makers?" I was thinking of writting a petition and distributing it in every way I can think of, and encouraging people to send it to the White House. Any comments? In general, petitions are a notoriously ineffective way to lobby. That's doubly so for email versions, for obvious reasons. Even without that problem, an electronic petition will (rightly) be ignored on the grounds that it represents the opinions of a small elite minority. With signatures collected in the streets and shopping malls of America, you have at least some chance of reaching a cross-section of people. But on the net? (And even if I'm wrong about the net's population, would they know it?) As for a trouble-maker list -- not likely. Apart from the political hell there'd be to pay if word ever leaked (the right to complain to the government is quite explicit in the Constitution, and is legally far stronger than the still-controversial right to privacy (remember Bork?)), I haven't seen any evidence that broad-scale ``enemies lists'' have been collected since Nixon's day. That may, of course, mean they've just gotten smarter about how they do it... Based on my past experience, your name will be collected -- but just as a person interested in certain issues, so that you can be solicited for funds on certain issues. --Steve Bellovin From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stanton McCandlish Date: Wed, 2 Jun 93 01:06:35 PDT To: cypherpunks@toad.com Subject: GIMME YOUR GOODIES! Message-ID: <9306020843.AA25624@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain NitV is still hoarding all sorts of PGP utils for any and all platforms, mail systems, and potential uses. If you make anything new, please send it along (uu it, or upload it to the board, or whatever). I get QUITE a few calls for such material (suprisingly much of the Unix stuff is downloaded, and long distance at that, so I guess there is a lot of value in having a BBS-based, multi-platform crypto-tools site.) I MUCH prefer to get the new material direct from the author, so please do send it!! Help spread crypto to the OtherNets! -- When marriage is outlawed only outlaws will be inlaws! Stanton McCandlish, SysOp: Noise in the Void DataCenter Library BBS Internet anton@hydra.unm.edu IndraNet: 369:1/1 FidoNet: 1:301/2 Snail: 1811-B Coal Pl. SE, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: RYAN Alan Porter Date: Tue, 1 Jun 93 23:16:39 PDT To: "J. Michael Diehl" Subject: Re: WH email petition. In-Reply-To: <9306020313.AA20120@triton.unm.edu> Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Tue, 1 Jun 1993, J. Michael Diehl wrote: > In light of the White House getting on the net, how effective do you all think > an electronic petition, about the BigBrotherChip, would be? Do you think that > they would listen? Do you think that, perhapse, we would simply be put on a > list of "trouble makers?" I was thinking of writting a petition and > distributing it in every way I can think of, and encouraging people to send it > to the White House. Any comments? A good idea, but it appears from the announcement that they are just going to create a database of return addresses and subject lines and sit around and read that instead of reading the actual messages. In that case I would suggest a well written form letter that we could encourage people to forward to the address with their names on it. That way after they see the same subject line 12,000 times they might get the slight urge to read the message going along with it. That would be kind of equivalent to a petition. Somebody good at slicking politicos like to draft a nice letter? -Ryan the Bit Wallah From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Clark Reynard Date: Tue, 1 Jun 93 23:45:22 PDT To: cypherpunks@toad.com Subject: How about it? My letter to the Pres Message-ID: <9306020801.AA03786@metal.psu.edu> MIME-Version: 1.0 Content-Type: text/plain What about some form of my letter as the form letter petition? Not as critical as I was, of course. But STRESS issues he used in his campaign (Prescott Bush, opposing Vietnam); and maybe one of his flunkies will have the smarts to cope with it. The email response for the form letter from postmaster@whitehouse.gov was very fast, so they have put money into it. Maybe they actually DO give a damn. Try it. ---- Robert W. Clark Just Say No! to the rclark@nyx.cs.du.edu Big Brother Chip From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Wed, 2 Jun 93 06:39:06 PDT To: cypherpunks@toad.com Subject: ADMIN: incoming ftp site works now Message-ID: <9306021412.AA13469@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain I've arranged so that the pub/cypherpunks/incoming directory will accept uploads now. So if you have stuff to send, please ftp it to that directory rather than using e-mail. Of course, if you don't have ftp access, please continue to use email. For those of you who tried this before, the problem was that the wuarchive ftpd that the system was running needs a line in its configuration file to say that uploads are peritted in a directory. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Wed, 2 Jun 93 06:51:21 PDT To: cypherpunks@toad.com Subject: Term software development/design In-Reply-To: <9306020647.AA20551@hydra.unm.edu> Message-ID: <9306021425.AA13721@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >As for the creation of new term programs, I'd have to say making it RELY >on a FOSSIL driver is a BAD idea. The reason to use FOSSIL, and it is a sufficiently strong reason, is that with some layer of abstraction at that low level, you can't do end-to-end link encryption transparently. For example, if you want to do a download over a secure channel, if you have to use an external protocol, and if that protocol talks directly to the serial port, then you can't use it, because the protocol will see only gibberish. If, on the other had, the protocol driver uses FOSSIL, and if your FOSSIL can set up an encrypted channel, then the protocol will perform as expected without being aware that it's underlying connection is encrypted. >Almost NO new door software uses FOSSILs, because >companies like Compaq are making more-compatible machines with less >proprietary garbage in them. The reason to use FOSSIL is not compatibility, but abstraction. It's the only abstraction for serial communications the PC has, and we'd better take advantage of it. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Wed, 2 Jun 93 07:12:49 PDT To: cypherpunks@toad.com Subject: Software infrastructure In-Reply-To: <9306020704.AA01148@soda.berkeley.edu> Message-ID: <9306021446.AA14130@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Let me clarify the discussion here about PC terminal software. There are two distinctions I'd like to make. The first distinction is between a terminal program and a mail/news reader. Terminal access is necessary so that all functions of the dialup service which are not mail/news can still be accessed. An integrated mail/news reader is desirable because this is a primary activity of many users. Ideally, you want both. The second distinction is between stream and file encryption.If you want to encrypt the underlying channel, you need a stream cipher and a D-H key exchange. If you want file encryption, you want a block cipher and public keys for communications. These two distinctions are correlated. The terminal nature of such software requires support for stream encryption. The mail nature of such software requires file encryption. PGP is a file encryptor, not a stream encryptor. You can't use PGP for the terminal line; you can you it for email. >As Eric indicates, the issue is not so much building encryption into the >program but rather of having _hooks_ by which extra functionality can be >added. One useful discussion would be to examine just what hooks are desirable. The capability 'encryption' is too broad; one needs to specify just what variety and what purpose is desired. Re: dealing with mail software intended for humans. >The result is that the mail program you are running on the host computer >may do some munging on the PGP message, like inserting "Press RETURN for >next page" or perhaps some terminal control characters. It is for exactly reasons like this that one of the hooks should be an ability to specify how one gets one's mail. For Unix, I would suggest POP, as Paul Ferguson has mentioned. For online services like compuserve, aol, etc., a separate protocol which spoofs their mail readers into sending you your mail en masse could be written. This also implies the existence of offline mail readers. >Plus, this only deals with the message-receiving problem, not the sending >problem. Trying to spoof a whole mail system on a terminal seems doomed. Offline readers are the way to go. >Then for outgoing mail you'd like to be able to drop into a user-defined >editor which is run with a command line causing his file to be saved to >some temp file name. What editor you use is another hook. I use Desqview, and I love to be able to spoof Desqview into spoofing my editor (which is _always_ running) into editing my reply. So the hook has to be a bit more flexible that running an executable. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Tue, 1 Jun 93 22:16:24 PDT To: nobody@toad.com Subject: Re: In-Reply-To: <9306011855.AA08017@toad.com> Message-ID: <9306020831.aa08455@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > Look at what happened to Julf. His machine > was safe, sitting in a back room of his house. They went after his net > feeds instead. A quick update: Telecom Finland finally delivered. My uncontrolled, no-AUP IP connection via EUnet (Copenhagen-Amsterdam-Alternet) went operational yesterday. The new 486 box also arrived. Expected to go into 100% service this weekend! Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Pat Farrell" Date: Wed, 2 Jun 93 05:17:31 PDT To: cypherpunks@toad.com Subject: RE: Software infrastructure Message-ID: <32140.pfarrell@cs.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain In Message Tue, 1 Jun 1993 22:13:48 -0500, Eric Hughes wrote: >Let's go back to the DOS-as-terminal issue. The politics and >economics of DOS shareware is such that source code is almost never >made available. > >I propose that interested cypherpunks write a DOS terminal program >which _is_ free software. I think writing a "terminal" program, such as Kermit, is not particularly useful. I am writing a SMTP/POPPER client program that will work over standard serial (dial-up) lines. It will not require SLIP, PPP, or any other magic (mostly because getting _my university_ to provide competent TCP/IP access is impossible). Enhancing it to support SLIP or PPP will be simple, but it is not the market that I'm aiming at. Clearly any decent mail client has to have a roledex of commonly accessed coorespondents. It is trivial to enhance the data structure to add a flag that says "Use encryption" and another with "PGP (or RIPEM) key available" and another to hold a handle (PGP's 0x123456) that identifies the key. Spawning your favorite encryption program is then also trivial. The audience is not the cypherpunks. The audience for strong cryptography is the art, history, econ or english major. It has to be "pig easy" and reliable. My program is written for Windows. Like it or not, Windows has 80% or more of the total computers being sold. I want my mailer client to reach mass markets. The program will be free, and sources will be available under some restrictions that I haven't yet figured out. In a while, I'll be looking for beta testers. Pat Pat Farrell Grad Student pfarrell@cs.gmu.edu Department of Computer Science George Mason University, Fairfax, VA Public key availble via finger #include From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: eichin@cygnus.com (Mark Eichin) Date: Wed, 2 Jun 93 08:39:22 PDT To: ryan@rtfm.mlb.fl.us Subject: re: CryptoStacker In-Reply-To: Message-ID: <9306021616.AA26896@cygnus.com> MIME-Version: 1.0 Content-Type: text/plain >> Thanks for all of the responses on my questions concerning the CryptoStacker On a related note, the current maintainer of the loop file system patches for Linux has released the latest version, which includes DES encryption support (as I understand it, the code lets you mount a file as a file system, and just happens to have support for applying a function to the file... and the patches as released support specifying a DES key at mount time.) It's a start. Patches are on tsx-11.mit.edu and nic.funet.fi (ie. outside the US -- the maintainer lives in Switzerland :-) _Mark_ MIT Student Information Processing Board Cygnus Support From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@shell.portal.com Date: Wed, 2 Jun 93 14:25:57 PDT To: cypherpunks@toad.com Subject: Software infrastructure Message-ID: <9306021634.AA08896@jobe.shell.portal.com> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Eric writes: > The second distinction is between stream and file encryption.If you > want to encrypt the underlying channel, you need a stream cipher and a > D-H key exchange. If you want file encryption, you want a block > cipher and public keys for communications. I don't think we should try to put stream encryption into this product. A problem with stream encryption is that it requires special SW on both ends. We would have to not only write a terminal program, but also write software which would transparently encrypt/decrypt which ran on the host and then passed the characters on to whatever command shell would normally run. I could see doing this with Unix (using pty's, a variant on the "script" program many systems have) but it may not be too portable. Stream encryption defends against wiretappers, and may provide some protection against the more trivial root-based attacks on the host computer (ones which just monitor the serial port - although if you use the pty idea there may be an internal serial port that has cleartext and which can be monitored). But you are still vulnerable to being monitored by root. I don't think the benefit gained is great enough, given the cost, to make this a good initial feature for the product. > This also implies the existence of offline mail readers. It is going to be hard to provide an offline mail reader with the friendliness of what the user is used to. Also, offline news reading is probably out of the question in this environment due to the great volume of news. Offline mail also has the problem that some people send great, huge messages that you aren't interested in. Online you just look at the first couple of pages and then delete it. Offline you download the whole thing, often paying for it, before you look at it. Another approach would be to have a "paranoid PGP" available on your host computer. This works much like regular PGP, except it will never ask you for your pass phrase. Any time it would, it instead outputs a magic escape sequence. This is recognized by your Cypherpunks terminal program and causes it to run a local program which includes PGP. The paranoid PGP on the host automatically downloads the file it was going to decrypt or sign to the local machine, which runs PGP, asks for your pass phrase, does the operation, and (perhaps) uploads the results back to the host. The whole thing is transparent if you are running the CP term, and your secret key and pass phrase never left your computer. (You might or might not want the plaintext to be uploaded after decryption - perhaps it could be previewed locally and if it's not too "hot" you can upload it and reply to it on the host.) Under this approach, message ENCRYPTION could be just done on-line since paranoid PGP doesn't need a pass phrase for that. So you can compose and mail your messages without needing any special support, as long as you don't sign them. You are still trusting the host, but not as much as if you left your secret key there and typed your pass phrase into the host computer. This is less secure than if you did everything on your PC but lets you use the powerful editing and mail/news handling capabilities of your host. This approach does have the same disadvantage I listed with respect to stream encryption, that it requires some special software on the host. However, this software should have many fewer host dependencies than a transparent stream encryptor would. Hal Finney 74076.1041@compuserve.com -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLAypvagTA69YIUw3AQECTgQAq/dvZ1EExP1GYzKlQcxhMIPT9TExxIes 25L8ZwG5syA6+KEcL2pSfnoPe1l9ZixCjefUnNiy9MYAHBh8uo8IEZ/IoCArSbvs ImUjayxZjWugHZaBIUsOo/dk5VbX/1tY3CW1eN2wItvtF1RQYk1QPjCYFgECqKeY UtRAd2p/JqI= =GAGr -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: poier@sfu.ca (Skye Merlin Poier) Date: Wed, 2 Jun 93 08:57:49 PDT To: cypherpunks@toad.com Subject: Security in a VR world Message-ID: <9306021634.AA23208@malibu.sfu.ca> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- For anyone interested, there is a discussion on the multiverse maillist at multiverse@medg.lcs.mit.edu about "portal security", that is, the ability / inability for certain users passing through certain "portals", as well as verification of user identity... Unfortunately, the developer is in Europe, and as we all know, PGP is export-controlled... :( Skye - -- - -----====> Skye Merlin Poier <====----- Undergrad in CMPT/MATH (Virtual Reality) |||| |||| email: poier@sfu.ca p-OO <--> OO-q THINK PGP Public Key available on finger \== ==/ -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLAzWoy0bkpXW3omvAQFpVQQAvN+Q+fj+04DGgjXAyDhsBcRG5QEXES3a u6/lTKzhyqZEOCVX+ObivZOLUrc7OsbED0hGE4Wn/jIEeoeM//b9cA10JmTYu1Ce WgXPPuAa+YKAin9dMdIxNNiTzSaQhx+dQ3saPssQ45ErYWCPiix4ceBJWuITZJEG 9RfehK/yLws= =rHJv -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dmandl@lehman.com (David Mandl) Date: Wed, 2 Jun 93 06:07:06 PDT To: smb@research.att.com Subject: Re: WH email petition. Message-ID: <9306021344.AA16267@disvnm2.shearson.com> MIME-Version: 1.0 Content-Type: text/plain > In general, petitions are a notoriously ineffective way to lobby. > That's doubly so for email versions, for obvious reasons. Even > without that problem, an electronic petition will (rightly) be ignored > on the grounds that it represents the opinions of a small elite > minority. With signatures collected in the streets and shopping malls > of America, you have at least some chance of reaching a cross-section > of people. But on the net? (And even if I'm wrong about the net's > population, would they know it?) > --Steve Bellovin In general, I agree that petitions are a major waste of time and energy; I'm also pretty convinced that this White House email link is a big scam. Why are they any more likely to take your mail seriously just because it comes over the phone lines and not in an envelope? Seems like a pretty transparent PR ploy (also an attempt to make it seem like the White House isn't a bunch of dinosaurs now that everybody and her nephew has an email address). But since it won't take much more than a couple of minutes of any of our time, I can't see an electronic petition hurting our cause any--especially because it'll certainly include the names of many esteemed professionals and braniacs with fancy scientific, corporate, and academic credentials. I think this could be a nice propaganda coup if it got publicised. It could at the very least give a big black eye to the forces of evil. --Dave. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mmidboe@cs.uah.edu (digital saint) (Computer Science Dept., Univ. of Alabama-Huntsville) Date: Wed, 2 Jun 93 08:10:54 PDT To: hughes@soda.berkeley.edu (Eric Hughes) Subject: Re: Software infrastructure In-Reply-To: <9306021446.AA14130@soda.berkeley.edu> Message-ID: <9306021548.AA19002@uahcs2.cs.uah.edu> MIME-Version: 1.0 Content-Type: text If you want the other software developers to pick up encryption then you had better put it into some kinda kit or TPU. That is the easiest way to get those other people like Mustang Software to add hooks into their software. If you distributed some kind of TPU to add onto Async Pro then you just made it really easy to add encryption onto a couple of BBS packages. If you were to make a TPU I think you should have the code to handle file encryption and stream encryption built into it. For Async Pro you could just make up a send_cipher function that encrypts the data then calls Async Pro's serial send function. I also think it would be better to come up with some freeware so people don't have to go buy Async Pro, but that would be a good quick cipher engine for PC serial IO if you just added onto Async Pro without worrying about the serial routines for the moment also. d. saint From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Wed, 2 Jun 93 07:57:59 PDT To: Stanton McCandlish Subject: Re: Electronic Contracts In-Reply-To: <9306020055.AA13186@hydra.unm.edu> Message-ID: <9306021534.AA04636@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain Stanton McCandlish says: > Regarding "test cases" for digital signatures, not sure if this is 100% > relevant but what the hell... > > In this area at least, when the UPS folk bring you a package that you > must sign for, you no longer sign on paper, but on this funky electronic > tablet. Now granted this thing is recording your "real" signature, and > thus differs greatly, but still there may be something to this. Not sure > where one would look for material having to do with such devices, and > their relevance to a court case, but then again no one pays me legal > consulting fees either. >:) Caveat: I'm not a lawyer. In common law, anything you want and intend to be your signature is your signature. Ever work for a very big company? Ever look at your paychecks? They are rubber stamped with someone's signature, not signed. Still, thats perfectly legal. In contract law, contracts do not have to be written -- being written just means that the court has a presumption that the terms of the contract were as written. However, you can make contracts orally if you wish, and they are enforceable provided you can convince a court that the contract really was made. Assuming that you sign a contract with digital signatures, and the court can be made to understand that the digital signatures mean no forgery was possible, its likely a court would enforce them because the court would then have reason to believe that both parties agreed to the contract in question. Repeating my caveat: I'm not a lawyer. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fnerd@smds.com (FutureNerd Steve Witham) Date: Wed, 2 Jun 93 10:05:56 PDT To: cypherpunks@toad.com Subject: Re: Clipper replacement chip Message-ID: <9306021716.AA26131@smds.com> MIME-Version: 1.0 Content-Type: text/plain RYAN Alan Porter sez > Just out of curiosity, does anyone on the cypherpunks list posess the > technical skills that would be necessary to begin a project of hacking out > a pin compatible version of the Clipper that didn't have the backdoors > once the chip is out, a la AMD and CYRIX? > ... > So I guess the really important question is: does anybody know how to > reverse engineer a chip and build a duplicate, pin-compatible device from > the ground up while hiding from the feds the whole time and still managing > to make a living? Well, there's an easier end-run: a piggyback board. This would plug into the Clipper's slot, and the Clipper would plug into it. Then it could either run in Clipper or PGP/DH-IDEA/Whatever mode. I don't understand enough about the Clipper protocols and interface to know whether there's room to squeeze in bits to signal which of these two modes, unbeknownst to the rest of the phone, but you could certainly attach a Clip vs. Secure switch. -fnerd From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jim McCoy Date: Wed, 2 Jun 93 10:59:04 PDT To: cypherpunks@toad.com Subject: Re: Crypto anarchy in a VW? (not the bug) In-Reply-To: <9306021056.AA05648@toad.com> Message-ID: <199306021836.AA01020@flubber.cc.utexas.edu> MIME-Version: 1.0 Content-Type: text Mark writes: > > >I still don't see why all of the actual encryption couldn't be done in > >software though... > > Me either, apart from TEMPEST issues... Speed. No software implementation will be able to match a hardware DES chip in total throughput. I have enough trouble dealing with the drive transfer speeds imposed upon PC unix systems with the lame bus, but even this could keep up if I had to run my file access through a software DES system. There are cards out there that can do this, and it doesn't really make sense not to offload this to an external device. > Linux comes with slot in file system > modules (as detailed in a letter to Jim) that you can easily adapt to your > own uses. Ive been playing around with this idea for a while. Adding a > desfs(tm) (me :) to a linux kernel is not going to be that hard I think.. > (touch wood). Yes, the other thing that pushed me to linux (besides the larger user community) was the support for "drop-in" filesystems. jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Wed, 2 Jun 93 10:32:25 PDT To: poier@sfu.ca (Skye Merlin Poier) Subject: Re: Security in a VR world In-Reply-To: <9306021634.AA23208@malibu.sfu.ca> Message-ID: <9306021807.AA05105@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain Skye Merlin Poier says: > -----BEGIN PGP SIGNED MESSAGE----- > > For anyone interested, there is a discussion on the multiverse maillist at > multiverse@medg.lcs.mit.edu about "portal security", that is, the ability / > inability for certain users passing through certain "portals", as well as > verification of user identity... Unfortunately, the developer is in Europe, > and as we all know, PGP is export-controlled... :( No its not. It was written abroad -- its more legal in Europe than in the U.S.... .pm From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Wed, 2 Jun 93 12:03:02 PDT To: cypherpunks@toad.com Subject: RE: Work the Work! Message-ID: <8P6i5B2w165w@sytex.com> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Date: Tue, 1 Jun 93 21:32:24 -0700 Eric Hughes wrote - > Paul, you of all people don't need to feel slighted when I urge > people to do something, anything, about the wiretap chips. Agreed. There are many, many things that we need to do to support opposition to this ruse. > Here is my own very short version of my policy toward the wiretap > chips: > "The government has no right to restrict my use of cryptography in > any way. They may not forbid me to use whatever ciphers I may like, > nor may they require me to use any that I do not like." Hear, hear. > The hypothetical backdoor in clipper is a charlatan's issue by > comparison, as is discussion of how to make a key escrow system > 'work.' Do not be suckered into talking about an issue that is not > important. If someone want to talk about potential back doors, refuse > to speculate. The existence of a front door (key escrow) make back > door issues pale in comparison. > If someone wants to talk about how key escrow works, refuse to > elaborate. Saying that this particular key escrow system is bad has a > large measure of complicity in saying that escrow systems in general > are OK. Always argue that this particular key escrow system is bad > because it is a key escrow system, not because it has procedural > flaws. > This right issue is that the government has no right to my private > communications. Every other issue is the wrong issue and detracts > from this central one. If we defeat one particular system without > defeating all other possible such systems at the same time, we have > not won at all; we have delayed the time of reckoning. Very lucid and wise observation. I have suggested several times that attention should also be directed to the (what I call) "potential factor" in regards to the entire "key escrow" system. The potential for abuse and unconstitutional invasions of personal privacy are ripe for the picking under this scheme. In my own public comment letter to the Computer System Security and Privacy Advisory Board, I stressed this fact and also pointed out that although the system was probably designed with good intentions (right), it will not prevent zealots and spooks from monitoring communications under certain circumstances. My other peeve is that after this "technology" has been entrenched (read: forced) on the public, I see the rug being pulled out from under the feet of any other crypto system available. That's also why I attach a great deal of importance to some form of PGP being developed where all parties (Phil Z., Jim B., and me) are happy (excluding Uncle S.). (But I suppose that's another topic...) Patriotically yours, -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLAzzZJRLcZSdHMBNAQEzEwP7BVrQ4KxuFgf19Dq0avHEq8fN4+k2lVFU UBPAZYWNwzyPV3IkmrFf4RGR84H/pdWm09GmYH5wptOuKEut0M5NzO30Z9+c2SW3 7FYr5TF2rygg0mHn6SDSiZZBLuLt/XqWIwGOzJBtrTnPsrLMqZ18Xk60lH3yqUme FzTiDxDnjqA= =wnNa -----END PGP SIGNATURE----- Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp@sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: miron@extropia.wimsey.com (Miron Cuperman) Date: Wed, 2 Jun 93 15:51:42 PDT To: cypherpunks@toad.com Subject: Mail probs Message-ID: <199306022148.AA07511@xtropia> MIME-Version: 1.0 Content-Type: text/plain ----- Transcript of session follows ----- uux: creat (TMP0000001297): Permission denied 554 elee7h5@rosebud.ee.uh.edu... unknown mailer error 1 ----- Unsent message follows ----- Hopefully the originator of this anon message is on the list. Miron From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Wed, 2 Jun 93 12:02:56 PDT To: cypherpunks@toad.com Subject: Crypto/Clipper debate rages on in comp.risks Message-ID: MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- For those of you who don't follow RISKS Digest (comp.risks): you're really missing some good stuff. At the risk of redundantly posting messages which may have already been discussed, I couldn't resist the opportunity to cross-post this portion of a response to Peter Junger's original post on "Risks of teaching the law without breaking it," where Mr. Junger expresses his displeasure and confoundedness of the export restrictions on simple (and all) cryptography. 8<----- Snip, Snip ------------ RISKS-LIST: RISKS-FORUM Digest Tuesday 1 June 1993 Volume 14 : Issue 67 >Date: Tue, 1 Jun 93 14:17:52 BST From: jharuni@micrognosis.co.uk (Jonathan Haruni) Subject: Re: Peter D. Junger's risks of teaching... (RISKS-14.6)5 Organization: Micrognosis International, London Peter D. Junger (junger@samsara.law.cwru.edu) wrote: > [ about his amusing and sad conundrum of being unable to teach law > students about a law without breaking it. ] I think that if you give your students copies of your comp.risks article, they should all be sufficiently disheartened with American law that they will quit the program and you can then present your lectures to a class devoid of foreign (or any) students. Alternatively, you could check passports at the door, and boot out foreign students during the parts of your class which are essential to American Sickurity. By doing so you will raise eyebrows well outside of the computer-and-law sphere of interest and you may bring this ludicrous situation into the limelight. But then, you may get sacked. Probably a much more effective solution to your problem, and one which has recently been proven perfectly legal and acceptable in an American court, would be for you to merely shoot dead all the foreigners in your class, after which you can speak freely. - ----[ remainder of post omitted ]------- -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLAz9X5RLcZSdHMBNAQHQnwP9F8asul5g8tl4hhb9cLJZ9rz+0UeNUQb2 aGK+Bhx6onigi/HwseMjZP3BFSDHUzB3IuzpIjkIBj1BBEB24ZCtZVx9i4M9cIwI wObnkA7YQ0LIr2Ut4d37vQRU36VyltprRB7toqhuGWpv1ZMAp91uNQ4H3tIgXMYL 6sUplUkFMGQ= =C1Qo -----END PGP SIGNATURE----- Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp@sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Wed, 2 Jun 93 14:03:00 PDT To: cypherpunks@toad.com Subject: Newsweek article, "The Code of the Future" Message-ID: MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- On Tue, 1 Jun 93 18:56:10 -0700, Timothy C. May wrote - > Subject: "Newsweek" Article on Clipper and Encryption When I read this message this morning, I made a bee-line down to the kiosk in the lobby and bought it (the June 7th issue of Newsweek). It must've just hit the stand, because the issues were still bound with rubber bands. (Thanks, Tim, for taking the time to commit it to ASCII, BTW.) This is good. Clipper articles have appeared in The New York Times, The Washington Post and now, Newsweek. This is exactly the exposure that is needed. One thing that you didn't include (its rather trivial), that I tacked onto the end of this post, is a very, very brief history of Cryptography - - - -- "Great Moments in Cryptography 1900 B.C. Menet Khufu, Egypt Into the rock of a nobleman's tomb, a master scribe carved unusual symbols rather than the standard hieroglyphics. The intent was to impart a grandeur to the message, the oldest known cryptographic text. Jan. 17, 1917 London Britain decodes the 'Zimmerman' telegram from Berlin to the German ambassador in Washington. Describing a plan to give Mexico the U.S. Southwest, it helped draw an outraged America into World War I. Dec. 7, 1941 Washington, D.C. Navy spies crack a message from Tokyo to its embassy in Washington saying it will break off talks with the U.S. at 1 p.m. -- dawn at Pearl Harbor. The navy spies miss the import of this; Tojo strikes unopposed. Nov. 4, 1952 Washington, D.C. Truman creates National Security Agency, master of math-based codes." - - -- To which, I add my own date to remember - "Infamous Moments in Cryptography Apr. 16, 1993 Washington, D.C. The Clinton Administration announces introduction of the 'Clipper Chip,' a cryptographic scheme developed by the NSA under the auspices of the National Institute of Standards and Technology (NIST). Under 'Clipper,' monitoring high-tech communications is made simpler for law enforcement agencies and privacy becomes a secondary triviality." I can only keep my fingers crossed that we see more articles like this geared to informing the public of this ruse. -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLA0R05RLcZSdHMBNAQE5JgP/TFsJ6aF7+4lMIQjHSQw3qevwT45R+FIg rw5wNDIi7BO3A2rLyDE35rhJsekj6MB3Jg002K1Dy4W0lzT7pb9fkUcwt0H0mQXK 3BuZti59/grD6gfPPgkBHnC8XsH7sHnOV6OsZM1T8eusWofEp541l5bI9RsfnRsM qYnv1S3i+2c= =H9UT -----END PGP SIGNATURE----- Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp@sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: eichin@ATHENA.MIT.EDU ("Mark W. Eichin") Date: Wed, 2 Jun 93 14:12:15 PDT To: cypherpunks@toad.com Subject: [galvin@TIS.COM: Privacy Enhanced Mail available via anonymous FTP] Message-ID: <9306022149.AA09346@tsx-11.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain It is interesting to note that the LICENSE says: >> This license permits you to: >> b. create and sign certificates for people and entities >> within your own organization; _Mark_ Message-Id: <9306022052.AA09067@TIS.COM> Reply-To: James M Galvin To: TISPEM.Announcement:;@TIS.COM, ietf@cnri.reston.va.us, pem-dev@TIS.COM, rsaref-users@rsa.com, saag-interest@TIS.COM, psrg-interest@isi.edu Subject: Privacy Enhanced Mail available via anonymous FTP Date: Wed, 02 Jun 93 16:51:17 -0400 From: James M Galvin Sender: pem-dev-relay@TIS.COM -----BEGIN PRIVACY-ENHANCED MESSAGE----- Proc-Type: 4,MIC-CLEAR Content-Domain: RFC822 Originator-ID-Asymmetric: MFMxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJNRDE kMCIGA1UEChMbVHJ1c3RlZCBJbmZvcm1hdGlvbiBTeXN0ZW1zMREwDwYDVQQLEwh HbGVud29vZA==,02 MIC-Info: RSA-MD5,RSA,ndrjfb54QirydT4/KLgg9HJh+5k0ON+bj9Wil5LeVTE 3E0ST0Bmv12KbChUn5MhxpH556ur0TbWTjl8/csLK52ARxGs0VJlzKfNOWL00SbB JfuyLIM6RLF9uE2ZBNNjP Trusted Information Systems, in cooperation with RSADSI, is pleased to announce the availability of Version 6.0 of TIS/PEM, the Internet reference implementation of Privacy Enhanced Mail. This software is available to US and Canadian organizations and citizens via anonymous ftp. All source code is included, including Version 6.7 of the Rand MH message handling system and Version 1.02 of RSAREF. To retrieve TIS/PEM please FTP to host: ftp.tis.com login: anonymous and retrieve the files pub/PEM/README pub/PEM/LICENSE The README file contains further instructions. The LICENSE file contains the restrictions and rules governing use of TIS/PEM. Please read this file before retrieving the code. Send questions to tispem-support@tis.com -----END PRIVACY-ENHANCED MESSAGE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Wed, 2 Jun 93 16:29:19 PDT To: dmandl@lehman.com (David Mandl) Subject: Re: WH email petition. In-Reply-To: <9306021344.AA16267@disvnm2.shearson.com> Message-ID: <9306030006.AA03619@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain According to David Mandl: > In general, I agree that petitions are a major waste of time and energy; > I'm also pretty convinced that this White House email link is a big scam. > Why are they any more likely to take your mail seriously just because it > comes over the phone lines and not in an envelope? Seems like a pretty I don't, but as you mention below, it takes so little time, I thought we could get people involved who may not otherwise give a damn. "It's so easy, just send a quick letter, it will really help us out." Or something like that. > transparent PR ploy (also an attempt to make it seem like the White House > isn't a bunch of dinosaurs now that everybody and her nephew has an email > address). Well, we all know that! ;^) > But since it won't take much more than a couple of minutes of any of our > time, I can't see an electronic petition hurting our cause any--especially > because it'll certainly include the names of many esteemed professionals > and braniacs with fancy scientific, corporate, and academic credentials. > I think this could be a nice propaganda coup if it got publicised. How about each time we manage to get someone to send a letter to the WH, we also request that they send it to one of us, so that we can keep track of it? Is this doable accross the many networks? > It could at the very least give a big black eye to the forces of evil. 'Hope so. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: poier@sfu.ca (Skye Merlin Poier) Date: Wed, 2 Jun 93 18:39:16 PDT To: cypherpunks@toad.com Subject: heh heh.. whoops Message-ID: <9306030216.AA25030@malibu.sfu.ca> MIME-Version: 1.0 Content-Type: text/plain heh ... sorry about the PGP export thing... I was a bit flaked out this morning what with midterms and all. Musta been thinking of something else. Sorry all Skye -- -----====> Skye Merlin Poier <====----- Undergrad in CMPT/MATH (Virtual Reality) |||| |||| email: poier@sfu.ca p-OO <--> OO-q THINK PGP Public Key available on finger \== ==/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mark Date: Wed, 2 Jun 93 02:39:39 PDT To: cypherpunks@toad.com Subject: Re: FYI: White House Mail Message-ID: <9306020939.AA03615@toad.com> MIME-Version: 1.0 Content-Type: text/plain > President Clinton Vice President Gore > > PRESIDENT@WHITEHOUSE.GOV VICE.PRESIDENT@WHITEHOUSE.GOV Hmm, 10 bucks says some larrikin sends fakemail from PRESIDENT to VICE.PRESIDENT asking him 'what this little red button does' etc. Though in real.life I suspect 10 press secretaries sitting behind the mail alias. They're going to need them. Lets hope no one is stupid enough to try busting into there... Mark mark@coombs.anu.edu.au From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Dave Banisar Date: Thu, 3 Jun 93 10:35:42 PDT To: CYPHERPUNKS Subject: CPSR NIST Crypto Statement Message-ID: <00541.2821903098.3779@washofc.cpsr.org> MIME-Version: 1.0 Content-Type: text/plain CPSR NIST Crypto Statement Department of Commerce National Institute of Standards and Technology Computer System Security and Privacy Advisory Board Review of Cryptography Policy June 1993 Statement of CPSR Washington office Marc Rotenberg, director (rotenberg@washofc.cpsr.org) with David Sobel, legal counsel, Dave Banisar, policy analyst Mr. Chairman, members of the Advisory Panel, thank you for the opportunity to speak today about emerging issues on cryptography policy. My name is Marc Rotenberg and I am director of the CPSR Washington office. Although CPSR does not represent any computer firm or industry trade association, we speak for many in the computer profession who value privacy and are concerned about the government's Clipper proposal. During the last several years CPSR has organized several meetings to promote public discussion of cryptography issues. We have also obtained important government documents through the Freedom of Information Act. We believe that good policies will only result if the public, the profession, and the policy makers are fully informed about the significance of these recent proposals. We are pleased that the Advisory Board has organized hearings. This review of cryptography policy will help determine if the Clipper proposal is in the best interests of the country. We believe that a careful review of the relevant laws and policies shows that the key escrow arrangement is at odds with the public interest, and that therefore the Clipper proposal should not go forward. Today I will address issues 1 through 3 identified in the NIST announcement, specifically the policy requirements of the Computer Security Act, the legal issues surrounding the key escrow arrangement, and the importance of privacy for network development. 1. CRYPTOGRAPHY POLICY The first issue concerns the 1987 statute enacted to improve computer security in the federal government, to clarify the responsibilities of NIST and NSA, and to ensure that technical standards would serve civilian and commercial needs. The Computer Security Act, which also established this Advisory Panel, is the true cornerstone of cryptography policy in the United States. That law made clear that in the area of unclassified computing systems, the Department of Commerce and not the Department of Defense, would be responsible for the development of technical standards. It emphasized public accountability and stressed open decision-making. The Computer Security Act grew out of a concern that classified standards and secret meetings would not serve the interests of the general public. As the practical applications for cryptography have moved from the military and intelligence arenas to the commercial sphere, this point has become clear. There is also clearly a conflict of interest when an agency tasked with signal interception is also given authority to develop standards for network security. In the spirit of the Computer Security Act, NIST set out in 1989 to develop a public key standard FIPS. In a memo dated May 5, 1989 and obtained by CPSR through the Freedom of Information Act, NIST said that it planned: to develop the necessary public-key based security standards. We require a public-key algorithm for calculating digital signatures and we also require a public-key algorithm for distributing secret keys. NIST then went on to define the requirements of the standard: The algorithms that we use must be public, unclassified, implementable in both hardware or software, usable by federal Agencies and U.S. based multi-national corporation, and must provide a level of security sufficient for the protection of unclassified, sensitive information and commercial propriety and/or valuable information. The Clipper proposal and the full-blown Capstone configuration, which incorporates the key management function NIST set out to develop in 1989, is very different from the one originally conceived by NIST. % The Clipper algorithm, Skipjack, is classified, % Public access to the reasons underlying the proposal is restricted, % Skipjack can be implemented only in tamper-proof hardware, % It is unlikely to be used by multi-national corporations, and % Its security remains unproven. The Clipper proposal undermines the central purpose of the Computer Security Act. Although intended for broad use in commercial networks, it was not developed at the request of either U.S. business or the general public. It does not reflect public goals. Rather it reflects the interests of one secret agency with the authority to conduct foreign signal intelligence and another government agency responsible for law enforcement investigations. It is our belief that the Clipper proposal clearly violates the intent of the Computer Security Act of 1987. What is the significance of this? It is conceivable that an expert panel of cryptographers will review the Skipjack algorithm and find that it lives up its billing, that there is no "trap door" and no easy way to reverse-engineer. In fact, the White House has proposed just such a review process But is this process adequate? Is this the procedure the Advisory Board would endorse for the development of widespread technical standards? The expert participants will probably not be permitted to publish their assessments of the proposal in scientific journals, further review of the standard will be restricted, and those who are skeptical will remain in the dark about the actual design of the chip. This may be an appropriate process for certain military systems, but it is clearly inappropriate for a technical standard that the government believes should be widely incorporated into the communications infrastructure. Good government policy requires that certain process goals be satisfied. Decisions should be made in the open. The interests of the participating agencies should be clear. Agencies should be accountable for their actions and recommendations. Black boxes and government oversight are not compatible. There is an even greater obligation to promote open decisions where technical and scientific issues are at stake. Innovation depends on openness. The scientific method depends on the ability of researchers to "kick the tires" and "test drive" the product. And, then, even if it is a fairly good design, additional testing encourages the development of new features, improved performance and reduced cost. Government secrecy is incompatible which such a development process. Many of these principles are incorporated into the Computer Security Act and the Freedom of Information Act. The current government policy on the development of unclassified technical standards, as set out in the Computer Security Act, is a very good policy. It emphasizes public applications, stresses open review, and ensures public accountability. It is not the policy that is flawed. It is the Clipper proposal. To accept the Clipper proposal would be to endorse a process that ran contrary to the law, that discourages innovation, and that undermines openness. 2. LEGAL AND CONSTITUTIONAL ISSUES There are several legal and constitutional issues raised by the government's key escrow proposal. The premise of the Clipper key escrow arrangement is that the government must have the ability to intercept electronic communications, regardless of the economic or societal costs. The FBI's Digital Telephony proposal, and the earlier Senate bill 266, was based on the same assumption. There are a number of arguments made in defense of this position: that privacy rights and law enforcement needs must be balanced, or that the government will be unable to conduct criminal investigations without this capability. Regardless of how one views these various claims, there is one point about the law that should be made very clear: currently there is no legal basis -- in statute, the Constitution or anywhere else -- that supports the premise which underlies the Clipper proposal. As the law currently stands, surveillance is not a design goal. General Motors would have a stronger legal basis for building cars that could not go faster than 65 miles per hour than AT&T does in marketing a commercial telephone that has a built-in wiretap capability. In law there is simply nothing about the use of a telephone that is inherently illegal or suspect. The federal wiretap statute says only that communication service providers must assist law enforcement in the execution of a lawful warrant. It does not say that anyone is obligated to design systems to facilitate future wire surveillance. That distinction is the difference between countries that restrict wire surveillance to narrow circumstances defined in law and those that treat all users of the telephone network as potential criminals. U.S. law takes the first approach. Countries such as the former East Germany took the second approach. The use of the phone system by citizens was considered inherently suspect and for that reason more than 10,000 people were employed by the East German government to listen in on telephone calls. It is precisely because the wiretap statute does not contain the obligation to incorporate surveillance capability -- the design premise of the Clipper proposal -- that the Federal Bureau of Investigation introduced the Digital Telephony legislation. But that legislation has not moved forward on Capitol Hill and the law has remained unchanged. The Clipper proposal attempts to accomplish through the standard-setting and procurement process what the Congress has been unwilling to do through the legislative process. On legal grounds, adopting the Clipper would be a mistake. There is an important policy goal underlying the wiretap law. The Fourth Amendment and the federal wiretap statute do not so much balance competing interests as they erect barriers against government excess and define the proper scope of criminal investigation. The purpose of the federal wiretap law is to restrict the government, it is not to coerce the public. Therefore, if the government endorses the Clipper proposal, it will undermine the basic philosophy of the federal wiretap law and the fundamental values embodied in the Constitution. It will establish a technical mechanism for signal interception based on a premise that has no legal foundation. I am not speaking rhetorically about "Big Brother." My point is simply that the assumption underlying the Clipper proposal is more compatible with the practice of telephone surveillance in the former East Germany than it is with the narrowly limited circumstances that wire surveillance has been allowed in the United States. There are a number of other legal issues that have not been adequately considered by the proponents of the key escrow arrangement that the Advisory Board should examine. First, not all lawful wiretaps follow a normal warrant process. It is critical that the proponents of Clipper make very clear how emergency wiretaps will be conducted before the proposal goes forward. Second, there may be civil liability issues for the escrow agents if there is abuse or compromise of the keys. Escrow agents may be liable for any harm that results. Third, there is a Fifth Amendment dimension to the proposed escrow key arrangement if a network user is compelled to disclose his or her key to the government in order to access a communications network. Each one of these issues should be examined. There is also one legislative change that we would like the Advisory Board to consider. During our FOIA litigation, the NSA cited a 1951 law to withhold certain documents that were critical to understand the development of the Digital Signature Standard. The law, passed grants the government the right restrict the disclosure of any classified information pertaining to cryptography. While the government may properly withhold classified information in FOIA cases, the practical impact of this particular provision is to provide another means to insulate cryptographic policy from public review. Given the importance of public review of cryptography policy, the requirement of the Computer Security Act, and the Advisory Board's own commitment to an open, public process, we ask the Advisory Board to recommend to the President and to the Congress that section 798 be repealed or substantially revised to reflect current circumstances. This is the one area of national cryptography policy where we believe a change is necessary. 3. INDIVIDUAL PRIVACY Communications privacy remains a critical test for network development. Networks that do not provide a high degree of privacy are clearly less useful to network users. Given the choice between a cryptography product without a key escrow and one with a key escrow, it would be difficult to find a user who would prefer the key escrow requirement. If this proposal does go forward, it will not be because network users or commercial service providers favored it. Many governments are now facing questions about restrictions on cryptography similar to the question now being raised in this country. It is clear that governments may choose to favor the interests of consumers and businesses over law enforcement. Less than a month ago, the government of Australia over-rode the objections of law enforcement and intelligence agencies and allowed the Australian telephone companies to go forward with new digital mobile phone networks, GSM, using the A5 robust algorithm. Other countries will soon face similar decisions. We hope that they will follow a similar path To briefly summarize, the problem here is not the existing law on computer security or policies on cryptography and wire surveillance. The Computer Security Act stresses public standards, open review, and commercial applications. The federal wiretap statute is one of the best privacy laws in the world. With the exception of one provision in the criminal code left over from the Cold War, our current cryptography policy is very good. It reflects many of the values -- individual liberty, openness, government accountability -- that are crucial for democratic societies to function. The problem is the Clipper proposal. It is an end-run around policies intended to restrict government surveillance and to ensure agency accountability. It is an effort to put in place a technical configuration that is at odds with the federal wiretap law and the protection of individual privacy. It is for these reasons that we ask the Advisory Board to recommend to the Secretary of Commerce, the White House, and the Congress that the current Clipper proposal not go forward. I thank you for the opportunity to speak with you about these issues. I wish to invite the members of the Advisory Committee to the third annual CPSR Privacy and Cryptography conference that will be held Monday, June 7 in Washington, DC at the Carnegie Endowment for International Peace. That meeting will provide an opportunity for further discussion about cryptography policy. ATTACHMENTS "TWG Issue Number: NIST - May 5, 1989," document obtained by CPSR as a result of litigation under the Freedom of Information Act. "U.S. as Big Brother of Computer Age," The New York Times, May 6, 1993, at D1. "Keeping Fewer Secrets," Issues in Science and Technology, vol. IX, no. 1 (Fall 1992) "The Only Locksmith in Town," The Index on Censorship (January 1990) [The republication of these articles for the non-commercial purpose of informing the government about public policy is protected by section 107 of the Copyright Act of 1976] =============================================== From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mark Date: Wed, 2 Jun 93 03:56:14 PDT To: cypherpunks@toad.com Subject: Re: Crypto anarchy in a VW? (not the bug) Message-ID: <9306021056.AA05648@toad.com> MIME-Version: 1.0 Content-Type: text/plain >Another possibility until then, and one that would be fun for people who >like to play with EPROMS, is a card that had a cable leading to an external >EPROM socket that you could lay on your desk or on top of the case or >wherever. You burn your keys for the HD into a chip and use it as a key, >physically inserting the chip in the socket each time. There are lots >on new ways to make chips easy to plug in and out, I'm sure it wouldn't >be too hard. Heh, I have a system liek this, designed by Viglen in the UK. It was/is originally from the BBC micro to allow easy use of swapping over 'sideways' ROMS instead of opening the case. It's basically a ribbon cable with a 28way rom socket on the end with a edge connector socket on the other. Each ROM is enclosed in it's own sturdy tiny black package with an edge connector that slots into the socket that is mounted in the 'ashtray' of the Beeb. You could easily copy the idea with a rom socket, a length of ribbon cable and a ZIF socket to allow easy usage. The Viglen has pin protection so you dont spike the thing, so it's able to be used on the fly without power cycling. One thing about ROM's, they're faster than disks....easier to hide too :) >I still don't see why all of the actual encryption couldn't be done in >software though... Me either, apart from TEMPEST issues...Linux comes with slot in file system modules (as detailed in a letter to Jim) that you can easily adapt to your own uses. Ive been playing around with this idea for a while. Adding a desfs(tm) (me :) to a linux kernel is not going to be that hard I think.. (touch wood). Mark mark@coombs.anu.edu.au "liek", "smiel" and "soar" are derivatives of JenSpeak(tm). Spread the word. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Dr. Cat Date: Thu, 3 Jun 93 09:00:56 PDT To: hydra.unm.edu!anton@cactus.org (Stanton McCandlish) Subject: Re: Term software development/design In-Reply-To: <9306020647.AA20551@hydra.unm.edu> Message-ID: <9306030536.AA18666@wixer> MIME-Version: 1.0 Content-Type: text/plain Stanton has a good idea, I think, about getting the developers of packages like Qmodem to set up some kind of hooks for encryption. Is anyone else from the list going to the BBSCON in Colorado this August? If not, I'll try to ask about the possibility of supporting encryption in Qmodem, Telix, Procomm, PC Board, TBBS, Major BBS, and Wildcat. (And of course, offer a helpful suggestion or two if they show any interest.) It would be better if someone better schooled in encryption than myself were going to be there, though. Dr. Cat / Dragon's Eye Productions From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: RYAN Alan Porter Date: Wed, 2 Jun 93 22:21:16 PDT To: Hugh Daniel Subject: Re: CryptoStacker, long term vision In-Reply-To: <9306020657.AA05249@ecotone.toad.com> Message-ID: MIME-Version: 1.0 Content-Type: text/plain This is tiring drivel concerning the CryptoStacker project. It just started yesterday, so don't expect it to be too mature, we all have other things we have to do to pay the rent, right? Anyway, I am posting this to the list because it is kind of a plea for ideas, among other things, there are some tidbits that we need some help on. This particular message seemed to address both of the main ones, so I picked it. Don't complain about bandwidth, ok? Alright, to summarize the needs of the project at this point--> we need: 1) some ideas on a good algorithm for a quick and easy encryption to be used in a simple straight software on-the-fly disk encryption. I know that it's ironic, but it seems that that I and the people interested in funnelling me ideas are mainly deficient in the encryption area... 2) does anybody know how the hell Stacker or DoubleStor or whatever executes the actual interception of the read/write routines and stacks them? I don't get it at all. I am more than willing to learn to get this thing working though. To summarize this message in particular: Hugh: "Hey, wouldn't bell/whistle XXXXXX be a good idea?" Ryan: "Yeah, but can we get the thing to work at all first?" There, you have it. You don't even have to read it if you're not interested... _______________ Message follows: > Here is one method of encrypting whats on a disk that I see as > usefull for some, but not all of us. There are real problems for > folks like me who have Unix systems as their home systems, but we will > leave that as a extra credit problem. Yeah, I am just concentrating on getting something out there for DOS support. I actually loathe DOS and would rather be supporting UNIX (this would be a lot easier under Unix) but DOS is still a defacto standard and the people who need to be protected will be using DOS a lot... > I see a disk drive (or scsi controler or bus interface or even > something that sits in the middle of a scsi cable) with a PCMCIA slot > in it. Data gets passed about in the clear if no (or a dummy) card is > in the slot. If a real card is in the slot then all data goes though > the card before being sent the rest of the way though the interface > (might also take the data out via the card, but that makes the card > more complex, even if the drive is cheaper, and has other problems). > The card is a key, if its in you can read the disk and see the data > and it all looks fine. If its not in and you read the disk you see > whatever is on the disk, mixed plain and/or cypher text. I like this idea, but I don't know about having ALL data go through the encryption system. What about the idea of setting up a 'secure' partition and a 'fast' partition and having a device controller that would only run stuff sent to the 'secure' partition through the crypto system? I also don't know about the practicality of making the thing easy to download your own crypto into it. I think that if I am using a DES chip that is widely understood and trusted that there would be no need for the further complication of letting people hack at it... It would be a really cool option, and it would be a lot closer to allowing people to seize their own security, but I don't think that I can justify adding such a complicated feature at such an early stage. > You now have a 'key', if you don't want the disk read take the key > out, breakit it even (if broken the card needs to erase its self as it > might be read even in this state by a electron micro scope or some > such). I really like this PCMIA key idea. I don't think that just having a key would be enough though. Say the Secret Service walks in tomorrow and my system is CryptoStacked, and the PCMIA key is dangling out of the slot because I fell asleep programming last night and forgot to take it out and put it in the safe or whatever. all of that hard earned security is naught. I am much more in favour of a password system to assist the key, much like PGP uses a password system to assist the secret keyring. > There are sevral types of cards one could use in such a system, the > ones I would like to see would have all sorts of crypto support > hardware and some sort of processer. I want to be able to download my > own crypto system into the card (which should be program ONCE), so as > I can feal safe in that I control everything that goes on. This might > be slower then doing a dedicated chip, but more usefull. Support > chips(well features) might include hardware DES,RSA, etc. to speed > things up. I am thinking mainly of finding this much rumored DES chip and trying it out on a dedicated board. I had another idea for an initial stepping stone: are ISA cards DMA mapped? If so, howabout a card that simply has the key burned into it's virtual value, but only when it is properly activated? You could easily achieve this by burning a simply program into an EEPROM, and the activation could be something like punching in a code on a keypad attached to the board or something. (this comes to mind because I have a friend that just finished burning some simple programs into EEPROMS and building a simple keycode keypad, integrating them should be a weekend project) That way, I could do the encryption in software for the specified 'secure' partition (until I can get my hands on a DES chip) using the value returned by the EEPROMs as the key. Sound feasable? > If one feals like haveing fun you might be able to use the card > remotely, by sending the data (see why I don't want the card to be the > interface) over the net and decrypting it localy, then useing it > localy or re-encrypting it and sending it back to be used at the other > end again. This is more work, but usefull! Hmm, that could work perhaps, but the main idea was to create a transparant file system encoding system for once the data already is local, there are certainly better packages out there for data transmission security than anything that *I* could cook up... Just look at the flack that the Dolphin guys are getting just for even suggesting something like that... > This would mean that the crypto key cards would need to be designed > to be usefull in disks, or as keys in CPU's. The more general the > better. I agree, but a file system CryptoStacker will be hard enough to implement in the first place, I think that I will need to worry about that first. > If one want to play around one could try to have passwords to turn > the cards on (digital text/voice, or phyical interface on the back of > the card). Ahh, should have read ahead... I like that voice recognition concept though, but that sounds kind of like a bells/whistles kind of thing too... > One problem I see with this is how low a level it works at, for > instance blocks of disk are likely to expand/shrink with ecryption, > but for this sort of interface we have to pad. Uck. Right, that is my main nightmare, what size blocks to use? I just don't quite understand how Stacker does it. the way I see it we have a serious problem because there are at least two different ways of getting data onto or off of a disk. If it was one or the other, I would be able to cope with it by intercepting that method and changing it, but there are at least two fundamentally different ways, reading by bytes and reading by variable length blocks. I'm not sure if it is possible to read by bits or not, I've certainly never needed to do so, but a good scan through the PC interrupts might be necessary... The size of a block of data would not change with DES encryption, would it? I might have a serious misunderstanding about how DES works if the size *DOES** change... Here is a though, the apparant ignorance of which is entirely due to the fact that I just don't understand at all how Stacker works on an intercpet level: How about just encoding each byte seperately, that way I could intercept the byte read/write no problem, and I could intercept the variable block read/write in a similar manner, just break it down into a series of single byte read/write cycles? Is it possible to DES encode a single byte and have it remain a single byte? Is it a reasonably secure idea? I would do some DES research, but I am mail only and it takes WEEKS to poke around ftp sites through the mail, dig? Perhaps someone could send me a nice FAQ? Perhaps someone knows of a nice method by which I *COULD* securely encode a byte to a byte and have it remain a byte using keys and such? I suppose you might have noticed by now, I am a very good software engineer, and a pretty good structure programmer, but only a good machine level programmer, and only a mediocre cryptologist, let's get all of that straight right here. > I have in the back of my head an idea for a NFS like data (in the > simple case disk) server. How this might be done is murkey to me > right now. > My first problem is deciding on where I want the decryption to > happen. We keep talking about doing it in the disk drive, but as my > example above shows there is no reason to do it that way, and it's a > lot safer to pump crypted data through a (maybe leeky) SCSI data cable > then to have it all ready decrypted. > Maybe what this is trying to tell me is that there is a trueism > about decrypting data as close as resonable to the use point (and NOT > the source) as one can. This is all well and good, but I think that getting the damned thing to work at all will be a bitch, much less worrying about perfectly optimal security... > Question is: Is there a good algorithm that can be done totaly in > software, that gains more speed & security from beside memory general > purpose decryption hardware and even more from dedicated cards? This is my question exactly, what encryption algorithm... > This is really a protocall questoin, as we should be able to change > the crypt algorithm weekly if we want (might need to do this!). Oi, please... I am worried about finding ONE algorithm, you are already thinking about implementing any number on infinities... > I wonder how this can work if I decide that I need not one, two or > three crypt keys, but hundreds! I can see that I am going to have > just a few keys for the basic disk keys (can do one per disk) in > hardware, and likely hundreds of others that can't (afford or > effectivly) use dedicated hardware for. Well I don't see why any relatively unlimited number of keys couldn't exist. As for those people that can't afford to use dedicated hardware, there is still the less secure idea of having the key stored on a floppy that would be inserted at load time and read into memory. This would have the obvious disadvantage of having the key sitting around in memory, a sitting duck (especially for people who leave their systems on all of the time, like me, as soon and the Nazis learned about systems like these then 'Run a key scanning program on the system to be confiscated' would just become step one in their procedure, would be a hole even if the keys were password protected) but it would be better than nothing at all, and the speed problems could be dealt with by using the multiple partition method that I described earlier, having a 'secure' virtual disk where all of your data goes, and a seperate 'fast' virtual disk which is unencrypted where all of your programs and such go. > Have fun, theres work to be done! > ||ugh Daniel > hugh@toad.com Yes, but you know, the more I think about it, the easier it looks... my two main problems right now are: 1) What algorithm? How? 2) How the hell to intercept the read/write routines? After that, the rest is just writing code. Code I can do, code is no problem... -Ryan the Bit Wallah From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: hkhenson@cup.portal.com Date: Thu, 3 Jun 93 12:01:24 PDT To: cypherpunks@toad.com Subject: Hardware vs software Message-ID: <9306030216.1.2999@cup.portal.com> MIME-Version: 1.0 Content-Type: text/plain RE this topic, there are methods (Merkle's for example) where you can get multiple megabytes per second through a good encryption algorithm in a CPU. DES is kind of optimised for doing it in hardware, so don't take how slow it is in software as the limit for good encryption. Keith (Gnu posted the paper a long time ago in sci.crypt, but I don't know if I can find it on my newer system.) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mulivor@orion.crc.monroecc.edu Date: Wed, 2 Jun 93 22:57:42 PDT To: cypherpunks@toad.com Subject: E-Mail Baloney, Part 2 Message-ID: <9306030557.AA08285@toad.com> MIME-Version: 1.0 Content-Type: text/plain Here's a press release that came to me yesterday. In particular, see last paragraph. Phil Mulivor --------------------------------------------------------------------- House of Representatives Announces Public Electronic Mail Service To: National Desk Contact: Lance Koonce of the Committee on House Administration, 202-225-7922 WASHINGTON, June 2 /U.S. Newswire/ -- Chairman Charlie Rose and Ranking Minority Member Bill Thomas of the Committee on House Administration announced today the pilot program of the Constituent Electronic Mail System. This groundbreaking new service will allow citizens to communicate directly with their Member of Congress by electronic mail. The House of Representatives has established an electronic gateway to the Internet, the vast computer network that is used currently by over 12 million people worldwide. Participating Members of the House have been assigned public mailboxes which may be accessed by their constituents from their home computers. In addition, many libraries, schools and other public institutions now provide, or soon will provide, public access to the Internet. The Members of the House of Representatives who have agreed to participate in this pilot program are: Rep. Jay Dickey (AR-07), Rep. Sam Gejdenson (CT-02), Rep. Newt Gingrich (GA-06), Rep. George Miller (CA-07), Rep. Charlie Rose (NC-07), Rep. Fortney Pete Stark (CA-13), and Rep. Melvin Watt (NC-12). These Members will be making announcements in their congressional districts within the next few weeks to make their constituents aware of the new service. The Constituent Electronic Mail System represents a significant effort by the House of Representatives to expand communication with constituents. With the tremendous growth of electronic mail over the past several years, and the increasingly inter-connected nature of computer networks, the new service is a natural addition to the current methods of communication available to constituents. At the present time, House Members involved in the pilot program will largely respond to electronic mail messages from their constituents by postal mail, to ensure confidentiality. Constituents of House Members participating in the pilot program who wish to communicate with those Members will be asked to send a letter or postcard stating their interest to the Member's office. The request will include the constituent's Internet "address," as well as that constituent's name and postal address. This process will allow Members to identify an electronic mail user as his or her constituent. The pilot e-mail program will continue until sufficient feedback from participating offices has been collected to allow improvements and modifications to the system. When House Information Systems and the Committee on House Administration are satisfied that the system is sufficiently error-free, other Members of the House will be allowed to add this new service as technical, budgetary and staffing concerns allow. For more information, Internet users are encouraged to contact the House of Representative's new on-line information service. Please send a request for information to CONGRESS@HR.HOUSE.GOV. /U.S. Newswire 202-347-2770/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: RYAN Alan Porter Date: Wed, 2 Jun 93 22:55:39 PDT To: Jim McCoy Subject: Re: Crypto anarchy in a VW? (not the bug) In-Reply-To: <199306021836.AA01020@flubber.cc.utexas.edu> Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Wed, 2 Jun 1993, Jim McCoy wrote: > Mark writes: > > > > >I still don't see why all of the actual encryption couldn't be done in > > >software though... > > > > Me either, apart from TEMPEST issues... > > Speed. No software implementation will be able to match a hardware DES > chip in total throughput. I have enough trouble dealing with the drive > transfer speeds imposed upon PC unix systems with the lame bus, but even > this could keep up if I had to run my file access through a software DES > system. There are cards out there that can do this, and it doesn't really > make sense not to offload this to an external device. Yes, actually it does. Hardware cannot be widely and freely distributed the way software can. I am looking to write something that can protect EVERYONE, not just those people that can afford to buy some dedicated hardware. Would PGP be so widespread today if it required a hardware coprocessor? > > Linux comes with slot in file system > > modules (as detailed in a letter to Jim) that you can easily adapt to your > > own uses. Ive been playing around with this idea for a while. Adding a > > desfs(tm) (me :) to a linux kernel is not going to be that hard I think.. > > (touch wood). > > Yes, the other thing that pushed me to linux (besides the larger user > community) was the support for "drop-in" filesystems. I like the whole Unix idea for PC's in general, and Linux in particular, but the fact remains that the people who need security the most (the average schmuck out there in the business world or the kid running a BBS) are most likely to be using a PC DOS-based system, and I am writing for them. > > jim -Ryan the Bit Wallah From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jim McCoy Date: Thu, 3 Jun 93 00:58:38 PDT To: ryan@rtfm.mlb.fl.us (RYAN Alan Porter) Subject: Re: Crypto anarchy in a VW? (not the bug) In-Reply-To: Message-ID: <199306030835.AA23736@tigger.cc.utexas.edu> MIME-Version: 1.0 Content-Type: text Ryan Alan Porter writes: > Jim McCoy wrote: [regarding why to use hardware for the encryption] > > Speed. No software implementation will be able to match a hardware DES > > chip in total throughput. [...] There are cards out there that can do > > this, and it doesn't really make sense not to offload this to an > > external device. > > Yes, actually it does. Hardware cannot be widely and freely distributed > the way software can. I am looking to write something that can protect > EVERYONE, not just those people that can afford to buy some dedicated > hardware. This is true, but I am not completely writing-off those without the ability to get a hardware card: they will just have to put up with the, IMHO, unbearable slowness of doing filesystem encryption through software. I am also examining the log-structured filesystem (Rosenblum and Osterhout) to see if using that as the core to add the encryption to will make the system useable without hardware. Additionally, perhaps the fact that there is some real use for a hardware DES card will get people to buy them and increase their availability in general... > Would PGP be so widespread today if it required a hardware coprocessor? No. Then again PGP is for encrypting _files_, not filesystems. We are talking several orders of magnitude difference in the amount of data you are trying to force through them. I guess part of the difference in viewpoints we have is that I am spoiled on unix. I have become used to the high-bandwidth drives and networks that I use every day and would not be able to stand the bottleneck created by doing the encryption in software. > I like the whole Unix idea for PC's in general, and Linux in particular, > but the fact remains that the people who need security the most (the > average schmuck out there in the business world or the kid running a BBS) > are most likely to be using a PC DOS-based system, and I am writing for them. Yes, a crypto drop-in that works like Stacker would be a good thing to have available and I wish you the best of luck in your efforts. On the general DOS side though, I can run DOS under linux and have a DOS filesystem within a linux system as well (linux plug :) Either way, good luck. jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eli Brandt Date: Thu, 3 Jun 93 08:57:46 PDT To: cypherpunks@toad.com Subject: remailer flakiness Message-ID: <9306031448.AA16547@cygnus.com> MIME-Version: 1.0 Content-Type: text/plain I've been off the net for a few weeks, and my remailer's been running on auto-pilot. Checking my mail, I found that a number of messages for the remailer had ended up in my mailbox instead. However, logs also indicate that a fair bit of traffic went through the remailer, apparently successfully. A test of the remailer turned up no problems. If anybody knows or suspects that a message sent through me did indeed not get through, I'll bounce all of it back to myself for reprocessing. Otherwise, this might result in mail duplication. Eli ebrandt@jarthur.claremont.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 3 Jun 93 08:57:38 PDT To: cypherpunks@toad.com Subject: CryptoStacker, long term vision In-Reply-To: Message-ID: <9306031512.AA25490@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >This is tiring drivel concerning the CryptoStacker project. If you want help, it is wise not to recklessly insult those who are offering it. By your own admission, you do not have a lot of experience here; you seem to be saying "I know exactly what I don't know," which, may I add, is a common delusion of the inexperienced. You seem to have fixed a model of how the encrypted disk would work and don't want to debate it. The model is exactly that which requires the most scrutiny, because it has the most far reaching effects. If the model is flawed somehow, that's what you want to know before you begin, not six months later. I take it that you want people to use this software after it is written. if so, then pay close attention to user acceptance issues such as performance and key handling. You neglect them at your own risk. Your model seems to be that of intercepting interrupts to the disk. This could be made to work, but is the wrong way to do it. If you insist on that, though, any good PC reference book will tell you what the disk interrupt vector in the BIOS is. Ralf Brown's interrupt list also contains the relevant data in schematic form. The proper way to do this is as a device driver, however. Grabbing interrupts is messy and prone to interference. Many anti-virus programs monitor the disk interrupt to make sure that nobody uses it unauthorized. A device driver is the intended way to create new devices, like an encrypted disk. There are complete books about writing device drivers; you will need one of these or some other good DOS programming book which explains how to write one. There are lots of subtleties about them. I would suggest that you first version just be a device driver that has no encryption, but only the hook for it. The device driver skeleton for a disk will be difficult enough, as you have to support a whole lot of operations just so you can have a place to put the encryption. This is exactly the software infrastructure problem in another context. After you have a device driver skeleton working, you can add both hardware and software encryption modules. There is no need to be exclusive about this. It is clear to me from your comments that you haven't timed any DES routines and done a calculation of increased latency times, and although I hate to see code development go to waste, it's your time, not mine. As far as picking an encryption algorithm, use DES. DES is the fastest symmetric keyed block cipher that is thought to be reasonably secure. DES is not particularly fast in software; it was designed as a hardware standard and does lots of bit manipulations. DES is fast enough for serial communications, but that 1000 times less the bandwidth than a hard disk. Of course, you don't want to run DES in codebook (aka naive) mode. (Codebook mode is where you just simply map block to block; the problem is that identical blocks map to identical blocks.) You'll want some sort of other mode, like a counter mode, to make sure you don't get identical ciphertexts. It is also a bad idea to encrypt the whole disk with one key; it makes brute force searches much easier. Your keying material should be long. I earlier suggested one key per track. These keys are going to have to be stored somewhere, and the disk is the wrong place for it, clearly. This implies that the user is going to have to have some key-holding device (likely a diskette) which will be necessary in order to unlock the partition. the keying material should be password protected. This device will be have to used at boot time if anything necessary to boot is stored on the encrypted partition. Keying material will need to be backed up. This should be made as painless as possible, otherwise there will be plenty of people losing whole drives. Keys in the driver should time out after some specifiable period. Files that are open when the time-out occurs and the programs that have them open are going to have to be dealt with gracefully. This model of using a device driver means that there is going to have to be at least two partitions on the disk: one to boot from, and one to be encrypted. The device driver itself and the operating system can't be on the encrypted disk, because those components must be loaded before the encrypted disk is accessible. Most people are not going to go out and buy a new disk to be the encrypted partition. Thus, this is going to mean a full backup of the existing disk, an operation with FDISK to do the partitioning, then, assuming the driver works right the first time, restoring everything else on the encrypted partition. What is the effect of _this_ on user acceptance? Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 3 Jun 93 08:57:21 PDT To: cypherpunks@toad.com Subject: CryptoStacker, long term vision In-Reply-To: Message-ID: <9306031522.AA26005@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain A related topic to encrypted disk drives. Anybody who has a desire to see their data around long term makes backups of their drives. At least one of these backups is usually physically near the drive in question. What good it is to have an encrypted disk if the backups are not also encrypted? Backups occur at the file system level, where an encrypted file system does not appear encrypted, so that work here does not directly leverage to encrypted backups. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: elee9sf@Menudo.UH.EDU Date: Thu, 3 Jun 93 08:59:10 PDT To: cypherpunks@toad.com Subject: Re: Another chaining utility Message-ID: <199306031333.AA16241@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain Hal wrote: > I couldn't get Karl's hopmail.bat to run on my PC (not enough environment > space?) so I wrote this in C and it works OK. Say, is anybody else having this problem? I wonder what the problem is (environment space?) PLEASE let me know about bugs or problems with the scripts. I'm going to be updating the dos versions pretty soon, and will see if I can figure out what the space error means. Thanks, Hal! /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 3 Jun 93 08:57:13 PDT To: cypherpunks@toad.com Subject: Software infrastructure In-Reply-To: <9306021548.AA19002@uahcs2.cs.uah.edu> Message-ID: <9306031542.AA26387@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >If you want the other software developers to pick up encryption then >you had better put it into some kinda kit or TPU. Agreed. The less hassle, the more use. Buzzword alert. What is "TPU"? And who makes "Async Pro", and what exactly does that do? Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl Barrus Date: Thu, 3 Jun 93 08:58:41 PDT To: cypherpunks@toad.com Subject: HELP: pgp, .forward, mh Message-ID: <199306031404.AA18382@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain Situation: I'd like mail that arrives at my other account to be encrypted and then forwarded to this account. I have spent a few hours trying various things and nothing seems to work. I've tried this as my .forward file: "| /myhome/pgp -fea barrus | mail elee9sf@menudo.uh.edu" but all that arrives at elee9sf is a blank message. I've tried "| /myhome/remail.script" where remail.script was a one-liner similar to the above. Nothing. Any suggestions? Note: 1) barrus@tree.egr.uh.edu is a NeXT account. Is NeXTSTEP just too different for this stuff to work? 2) I'm running pgp2.1 on tree.egr, and don't have the old docs anymore. Was the -f option not present? 3) Anybody have a makefile for NeXT so I can upgrade? I compiled 2.1 by hand editing some lines, but the task looks pretty daunting with 2.2. I tried 'make mach' but that didn't get very far. So, if that's impossible, how do I get my elee9sf account to do it? I use mh on menudo, and have tried to barrus@tree.egr.uh.edu | A "/path/pgp -fea barrus | /path/rvcstore +tonext" in my .maildelivery but that doesn't seem to fly either. Any suggestions? /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Doug Porter <76244.315@CompuServe.COM> Date: Thu, 3 Jun 93 08:59:18 PDT To: Cypherpunks Subject: Re: CryptoStacker, long Message-ID: <930603131226_76244.315_CHN36-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain RYAN Alan Porter (unrelated AFAIK) asks: > 2) How the hell to intercept the read/write routines? I can help with the guts of DOS, BIOS, network interfaces, etc. My development time is committed, but feel free to email me with questions, folks. The simplest approach is probably Microsoft's Network Redirector interface. It's used for MSCDEX, and just about every LAN OS except Novell's, including Microsoft's own LAN Manager. A good reference is "Undocumented DOS" by Andrew Schulman et al. This is the only option discussed here I haven't used personally. It looks ideal for this application. Another possibility is hooking the DOS API itself. This certainly works well; it's the way Netware does it. I've found it a lot of work. See IBM's "Disk Operating System" manual for details. There was a mainframe manual by the same name, so be sure you're getting the PC version. Just under DOS itself is what Microsoft officially refers to as Device Drivers. Device drivers actually can be hooked in at many levels, of course, not just here. In this context MS calls disk drives "block devices". Block device drivers, or character device drivers for that matter, are not at all tough to write. They're probably a good second choice after the Network Redirector. A reference is the book "Writing MSDOS Device Drivers" by Robert Lai. DOS internally often calls software interrupts 25 and 26 for disk io. These are apparently inconsistent from DOS version to version. Skip this layer. If you need to go this far down, go all the way to INT 13. The lowest level of disk io short of hardware is INT 13. A good reference is Phoenix's "CBIOS Reference Manual". Watch out for quirks in INT 13's stack handling. There's also a good bit you have to do to keep DOS and your driver from tripping over each other. Unless others feel it's appropriate to use this bandwidth, email me for details. Doug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Doug Porter <76244.315@CompuServe.COM> Date: Thu, 3 Jun 93 08:59:14 PDT To: Cypherpunks Subject: RE: Term software develo Message-ID: <930603131241_76244.315_CHN36-2@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain Eric Hughes says: > FOSSIL is . . . the only abstraction for serial communications the PC has . . . There are at least 7 versions of INT 14. Then there's Ungerman-Bass's old INT 6B as well as two flavors of its successor, NASI/NCSI. There are also many variants of COMx device drivers. These are all serial line abstractions for the PC. There are others. FOSSIL may be popular on BBSs, but NASI/NCSI is number one in the market. The oldest version of INT 14 is number two. Who was it said "The nice thing about standards is that there are so many to choose from"? :-) Doug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Thu, 3 Jun 93 00:45:33 PDT To: " L. Detweiler " Subject: Re: whistle for Whistleblowing! In-Reply-To: <9306020701.AA03726@longs.lance.colostate.edu> Message-ID: <9306030914.aa26400@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > Cypherpunks, alt.whistleblowing has been created! ... and supported by anon.penet.fi. Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: smb@research.att.com Date: Thu, 3 Jun 93 08:58:02 PDT To: "J. Michael Diehl" Subject: Re: WH email petition. Message-ID: <9306031427.AA16225@cygnus.com> MIME-Version: 1.0 Content-Type: text/plain > they've just gotten smarter about how they do it... Based on my past > experience, your name will be collected -- but just as a person > interested in certain issues, so that you can be solicited for funds > on certain issues. Does this really happen? WOW! Does it happen? Sure did circa 20 years ago, when individual members of Congress had much less computing capacity. I wrote to members of the House Judiciary committee demanding the impeachment of a certain unindicted co-conspirator. Over the next few years, I received a variety of funds solicitation letters, as some of those folks tried to move on to bigger and better offices. The letters invariably spoke of the members' ``bravery and courage of conviction'' during the Watergate investigation, and noted my interest in that subject... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com Date: Thu, 3 Jun 93 08:57:59 PDT To: cypherpunks@toad.com Subject: Re: Crypto anarchy in a VW? (not the bug) Message-ID: <9306031432.AA23113@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text > >There are a lot of ways to get a signal around the world without using a > >satellite, ask any amateur radio enthusiast. I thought the motivation for satellite at the beginning of this discussion was that it's extremely hard to find out WHO sent a transmission to a satellite - everybody's got a dish pointed UP at the same destination, the FCC isn't likely to go flying helicopters around to locate transmissions that could have come from anywhere in the country, and there's really nothing to direction-find on, and the receivers can similarly be anywhere, since it's a broadcast network. If the satellite uses some kind of protocol such as AlohaNet, you get reasonable shared utilization. (Of course, the alternatives to direction-finding are to go after the bird's owners, or to jam the transmission channel.) Moon-bounce offers similar advantages, and there aren't any owners to trace :-), though jamming is still possible. Another technique that's pretty obscure, and relatively low data rate, but pretty hard to trace, is meteor-burst, which reflects signals of the ionization trails left by micrometeors. Typical systems a few years ago transmitted at 4800 baud, getting effective throughput of maybe 300 bps, since the channel isn't constant. It was used for applications like sending snow depth reports back from mountains, since it needs very little power and isn't particularly bothered by weather conditions. Are networks like amateur packet radio hard to trace, assuming enough repeaters are around? > One of the really great techniques I've hear about recently is a data > channel that runs at 90% T1 speed over the ~900 MHz spread spectrum NCR WaveLAN, which is now also being OEMed by DEC, runs spread spectrum at (I think) 2 Mbps, and can use an optional DES chip for encryption. The PC cards are compatible with some vanilla Ethernet card, so it uses standard Ethernet protocols. In broadcast mode, range is only a few hundred meters, depending on building configurations, but it can also be used with a directional antenna to get 5-6 mile range. Bill Stewart From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Thu, 3 Jun 93 08:57:43 PDT To: cypherpunks@toad.com Subject: Solidarity (kudos) Message-ID: MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- I couldn't resist the opportunity to x-post this to the list, especially now that it makes me feel foolish for once suspecting the possibility of foul play at UUNet. My hat is off to Nat and all the folks at UUNet Technologies who share his views. Kudos. 8<------- Begin Forwarded Message ----------- From: nrh@daimajin.UU.NET (Nat Howard) Newsgroups: alt.privacy.clipper Subject: another letter to the president Date: 2 Jun 1993 19:41:01 -0400 Organization: UUNET Technologies Inc, Falls Church, VA, USA Lines: 41 NNTP-Posting-Host: daimajin.uu.net Summary: dump clipper Date: Wed, 02 Jun 1993 12:49:46 EDT To: PRESIDENT@WHITEHOUSE.GOV, VICE.PRESIDENT@WHITEHOUSE.GOV From: Nat Howard Subject: Clipper initiative of 4/16/93 Sirs, As a citizen working in the communications field, I am gravely concerned by the 4/16/93 Clipper Chip initiative. I believe that the initiative as proposed cannot accomplish its stated goals, and will, if carried out, be poisonous to American business attempts to compete in the secure communications field. Far more important is the apparent denial in the press release of our First, Second, Fourth, Ninth, and Tenth Amendment rights: ... nor is the U.S. saying that "every American, as a matter of right, is entitled to an unbreakable commercial encryption product." I urge you to consider these actions instead: 1. Lift export controls on all cryptographic hardware and software. 2. Have the NSA work with NIST to produce a publicly-described algorithm, suitable for either hardware or software implementation, that can serve for the next 15 years as a follow-on to DES. 3. Find some fair and legal way so that all US Citizens can use, royalty-free and without other restriction, the public-key algorithms now patented by PKP. A lot of us have hopes for the human rights aspect of the Clinton-Gore ticket. Please don't let us down: withdraw, abandon, or greatly modify the Clipper Chip initiative. I emphasize that I speak here as a private citizen, and my remarks don't necessarily reflect the feelings of UUNET. 8<------- End of Forwarded Message --------- -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLA4NhZRLcZSdHMBNAQGJjQP/Ty6YCVBsrNfmfWiuyRK/GWHvwkLBy5tE bJOUmwnyP2nD/febFSeIPSoheKEpvVNg6nZUM7BTNPAQ5SM+papyujs5NtQNbiGT TLLS55K0X+904Iszn3ROzc/QJNaQ/RSj+7vuI+yq3L9dTcOrbKNpnU/KePkISeIp toFDESkZDnY= =F+B7 -----END PGP SIGNATURE----- Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp@sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mark Date: Wed, 2 Jun 93 18:24:26 PDT To: cypherpunks@toad.com Subject: Re: Term software development/design Message-ID: <9306030124.AA00799@toad.com> MIME-Version: 1.0 Content-Type: text/plain Those of you with a 386 or greater and over 40Mb Hd (most of the pc's these days are usable) might want to take a look at running linux/386bsd/netbsd at home and then running term(1). It's a program with it's own packetising, compression of data (which is good for a quick and nasty anti-tap system) and you can telnet, rsh, ftp, finger etc all from the unix command line of your home machine. Uploads etc can all be done at the same time as you read mail on a remote host. the lastest version is term107.tar.z and should be avaliable from most archie sites. It has #defs for suns, nexts, hps, linux etc. When i find the guy who wrote the telnet client for it I'll probably add des encryption to it. The above is for plain modem usage, it's a semi tcp link at home and you can dial anywhere and link up in seconds, no special system file changes, just compile the remote binary and you're away. If you're just using the dialup host as a bouncer then all that is running is one innocuous looking binary, even though you might have several ftp's and telnets etc running at once. Honestly it's an admins nightmare. Linux etc also has slip and inet options if you want to explore those. The only problems I find are people being unable to listen (usefully) to your sessions and killing the line :) Most of the tools are written I find, all thats needed is the adding of encryption to them for a totally secure session. No need to write another term program, just use whats out there. Mark mark@coombs.anu.edu.au From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pat@tstc.edu (Patrick E. Hykkonen) Date: Thu, 3 Jun 93 11:27:14 PDT To: cypherpunks@toad.com Subject: RE: CryptoStacker - Suggestions In-Reply-To: <9306031512.AA25490@soda.berkeley.edu> Message-ID: <9306031827.AA05452@tstc.edu> MIME-Version: 1.0 Content-Type: text/plain > This model of using a device driver means that there is going to have > to be at least two partitions on the disk: one to boot from, and one > to be encrypted. The device driver itself and the operating system > can't be on the encrypted disk, because those components must be > loaded before the encrypted disk is accessible. Most people are not > going to go out and buy a new disk to be the encrypted partition. > Thus, this is going to mean a full backup of the existing disk, an > operation with FDISK to do the partitioning, then, assuming the driver > works right the first time, restoring everything else on the encrypted > partition. What is the effect of _this_ on user acceptance? Why not have the device driver create a file (possibly of varying sizes) on the hard drive which the encryption device driver then makes look like another drive?!? This is how the compression programs work, seems to me a pretty viable way to solve the encrypted drive problem as well. A good place to start on this would be something like DOS's VDISK device driver, it maps a portion of RAM into a RAM-disk... a good way to understand how a DOS device driver should map something that has no disk-like characteristics into disk-like characteristics. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mab@vax135.att.com Date: Thu, 3 Jun 93 12:37:34 PDT To: cypherpunks@toad.com Subject: Unix Crypto File System paper Message-ID: <9306031922.AA09035@vax135.UUCP> MIME-Version: 1.0 Content-Type: text/plain Hi, Some of you have sent me mail asking about my cryptographic file system for Unix; it was the subject of a work-in-progress presentation at the January Usenix conference. I have a draft of a paper that you may find helpful; I just got off the phone with our lawyer and finally have the release to send it out, so if you'd like a copy of the draft, send me your email (for postscript) or physical (for dead trees) address. Before you ask: the software also may be released, but that's a longer process and it isn't really "ready for prime time" yet anyway. The paper is just a draft, and also has some bugs in it, but some of it seems relevant to the discussion here on similar projects for PCish machines. Here's the abstract: ======== Although cryptographic techniques are playing an increasingly important role in modern computing system security, user-level tools for encrypting file data are cumbersome and suffer from a number of inherent vulnerabilities. The Cryptographic File System (CFS) offers an alternative to ad hoc user-level encryption for protecting file data. CFS supports secure storage at the system level through a standard Unix file system interface to encrypted files. Users can associate a cryptographic key with any directories they wish to protect. Files in these directories (as well as their pathname components) are transparently encrypted and decrypted with the specified key without further user intervention; cleartext is never stored on a disk or sent to a remote file server. CFS can use any available file system for its underlying storage without modification, including distributed file systems such as NFS. System management functions, such as file backup, work in a normal manner and without knowledge of the key. This paper describes the design and implementation of CFS under Unix. Encryption techniques for file system-level encryption are described, and general issues of cryptographic system interfaces to support routine secure computing are discussed. ======== -matt mab@research.att.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: eichin@cygnus.com (Mark Eichin) Date: Thu, 3 Jun 93 16:38:58 PDT To: cypherpunks@toad.com Subject: [comp.os.linux.announce] New loop devices, even with DES encryption Message-ID: <9306032338.AA19180@cygnus.com> MIME-Version: 1.0 Content-Type: text/plain If you actually want to see the linux loopback code I mentioned, here's the real announcement. _Mark_ ------- Start of forwarded message ------- From: almesber@nessie.cs.id.ethz.ch (Werner Almesberger) Newsgroups: comp.os.linux.announce Subject: New loop devices, even with DES encryption Keywords: loop devices, DES, mount regular files Date: 1 Jun 93 20:13:47 GMT Followup-To: comp.os.linux Organization: Swiss Federal Institute of Technology (ETH), Zurich, CH Version 0 of the new loop devices patch is in tsx-11.mit.edu:/pub/linux/BETA/loop and nic.funet.fi:/pub/OS/Linux/BETA/loop The files are: lo.0.tar.z The loop devices patch des.0.tar.z DES-encryption for the kernel Note: If you're FTPing from outside the U.S. or Canada, please get the DES patch from nic.funet.fi, because of the well-known US export restrictions. (DES encryption is optional. The loop devices also work without it.) Loop devices give you the ability to mount file systems from regular files. Additionally, you can use them to have more than one file system on one partition and to have transparent on-line encryption of all your data. The loop devices patch is relative to ALPHA 0.99pl10, but it'll probably work with 0.99pl9 and 0.99pl10 too. The DES patch should work with any recent kernel. This is a new implementation of loop devices by Theodore Ts'o, I'm just maintaining the code. Unlike my old loop devices, which are also in some versions of SLS, the new loop devices will continue to work after variable block sizes are added to the kernel. The DES code is derived from Eric Young's DES library. I originally wanted to use UFC crypt, but its memory requirements make it a bit difficult to handle. Maybe later. - Werner -- _________________________________________________________________________ / Werner Almesberger, ETH Zuerich, CH almesber@nessie.cs.id.ethz.ch / /_IFW_A44__Tel._+41_1_254_7213__________________almesber@bernina.ethz.ch_/ ------- End of forwarded message ------- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fnerd@smds.com (FutureNerd Steve Witham) Date: Thu, 3 Jun 93 19:31:09 PDT To: cypherpunks@toad.com Subject: Secure transport layer paper Message-ID: <9306032110.AA06199@smds.com> MIME-Version: 1.0 Content-Type: text/plain There's a paper in the Feb. '93 _IEEE Transactions on Software Engineering_: "Trust Requirements and Performance of a Fast Subtransport-Level Protocol for Secure Communication" by P. Venkat Rangan It's about a protocol called Authenticated Datagram Protocol, and issues about using it in a "subtransport level." He's tried it on Suns. The work was done at Berkeley in 1990, the guy's at UCSD now. -fnerd From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@shell.portal.com Date: Thu, 3 Jun 93 17:17:36 PDT To: cypherpunks@toad.com Subject: Software infrastructure Message-ID: <9306040011.AA22327@jobe.shell.portal.com> MIME-Version: 1.0 Content-Type: text/plain In thinking more about Eric's proposal for a terminal program, I can see the value in putting in the hooks for stream encryption even if we don't implement it right away. That should be one of the points of this software, to have it be easily expandable. So we would want to make it so that a layer could be inserted just above the serial I/O layer which would do transparent encryption. The mechanism for creating the shared keys could be added later, perhaps. We are seeing a lot of different suggestions here, which is good at this point. Some of the issues: Overall functionality To keep our focus: we want something which will help the average computer user who has a PC or something similar at home be able to use encryption easily in sending and receiving email. The problem is that people send and receive mail in very many different ways. So we propose to provide a very flexible and extensible solution that can be adapted to many situations. This leads to the idea of a terminal program with built-in encryption, since most people can use a terminal program to get their mail. This would not be aimed at people running UUCP or similar fancy protocols on their home machines. They must be pretty sophisticated to get this stuff working. PGP and RIPEM already come with a bunch of scripts to let them be used in Unix and similar environments. (Maybe I'm mistaken, though, in thinking that good solutions already exist for these people. I don't know much about this mode of operation.) Build or Buy Do we roll our own or do we try to tap into an existing program? Among existing terminal programs, do we: try to provide add-ons to widely used commercial or shareware programs (for which we don't have source); try to convince the authors of these programs to make the changes we desire; or find such a program which has source available (e.g. kermit) and take that as our starting point? Target OS We have seen suggestions for DOS, Windows, Unix, and Linux (about which I know nothing). DOS and Windows are the biggest target market and the most likely to be used by the naive users we are trying to help, IMO. It would not be too hard to write for DOS but to isolate the OS dependencies so it could be easily moved to Unix (and perhaps Linux). But the DOS vs Windows decision is more fundamental. More generally, it is the command-line vs GUI decision. It's very hard to write code which is portable across these two approaches. I would lean towards the command line approach because it is easier to write portable code, in my experience (portable between DOS and Unix, say, is easier than portable between Windows, X, and Mac). But just fixing on Windows is another option. Serial Interface Focusing on DOS, apparently there are several ways of interfacing to the serial port. I know nothing about these. The main issues would be portability - does it require the user to have some third-party software, or to run on only a limited subset of PC clones - and efficiency - can we run at 9.6 or 14.4 Kbaud? What solutions accomplish both of these? And what if we went with Windows? Does that narrow our options? User Interface I still think this is one of the harder issues. How exactly can we make this easy to use? Can anyone suggest a non-magical (e.g. no mind-reading) but still ideal interface for encryption? I kind of liked Greg's suggestion of using the rollback buffer for decryption - when it sees an encrypted message go by it automatically decrypts it and offers it to the user to see. I'm not exactly sure what you do with it then, though. It would be helpful for me to hear more about how people read and send mail on their home computers, in some detail. If Mike Diehl got enough responses to his survey that would be good to hear about, too. Hal Finney 74076.1041@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: RYAN Alan Porter Date: Thu, 3 Jun 93 15:21:09 PDT To: cypherpunks@toad.com Subject: Clipper on CNN HN Message-ID: MIME-Version: 1.0 Content-Type: text/plain The current CNN Headline News has a spot on the Clipper chip airing after the Sports section, I just barely caught it by accident. I have to leave now to do some consulting, but I have my VCR set up to record it the next time around. Summary of the tape: ____BEGIN SUMMARY____ The Clinton Administration is developing, along with the NSA and the NIST a chip which will ensure private communications between telephones and fax machines and such. Current plans are for the keys to be held in escrow by two seperate (unnamed) government agencies. Much was made about the objections made by people at the NIST hearings about the questionable constitutionality of the chip and a direct quote was aired by a woman saying during the hearings that 'the chip would expand the powers of the government to invade the privacy of citizens to even greater than what it already is' (paraphrase) and also about the objections of companies who are afraid of being blackballed and prevented from doing business unless they use the chip. There was a small hint of a fear that the 'voluntary' status of using the chip would not last for long. Also, AT&T (surprise) has apparantly announced that it is already developing a system using the chip and showed a prototype on the air. It seemed to be a lot larger than necessary, a huge black box with a little LCD display saying 'secure' and whatnot when you activated clipper security. There was an interview with a fed type who repeated all of the old stale arguments about making conversations secure for him but not for the criminals. ____END SUMMARY____ I think that the spot was definitely leaning toward exposing the objections that people have toward the chip, even if the people at CNN didn't really understand for sure what those objections are. The whole thing might have been a little unclear for the average Joe as to what the real problem is with this newfangled system, and I think that more uninformed coverage like this is likely to turn people against us; they may start to see us as the bad guys, a bunch of people who are against privacy by our objection to this thing. Anyway, now that it has hit CNN, it is officially mainstream and it may well become a hot, trendy news item. What we need now are hoardes of people who will volunteer to be consulted with as 'experts' on the issue for local news and such. Gotta go now, gotta write some code... Try to catch the spot. -Ryan the Bit Wallah From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: m5@vail.tivoli.com (Mike McNally) Date: Thu, 3 Jun 93 15:59:13 PDT To: ryan@rtfm.mlb.fl.us (RYAN Alan Porter) Subject: Re: Clipper on CNN HN In-Reply-To: Message-ID: <9306032258.AA19159@vail.tivoli.com> MIME-Version: 1.0 Content-Type: text/plain > The current CNN Headline News has a spot on the Clipper ... > > I think that the spot was definitely leaning toward exposing the > objections ... I hope they've got a new clip. The one I saw about 2 weeks ago was lead into with the statement that "some fear the new scheme might compromise the privacy rights of criminals." Duhhh. The first sound bite was an FBI dude saying that he didn't think that "child molesters, drug lords, bombers, snipers, terrorists, and kidnappers" have any right to privacy. It went downhill from there, ending with a weak 5 second statement from somebody at CPSR (weak, no doubt, because of editing, not lack of CPSR concern). Mike McNally From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 3 Jun 93 18:05:09 PDT To: cypherpunks@toad.com Subject: Hardware vs software In-Reply-To: <9306030216.1.2999@cup.portal.com> Message-ID: <9306040101.AA05981@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >DES is kind of optimised for doing it in hardware, so don't take >how slow it is in software as the limit for good encryption. I wasn't saying that DES was the fastest of all possible secure ciphers. I was saying that DES is the fastest of all ciphers which are widely believed to be secure. This aspect of security is moderated by the key length of DES, which is too short to be secure against a well-funded opponent at present, but which is perfectly adequate for other purposes. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 3 Jun 93 18:10:18 PDT To: cypherpunks@toad.com Subject: snake oil In-Reply-To: Message-ID: <9306040106.AA06151@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain > (As it happens, I happen to >have what I **think** is a new approach to cyphering, Post away. If you upload a copy of the source to the directory pub/cypherpunks/incoming on the ftp site, I'll make it available to everyone. I would like to see this regardless of whether it actually is secure. It is a well-founded maxim that no one should design a cipher without having broken a few first. There is a need, apropos of training the desginers, for insecure ciphers, not so they can be deployed, but so that other insecure ciphers will not be. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 3 Jun 93 18:25:05 PDT To: ryan@rtfm.mlb.fl.us Subject: Clipper on CNN HN In-Reply-To: Message-ID: <9306040121.AA06595@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >The current CNN Headline News has a spot on the Clipper chip airing after >the Sports section, It is likely that this is a new clip rather than the old one. There is a large class of stories for which the print media drive the televisual. See _Bad Day at Black Rock_ for a first hand account of this. The CBS News staff read the New York Times every morning to figure out what to cover. In all likelihood they've just picked up the story from Newsweek, slant and all. It is because of mechanisms such as these that it is vital that people get out there and start talking to local press, of whatever kind. The media predate on each other's research. Getting the story out _anywhere_ is useful, because it will frequently trigger more coverage, and we desire the escalation of coverage. We must make ourselves heard widely because if we can bring the wiretap chip to public debate, we will have won. The languor of apathy creates a veil of secrecy for the public equally as effective as lies and denials. If we can get enough press coverage about this, it will become an "issue". One of the best things we could hope for is that "Nightline" will have Ray Kammer v. Whit Diffie. Public opinion will not sit well with making it illegal to keep secrets. Phone calls to CNN, asking for explanations of that short story will help, hint, hint. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Timothy Newsham Date: Thu, 3 Jun 93 21:31:26 PDT To: cypherpunks@toad.com Subject: good day Message-ID: <9306040431.AA17279@toad.com> MIME-Version: 1.0 Content-Type: text/plain Ahh.. what a good day it was today! I am currently logged in to my UNIX account from home. I am sitting here mailing you guys, and everything I type is being sent over the modem in encrypted form. I worked out some very irritating bugs in my software and have my link protocol up and running pretty reliably. It still needs some cleaning up. I will be cleaning it up a little and running it on a few different platforms to test it out. The code is basically the same as the unix end I mailed out to several people earlier (with just 3 or 4 lines changed), but I now have a good, functional VT100 end for my amiga. I will post here after I clean up and test the code a little and get it ready for "release". So if you're interested, basically just wait. But I am looking for people who are willing to port to other platforms. The common code should need no porting, what needs to be done really is to find a good P.D. term program in source form and modify it (this is what I have done). The common code was written with this in mind and it shouldnt be terribly hard (simply replacing writes to screen and serial with encoding/decoding routines and then outputting the results, and small things like providing the user a way to turn on and off the encryption). Tim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Thu, 3 Jun 93 15:53:03 PDT To: Nickey MacDonald Subject: Re: snake oil In-Reply-To: Message-ID: <9306032252.AA12490@dun-dun-noodles.aktis.com> MIME-Version: 1.0 Content-Type: text/plain >> If I just dreamed up a new gee whiz "new" cypher, should I post it to the >> list for comments, or is this frowned on? (As it happens, I happen to >> have what I **think** is a new approach to cyphering, and the answer to this >> question will determine wheter anyone hears about it or not...) This list is, IMHO, for the discussion of privacy enforced by technology in the hands of the user.. New approaches (like remailers or money algorithms) are within the domain of this group. New encryption algorithms are better discussed in the newsgroup sci.crypt. I admit that I'm a bit skeptical. So far, every new encryption scheme someone has proposed here has either been trivially defeated, or done before. I'm tired of showing how most schemes are reducible to a one-time pad or codebook :-) In any case, I think there are more experienced cryptographers on sci.crypt than on this list, but I could be wrong. Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 3 Jun 93 18:58:26 PDT To: cypherpunks@toad.com Subject: Work the work! In-Reply-To: Message-ID: <9306040154.AA07862@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >I have shied away from any "political" action against Clipper because I am >unsure how a Canadian can help... Preempt government restrictions by fighting for the explicit right to strong cryptography. Point out how those foolish folks south are going to screw themselves over by government mandated cryptography. One of the arguments that is being made in this country against the wiretap chip is that it will harm overseas business. In Canada you can turn this around and show what a great economic boon you have available. You can point out that the US has abandoned their foreign markets in secure communications, which will, of course, be the only kind of communications of the future. Get Northern Telecom on your side. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Nickey MacDonald Date: Thu, 3 Jun 93 15:13:25 PDT To: cypherpunks list Subject: Re: snake oil In-Reply-To: <9305281652.AA13454@soda.berkeley.edu> Message-ID: MIME-Version: 1.0 Content-Type: text/plain This raises a question... I don't think this has been addressed yet (I am a bit behind in my mail) and might be worthwhile putting in the FAQ... If I just dreamed up a new gee whiz "new" cypher, should I post it to the list for comments, or is this frowned on? (As it happens, I happen to have what I **think** is a new approach to cyphering, and the answer to this question will determine wheter anyone hears about it or not...) Is there a comprehensive list of short "already been done" types of cyphers? (Whether failed or "still" succesful.) A good book? --- Nick MacDonald | NMD on IRC i6t4@jupiter.sun.csd.unb.ca | PGP 2.1 Public key available via finger On Fri, 28 May 1993, Eric Hughes wrote: > >I, for one, will never use any crypto system for which the algorithm > >hasn't been extensively published and scrutinized. > > I am in total agreement. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stanton McCandlish Date: Thu, 3 Jun 93 18:50:17 PDT To: cypherpunks@toad.com Subject: the right platform for these projects Message-ID: <9306040150.AA04811@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain I agree wholeheartedly that a commandline, portable, version should come first. Porting that separately to X, Win, Mac, etc will not be nearly the chore that porting a Windows app to Unix will be. Re: the ubiquity of Windows: LOTS of people have Windows. But... The idea that new machine sales are mostly Windows machines is given the lie somewhat by the fact that they are also all DOS machines, and that Windows is just bundled. Many people don't install it due to the disk space leeching. And a LOT of people with Windows don't use it for comm stuff because Windows + comm = nightmare. So yes, make a Windows version. NO don't start with a windows version. One of your biggest markets will be the BBS crowd, 90+% of whom use DOS, not Windows, for comm apps. And I still heartily recommend tackling this from several different angles. Sure make a new term, but also get Telix, et all to go along with it. Get Fido-tech mailer makers to support the ^ENC "standard", etc. -- When marriage is outlawed only outlaws will be inlaws! Stanton McCandlish, SysOp: Noise in the Void DataCenter Library BBS Internet anton@hydra.unm.edu IndraNet: 369:1/1 FidoNet: 1:301/2 Snail: 1811-B Coal Pl. SE, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Thu, 3 Jun 93 16:55:05 PDT To: Nickey MacDonald Subject: Re: snake oil In-Reply-To: Message-ID: <9306032354.AA12581@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain Nickey MacDonald says: > This raises a question... I don't think this has been addressed yet (I > am a bit behind in my mail) and might be worthwhile putting in the FAQ... > > If I just dreamed up a new gee whiz "new" cypher, should I post it to the > list for comments, or is this frowned on? (As it happens, I happen to > have what I **think** is a new approach to cyphering, and the answer to this > question will determine wheter anyone hears about it or not...) My suggestion is this. Its perfectly appropriate to post the cypher to the list PROVIDED you take the right attitude, which is to say something like: "The following is something I just thought up. I'm not a pro, and I worry that this thing has holes. Anyone care to give me hints on what they might be?" My objection has never been to people developing new cypher systems. Its always been to people claiming, in the absense of very strong attempts to break their system, that their system is secure. Provided you aren't trying to encourage people to use a new system you are developing, what harm can discussing it possibly do? On the other hand, great harm can be caused by fools pushing systems they have designed in the absense of expertise -- that was specifically the sort of objection I had to the whole "Dolphin Encrypt" thing. Sci.crypt is likely a better place to post a query about a new cypher, of course. > Is there a comprehensive list of short "already been done" types of > cyphers? (Whether failed or "still" succesful.) A good book? I would suggest looking in the sci.crypt FAQ -- its got lots of good intro material and reading lists. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: kelly@netcom.com (Kelly Goen) Date: Thu, 3 Jun 93 20:28:17 PDT To: cypherpunks@toad.com Subject: (fwd) [comp.os.linux.announce] New loop devices, even with DES encryption Message-ID: <9306040328.AA26468@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Organization: NETCOM On-line Communication Services (408 241-9760 guest) Path: netcom.com!netcomsv!decwrl!elroy.jpl.nasa.gov!usc!howland.reston.ans.net!agate!usenet From: almesber@nessie.cs.id.ethz.ch (Werner Almesberger) Newsgroups: comp.archives Subject: [comp.os.linux.announce] New loop devices, even with DES encryption Followup-To: comp.os.linux.announce Date: 4 Jun 1993 01:35:22 GMT Organization: Swiss Federal Institute of Technology (ETH), Zurich, CH Lines: 42 Sender: adam@soda Approved: adam@soda Distribution: world Message-ID: <1um8sq$86e@agate.berkeley.edu> References: <1993Jun1.201347.7433@klaava.Helsinki.FI> NNTP-Posting-Host: soda.berkeley.edu X-Original-Newsgroups: comp.os.linux.announce X-Original-Date: Tue, 1 Jun 1993 20:13:47 GMT Archive-name: auto/comp.os.linux.announce/New-loop-devices-even-with-DES-encryption Version 0 of the new loop devices patch is in tsx-11.mit.edu:/pub/linux/BETA/loop and nic.funet.fi:/pub/OS/Linux/BETA/loop The files are: lo.0.tar.z The loop devices patch des.0.tar.z DES-encryption for the kernel Note: If you're FTPing from outside the U.S. or Canada, please get the DES patch from nic.funet.fi, because of the well-known US export restrictions. (DES encryption is optional. The loop devices also work without it.) Loop devices give you the ability to mount file systems from regular files. Additionally, you can use them to have more than one file system on one partition and to have transparent on-line encryption of all your data. The loop devices patch is relative to ALPHA 0.99pl10, but it'll probably work with 0.99pl9 and 0.99pl10 too. The DES patch should work with any recent kernel. This is a new implementation of loop devices by Theodore Ts'o, I'm just maintaining the code. Unlike my old loop devices, which are also in some versions of SLS, the new loop devices will continue to work after variable block sizes are added to the kernel. The DES code is derived from Eric Young's DES library. I originally wanted to use UFC crypt, but its memory requirements make it a bit difficult to handle. Maybe later. - Werner -- _________________________________________________________________________ / Werner Almesberger, ETH Zuerich, CH almesber@nessie.cs.id.ethz.ch / /_IFW_A44__Tel._+41_1_254_7213__________________almesber@bernina.ethz.ch_/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 3 Jun 93 22:17:48 PDT To: cypherpunks@toad.com Subject: CryptoStacker, long term vision In-Reply-To: Message-ID: <9306040514.AA18001@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain > I am trying to find a convinient method for >keeping keys that an end user would be happy with. There need not be a single method used. This is the whole point of making a system with hooks--hooks for encryption, hooks for key management, hooks for drive control. Not only does this make for more flexible software, but its effect on modularity is striking. One requirement of any keying method, however, is that the keys be physically removable from the locale of the machine. That nixes a couple of the suggestions you mentioned. Any keying material for the volume of data represented by a hard disk will be longer than human memory or tolerance of delay. In an encrypted telecommunications system, the keys should be changed frequently. This is not necessary in the case of encrypted disks. You will know when your drive has been compromised; it won't be there any more. Unlike telecommunications, where one assumes that the eavesdropper has access to all of the data flow at all times, an encrypted hard disk gets looked at once. Of the two remaining solutions on the list, PCMCIA and floppy, there is no reason to chose one over the other. Properly modular software should be able to support both. Floppies will come first because there's no new hardware, but I personally would be much more comfortable using the more robust medium of EEPROM on a removable card. >Yes, I can see the advantages of using a device driver for this >application. The suggestion to use the MSDOS network redirector is also worth heeding. The CD extensions, for example, use it even though that drive is sitting right there in the machine. Using the redirector would allow one to support both separate partitioning and filesystem within a file. Here's another case where modularity wins. Many people may only need a bit of encrypted data, and a one or two Mb file might do it for them. (Sector remapping, BTW, is no big deal.) Again, you don't have to do both at the outset. re: choosing DES for the cipher >Is it just my impression or did you just tell me that > 1) DES is too slow to use, I am stupid for trying. Yes and no. > 2) DES is what I should use. Yes, at first. I remain to be convinced that software encryption of any kind is feasible for efficient bulk hard disk encryption. To be sure, there will always be the need for less efficient but secure storage. As I said in another posting, DES is the fastest trusted symmetric keyed block cipher around. I do not think you are stupid for trying DES. I _will_ think you are stupid, however, if you go ahead and implement it without first doing some estimates on the amount of time it will take and the effect on disk performance and latency. It is planning I am talking about here, not any particular final decision. You should allow hooks in the system for different block ciphers. If you do this, then some sort of algorithm byte should be present in the partition information. >How do codebook and counter mode relate to the layering that I >hear about (ie, single, double, triple DES) Single and multiple DES are still block operations. Codebook and counter modes refer to ways that block ciphers may be used; they are not specific to DES. Re: large amounts of keying material >I agree about length and multitude. How does the key length affect the >speed of the algorithm? There are two lengths here, do not confuse them. The first is the length of the key to the block cipher. The second is the total length of all such keys in aggregate. The first length is not directly relevant; it is the speed of the cipher which it keys that is. For simple iterated DES, however, these coincide. Single DES takes one third as long as triple DES. As far as aggregate length goes, the only time here is for one array indirection, which is miniscule in comparison to the encryption time. >I am also concerned about having the keys sitting around in memory once >they are read from the disk. For a standalone machine, this is not a concern. For a networked machine, one may simply consider that all of memory is available to an intruder. No memory protection is available. There is no way around such a fundamental limitation other than hardware. Therefore, don't worry about it, and inform the user of the issue. >> Keys in the driver should time out after some specifiable period. As I did not mention previously, this is an extremely difficult problem in DOS. >> Files that are open when the time-out occurs and the programs that >> have them open are going to have to be dealt with gracefully. >[...] tying the timer into the int 24 routine which >terminates program execution, so that if enough time had passed it would >shut down the drive, but only AFTER you have exited your program. No good. I use Desqview, which multitasks the machine. There's good reason not to require single tasking for this project. Many TSR do effective multitasking already. This is a really sticky problem. The criterion here is that programs with open files whould still be able to access them, and possibly even to write to them. No other access would be permitted. This requires abstraction at the file system level, not the device level, and thus would require mixing abstraction levels. Ick. The logging file systems mentioned in the context of Unix are what is needed here, because the recent activity need not be encrypted. If graceful shutdown cannot be achieved, there will still be times when ungraceful shutdown will be useful. One should not judge in advance another's relative values of information compromise and a slightly corrupted disk. At the very least, there should exist a program to zero out the keying material. Re: conversion from non-encrypted to encrypted >I think that this is likely to be the biggest problem with my system >as I am considering it. [...] I think that a system like the >aforementioned would be possible to painlessly install with an >installation program [...] with no backing up and repartitioning >involved. That's fine, but that program is going to have to get written as well, and it's going to have to be as reliable as a disk optimization program. After each sector write the disk is going to have to be in a stable configuration, so if power fails at that moment, all is not lost. This will not be easy, since you'll be dinking with the partition table all the time. If you can get such a thing working, it would enormously increase the actual usage of the encrypted disk drivers. It is an elegant idea, but a difficult one to implement. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: RYAN Alan Porter Date: Thu, 3 Jun 93 20:31:19 PDT To: A1 ray arachelian Subject: Re: CryptoStacker, long term vision In-Reply-To: <9306031900.AA02558@ishara.poly.edu> Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Thu, 3 Jun 1993, A1 ray arachelian wrote: > > 2) does anybody know how the hell Stacker or DoubleStor or > > whatever executes the actual interception of the read/write > > routines and stacks them? I don't get it at all. I am > > more than willing to learn to get this thing working though. > > > > Anyhow to make the story short, if I wrote an image mounter device driver which > would be able to grab DIM files and pretend that they were on the A: or B: drive > then we could also install the programs without breaking out the recylced disk > box. :-) Couldn't you just do that with the assign command in DOS? or is that a new command? > I never got around to it because of other projects, but, what you need to do is > to write a device driver that becomes accessible via the IOCTL calls. That's > the way logical drivers (such as Stacker) install themselves. Yeah, I am assuming that is the way I will have to organize the system. I want it to be totally transparant, that seems like a good way. > Also, the program you're writing (I believe) has been already written and is > part of Norton Utilities, but uses either DES or some other weak form of > encryption. You might want to buy Norton Utilities and play with that program > and see what makes it tick. Basically a program like MSD (Microsoft Diags) > can tell you exactly what interrupts it patches itself into. I have heard this from someone else. It kind of takes the wind out of my enthusiasm, but not too much... I still think that there is a need for a good, strong system out there with some seriously dedicated password key protection and such. Also, it needs to be freeware (or shareware, depending on how long it takes to write) so that security won't just be in the hands of the people who can afford to buy it from companies. I also think that it would be a lot more valuable if it were distributed with code so that any user who wanted could inspect it for trapdoors. > On to the sector remapping. The way stacker and doubledisk and the other > suite of driver level compressors work is basically, they allocate a huge > file on the hard drive, and then do a remapping at the sector level. That > is you've got the data itself and an index table into the data for every > sector. When a sector is written to the drive, the driver compresses the > sector, so say, it was 512 bytes, it now becomes 128 bytes (if we're lucky) > so what Stacker does is, looks in its index table, finds 128 bytes free in > the huge file it allocated, writes the data there, and then sticks the > position of the data, and it's size (after compression) in the index table. > (Of course it also marks that 128 bytes as taken.) Umm, perhaps this is overly optimistic, but I was hoping that I would be able to use an algorithm that did 1 byte in / 1 byte out encryption so that I wouldn't have to deal with sector remapping. This would greatly speed up the process, make it more crashproof, and besides, it would be a hell of a lot easier... I was thinking that I would even basically leave the FAT and such intact, or at least only slightly modified. > I believe it also does some other funky stuff like changes the allocation > table or the bytes free to twice the space it's got left, so that DOS > doesn't choke when it thought it had 10,000 sectors free and the hard > drive ran out of space when it tried to write #4,999. :-) > > So you might want to do this with RSA. But better yet, why don't you > find a quick compressor algorithm (say some sort of LZ type method) > and stick that in as well. This way you are writing a public domain > version of stacker >WITH< encryption. (Since you'd have to remap > the sectors anyhow, you might as well compress them too...) I have been pointed in the direction of the IDEA engine in PGP, which will take 1 byte in / 1 byte out. This would be ideal (snicker) for the reasons that I mentioned before. As for compressing also, that is a really good idea, but I think that I will leave that one up to posterity, or at least to the next guy that tries to midofy the thing, I am concerned enough with getting it to work at all, and compression would add the problem of having to do sector remapping, which I would like to avoid at first. > The above is just a theory and hasn't been tested. I believe that > this is what Stacker does, but I'm not exactly sure. :-) But it > does sound logically right. Sounds good to me, and it is consistent with the advice of others (thanks a lot guys, I really appreciate the help) and the books that I have found since this started two days ago... > So if I'm wrong, let me know as you've got my curiosity up in this > matter. I'll keep everyone updated no problem. How else am I going to get suggestions and help? -Ryan the Bit Wallah From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 3 Jun 93 22:25:56 PDT To: cypherpunks@toad.com Subject: Software infrastructure In-Reply-To: <9306040452.AA13658@triton.unm.edu> Message-ID: <9306040522.AA18339@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >It >puzzles me why we are contemplating writing our own comm package when so many >good ones are out there that can be made to serve our purposes. Reliability. Scripts do not easily handle error conditions that might result in lost mail. They're fine for a few, but they aren't for all. Integration. Remembering what to do next is a large hurdle. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Nickey MacDonald Date: Thu, 3 Jun 93 18:38:24 PDT To: Eric Hughes Subject: Re: Work the work! In-Reply-To: <9306020432.AA20624@soda.berkeley.edu> Message-ID: MIME-Version: 1.0 Content-Type: text/plain I have shied away from any "political" action against Clipper because I am unsure how a Canadian can help... I would like to think that the Canadian government will not follow the US lead, but I'm sure that its just a matter of time. I am open to suggestions... How do I avoid being told that I'm fighting "someone elses" war? --- Nick MacDonald | NMD on IRC i6t4@jupiter.sun.csd.unb.ca | PGP 2.1 Public key available via finger On Tue, 1 Jun 1993, Eric Hughes wrote: > If you are doing something, continue. If you are not, start. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: RYAN Alan Porter Date: Thu, 3 Jun 93 20:31:19 PDT To: "Patrick E. Hykkonen" Subject: RE: CryptoStacker - Suggestions In-Reply-To: <9306031827.AA05452@tstc.edu> Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Thu, 3 Jun 1993, Patrick E. Hykkonen wrote: > > This model of using a device driver means that there is going to have > > to be at least two partitions on the disk: one to boot from, and one > > to be encrypted. The device driver itself and the operating system > > can't be on the encrypted disk, because those components must be > > loaded before the encrypted disk is accessible. Most people are not > > Why not have the device driver create a file (possibly of varying sizes) on > the hard drive which the encryption device driver then makes look like another > drive?!? This is how the compression programs work, seems to me a pretty Hmm, nix on that, I would have to do some sector remapping, which would not only slow it down and make it more vulnerable, it would just be more crap that I would have to deal with which might crash the thing in the long run. Besides, I think that most people using this would actually PREFER to have more that one partition, with one unprotected. This would allow you to use the setup that I have mentioned before, with one 'fast' partition and one 'secure' partition. You would simply have to make sure that the system was booted from a 'fast' partition. Quick, simple, stuff that you don't have to be a genius to make work. (remember we are talking about protecting non-cypherpunks here as well as us computer gurus) I would like to implement a system in the future which would do compression as well as encryption (are there any good algorithms that just happpen to do both at the same time? Maybe somebody should get on that, it would certainly be useful) and that would require a system like you mention, but I will stay with simple for the first version. -Ryan the Bit Wallah From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 3 Jun 93 22:41:55 PDT To: cypherpunks@toad.com Subject: Term software develo In-Reply-To: <930603131241_76244.315_CHN36-2@CompuServe.COM> Message-ID: <9306040538.AA19367@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >FOSSIL may be popular on BBSs, but NASI/NCSI is number one in >the market. The oldest version of INT 14 is number two. What are NASI/NCSI? Does it cost to use them? Is source available? Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Blossom Date: Thu, 3 Jun 93 22:41:19 PDT To: cypherpunks@toad.com Subject: DOS disk encryptor Message-ID: <93Jun3.224101pdt.13930-2@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Ryan, Good luck on building the DOS disk encryptor. I belive that what you need to do is write a standard DOS disk driver (that can be installed in CONFIG.SYS) that implements the READ and WRITE primitives. I belive that they use the same entry point (the STRATEGY entry) in the driver. You would basically just call the BIOS routines to do the actual i/o. You don't have to worry about the FAT etc, just encrypt everything. You will probably want to use DES or IDEA and run it in CBC mode or Counter Mode. You would use the DISK BLOCK NUMBER as a piece of the key material (or part of the Initialization Vector), hence, even if the same data appeared multiple places on the drive, it would appear different on the surface. There is a good description of operation modes in "Modern Cryptology: a Tutorial" by Gilles Brassard (Springer Verlag Lecture Notes in Computer Science #325, 1988). Denning's book covers it too. I'd probably start out getting it running on a floppy. After that, just use a separate partition to make life easier. The driver is handed physical (or logical) block numbers, and these map directly to the physical drive block number by adding the offset of the beginning of partition. At driver init time, you read the partition table on the hard disk, looking for a "system type" that identifies the partition as one of your encrypted ones. Prompt for the pass phrase, and store it in the driver. I assume that your concern is somebody physically grabbing the disk drive. I don't have a problem with the pass phrase in memory, as long I have physical control of the system. In some of the DOS references, there used to be a sample RAM DISK device driver. You could use it as the skeleton to get the entry points right, and then just encrypt the block and call the BIOS to do the i/o. Have fun, Eric Blossom From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: RYAN Alan Porter Date: Thu, 3 Jun 93 20:31:21 PDT To: Eric Hughes Subject: Re: CryptoStacker, long term vision In-Reply-To: <9306031522.AA26005@soda.berkeley.edu> Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Thu, 3 Jun 1993, Eric Hughes wrote: > A related topic to encrypted disk drives. Anybody who has a desire to > see their data around long term makes backups of their drives. At > least one of these backups is usually physically near the drive in > question. > > What good it is to have an encrypted disk if the backups are not also > encrypted? > > Backups occur at the file system level, where an encrypted file system > does not appear encrypted, so that work here does not directly > leverage to encrypted backups. This is a good point. The only thing that I can think of in response is that there is now a need for a cryptobackup system. I can easily see how this could be accomplished with disk spanning, but I'm not sure that we could create something to work with all of the different tape drive standards. Perhaps just write a freeware system that could handle disk spanning and a few major, common tape systems (Colorado, etc...) I have to admit, that does present a minor problem. There is, of course, another way to do it which would speed things up by not having the date come from the disk, get decrypted by my driver and then get immediately encrypted agian before they get to the backup, and that is to simply operate the backup system as normally from the 'fast' partition with the encryption driver turned OFF. You back up the secure partition that way, and then whatever goes to the tape is pure garbage, and then you just turn the driver back on by rebooting. When you want to restore you simply turn the driver off, restore to the secure partition, and reboot to get your data again. No matter what kind of a system you are using, you are still going to need some unencrypted disk space to boot from, so that is where you stick your backup programs. Hell, the more I think about it, it won't be any problem at all... > > Eric -Ryan the Bit Wallah From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Thu, 3 Jun 93 21:53:22 PDT To: nobody@shell.portal.com Subject: Re: Software infrastructure In-Reply-To: <9306040011.AA22327@jobe.shell.portal.com> Message-ID: <9306040452.AA13658@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain According to nobody@shell.portal.com: > > It would be helpful for me to hear more about how people read and send > mail on their home computers, in some detail. If Mike Diehl got > enough responses to his survey that would be good to hear about, too. I've gotten a bunch! I'm storing the messages in a file which will later be edited. Then I'll tally everything up. Expect results on the list monday. Of course this means that if you haven't replied to my poll, you need to do so by saturday night, mountain time. Well, now I will describe how I send/receive mail on my system, the killer 8086-8 from Hell! ;^) I've been hyping my setup on this list for about a month. But since I've partially implimented a system like what we have been discussing, I'll give more details. First, my system configuration: MACHINE: AT&T 6300 PC HARDWARE: 640K, CGA, 1-360K fd, 1-20M hd. OS: PMS-DOS 3.1 and 4DOS 4.02 COMM PROGRAM: Telix 3.15 As you can see, I am developing for the low-end computer...... ;^) My email system is composed of (basicly) 2 files, a telix script, and a 4dos batch file. The telix script, at the moment, assumes it is already logged into my unix account. Then it does a 'frm' command and finds out how many NEW messages are in; it would actually be easier to simply dload all of my messages, but this is a bit more usefull. Anyway, it dloads them one at a time onto my pc using zmodem. Once on my machine, the script extracts From: and Subject: information from the message. Then it finds a unique filename to give the new message. This information is then stored in a form usable by the batch file, later. After it has done all this, it quits elm, and does some housekeeping. At this point, the communications program is finished and the mail is on my pc ready to read. Under an automatic implimentation (for, say a pay-as-you-go system) this can be done without any human intervention. After the messages have been collected, I, of course, want to read them. To do this, I run the mail.bat program. I am then presented with a menu allowing me to Create, Encrypt, Send, Read, Delete mail. Create, Encrypt, and Delete are trivial and don't lend much to this discussion. Read presents a menu of messages from the data file created by the telix script. At the moment, when a user selects a message to read, I use pgp to view it even if it is not encrypted. That can be fixed later. To send a message, you first have to have a file containing the message, duh. The user is asked for the name of this file, the address of the recipient, and a subject to use. This is information is then stored in a form usable by a third telix script. Ok, I lied, there are 3 files needed by my system. ;^) The actuall sending process is simple. The telix script reads the message information and starts elm, supplying the address and subject when asked. Then when it gets into vi, it ascii uploads the message directly into vi. This may seem kludgy, but it is rather portable since almost every online service lets you enter a message into an editor. Overall, the system works pretty well. I've still got a few bugs, mostly speed- related. But there is room for a lot of improvement. Here is what I would like to impliment. I'd like to have "encryption detection" which would allow my system to use the appropriate decryption software for message reading. If a message isn't coded, it should use list.com. I'd also like to expand "encryption detection" to recognize several types of encryption, pgp, pem, ripem, des, my-bitchin-crypto, etc. The telix script could tag the message as it s dloaded. I'd like to be able to use the system on many online services. The telix script could check the phone directory to see which system is it on. Then, when any system-specific stuff has to be done, such as starting the mail program on the host, a special function can be called to do that function on that host. The ascii up/down loading is fairly constant, and the local file manipulation doesn't depend on the host. At the moment, I am working on a Reply function. I know how I'm going to do it, I just haven't done it yet. More later. Well, if you have followed my this far, you either crazy or interested. ;^) It puzzles me why we are contemplating writing our own comm package when so many good ones are out there that can be made to serve our purposes. I'm open to comments..... Fire away! +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@soda.berkeley.edu Date: Thu, 3 Jun 93 23:04:13 PDT To: cypherpunks@toad.com Subject: Software infrastructure Message-ID: <9306040600.AA20309@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain From: Hal Finney, <74076.1041@compuserve.com> Mike Diehl's system sounds pretty good to me. You can create messages, encrypt them, upload and send them, as well as downloading, decrypting, and reading messages, all with a nice menu-based interface. That's what we want, right? It sounds like the system would be easily adaptable to other types of hosts, too. BBS operators could customize the scripts for their particular systems and offer the package. We could create versions for users of other mail packages than elm on Unix systems, as well as for some of the commercial systems. You could cover a lot of people this way. > Well, if you have followed my this far, you either crazy or interested. ;^) > It puzzles me why we are contemplating writing our own comm package when so > many good ones are out there that can be made to serve our purposes. I'm > open to comments..... Fire away! The only real problem I see is the use of Telix. How much does this program cost? We can't give away a disk with Telix on it. What about Kermit? It's free and it has a scripting language, but it doesn't sound nearly as advanced as Telix's. Would it be good enough? Or are their other free programs which we could use? If we could adapt Kermit or some other free program to do what Mike is describing, we could give away floppies with secure and easy-to-use encrypted email handling capabilities, as well as making them available on the net. People could just get the version they need for their particular mail access.method. The package would include the communication program, the scripts, and the encryption software. The user interface would be as Mike described, all menu driven and easy to use. I think this would be a good way to go if we could get past the hurdle of finding a free comm program that would be adequate. Note added in proof :) Eric mentioned concerns about reliability. Scripts can in principle be made flexible enough to handle many sorts of errors. You just need a lot of states and a lot of result checking. This technique of automatically attaching to a host system and downloading data is widely used by computer novices. I just saw an ad today for a product which lets you create your own "newspaper front page" graphically, then will log on to Compuserve and fill in the news, sports, and business figures you have specified, and do so at regular intervals, automatically, running in the background. I often use a package called Tapcis which automatically logs onto compuserve, getting my mail and sending new mail, reading various topics of interest that I have selected. I used to use a Mac program called Navigator which did the same. Granted, none of these are scripts, they are all custom programs, but the kinds of checking they do should be doable in scripts as well. (I wasn't sure whether Eric's point was that high level scripting languages are excessively clumsy, or the more general point that automated mail access was the wrong way to go. I am addressing the latter here.) Hal From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: RYAN Alan Porter Date: Thu, 3 Jun 93 20:43:10 PDT To: Eric Hughes Subject: Re: CryptoStacker, long term vision In-Reply-To: <9306031512.AA25490@soda.berkeley.edu> Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Thu, 3 Jun 1993, Eric Hughes wrote: > >This is tiring drivel concerning the CryptoStacker project. > > If you want help, it is wise not to recklessly insult those who are > offering it. By your own admission, you do not have a lot of > experience here; you seem to be saying "I know exactly what I don't > know," which, may I add, is a common delusion of the inexperienced. Oh please, not a flame... I'm trying to create something here, and I need a lot of help, since everyone seems to know exactly how this should be done but none of them want to actually get off of their heinies and write it. The last thing that I need is to start getting flamed, the whole project will rapidly go down the tubes... > You seem to have fixed a model of how the encrypted disk would work > and don't want to debate it. The model is exactly that which requires > the most scrutiny, because it has the most far reaching effects. If > the model is flawed somehow, that's what you want to know before you > begin, not six months later. I am paying very close attention to the suggestions on overall format, you may have noticed that my concept has changed from a hardware PGP encryption of the entire disk with PCMIA keys to a more realistic DES software encryption through device drivers and multiple partitions. I am certainly not closed off to ideas, and the last thing I need, as I said before, is to start getting flamed. > I take it that you want people to use this software after it is > written. if so, then pay close attention to user acceptance issues > such as performance and key handling. You neglect them at your own > risk. I am certainly not neglecting either issue, performance is one of the main reasons why I am interested in NOT doing sector remapping and compression along with the encryption, and I am trying to find a convinient method for keeping keys that an end user would be happy with. Among the suggestions at hand: An ISA card with the key burned into EEPROMS and a keypad attached for verification of user ID PCMIA cards holding keys and a mandatory PCMIA slot Users typing long keys in manually Keys held on floppy disks Keys held on the HD itself I believe that keys held on floppies with password verification to be the most feasable, the easiest and the most likely to be understood and accepted by end users. Please stop flaming me, I'm doing the best I can here... > I would suggest that you first version just be a device driver that > has no encryption, but only the hook for it. The device driver > skeleton for a disk will be difficult enough, as you have to support a > whole lot of operations just so you can have a place to put the > encryption. This is exactly the software infrastructure problem in > another context. Yes, I can see the advantages of using a device driver for this application. I am now doing research on just that. The idea of setting up the initial version to simply pass through data unharmed is also a very useful suggestion. Thank you. > After you have a device driver skeleton working, you can add both > hardware and software encryption modules. There is no need to be > exclusive about this. It is clear to me from your comments that you > haven't timed any DES routines and done a calculation of increased > latency times, and although I hate to see code development go to > waste, it's your time, not mine. > > As far as picking an encryption algorithm, use DES. DES is the > fastest symmetric keyed block cipher that is thought to be reasonably > secure. DES is not particularly fast in software; it was designed as > a hardware standard and does lots of bit manipulations. DES is fast > enough for serial communications, but that 1000 times less the > bandwidth than a hard disk. Is it just my impression or did you just tell me that 1) DES is too slow to use, I am stupid for trying. 2) DES is what I should use. What the hell did I do to deserve getting flamed by someone who I so respected about ten minutes ago? Do you instinctively do this because I don't yet understand a few highly technical concepts yet? Would you rather this whole project just get scrapped just because I am not yet as proficient in this area as you? How did you learn, did people flame you when you tried to create something and asked for advice? What the hell, I'm just trying to help. You talk about how I should be careful about inadvertently trampling on the people giving me advice. I am sorry I certainly did not mean to (and I think that you will notice that later in the message I specifically thanked him several times for his input) but what about you specifically and intentionally insulting the guy who is actually trying to WRITE the thing? I have other things to do, I am a professional programmer and I get payed plenty to write code for other people. What I am doing here is trying to write some code for EVERYONE for FREE and I am VOLUNTEERING my time. (lots of it, I might add) > Of course, you don't want to run DES in codebook (aka naive)mode. > (Codebook mode is where you just simply map block to block; the > problem is that identical blocks map to identical blocks.) You'll > want some sort of other mode, like a counter mode, to make sure you > don't get identical ciphertexts. It is also a bad idea to encrypt the > whole disk with one key; it makes brute force searches much easier. I see. How do codebook and counter mode relate to the layering that I hear about (ie, single, double, triple DES) are these simply single or multiple layers of these modes, or did I miss something? (I still have a shortage of good cypto books at my command, I have three that I think will be very helpful on order at the local university library) > Your keying material should be long. I earlier suggested one key per > track. These keys are going to have to be stored somewhere, and the > disk is the wrong place for it, clearly. This implies that the user > is going to have to have some key-holding device (likely a diskette) > which will be necessary in order to unlock the partition. the keying > material should be password protected. This device will be have to > used at boot time if anything necessary to boot is stored on the > encrypted partition. I agree about length and multitude. How does the key length affect the speed of the algorithm? I am also concerned about having the keys sitting around in memory once they are read from the disk. This would just open the system up to somebody running a key scanning program on your system and grabbing the keys right out of memory. I'm still not sure what to do about this. It is a really good reason to go to PCMIA cards with the PCMIA DMA mapped in the future, but I can't quite think of a good solution right now... > Keying material will need to be backed up. This should be made as > painless as possible, otherwise there will be plenty of people losing > whole drives. Yes, that shouldn't be any problem. I am thinking more an more that the guys who wrote Stacker knew what they were doing... I forsee a seperate utility program which would sit around on the uncompressed partition for dealing with keys and such, this would be where I would handle key backups. > Keys in the driver should time out after some specifiable period. > Files that are open when the time-out occurs and the programs that > have them open are going to have to be dealt with gracefully. I thought of this as well as a possible solution to the problem of having the key sitting around in memory, but it really seems to me like a great way to lose data by crashing programs. I just don't see how I could make it timeout gracefully and not crash whatever is running. Something that I did think of though, is tying the timer into the int 24 routine which terminates program execution, so that if enough time had passed it would shut down the drive, but only AFTER you have exited your program. This would provide the timer support and still not be horrible likely to wreck the hell out of something and kill some data. > This model of using a device driver means that there is going to have > to be at least two partitions on the disk: one to boot from, and one > to be encrypted. The device driver itself and the operating system > can't be on the encrypted disk, because those components must be > loaded before the encrypted disk is accessible. Most people are not > going to go out and buy a new disk to be the encrypted partition. > Thus, this is going to mean a full backup of the existing disk, an > operation with FDISK to do the partitioning, then, assuming the driver > works right the first time, restoring everything else on the encrypted > partition. What is the effect of _this_ on user acceptance? This looks awfully flamish to me too, but I'll let it pass... I think that this is likely to be the biggest problem with my system as I am considering it. An obvious way around this would be to use a system which does sector remapping and stores the entire file system in one huge file a la Stacker, so that we don't need to actually physically partition the disk. I can think about how to implement a system like this after I get a non-sector indexing system working. I think that a system like the aforementioned would be possible to painlessly install with an installation program just like the one that Stacker uses to painlessly turn your disk into two virtual disks, one stacked and the other the boot disk, with no backing up and repartitioning involved. > Eric Much as the flamage has ticked me off, you have provided some of the most helpful information and suggestions to date and I very much appreciate your help. I still truly don't understand what I did to provoke you, other than working on a crypto project, but I do appreciate your help. I can only hope that I caught you late at night or something or perhaps just misunderstood the severity of your insults. -Ryan From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: bei@dogface.austin.tx.us (Bob Izenberg) Date: Thu, 3 Jun 93 22:42:28 PDT To: cypherpunks@toad.com Subject: subscribe Message-ID: MIME-Version: 1.0 Content-Type: text/plain subscribe l-cpunks@dogface.austin.tx.us From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: poier@sfu.ca (Skye Merlin Poier) Date: Fri, 4 Jun 93 00:23:02 PDT To: cypherpunks@toad.com Subject: Procomm and encryption Message-ID: <9306040722.AA00676@malibu.sfu.ca> MIME-Version: 1.0 Content-Type: text/plain This discussion of integrating encryption with a comm package made me remember: Procomm Plus 2.0 allows "hooks" to be assigned to meta-keys. I have the exact interface hook.c around here somewhere, if someone wants me to post it. Skye -- -----====> Skye Merlin Poier <====----- Undergrad in CMPT/MATH (Virtual Reality) |||| |||| email: poier@sfu.ca p-OO <--> OO-q THINK PGP Public Key available on finger \== ==/ ivel' or some such. I would like to make it clear that the 'tiring drivel' that I was referring to was MY post and not the letter from Hugh and I merely intended the note to serve as a warning to people not interested in the project. I see now that it is, indeed possible that this informal not may have been misunderstood and I hope that you will understand my real intent now and not hold it against me. I am truly greatful for the help that I have received on this effort and hope that we will have another product of guerilla programming soon. Again, sorry for the misunderstanding, especially to Hugh, and keep those suggestions coming, there is work to be done... -Ryan the Bit Wallah From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: greg@ideath.goldenbear.com (Greg Broiles) Date: Fri, 4 Jun 93 00:45:00 PDT To: cypherpunks@toad.com Subject: Term software, disk driver encryption Message-ID: MIME-Version: 1.0 Content-Type: text/plain Am suprised no-one's mentioned DISKREET, the encrypted disk driver software included with the Norton Utilities. It does DES, though the manual doesn't mention which flavor of DES it uses. I have been using it for roughly 2 years now without any trouble. It's been well-behaved and is probably already on lots of folks' disks, by virtue of being included with the rest of the Norton stuff. I think "TPU" refers to Turbo Pascal Units. "Async Pro" is, if I remember right, the name of an add-on async communications library for Turbo Pascal. Telix is not free, but is freely distributable, as it's shareware. -- Greg Broiles greg@goldenbear.com Golden Bear Computer Consulting +1 503 465 0325 Box 12005 Eugene OR 97440 BBS: +1 503 687 7764 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Fri, 4 Jun 93 01:39:37 PDT To: cypherpunks@toad.com Subject: Re: snake oil (Posting ciphers to the list) In-Reply-To: <9306032354.AA12581@snark.shearson.com> Message-ID: <9306040840.AA29946@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Perry Metzger writes on the matter of posting newly-invented ciphers to the Cypherpunks list: > My suggestion is this. > > Its perfectly appropriate to post the cypher to the list PROVIDED you > take the right attitude, which is to say something like: > > "The following is something I just thought up. I'm not a pro, and I > worry that this thing has holes. Anyone care to give me hints on what > they might be?" Good advice! Some hubris might pique the interest of readers. > Sci.crypt is likely a better place to post a query about a new cypher, > of course. Yes, except that they for the most part hate it when folks post "I dare you to break my new cipher" messages. Understandably so, for the reasons Perry gave (smugness, etc.) and also because: a. usually not enough ciphertext can be posted to allow a reasonable cryptanalysis b. the odds of a newbie inventing something really new are slim (yes, it _may_ happen, but it's not likely) c. people have better things to do that spend hours or days trying to break a system which has these problems (and may just be deliberate garbage). (Cryptanalysis is economics, as some folks like to say. If a message is important, or a particular cryptosystem has passed some initial tests--such as the algorithm being published, the basic mathematics presented as plausible, etc.--then more effort can be justified. But not on Joe Cipher's latest effort.) (this quote is from Nicky M.) > > Is there a comprehensive list of short "already been done" types of > > cyphers? (Whether failed or "still" succesful.) A good book? Kahn's "The Codebreakers" for a historical perspective, the various crypto books referred to here for mathematical background (Denning, Brassard, Salomaa, Simmons, Patterson, etc.), and "Cryptologia" for insights into amateur cryptanalysis and cipher-building. Be aware that most amateurs--and I hardly speak from experience, just reading of the literature--end up reinventing the old _types_ of ciphers....the new ones, with s-boxes, or based on hard math problems (like RSA), typically require a lot of background in math. Hope this helps, and hope this eases any hard feelings folks may have when their Super Duper Encrypter is not analyzed by a dozen Cypherpunks. Or even one. -Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stanton McCandlish Date: Fri, 4 Jun 93 03:32:25 PDT To: cypherpunks@toad.com Subject: Re: Software infrastructure In-Reply-To: <9306040600.AA20309@soda.berkeley.edu> Message-ID: <9306041032.AA14588@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain You CAN give away disks with Telix, it is shareware, just like QModem (pre-QMPro), and ProComm. Just have to let the recipient know it is not freeware but requires registration for continued use. Might have to obtain permission for such distribution, depends on the licensing. As for "is kermit good enough?" No. Almost NO ONE in the DOS world uses it any more, it is a total anachronism. Of all the 400 or so users on my board, many from other parts of the country, even other countries, not ONE uses kermit (I have "What comm program do you use?" as one of the initial login questions). The only practical use of Kermit is for computer newbies to use it to access the dialup lines at their school (UNM gives out free copies of it), but most such people soon switch to another program. Thing is Kermit is just plain old, and a pain in the butt. When I started BBSing, the Kermit protocol was supported on most BBSs; today I cannot think of a single BBS around here that has it anymore (I'm the defacto city BBSlist maker, so I'd know :) Perhaps this area is atypical, and Kermit is all the rage elsewhere, but considering how BEHIND the times Albuquerque is, I tend to doubt it. Freeware and shareware comm programs available from any BBS or FTP site will DUST Kermit, and I think it's a dead end. All I can say, is any crypto package based on a hack of Kermit will go nowhere. I know it's free and readily available, but well so's a kick in the ass. >;) -- When marriage is outlawed only outlaws will be inlaws! Stanton McCandlish, SysOp: Noise in the Void DataCenter Library BBS Internet anton@hydra.unm.edu IndraNet: 369:1/1 FidoNet: 1:301/2 Snail: 1811-B Coal Pl. SE, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Fri, 4 Jun 93 06:54:47 PDT To: cypherpunks@toad.com Subject: CryptoStacker, long term vision In-Reply-To: Message-ID: <9306041351.AA05555@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >I also think that it would be a lot more valuable if it were distributed >with code so that any user who wanted could inspect it for trapdoors. The nature of crypto software is that is valueless unless you trust it. You don't have to trust a word processor, because you can see immediately that what you typed on the screen comes out the printer. For security software, however, breaches are invisible, or more precisely visible only after the damage has been done. This is the reason that I disregard DISKREET from Norton. There's no source, and largish companies are notorious for pushing compromised software. Norton's unlikely to ship source, so unless someone decompiles it, I'm not biting. >Umm, perhaps this is overly optimistic, but I was hoping that I would be >able to use an algorithm that did 1 byte in / 1 byte out encryption so >that I wouldn't have to deal with sector remapping. You need to do a bit of research into what a block device driver actually does. It deals only with blocks of characters, not with individual ones or arbitrary length strings. The block interface at the driver level is different than the file access at the API level. Don't confuse the two levels. DOS already does the buffering required to turn a block device into a file system. You don't need to replicate it. As a result, the cipher you choose needs to be a block cipher. DES works on blocks of 8 bytes at a time. A typical sector is 512 bytes. So you are going to have 32 DES (or iterated DES) operations per sector. > I was thinking that I would even basically leave >the FAT and such intact, or at least only slightly modified. Again, at the driver level, you don't know that a FAT even exists. Ray Duncan's book _Advanced MSDOS Programming_ contains a good chapter on device drivers. You should be able to find code for a skeleton block device driver on the net; check the msdos programming groups for more info. >I'll keep everyone updated no problem. How else am I going to get >suggestions and help? I would also suggest that you find programming partners. If for no other reason than to do code review, someone else ought to be involved. You wouldn't want to make the group too large, but three or four is not overlarge. The archive at soda is available for group work, if desired. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Doug Porter <76244.315@CompuServe.COM> Date: Fri, 4 Jun 93 04:05:33 PDT To: Cypherpunks Subject: Re: Term software dev Message-ID: <930604110243_76244.315_CHN40-3@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain Eric Hughes asks: > What are NASI/NCSI? Does it cost to use them? Is source available? It's an API originally developed by Network Products Corporation and based on an earlier spec from Ungerman-Bass. NPC used it in building an async comm server for LANs. NPC called the API "Network Communications Server Interface" or NCSI. Novell licensed the technology from NPC and renamed the API to "Novell Asynchronous Server Interface" or NASI. Other async server vendors picked up on it about then as a result of Novell's evangelism. Serial communications software packages from Crosstalk to Procomm to tiny niche products started to support it. Then because of the end user package support, the standard was used for different kinds of serial connections. For example, we (CyberCorp) built a NASI/NCSI interface for intelligent Digiboards a while back. I've never heard of anyone being charged to use the spec for whatever they like. At least part of the spec, the part promoted by Ungerman-Bass, seems to be in the public domain. We originally got the spec from Novell when we built a Netware compatible async server. I don't know of any free source code, but code for either end of the spec is only one or two thousand lines of C. Doug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Timothy Newsham Date: Fri, 4 Jun 93 11:12:44 PDT To: tcmay@netcom.com (Timothy C. May) Subject: Re: The "WARLOCK" Cipher In-Reply-To: <9306041756.AA23752@netcom3.netcom.com> Message-ID: <9306041812.AA08603@toad.com> MIME-Version: 1.0 Content-Type: text/plain > > > Cypherdroids, > > By coincidence, a very long posting on sci.crypt has appeared, > announcing a new matrix-based crypto system, called "WARLOCK" by its > inventors. Is this the RSA matrix scheme outlined in CRYPTO '91 ? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl Barrus Date: Fri, 4 Jun 93 07:31:51 PDT To: cypherpunks@toad.com Subject: THANKS: pgp, mh, .forward Message-ID: <199306041431.AA22111@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain Thanks Hal, Stanton, Miron - I finally got it to work, on the menudo side, not the NeXT. I don't know what the deal is with the NeXT; 'cat .plan | myscript' worked (myscript had all the necessary stuff) but having this .forward file didn't: "|/bigpath/barrus/myscript" But, I got it to work from menudo with this in my .maildelivery file: to "barrus@tree.egr.uh.edu" | A "PGPPATH=/fajitas/elee9sf/Crypto/pgp22 /fajitas/elee9sf/bin/pgp -fea barrus | /usr/lib/mh/rcvstore +fromnext" Mail sent to barrus@tree.egr.uh.edu gets piped through pgp, encrypted, and then stored in the mail folder 'fromnext'. The PGPPATH did seem to be the missing factor! Now, for those who wonder why in the world I'd want to do this... I've been involved in a quasi-flame session on USENET (in comp.admin.policy and other cross-posted groups) concerning a student who was suspended here. My posts became more and more sarcastic, and as I was contemplating sending out a post which may have been on the edge, and not wanting to make the sh*tlist here - or get higher up on it :-) - I was going to route it through penet from my tree account. But then responses to the post would have eventually been dropped here on menudo, since I have my mail forwarded. Now I'm not suggesting that the admins here are watching my mail, but it wouldn't be difficult for the admins to do some traffic analysis (crypto sophistication!), noting that Karl's mail file grows coincident in time and size to responses to XYZ post... enter encryption! So it would be better to get the encryption going on the NeXT side, but this solution is good enough for me. Final note: I forgot penet is restricting posts for the time being, but in any event this system is working.) /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jhart@agora.rain.com (Jim Hart) Date: Fri, 4 Jun 93 09:44:09 PDT To: cypherpunks@toad.com Subject: Lobbying for Cryptoprivacy, non-U.S. Message-ID: MIME-Version: 1.0 Content-Type: text/plain >I have shied away from any "political" action against Clipper because I am >unsure how a Canadian can help... Non-U.S. citizens can lobby hard to get all phones containing key-escrow (aka wiretap) chips banned in your country. You have a very good argument: do y'all want Yankee spooks listening in on your phone calls? Make sure the following specifics are included in the legislation: * Try to get key escrow banned *in general*, instead of just from foreign countries. In smaller countries this will be easier since its doubtful small governments can set up a spook/chip-maker axis to rival the NSA/Mykotronx/VLSI axis in the U.S. In fact probably only the U.S., cooperating major European countries and Japan have such a capability. * Be careful with the wording of the legislation; be sure to specify *key-escrow* and not any other forms of cryptography. * If political feasible the legislation should specifically encourage private, commercial forms of cryptography. Jim Hart jhart@agora.rain.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: henry strickland Date: Fri, 4 Jun 93 09:36:24 PDT To: hughes@soda.berkeley.edu (Eric Hughes) Subject: Re: Term software develo In-Reply-To: <9306040538.AA19367@soda.berkeley.edu> Message-ID: <9306041644.AA19277@osc.com> MIME-Version: 1.0 Content-Type: text/plain With the idea of building a Macintosh terminal emulator with an encrypted transport stream, I've been looking over the sources to "info-mac/terminal-22.hqx" from "sumex-aim.stanford.edu". Realizing that it is not most people's terminal emulator of choice, and that authors may not want to give up their terminal source code, I've been thinking about what kind of an API could be negotiated between terminal-program authors and encryption-mechanism authors. Suppose a terminal program looks for resources (using macintosh-like terminology for a moment) of some type 'Encr', and load them. It expects to find subroutines there, that the cypherpunk can add to any conforming terminal emulator. Something like this: resource #1: function initialize() -- grab resources resource #2: function set_key(char key[8]) resource #3: function encrypt(long block_no, char block[8]) resource #4: function decrypt(long block_no, char block[8]) resource #5: function finalize() -- shutdown, release resources This would support experimentation without necessarily having the source code to a terminal emulator. ( If PC and MAC people took the "all software source must be free" approach that we do in the UNIX world, this would be less a problem.... ) Obvoius Problems not addressed by these 5 functions: -- does not address a linklevel standard for packetizing the stream and numbering the datagrams. I assume this sort of transport is necessary. (It would be amusing to see a demonstration that it is not!) It's actually a nice side-effect; I'm sick of transmission errors, even when I'm in supposedly error-free modes. -- does not talk about key exchange. -- does not talk about crypto-strong authentication of the user to the system you're dialing into. It does assume 8-byte keys and 8-byte cypherblocks; but that's easy to fix. The approach I'm NOT considering at the moment is writing a new communications device which is a wrapper around the exisiting comm port, but that is a MUCH better approach. But I'm not up to that level in my mac-programming yet, and I was looking for somthing I thought I could finish. Anyway, my essential point is, let's publish and compare our link-level standards and our encryption models, so that we can debate them, and end up with a set of plug-compatible tools for different platforms, with hooks for substituting mechanisms. strick p.s. if anyone has summaires/comparisons/case studies of different "guaranteed stream" link protocols (kermit, XMODEM, YMODEM, ZMODEM, TCP), I'd be interested. Code would be even better. (however, trying to reappropriate TCP/SLIP/HeaderPrediction seems to massive an undertaking; I'd like something simpler.) This is one wheel I hate to reinvent.... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Pat Farrell" Date: Fri, 4 Jun 93 06:57:03 PDT To: cypherpunks@toad.com Subject: Re: Software infrastructure Message-ID: <35870.pfarrell@cs.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain I beg to differ. Stanton McCandlish writes: >As for "is kermit good enough?" No. Almost NO ONE in the DOS world uses >it any more, ..flames elided... I agree that the PC-centric BBS world has decided that Kermit is obsolete. Kermit is continually improving and is very nearly as fast as ZMODEM. It is available for nearly all platforms, is free, and source is availilbe. It includes NASI support directly. It has a very nice (powerful) scripting language. It also works over TCP/IP networks for folks with the luck to be Ethernet'd into the Internet (like most of the faculty and staff here at GMU). It also has very strong backward compatibility. I expect that Kermit is good enuff if you are interested in commandline scripts for plain old DOS. And the scripting language is also supported by the C version that run on nearly all Unixs and most other boxes. This would allow a single script to support a lot of users. I'm not interestedin DOS and command lines, but if some other cypherpunk wants to try, I'm sure not going to complain. Pat Pat Farrell Grad Student pfarrell@cs.gmu.edu Department of Computer Science George Mason University, Fairfax, VA Public key availble via finger #include From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: stig@netcom.com (Stig) Date: Fri, 4 Jun 93 09:58:07 PDT To: Karl Barrus Message-ID: <9306041658.AA28725@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain To quote: Karl Barrus Regarding: HELP: pgp, .forward, mh > > > Situation: I'd like mail that arrives at my other account to be > encrypted and then forwarded to this account. I have spent a few > hours trying various things and nothing seems to work. > > I've tried this as my .forward file: > > "| /myhome/pgp -fea barrus | mail elee9sf@menudo.uh.edu" > > but all that arrives at elee9sf is a blank message. > > I've tried > > "| /myhome/remail.script" > The problem is that when sendmail executes your filter, your environment is all messed up. HOME and USER aren't even initialized. PATH is probably /bin:/usr/bin. > > So, if that's impossible, how do I get my elee9sf account to do it? I > use mh on menudo, and have tried > > to barrus@tree.egr.uh.edu | A "/path/pgp -fea barrus | /path/rvcstore +tonext" This works when you send mail to yourself because your environment gets passed along to your mail filter. Here's a good wrapper script to use .... #!/bin/sh HOME=YOUR-DIRECTORY PGPPATH=YOUR-PGP-DIRECTORY PATH=$HOME/bin:/usr/local/bin:/usr/ucb:/bin:/usr/bin:/etc:/usr/etc export HOME PATH PGPPATH cd $HOME exec >> $HOME/Inbox/FILTERLOG 2>&1 # this logs error messages so # that you can learn from them FF=/tmp/FILTER.$$ touch $FF chmod 600 $FF (tee $FF; echo '') >> Inbox/everything # this saves your mail in case # it gets dropped on the floor PGP COMMAND GOES HERE rm $FF exit 0 /* Jonathan Stigelman, Stig@netcom.com, PGP public key by finger */ /* fingerprint = 32 DF B9 19 AE 28 D1 7A A3 9D 0B 1A 33 13 4D 7F */ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mark Date: Thu, 3 Jun 93 17:15:10 PDT To: cypherpunks@toad.com Subject: Pc environ (fwd) Message-ID: <9306040014.AA10402@toad.com> MIME-Version: 1.0 Content-Type: text/plain For those others that insist on living in 640K... :) Forwarded message: >From mark Wed Jun 2 20:29:47 1993 >Subject: Pc environ >To: 74076.1041@compuserve.com >Date: Wed, 2 Jun 1993 20:29:47 +1000 (EST) >>I couldn't get Karl's hopmail.bat to run on my PC (not enough environment >>space?) so I wrote this in C and it works OK. >Hey Hal, >Um although I abhor dos, I happen to know something of it... you might want >to put the line: >shell=c:\command.com /e:1024 /p >in your config.sys... that will give you a K of environment space instead >of the usual (256bytes?) they usually give you. Increase the 1024 as >needed. >Mark >mark@coombs.anu.edu.au From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Fri, 4 Jun 93 10:31:31 PDT To: Eric Hughes Subject: Re: Helping from Canada re Clipper In-Reply-To: <9306040154.AA07862@soda.berkeley.edu> Message-ID: <9306041731.AA07586@toad.com> MIME-Version: 1.0 Content-Type: text/plain > One of the arguments that is being made in this country against the > wiretap chip is that it will harm overseas business. In Canada you > can turn this around and show what a great economic boon you have > available. Another argument the U.S. government is making is that they surveyed encryption policy in various countries and "it's not beyond the pale to limit domestic encryption -- France does it, for example". If Canada takes a strong stance on domestic encryption, then it is a counter-example rather than an example of repression. The Australian example of deploying GSM in the face of law-enforcement objections has already been used in testimony to NIST (and I'm sure we'll use it to convince Congress as well). You could also argue for removing Canadian restrictions on export of cryptography. Currently the Canadian regulations are just rubber-stamps of the US regulations. This has the advantage that it's legal to export US crypto to Canada -- e.g. crypto code developed in the U.S. can be legally moved outside the range of U.S. law. This was useful for PGP; it is legal to use and possess PGP in Canada since US patent law doesn't apply. But it limits the development of an export crypto industry for Canadians, and it furthers the image of Canada as being under the U.S. government's thumb. John Gilmore From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Fri, 4 Jun 93 10:50:04 PDT To: cypherpunks@toad.com Subject: Software infrastructure In-Reply-To: <9306041924.aa27246@penet.penet.FI> Message-ID: <9306041746.AA13444@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >On your host (typically an UNIX box) you configure >sendmail/smail/binmail/whatever to forward your mail over uucp to your >home machine. This is a huge hurdle for people who don't own their own machines and haven't convinced a sympathetic sysadmin to do the configuration. A solution that works from a dialup login account can still be a batch solution and should require no extra involvement from the sysadmins. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Fri, 4 Jun 93 10:56:18 PDT To: cypherpunks@toad.com Subject: The "WARLOCK" Cipher Message-ID: <9306041756.AA23752@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Cypherdroids, Earlier today I commented on the advisability of posting new ciphers to this group, or to sci.crypt. (I haven't gotten my message yet, so I don't know if it went through.) By coincidence, a very long posting on sci.crypt has appeared, announcing a new matrix-based crypto system, called "WARLOCK" by its inventors. They provide an extensive introduction to the mathematics used and offer various analyses. This is a first step toward making their system worth analyzing. I suggest following the debate on this system will be educational. And perhaps their system will even survive to become a reasonable alternative. -Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: haahr@mv.us.adobe.com (Paul Haahr) Date: Fri, 4 Jun 93 11:03:35 PDT To: jhart@agora.rain.com Subject: Re: Lobbying for Cryptoprivacy, non-U.S. Message-ID: <9306041803.AA28955@astro.mv.us.adobe.com> MIME-Version: 1.0 Content-Type: text/plain > In smaller countries this will be easier since its doubtful > small governments can set up a spook/chip-maker axis to rival the > NSA/Mykotronx/VLSI axis in the U.S. In fact probably only the U.S., > cooperating major European countries and Japan have such a capability. what about Canada? or has it been absorbed into the US? :-) Russia probably has the chip-making skills (and, certainly, the spookish ones) to fit, but they probably count as a ``cooperating major European countr[y]'' now. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tribble@memex.com (E. Dean Tribble) Date: Fri, 4 Jun 93 12:36:29 PDT To: jhart@agora.rain.com Subject: Lobbying for Cryptoprivacy, non-U.S. Non-U.S. citizens can lobby hard to get all phones containing key-escrow (aka wiretap) chips banned in your country. You have a very good argument: do y'all want Yankee spooks listening in on your phone calls? Make sure the following specifics are included in the legislation: In-Reply-To: Message-ID: <9306041842.AA25453@memexis.memex.com> MIME-Version: 1.0 Content-Type: text/plain * Try to get key escrow banned *in general*, instead of just from foreign countries. In smaller countries this will be easier since its doubtful small governments can set up a spook/chip-maker axis to rival the NSA/Mykotronx/VLSI axis in the U.S. In fact probably only the U.S., cooperating major European countries and Japan have such a capability. * Be careful with the wording of the legislation; be sure to specify *key-escrow* and not any other forms of cryptography. This is extremely dangerous. Much of legislation is compromise. Any such bill is probably so close to a bill that outlaws cryptography (or could be interpreted as a precedent for such a bill) that the risks are probably far greater than the rewards. The strategy the Eric Hughes proposed sounds much better. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mark Date: Thu, 3 Jun 93 19:53:30 PDT To: cypherpunks@toad.com Subject: Re: CryptoStacker, long term vision Message-ID: <9306040253.AA14575@toad.com> MIME-Version: 1.0 Content-Type: text/plain >A related topic to encrypted disk drives. Anybody who has a desire to >see their data around long term makes backups of their drives. At >least one of these backups is usually physically near the drive in >question. > >What good it is to have an encrypted disk if the backups are not also >encrypted? > >Backups occur at the file system level, where an encrypted file system >does not appear encrypted, so that work here does not directly >leverage to encrypted backups. This problem is most easily solved by copying the entire partion/file that is encrypted as blocks. These blocks are size according to the destination media. If you use floppies you break the encrypted fs/file into (e.g.) 1.44 meg chunks, if you use tape you can throw the whole block at the media, similarly with another hardisk. The unix/linux/386bsd 'dd' program is especially useful for this purpose and I assume there are similar utils for dos. For replacement you simply dump the whole lot back as one encrypted file system. This method should be faster than grabbing individual files and backing them up as the program just has to seek to a specified place and start reading a defined amount of [encrypted] data. Mark mark@coombs.anu.edu.au From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: bhoward@is.morgan.com (Bruce Howard) Date: Fri, 4 Jun 93 10:07:22 PDT To: anton@hydra.unm.edu (Stanton McCandlish) Subject: Re: Software infrastructure In-Reply-To: <9306041032.AA14588@hydra.unm.edu> Message-ID: <9306041706.AA14066@is1.is.morgan.com> MIME-Version: 1.0 Content-Type: text/plain > As for "is kermit good enough?" No. Almost NO ONE in the DOS world uses > it any more, it is a total anachronism. Of all the 400 or so users on my > board, many from other parts of the country, even other countries, not > ONE uses kermit (I have "What comm program do you use?" as one of the > initial login questions). programs come and go but protocols live forever. i don't think you've looked around enough; in my own experience, kermit has been available and in-use within every computing environment i've operated or observed. there are varying degrees of usage but its always kept around, often because it seems to work in strange communications conditions where other protocols fail. > ...The only practical use of Kermit is for > computer newbies to use it to access the dialup lines at their school > (UNM gives out free copies of it), but most such people soon switch to > another program. > ... > Thing is Kermit is just plain old, and a pain in the butt. When I > started BBSing, the Kermit protocol was supported on most BBSs; today I > cannot think of a single BBS around here that has it anymore (I'm the > defacto city BBSlist maker, so I'd know :) there are many places outside of the bbs world where people need to shuffle files around and might desire encryption. your opinions not withstanding, i believe that kermit is more pervasive that you think. if the purpose of this exercise is to maximize the audience to which we make available easy and useful encryption facilities, then kermit and things of its ilk need to be supported. cheers, bruce From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Fri, 4 Jun 93 13:14:34 PDT To: cypherpunks@toad.com Subject: Lobbying for Cryptoprivacy, non-U.S. In-Reply-To: <9306041842.AA25453@memexis.memex.com> Message-ID: <9306042010.AA21696@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >>* Be careful with the wording of the legislation; be sure to >> specify *key-escrow* and not any other forms of cryptography. >This is extremely dangerous. Much of legislation is compromise. Any >such bill is probably so close to a bill that outlaws cryptography (or >could be interpreted as a precedent for such a bill) The point Dean makes is important. You want a positive right for individuals to use cryptography in any form, not just a 'negative right' which restricts government from creating key registration requirements. Such a positive right will _a fortiori_ exclude key escrow systems, and that's what you want. You want to make sure that all _restrictions_ on cryptography are disallowed, that there are no _restricted_ forms of cryptography. The point is subtle, but profound. Both techniques get rid of key registration, but one is a restriction on cryptography and the other is not. There is another point to remember about constitutional democracies. That which the legislature may do, the legislature may also undo. The level at which the prohibition against cryptography restrictions is appropriate is at the constitutional level. A constitutional provision binds the government; lesser solutions are less effective, even when they should be sought out as intermediaries. At the first CFP conference, Lawrence Tribe made this point extremely well, that the fundamental right of citizens should be invariant to technology. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gdale@apple.com (Geoff Dale) Date: Fri, 4 Jun 93 14:15:21 PDT To: cypherpunks@toad.com Subject: Crypto API (was: Software infrastructure) Message-ID: <9306042115.AA26274@apple.com> MIME-Version: 1.0 Content-Type: text/plain I was thinking about a crypto project I have on the backburner (actually it's just in the concept stage), a program to hide encrypted data in raster image files. I really don't want to muck with writing or porting an encryption package, I just want to do the part that sticks the data into the image. HERE'S THE BEEF: I think a lot of the various mail readers and what not would be likely to encorporate encryption, if only it were mind-bogglingly simple. An API (Application Programming Interface) could be proposed by cypherpunks or others. The same folks should probably provide at least one encryption library for use. It would be nice if this API allowed for multiple encryption schemes (user selectable), like the way Apple's Communications Toolbox allows users to switch between various connection protocols. I'm much too busy to embark on something like this (largely because I'm not a cypher expert), but if I can help convince somebody to do it, or to provide feedback on the interface, I'm available. ________________________________________________________________________ Geoff Dale -- insert standard disclaimers here -- gdale@apple.com "Mind your nerve ends, love bunch" -- Dr. Caligari From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gdale@apple.com (Geoff Dale) Date: Fri, 4 Jun 93 16:40:59 PDT To: cypherpunks@toad.com Subject: Re: Term software develo Message-ID: <9306042340.AA15816@apple.com> MIME-Version: 1.0 Content-Type: text/plain >I've been thinking about what kind of an API could be negotiated >between terminal-program authors and encryption-mechanism authors. > >Suppose a terminal program looks for resources (using macintosh-like >terminology for a moment) of some type 'Encr', and load them. >It expects to find subroutines there, that the >cypherpunk can add to any conforming terminal emulator. >Something like this: > > resource #1: function initialize() -- grab resources > resource #2: function set_key(char key[8]) > resource #3: function encrypt(long block_no, char block[8]) > resource #4: function decrypt(long block_no, char block[8]) > resource #5: function finalize() -- shutdown, release resources > Woops, this is what I get by not reading all my mail before posting. I just posted the same suggestion with considerably less detail. Anyway, I second what henry says. ________________________________________________________________________ Geoff Dale -- insert standard disclaimers here -- gdale@apple.com "Mind your nerve ends, love bunch" -- Dr. Caligari From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: esr@snark.thyrsus.com (Eric S. Raymond) Date: Fri, 4 Jun 93 14:36:46 PDT To: hughes@soda.berkeley.edu (Eric Hughes) Subject: Re: Lobbying for Cryptoprivacy, non-U.S. In-Reply-To: <9306042010.AA21696@soda.berkeley.edu> Message-ID: MIME-Version: 1.0 Content-Type: text > At the first CFP conference, Lawrence Tribe made this point extremely > well, that the fundamental right of citizens should be invariant to > technology. That's surprising. Tribe publicly peddles the leftist arguments for gun control, including the one that the Founding Fathers never intended the Second Amendment for weapons of today's lethality. I wonder why he doesn't see the parallel. -- Eric S. Raymond From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Fri, 4 Jun 93 18:16:57 PDT To: cypherpunks@toad.com Subject: (fwd) NIST CSSPAB Resolutions 6/4/93 Message-ID: <9306050117.AA03457@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Here's something important from sci.crypt! -Tim May Xref: netcom.com alt.privacy:7178 alt.security:9808 comp.org.eff.talk:18101 sci.crypt:15143 alt.privacy.clipper:555 Path: netcom.com!netcomsv!decwrl!elroy.jpl.nasa.gov!usc!math.ohio-state.edu!sol.ctr.columbia.edu!news.kei.com!eff!wilson.eff.org!Banisar From: Dave Banisar Newsgroups: alt.privacy,alt.security,comp.org.eff.talk,sci.crypt,alt.privacy.clipper Subject: NIST CSSPAB Resolutions 6/4/93 Date: 5 Jun 1993 00:48:11 GMT Organization: CPSR Washington Office Lines: 101 Distribution: world Message-ID: <1uoqgb$peg@kragar.eff.org> NNTP-Posting-Host: wilson.eff.org X-UserAgent: Nuntius v1.1.1d17 X-XXMessage-ID: X-XXDate: Fri, 4 Jun 93 01:54:42 GMT NIST Crypto Resolutions Computer System Security and Privacy Advisory Board June 4, 1993 Resolution #1 At Mr. Kammer's request we have conducted two days of hearings. The clear message of the majority of input was that there are serious concerns regarding the Key Escrow Initiative and the Board concurs with these concerns. Many of these issues are still to be fully understood and more time is needed to achieving that understanding. Accordingly, this Board resolves to have an additional meeting in July 1993 in order to more completely respond to Mr. Kammer's request and to fulfill its statutory obligations under P.L. 100-235. The Board recommends that the inter-agency review take note of our input collected, our preliminary finding, and adjust the timetable to allow for resolution of the significant issues and problems raised. Attached to this resolution is a preliminary distillation of the serious concerns and problems. Resolution #2 Key escrowing encryption technology represents a dramatic change in the nation's information infrastructure. The full implications of this encryption technique are not fully understood at this time. Therefore, the Board recommends that key escrowing encryption technology not be deployed beyond current implementations planned within the Executive Branch, until the significant public policy and technical issues inherent with this encryption technique are fully understood. [Attachment to Resolution #1]] - A convincing statement of the problem that Clipper attempts to solve has not been provided. - Export and important controls over cryptographic products must be reviewed. Based upon data compiled from U.S. and international vendors, current controls are negatively impacting U.S. competitiveness in the world market and are not inhibiting the foreign production and use of cryptography (DES and RSA) - The Clipper/Capstone proposal does not address the needs of the software industry, which is a critical and significant component of the National Information Infrastructure and the U.S. economy. - Additional DES encryption alternatives and key management alternatives should be considered since there is a significant installed base. - The individuals reviewing the Skipjack algorithm and key management system must be given an appropriate time period and environment in which to perform a thorough review. This review must address the escrow protocol and chip implementation as well as the algorithm itself. - Sufficient information must be provided on the proposed key escrow scheme to allow it to be fully understood by the general public. It does not appear to be clearly defined at this time and, since it is an integral part of the security of the system, it appears to require further development and consideration of alternatives to the key escrow scheme (e.g., three "escrow" entities, one of which is a non-government agency, and a software based solution). - The economic implications for the Clipper/Capstone proposal have not been examined. These costs go beyond the vendor cost of the chip and include such factors as customer installation, maintenance, administration, chip replacement, integration and interfacing, government escrow systems costs, etc. - Legal issues raised by the proposal must be reviewed. - Congress, as well as the Administration, should play a role in the conduct and approval of the results of the review. ======================================================= NIST Resolutions on Key Escow Issues and Clipper provided by CPSR Washington office 666 Pennsylvania Ave., SE Suite 303 Washington, DC 20003 rotenberg@washofc.cpsr.org ======================================================= -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Fri, 4 Jun 93 17:36:11 PDT To: hughes@soda.berkeley.edu (Eric Hughes) Subject: Re: Software infrastructure In-Reply-To: <9306040522.AA18339@soda.berkeley.edu> Message-ID: <9306050035.AA12506@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain According to Eric Hughes: >>Itpuzzles mewhy weare contemplating writing our own comm package when so many >>good ones are out there that can be made to serve our purposes. > > Reliability. Scripts do not easily handle error conditions that might > result in lost mail. They're fine for a few, but they aren't for all. Well, this is a problem with any nontrivial program. But a script has going for it several very high-level constructs. As people use any software, the author will undoubtably have to improve it. So, what is the difference if he has to improve a script or a comm program? > > Integration. Remembering what to do next is a large hurdle. That's why we have scripts in the first place! Scripts' main purpose is to automate things. How is this different with a comm program? You still have to remember how to use it.... +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Fri, 4 Jun 93 18:01:06 PDT To: nobody@soda.berkeley.edu Subject: Re: Software infrastructure In-Reply-To: <9306040600.AA20309@soda.berkeley.edu> Message-ID: <9306050100.AA12806@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain According to nobody@soda.berkeley.edu: > > From: Hal Finney, <74076.1041@compuserve.com> > > Mike Diehl's system sounds pretty good to me. You can create messages, > encrypt them, upload and send them, as well as downloading, decrypting, and > reading messages, all with a nice menu-based interface. That's what we > want, right? > > It sounds like the system would be easily adaptable to other types of hosts, > too. BBS operators could customize the scripts for their particular systems > and offer the package. We could create versions for users of other mail > packages than elm on Unix systems, as well as for some of the commercial > systems. You could cover a lot of people this way. Making it adaptable is what I mean by "cleaning it up a bit." ;^) > > Well, if you have followed my this far, you either crazy or interested.;^) > > It puzzles me why we are contemplating writing our own comm package when so > > many good ones are out there that can be made to serve our purposes. I'm > > open to comments..... Fire away! > > The only real problem I see is the use of Telix. How much does this program > cost? We can't give away a disk with Telix on it. Telix is "user supported software." Registering it costs $39. > > What about Kermit? It's free and it has a scripting language, but it > doesn't sound nearly as advanced as Telix's. Would it be good enough? Or > are their other free programs which we could use? I remember kermit's script language as being kinda messy... At the end of this message, I will include a portion of my, uncommented, script to compare. Also, kermit is (I think) restricted to one xfer protocol, which may not be a good idea. > If we could adapt Kermit or some other free program to do what Mike is > describing, we could give away floppies with secure and easy-to-use > encrypted email handling capabilities, as well as making them available on > the net. People could just get the version they need for their particular > mail access.method. The package would include the communication program, > the scripts, and the encryption software. The user interface would be as > Mike described, all menu driven and easy to use. Well, either way, I will contribute my user-interface if you'all want it. I'm not married to telix, but I do think it is very good. We could write comparable scripts in every major comm program script language.... I'd have to document my interface. But if I decide to port my interface to C, I'd like to change a few things, so maybe this is a bit premature..... > I think this would be a good way to go if we could get past the hurdle of > finding a free comm program that would be adequate. > Note added in proof :) I don't understand this last comment. Maybe it's obvious and I'm just tired... Part of my script system is after my signature. Note that I hacked in a C preprocesser, and this is the output from it, just before the script is compiled Yes, Telix scripts are compiled! ;^) +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ str PROMPT[] = "%"; str PASSWRD[15]; command( str cmd ) { enter( cmd ); while ( ! waitfor(PROMPT, 90)); } enter( str cmd ) { cputs( cmd ); cputs( "^M" ); } match( str rec, str snd ) { while ( ! waitfor(rec, 90)); enter( snd ); } str name[40] = "", file[40] = "", subject[40] = "", buff[80]; int f, i; main() { if ( ! carrier()) if ( dial("1", 10, 0) < 1) { prints("Could not dial in."); exittelix(); } cputs("^M"); command("biff n"); if ( ! waitfor("%", 90)) { prints("No prompt after login"); return; } /*/ routing format is: filename\n address\n subject\n /*/ if ((f = fopen("c:\uload\mail\routing", "r")) ==0) return; while (feof(f) == 0) { fgets(file, 40, f); if (feof(f) != 0) continue; fgets(name, 40, f); if (feof(f) != 0) continue; fgets(subject, 40, f); if (feof(f) != 0) continue; buff = ""; strcat(buff, "elm "); strcat(buff, name); enter(buff); match("Subject:", subject); delay_scr(10); cputs("i"); _asc_scrtrans=1; _asc_slftrans=0; send('A', file); command("^[:wq^Ms^M"); fdelete(file); } fdelete("c:\uload\mail\routing"); f = fclose(f); } From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Fri, 4 Jun 93 18:02:43 PDT To: poier@sfu.ca (Skye Merlin Poier) Subject: Re: Procomm and encryption In-Reply-To: <9306040722.AA00676@malibu.sfu.ca> Message-ID: <9306050102.AA12819@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain According to Skye Merlin Poier: > >This discussion of integrating encryption with a comm package made me remember: > Procomm Plus 2.0 allows "hooks" to be assigned to meta-keys. I have the exact > interface hook.c around here somewhere, if someone wants me to post it. Post it. Thanx. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Fri, 4 Jun 93 18:09:16 PDT To: anton@hydra.unm.edu (Stanton McCandlish) Subject: Re: Software infrastructure In-Reply-To: <9306041032.AA14588@hydra.unm.edu> Message-ID: <9306050109.AA12890@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain According to Stanton McCandlish: > > As for "is kermit good enough?" No. Almost NO ONE in the DOS world uses > it any more, it is a total anachronism. Of all the 400 or so users on my > board, many from other parts of the country, even other countries, not > ONE uses kermit (I have "What comm program do you use?" as one of the > initial login questions). The only practical use of Kermit is for > computer newbies to use it to access the dialup lines at their school > (UNM gives out free copies of it), but most such people soon switch to > another program. Correction, many people on this list use kermit... And of course, I should know! ;^) I do suggest that people get a (better) different comm program, as kermit is IMHO rather limited. > Thing is Kermit is just plain old, and a pain in the butt. When I > started BBSing, the Kermit protocol was supported on most BBSs; today I > cannot think of a single BBS around here that has it anymore (I'm the > defacto city BBSlist maker, so I'd know :) True on all points. ;^) > Perhaps this area is atypical, and Kermit is all the rage elsewhere, but > considering how BEHIND the times Albuquerque is, I tend to doubt it. > Behind the times? Hell, we just got Caller-ID. Yipee! > Freeware and shareware comm programs available from any BBS or FTP site > will DUST Kermit, and I think it's a dead end. All I can say, is any > crypto package based on a hack of Kermit will go nowhere. I know it's > free and readily available, but well so's a kick in the ass. >;) > Agreed. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Fri, 4 Jun 93 10:19:59 PDT To: Karl Barrus Subject: Re: THANKS: pgp, mh, .forward In-Reply-To: <199306041431.AA22111@Menudo.UH.EDU> Message-ID: <9306041855.aa26911@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > Final note: I forgot penet is restricting posts for > the time being, but in any event this system is working.) Anon.penet.fi is forwarding postings to news.admin.policy among other groups. Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Fri, 4 Jun 93 18:18:28 PDT To: pfarrell@cs.gmu.edu (Pat Farrell) Subject: Re: Software infrastructure In-Reply-To: <35870.pfarrell@cs.gmu.edu> Message-ID: <9306050118.AA13037@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain According to Pat Farrell: > >As for "is kermit good enough?" No. Almost NO ONE in the DOS world uses > >it any more, > ..flames elided... > > I agree that the PC-centric BBS world has decided that Kermit is obsolete. Maybe it's just us... ;^) > Kermit is continually improving and is very nearly as fast as ZMODEM. Maybe I have a slow version, but I have NEVER gotten comparable results 'tween kermit and zmodem, or even ymodem. Usually it's a 2:1 difference. > It is available for nearly all platforms, is free, and source is availilbe. > It includes NASI support directly. It has a very nice (powerful) scripting > language. It also works over TCP/IP networks for folks with the luck > to be Ethernet'd into the Internet (like most of the faculty and staff here > at GMU). It also has very strong backward compatibility. This is worth considering... > I expect that Kermit is good enuff if you are interested in commandline > scripts for plain old DOS. And the scripting language is also > supported by the C version that run on nearly all Unixs and most other > boxes. This would allow a single script to support a lot of users. > I'm not interestedin DOS and command lines, but if some other > cypherpunk wants to try, I'm sure not going to complain. What do you mean by "commandline script?" +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Fri, 4 Jun 93 18:21:37 PDT To: hughes@soda.berkeley.edu (Eric Hughes) Subject: Re: CryptoStacker, long term vision In-Reply-To: <9306041351.AA05555@soda.berkeley.edu> Message-ID: <9306050121.AA13122@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain According to Eric Hughes: > This is the reason that I disregard DISKREET from Norton. There's no > source, and largish companies are notorious for pushing compromised > software. Norton's unlikely to ship source, so unless someone > decompiles it, I'm not biting. HMMmmm..... Well, how big is it? Is it a .exe or .com? It might be very instructive to see how they do it... > four is not overlarge. The archive at soda is available for group > work, if desired. That is very generous! +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Fri, 4 Jun 93 18:25:05 PDT To: elee9sf@Menudo.UH.EDU (Karl Barrus) Subject: Re: THANKS: pgp, mh, .forward In-Reply-To: <199306041431.AA22111@Menudo.UH.EDU> Message-ID: <9306050124.AA13209@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain According to Karl Barrus: > Mail sent to barrus@tree.egr.uh.edu gets piped through pgp, encrypted, > and then stored in the mail folder 'fromnext'. The PGPPATH did seem > to be the missing factor! > Would someone explain how to do this. I need an idiot's description. I tried to get my mail to go through a filter once....twice actually. Never did get it to work. I did loose a lot of mail, tho. ;^( Thanx in advance. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Fri, 4 Jun 93 16:41:16 PDT To: esr@snark.thyrsus.com (Eric S. Raymond) Subject: Re: Lobbying for Cryptoprivacy, non-U.S. In-Reply-To: Message-ID: <9306042339.AA19731@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain Eric S. Raymond says: > > At the first CFP conference, Lawrence Tribe made this point extremely > > well, that the fundamental right of citizens should be invariant to > > technology. > > That's surprising. Tribe publicly peddles the leftist arguments for gun > control, including the one that the Founding Fathers never intended the > Second Amendment for weapons of today's lethality. I wonder why he > doesn't see the parallel. Because he's a liberal, not a libertarian. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Fri, 4 Jun 93 10:21:12 PDT To: "J. Michael Diehl" Subject: Re: Software infrastructure In-Reply-To: <9306040452.AA13658@triton.unm.edu> Message-ID: <9306041924.aa27246@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > Well, now I will describe how I send/receive mail on my system, the killer > 8086-8 from Hell! ;^) I've been hyping my setup on this list for about a > month. > But since I've partially implimented a system like what we have been > discussing, I'll give more details. I'm rather surprised that nobody has mentioned UUPC. It's PD, runs on plain-vanilla DOS, and allows automatic, batched mail traffic (and even netnews) to/from your local PC. On your host (typically an UNIX box) you configure sendmail/smail/binmail/whatever to forward your mail over uucp to your home machine. On the home machine, you simply configure UUCP to poll when needed, and transfer the stuff down onto your local disk. From there you can use UUPC's local mail reader (or any mail package you want), and the replies get spooled to a spool directory, and uploaded automatically the next time you (or the software) opens the connection. Automatic polling, automatic bi-directional batch file transfer, insertion of encryption trivial.... I use it to read and reply to my mail while on the beach, using a notebook computer and a cellular phone... The ability to efficiently batch transfer the stuff makes a *big* difference if you are paying cellular rates... Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Dave Banisar Date: Fri, 4 Jun 93 18:03:03 PDT To: CYPHERPUNKS Subject: NIST CSSPAB 6/4/93 Resoluti Message-ID: <00541.2822071666.3817@washofc.cpsr.org> MIME-Version: 1.0 Content-Type: text/plain NIST CSSPAB 6/4/93 Resolutions NIST Crypto Resolutions Computer System Security and Privacy Advisory Board June 4, 1993 Resolution #1 At Mr. Kammer's request we have conducted two days of hearings. The clear message of the majority of input was that there are serious concerns regarding the Key Escrow Initiative and the Board concurs with these concerns. Many of these issues are still to be fully understood and more time is needed to achieving that understanding. Accordingly, this Board resolves to have an additional meeting in July 1993 in order to more completely respond to Mr. Kammer's request and to fulfill its statutory obligations under P.L. 100-235. The Board recommends that the inter-agency review take note of our input collected, our preliminary finding, and adjust the timetable to allow for resolution of the significant issues and problems raised. Attached to this resolution is a preliminary distillation of the serious concerns and problems. Resolution #2 Key escrowing encryption technology represents a dramatic change in the nation's information infrastructure. The full implications of this encryption technique are not fully understood at this time. Therefore, the Board recommends that key escrowing encryption technology not be deployed beyond current implementations planned within the Executive Branch, until the significant public policy and technical issues inherent with this encryption technique are fully understood. [Attachment to Resolution #1]] - A convincing statement of the problem that Clipper attempts to solve has not been provided. - Export and important controls over cryptographic products must be reviewed. Based upon data compiled from U.S. and international vendors, current controls are negatively impacting U.S. competitiveness in the world market and are not inhibiting the foreign production and use of cryptography (DES and RSA) - The Clipper/Capstone proposal does not address the needs of the software industry, which is a critical and significant component of the National Information Infrastructure and the U.S. economy. - Additional DES encryption alternatives and key management alternatives should be considered since there is a significant installed base. - The individuals reviewing the Skipjack algorithm and key management system must be given an appropriate time period and environment in which to perform a thorough review. This review must address the escrow protocol and chip implementation as well as the algorithm itself. - Sufficient information must be provided on the proposed key escrow scheme to allow it to be fully understood by the general public. It does not appear to be clearly defined at this time and, since it is an integral part of the security of the system, it appears to require further development and consideration of alternatives to the key escrow scheme (e.g., three "escrow" entities, one of which is a non-government agency, and a software based solution). - The economic implications for the Clipper/Capstone proposal have not been examined. These costs go beyond the vendor cost of the chip and include such factors as customer installation, maintenance, administration, chip replacement, integration and interfacing, government escrow systems costs, etc. - Legal issues raised by the proposal must be reviewed. - Congress, as well as the Administration, should play a role in the conduct and approval of the results of the review. ======================================================= NIST Resolutions on Key Escow Issues and Clipper provided by CPSR Washington office 666 Pennsylvania Ave., SE Suite 303 Washington, DC 20003 rotenberg@washofc.cpsr.org ======================================================= From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@soda.berkeley.edu Date: Fri, 4 Jun 93 21:26:45 PDT To: cypherpunks@toad.com Subject: chain.zip uploaded Message-ID: <9306050423.AA22143@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain I just put chain.zip into the /pub/cypherpunks/incoming. This is source and an MSDOS executable for the "chain" utility I mentioned last week, which works similarly to Karl Barrus's scripts for sending messages through several remailers. This program includes options for encrypting the message for the recipient, and if run on a Unix system it can automatically send the message to the first remailer in the chain. I'm going to be off the list for a few days for personal reasons, but if anyone has any comments or problems with the program, let me know and I'll look into it when I get back. Hal Finney 74076.1041@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: elee9sf@Menudo.UH.EDU Date: Fri, 4 Jun 93 21:06:13 PDT To: cypherpunks@toad.com Subject: INFO: .forward Message-ID: <199306050406.AA21108@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain > Would someone explain how to do this. I need an idiot's > description. I tried to get my mail to go through a filter > once....twice actually. Never did get it to work. Well, I'll give it a shot. Sendmail optionally reads a file in your home directory named .forward, and follows the instructions there. Typically, a .forward contains another address, in which case mail sent gets forwards to the address in the .forward file. For example, my .forward file on tree.egr.uh.edu is elee9sf@menudo.uh.edu so any mail sent to barrus@tree.egr.uh.edu gets forwarded to elee9sf@menudo.uh.edu. A more interesting application is to forward your mail to a command (pipe mail to a command). In that case, the .forward file reads "|/path/mycommand options" and mail gets piped to mycommand for further processing. For instance, the vacation program works by piping incoming mail to vacation, which both files and responds for you. Also, the cypherpunk remailers work by using a .forward file to pipe incoming mail to the scripts which make up the remailer. Yet another example is the slocal program which is part of the mh mail system; incoming mail gets piped to slocal, which in turn relies on a configuration file (.maildelivery) which contains instructions for handling the mail. My idea was to have all mail sent to barrus@tree.egr.uh.edu piped through pgp and then mailed to elee9sf@menudo.uh.edu. The rough idea is to do this: "|/path/pgp -fea barrus | mail elee9sf@menudo.uh.edu" Here, incoming mail gets piped to 'pgp -fea barrus' which encrypts the message with my public key, and the result is piped to 'mail elee9sf@menudo.uh.edu' which then mails the encrypted result to me. For various reasons I'm still exploring, this didn't work (even with PGPPATH set, piping to a script, etc. I've got more things to try to see why it isn't working.) on the NeXT. So, I tried to do this from the menudo.uh.edu side. Using the slocal program and the associated .maildelivery file, I have mail which comes from barrus@tree.egr.uh.edu (remember my mail from tree is forwarded to menudo) piped through 'pgp -fea barrus' and then the result is piped into an mh command which stores the mail in a folder. Of course, this isn't a substitute for end-to-end encryption. Here, mail travels all the way to me before getting encrypted, so if somebody wanted to snoop me they could just stand between the sender and my account and eavesdrop. A better solution would be to have the sender encrypt the message! But as I mentioned I was trying to set this up so that replies to a USENET posting got encrypted before finally getting dropped on menudo. An improvement would be for me to get the encryption and remailing working on the NeXT, but again, this is inferior to having the sender encrypt in the first place. You mentioned trying to put your mail through a filter - were you trying to use the filter command of elm? Sometimes you have to watch subtle things like file permissions (slocal will not use a .maildelivery file that is group or other readable) or pathnames (try putting the fill path names when you use commands). /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Pat Farrell" Date: Sat, 5 Jun 93 00:27:08 PDT To: cypherpunks@toad.com Subject: Re: Software infrastructure Message-ID: <84861.pfarrell@cs.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain >Maybe I have a slow version, but I have NEVER gotten comparable results 'tween >kermit and zmodem, or even ymodem. Usually it's a 2:1 difference. It is important to have recent version on both the PC and host side. The versions that I run on my PC is 3.12. The Unix host version is close to 5A... I had to slurp the latest Sun version from Columbia to get decent performance. The version supported by my Sysadmin was obsolete. I haven't claimed that Kermit is faster, but with sliding windows, large buffers, and other tricks, the night and day difference goes away. >>glowing BS about TCP/IP, NASI, etc. elided... >This is worth considering... I agree. That is why I posted. Perhaps a Kermit guru lives within the list. >> I expect that Kermit is good enuff if you are interested in commandline >> scripts for plain old DOS. And the scripting language is also >> supported by the C version that run on nearly all Unixs and most other >> boxes. This would allow a single script to support a lot of users. >What do you mean by "commandline script?" I mean that a script that works like unix or DOS command line programs should (speculation alert!) be possible. We can handle obscure options, switches, etc. My target audience can't. Kermit has automatic scripts and macros that should be able to handle what we need. Heaven help us when there are errors tho.... Pat Pat Farrell Grad Student pfarrell@cs.gmu.edu Department of Computer Science George Mason University, Fairfax, VA Public key availble via finger #include From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Sat, 5 Jun 93 00:25:33 PDT To: cypherpunks@toad.com Subject: Dig. Cash Question. Message-ID: <9306050725.AA19507@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain I'm reading the paper that was announced on this list about Digital Cash last week. It was writen by Stefan Brands. I think I have a strong Math background, but I don't know what is meant by a "descrete log" in a group G. I understand what a group is. I just don't know what properties an element, a, would have if it were the log sub p of e. Can someone help me. Otherwise, this is a very interesting article. Thanx in advance. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Sat, 5 Jun 93 00:27:42 PDT To: cypherpunks@toad.com Subject: Tempest@home? Message-ID: <9306050727.AA19541@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain I'm really intrigued by the technology known as TEMPEST. If a guy had a mind to, is it possible to put together a do-it-yourself "tempest-aware" machine? That is, could a guy buy supplies that would make his machine "quiet?" If so, would someone please tell me how! This would be very usefull to many cypherpunks and would be of (IMHO) general interest. Thanx in advance. BTW, this message was mailed by my pgp-aware, automatic mail script. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Sat, 5 Jun 93 00:37:36 PDT To: pfarrell@cs.gmu.edu (Pat Farrell) Subject: Re: Software infrastructure In-Reply-To: <84861.pfarrell@cs.gmu.edu> Message-ID: <9306050737.AA19773@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain According to Pat Farrell: > >>Maybe I have a slow version, but I have NEVER gotten comparable results 'tween >>kermit and zmodem, or even ymodem. Usually it's a 2:1 difference. > > It is important to have recent version on both the PC and host side. > The versions that I run on my PC is 3.12. The Unix host version is > close to 5A... I had to slurp the latest Sun version from Columbia > to get decent performance. The version supported by my Sysadmin was > obsolete. I haven't claimed that Kermit is faster, but with sliding windows, > large buffers, and other tricks, the night and day difference goes away. I'll take your word for it. ;^) I can only speak from experience. > >What do you mean by "commandline script?" > > I mean that a script that works like unix or DOS command line programs > should (speculation alert!) be possible. We can handle obscure options, > switches, etc. My target audience can't. Kermit has automatic scripts > and macros that should be able to handle what we need. Heaven help us > when there are errors tho.... We simply make a batch file which starts our comm program with all the right settings? Simple. If there are errors, we program around them just like we do in the real world (tm) If we don't we hear about it from our users! ;^) I still have a few possible errors which I haven't programed around on my scrYpt, but they are so rare.... ya, I know. I'll fix em before I release. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: poier@sfu.ca (Skye Merlin Poier) Date: Sat, 5 Jun 93 03:18:43 PDT To: cypherpunks@toad.com Subject: here ya go Message-ID: <9306051015.AA15046@malibu.sfu.ca> MIME-Version: 1.0 Content-Type: text/plain heres the procomm+ 2.0 hook prog... -----snip snip----- /* 22222222222222222222222222222222222222222222222222222222222222222222222 22 22 22 HOOK.C - Programmer's interface for PROCOMM PLUS 2.0 22 22 COPYRIGHT (C) 1990 DATASTORM TECHNOLOGIES, INC. 22 22 22 22 PROCOMM PLUS passes the "hook" program the address in memory of 22 22 the PCPLUS.PRM file structure, and the ASPECT N0-N9 and S0-S9 22 22 arrays. This sample code makes local copies of these so it can 22 22 use the small memory model and not have access those locations 22 22 directly (look at the movedata() function calls.) 22 22 22 22 This file also contains other PROCOMM PLUS information that 22 22 programmers may wish to make use of. 22 22 22 22 NOTE: This code example is written for Microsoft C, which 22 22 defaults to "word alignment" of integer size items and causes 22 22 extra bytes to be inserted in structures to insure field 22 22 alignment. Turbo C, Zortech C, and other compilers that default 22 22 to "packed" or byte alignment must be explicitly set to word 22 22 alignment (usually the -a compiler option). 22 22 22 22222222222222222222222222222222222222222222222222222222222222222222222 22222222222222222222222222222222222222222222222222222222222222222222222 22 22 22 IMPORTANT NOTICE: The concepts and the text contained in this 22 22 file are hereby released into the Public Domain for use by 22 22 programmers in developing PROCOMM PLUS-compatible code. 22 22 Programs developed using this file may be distributed freely by 22 22 programmers without any financial or legal obligation to 22 22 Datastorm Technologies, Inc. However, this in no way implies 22 22 that any other material in the PROCOMM PLUS package may be 22 22 distributed in such manner, or that PROCOMM PLUS or any other 22 22 Datastorm product may be bundled for distribution with programs 22 22 developed using this file. 22 22 22 22222222222222222222222222222222222222222222222222222222222222222222222 */ #include "stdio.h" #include "stdlib.h" #include "dos.h" /* 22222222222222222222222222222222222222222222222222222222222222222222222 22 22 22 Structure for PROCOMM PLUS PCPLUS.PRM information 22 22 22 22222222222222222222222222222222222222222222222222222222222222222222222 */ struct PARMLIST { /* line settings */ int port; /* com port, 0=COM1 etc */ unsigned int baud; /* index into baud_rate[] array */ int parity; /* parity: NOEMS = 01234 */ int sbits; /* stop bits as int */ int dbits; /* data bits as int */ /* Modem General Options */ int mdm_timeout; /* secs to wait for connect */ int mdm_pause; /* secs to pause between calls */ int abdetect; /* autobaud for dialing: FALSE/TRUE */ int ddtrflg; /* 1=drop dtr in dial dir */ char redialc; /* character to send in redial */ int cdover; /* override CD and send init string ? */ int maxcalls; /* max retries for dial dir */ /* Modem Command Options */ char mdminit[47]; /* modem init string */ char mdmcmd[25]; /* modem dialing command */ char mdmsuf[25]; /* modem dial command suffix */ char hu_str[25]; /* modem hangup string */ char ans_str[25]; /* modem auto anser string */ char no_ans_str[25]; /* modem no auto answer string */ /* Modem Result Messages */ char mdm_msg[11][16]; /* modem messages, 0-6 = connect */ /* Modem Port Assignments */ int baseaddr[8]; /* com port base addresses */ int irqnumbr[8]; /* com port irq selection */ /* Terminal General Options */ int termtype; /* terminal type */ int echo_flag; /* duplex: 0=FULL, 1=HALF */ int use_xon; /* use flow control: FALSE/TRUE */ int hardflow; /* use hasrware flow ctrl: FALSE/TRUE */ int wrap; /* use line wrap FALSE/TRUE */ int scrlflag; /* scroll page FALSE/TRUE */ int lfflag; /* add LF to CR coming in: FALSE/TRUE */ char dest_bs; /* use destructive BS: FALSE/TRUE */ int brklen; /* BREAK length in ms */ int enq_on; /* respond to ENQ: NONE/ANSWERBACK/CIS B */ int use_uline; /* 1=EGA/VGA true underlining */ int col132mode; /* 0=80 col, 1=132 col */ int ansi8bit; /* 1=ANSI 8 bit mode, 0=ANSI 7 bit mode */ /* Terminal Color Options */ int tcnorm; /* Terminal normal attribute */ int tcbold; /* Terminal bold attribute */ int tchalf; /* Terminal wrt prt/half intense attribute */ int tcrev; /* Terminal reverse attribute */ int tculine; /* Terminal underscore attribute */ /* Display/Sound Options */ int explode; /* use exploding windows: FALSE/TRUE */ int soundon; /* use sound: FALSE/TRUE */ int alarmon; /* use alarm: FALSE/TRUE */ int attenlen; /* seconds for alarm sound */ int snow; /* flag for using fast display updates */ int sline_off; /* 0=use status line, 1=use 25 lines of data */ int bigcur; /* 0=line, 1=block */ unsigned int rfarsize; /* far mem for redisplay buffer */ int startextralines; /* startup in extraline mode? */ int extralines; /* 25, 28, 43 or 50 line mode */ /* General Options */ char prtfilename[13]; /* name of PRN device */ int cd_at_exit; /* 0=ignore, 1=hangup, 2=ask */ int fastkbd; /* AT keyboard speedup */ int remcmd; /* flag for using remote script commands */ int xlatflag; /* use xlate: FALSE/TRUE */ char xlatps; /* pause character */ int keypause; /* pause between chars in ms */ int nophonelog; /* flag for using phone log */ int filelu; /* flag for using auto filename lookup */ int use123; /* use lotus menus ? */ char key123; /* lotus menu key */ int dtrflag; /* drop DTR in hangup: FALSE/TRUE */ int page_is_xfer; /* 1=PgUp/Dn xfer, 0=Ctrl-PgUp/Dn xfer */ char chat_blk_mode; /* flag for char/block mode in "chat" */ /* Host Mode Options */ int hardwire; /* host connection type: MODEM/DIRECT */ int autobaud; /* use autobaud in host mode */ char host_id[51]; /* host welcome string */ int opensys; /* host is open system: FALSE/TRUE */ char hostup[51]; /* host mode upload default dir */ char hostdn[51]; /* host mode download default dir */ int hosttimeout; /* host inactivity timeout (in minutes) */ int hostbyemode; /* what to do after end of call */ int hostnewuserdl; /* can new user xfer files? */ /* File/Path Options */ char log_name[65]; /* default log file name */ char scr_name[65]; /* default screen dump fiel name */ char dl_path[65]; /* default d/l path */ char viewname[65]; /* view prog name */ char ed_name[65]; /* editor name */ /* Color Options */ int hmclr; /* colors */ int hmhi; int pdclr; int pdhi; int slclr; int slhi; int tcclr; int tchi; int xclr; int xhi; int ddclr; int ddhi; int kmclr; int kmhi; int pmclr; /* colors for pulldown menus */ int pmhi; /* colors for pulldown menus */ int pmrev; /* colors for pulldown menus */ /* ASCII Options */ int ascii_echo; /* echo ascii uploads: FALSE/TRUE */ int blankx; /* expand blank lines in ASCII uploads */ int tabx; /* expand tabs in ASCII uploads */ int cpace; /* char pace time for ASCII uploads */ int pchar; /* pace character for ASCII uploads */ int pace; /* line pace for ascii u/l */ int up_cr; /* CR define for ascii u/l: */ int up_lf; /* LF define for ascii u/l: */ int dn_cr; /* CR define for ascii d/l: */ int dn_lf; /* LF define for ascii d/l: */ int strip8; /* strip 8th bit in ASCII xfers */ int ascii_dl_to; /* auto timeout value for ascii dloads */ /* Kermit Options */ int srpsiz; /* kermit stuff */ char spadchar; /* kermit stuff */ int ksoh; int spad; char squote; char sqt8bitchar; char sseol; int sbctr; /* kermit stuff */ int sbinary; int turnch; /* kermit stuff */ /* Zmodem Options */ int zadl; /* ZMODEM auto download flag */ int zds; /* ZMODEM time/date stamp flag */ int zcr; /* ZMODEM crash recovery flag (0, 1, 2, 3) */ int zscr; /* ZMODEM send crash recovery flag (0, 1 */ int ztw; /* ZMODEM tx window size (0, 2048, 4096) */ int zcrc; /* ZMODEM crc type (0 = 32 bit, 1 = 16 bit) */ /* int zmt; ZMODEM moby turbo compatibility flag */ /* External Protocol Options */ char epname[3][9]; /* display name */ char epupload[3][16]; /* upload command */ char epdnload[3][16]; /* download command */ int epmode[3]; /* 0,1,2=ASPECT,Program,Hook */ /* General Protocol Options */ int relax; /* XMODEM relaxed mode: FALSE/TRUE */ int trash; /* garbage placeholder */ /* Editor Options */ unsigned char textmode; /* input mode 0:Aspect 1:word */ unsigned char omiteof; /* don't write EOF flag */ unsigned char exptabs; /* expand tab characters */ unsigned char wordwrap; /* word wrap enable flag */ unsigned char justify; /* right margin justify flag */ unsigned tabsize; /* tab-stop constant */ unsigned pindent; /* programming indent level */ unsigned windent; /* indent level (zero-based) */ unsigned lmargin; /* left margin (zero-based) */ unsigned rmargin; /* right margin (zero-based) */ unsigned es0; /* status line headers */ unsigned es1; /* status line file information */ unsigned es2; /* status line message area */ unsigned et0; /* normal text display */ unsigned et1; /* reverse video text display */ unsigned et2; /* highlighted text display */ unsigned ep0; /* prompt window display */ unsigned ep1; /* prompt input field */ unsigned em0; /* default message attribute */ unsigned em1; /* message MSG attribute */ unsigned em2; /* message EMSG attribute */ #if defined(ACSI) char acsi_callname[17];/* ACSI server name */ #endif int mouse_x_sensitivity; /* x mickey sensitivity */ int mouse_y_sensitivity; /* y mickey sensitivity */ int xfer_cd; /* flag for testing CD in Xfers */ int clip_separator; /* char sent between clipboard entries */ int ax132; /* Value for AL for forced video mode */ int hcmdrte; /* TRUE if using HCOMMAND.RTE */ } ; /* End of parmlist */ /* 22222222222222222222222222222222222222222222222222222222222222222222222 22 22 22 Structure for PROCOMM PLUS dialing directory entry. 22 22 22 22222222222222222222222222222222222222222222222222222222222222222222222 */ struct DDREC { char ddname[25]; /* name */ char ddphone[21]; /* phone number */ int ddbaud; /* baud rate as int */ char ddparity; /* parity as short int */ char dddata; /* data bits as short int */ char ddstop; /* stop bits as short int */ char dddup; /* duplex as short int: 0 = full */ char ddscript[9]; /* ASPECT file w/o ext */ char ddlast[9]; /* last call: mm/dd/yy */ int ddtotal; /* total connects */ char ddproto; /* default protocol as short int */ char ddterm; /* terminal type as short int */ char ddmode; /* 0 = mode, 1 = direct */ char ddpassword[11]; /* like it says */ char ddmacfile[9]; /* keyboard macro file */ char ddkbdfile[9]; /* keyboard mapping file */ char ddport; /* com port to use */ char ddnotefile[9]; /* note file */ }; /* 22222222222222222222222222222222222222222222222222222222222222222222222 22 22 22 Structure for PROCOMM PLUS .KBD file terminal entry: 22 22 22 22 struct TERMTABLE 22 22 { 22 22 char def[79][12]; 22 22 }; 22 22 22 22 All fields are fixed length and are padded with NULLs. 22 22 22 22 The file is built in the terminal order in the term_desc array 22 22 below. Each terminal entry has the keys stored in the following 22 22 order: 22 22 22 22 KEYPAD ASTERISK (*) 22 22 KEYPAD MINUS (-) 22 22 KEYPAD PLUS (+) 22 22 KEYPAD PERIOD (.) 22 22 KEYPAD SLASH (//) 22 22 KEYPAD ENTER (CR) 22 22 22 22 TAB 22 22 BACKTAB 22 22 INSERT 22 22 DELETE 22 22 BACKSPACE 22 22 22 22 CTRL-HOME 22 22 CTRL-END 22 22 CTRL-PGUP 22 22 CTRL-PGDN 22 22 CTRL-BACKSPACE 22 22 22 22 F1 22 22 F2 22 22 F3 22 22 F4 22 22 F5 22 22 F6 22 22 F7 22 22 F8 22 22 F9 22 22 F10 22 22 F11 22 22 F12 22 22 22 22 KEYPAD 0 22 22 KEYPAD 1 22 22 KEYPAD 2 22 22 KEYPAD 3 22 22 KEYPAD 4 22 22 KEYPAD 5 22 22 KEYPAD 6 22 22 KEYPAD 7 22 22 KEYPAD 8 22 22 KEYPAD 9 22 22 22 22 SHIFT-F1 22 22 SHIFT-F2 22 22 SHIFT-F3 22 22 SHIFT-F4 22 22 SHIFT-F5 22 22 SHIFT-F6 22 22 SHIFT-F7 22 22 SHIFT-F8 22 22 SHIFT-F9 22 22 SHIFT-F10 22 22 SHIFT-F11 22 22 SHIFT-F12 22 22 22 22 GREY CURSOR UP 22 22 GREY CURSOR DOWN 22 22 GREY CURSOR LEFT 22 22 GREY CURSOR RIGHT 22 22 GREY INSERT 22 22 GREY DELETE 22 22 GREY HOME 22 22 GREY END 22 22 GREY PGUP 22 22 GREY PGDN 22 22 22 22 CTRL-F1 22 22 CTRL-F2 22 22 CTRL-F3 22 22 CTRL-F4 22 22 CTRL-F5 22 22 CTRL-F6 22 22 CTRL-F7 22 22 CTRL-F8 22 22 CTRL-F9 22 22 CTRL-F10 22 22 CTRL-F11 22 22 CTRL-F12 22 22 22 22 CURSOR UP 22 22 CURSOR DOWN 22 22 CURSOR LEFT 22 22 CURSOR RIGHT 22 22 22 22 HOME KEY 22 22 END KEY 22 22 ENTER KEY (CR)" 22 22 22 22222222222222222222222222222222222222222222222222222222222222222222222 */ unsigned char *termdesc[] = { "TTY ", /* TTY 0 */ "VT52 ", /* VT52 1 */ "VT100 ", /* VT100 2 */ "VT102 ", /* VT102 3 */ "VT220 ", /* VT220 4 */ "VT320 ", /* VT320 5 */ "ANSI ", /* BBS 6 */ "IBM PC ", /* IBMPC 7 */ "WYSE 75 ", /* WYSE75 8 (ANSI terminal) */ "ATT 605 ", /* ATT605 9 (ANSI terminal) */ "ATT 4410", /* ATT4410 10 (ANSI terminal) */ "TVI 922 ", /* TV922 11 (ANSI terminal) */ "HEATH 19", /* H19 12 */ "IBM 3101", /* IBM3101 13 */ "IBM 3161", /* IBM3161 14 */ "DG D100 ", /* DGD100 15 */ "DG D200 ", /* DGD200 16 */ "DG D210 ", /* DGD210 17 */ "ADDS 60 ", /* ADDS60 18 */ "ADDS 90 ", /* ADDS90 19 */ "ADM 3A ", /* ADM3 20 */ "ADM 5 ", /* ADM5 21 */ "ADM 31 ", /* ADM31 22 */ "ESPRIT 3", /* ESPRIT3 23 */ "3270/950", /* IBM3270 24 */ "TVI 910 ", /* TV910 25 */ "TVI 912 ", /* TV912 26 */ "TVI 920 ", /* TV920 27 */ "TVI 925 ", /* TV925 28 */ "TVI 950 ", /* TV950 29 */ "TVI 955 ", /* TV955 30 */ "WYSE 50 ", /* WYSE50 31 */ "WYSE 100" /* WYSE100 32 */ }; /* 22222222222222222222222222222222222222222222222222222222222222222222222 22 22 22 p.baud from the "parmlist" structure above is an index into the 22 22 following 2 arrays. 22 22 22 22 i.e. the current baud rate for PROCOMM PLUS is baud_rate[p.baud]. 22 22 22 22222222222222222222222222222222222222222222222222222222222222222222222 */ char *baud_desc[] = /* baud rates as strings */ { "300\0\0\0", "1200\0\0", "2400\0\0", "4800\0\0", "9600\0\0", "19200\0", "38400\0", "57600\0", "115200" }; long baud_rate[] = /* baud rates as longs */ { 300, 1200, 2400, 4800, 9600, 19200, 38400, 57600, 115200 }; /* 22222222222222222222222222222222222222222222222222222222222222222222222 22 22 22 HOOK.C declarations and defines 22 22 22 22222222222222222222222222222222222222222222222222222222222222222222222 */ #define PARMSIZE sizeof(struct PARMLIST) #define VMAX 10 #define SLEN 81 #define NSIZE VMAX * 2 #define SSIZE VMAX * SLEN struct PARMLIST near p; /* PCPLUS.PRM structure */ int asp_nums[VMAX]; /* ASPECT N0-N9 array */ unsigned char asp_strings[VMAX][SLEN]; /* ASPECT S0-S9 array */ unsigned int ptr_seg1; /* segment addr */ unsigned int ptr_off1; /* offset addr */ unsigned int ptr_seg2; /* segment addr */ unsigned int ptr_off2; /* offset addr */ unsigned int ptr_seg3; /* segment addr */ unsigned int ptr_off3; /* offset addr */ char far *suptr; /* ptr to far storage */ int type; /* flag from PROCOMM PLUS */ struct SREGS seg; /* structure for DS value */ /* 22222222222222222222222222222222222222222222222222222222222222222222222 22 22 22 main() program routine 22 22 22 22 Hook programs receive the following arguments: 22 22 22 22 ARG 1: The string "PCPLUS". 22 22 ARG 2: Far pointer in ASCII to the ASPECT N0-N9 array. 22 22 ARG 3: Far pointer in ASCII to the ASPECT S0-S9 array. 22 22 ARG 4: Far pointer in ASCII to the PCPLUS.PRM structure. 22 22 ARG 5: Integer in ASCII indicating where hook was called from. 22 22 22 22222222222222222222222222222222222222222222222222222222222222222222222 */ void main(argc,argv) int argc; char *argv[]; { /* 22222222222222222222222222222222222222222222222222222222222222222222222 22 22 22 get value of segment registers into structure (we need DS value). 22 22 22 22222222222222222222222222222222222222222222222222222222222222222222222 */ segread(&seg); /* get value of DS register */ /* 22222222222222222222222222222222222222222222222222222222222222222222222 22 22 22 get segment and offset of ASPECT N0-N9 array... 22 22 22 22222222222222222222222222222222222222222222222222222222222222222222222 */ suptr = (char far *) atol(argv[2]); /* convert str to ptr */ ptr_seg1 = FP_SEG(suptr); /* get segment addr */ ptr_off1 = FP_OFF(suptr); /* get offset addr */ /* 22222222222222222222222222222222222222222222222222222222222222222222222 22 22 22 copy ASPECT array into local array 22 22 22 22222222222222222222222222222222222222222222222222222222222222222222222 */ movedata(ptr_seg1,ptr_off1,seg.ds,(unsigned int)&asp_nums[0],NSIZE); /* 22222222222222222222222222222222222222222222222222222222222222222222222 22 22 22 get segment and offset of ASPECT S0-S9 array... 22 22 22 22222222222222222222222222222222222222222222222222222222222222222222222 */ suptr = (char far *) atol(argv[3]); /* convert str to ptr */ ptr_seg2 = FP_SEG(suptr); /* get segment addr */ ptr_off2 = FP_OFF(suptr); /* get offset addr */ /* 22222222222222222222222222222222222222222222222222222222222222222222222 22 22 22 copy ASPECT array into local array 22 22 22 22222222222222222222222222222222222222222222222222222222222222222222222 */ movedata(ptr_seg2,ptr_off2,seg.ds,(unsigned int)&asp_strings[0][0],SSIZE); /* 22222222222222222222222222222222222222222222222222222222222222222222222 22 22 22 get segment and offset of PCPLUS.PRM structure from PROCOMM PLUS 22 22 22 22222222222222222222222222222222222222222222222222222222222222222222222 */ suptr = (char far *) atol(argv[4]); /* convert str to ptr */ ptr_seg3 = FP_SEG(suptr); /* get segment addr */ ptr_off3 = FP_OFF(suptr); /* get offset addr */ /* 22222222222222222222222222222222222222222222222222222222222222222222222 22 22 22 copy PROCOMM PLUS' structure into local structure 22 22 22 22222222222222222222222222222222222222222222222222222222222222222222222 */ movedata(ptr_seg3,ptr_off3,seg.ds,(unsigned int)&p.port,PARMSIZE); /* 22222222222222222222222222222222222222222222222222222222222222222222222 22 22 22 "TYPE" lets you know where the hook program was called from in 22 22 PROCOMM PLUS: 22 22 22 22 TYPE VALUE CALLING LOCATION 22 22 --------------------------------- 22 22 0 Upload Protocol 22 22 1 Download Protocol 22 22 2 Aspect Script 22 22 3 Meta Key Hook 22 22 22 22222222222222222222222222222222222222222222222222222222222222222222222 */ type = atoi(argv[5]); /* 22222222222222222222222222222222222222222222222222222222222222222222222 22 22 22 The following code is a simple example of what you can do with 22 22 a "hook" program. It assumes it was called fram an ASPECT script 22 22 and was passed some information in ASPECT variables N7 and S7. 22 22 It displays that information, then displays some information 22 22 about current settings in PROCOMM PLUS. It then puts new data 22 22 into N7 and S7 and passes it back to PROCOMM PLUS. 22 22 22 22 This is a sample ASPECT program that you can use with this hook 22 22 program to show how things get passed back and forth: 22 22 22 22 proc main 22 22 locate 0 0 22 22 n7 = 777 22 22 strcpy s7 "This message is from the ASPECT file." 22 22 hook "hook.exe" 22 22 fatsay 10 0 31 "ASPECT variable N7 passed from hook: %d" n7 22 22 fatsay 11 0 31 "ASPECT variable S7 passed from hook: %s" s7 22 22 endproc 22 22 22 22222222222222222222222222222222222222222222222222222222222222222222222 */ /* sample: */ printf("\nASPECT variable N7 passed to hook: %d",asp_nums[7]); printf("\nASPECT variable S7 passed to hook: %s",asp_strings[7]); printf("\n\n\nPROCOMM PLUS INFO:\n"); printf("\nBaud Rate: %s, Terminal: %s",baud_desc[p.baud],termdesc[p.termtype]); printf("\nPort: COM%d, Modem Init String: %s",p.port+1,p.mdminit); /* put some info into variables for return to ASPECT... */ asp_nums[7] = 99; strcpy(asp_strings[7],"This message is from the hook program."); /* copy local variables back into ASPECT variables... */ movedata(seg.ds,(unsigned int)&asp_nums[0],ptr_seg1,ptr_off1,NSIZE); movedata(seg.ds,(unsigned int)&asp_strings[0][0],ptr_seg2,ptr_off2,SSIZE); /* signal normal exit (can be tested for with ASPECT "if success" command) */ /* 0 signal sucess, 1 signals failure. */ exit(0); } -- -----====> Skye Merlin Poier <====----- Undergrad in CMPT/MATH (Virtual Reality) |||| |||| email: poier@sfu.ca p-OO <--> OO-q THINK PGP Public Key available on finger \== ==/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: hkhenson@cup.portal.com Date: Sat, 5 Jun 93 08:17:28 PDT To: cypherpunks@toad.com Subject: Re: DISKREET--Norton Message-ID: <9306050727.1.2868@cup.portal.com> MIME-Version: 1.0 Content-Type: text/plain Norton might let interested people exhamine the code, far as I know nobody has asked, but one mode is DES. It seems to me if Norton were ok, you could encrypt with Norton and decrypt with any other hardware/software implimention of DES. Unless Norton does something really dumb like stashing the key on disk somewhere, it would seem to me that this would varify Norton doing DES per the book. Have I missed something? Keith From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Sat, 5 Jun 93 00:06:33 PDT To: Paul Haahr Subject: Re: Lobbying for Cryptoprivacy, non-U.S. In-Reply-To: <9306041803.AA28955@astro.mv.us.adobe.com> Message-ID: <9306050926.aa04642@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > Russia probably has the chip-making skills (and, certainly, the spookish > ones) to fit, but they probably count as a ``cooperating major European > countr[y]'' now. Uh... Based on my experience they probably count as "a number of not-very-cooperating European countries" ;-) Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Sat, 5 Jun 93 00:06:42 PDT To: Eric Hughes Subject: Re: Software infrastructure In-Reply-To: <9306041746.AA13444@soda.berkeley.edu> Message-ID: <9306050928.aa04663@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > >On your host (typically an UNIX box) you configure > >sendmail/smail/binmail/whatever to forward your mail over uucp to your > >home machine. > > This is a huge hurdle for people who don't own their own machines and > haven't convinced a sympathetic sysadmin to do the configuration. Yes. Sorry. Brain disengaged. Been my own sysadmin for 10 years now, so it just didn't occur to me... :-( Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Sat, 5 Jun 93 00:07:48 PDT To: cypherpunks@toad.com Subject: Anon.penet.fi and penet.anonymous.net Message-ID: <9306050942.aa04754@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain Since I announced my intention to re-establish the full anon.penet.fi service, I have received several messages with very valuable and useful ideas. I just want to clarify my situation. What I'm doing now is to simply re-establish the old service, without any changes/improvements (except for an AUP-free connection and a faster box). This gives me time to work on the improved Mk II with support for PGP, multiple ID's, selectable double/single blind etc. I expect to bring up Mk II as penet.anonymous.net this fall, but I need some time to implement the stuff, write documentation etc., and I have to take care of my "daytime" jobs as well. Somebody has to pay for all that new hardware and that international connection... Not mentioning my rent ;-) Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Nickey MacDonald Date: Sat, 5 Jun 93 08:37:18 PDT To: RYAN Alan Porter Subject: Re: CryptoStacker, long term vision In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: text/plain > As for those people that can't afford to use dedicated hardware, there is > still the less secure idea of having the key stored on a floppy that would > be inserted at load time and read into memory. This would have the > obvious disadvantage of having the key sitting around in memory, a sitting > duck (especially for people who leave their systems on all of the time, > like me, as soon and the Nazis learned about systems like these then 'Run > a key scanning program on the system to be confiscated' would just become > step one in their procedure, would be a hole even if the keys were > password protected) but it would be better than nothing at all, and the > speed problems could be dealt with by using the multiple partition method > that I described earlier, having a 'secure' virtual disk where all of your > data goes, and a seperate 'fast' virtual disk which is unencrypted where > all of your programs and such go. Hmmm... I have a suggestion to make keeping the key in memory a little more safe, though I don't think there is way to prevent a properly resourced person/agency/enemy from getting it (or any other data in the RAM of the computer). You first need a machine which has a supervisor state, which *only* the OS can run in. Your cryptostacker will be part of the OS and as such, user processes cannot access its memory. This way, the attacking agency will have difficulty just running any old program to copy all of the CPU's memory to a disk. The only way to add new programs to the supervisor state (OS) would be if the machine is power up in a special way (with a certian boot disk for example) so that once the machine is running there is *no* software method to read any OS data. You would also want to avoid storing the crypto key at a fixed memory location. Allocate some memory at a variable location at each startup and store this location *only* in a register. This should make it even more difficult to get the key, because you would need to be able to check the supervisor stack to find the right register to find the location of the key. This raises the question of just how much work an agency goes through when it is first confiscating a machine to ensure that they can get at all the machines data. If the first thing they do is turn the machine off to be able to pack it up, then you are all set. (Assuming you didn't manage to turn it off before you lost control of the machine.) What kinds of things can you do to your home machine to make more tamper proof? If you have an "easy access" case, how about installing a micro switch that will reset the machine (or power cycle the system) when its opened. --- Nick MacDonald | NMD on IRC i6t4@jupiter.sun.csd.unb.ca | PGP 2.1 Public key available via finger From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Nickey MacDonald Date: Sat, 5 Jun 93 09:00:14 PDT To: Eric Hughes Subject: Re: CryptoStacker, long term vision In-Reply-To: <9306031512.AA25490@soda.berkeley.edu> Message-ID: MIME-Version: 1.0 Content-Type: text/plain > Your keying material should be long. I earlier suggested one key per > track. These keys are going to have to be stored somewhere, and the > disk is the wrong place for it, clearly. This implies that the user > is going to have to have some key-holding device (likely a diskette) > which will be necessary in order to unlock the partition. the keying > material should be password protected. This device will be have to > used at boot time if anything necessary to boot is stored on the > encrypted partition. > Keying material will need to be backed up. This should be made as > painless as possible, otherwise there will be plenty of people losing > whole drives. This probably goes without saying, but just to make sure... Since you are talking about using a partition, and partitions do not often change in size (it implies a lot of backup and restore work to change a partition size normally) then you could generate all the keys for all the (known and fixed number of) tracks in advance. The first thing the user should do after generating all the keys is to make **many** backups, perhaps all with different keys to encrypt the keys. No one wants to lose a whole partition because a floppy wore out and broke down! The other interesting thing about encrypting per track... it exemplifies the trade offs often associated with computing... Usually they preach that all files should be contiguous (all sectors on the same track if possible) but for the most secure encryption of a file in this cryptostacker you would want files to be on as many different tracks as possible. --- Nick MacDonald | NMD on IRC i6t4@jupiter.sun.csd.unb.ca | PGP 2.1 Public key available via finger From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Nickey MacDonald Date: Sat, 5 Jun 93 09:05:14 PDT To: elee9sf@Menudo.UH.EDU Subject: Re: Another chaining utility In-Reply-To: <199306031333.AA16241@Menudo.UH.EDU> Message-ID: MIME-Version: 1.0 Content-Type: text/plain I read this, and without knowing if anyone else has replied, it looks like a need for an explanation of how to get more environment space in DOS. Is it that you don't know how to increase the DOS environment size, or does it still not work even if you have increased it? OBdisclaimer: I don't know 4DOS, just regular old MS/PC DOS... and maybe a little DRDOS. :-) --- Nick MacDonald | NMD on IRC i6t4@jupiter.sun.csd.unb.ca | PGP 2.1 Public key available via finger On Thu, 3 Jun 1993 elee9sf@Menudo.UH.EDU wrote: > > I couldn't get Karl's hopmail.bat to run on my PC (not enough environment > > space?) so I wrote this in C and it works OK. > > Say, is anybody else having this problem? I wonder what the problem > is (environment space?) PLEASE let me know about bugs or problems > with the scripts. I'm going to be updating the dos versions pretty > soon, and will see if I can figure out what the space error means. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: henry strickland Date: Sat, 5 Jun 93 14:04:37 PDT To: hkhenson@cup.portal.com Subject: Re: DISKREET--Norton In-Reply-To: <9306050727.1.2868@cup.portal.com> Message-ID: <9306052112.AA29094@versant.com> MIME-Version: 1.0 Content-Type: text/plain # From: hkhenson@cup.portal.com # Subject: Re: DISKREET--Norton # # , it would seem # to me that this would varify Norton doing DES per the book. Have # I missed something? DES defines an encryption algorithm, but not how it is deployed in an environment. Questions I would have: -- Is the key that the user types in used DIRECTLY as a 8-ASCII-character DES key? If you don't type 8 characters for the key, how is it padded? -- Does it use CBC mode, or what? -- Where does it get an initialization vector? -- Assuming CBC or some other chaining mode, is an entire file encrypted as a single unit? Or is each file block encrypted, beginning with a quickly-determined initialization vector, and what are they? -- If the length of the file is not a multiple of 8 bytes (the DES cyperblock size), how is the boundary condition handled? -- Are filenames encrypted? How? Other directory information? If the source to Norton were not published, but rigorous specs were available that could be verified by trying it an a bunch of files, and if one can account for all bytes on disk that change when the package is used (so that we know it is not escrowing keys or doing anthing stupid with them), then I might feel comfortable about the product. I don't think this is unreasonable to ask. It would particularly make me feel safe about the problems we heard described earlier, where someone was unable to decrypt files. If I can deploy and use my own decryption mechanism to doublecheck Norton, then it's more likely my own fault if I cannot recover some file. strick From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Sat, 5 Jun 93 15:06:37 PDT To: smb@research.att.com Subject: Re: Dig. Cash Question. In-Reply-To: <9306052136.AA04744@triton.unm.edu> Message-ID: <9306052206.AA05155@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain According to smb@research.att.com: > > I'm reading the paper that was announced on this list about > Digital Cash last week. It was writen by Stefan Brands. I > think I have a strong Math background, but I don't know what is > meant by a "descrete log" in a group G. I understand what a > group is. I just don't know what properties an element, a, > would have if it were the log sub p of e. Can someone help > me. Otherwise, this is a very interesting article. Thanx in > advance. > > You might want to fix your mailer; according to the strict letter of > RFC822, human-readable names shouldn't contain periods unless quoted.... I sent word to those "in charge." ;^) Maybe after I graduate, they will fix it.... > Anyway -- suppose that in some group, you know that a^n=b, where a > and b are members of the group, and n is an integer. a^n indicates > the group operation iterated n times. The discrete log problem is > recovering n, given ``a'' and a^n=b. > > In some groups, this is a very hard problem. The group most commonly > used in cryptography is the field GF(p), i.e., the field of integers > modulo p, where p is some large number, preferably a prime, and ``a'' If I understand this correctly, if p is not a prime, then n may not be unique. > is a ``primitive root'' of the field. The problem is thus to find > n, given ``a'' and a^n modulo p. Other instances of discrete log > are useful as well; NeXT, for example, uses the same basic equation > in a field over some family of elliptic curves. Their much-ballyhooed > invention was to find a set of such curves for which the exponentiation > operation can be performed very efficiently. > Thanx for the (very!) clear explaination. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: smb@research.att.com Date: Sat, 5 Jun 93 14:35:14 PDT To: "J. Michael Diehl" Subject: Re: Dig. Cash Question. Message-ID: <9306052135.AA26361@toad.com> MIME-Version: 1.0 Content-Type: text/plain I'm reading the paper that was announced on this list about Digital Cash last week. It was writen by Stefan Brands. I think I have a strong Math background, but I don't know what is meant by a "descrete log" in a group G. I understand what a group is. I just don't know what properties an element, a, would have if it were the log sub p of e. Can someone help me. Otherwise, this is a very interesting article. Thanx in advance. You might want to fix your mailer; according to the strict letter of RFC822, human-readable names shouldn't contain periods unless quoted.... Anyway -- suppose that in some group, you know that a^n=b, where a and b are members of the group, and n is an integer. a^n indicates the group operation iterated n times. The discrete log problem is recovering n, given ``a'' and a^n=b. In some groups, this is a very hard problem. The group most commonly used in cryptography is the field GF(p), i.e., the field of integers modulo p, where p is some large number, preferably a prime, and ``a'' is a ``primitive root'' of the field. The problem is thus to find n, given ``a'' and a^n modulo p. Other instances of discrete log are useful as well; NeXT, for example, uses the same basic equation in a field over some family of elliptic curves. Their much-ballyhooed invention was to find a set of such curves for which the exponentiation operation can be performed very efficiently. Oddly enough, solving discrete log in GF(p) seems to be vaguely akin to factoring. p doesn't have to be a prime, but you can use smaller numbers if it is. Early attempts used 2^n, since that makes the modulus operation trivial, but if you do that, you need such a large n that it doesn't pay. For p a prime, 512 bits is probably secure now, though possibly not against NSA. 1024 bits is likely to be secure forever, barring major theoretical breakthroughs. --Steve Bellovin From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stanton McCandlish Date: Sat, 5 Jun 93 17:41:00 PDT To: cypherpunks@toad.com Subject: Re: Software infrastructure In-Reply-To: <35870.pfarrell@cs.gmu.edu> Message-ID: <9306060040.AA07296@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain I am NOT interested in arguing the merits or lack thereof of Kermit. Kermit IS used, but rarely on PCs, and VERY rarely in what appears to be the target market. Remember that we're talking about a general-user, friendly application for the compuklutz. After being spoiled by QModem, there is no way in hell, heaven or otherwise that many of them will use Kermit or something based on it, unless it offers all that QM does (incl. Zmodem, external protocols, cute menuing interface, etc.) I think there's a confusion here, namely that Kermit is useful on some sorts of machines, and for specific purposes, but this idea is getting mixed up with what is the most useful DOS comm program(s), the one(s) most used. THATs where the market is. Its not a matter of "is kermit cool, is kermit good enough, is kermit free?", its a matter of "will the target users actually use it, or anything based on it?" I'd suggest again that the answer is "no". That's all. Not meaning to insult anyone who's fave term prog. is kermit. Just trying to suggest a clarified view of the PC telecom program market. People make new comm programs all the time, many with a LOT of features. But they ain't the Big Three, so they get ignored. Perhaps sadly. -- When marriage is outlawed only outlaws will be inlaws! Stanton McCandlish, SysOp: Noise in the Void DataCenter Library BBS Internet anton@hydra.unm.edu IndraNet: 369:1/1 FidoNet: 1:301/2 Snail: 1811-B Coal Pl. SE, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: smb@research.att.com Date: Sat, 5 Jun 93 16:06:05 PDT To: mdiehl@triton.unm.edu Subject: Re: Dig. Cash Question. Message-ID: <9306052306.AA26846@toad.com> MIME-Version: 1.0 Content-Type: text/plain > Anyway -- suppose that in some group, you know that a^n=b, where a > and b are members of the group, and n is an integer. a^n indicates > the group operation iterated n times. The discrete log problem is > recovering n, given ``a'' and a^n=b. > > In some groups, this is a very hard problem. The group most commonl y > used in cryptography is the field GF(p), i.e., the field of integers > modulo p, where p is some large number, preferably a prime, and ``a' ' If I understand this correctly, if p is not a prime, then n may not be unique. Well, n isn't unique even if p is prime. Consider a=10,p=11. 10^2=10^4=10^6=10^8=10^10=1 mod 11. You only get a maximum-length cycle if ``a'' is a primitive root, hence the restriction I stated in the part I deleted... It doesn't matter that n isn't unique, though you do want a good distribution. Primitive roots have a maximal distribution, which is why they're good. But a reduction by, say, a factor of 2 doesn't matter in practice. (For p=11, try a=3.) The implementation of secure RPC in SunOS uses Diffie-Hellman (which relies on the difficulty of the discrete log problem) with base that's not a primitive root. To be sure, their key exchange was cryptanalyzed, but that's because they picked a 192-bit modulus, not because of the exponentiation base. If I recall correctly, if p=kq+1, for q a prime and k a small integer, there are (q-1)/k primitive roots in GF(p). That suggests generating p=2q+1, p and q prime, which gives a very good density. And checking if a number is a primitive root is easy (again, to my recollection; I'm not a number theorist) if you know the factorization of p-1, which of course we do in this case. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Doug Porter <76244.315@CompuServe.COM> Date: Sat, 5 Jun 93 18:54:38 PDT To: Cypherpunks Subject: Re: CryptoStacker Message-ID: <930606015152_76244.315_CHN23-4@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain The mother lode of source code for MSDOS redirectors, drivers, and related code appears to be the BCPPDOS forum on CompuServe. Some of the authors state that their software has been placed in the public domain, although for some reason they usually left in their copyright notices. It's a very good idea to have the author's explicit permission on file before redistributing any of this software. In the C programming library: CPHANT.ZIP C source for MSDOS network redirector DRIVER.ZIP C/Asm source for generic driver skeleton RDCF2.ZIP C source for complete MSDOS file system In the General library: CRAMDI.ZIP C source to RAM disk driver FDCBIOS.ZIP Asm source to floppy disk driver Doug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mmidboe@cs.uah.edu (digital saint) (Computer Science Dept., Univ. of Alabama-Huntsville) Date: Sat, 5 Jun 93 21:11:25 PDT To: cypherpunks@toad.com Subject: Software infrastructure Message-ID: <9306060412.AA06825@uahcs2.cs.uah.edu> MIME-Version: 1.0 Content-Type: text/plain CY>Buzzword alert. What is "TPU"? And who makes "Async Pro", and what CY>exactly does that do? Well, in the PC world, a TPU is just a Turbo Pascal Unit. It's become kind of a standard for making easy add-ons to programs since a lot of programmers use Turbo Pascal. Async Pro is written by Turbo Power software. Anyways, does anyone have any basic ideas on what functions would be really important for some kind of programmers toolkit? To narrow things down you might want to make a PGP toolkit that manipulates PGP keys and makes using PGP easier from other programs. So, does anyone have feedback on some good general PGP encrypted file manipulation functions? Once you make them easy to integrate into other programs I'm sure more and more people will pick it up. Reading through the vast amounts of C code on PGP is quite a daunting task. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stanton McCandlish Date: Sat, 5 Jun 93 22:31:18 PDT To: cypherpunks@toad.com Subject: NitV is DOWN! Message-ID: <9306060531.AA12404@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain > DON'T call for PGP toys from my system any time this week, and likely next. > The system is DOWN, due to a motherboard video-related problem (among others). > Serves me right for buying mailorder, with a 1yr warranty (it's been 1 > year and 2 months. Of course.) NitV should be up and running and all > the crypto files available again within a couple weeks. Blagh. > Of course, what REALLY must've happened is the SS sneaked into my house in > the middle of the night and ran a magnet over my BIOS... >;) > > -- > When marriage is outlawed only outlaws will be inlaws! > Stanton McCandlish, SysOp: Noise in the Void DataCenter Library BBS > Internet anton@hydra.unm.edu IndraNet: 369:1/1 FidoNet: 1:301/2 > Snail: 1811-B Coal Pl. SE, Albuquerque, New Mexico 87108 USA > Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) > Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) > -- When marriage is outlawed only outlaws will be inlaws! Stanton McCandlish, SysOp: Noise in the Void DataCenter Library BBS Internet anton@hydra.unm.edu IndraNet: 369:1/1 FidoNet: 1:301/2 Snail: 1811-B Coal Pl. SE, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Sat, 5 Jun 93 23:30:08 PDT To: smb@research.att.com Subject: Re: Dig. Cash Question. In-Reply-To: <9306052306.AA05980@triton.unm.edu> Message-ID: <9306060630.AA10639@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain According to smb@research.att.com: > > If I understand this correctly, if p is not a prime, then n may not be > unique. > > Well, n isn't unique even if p is prime. Consider a=10,p=11. > 10^2=10^4=10^6=10^8=10^10=1 mod 11. You only get a maximum-length > cycle if ``a'' is a primitive root, hence the restriction I stated > in the part I deleted... That is, if a is a generator of G, or as close to one as possible. My thinking was obviously clowded... Not that I have a beer in me, I remember that for any element, a of group G, a will have order n, such that n|ord(G). This implies that there are n different (positive) powers of a which yield a particular number, b in our case. Each of which would qualify as a log. I think I understand. > It doesn't matter that n isn't unique, though you do want a good > distribution. Primitive roots have a maximal distribution, which is Then which root are we to use in discussion? +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Sun, 6 Jun 93 00:35:23 PDT To: J. Michael Diehl Subject: Re: decompiling DISKREET In-Reply-To: <9306050121.AA13122@triton.unm.edu> Message-ID: <9306060734.AA00306@toad.com> MIME-Version: 1.0 Content-Type: text/plain > > This is the reason that I disregard DISKREET from Norton. There's no > > source, and largish companies are notorious for pushing compromised > > software. Norton's unlikely to ship source, so unless someone > > decompiles it, I'm not biting. > > HMMmmm..... Well, how big is it? Is it a .exe or .com? It might be very > instructive to see how they do it... By the way, I have a relatively usable free 68k disassembler, and have recently retrofitted the simple GNU portable disassembler (supporting many processors) with an interface that should allow it to be glued into the usable disassembler (which traces branches, creates labels, lets you label things yourself, etc). Anyone who would like to work on these tools, please let me know. The GNU `objdump' program will disassemble the entire program from any object file format it recognizes (currently most a.out variants, most COFF variants, ELF, ecoff, xcoff, s-records, some IEEE object files). We have specs on the Windows object file formats, if anyone wants to add support for reading them. DOS EXE and COM files would be a useful addition, as well. You can get a taste of the current simple disassembler by getting the latest GNU Binutils (binary utilities) release from prep.ai.mit.edu or ftp.uu.net. Configure and build it on any of about twelve kinds of Unix machines, and run "objdump -d" on itself. John Gilmore From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: zimm@alumni.cco.caltech.edu (Mark Edward Zimmerman) Date: Sun, 6 Jun 93 04:51:32 PDT To: cypherpunks@toad.com Subject: random access into an encrypted file? Message-ID: <9306061150.AA07264@alumni.cco.caltech.edu> MIME-Version: 1.0 Content-Type: text/plain I'm enjoying the discussion of encrypting file systems, but have a perhaps-naive question: can the methods recently proposed here work for fast "random" access of bytes from the middle of a possibly-large file? Specifically, over the years I have written some free-text information-retrieval programs which build complete inverted indices to every word in a chosen text file (which may be many megabytes long, limited by disk space, not by RAM) --- and in order to fetch and display text quickly from an arbitrary point in the file, my programs do a lot of fseek() operations. If a file is encrypted under various schemes, I wonder how long it would take to fetch byte 100,000,000? Could it cause me some performance problems? :-) Just thought I'd raise the issue.... BTW, if anybody wants to work with large text files, the stuff I've done is all free under GNU GPL; for nicest user interface, see Mac version which hides behind HyperCard (in INFO-MAC archive at sumex-aim.stanford.edu, under directory info-mac/card with a name beginning "freetext", I think). Generic command-line C code to build indices is "qndxr.c" in various archives, and the generic command-line browser is "brwsr.c". See description in THE DIGITAL WORD, eds. Landow & Delany, MIT Press, 1993, pps. 53-68, for more details. Briefly, the programs let you scroll around in alphabetized word lists, generate key-word-in-context displays and do simple proximity filtering, and retrieve chunks of text on demand, very fast. Index-building is 15-20 MB/hour on an older Mac II-class machine, 60-80 MB/hour on a Sparcstation, etc. Best, ^z (no relation!) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Cypherpunk.Echo@f28.n125.z1.FIDONET.ORG (Cypherpunk Echo) Date: Mon, 7 Jun 93 21:56:41 PDT To: cypherpunks@toad.com Subject: Mailing list request Message-ID: <219.2C126002@shelter.FIDONET.ORG> MIME-Version: 1.0 Content-Type: text/plain SUBSCRIBE CYPHERPUNKS CYPHERPUNK ECHO ----- Hi! I don't know if this is automated at your end, or if I should just be emailing a request, so I'm doing both - I'd like to subscribe to the cypherpunk mailing list under the name cypherpunk echo. I'll be porting the list to an area on my BBS. Thanks for any help, if any is required. Peter Wadsworth - Sysop, Coconino County BBS, 415-861-8290 -- Cypherpunk Echo - via FidoNet node 1:125/1 UUCP: ...!uunet!kumr!shelter!28!Cypherpunk.Echo INTERNET: Cypherpunk.Echo@f28.n125.z1.FIDONET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sun, 6 Jun 93 11:58:21 PDT To: cypherpunks@toad.com Subject: random access into an encrypted file? In-Reply-To: <9306061150.AA07264@alumni.cco.caltech.edu> Message-ID: <9306061854.AA08835@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >can the methods recently proposed here work >for fast "random" access of bytes from the middle of a possibly-large >file? The model that has been most discussed recently has been that of encrypting sectors on the hard disk. In order to have random access to files, you have to have random access to sectors. Therefore, the encryption mechanism chosen must support random sector access. This is not difficult, but many of the techniques used for telecommunication encryption do not work. In particular, encryption modes that depend upon some previous state of the encryption machine do not work well. Cipher block chaining is a mode of operation for block ciphers that where the plaintext is xor'd with the previous block of ciphertext before encryption. The first block of plaintext, where there is no previous block, is xor'd with an initial vector, which may be considered part of the keying material. Now consider what would happen if you encrypted your whole disk in CBC mode. You'd have to start at the beginning of the disk and decrypt up to the point that you want to read. For a bit stream, this is fine, since one is decrypting the whole thing. CBC, however, is useful for doing sector encryption. A DES block is 8 bytes, a sector is typically 512. I assume here that one has to read the whole sector out of memory, although with some very clever and not obviously worthwhile optimizations one could decrypt on demand. Now CBC is a reasonable choice ifor in-sector encryption, because you have to read the whole thing anyway. Yet CBC requiress an initial vector. This is where counter mode come in. A good block cipher has what is called the avalanche property, which says that altering any bit of the input alters on average half of the bits of the output. (Note: if it altered more than half, the 1's-complement would change by less than half.) Thus the initial vectors do not need to change particularly much from one initial vector to the next. Hence an integer-valued counter works fine. For hard disks the sector number, already present, makes just such a unique initial vector. Summary: CBC within sectors, initial vectors provided by the sector number. This characterization of keying material works for block ciphers generally and yields a clean abstraction for the rest of the system. algorithm identifier (index or function pointer or link spec) plaintext/ciphertext block length key length The rest of the encryption code need only know these values. Here are some examples. Lengths are byte lengths. single DES, 8, 8 (64 bits, of which only 56 are used) double DES, 8, 16 triple DES, 8, 24 IDEA, 8, 16 Nice and clean. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mulivor@crc.monroecc.edu Date: Sun, 6 Jun 93 09:45:59 PDT To: cypherpunks@toad.com Subject: SPA Press Release Message-ID: <9306061624.AA09694@relay2.UU.NET> MIME-Version: 1.0 Content-Type: text/plain I recently received this press release from the Software Publishers Association. It gets better as it goes on. --Phil Mulivor mulivor@orion.crc.monroecc.edu -------------------------------------------------------------------- 06/04 1018 SPA RENEWS CALL FOR LIBERALIZING EXPORT CONTROLS WASHINGTON (JUNE 4) IDG PR SERVICE - At a National Institute of Standards and Technology (NIST) hearing Thursday on national cryptographic policies, the Software Publishers Association (SPA) explained how continued "munitions" export controls of mass market software with encryption capabilities were seriously harming the American software industry and renewed its call for significant export liberalization of mass market software using DES or other encryption algorithms such as RC2/RC4 at comparable strengths. SPA also warned that the Administration's recent announcement of its "Clipper Chip" initiative did not address the software industry's concerns and should not be an excuse to delay export liberalization. The SPA announced the preliminary results of its recent research which reveal a robust and rapidly expanding foreign market in encryption programs and products. "Unilateral US export controls do not make any sense given the widespread legal availability of foreign encryption programs," testified Ilene Rosenthal, SPA's general counsel. "Foreign companies will buy foreign encryption products if they cannot buy from American companies and in turn become ex-US customers. As a result, the U.S. Government will only succeed in crippling an American industry's exporting ability." The SPA research team preliminary concluded that: - The US no longer dominates the encryption field. In fact, the SPA has identified to date more foreign than domestic encryption programs and products (143 vs. 133). - There clearly are many foreign options for strong encryption, contrary to assertions by the U.S. government. SPA has preliminarily identified to date 80 foreign software, hardware, and combination hardware/software products for text, data, and file encryption from companies in 13 foreign countries. Forty-eight of these employ DES, which is nearly impossible to export from the U.S. in other than very rare circumstances. Sixty-three additional foreign encryption programs and products have been identified (including those from an additional five countries) but have yet to be investigated. However, SPA believes many of these also will be found to employ DES or other comparable strength encryption algorithms. - Fifteen foreign mass market encryption software programs and kits are available that employ the DES algorithm. These are published by companies in Germany, Israel, the United Kingdom, Denmark, Canada, Belgium, and Australia. These software programs are installed by the user inserting a diskette; the kits enable encryption capabilities to be easily programmed into a variety of applications. - Foreign companies increasingly recognize and are responding to the need to provide software only encryption solutions. Although the foreign encryption market is still heavily weighted towards encryption hardware and hardware/software combinations, the market trend is going to software. The SPA noted that in addition to these commercially available programs and products, any analysis of the availability of foreign encryption alternatives must consider programs available on the Internet, which is the largest global network connecting millions of users throughout the world. - DES is widely available on the Internet, including implementations that can be simply down-loaded and used. - A recently popularized encryption program entitled Pretty Good Privacy (PGP) also is widely available throughout the world. PGP implements the International Data Encryption Algorithm (IDEA), which provides protection comparable to DES. The program is intended for electronic mail, but also is ideal for encrypting files. It is available for free, may be used legally throughout Europe, whether in a business or at home, comes with easy-to-read instructions, is trivial to install, and simple to use. "Some government officials routinely assert that even if the Government prohibits America's software publishers from offering encryption features demanded by their customers abroad, we should not be concerned because there are foreign programs and products available," said Ken Wasch, SPA's executive director. "Our reseach shows that such an assertion is erroneous. In fact, there are a very large number of such programs and products available on the market today. The result is lost sales for American business without any improvement in national security." The Software Publishers Association is the principal trade association of the PC software industry. Its more than 1000 members represent the leading publishers in the business, consumer, and education markets. The SPA has offices in Washington and Paris, France. CONTACT: Software Publishers Association, Washington Terri Childs, 202/452-1600 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Sun, 6 Jun 93 11:41:24 PDT To: cypherpunks@toad.com Subject: My Poll. Message-ID: <9306061841.AA18948@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain This is just a note to let you know that the deadline for my poll has been extended to Monday evening. My kitchen flooded yesterday and I will not have time to prepare the results of my poll till monday night. You may expect the results tuesday. Bummer. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Nickey MacDonald Date: Sun, 6 Jun 93 10:31:26 PDT To: Mark Edward Zimmerman Subject: Re: random access into an encrypted file? In-Reply-To: <9306061150.AA07264@alumni.cco.caltech.edu> Message-ID: MIME-Version: 1.0 Content-Type: text/plain Mark: There are two possible ways to encrypt the file as they go to the disk, and I think which you choose would determine what problems an fseek would encounter... As I understand the conversation so far, the talk is to make the encrypted disk software a device driver. Imagine what a typical device driver must do. The operating system wishes to see all files as long strings (streams) of bytes and the disk drive wishes to see all "files" as a collection of sectors (of a fixed size). The device driver converts a request for file position 'x' to a request to locate sector 'y'. Even if you only want one byte from the file, a whole sector gets read in. So heres where you have to decide which way you are going to encrypt the file. If you are going to encrypt each sector in isolation, then when the operating system requests a certain file location, that maps to a certain sector which is read in, decrypted (in isolation from the rest of the sectors) and then a particular byte is readily available. If however you use a different scheme whereby the whole file is encrypted as a single entity (which would be difficult to impossible to do using the device driver metaphor, but there are other ways to wedge encryption into the system) then presumably you need to decrypt from the very beginning any time you need to seek into the file, which is what I think you were worried about. If you are familiar with data compression products, then here is a comparison of the two techniques: If you use something like stacker, which is implemented as a device driver, then you have access to any byte of any file at any time. If you use something like pklite (the .exe compressor) then you can never seek into the file (to load an overlay for example). You have to read the whole file and decompress it in order access the bytes individually as uncompressed data. (That is not a perfect metaphor, as pklite files are self decompressing when they execute, not when the operating system accesses them, but it does serve to show the limitations imposed my higher level file management.) --- Nick MacDonald | NMD on IRC i6t4@jupiter.sun.csd.unb.ca | PGP 2.1 Public key available via finger On Sun, 6 Jun 1993, Mark Edward Zimmerman wrote: > I'm enjoying the discussion of encrypting file systems, but have a > perhaps-naive question: can the methods recently proposed here work > for fast "random" access of bytes from the middle of a possibly-large > file? > Specifically, over the years I have written some free-text > information-retrieval programs which build complete inverted indices > to every word in a chosen text file (which may be many megabytes long, > limited by disk space, not by RAM) --- and in order to fetch and > display text quickly from an arbitrary point in the file, my programs > do a lot of fseek() operations. If a file is encrypted under various > schemes, I wonder how long it would take to fetch byte 100,000,000? > Could it cause me some performance problems? :-) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stanton McCandlish Date: Sun, 6 Jun 93 18:07:53 PDT To: rarachel@ishara.poly.edu (A1 ray arachelian) Subject: Re: ROT-13 hoopla on EchoMac In-Reply-To: <9306070028.AA17913@ishara.poly.edu> Message-ID: <9306070107.AA02107@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain You might also wish to enlist the aid of Dave Munhollon, who is one of the main hub providers in SecureMail, the Fido crypto message backbone (yes there is such a thing, most of Fido just doesn't want you to know about it.) Forget the address right off hand, but he's in the nodelist. -- When marriage is outlawed only outlaws will be inlaws! Stanton McCandlish, SysOp: Noise in the Void DataCenter Library BBS Internet anton@hydra.unm.edu IndraNet: 369:1/1 FidoNet: 1:301/2 Snail: 1811-B Coal Pl. SE, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Sun, 6 Jun 93 20:19:52 PDT To: mdiehl@triton.unm.edu Subject: Re: Tempest@home? Message-ID: <9306070319.AA07532@servo> MIME-Version: 1.0 Content-Type: text/plain A good source of general info on RFI (radio frequency interference) suppression can be found in amateur radio publications. THe same techniques hams use to keep their computers from interfering with their radios can be used to keep your computers from getting into the NSA's receivers... Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: A1 ray arachelian (library) Date: Sun, 6 Jun 93 16:33:14 PDT To: cypherpunks@toad.com Subject: ROT-13 hoopla on EchoMac Message-ID: <9306070028.AA17913@ishara.poly.edu> MIME-Version: 1.0 Content-Type: text/plain I seriously hope that this won't be way too off topic for this group, but I seem to have painted myself into a bit of a corner recently on FidoNet. Basically, it all started when someone requested a copy of a ROT-13 extension to a popular Macintosh programmer's editor called BBEdit. Soon after, the discussion was joined by the fatheaded sysops who would bible thump on the FidoNet rules that ROT-13 was encryption and as such it is outlawed on FidoNet. To make a long story shorter, in my plight to enlighten these folks (and the moderator of EchoMac who saw fit to banish me for posting a message encrypted with ROT-13,) I got a bit out of hand and started the usual on the soap-box preeching which included a message inviting everyone to join in the conversation by getting the ROT-13 extension. The rest of that message was "encrypted" by ROT-13. Now since ROT-13 is merely nothing more than A=N, B=M, C=O, D=P... and is fairly standard, I've got it on my head to convince the moderator that ROT-13 is not actually an encryption method. The FidoNet policies state that Fidonet cannot provide any sort of privacy as a measure to protect sysops from taking the heat for the possible illegal activities of users. Clearly, ROT-13 does not provide the least bit of privacy, save from a total computer neophyte. So, the reason I'm writing this here was basically "to go to the experts of encryption," and try to get them to agree with me that ROT-13 has never been a form of encryption because its purpose does not provide privacy. So I'm just asking you to agree with me, and I'll send the results to the moderator in question. If you'd like, mail me the responses directly so we won't clutter cypherpunks further, and I'll forward them myself. If you'd like, the moderator's address on FidoNet is Steve Ebener@1:152/42,FidoNet (this should be reachable via Steve.Ebner@f42.n152.z1.ieee.org) Please don't flame him, I'm trying to unbanish myself off the echo, not get him upset, however the thought of writing a program that sends a cookie to him every twenty minutes did occur, at least until I thought better of it. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mark Date: Sun, 6 Jun 93 09:50:31 PDT To: cypherpunks@toad.com Subject: Re: CryptoStacker Message-ID: <9306061529.AA02177@relay2.UU.NET> MIME-Version: 1.0 Content-Type: text/plain >In the C programming library: > > CPHANT.ZIP C source for MSDOS network redirector > DRIVER.ZIP C/Asm source for generic driver skeleton > RDCF2.ZIP C source for complete MSDOS file system > >In the General library: > > CRAMDI.ZIP C source to RAM disk driver > FDCBIOS.ZIP Asm source to floppy disk driver How does someone no on compu$erve get access to these? archie didnt report anything. (Want to peek at the cphant.zip file) Mark mark@cheops.anu.edu.au From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Doug Porter Date: Mon, 7 Jun 93 00:52:41 PDT To: cypherpunks@toad.com Subject: Re: CryptoStacker Message-ID: <93Jun7.005219pdt.13914@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Some folks have asked that the network redirector, driver, and file system source files from CompuServe be made available via ftp. Two of them, cramdi.zip and rdcf2.zip may not be public domain. I've ftp'd the others to soda.berkeley.edu, as well as rdcf.zip, a public domain earlier version of rdcf2.zip. I'm sure Eric will have them visible soon. I'll contact the authors of cramdi and rdcf2. Doug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eli Brandt Date: Mon, 7 Jun 93 09:18:32 PDT To: cypherpunks@toad.com Subject: remailer lossage: blank lines Message-ID: <9306071618.AA09949@toad.com> MIME-Version: 1.0 Content-Type: text/plain Well, nobody told me whether a message did or did not get through, but I'm now sure they didn't. All of the failed messages have blank lines before the :: token, which is consequently not recognized by recurse.pl. I dunno how they got in there, but I guess I should learn some perl and robustify against this -- unless somebody can think of a reason why :: needs to be able to start a message without being stripped. Damned in-band signalling... Eli ebrandt@jarthur.claremont.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mallen@redvax1.dgsca.unam.mx (Mallen Fullerton Guillermo Manuel-UIA) Date: Mon, 7 Jun 93 16:01:44 PDT To: cypherpunks@toad.com Subject: Dbase encryption Message-ID: <9306071535.AA15216@redvax1.dgsca.unam.mx> MIME-Version: 1.0 Content-Type: text/plain There is an encryption option in Dbase (SET ENCRYPTION ON). How secure is this encryption? How it works? I suspect it is not secure at all as the US Government allows its exportation :-( Guillermo From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: norm@netcom.com (Norman Hardy) Date: Mon, 7 Jun 93 10:48:16 PDT To: cypherpunks@toad.com Subject: Re: CryptoStacker, long term vision Message-ID: <9306071748.AA22182@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain When the Iranians took over the American Embassy in Teheran they, acquired access to the machines there. Subsequently there was talk of computer systems that were guaranteed to be volatile except for ciphered disks. There would be an unciphered boot block on disk that did not have the key to the rest of the disk but did have code to read and decipher the rest of the operating system. That key, however, would be in a safe place such as Washington DC. The system could not be booted until the key was available, presumably thru secure communications. If you trusted the operating system to only use the key for reading and writing the disk but not otherwise then pulling the plug made the all data in the computer inaccessible baring action from Washington. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Mon, 7 Jun 93 12:04:02 PDT To: cypherpunks@toad.com Subject: ALERT: PGP removed from soda archive site Message-ID: <9306071900.AA08993@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain The ftp site at soda will no longer be able to distribute PGP, I'm afraid. It appears that CERT informed someone on campus that "pirated" software was available on soda. The word came down, and the directory has been chown'd root and has had permissions removed. There will be more later on this. In the meantime, spread the word. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: b2men of EastEdge Date: Mon, 7 Jun 93 07:51:02 PDT To: "so what, cypherpunks ?" Subject: eastedge aDDRESS CHAnge Message-ID: <9306071450.AA07575@toad.com> MIME-Version: 1.0 Content-Type: text/plain Attention| E-mail address of EastEdge has changed to jza3001@huszeg11.bitnet Old address will not exist in 5 days Please spread this information Thanx -b2men signing off From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Al Billings Date: Mon, 7 Jun 93 17:58:00 PDT To: cypherpunks@toad.com Subject: Re: ALERT: PGP removed from soda archive site In-Reply-To: <9306071900.AA08993@soda.berkeley.edu> Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Mon, 7 Jun 1993, Eric Hughes wrote: > The ftp site at soda will no longer be able to distribute PGP, I'm > afraid. It appears that CERT informed someone on campus that > "pirated" software was available on soda. The word came down, and the > directory has been chown'd root and has had permissions removed. What does CERT stand for again? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Mon, 7 Jun 93 18:51:55 PDT To: cypherpunks@toad.com Subject: Re: ALERT: PGP removed from soda archive site In-Reply-To: Message-ID: <9306080152.AA06391@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Al Billings wrote: > On Mon, 7 Jun 1993, Eric Hughes wrote: > > > The ftp site at soda will no longer be able to distribute PGP, I'm > > afraid. It appears that CERT informed someone on campus that > > "pirated" software was available on soda. The word came down, and the > > directory has been chown'd root and has had permissions removed. > > What does CERT stand for again? Computer Emergency Response Team, set up in the wake of the Morris worm in 1988. They meet to discuss security threats. BTW, I just downloaded MacPGP from soda and saw no problems. I didn't try ordinary PGP, as I assumed the circumstance Eric mentioned had changed and PGP was once again available. -Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Mon, 7 Jun 93 19:00:03 PDT To: cypherpunks@toad.com Subject: ALERT: PGP now back on soda Message-ID: <9306080156.AA03431@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain You can stop spreading the word now. PGP is back on soda. Remember, it is my analysis that soda is still able to distribute PGP because we keep a low profile. Please keep it that way. You can find pgp with archie, so I don't feel the need to advertise. Lots of stuff happened today after I posted my initial announcement that PGP had gone offline. Because of the intervention of Eric Hollander with the folks who are in charge of the machine, reasonableness has prevailed. What happened in a nutshell was the following. Person A, a fascist asshole by all accounts, simply turned off the PGP directory without telling me. I started getting questions by email from folks trying to get PGP. Person A's argument was that PGP was illegal, therefore soda should not distribute it. Eric Hollander, after some initial rounds, played trump and observed that the machine had been recompiled without the user limit that had been part of the OS license agreement, and recommended that soda be shut down immediately because the kernel that soda was running was contrary to the license agreement. Very quickly the president of the organization which runs soda intervened and everything was OK. What is still troubling to me is the nastygram that came down from CERT. We don't know how they were informed, nor what their policy is on this. I'll have another message on that angle later. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ""L. Detweiler"" Date: Mon, 7 Jun 93 19:22:27 PDT To: cypherpunks@toad.com Subject: more ominous shudders from the bowels of NSA In-Reply-To: <6PXs5B2w165w@sytex.com> Message-ID: <9306080222.AA03981@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain [ComputerWorld] >"We tried to come up with a technique that would not require >legislation," said Clint Brooks, advisor to the director of the >National Security Agency, which developed and now strongly >supports the key-escrow approach. Another ominous, foreboding quote. >Federal officials responsible for shaping information security >policy said last week that legislation mandating use of the >government's recently proposed encryption technology -- and >banning the use of older but popular techniques -- is neither >wise nor legal. This article, nor any other alluding to `bans on cryptographic methods', is not sufficiently disturbing or alarmist. An such law would be blatantly, egregiously, grotesquely unconstitutional under protections of free speech. All hell would break lose if any such attempt reared its hideously monstrous face--imagine the Clipper `flap' multiplied by a gigabyte. Please, regarding cryptography, don't say that `the genie is out of the bottle' or `the laws would be unenforceable' -- these are tantamount to saying, `go ahead, we DARE you to try!' I fear more and more the reply will soon be, `try THIS!' From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Mon, 7 Jun 93 18:38:37 PDT To: cypherpunks@toad.com Subject: ComputerWorld article on Clipper/Capstone Message-ID: <6PXs5B2w165w@sytex.com> MIME-Version: 1.0 Content-Type: text/plain ComputerWorld June 7, 1993 Vol. 27, No. 23 page 21 Fed officials pan ban of old encryption specs by Gary H. Anthes Gaithersburg, MD Federal officials responsible for shaping information security policy said last week that legislation mandating use of the government's recently proposed encryption technology -- and banning the use of older but popular techniques -- is neither wise nor legal. In April, the White House said it intended to establish as a federal standard an approach to encryption called "key-escrow." This method would require that the keys needed to unlock a coded conversation be kept by government-approved agencies and retrieved only for court-ordered wiretaps. Dubbed "Clipper" for voice communications and "Capstone" for data, the approach is intended to balance the conflicting objectives of users -- who demand absolute security and privacy -- and law enforcement agencies, which are looking for a legal "backdoor" into coded criminal communications. Protecting rights to privacy But the idea has been challenged by civil libertarians who fear abuses by a technologically empowered Big Brother, and by some users, especially those such as banks that have made large investments in cryptography based on the older Data Encryption Standard (DES), which some fear could be banned by the government. Protesters so far include the Computer and Business Equipment Manufacturers Association, Information Technology Association of America, Computer Professionals for Social Responsibility, Electronic Frontier Foundation, Business Software Alliance, Software Publishers Association and Information Systems Security Association. Raymond Kammer, acting director of the National Institute of Standards and Technology (NIST), acknowledged that a ban on existing techniques would be considered. "But my personal opinion is, I can't see doing anything that would take away any freedoms we now enjoy," Kammer said. "We tried to come up with a technique that would not require legislation," said Clint Brooks, advisor to the director of the National Security Agency, which developed and now strongly supports the key-escrow approach. Brooks predicted it would be years before criminal use of DES would be wide-spread enough to present obstacles to law enforcement agencies, which cannot crack DES codes. "Let's wait and see if legislation is needed," he said. While the majority of those attending a public hearing at the NIST last week spoke out against the government's proposal, a few strongly defended it saying criticisms are either misdirected or deal with fixable flaws. Donald Alvarez, national defense science and engineering graduate fellow at Princeton University, outlined six ways that Clipper could be breached but finished by saying, "I definitely believe it is possible to address the needs of both [users and law enforcers], even with the Clipper and Capstone chip sets." 8<---------- End of Article ------------- In a small, corner-page, footnote box on the same page -- "Keyed up In a statement filed with the Computer System and Privacy Advisory Board, Citicorp raised the following concerns about Clipper: o The private sector was not adequately consulted. o The algorithm used in Clipper/Capstone is not compatible with other commonly used encryption methods and will only cause costly disruptions for businesses. o The algorithm -- which is to be secret but will be examined by a handful of government-chosen experts -- "will undergo inadequate scrutiny and hurried review." o The databases and access systems associated with Clipper may be flawed and insecure." Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp@sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pozar@kumr.lns.com (Tim Pozar) Date: Mon, 7 Jun 93 21:49:11 PDT To: rarachel@ishara.poly.edu (A1 ray arachelian) Subject: Re: rot-13 on echomac In-Reply-To: <9306080527.AA23908@ishara.poly.edu> Message-ID: MIME-Version: 1.0 Content-Type: text > Thank you for your letter of support, I'm now keeping a folder > of all the ROT-13 related messagess off this echo and when it > dies down, I'll send the whole thing to the moderator of EchoMac. > [...] > His address again: (you needn't mail him unless you want to, > as I'll forward all messages about this to him anyway) > > Steve.Ebener@f42.n152.z1.ieee.org ^^^^^^^^ Uh, try... Steve.Ebener@f42.n152.z1.fidonet.org > My mail adress: rarachel@ishara.poly.edu Tim -- Internet: pozar@kumr.lns.com FidoNet: Tim Pozar @ 1:125/555 Snail: Tim Pozar / KKSF / 77 Maiden Lane / San Francisco CA 94108 / USA POTS: +1 415 788 2022 Radio: KC6GNJ / KAE6247 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Mon, 7 Jun 93 21:18:29 PDT To: fnerd@smds.com (FutureNerd Steve Witham) Subject: Re: ALERT / My email address is... In-Reply-To: <9306080240.AA23825@smds.com> Message-ID: <9306080418.AA07574@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain According to FutureNerd Steve Witham: > > Hi, folks. > > Just in case at any point in the near or far future, > cypherpunks has any extended mail problems, > and anyone wants to get in touch with me > as a person who was on the cypherpunks list, > feel free to send to > fnerd@smds.com > or ...uunet!smds.com!fnerd And I'm mdiehl@triton.unm.edu. I might suggest that we try to create an encrypted cypherpunks list? Comments? > I know there are hacks to find out who the subscribers are, > (or are they plugged?) > but I'd just like to publicly say that it's okay to > take down my address, whoever you are. What's yours? > > I think publishing the raw list might be construed as > impolite and disrespectful of privacy, but a compilation > of willing addressees might be nice. Agreed. > It would be interesting to have list software that worked > the way those exponential-spreading, redundant, church-closing- > because-of-snow phone call networks work (i.e., Usenet with > even more emphasis on decentralization and redundancy). Also, > a virtual archive server on the same model would be cool. We could set up aliases and distribute a common secret key for the list.... > > -fnerd > quote me > "Your quoted." +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fnerd@smds.com (FutureNerd Steve Witham) Date: Mon, 7 Jun 93 19:43:29 PDT To: cypherpunks@toad.com Subject: Re: ALERT / My email address is... Message-ID: <9306080240.AA23825@smds.com> MIME-Version: 1.0 Content-Type: text/plain Hi, folks. Just in case at any point in the near or far future, cypherpunks has any extended mail problems, and anyone wants to get in touch with me as a person who was on the cypherpunks list, feel free to send to fnerd@smds.com or ...uunet!smds.com!fnerd I know there are hacks to find out who the subscribers are, (or are they plugged?) but I'd just like to publicly say that it's okay to take down my address, whoever you are. What's yours? I think publishing the raw list might be construed as impolite and disrespectful of privacy, but a compilation of willing addressees might be nice. It would be interesting to see how close we could reconstruct the list by skimming private archives and communicating with acquaintances. It would be interesting to have list software that worked the way those exponential-spreading, redundant, church-closing- because-of-snow phone call networks work (i.e., Usenet with even more emphasis on decentralization and redundancy). Also, a virtual archive server on the same model would be cool. -fnerd quote me From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: binski@u.washington.edu Date: Mon, 7 Jun 93 23:27:45 PDT To: cypherpunks@toad.com Subject: AT&T Encrypting Phone Ad in WS Journal Message-ID: MIME-Version: 1.0 Content-Type: text/plain FYI The Wall Street Journal, 7 June 93, page B7, has an AT&T ad for an encrypting communications box called "Surity Telephone Device". It plugs between a regular phone and the phone jack. Anybody know what's inside? Is this new? Also, page B6 has a so-so article on digital signatures. bf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: whitaker@eternity.demon.co.uk (Russell Earl Whitaker) Date: Tue, 8 Jun 93 03:25:04 PDT To: cypherpunks@toad.com Subject: Forwarded article. Message-ID: <6471@eternity.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain This article was forwarded to you by whitaker@eternity.demon.co.uk (Russell Earl Whitaker): --------------------------------- cut here ----------------------------- Newsgroups: uk.events Path: eternity.demon.co.uk!demon!zaphod.axion.bt.co.uk!uknet!nessie! comms.ee.man!colin From: colin@comms.ee.man.ac.uk (Colin Boyd) Subject: Cryptography Course 7th-8th July Message-ID: <1993Jun7.103708.6901@nessie.mcc.ac.uk> Sender: news@nessie.mcc.ac.uk (Usenet News System) Organization: Comms Research Group, EE Dept, Manchester University, UK. Distribution: uk Date: Mon, 7 Jun 1993 10:37:08 GMT Lines: 45 *Cryptography : Theory and Practice* A Two Day Course at the University of Manchester 7th-8th July 1993 Electronic communications are being used more and more in all areas of business practice. The convenience and efficiency of using new technology brings with it new security risks to the confidentiality and integrity of important commercial data. Many of these threats can only be practically countered by the use of cryptography. This short course will give a basic grounding in the capabilities, and also the limitations, of modern cryptography. The course is intended for engineers and managers who require familiarity with modern cryptographic theory and practice. Lectures cover background theory, current algorithms, and their application in the provision of security services. Supporting practical sessions provide "hands-on" experience using software implementations of modern cryptographic algorithms. Syllabus Topics: Cryptographic Basics Cryptographic Theory Symmetric Ciphers Authentication Public Key Cryptography Digital Signatures Cryptographic Protocols The cost of the course is 225 pounds per person. This fee includes full course documentation and tea/coffee and lunch each day. Overnight accommodation, at extra cost, can be arranged on request. Please reply by email for further details and a booking form or write to: Dr Colin Boyd Communications Research Group, Electrical Engineering Labs., University of Manchester, Manchester M13 9PL -- Colin Boyd (colin@comms.ee.man.ac.uk) Tel: +44 61 275 4562 (Direct line) Fax: +44 61 275 4512 --------------------------------- cut here ----------------------------- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peter honeyman Date: Mon, 7 Jun 93 21:16:19 PDT To: fnerd@smds.com (FutureNerd Steve Witham) Subject: Re: ALERT / My email address is... In-Reply-To: <9306080240.AA23825@smds.com> Message-ID: <9306080416.AA29026@toad.com> MIME-Version: 1.0 Content-Type: text/plain > I know there are hacks to find out who the subscribers are, > (or are they plugged?) i just checked. they are not. peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: A1 ray arachelian (library) Date: Mon, 7 Jun 93 21:31:59 PDT To: cypherpunks@toad.com Subject: Re: rot-13 on echomac Message-ID: <9306080527.AA23908@ishara.poly.edu> MIME-Version: 1.0 Content-Type: text/plain Forwarded message: From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mail Delivery Subsystem Date: Tue, 8 Jun 93 01:13:11 EDT To: rarachel Subject: Returned mail: Host unknown Message-ID: <9306080513.AA23807@ishara.poly.edu> MIME-Version: 1.0 Content-Type: text/plain ----- Transcript of session follows ----- 550 jsday@THUNDER... Host unknown: Can't assign requested address ----- Unsent message follows ----- Received: by ishara.poly.edu (5.59a/25-eef) id AA23805; Tue, 8 Jun 93 01:13:11 EDT From: A1 ray arachelian (library) Full-Name: A1 ray arachelian (library) Message-Id: <9306080513.AA23805@ishara.poly.edu> Subject: Re: ROT-13 on fido To: jsday@THUNDER Date: Tue, 8 Jun 93 1:13:10 EDT In-Reply-To: <9306070029.AA09898@thunder.LakeheadU.Ca>; from "Jer!" at Jun 6, 93 8:29 pm Thank you for your letter of support, I'm now keeping a folder of all the ROT-13 related messagess off this echo and when it dies down, I'll send the whole thing to the moderator of EchoMac. Don't worry about the reformatting of your letter, I'll take care of it before sending the message. (And yes, I will forward >ALL< letters about the rot-13 issue to him, even those who disagree with me. :-) I do believe in freedom of speech, even when it doesn't match my point of view.) His address again: (you needn't mail him unless you want to, as I'll forward all messages about this to him anyway) Steve.Ebener@f42.n152.z1.ieee.org My mail adress: rarachel@ishara.poly.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: locklin@titan.ucs.umass.edu (Lupo the Butcher) Date: Mon, 7 Jun 93 23:01:59 PDT To: cypherpunks@toad.com Subject: subscribe Message-ID: <9306080601.AA20790@titan.ucs.umass.edu> MIME-Version: 1.0 Content-Type: text/plain let me check it out for now... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Tue, 8 Jun 93 03:34:30 PDT To: cypherpunks@toad.com Subject: Getting on CERT's "Most Dangerous" List In-Reply-To: <9306081023.AA04054@metal.psu.edu> Message-ID: <9306081033.AA14809@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Clark Reynard writes about CERT: > I will assume, as you did not say otherwise, that you do not know > the name of the CERT person who reported you, for whatever > ridiculous reason. This is standard practice for CERT; it's > customary for them to hide behind a shield of anonymity > for the purpose of attacking people. > > My life was severely disturbed three years ago due to similar > anonymous tips from CERT, and I have yet to discover the identity > of the CERT person who tipped off the authorities to me. CERT > is yet another agency which is freed of Constitutional restraints > for a vague and undefined 'public good.' My life wasn't affected in a serious way by CERT, so far as I know, but I do have a funny story to tell. At a Bay Area party for hacker types in December, 1988, I was talking to a guy with longstanding computer security connections. He looked at me strangely and said something like "Well, Tim, your name just came up in Washington on a list of the most dangerous hackers in the country." I laughed it off and asked him why--after all, I'm not considered to much of a programmer by anyone _I_ know. He wouldn't elaborate, just looked at me strangely. (It was a funny story because I could other people at parties that I was on a "Most Wanted" kind of list, and yet I knew they couldn't actually pin anything on me as I literally hadn't done anything except draw some obvious conclusions about the implications of modern crypto techniques, such as Chaum's anonymous systems, and had written and talked about it.) This fellow had been in at the founding of CERT, and was at the first D.C. meeting in early December (shortly after the Morris worm). As he'd also been at hackers gatherings where I had talked about digital cash and "crypto anarchy" (my "Manifesto" was written earlier in 1988 and passed out to a few people), I had some suspicions that it was *he* who had volunteered my name for this list they were compiling. An obvious overstatement of my danger, and I never heard anything more about it. But I've always thought about this, and the other lists of subversives they must be generating. No, I won't give his name, as I can't prove anything and to speculate would be "narcish" McCarthyism. Just keep in mind that even hackers may have their own agendas and their own consulting arrangements with crypto and security groups, both private and government-run. -Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Clark Reynard Date: Tue, 8 Jun 93 02:46:26 PDT To: cypherpunks@toad.com Subject: CERT Message-ID: <9306081023.AA04054@metal.psu.edu> MIME-Version: 1.0 Content-Type: text/plain I was disgusted and horrified to read that PGP had been removed from soda, and gratified to find that it had been returned. However, your experiences with CERT are not unique. As could be expected of any agency directly funded by Air Force Intelligence, CERT is a genuinely ugly organization which needs to be stamped out. Frankly, it's a menace to society. Examine their acronym. Computer Emergency Response Team. What a fucking joke! Excepting the Morris Worm, can you name a SINGLE Computer Emergency which CERT has halted? It is simply an organization to keep the crypto-fascists wired into the net. I will assume, as you did not say otherwise, that you do not know the name of the CERT person who reported you, for whatever ridiculous reason. This is standard practice for CERT; it's customary for them to hide behind a shield of anonymity for the purpose of attacking people. My life was severely disturbed three years ago due to similar anonymous tips from CERT, and I have yet to discover the identity of the CERT person who tipped off the authorities to me. CERT is yet another agency which is freed of Constitutional restraints for a vague and undefined 'public good.' If distributing PGP, legal in the entire Free World except for the US, is a "Computer Emergency," then I'm a fucking Republican. Combat this so-called Computer Emergency Response Team wherever you see the tendrils of its evil influence. ---- Robert W. F. Clark "Be sand, not oil, in the machinery rclark@nyx.cs.du.edu of the world." Gunter Eich clark@metal.psu.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 8 Jun 93 08:18:49 PDT To: cypherpunks@toad.com Subject: a great revelation from the bowels of NSA In-Reply-To: <9306080222.AA03981@longs.lance.colostate.edu> Message-ID: <9306081515.AA05070@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >>"We tried to come up with a technique that would not require >>legislation," said Clint Brooks, advisor to the director of the >>National Security Agency, >Another ominous, foreboding quote. I think this neither ominous nor foreboding. This statement was apparent within a week or so of the original announcement. The only thing new about it is that it confirms what I've thought for over a month: that the executive branch is trying to do an end run around the legislature. I was quite happy to see this, since now we can argue from this position not on the basis of surmise, but of quotation. This single quotation will be enormously useful in getting the legislature to take specific and bill-oriented action about the wiretap chips. In the checks and balance system, the legislature makes laws; the executive makes them happen. The executive is not supposed to go charging off and making de facto legislation. I would recommend that this quotation be spread far and wide. Put it in .signature blocks. Call for a return of the checks and balances system of government. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 8 Jun 93 08:27:34 PDT To: cypherpunks@toad.com Subject: CryptoStacker In-Reply-To: <93Jun7.005219pdt.13914@well.sf.ca.us> Message-ID: <9306081523.AA05311@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain I've made available the following files on the archive site: cphant.zip driver.zip fdcbio.zip rdcf.zip in the directory pub/cypherpunks/applications/crypto.msdos.disk. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 8 Jun 93 08:36:25 PDT To: cypherpunks@toad.com Subject: ADMIN: upload ettiquette to the cypherpunks ftp site Message-ID: <9306081532.AA05641@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain There are a few matters of upload ettiquette for the ftp site. 1. Upload stuff for cypherpunks to pub/cypherpunks/incoming/ and not to the general pub/incoming/ directory. I'll be able to more adequately handle files there. (I can't erase in the other directory.) 2. Whenever you upload something, also upload a short description of what it is you are uploading. I've got a few mystery files there that are on the low priority end of things, since I don't know what they are and I've got plenty of other stuff to do with the archive. 3. Send me mail telling me what you've put up. I don't have any automated software to look at the incoming directory, and so I may not notice. My address is below. 4. Don't bother uploading programs that don't have source code. The mission of the archive site is education. Software distribution is not a purpose, and software without source does not satisfy the educational criterion. Thanks. Eric Hughes cypherpunks ftp site maintainer hughes@soda.berkeley.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: eichin@cygnus.com (Mark Eichin) Date: Tue, 8 Jun 93 08:47:19 PDT To: tcmay@netcom.com Subject: re: Getting on CERT's "Most Dangerous" List In-Reply-To: <9306081033.AA14809@netcom3.netcom.com> Message-ID: <9306081547.AA16611@cygnus.com> MIME-Version: 1.0 Content-Type: text/plain Umm, I thought CERT was a purely commercial organization, rather than a government one... did I miss something? _Mark_ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Pat Farrell" Date: Tue, 8 Jun 93 05:55:16 PDT To: Pat_Farrell@mail.amsinc.com Subject: Tuesday's Washington Post Message-ID: <32150.pfarrell@cs.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain In Tuesday June 8 Final edition of the Washington Post, Page A12 US Data Decoding Plan Delayed Business and Legal Objections Reviewed by John Schwartz The Federal initiative to establish a new standard for scrambling electronic communications will be slowed until its ramifications can be more fully studied, the official in charge of implementing the program said yesterday. The government's proposed "Clipper Chip" plan, announced on April 16, would create a new national standard for data encryption that would make possible the deccoding and wiretaps by law enforcement and national security agencies. The plan has met with criticism from high-technology industries that argue that the new requirements ould be expensive and hurt the competiveness of their products. Civil liberties advocates see it as a threat to privacy. Raymond Kammer, acting director of the National Institite of Standards and Technology (NIST) - which developed the Clipper proposal with the National Security Agency and is charged with implementing it within the government- delivered the news to a Washington conference attended largly by critics of the Clipper plan. In an interview afterward, Kammer said that the entiore Clipper plan was still being discussed, and if the review revialed unresolvable problems, "maybe we won't continue in the direction we started out." Criticism was sharp at the cryptography and privacy conference sponsored by the Washington office of the Computer Professionals for Social Responsibility, a public interest group concerned with high-tech issues. One panelist compared Kammer's appearance at the conference to "having a target painted on your chest." Kammer said: "We're not going to close off the process while there's still productive conversation. And its' obvious from the meeting today that ther's still plenty of productive conversation." Pressure has been building on NIST since the WShite House announcement in April. Critics of the plan have flooded the administration with lengthly lists of questions about the new plan, voicing concerns that the proposal might make American products more expensicve, less secure, and less competitive overseas while not hindering criminals. Last Friday, NIST's advirosy panel on privacy issues concluded two days of heated hearings concerning the Clipper proposal with a resolution expressing "serious concerns" sparked by the administrations's proposal. "Things are going too fast." said William Ware, chairman of the Computer System Security and Privacy Advisory Board, a body created under the Computer Security Act of 1987. The NIST panel reported that the government had not conviningly explained the nature of law enforcement problems that would be solved by the Clipper plan, and cited damage the proposal was likely to do to the American software industry. Later that day, White House officials overseeing the Clipper plan met with representatives of industry and civil liberties groups, including the high-tech policy group Electronic Frontier Foundation as well as the American Civil Liberties Union. Administration officials said that the Clipper review would be extended into the fall and that the government would not move beyond its initial plans to buy about 10,000 Clipper-equiped telephones until the review was completed. John Podesta, assistance to the President, said that meeting was part of a continuing dialog with the private sector. "It's time to start ot get answers insteead of the endless quest for questions, Podesta said." ================== Any typos were added in transcription. Pat Farrell Grad Student pfarrell@cs.gmu.edu Department of Computer Science George Mason University, Fairfax, VA Public key availble via finger #include From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peter honeyman Date: Tue, 8 Jun 93 06:13:17 PDT To: cypherpunks@toad.com Subject: Re: CERT In-Reply-To: <9306081023.AA04054@metal.psu.edu> Message-ID: <9306081313.AA12942@toad.com> MIME-Version: 1.0 Content-Type: text/plain > Excepting > the Morris Worm, can you name a SINGLE Computer Emergency which > CERT has halted? cert was organized in reaction to the morris worm, and was not involved in its prophylaxis. i am disappointed to hear these stories about cert, but encourage others with tales to tell to step forward. this is a real eye-opener. peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 8 Jun 93 09:24:11 PDT To: cypherpunks@toad.com Subject: CERT: the letter from CERT to berkeley.edu admin Message-ID: <9306081620.AA07331@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Here, in its almost full glory, is the letter that CERT sent to the admin at berkeley. I've removed the addressee, since there's no need to involve that person. I have not, however, removed the name of the sender. Don't you just love that phrase "illegal trading of commercial software"? Eric ----------------------------------------------------------------------------- To: @ucbvax.Berkeley.EDU Subject: Possible abuse of anonymous FTP area on berkeley.edu host(s) Organization: CERT Coordination Center From: cert@cert.org Date: Wed, 02 Jun 93 16:56:55 -0400 Hello , I am a member of the CERT Coordination Center. CERT provides technical assistance in response to computer security incidents. Would you please forward this report to the appropriate system administrator(s)? We have been passed information that indicates that the anonymous FTP archive on the following host(s) may be in use by intruders for illegal trading of commercial software: >>>>>>> soda.berkeley.edu /pub/cypherpunks We have not confirmed this information, nor have we identified that the anonymous FTP configuration on the above-listed host(s) is open for abuse. While anonymous FTP areas can be put to good use, the intruder community makes use of them to illegally trade commercial software and other information. Intruders often create "hidden" files or directories in order to conceal their activity. On UNIX hosts, directory and file names of a form such as "..." (dot dot dot), ".. " (dot dot space space), or "..^G" (dot dot control-G) may be used. In some cases, intruders have abused anonymous FTP areas to such an extent that file storage has been exhausted and a system crash or denial of service has resulted. We would encourage you to check your anonymous FTP archive for any such "hidden" files or directories by using the "ls -laR" command. We would appreciate feedback on the name of any software packages found at your site and the number of accesses to that software, if that information is available from your logs. Please e-mail a summary of this information to "cert@cert.org" before deleting any such files and directories from your archive. For your information, I have appended some suggestions for anonymous FTP configuration. Thanks for checking into this incident, and please don't hesitate to contact us if we can be of any assistance. Katherine T. Fithen Technical Coordinator CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213-3890 Internet e-mail: cert@cert.org (monitored during business hours) Telephone: 412-268-7090 (answers 24 hours a day) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 8 Jun 93 09:33:10 PDT To: honey@citi.umich.edu Subject: Getting on CERT's "Most Dangerous" List In-Reply-To: <9306081606.AA18740@toad.com> Message-ID: <9306081629.AA07616@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >i thought cert was part of sei (software engineering institute), >a pentagon entity run by carnegie-mellon. I would propose that we get the FBI to fund CERT's law enforcement mission, rather that the DoD. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pozar@kumr.lns.com (Tim Pozar) Date: Tue, 8 Jun 93 09:36:16 PDT To: composer@Beyond.Dreams.ORG (Jeff Kellem) Subject: Re: rot-13 on echomac In-Reply-To: <9306081603.AA05678@Beyond.Dreams.ORG> Message-ID: MIME-Version: 1.0 Content-Type: text Jeff Kellem wrote: > On the cypherpunks mailing list, Tim Pozar wrote.... > > Ray Arachelian wrote... > > > Steve.Ebener@f42.n152.z1.ieee.org > > ^^^^^^^^ > > Uh, try... > > > > Steve.Ebener@f42.n152.z1.fidonet.org > > Not knowing this person, I could be wrong. But, the first address should > work. There are a bunch of fidonet addresses behind ieee.org. Actually, > both of those addresses also go through the same mail forwarding site. > [ I assume you were correcting it because it looked like similar to a > fidonet style address? ] I mention this 'cause I am the Technical Contact for fidonet.org. The fidonet.org domain is served out of ieee.org, and with some of the gating that Burt is doing, the fidonet.org domain is not being appended to the fidonet address and ieeee.org is. The ieee.org domain is not something I would guarentee as working all the time or permenate. You would have less potenial problems if you used fidonet.org. Tim Pozar -- Internet: pozar@kumr.lns.com FidoNet: Tim Pozar @ 1:125/555 Snail: Tim Pozar / KKSF / 77 Maiden Lane / San Francisco CA 94108 / USA POTS: +1 415 788 2022 Radio: KC6GNJ / KAE6247 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 8 Jun 93 10:09:17 PDT To: cypherpunks@toad.com Subject: CERT: the letter from CERT to berkeley.edu admin In-Reply-To: <9306081650.AA08632@soda.berkeley.edu> Message-ID: <9306081704.AA09252@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >Any public spooling directory is fair game for their antics. [...] >My guess is that your CERT problems have NOTHING to do with >PGP distribution. There is only one directory on the cypherpunks site that is writable, and that is the incoming directory and it's not readable. I still don't know what the real accusation is. CERT is straight out of a Kafka novel in this regard. Maybe it's PGP, maybe it isn't, but they don't seem to be offering that information. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Tue, 8 Jun 93 10:38:37 PDT To: hughes@soda.berkeley.edu Subject: Re: CERT: the letter from CERT to berkeley.edu admin Message-ID: <9306081738.AA02682@servo> MIME-Version: 1.0 Content-Type: text/plain This seems to imply pretty strongly that the issue is not PGP, it's the possible abuse of the cypherpunks upload area if it is world writeable. Having CERT go specifically after the distribution of PGP would be pretty amusing considering the several PGP keys I have on my keyring from CERT people. Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Al Billings Date: Tue, 8 Jun 93 10:57:08 PDT To: Eric Hughes Subject: Re: CERT: the letter from CERT to berkeley.edu admin In-Reply-To: <9306081620.AA07331@soda.berkeley.edu> Message-ID: MIME-Version: 1.0 Content-Type: text/plain "Intruder Community?" Interesting jargon these CERT people have? What kind of power do they possess or do they expect admins to go to the trouble of sending them logs of their FTP sites out of the goodness of their hearts? Wassail, Al From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Kent Hastings" Date: Tue, 8 Jun 93 11:00:48 PDT To: cypherpunks@toad.com Subject: Mail Gateway Message-ID: <199306081759.AA06261@aerospace.aero.org> MIME-Version: 1.0 Content-Type: text/plain Mail Gateway Is there a secure (and/or cheap) STMP or UUCP e-mail gateway program to rival Microsoft Mail 3.0 with Gateways. I hear MM3 with a gateway runs $4,000. Be nice if it notified recipients when new mail arrives. Kent - kent_hastings@qmail2.aero.org From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Tue, 8 Jun 93 16:45:22 PDT To: cypherpunks@toad.com Subject: McCarthy lives! Message-ID: MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- On Tue, 8 Jun 93 3:33:26 PDT, Timothy C. May wrote - > At a Bay Area party for hacker types in December, 1988, I was > talking to a guy with longstanding computer security > connections. He looked at me strangely and said something like > "Well, Tim, your name just came up in Washington on a list of > the most dangerous hackers in the country." I laughed it off > and asked him why--after all, I'm not considered to much of a > programmer by anyone _I_ know. He wouldn't elaborate, just > looked at me strangely. Funny you should mention that scenario. I've been hearing (through the proverbial grapevine, of course) that such a McCarthy-ist list does indeed exist. Of course, it _is_ rumour and should be discounted as such. Right? ;-) -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLBSeY5RLcZSdHMBNAQFTSAQAkULlzwMom5kgQxjNGK0atpYXV6FNT7w5 whuvrHkzHU/5dE1v+JAa0ESkmw6RibaMRv7fvMbDeR5nTU0tb3e6Q1jT+TNTcG/D rqf3dCDvbQNGfHLTV/oNKpRob/ivnp6kkvOEXvHFEX+NgrqpAu9N3dGgKcv/9TvH nsE3RTkOhvE= =s44R -----END PGP SIGNATURE----- Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp@sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: TJO Date: Tue, 8 Jun 93 11:30:42 PDT To: julf@penet.FI (Johan Helsingius) Subject: Re: CERT In-Reply-To: <9306081800.aa08835@penet.penet.FI> Message-ID: <9306081830.AA26885@stein.u.washington.edu> MIME-Version: 1.0 Content-Type: text/plain > > i am disappointed to hear these stories about cert, but encourage others > > with tales to tell to step forward. this is a real eye-opener. > > I just had to deal with a minor crisis caused by CERT. They contacted the > domain-admin for the *.fi domain, saying they had been informed that the > anonymous ftp archive at anon.penet.fi was being used to distribute > illegal copies of software. They did *not* contact me directly, nor my > service provider. How is it that Cert (which to my knowledge is an organization run by Carnegie-Mellon in Pittsburg,PA (USA)) should come to have any influence on a domain in finland? They are not to my knowledge a gov't organization although they may be funded by some.. hmm. Doesn't their name stand for computer EMERGENCY response taskforce or something like that? They should have no business bothering you unless you requested some kind of assistance from them, IMHO. The same goes for the berkeley site... I'd definitely be interested in hearing who they think they are working for and under whose authority they are becoming netpolice. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: smb@research.att.com Date: Tue, 8 Jun 93 08:45:21 PDT To: Eric Hughes Subject: Re: a great revelation from the bowels of NSA Message-ID: <9306081545.AA18250@toad.com> MIME-Version: 1.0 Content-Type: text/plain >>"We tried to come up with a technique that would not require >>legislation," said Clint Brooks, advisor to the director of the >>National Security Agency, >Another ominous, foreboding quote. I think this neither ominous nor foreboding. This statement was apparent within a week or so of the original announcement. The only thing new about it is that it confirms what I've thought for over a month: that the executive branch is trying to do an end run around the legislature. Well, it could be innocent; it just takes longer to get legislation passed. Yeah, that's it... Of course, NSA does have another option -- they can disclose how cheaply they can crack DES. (That they can crack it I don't doubt; my only question is what it costs them per solution, including amortization of capital costs.) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: composer@Beyond.Dreams.ORG (Jeff Kellem) Date: Tue, 8 Jun 93 09:03:35 PDT To: pozar@kumr.lns.com (Tim Pozar) Subject: Re: rot-13 on echomac In-Reply-To: Message-ID: <9306081603.AA05678@Beyond.Dreams.ORG> MIME-Version: 1.0 Content-Type: text/plain On the cypherpunks mailing list, Tim Pozar wrote.... > Ray Arachelian wrote... > > Steve.Ebener@f42.n152.z1.ieee.org > ^^^^^^^^ > Uh, try... > > Steve.Ebener@f42.n152.z1.fidonet.org Not knowing this person, I could be wrong. But, the first address should work. There are a bunch of fidonet addresses behind ieee.org. Actually, both of those addresses also go through the same mail forwarding site. [ I assume you were correcting it because it looked like similar to a fidonet style address? ] FYI... -jeff Jeff Kellem Internet: composer@Beyond.Dreams.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Honeyman Date: Tue, 8 Jun 93 09:06:25 PDT To: eichin@cygnus.com Subject: re: Getting on CERT's "Most Dangerous" List Message-ID: <9306081606.AA18740@toad.com> MIME-Version: 1.0 Content-Type: text/plain i thought cert was part of sei (software engineering institute), a pentagon entity run by carnegie-mellon. peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 8 Jun 93 12:30:12 PDT To: smb@research.att.com Subject: CERT: the letter from CERT to berkeley.edu admin In-Reply-To: <9306081814.AA22615@toad.com> Message-ID: <9306081926.AA17119@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >Based on what you sent out, I confess that I see nothing wrong with >CERT's note. The issues that Steve raises are 1. use of ftp sites counter to the knowledge or desires of their owners a. for one time transmission b. for illicit archive 2. distribution of software contrary to the author's desires 3. abuse leading to shutdown of archives I do not wish to quarrel with these issues. The question is not one of the ethicality of these actions, but of the relationship that CERT should have to such actions. CERT's mission is computer security, not copyright enforcement. What the letter offers is hearsay that illegal activity is taking place on a particular machine in a particular place. Such a letter might properly be construed as slander, since there was no effort made to verify the accuracy of this information and the letter even says this itself! What CERT might properly do is first, verify that an ftp site is running. Julf's case where the ftp daemon was not even enabled is a particularly egregious case in point. Next they should verify that the permissions on the directories in question are set so that world read/write access is available. They could also do a tree search of the directories and look for suspiciously named directories. All these actions can be automated; there is little excuse for making not even the most cursory check. In any case, CERT's response should be limited to issues of computer security and not law enforcement. They might properly notify an archive owner that illegal activity has been known to take place on archives configured in such a way, but to spread hearsay is irresponsible. Unfounded allegations of illegal activiy are socially dangerous, especially when promulgated by a respected institution. In the fifties in the US in a similar context this was called "red-baiting". Now if CERT receives reports about the improper distribution of software and the archive site is properly set up, one might reasonably assume collusion on behalf of the maintainers of the archive. In this case direct investigation should take place by properly authorized law enforcement authorities. CERT is not so authorized to my knowledge, and as it is funded with military money it would be a bad policy to give it a law enforcement function. The FBI is responsible for copyright enforcement in this country, and they are the proper ones to do an investigation. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Kent Hastings" Date: Tue, 8 Jun 93 12:44:57 PDT To: cypherpunks@toad.com Subject: Eudora Mail Gateway Message-ID: <199306081943.AA09446@aerospace.aero.org> MIME-Version: 1.0 Content-Type: text/plain Eudora Mail Gateway#000# Thanks to FutureNerd for the Mail Gateway suggestion (via private e-mail). It is just the thing for which my associate was looking. (Never use a preposition to end a sentence with.) More questions will be asked of FutureNerd re Eudora privately as we try to get it running, but until then, here is a public thanks for your help. Kent - kent_hastings@qmail2.aero.org. #000# From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Tue, 8 Jun 93 10:05:32 PDT To: Eric Hughes Subject: Re: CERT: the letter from CERT to berkeley.edu admin In-Reply-To: <9306081620.AA07331@soda.berkeley.edu> Message-ID: <9306081705.AA13681@dun-dun-noodles.aktis.com> MIME-Version: 1.0 Content-Type: text/plain This thread is the first set of negative comments I've ever heard about CERT. >>> From: Clark Reynard >> Excepting the Morris Worm, can you name a SINGLE Computer Emergency >> which CERT has halted? It is simply an organization to keep the >> crypto-fascists wired into the net. My experience with them in the past has been as a clearinghouse for users to report security-related bugs to vendors, and for vendors to provide fixed back to users. They've done an admirable job at this; the major complaint is that they are too slow. They also help distribute tools like COPS to validate unix workstation security. They are a proactive organization, not a reactive organization, so it's meaningless to ask what "Computer Emergencies" CERT has "halted". I think that calling them "crypto-fascists" is at best an unsupported smear, and at worst slanderous. >>> From: peter honeyman >> i am disappointed to hear these stories about cert, but encourage others >> with tales to tell to step forward. this is a real eye-opener. I agree with Peter. If CERT is beginning to overstep its bounds perhaps someone should make a calm, rational complaint. >> > From: eichin@cygnus.com (Mark Eichin) >> Umm, I thought CERT was a purely commercial organization, rather than >> a government one... did I miss something? from the cert_faq, available as cert.org:/pub/cert_faq: CERT is sponsored by the Advanced Research Projects Agency (ARPA). The Software Engineering Institute is sponsored by the U.S. Department of Defense. Well, it's not a Government agency, but it's money certainly seems to come from there. Anyway, what I see here is an organization, founded for good reasons, which is getting a little out of hand. Rather than going ballistic, slandering CERT, and claiming they've never done anything of value, I think we should approach this as an internal problem at CERT. Currently, there is a big problem on the Internet with randoms using anonymous dropoff points to trade commercial software illegally. CERT accepts reports of these problems. In many cases, I imagine, they are accurate, and the host admins are glad to have the CERT tell them about it. What we have here, I think, is a few malicious individuals or groups, who are using the CERT as a weapon against hapless ftp and mail sites. This problem could be easily alleviated by CERT checking up on such reports before passing them on to host or domain admins. I think Julf's example is a good one. A site not running ftp is not trading in illegal software via ftp. Period. Idea for Eric: Send a letter to the RISKS Digest and , documenting the RISKS of a "computer security" organization becoming overzealous, and not researching problems which have been reported before sending reports to host and/or domain administrators. Include the letter you forwarded to us, and mention Julf's problem. Perhaps others will even mention similar problems. I think this will have the desired effect. Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jet@nas.nasa.gov (J. Eric Townsend) Date: Tue, 8 Jun 93 13:31:33 PDT To: cypherpunks@toad.com Subject: Re: CERT In-Reply-To: <9306081830.AA26885@stein.u.washington.edu> Message-ID: <9306082031.AA12159@boxer.nas.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain >computer EMERGENCY response taskforce or something like that? They should have >no business bothering you unless you requested some kind of assistance from >them, IMHO. I personally like being contacted by an organization trying to tell me that someone might be misusing my computing resources. [in no way speaking for NASA] -- J. Eric Townsend jet@nas.nasa.gov 415.604.4311 CM-5 Administrator, Parallel Systems Support | personal email goes to: NASA Ames Numerical Aerodynamic Simulation | jet@well.sf.ca.us PGP2.1 public key available upon request or finger jet@simeon.nas.nasa.gov From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Shipley Date: Tue, 8 Jun 93 14:11:19 PDT To: Eric Hughes Subject: Re: CERT: the letter from CERT to berkeley.edu admin In-Reply-To: <9306082034.AA26060@toad.com> Message-ID: <9306082110.AA07415@edev0.TFS> MIME-Version: 1.0 Content-Type: text/plain Eric why dont you move the cypherpunk anonymous ftp site to your own system on the internet and be free of UCB's influence. -Pete From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: smb@research.att.com Date: Tue, 8 Jun 93 11:14:44 PDT To: Eric Hughes Subject: Re: CERT: the letter from CERT to berkeley.edu admin Message-ID: <9306081814.AA22615@toad.com> MIME-Version: 1.0 Content-Type: text/plain Here, in its almost full glory, is the letter that CERT sent to the admin at berkeley. I've removed the addressee, since there's no need to involve that person. I have not, however, removed the name of the sender. Don't you just love that phrase "illegal trading of commercial software"? Based on what you sent out, I confess that I see nothing wrong with CERT's note. They're right -- anonymous ftp is abused that way. I've seen it happen on a fair number of sites -- folks upload packages for others to snarf. The pattern of some of the transactions I've seen suggests that folks are chatting anonymously via IRC or some such, and are using third-party machines as anonymous relay points. Other transaction patterns suggest the creation of sub rosa archives by folks who have no legitimate right to use the machine. Files distributed that way (and I'm speaking here of what I've seen personally, not just rumors from CERT or the net) include copyrighted PC software packages. Now -- there's a lot of room for disagreement about whether or not it's proper to charge for software, or whether or not algorithm patents are or should be valid. But I suspect that most people on the list would agree that if someone has written something that they don't want distributed that way -- as evidenced, for example, by a copyright notice -- their wishes should be respected. That's common courtesy, if nothing else. Similarly, if you want to distribute files, use your own machine. Don't abuse someone else's, when you know perfectly well that that's not a proper use of anonymous ftp. Again -- neither CERT nor I am talking about things like RSA software. That's a can of worms I'm not going to open in this forum. And they're probably not even talking about files that legitimate users are making available. They're talking about abuse of other folks' machines, almost always with neither the knowledge nor the consent of the system owner. And the outcome is predictable; I've seen a number of cases where anonymous ftp has been shut down, to the detriment of the entire community. --Steve Bellovin From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@cicada.berkeley.edu Date: Tue, 8 Jun 93 14:47:32 PDT To: cypherpunks@toad.com Subject: Re: CERT: the letter from CERT to berkeley.edu admin Message-ID: <9306082147.AA11091@cicada.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- This "coincidence" brings a name to mind. Rhymes with "turn right." Starts with S. What could I be thinking? DEADBEAT -----BEGIN PGP SIGNATURE----- Version: 2.2 iQBFAgUBLBUF/fFZTpBW/B35AQEFfQGArv/awBslh2T7ybcjtiiiT9Ew3wxPz3Vv od0hAFCl5L0VFOA1MczZozJWf4xH0nFM =LNm6 -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Kent Hastings" Date: Tue, 8 Jun 93 16:00:37 PDT To: cypherpunks@toad.com Subject: New PGP Version? Message-ID: <199306082259.AA14066@aerospace.aero.org> MIME-Version: 1.0 Content-Type: text/plain New PGP Version? Here goes with ANOTHER stupid newbie question: What's the latest PGP version? I have DOS and Mac copies of version 2.2. Is there an e-mail accessible group like this for PGP or crypto in general? I see references to sci.crypt on occasion. Is that easy to get, or do I have to do fancy-smancy things with archie, ftp, usenet, and other Greek words? (I have docs for archie, and will soon have UUCP decode software, but I haven't figured out all this complicated, user-hostile stuff quite yet). I DO know IBM MVS/JES2 JCL, and because there is nothing more difficult to use, I am confident that this Internet jive will seem trivial someday. Kent - kent_hastings@qmail2.aero.org#000# From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peter honeyman Date: Tue, 8 Jun 93 12:52:01 PDT To: smb@research.att.com Subject: Re: CERT: the letter from CERT to berkeley.edu admin In-Reply-To: <9306081814.AA22615@toad.com> Message-ID: <9306081951.AA25120@toad.com> MIME-Version: 1.0 Content-Type: text/plain steve, like eric, i feel that cert is overstepping their charter by engaging in law enforcement activities. what's your feeling on the matter? don't you agree that this could jeopardize their ability to do the work they are chartered to do? peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: TJO Date: Tue, 8 Jun 93 16:00:28 PDT To: cypherpunks@toad.com Subject: Re: CERT In-Reply-To: <9306082031.AA12159@boxer.nas.nasa.gov> Message-ID: <9306082300.AA18418@stein.u.washington.edu> MIME-Version: 1.0 Content-Type: text/plain J.E.T. writes: i > >computer EMERGENCY response taskforce or something like that? They should have > >no business bothering you unless you requested some kind of assistance from > >them, IMHO. > > I personally like being contacted by an organization trying to tell me > that someone might be misusing my computing resources. Certainly that may be so.. but in this case they didn't merely tell 'you' with a simple note, instead they did atleast 2 things which really are bothersome and overstepping common 'courtesy' of merely informing 'you': 1) Instead of going directly to the owner of the directory in question or the administator of the host they jumped over 'your' head and went to the domain administrator. I can see going to a site administrator if they had reason to believe the owner of the directory was doing something illegal.. but then again they have no authority to make/enforce/etc any kind of laws. They were just plain out of line. Consider this example (and I'll give them the benefit of doubt here that someone really did complain to them and they aren't on some witchhunt of their own): I am Cert and Mr Von Karman has emailed me to say that a /jet/Enigma-cypher-code directory appears to have illegal software of some kind.. so I send up my email.. not to you.. but to Goldin, the new NASA head that I believe this directory owned by you has illegal software on it. Well that is a good way to put some bad marks on your record even if you do prove it untrue to your boss.. maybe you had just removed the evidence before he checks out your acct.. either way he shuts down your net access for a while..'just to be sure', and look out next time you want a promotion.. can't be to safe.. you might be a security risk! 2) They didn't check the system out before hand and blatantly said as much.. what kind of service to you is that? my friend met a guy who knows bigfoot..but certainly you don't see me bothering the people who own the land where bigfoot is supposed to live. 3) They want to confiscate logs from the system.. That sure as heck isn't any of their business.. 3) other complaints which I'll file for now. --- ------------------------.------------------.-----------------.- Tim Oerting | |insert disclaimer| Computer Consultant | U. of Washington |I speak 4 myself | School of Law | |..blah..blah.. | From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: smb@research.att.com Date: Tue, 8 Jun 93 13:22:05 PDT To: peter honeyman Subject: Re: CERT: the letter from CERT to berkeley.edu admin Message-ID: <9306082022.AA25894@toad.com> MIME-Version: 1.0 Content-Type: text/plain steve, like eric, i feel that cert is overstepping their charter by engaging in law enforcement activities. what's your feeling on the matter? don't you agree that this could jeopardize their ability to do the work they are chartered to do? Law enforcement? It's law enforcement if they do more than notify the owner of the site. Most such sites welcome the notifications *if* (and it's a big ``if'') their machines are being abused by outsiders. If CERT is going out and looking for pirated software, or if they try to take any action to enforce their notes -- then, I do agree with both of you; such actions are beyond their charter. (Though one can argue that clandestine distribution of malware would fall be an exception. I specify ``clandestine'' because one could entertain a reasonable suspicion that the motives of such distributors was not purely educational...) If you asked CERT to justify such notes, they'd probably quote the following text from their press release on ftp.cert.org: It will also serve as a focal point for the research community for identification and repair of security vulnerabilities, informal assessment of existing systems in the research community, improvement to emergency response capability, and user security awareness. ``User security awareness'' sounds about right. Look -- CERT did not demand that the ftp area be shut down, they did not threaten to cut the machine off from the Internet, they didn't (as far as I know) turn the note over to the FBI or the Secret Service, and they didn't mention PGP or ``dirty GIFs''. They simply *informed* the administrator, in a polite way, of information that that administrator probably wants to hear. (I've had occasion to notify various system administrators of the same sort of thing. They were all grateful for the report.) The overly-hasty response came from Eric's end. What the administrator's response should be if RSADSI sent a note about PGP is another matter. This is CERT, and they're talking about pirated software. --Steve Bellovin Disclaimer: I'm on friendly terms with CERT, and with a lot of the folks who work there. And -- as anyone who has read my papers knows -- I've sent in my share of incident and vulnerability reports. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peter honeyman Date: Tue, 8 Jun 93 13:34:23 PDT To: smb@research.att.com Subject: Re: CERT: the letter from CERT to berkeley.edu admin Message-ID: <9306082034.AA26060@toad.com> MIME-Version: 1.0 Content-Type: text/plain and what do you make of their report on julf's non-existent ftp area? steve, you know me well; you know i'm not a raving lunatic or or a conspiracy-freak nut-case. but i believe it is more than a coincidence that soda and penet were suddenly tarred by the same brush. perhaps cert is being used as a weapon, as marc suggested. that is the most benign interpretation i can think of. so i ask you again: don't you think cert might be jeopardizing its effectiveness through these actions? peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jet@nas.nasa.gov (J. Eric Townsend) Date: Tue, 8 Jun 93 16:38:39 PDT To: cypherpunks@toad.com Subject: Re: CERT In-Reply-To: <9306082134.AA26126@data.nas.nasa.gov> Message-ID: <9306082338.AA00441@boxer.nas.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain peter honeyman writes: > jet wrote: > > I personally like being contacted by an organization trying to tell me > > that someone might be misusing my computing resources. > how would you feel about an organization telling your boss that > your actions were contributing to the abuse? I wouldn't care given my current boss(es). If my boss were the sort to believe a vague form letter and take action w/o consulting me, I'd want a different boss anyway. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: TO1SITTLER@APSICC.APS.EDU (Kragen Sittler) Date: Tue, 8 Jun 93 15:59:21 PDT To: cypherpunks@toad.com Subject: Re: ALERT / My email address is... Message-ID: <930608165150.1a6@APSICC.APS.EDU> MIME-Version: 1.0 Content-Type: text/plain Well, actually, it's not even a hack to find out who the subscribers are... You simply use the EXPN command in the SMTP protocol to find out who the recipients of a list are. This is documented in RFC-821. However, the cypherpunks list requires a little bit of ingenuity, or familiarity with sendmail. I periodically get a copy of this list, just in case. Last I checked, there were 409 names on the list. Two were files, about ten or fifteen were either other lists, fidonet echos, or local USENET newsgroups. The rest appeared to be real people. Most of the apparent lists listed on the cypherpunks list were not traceable thru SMTP EXPN. If you desire real privacy, I suggest that you get the cypherpunks list, figure out which ones are hidden lists, and ask to subscribe to those. If it is desired, I can send a list of these lists to the cypherpunks list. Kragen From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: smb@research.att.com Date: Tue, 8 Jun 93 13:53:48 PDT To: peter honeyman Subject: Re: CERT: the letter from CERT to berkeley.edu admin Message-ID: <9306082053.AA26363@toad.com> MIME-Version: 1.0 Content-Type: text/plain and what do you make of their report on julf's non-existent ftp area? I don't know. The most charitable interpretation is that CERT is being extremely careful about their own behavior, and they're not going around probing for anonymous ftp on various sites without more than an informant's tip that such a service is offered. Again, though, I'm guessing. I do know that they're short on staff. They certainly can't scan the archives, and a report of a non-existent anonymous ftp area may be sufficiently rare they they never thought to check it. steve, you know me well; you know i'm not a raving lunatic or or a conspiracy-freak nut-case. but i believe it is more than a coincidence that soda and penet were suddenly tarred by the same brush. Of course you're not a raving lunatic. Certainly, you rave at times, but I don't think I've ever called you a lunatic... perhaps cert is being used as a weapon, as marc suggested. that is the most benign interpretation i can think of. so i ask you again: don't you think cert might be jeopardizing its effectiveness through these actions? You're right -- the coincidence, if coincidence it is, is quite odd. I'm more disturbed by the question of how CERT got the information; a more common report would be from an administrator who found such unwanted deposits, and who reported to CERT what sites sent them or retrieved them. CERT will certainly hurt itself if it allows itself to be used. But if most such reports are accurate, welcomed by the administrators, and obtained from legitimate sources, they won't have a problem. I'm going to stop speculating, though. I'll send a note to various folks at CERT (though without mentioning either cypherpunks, soda, or anon.penet by name), and ask them what their policy is on such reports, and in general where they come from. --Steve Bellovin From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Tue, 8 Jun 93 13:54:48 PDT To: peter honeyman Subject: Re: CERT: the letter from CERT to berkeley.edu admin In-Reply-To: <9306082034.AA26060@toad.com> Message-ID: <9306082054.AA14005@dun-dun-noodles.aktis.com> MIME-Version: 1.0 Content-Type: text/plain >> perhaps cert is being used as a weapon, as marc suggested. that >> is the most benign interpretation i can think of. so i ask you >> again: don't you think cert might be jeopardizing its effectiveness >> through these actions? "Do not attribute to malice that which can be adequately explained by stupidity." Without support, I think CERT is merely being stupid. Someone else (maybe even a government employee) is being malicious. I do think cert is harming their effectiveness by doing this. My guess is that they never stopped to think that someone might use them in this way to shut down an "unpopular" ftp site. Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: poier@sfu.ca (Skye Merlin Poier) Date: Tue, 8 Jun 93 16:56:17 PDT To: cypherpunks@toad.com Subject: Re: ALERT / My email address is... In-Reply-To: <9306080418.AA07574@triton.unm.edu> Message-ID: <9306082356.AA21325@malibu.sfu.ca> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- :) I suggest that we try to create an encrypted cypherpunks list? Comments? Sounds good to me. Skye - -- - -----====> Skye Merlin Poier <====----- Undergrad in CMPT/MATH (Virtual Reality) |||| |||| email: poier@sfu.ca p-OO <--> OO-q THINK PGP Public Key available on finger \== ==/ -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLBUm9y0bkpXW3omvAQGitAQAoWoXxYAVyqnw+m8tjGTWmRQbtGbYJsPV zT1wKcx3PI/w9RzPXJUzNYjMg2sKKHTT/vxQuGM3TjuyVoPK+5fx33Z+A5QArAdB Y4An8VClFC2l8rieLGsYjIl+Za/d5D6a28hLL5SEkNyM7kzzMtbvInAXCKClEDs4 GcSSAnn8ea4= =GYsy -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: smb@research.att.com Date: Tue, 8 Jun 93 13:59:09 PDT To: Eric Hughes Subject: Re: CERT: the letter from CERT to berkeley.edu admin Message-ID: <9306082059.AA26522@toad.com> MIME-Version: 1.0 Content-Type: text/plain >Any public spooling directory is fair game for their antics. [...] >My guess is that your CERT problems have NOTHING to do with >PGP distribution. There is only one directory on the cypherpunks site that is writable, and that is the incoming directory and it's not readable. It doesn't have to be. Anyone could create ``incoming/.. '', stick some files in it, and tell his/her friends. The new directory would be readable. Again, I'm not speaking hypothetically here. In our case, it was ..^T, and contained pirated PC software. (We decided not to infect those files with viruses... We didn't even replace them with programs that just printed nasty messages.) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Robert Luscombe Date: Tue, 8 Jun 93 14:33:21 PDT To: Cypherpunks Subject: RE:CERT Message-ID: MIME-Version: 1.0 Content-Type: text/plain Not having heard of CERT before, and living ten minutes away from their offices at SEI, i checked out their anonymous ftp site (cert.org) and found the CERT faq in the pub directory. From the info THEY provide, it seems like a worthwhile organization. BUT, in their info, they deal with security issues, not copyright infringement. I realise that hidden directories in an incoming dir is a security issue, but it seems to be a thinly veiled attack on the distribution of software of illegal or questionable origins. They do publish security advisories; i would be interested in seeing a list of sites served with notices similar to those julf and soda received. Does anyone have more info on CERT? BTW- SEI at CMU is a scary place. The photo lab i worked for as a messenger had clients there, so i was in the building a couple times a day for more than i year. Because of their DOD affiliation, there are regular protests outside the building. On a normal delivery during one of these protests i was surrounded by guards, searched, and asked some WAY paranoid questions even though the regular guards knew who i was. If you ever happen to be walking the halls of SEI and see the nice big prints of guided missiles and other scary stuff, I probably delivered them. --Robert Luscombe ral@telerama.pgh.pa.us | 2201 Sarah Street Apt. 3 robert@well.sf.ca.us | Pittsburgh, PA 15203 rluscomb@nyx.cs.du.edu | 412/488-0941 (Finger for PGP Public Key) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Matt Blaze Date: Tue, 8 Jun 93 14:42:10 PDT To: smb@research.att.com Subject: Re: CERT: the letter from CERT to berkeley.edu admin In-Reply-To: <9306082022.AA25894@toad.com> Message-ID: <9306082126.AA29129@crypto.com> MIME-Version: 1.0 Content-Type: text/plain .... > >If you asked CERT to justify such notes, they'd probably quote the >following text from their press release on ftp.cert.org: > > It will also serve as a focal point for the research community > for identification and repair of security vulnerabilities, > informal assessment of existing systems in the research > community, improvement to emergency response capability, and > user security awareness. > >``User security awareness'' sounds about right. > .... Steve, I think CERT is off base with these notes. The problem, to my eyes, is not that they're notifying administrators of potential problems before they occur; that's all well and good, and probably easily within their charter. What I take issue with is the underhanded manner in which they seem to be doing it. According to the reports from soda and penet, the notes were not sent in response to any specific request from the sites in question, but rather on the inititate of someone at CERT itself or in response to some vague complaint from a third party. Furthermore, the notes were sent "above the heads" of the individual site adminstrators (perhaps to whoever is listed in the domain contact at the NIC), apparently causing bad feelings and misunderstanding in at least the two cases reported here. If they had sent mail to the postmasters at the individual sites saying "hey, did you know your machine has a writeable anonymous ftp directory?" that's one thing. I'd interpret that as a friendly and helpful gesture. Instead, the impression is one of, at best, unwelcome meddling, or, at worst, some kind of bizarre network-vigilantism. If they find something they don't like about one of my computers, who else are they going to send mail to? My boss? My mother? I should point out that I've delt with CERT myself a couple of years ago regarding an intruder on a machine I administered, and found them to be nothing but helpful and professional. Their assistance was, however, limited to reacting to specific problems that I asked them to help with. They never initiated any kind of audit of my site or did anything that would make me feel as if they were some kind of "net cop wannabes" who were "checking up" on my computers. I'd hate to see that image changing, because they have the potential to provide an increasingly valuable service as the internet grows. -matt From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Sandy <72114.1712@CompuServe.COM> Date: Tue, 8 Jun 93 14:32:37 PDT To: Subject: CERT Message-ID: <930608212913_72114.1712_FHF45-2@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT Reply to: ssandfort@attmail.com . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Punksters, I would guess that the intent of the letter Eric Hughes got from CERT was to intimidate rather than to raise some arguable issue. I hope Eric plans to ask Ms. Katherine T. Fithen, directly, who the tipster was ("I'm sorry, we do not divulge the names of our confidential informants"), why someone at CERT didn't contact Eric first, what specific allegations were made, etc. I would like to see a copy of such an e-mail message and its response, if any. What say, friend, Eric? Intrudingly yours, S a n d y >>>>>> Please send e-mail to: ssandfort@attmail.com <<<<<< ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peter honeyman Date: Tue, 8 Jun 93 14:34:14 PDT To: jet@nas.nasa.gov (J. Eric Townsend) Subject: Re: CERT In-Reply-To: <9306082031.AA12159@boxer.nas.nasa.gov> Message-ID: <9306082134.AA27495@toad.com> MIME-Version: 1.0 Content-Type: text/plain > I personally like being contacted by an organization trying to tell me > that someone might be misusing my computing resources. how would you feel about an organization telling your boss that your actions were contributing to the abuse? that is certainly how the message was received at soda, and in earlier, similar circumstances, at penet, as well. peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Tue, 8 Jun 93 17:36:31 PDT To: cypherpunks@toad.com Subject: TIS/PEM FAQ as of 8 June 1993 Message-ID: <9306090036.AA02947@toad.com> MIME-Version: 1.0 Content-Type: text/plain ------- Forwarded Message From: James M Galvin To: ietf-announce@cnri.reston.va.us, psrg-interest@isi.edu, pem-dev@TIS.COM, rsaref-users@rsa.com, saag@TIS.COM, tispem-users@TIS.COM Subject: TIS/PEM FAQ as of 8 June 1993 Date: Tue, 08 Jun 93 16:21:10 -0400 - -----BEGIN PRIVACY-ENHANCED MESSAGE----- Proc-Type: 4,MIC-CLEAR Content-Domain: RFC822 Originator-ID-Asymmetric: MFMxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJNRDE kMCIGA1UEChMbVHJ1c3RlZCBJbmZvcm1hdGlvbiBTeXN0ZW1zMREwDwYDVQQLEwh HbGVud29vZA==,02 MIC-Info: RSA-MD5,RSA,BpCu5i/vNJFNX64bj4KuRr8Jm05gdfjIIO5WQaSTXAG kx09ivq97GtmdksgshOkdqynlLxTSph0s6DtNN5girn2Q/u08q44XLYbk6vYxA9g 37w/L1leqw7CldPLPOtQT Many of you will recall the announcement of the availability of TIS/PEM, the Internet reference implementation of PEM, distributed last week. Included below is the first TIS/PEM FAQ. We are posting it this one time to the same mailing lists that received the announcement last week. In the future, it will be posted to the mailing list and several appropriate newsgroups. We hope you find this useful. Thanks. TIS/PEM FAQ Last updated 8 June 1993 Send questions and comments to tispem-support@tis.com Questions answered: 1) What is Privacy Enhanced Mail (PEM)? 2) Where are the PEM standards defined? 3) Is there a forum for PEM developers and others interested in the PEM standards? 4) Are there implementations of PEM available? 5) How do I get TIS/PEM? 6) Why is TIS/PEM only available in the US and Canada? 7) Are special privileges (e.g., root access) required to install TIS/PEM? 8) What about integrating TIS/PEM into mail user agents? 9) What about DOS and other non-UNIX platforms? 10) What about certificates? 11) What is a distinguished name? 12) What is a Certification Authority (CA)? 13) What does a PCA do and how are they differentiated? 14) What PCAs are available? 15) How much does it cost to sign up under a PCA? 16) What if I have questions about TIS PCA? 17) Is there a mailing list for TIS/PEM users? 18) What if I have questions about or problems with TIS/PEM? 1 Q: What is Privacy Enhanced Mail (PEM)? A: PEM is an Internet standard for providing security services to electronic mail. It uses cryptographic techniques to provide message integrity checking, originator authentication, and confidentiality. It lets you know that a message hasn't been changed, who it's from, and, optionally, allows you to keep it secret from all but the intended recipients. 2 Q: Where are the PEM standards defined? A: There is a set of Proposed Standard RFCs (Internet standards documents) that specify PEM. The four new documents are RFCs 1421 (obsoletes 1113), 1422 (obsoletes 1114), 1423 (obsoletes 1115), and 1424 (new). These documents may be found in your favorite RFC repository. Details on obtaining RFCs via FTP or EMAIL may be obtained by sending an EMAIL message to "rfc-info@ISI.EDU" with the message body "help: ways_to_get_rfcs". For example: To: rfc-info@ISI.EDU Subject: getting rfcs help: ways_to_get_rfcs 3 Q: Is there a forum for PEM developers and others interested in the PEM standards? A: Yes, there is an electronic mailing list that is used to discuss the PEM specifications, implementation issues, and it is used to conduct some of the business of the Internet Engineering Task Force (IETF) PEM working group. Send a message to "pem-dev-request@tis.com" if you would like to be added to the list. 4 Q: Are there implementations of PEM available? A: Yes, implementations are being made available as you read this. Trusted Information Systems (TIS), under ARPA sponsorship and in cooperation with RSA Data Security Incorporated (RSADSI), has released a reference implementation of Privacy Enhanced Mail (TIS/PEM) to the Internet community. TIS/PEM is a UNIX-based implementation that has been integrated with Rand MH 6.7.2 and is easily integrated into other mail user agents. TIS/PEM is distributed in source form. It is openly available within the United States and Canada for non-commercial use (not for resale). 5 Q: How do I get TIS/PEM? A: TIS/PEM is available via anonymous ftp in the United States and Canada to US and Canadian citizens and people with a US "green card." To retrieve TIS/PEM please FTP to host: ftp.tis.com login: anonymous and retrieve the files pub/PEM/README pub/PEM/LICENSE pub/PEM/BUGS The README file contains further instructions. 6 Q: Why is TIS/PEM only available in the US and Canada? A: The export from the United States of the cryptography used in TIS/PEM is controlled by the United States government. 7 Q: Are special privileges (e.g., root access) required to install TIS/PEM? A: TIS/PEM can be installed in multi-user mode, which is identified by the use of a single, system-wide, shared database of cryptographic and administrative information maintained by one or more privileged users called certificate administrators, and single-user mode, which allows individuals to maintain their own databases of cryptographic and administrative information. Multi-user mode installation requires privileges, while single-user mode installation does not. 8 Q: What about integrating TIS/PEM into mail user agents? A: TIS/PEM has been integrated with MH 6.7.2 and is easily integrated with other mail user agents. If you integrate TIS/PEM with a popular mail user agent, we would be happy to make it available to others. Additionally, a set of filters, similar to the UNIX cat command, that allow you to apply and remove PEM enhancements (enhance and de-enhance) text files are provided. These filters make it possible to use PEM with mail user agents that are not PEM aware. 9 Q: What about DOS and other non-UNIX platforms? A: TIS/PEM is currently limited to UNIX, but we are pursuing porting it to other operating systems. 10 Q: What about certificates? A: While PEM uses X.509 certificates to bind distinguished names to RSA public keys, it is not necessary to join the Internet certification hierarchy or otherwise pay to use TIS/PEM. TIS/PEM is capable of generating the certificates that you need. Joining the Internet certification hierarchy has the benefit of making it easier to verify others' mail and for them to verify yours. To join the Internet certification hierarchy, you must sign up your Certification Authority (CA) under a Policy-level Certification Authority (PCA). 11 Q: What is a distinguished name? A: A distinguished name is a hierarchical, globally unique name used to identify something or someone. RFC 1255 and several North American Directory Forum (NADF) documents describe how to select appropriate distinguished names. The distinguished name for Earl Sinclair (a fictional character, geographically displaced) might be Country=US State or Province=CA Organization=Wesayso Corporation Organizational Unit=Tree Pushing Division Common Name=Earl Sinclair 12 Q: What is a Certification Authority (CA)? A: A Certification Authority (CA) vouches for the binding between users' distinguished names and RSA public keys within an organization or organizational unit. The CA's distinguished name is that of the organization or organizational unit and users' distinguished names are created by starting with the CA distinguished name and adding something to uniquely and unambiguously identify the user, like a common name. 13 Q: What does a PCA do and how are they differentiated? A: PCAs vouch for the binding between a CA's distinguished name and RSA public key. By joining a PCA, others can verify your PEM messages by following the certification path to the Internet Policy-level Certification Authority certificate without having to have retrieved your RSA public key using secure, out of band means. PCAs may also make CA Certificate Revocation Lists (CRLs) and certificates available and provide other services for its members. PCAs can be differentiated by the policy that they advertise. The policy includes the level of effort -- and associated assurance -- that a PCA uses to insure the correctness of the binding and the requirements they place on CAs which issue certificates under them. They can also be differentiated by the other services they offer and their price. 14 Q: What PCAs are available? A: Several PCAs exist as part of the Internet certification hierarchy, including PCAs at RSADSI and TIS, and more may come online in the near future. 15 Q: How much does it cost to sign up under a PCA? A: Individual PCAs will have their own price schedules. Signing up under the TIS PCA is free during 1993. 16 Q: What if I have questions about TIS PCA? A: Sent them to tispca-info@tis.com. 17 Q: Is there a mailing list for TIS/PEM users? A: Yes, it's tispem-users@tis.com. Send mail to tispem-users-request@tis.com to be added to or deleted from the list. 18 Q: What if I have questions about or problems with TIS/PEM? A: Send them to tispem-support@tis.com. - -----END PRIVACY-ENHANCED MESSAGE----- ------- End of Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Tue, 8 Jun 93 17:51:08 PDT To: markoff@nyt.com Subject: Re: McCarthy lives! In-Reply-To: Message-ID: <9306090050.AA03345@toad.com> MIME-Version: 1.0 Content-Type: text/plain > talking to a guy with longstanding computer security > connections. He looked at me strangely and said something like > "Well, Tim, your name just came up in Washington on a list of > the most dangerous hackers in the country." I laughed it off Tim, I'll be glad to teach you how to file a Privacy Act request. It's pretty simple, and it works on all Federal agencies. You get all records they are keeping on you, with some limited exceptions -- and for almost all of those, you get notified of the withholding. If you can identify one or a small number of agencies that might be keeping this "list", we can see if you are on it. And if we find the list, we can probably get the whole thing under the Freedom of Information Act. John From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Tue, 8 Jun 93 08:38:39 PDT To: peter honeyman Subject: Re: CERT In-Reply-To: <9306081313.AA12942@toad.com> Message-ID: <9306081800.aa08835@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > i am disappointed to hear these stories about cert, but encourage others > with tales to tell to step forward. this is a real eye-opener. I just had to deal with a minor crisis caused by CERT. They contacted the domain-admin for the *.fi domain, saying they had been informed that the anonymous ftp archive at anon.penet.fi was being used to distribute illegal copies of software. They did *not* contact me directly, nor my service provider. The last time anon.penet.fi was shut down was exactly because of somebody contacting the domain-admin, who happens to be a person working for a competitor to my service provider. Fortunately I could tell them that anon.penet.fi didn't even run ftp at all, easily verifiable by trying to ftp from anon.penet.fi. They did apologize profusely, but somehow that doesn't quite... julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Tue, 8 Jun 93 18:21:28 PDT To: gnu@toad.com Subject: Re: McCarthy lives! In-Reply-To: <9306090050.AA03345@toad.com> Message-ID: <9306090121.AA10501@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain John Gilmore writes: > > talking to a guy with longstanding computer security > > connections. He looked at me strangely and said something like > > "Well, Tim, your name just came up in Washington on a list of > > the most dangerous hackers in the country." I laughed it off > > Tim, I'll be glad to teach you how to file a Privacy Act request. > It's pretty simple, and it works on all Federal agencies. You get all > records they are keeping on you, with some limited exceptions -- and > for almost all of those, you get notified of the withholding. If you > can identify one or a small number of agencies that might be keeping > this "list", we can see if you are on it. And if we find the list, we > can probably get the whole thing under the Freedom of Information Act. I'll take John up on his kind offer! Though I expressed that to me this experience was kind of funny (in a devil-may-care way, I hope you all understand), it *does* raise larger issues of whether CERT is developing list of what might be called "subversives" based on hearsay evidence and innuendo. So, I'll try to pursue this and keep you folks posted. -Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fnerd@smds.com (FutureNerd Steve Witham) Date: Tue, 8 Jun 93 16:07:40 PDT To: cypherpunks@toad.com Subject: CERT and us Message-ID: <9306082235.AA28928@smds.com> MIME-Version: 1.0 Content-Type: text/plain hey folks a poem by fnerd It looks like CERT may have a habit of sending accusatory-looking form letters without doing much checking of their own based on who knows what tips. Looks like they need to polish their policies and their prose a little bit. BUT We, too, are a group formed to look into problems of computer security. We, too, respond to security emergencies. We, too, distribute patches to help people improve their security. We, too, send messages--even rumors--back and forth about threatening situations and people we suspect. Sure, our style and emphasis are different, but our charter is very similar to theirs. Let's not let our name or style distract us from our mission or blind us to potential allies. Instead of thinking of them as the heavies and us as the rebels, WHY NOT us as the net-wise older brothers, and them as the enthusiastic amateurs who need some advice and calming down? Eric can write one of his authoritative letters, and we become the voice of reason, the watchers of the watchers, Liberty's eyes. Gentlemen and ladies (I reproach you), remember who we are. -fnerd quote me From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Tue, 8 Jun 93 18:37:36 PDT To: cypherpunks@toad.com, gnu Subject: Re: AT&T Encrypting Phone Ad in WS Journal In-Reply-To: Message-ID: <9306090137.AA05168@toad.com> MIME-Version: 1.0 Content-Type: text/plain > The Wall Street Journal, 7 June 93, page B7, has an AT&T ad for an > encrypting communications box called "Surity Telephone Device". > It plugs between a regular phone and the phone jack. > Anybody know what's inside? Is this new? The box pictured is the Clipper-based successor to the AT&T 3600 secure phone. They have a "bump in the cord" architecture; in the case of the 3600, it plugged between the handset and the phone. This is a pain in the ass (there are six or seven "handset modules" that plug into the unit, and you have to use one to match your phone -- or get several and pray that one will match each phone you ever want to use.) We played with one of the 3600's at a Bay Area cypherpunks meeting a few months ago. I'd refer to the "Surity" as the "surly telephone device". John From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Douglas Sinclair Date: Tue, 8 Jun 93 18:10:44 PDT To: poier@sfu.ca (Skye Merlin Poier) Subject: Re: ALERT / My email address is... In-Reply-To: <9306082356.AA21325@malibu.sfu.ca> Message-ID: <9306090106.AA24109@acs1.acs.ucalgary.ca> MIME-Version: 1.0 Content-Type: text/plain An encrypted cypherpunks list? Why? To try and hide the forum's messages from the TLAs? I'm sure they already have people readin this list who'd be incorporated into the encrypted list too. Or do you plan to verify each reader before giving them the password or whatever? I fail to see the point. -- PGP 2.2 Key by finger From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: norm@netcom.com (Norman Hardy) Date: Tue, 8 Jun 93 19:12:57 PDT To: cypherpunks@toad.com Subject: CERT netnews Message-ID: <9306090213.AA15326@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Netnews group "comp.security.announce" seems to be the product of CERT. About once a week, on the average, they post something relating to the security of some specific operating system. The few postings that I have seen seem directed to the sys-op (typically Unix) regarding some common practice with security implications or often holes in the defaults that some system comes with. What I have seen there is technical and not political. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peter honeyman Date: Tue, 8 Jun 93 16:16:35 PDT To: DEADBEAT Subject: Re: CERT: the letter from CERT to berkeley.edu admin In-Reply-To: <9306082147.AA11091@cicada.berkeley.edu> Message-ID: <9306082316.AA00751@toad.com> MIME-Version: 1.0 Content-Type: text/plain > What could I be thinking? oho, that is rich! maybe we should forward db's note to cert, who would turn around and muscle netcom.com for allowing users to ... peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Shipley Date: Tue, 8 Jun 93 19:40:49 PDT To: cypherpunks@toad.com Subject: Re: ALERT / My email address is... In-Reply-To: <9306082356.AA21325@malibu.sfu.ca> Message-ID: <9306090240.AA08014@edev0.TFS> MIME-Version: 1.0 Content-Type: text/plain >-----BEGIN PGP SIGNED MESSAGE----- > >:) I suggest that we try to create an encrypted cypherpunks list? Comments? > >Sounds good to me. > the only use that whould bring is to get us to get more serious about key extange and to develop easier software for reading/scaning encrypted messages. On the other hand it would no benefit us in the way of that it would not us to get our messages and views to the world. (Last I checked this was not a exclusive email list). -Pete From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Tue, 8 Jun 93 11:10:39 PDT To: Eric Hughes Subject: Re: CERT: the letter from CERT to berkeley.edu admin In-Reply-To: <9306081620.AA07331@soda.berkeley.edu> Message-ID: <9306082011.aa12598@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > Here, in its almost full glory, is the letter that CERT sent to the > admin at berkeley. It's exactly the same message that was sent to the .fi domain-admin with regards to anon.penet.fi Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: smb@research.att.com Date: Tue, 8 Jun 93 17:49:11 PDT To: cypherpunks@toad.com Subject: Re: CERT Message-ID: <9306090049.AA03320@toad.com> MIME-Version: 1.0 Content-Type: text/plain The paranoia is getting out of hand. Let's take this one point by point. I've deleted the poster's name, because this note is just an example; it's not the only such posting. Certainly that may be so.. but in this case they didn't merely tell 'you' with a simple note, instead they did atleast 2 things which really are bothersome and overstepping common 'courtesy' of merely informing 'you': ``You''? Who is ``you''? The CERT note didn't mention any individual. They might not have the information. If they did, it might be because the account was compromised. (That was the case the last time I helped a friend investigate ftp droppings. In that case, though, it was only the ftp account, not the login account, so notifying the owner would not have been damaging. Btw -- remember the recent CERT advisory on bugs in the WUSTL ftpd?) 1) Instead of going directly to the owner of the directory in question or the administator of the host they jumped over 'your' head and went to the domain administrator. I can see going to a site administrator if they had reason to believe the owner of the directory was doing something illegal.. but then again they have no authority to make/enforce/etc any kind of laws. They were just plain out of line. Consider this example (and I'll give them the benefit of doubt here that someone really did complain to them and they aren't on some witchhunt of their own): I am Cert and Mr Von Karman has emailed me to say that a /jet/Enigma-cypher-code directory appears to have illegal software of some kind.. so I send up my email.. not to you.. but to Goldin, the new NASA head that I believe this directory owned by you has illegal software on it. Well that is a good way to put some bad marks on your record even if you do prove it untrue to your boss.. maybe you had just removed the evidence before he checks out your acct.. either way he shuts down your net access for a while..'just to be sure', and look out next time you want a promotion.. can't be to safe.. you might be a security risk! As I said before, they might not know who was involved. Even if they did, and even if the account wasn't compromised, it's the SA's responsibility to investigate. What if a local user is doing un- authorized things? Take this particular case -- they could easily end up being sued for contributing to copyright infringement. They might win -- but defending against a lawsuit is expensive. 2) They didn't check the system out before hand and blatantly said as much.. what kind of service to you is that? my friend met a guy who knows bigfoot..but certainly you don't see me bothering the people who own the land where bigfoot is supposed to live. Check it out? How? Apart from the question of whether or not you want CERT looking through your directories (and I can just hear the complaints now -- ``On no evidence but an anonymous tip, CERT logged in, listed everything, looked for *my* hidden areas that I used to distribute restricted software, and tied up my link to the Internet for hours while the downloaded everything in sight'') -- it isn't feasible. I just ftp'd to soda for a quick look-see. A ls-lRa generated 160K bytes. Simply screening that takes time. Many of the files showed only numeric uid's; the ftpd passwd file was obviously not up to date. Even if I knew the suspect files, I might not know who the responsible user was. Many of the files had informative names like ``packet123.Z''. They mirrored the full X11R5 distribution. How much time and effort should CERT put in?!?!! A competent SA will at least know the putative ownership and reliability of the owner of most of that stuff; CERT sure doesn't (except, of course, for the list of hackers they may or may not have, and which has been (rightly) objected to). 3) They want to confiscate logs from the system.. That sure as heck isn't any of their business.. Confiscate? Confiscate? They asked for a copy, if available. ``Confiscate'' generally means ``take away''. They're not taking anything from you. If the logs do show anything, it's precisely their business -- evidence of someone abusing your system (I'm assuming here that there really was 3rd-party deposits and retrieval of files). Quick -- how many of those file transfers are coming from stolen accounts? In my experience, a goodly number. Look, I have my own concerns about CERT in this matter, notably the questions of what evidence they're acting on, and whether or not they're being used (consciously or not) to silence unpopular sites. I've sent them a note asking those questions. But let's try to keep things in perspective. Oh yeah -- as an added bonus, I've enclosed a transcript of the kinds of things I do when trying to find an administrative contact for some machine. I don't see any avenues of contact more likely than ``root'' or ``postmaster''. And it's clearly a large-scale timesharing machine, where there's no one individual clearly responsible for it. --Steve Bellovin ----- $ whois -h rs.internic.net soda.berkeley.edu No match for "SODA.BERKELEY.EDU". The InterNIC Registration Services Host ONLY contains Internet Information (Networks, ASN's, Domains, and POC's). Please use the whois server at nic.ddn.mil for MILNET Information. $ finger root@soda.berkeley.edu [soda.berkeley.edu] Login: root Name: The Allmighty Directory: / Shell: /bin/csh Office: E238, x2-7453 Last login Mon May 31 22:17 (PST) on console No Plan. $ finger postmaster@soda.berkeley.edu [soda.berkeley.edu] finger: postmaster: no such user. $ dig mx soda.berkeley.edu ; <<>> DiG 2.0 <<>> mx soda.berkeley.edu ;; ->>HEADER<<- opcode: QUERY , status: NOERROR, id: 6 ;; flags: qr rd ra ; Ques: 1, Ans: 2, Auth: 3, Addit: 8 ;; QUESTIONS: ;; soda.berkeley.edu, type = MX, class = IN ;; ANSWERS: soda.berkeley.edu. 55780 MX 4 soda.Berkeley.EDU. soda.berkeley.edu. 55780 MX 6 scotch.Berkeley.EDU. ;; AUTHORITY RECORDS: Berkeley.EDU. 161050 NS VANGOGH.CS.BERKELEY.EDU. Berkeley.EDU. 161050 NS VIOLET.Berkeley.EDU. Berkeley.EDU. 161050 NS UCBVAX.BERKELEY.EDU. ;; ADDITIONAL RECORDS: soda.Berkeley.EDU. 55780 A 128.32.149.19 scotch.Berkeley.EDU. 55780 A 128.32.131.179 VANGOGH.CS.BERKELEY.EDU. 161050 A 128.32.130.2 VIOLET.Berkeley.EDU. 161050 A 128.32.136.22 UCBVAX.BERKELEY.EDU. 39151 A 128.32.137.3 UCBVAX.BERKELEY.EDU. 161050 A 128.32.130.12 UCBVAX.BERKELEY.EDU. 161050 A 128.32.149.36 UCBVAX.BERKELEY.EDU. 51896 A 128.32.133.1 ;; Sent 1 pkts, answer found in time: 0 msec ;; FROM: inet to SERVER: default -- 0.0.0.0 ;; WHEN: Tue Jun 8 20:16:07 1993 ;; MSG SIZE sent: 35 rcvd: 295 $ telnet soda.berkeley.edu 25 Trying... Connected to soda.berkeley.edu. Escape character is '^]'. 220 soda.berkeley.edu Sendmail 5.65/KAOS-1 ready at Tue, 8 Jun 93 17:10:50 -0700 helo research.att.com 250 soda.berkeley.edu Hello research.att.com, pleased to meet you vrfy root 250-Eric Hollander <"|/accounts/hh/remail/slocal.pl"> 250-Keir Morgan 250-ERic MeHlHaFf 250-ERic MeHlHaFf <\mehlhaff> 250-Tom Holub 250-John S. Jacob 250-Matthew L. Seidl 250-Shannon D. Appel <"| /usr/local/lib/mh/slocal -user appel -verbose"> 250-Sean N. Welch 250-Dan Wallach 250-Donald J. Kubasak 250-David G. Paschich 250-Adam Glass <\glass> 250 Adam Glass vrfy postmaster 250-Eric Hollander <"|/accounts/hh/remail/slocal.pl"> 250-Keir Morgan 250-ERic MeHlHaFf 250-ERic MeHlHaFf <\mehlhaff> 250-Tom Holub 250-John S. Jacob 250-Matthew L. Seidl 250-Shannon D. Appel <"| /usr/local/lib/mh/slocal -user appel -verbose"> 250-Sean N. Welch 250-Dan Wallach 250-Donald J. Kubasak 250-David G. Paschich 250-Adam Glass <\glass> 250 Adam Glass quit 221 soda.berkeley.edu closing connection Connection closed by foreign host. $ finger @soda.berkeley.edu [soda.berkeley.edu] Login Name Tty Idle Login Time Office Office Phone aaron Aaron C. Smith qR Jun 8 08:58 Limbo 643-7217 aaron Aaron C. Smith *qT Jun 8 08:58 Limbo 643-7217 achoi Andrew Choi pB 3 Jun 7 18:19 appel Shannon D. Appel pK Jun 8 09:57 CEA 643-5657 aswan Andrew Swan pW Jun 8 17:06 calvin Wa Pak qe 22:11 Jun 7 18:57 cgd Chris G. Demetriou qf Jun 7 22:15 278 Cory 510-642-7520 cliffwd Cliff Draper pe 36 Jun 8 16:30 9-204a 643-3426 cynthia cynthia leigh haynes *pr 3 Jun 8 16:43 cynthia cynthia leigh haynes ps Jun 8 16:43 deb Debra Waldorf *p7 Jun 8 16:20 deb Debra Waldorf *qg 51 Jun 8 15:27 eganloo Egan Loo pJ Jun 8 16:57 eric Eric van Bezooijen qz 1:01 Jun 8 15:50 238E gwh George William Herbe pc 1 Jun 8 14:13 238E gwh George William Herbe pm Jun 8 14:26 238E henchiu Henry Chiu pR Jun 8 17:02 ho Kinson Ho *q3 1:13 Jun 8 15:08 608-1 Evan 642-8290 hughes Eric Hughes *qm 36 Jun 8 10:34 238E isaac Isaac Cheng *pE 12 Jun 8 09:51 isaac Isaac Cheng *qw 12 Jun 8 10:59 jenn Jennifer Hom *pF Jun 8 16:52 238E 415-688-8034 jlb Jordana Brown pQ Jun 8 14:45 karlht Karl Thiessen *pb 13 Jun 8 16:28 238 Evans 642-7453 kenji Kenji Hubbard *pX Jun 8 17:08 238E kube Donald J. Kubasak pU 2 Jun 8 17:05 CEA ESOC 643-7367 marco Marco Nicosia qI Jun 8 15:58 238E 510-283-9587 maroo Maroo Lieuw *qx Jun 8 13:33 849-9872 michelle Michelle Tisi *qZ 5:30 Jun 8 11:34 ming Tje Ming *qj 9 Jun 8 15:28 ming Tje Ming *qO 2:17 Jun 8 13:50 mlee Michael Lee *pD Jun 8 16:49 mlee Michael Lee *qC Jun 8 15:52 nancy Nancy Cheng *pf 1:18 Jun 8 14:17 nancy Nancy Cheng *qV 1:53 Jun 8 13:52 payam Payam Mirrashidi po 19:13 Jun 7 20:54 199MD Cory 642-1297 psb partha s. banerjee *py 2:25 Jun 8 14:32 IBM Almade 510-649-7505 psb partha s. banerjee *pz 2:38 Jun 8 14:32 IBM Almade 510-649-7505 ralbers Rick Albers *pV Jun 8 17:06 rmgee Randall Gee *pn Jun 8 14:28 robert Roberto Boyd *pA Jun 8 16:47 rsr Roy S Rapoport *pY Jun 8 17:09 510-540-5535 seidl Matthew L. Seidl qk 1 Jun 8 10:31 238E x2-7453 seidl Matthew L. Seidl *qB Jun 8 08:32 238E x2-7453 sfd Scott Drellishak pl Jun 8 16:40 Kerr 3-202 tom Tom Holub *pH Jun 8 16:53 tom Tom Holub pI Jun 8 16:53 welch Sean N. Welch *p0 Jun 8 09:04 MTV21-122 415-336-4289 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ""L. Detweiler"" Date: Tue, 8 Jun 93 20:37:37 PDT To: James M Galvin Subject: Re: TIS/PEM FAQ as of 8 June 1993 In-Reply-To: <9306090036.AA02947@toad.com> Message-ID: <9306090337.AA02019@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain > TIS/PEM FAQ do you have any plans to get this on news.answers? It would be great there. Also, You should consider sci.crypt. I can help you with either if you need it. tx. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peter honeyman Date: Tue, 8 Jun 93 18:43:14 PDT To: cypherpunks@toad.com Subject: Re: News Bytes June 8, 1933 Message-ID: <9306090143.AA05481@toad.com> MIME-Version: 1.0 Content-Type: text/plain some interesting stuff here -- a little whistle-blowing here, a little clipper punching there ... peter ------- Forwarded Message Date: Tue, 8 Jun 93 13:02:07 -0400 From: rweingar@cs.UMD.EDU (Rick Weingarten) Message-Id: <9306081702.AA18515@tove.cs.UMD.EDU> To: adrion@cs.umass.edu, basili@cs.umd.edu, corbato@xx.lcs.mit.edu, patterson@ginger.berkeley.edu, pfreeman@gatech.edu, mrg@research.att.com, cwg@research.nj.nec.com, ashok@almaden.ibm.com, weiser.parc@xerox.com, wulf@virginia.edu, wise@seafox.cs.indiana.edu, tony@ide.com, forsythe@cs.UMD.EDU, jh@cs.cornell.edu, greg@cs.arizona.edu, johnsson@think.com, klawe@cs.ubc.ca, kung@harvard.edu, mji@guardian.cs.psu.edu, lazowska@cs.washington.edu, leveson@ics.uci.edu, steve.muchnick@eng.sun.com, jrr@cs.purdue.edu, ritchie@hplabs.hp.com, jes@cs.brown.edu, denning@cs.georgetown.edu, jwerth@cs.utexas.edu, phayes@herodotus.cs.uiuc.edu, policy@cs.UMD.EDU Subject: News Bytes June 8, 1933 Computing Research News Bytes by Juan Antonio Osuna with Rick Weingarten 6/8/93 GAO Criticizes ARPA on Architecture Research The General Accounting Office released a report in May (GAO/IMTEC- 93-24), criticizing the DoD's Advanced Research Projects Agency for its handling of the High Performance Computers and Communications program. Some researchers have criticized ARPA for procuring only Intel and Thinking Machines supercomputers for use by ARPA projects, while ignoring machines manufactured by other companies.. GAO cleared ARPA of the harsher accusations of serious misconduct, but upheld this general criticism, saying that such a narrow focus has inhibited R&D by other supercomputer manufacturers. The report suggested that ARPA should seek advice from a broader range of researchers who do not directly participate in ARPA projects. Finally, GAO said ARPA needs to give more emphasis to software development, which in the past has been given lower priority than hardware. ARPA claims it has already fixed many of these problems.. GAO is now planning a follow-on study looking more broadly at program management and support for high performance architecture research in all agencies.. House Appropriations Subcom Gives NSF an 11% Increase [elided] "Clipper Chip" Proposal Draws Public Criticism The Clinton Administration's recent proposal to implement the Clipper chip as a government encryption standard is receiving a cold welcome from some in the computer community. During a three-day meeting before the Computer System Security and Privacy Advisory Board of the National Institute of Standards and Technology, dozens of people from academia, industry, and civil liberties groups expressed disapproval for the way the White House is trying to implement its cryptographic policies. Complaints were directed in three directions---to the technology, to the process of selecting the standard, and to the civil liberties implications for Federal wiretapping. The Administration initiated a public review after, rather than before, declaring Clipper as a government standard and ordering thousands of Clipper devices for government use. In light of the negative reaction, the advisory board passed a resolution to extend public review and voted to hold another board meeting in late July. The board also decided to send a letter to the White House to relay public concerns and to suggest tactfully that the president reconsider the Clipper scheme. Amendments to HPCC Act Move Forward [elided] ------- End of Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ""L. Detweiler"" Date: Tue, 8 Jun 93 21:24:17 PDT To: cypherpunks@toad.com Subject: Re: a "great" NSA revelation In-Reply-To: <9306081515.AA05070@soda.berkeley.edu> Message-ID: <9306090424.AA02488@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain [E.H. & L.D.] >>>"We tried to come up with a technique that would not require >>legislation," said Clint Brooks, advisor to the director of the >>National Security Agency, > >>Another ominous, foreboding quote. > >I think this neither ominous nor foreboding. This statement was >apparent within a week or so of the original announcement. I've analyzed this elsewhere. You are taking this at face value. First of all, the person (apparently a very high-ranking advisor, probably the highest and closest to the project to appear in the media) is already talking in the past tense. If they were confident and not rattled it would be `we've come up with a technique that doesn't require legislation'. So far so good. But at this late date, and the quote is presumably fresh, it has that vague hint that they are now *considering* the legislative approach given the `nice guy' approach failed. Cypherpunks, beware! I think it could really happen. *No one* in the government has ruled out domestic cryptographic regulation. We have nothing but the spineless whimperings of Kammer saying `I can't see what it would accomplish'. Everybody has this strange mindset that such a thing is conceivable. WHAT? As I was telling someone on the list, that would be like waking up *into* a nightmare. Here's the likely scenario: they come up with a way of `certifying' or `licensing' cryptographic equipment with penalties that have some teeth (like ability to confiscate on `suspicion'!) and intimidate cryptographic developers. Why? Well, to protect the public from inferior cryptography, of course. We have to make sure there's no problems with the hardware, isn't that obvious? I hope CPSR and EFF have their lawyers revved up, because this is Supreme Court material. Legislation of cryptography is the most obnoxious, foul-smelling decomposition I've ever considered. Doesn't anyone get it? Clipper represents a startling shift from NSA policy to tinkering with *domestic* cryptography on the *large-scale* by intent, despite, as CPSR points out, no legal foundation whatsoever (and in fact, I'd buy a jackhammer or bulldozer before I see anybody erecting one). A startling shift from a passive to an *active* role in ensuring wiretapping. The seriousness of this kind of infraction only comes around once every few decades. Don't be fooled by the recent suggestions that Clipper will be put on hold! The root of the conflict is still untouched! >This single >quotation will be enormously useful in getting the legislature to take >specific and bill-oriented action about the wiretap chips. In the >checks and balance system, the legislature makes laws; the executive >makes them happen. You seem to favor a legislative approach to protecting cryptography. Well, all I can say is that there are a lot of pitfalls. In my opinion a 200 year old scrap of paper is all the verbiage we need. There is nothing extremely unusual about cryptography from a legal standpoint. Its just another medium of data transmission. >The executive is not supposed to go charging off >and making de facto legislation. >The only >thing new about it is that it confirms what I've thought for over a >month: that the executive branch is trying to do an end run around the >legislature. I'm glad you came to this epiphany on the original, true treachery of the `initiative', but I'm sorry to say I don't share it. If by `executive' you are alluding to Clinton, clearly he had very little to do with it, and as I've said elsewhere on sci.crypt, his support is convenient but not necessary. Even Bush's involvement was surely extremely marginal at best. The *true* problem is that there is a massive entrenchment of inbred bureacrats at a site that has the initials F.M. that is completely insulated from the periodic cleansings of elections, devoid of overhead accountability and the venerable mechanisms for `checks and balances' and `division of power' in our government you cite, and paid tens of billions of dollars a year by *us* to find ways of *evading* protections on privacy and spying on the neighbors (friend and foe alike). They will not go away quietly. Ah, but as everyone knows, neither will I. BTW, could anyone give a reference on the FEAL politics history? It's just like deja vu all over again. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: remail@tamsun.tamu.edu Date: Tue, 8 Jun 93 20:31:04 PDT To: cypherpunks@toad.com Subject: anonymous mail Message-ID: <9306090330.AA15612@tamsun.tamu.edu> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Deadbeat wrote: > This "coincidence" brings a name to mind. > Rhymes with "turn right." > Starts with S. > What could I be thinking? This is by far the best explanation for the whole soda/penet/CERT problems! Undoubtedly the work of good old Mr. "Rear of the boat; illumination" Dr. Manhattan -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLBVYzN1uahe7Mr5vAQHLlgQArcKYK9yvgXOhRdtt03z1tz3wpaUi/RAE oL1fjvLWJ7PHyK1BObnEhFjfv/JO4DwPqd1EevVDzyV3G/AydKf6GtuNVofDmu4T JlDLx5DFTZQ24xgljaubJ4yOOXgbsNMvziHq5dmwx2boqyXjufq8lXhKgnDQQBEl xH7ooyA7Aaw= =/16r -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Tue, 8 Jun 93 21:46:47 PDT To: cypherpunks@toad.com Subject: Re: ALERT / My email address is... (fwd) Message-ID: <9306090446.AA22053@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain > On Mon, 7 Jun 1993 22:18:16 -0600 (MDT), "J. Michael Diehl" wrote: > > > > We could set up aliases and distribute a common secret key for the list.... > > How are you going to do this securely? > Just a thought, We're not. I was very tired and was using my other, much smaller, brain to think with. ;^) I was (thinking?) of distributing a common secret key to people who we know are not spooks, and who would be interested in the cypherpunk's cause. This and anonymous remailers would ensure that anyone could say anything with total anonymity, since we would all share secret keys. The problem is, of course, that many people who would otherwise be interested, could not participate in our new clique. ;^( SO, DISREGUARD MY COMMENTS! Plz! +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Tue, 8 Jun 93 22:17:57 PDT To: gnu@toad.com (John Gilmore) Subject: Re: McCarthy lives! In-Reply-To: <9306090050.AA03345@toad.com> Message-ID: <9306090517.AA22707@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain According to John Gilmore: > Tim, I'll be glad to teach you how to file a Privacy Act request. > It's pretty simple, and it works on all Federal agencies. You get all > records they are keeping on you, with some limited exceptions -- and > for almost all of those, you get notified of the withholding. If you > can identify one or a small number of agencies that might be keeping > this "list", we can see if you are on it. And if we find the list, we > can probably get the whole thing under the Freedom of Information Act. I would think a quick tutorial on this would be of general interest. Could you find some time....? Thanx in advance. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Tue, 8 Jun 93 22:24:04 PDT To: shipley@tfs.COM (Peter Shipley) Subject: Re: ALERT / My email address is... In-Reply-To: <9306090240.AA08014@edev0.TFS> Message-ID: <9306090523.AA22828@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain According to Peter Shipley: > >:) I suggest that we try to create an encrypted cypherpunks list? Comments? > >Sounds good to me. > the only use that whould bring is to get us to get more serious about > key extange and to develop easier software for reading/scaning encrypted > messages. On the other hand it would no benefit us in the way of that Yes, this is a much needed improvement in this group. > it would not us to get our messages and views to the world. (Last I > checked this was not a exclusive email list). I completely agree. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Tue, 8 Jun 93 20:40:13 PDT To: cypherpunks@toad.com Subject: InfoWorld Message-ID: MIME-Version: 1.0 Content-Type: text/plain INFOWorld June 7, 1993 Volume 15, Issue 23 pages 1, 103 IS managers assail data encryption rule 'Clipper chip would allow snooping by Scott Mace And Shawn Willett GAITHERSBURG, Md. -- IS managers and computer vendors last week blasted the Clinton administration's plans to mandate use of the "Clipper" data encryption chip. During hearings hosted by the U.S. Commerce Department here last week and in interviews, many IS managers and vendors said they fear the encryption standard could make their operations vulnerable not only to snooping by the government, but by criminals as well. IS managers and consultants from Bankers Trust Co. of New York and Deloitte &Touche voiced these concerns at the hearing and chided the government for shrouding the process in secrecy. "The secret process up until now has been destructive to public trust," said William Murray, IS consultant at Deloitte & Touche, in Wilton, Conn. "It is only a matter of time before hackers figure out a back door to de-crypt it," said Sheldon Laube, national director of information and technology at Price Waterhouse, in Menlo Park, Calif. Laube echoed the concerns of other corporate data managers. "If the government can de-encrypt it, we have to assume competitors can as well," said Bob Holmes, computer technology research analyst at Southern California Gas, in Los Angeles. The chip, which would be installed in data communications devices, including computers, modems, fax machines, and phones, encrypts data so outsiders cannot listen in or steal sensitive data. But government agencies, such as the FBI, could ask for a court order to obtain the "keys" to decode the data. No one would be forced to implement the chip, but the administration proposal could mandate government agencies to buy it, effectively forcing its widespread adoption. The Clipper chip, jointly developed by the National Security Agency and the national Institute of Standards and Technology (NIST) was also assailed by computer vendors. Oliver Smoot, vice president of the Computer and Business Equipment Manufacturers Association (CBEMA), testified that its members would have to develop separate product lines for the United States and overseas because a few foreign governments would want to give the U.S. government the capability to decode their data transmissions. This, along with the inclusion of the chip in every computer, would mean higher prices, Smoot said. CBEMA members include Apple Computer Inc., Compaq Computer Corp., IBM, and Hewlett-Packard Co. The plan has also been hotly contested by computer industry civil libertarians, such as the Electronic Frontier Foundation, which urged that the Constitution's prohibition of illegal search and seizure be applied. NIST and other government agencies countered that the chip is very resistant to tampering. It uses a key escrow system, where two or more government agencies will hold parts of a decryption key, for use by law enforcement with a valid court order. The FBI expects organized crime and terrorists to begin encoding information. Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp@sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: RYAN Alan Porter Date: Tue, 8 Jun 93 21:18:45 PDT To: cypherpunks@toad.com Subject: CryptoStacker Update Message-ID: MIME-Version: 1.0 Content-Type: text/plain This is an update on the CryptoStacker undertaking for those interested. I am still at the research/initial_design stage, so any further suggestions would be welcome. I am working on several other projects right now so actual coding will likely not begin in earnest for at least a week or two, I also do not wish to rush things any more than I need to... The CryptoStacker engine will probably consist of a block driver style device driver running under MSDOS which will intercept blocks of data going to the disk and encrypt them, and intercept blocks of data coming from the dish and decrypt them. The system should be completely seamless and hopefully will remain at one abstraction level. The intercepted functions will be the read/write functions of interrupt 13h. The initial version will be a simple driver with no sector remapping and will have to be installed on an already existing partition seperate from the boot partition. Hopefully in the future it will be possible to create a false disk by remapping sectors and extracting all drive data from a single file stored on the physical drive, a la Stacker's one huge file. This would allow for installation without the backup and reformatting of the hard drive. The keys will initially be stored on floppy disks and password protected. For simplicity, I will use one single key for the whole disk during development, but I hope to be able to provide at least one key per track in the initial version. I intend to make the key hooks as modular as possible and as open as possible in order that the possibility of PCMIA cards holding keys, barcode keys, datacard keys, etc, will be possible in the future. The encryption engine will be completely in software for the widest possible spread. This is the single only design consideration that I am absolutely set upon, and even then I will be glad to implement any advice on how to make the code as open as possible for future hardware assistance. I would like to see it expand into hardware in the future as encryption hardware hopefully becomes easier to find. The actual encryption algorithm is a more difficult case to comment on. I have done a lot of research on DES, since most of the advice that I have recieved has pointed in that direction, but I can see that it will be extremely slow and unwieldy in software. I would like to use an algorithm which would be a little more optimized for software but alas, I am more than a little afraid of the wrath of the cypherexperts who will shun any non-DES product. I am looking into the IDEA engine now, and I like the fact that it also has the capability to take in 8bytes and put out 8bytes, but that is about all that I know about it. Things that make DES attractive to me: 1) Takes 8 bytes, puts out 8 bytes. 2) Nonlinear. 3) It is its own inverse. 4) I understand it (a factor not to be underestimated) Things that make it unnattractive: 1) It is slow as hell, especially with triple iterations. If anyone knows of some algorithms that have been widely examined which meet at least a few of the 'pro' arguments and doesn't meet the 'con' argument, please let me know... There has been some consideration on the possibility of having the key time out after a preset interval. I like the idea as an option to the user who really wants it, but I have a lot of reservations about how to make a system time out gracefully when this happens. I have some ideas for how to do this with a multitasking OS, but they just seem like hacks to me, I am looking for elegant solutions. There has also been some contemplation as to how to shield a key from being read from a PC's memory. It has been suggested that I just inform the user of the security hole and not worry about it. This seems lazy and counterproductive to me, and I would like to at least make some effort to hide the key. Any good virus writers out there? Most of my techniques involve hiding code on mass storage, but I'm sure there are some tricks to memory someone might suggest. Well, that seems about it. I hope that this has been more coherent than the flurry of replies that marked the beginning of this, and less offensive... -Ryan the Bit Wallah From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Tue, 8 Jun 93 23:53:47 PDT To: cypherpunks@toad.com Subject: My Poll.... Message-ID: <9306090653.AA23961@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain Well, I finally got to look at the responses to my poll. FYI, I got 33 replies. This is a small number considering there are (I think) 400+ people on this list. I didn't take the time to actually tally the results for each question. I'm inherently lazy... ;^) I can make some comments about what we use, tho. Note that the lists are in no particular order. Since this was certainly not a scientific poll, I opted to not include any statistics, sorry. I was kinda hoping to have a more homogeneous environment than what we have. Kinda naive, huh? Well, this is what I have to say after reading each of your replies. I would like to thank everyone who participated in my informal poll. I hope the results are usefull to any software-developer-cypherpunks out there. The systems that we use tended to be (IMHO) hi-end PC's, 386's and better. Macs were a close second, with various *nix's forming a large block. This isn't any suprise. The actuall list: PC, NCube, Sun, Mac, IBM RT, IBM RS/6000, DEC/MIPS, VAX, NeXT, HP 7xx, Cray, SGI Indigo, Amiga. As for OS's, MSDOS was, again, the clear winner. It would seem that many people are going from dos, to one of the various (free) unix's for the PC. I didn't know it was so widespread. The list: MSDOS, BSDI BSD/386, SunOS, A/UX, 4.3BSD, UNICOS, Ultrix, Linux, MacOS, HP/UX, NeXTStep, Solaris, AIX, System, IRIX, AmigaDos, vm, DESQview. There are more Cypherpunks who refuse to use online services than use them. Of those who do use online systems, and I counted bbs's and internet as an online system, these are the systems we use: The WELL, MCI, Prodigy, Compuserve, GEnie, AOL, BBSs, netcom, Internet, Fido. I didn't know there were so many mail readers..... SLMR, MH, pine, elm, emacs, Cyberdesk, Mush, NeXTMail, NUpop, GRn, QWK, Eudora, dxmail, LOCALLY DEVELOPED I was shocked to find that people still use pgp v2.1. Why? Also, unix pgp made a strong showing, considering it probably isn't very secure in that environment. The only versions mentioned are: 2.2, 2.1, MacPGP 2.1, unix. I know of other versions, tho. This poll was motivated by all of the talk about writing a secure comm program. Judging from how many different programs in use now, it will be hard to write a program which will please everybody. I also wonder if any of the telix users find telix to be very much like procomm; I did. Of the telix users, would you be interested in helping me test my mail scripts, and perhapse writing extensions for other mail readers, if needed? Hope to hear from you. Anyway, here is the list of the comm programs which we use: MacSamson, JComm, Term, QuickLink II, PPP/SLIP, Seyon, UUPC, Telix, Z-Term, procomm, Kermit, vlt, White Knight, Eudora, QModemPro, Procomm Plus, Telemate, tapcis. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: stig@netcom.com (Stig) Date: Wed, 9 Jun 93 01:43:09 PDT To: Marc Horowitz Subject: Re: CERT: the letter from CERT to berkeley.edu admin In-Reply-To: <9306082054.AA14005@dun-dun-noodles.aktis.com> Message-ID: <9306090843.AA10157@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain To quote: Marc Horowitz > "Do not attribute to malice that which can be adequately explained by > stupidity." Without support, I think CERT is merely being stupid. > Someone else (maybe even a government employee) is being malicious. I > do think cert is harming their effectiveness by doing this. My guess > is that they never stopped to think that someone might use them in > this way to shut down an "unpopular" ftp site. > Sounds like this thread is getting too soft on CERT: For soda, the mail went to someone@soda.... For Julf's machine, it went to his NETWORK PROVIDER. (This is not a courteous move, nor was it intended to be.) Stig /* Jonathan Stigelman, Stig@netcom.com, PGP public key by finger */ /* fingerprint = 32 DF B9 19 AE 28 D1 7A A3 9D 0B 1A 33 13 4D 7F */ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: crunch@netcom.com (John Draper) Date: Wed, 9 Jun 93 01:57:46 PDT To: cypherpunks@toad.com Subject: Encrypting Cypherpunks mailing list postings Message-ID: <9306090858.AA08791@netcom4.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Mikes response to the ideas of encrypting the Cypherpunks mailing list... >We're not. I was very tired and was using my other, much smaller, brain to >think with. ;^) I was (thinking?) of distributing a common secret key to people >who we know are not spooks, and who would be interested in the cypherpunk's >cause. I think it MAY be possible to write a perl program that would take the incoming mail encrypted with a single common public key for Cypherpunk mailing list mail, than would decrypt it internally, then for each person in the mailing list, using their public keys, encrypt each message for the individual recipients, and mail them out. Naturally this would be SLOWER THAN MOLASSIS!! But it would be worth a try to see how it works. Lets talk about it at the upcoming Cypherpunks meeting. The ravers can really use something like this to keep the Full Moon Raves location a secret and known ONLY to those dedicated ravers that want to attend. As far as the Cypherpunks mailing list goes, it may not be appropriate to encrypt to the group ALL the time, but SOME messages might be worthy of encryption. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Darren Reed Date: Tue, 8 Jun 93 09:47:28 PDT To: julf@penet.fi (Johan Helsingius) Subject: Re: CERT In-Reply-To: <9306081800.aa08835@penet.penet.FI> Message-ID: <9306081647.AA19872@toad.com> MIME-Version: 1.0 Content-Type: text/plain > > > > i am disappointed to hear these stories about cert, but encourage others > > with tales to tell to step forward. this is a real eye-opener. > > I just had to deal with a minor crisis caused by CERT. They contacted the > domain-admin for the *.fi domain, saying they had been informed that the > anonymous ftp archive at anon.penet.fi was being used to distribute > illegal copies of software. They did *not* contact me directly, nor my > service provider. [...] > Fortunately I could tell them that anon.penet.fi didn't even run ftp at > all, easily verifiable by trying to ftp from anon.penet.fi. They did > apologize profusely, but somehow that doesn't quite... Disturbing pattern that CERT contact people about hosts which perform actions contrary to the wishes of some MIBS. Or is that just paranoia ? I doubt the NSA/FBI/any_other_government_agencies would be crying if either anon.penet.fi or soda were taken off the net... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Tue, 8 Jun 93 19:50:37 PDT To: smb@research.att.com Subject: Re: CERT In-Reply-To: <9306090049.AA03320@toad.com> Message-ID: <9306090458.aa20630@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > As I said before, they might not know who was involved. Even if they > did, and even if the account wasn't compromised, it's the SA's > responsibility to investigate. What if a local user is doing un- > authorized things? Take this particular case -- they could easily end > up being sued for contributing to copyright infringement. They might > win -- but defending against a lawsuit is expensive. Yes. Agree. And I would have had no problem had they contacted the SA at my site (me) or even my connectivity service provider (EUnet), but they didn't. They contacted the domain admin for Finland. A high-level "political" authority on a national level! Without consulting anyone involved... Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Wed, 9 Jun 93 06:57:57 PDT To: cypherpunks@toad.com Subject: a "great" NSA revelation In-Reply-To: <9306090424.AA02488@longs.lance.colostate.edu> Message-ID: <9306091354.AA00091@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >>This single >>quotation will be enormously useful in getting the legislature to take >>specific and bill-oriented action about the wiretap chips. >You seem to favor a legislative approach to protecting cryptography. >[...] In my opinion a 200 year old scrap of paper is all the >verbiage we need. Protecting cryptography must be fought on all fronts. If we disregard the legislature, we will lose. Period. The Constitution is the highest law of the land. As you may recall, it was ratified by state legislatures. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Wed, 9 Jun 93 07:31:36 PDT To: cypherpunks@toad.com Subject: CERT: the letter from CERT to berkeley.edu admin In-Reply-To: <9306090843.AA10157@netcom.netcom.com> Message-ID: <9306091428.AA00931@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >For soda, the mail went to someone@soda.... The first CERT letter was sent to a contact for the berkeley.edu domain, not to soda. This original recipient then forwarded the mail to root@soda, which is aliased to a number of people. The root who turned off the directory is not the same one who finally forwarded me the CERT letter. In short, they went over Julf's head, and they went over mine. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Ross E. Jones" Date: Wed, 9 Jun 93 07:00:54 PDT To: smb@research.att.com Subject: Re: CERT: the letter from CERT to berkeley.edu admin Message-ID: <28802.rjones@abq.bdm.com> MIME-Version: 1.0 Content-Type: text/plain In message Tue, 08 Jun 93 14:13:05 EDT, smb@research.att.com writes: > >Based on what you sent out, I confess that I see nothing wrong with >CERT's note. I agree that the rights of people who develop copyrighted software must be respected. This is fundamental to working in software development. My problem with the letter is that CERT did not verify the accusation before it was sent. Friend-to-friend this could be considered a "heads-up", but from a semi-official source such as CERT, this message takes on more of the characteristics of not-so-subtile arm twisting. It resulted in soda being closed down for a while to the detriment of all the users. Ross E Jones BDM, Federal rjones@abq.bdm.com Phone: (505) 848-5733 Fax: (505) 848-4047 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Wed, 9 Jun 93 08:04:45 PDT To: cypherpunks@toad.com Subject: CERT: the letter from CERT to berkeley.edu admin In-Reply-To: <28802.rjones@abq.bdm.com> Message-ID: <9306091501.AA01867@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >It resulted in soda being >closed down for a while to the detriment of all the users. Before the rumor flies to far, soda was not closed down. One directory on the cypherpunks site was locked for less than a week. Had it not been for the intervention of a good friend who is also root on soda to do local politics, that directory might still be locked. The consequences could have been worse. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Clark Reynard Date: Wed, 9 Jun 93 05:42:19 PDT To: cypherpunks@toad.com Subject: Re: CERT Message-ID: <9306091318.AA00472@metal.psu.edu> MIME-Version: 1.0 Content-Type: text/plain Marc Horowitz writes: >>> From: Clark Reynard >> Excepting the Morris Worm, can you name a SINGLE Computer Emergency >> which CERT has halted? It is simply an organization to keep the >> crypto-fascists wired into the net. >My experience with them in the past has been as a clearinghouse for >users to report security-related bugs to vendors, and for vendors to >provide fixed back to users. They've done an admirable job at this; >the major complaint is that they are too slow. They also help >distribute tools like COPS to validate unix workstation security. Granted. However, as you say, they are terribly slow and inefficient even at this. While I read CERT adisories and clippings, it is rare that I discover anything which could be called 'news.' >They are a proactive organization, not a reactive organization, so >it's meaningless to ask what "Computer Emergencies" CERT has "halted". Perhaps, then, their name is inappropriate. The term "Computer" seems to imply they are involved with computers. This is true. However, "Emergency," when modified by "Computer," seems to indicate that they are involved in some way with "Computer Emergencies," whatever this means. When combined with "Response," the previous terms seem to imply that they are intended to "Respond" to "Computer Emergencies," which, as you say, they don't do. They ought to change their name, or find some computer emergencies to which to respond. >I think that calling them "crypto-fascists" is at best an unsupported >smear, and at worst slanderous. A quibble: I believe you mean 'libellous.' They are crypto-fascists; that is to say, they are 'hidden' fascists. (However, I'll grant that calling them fascists is probably not productive, however amusing it may be.) [Peter Honeyman's comments deleted.] >I agree with Peter. If CERT is beginning to overstep its bounds. >perhaps someone should make a calm, rational complaint. I shall do so. Don't worry, I won't call them crypto-fascists. I shall forward it when I send it. ---- Robert W. F. Clark Stop the Clipper Chip rclark@nyx.cs.du.edu Proposal! clark@metal.psu.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: poier@sfu.ca (Skye Merlin Poier) Date: Wed, 9 Jun 93 09:24:49 PDT To: cypherpunks@toad.com Subject: Re: InfoWorld In-Reply-To: Message-ID: <9306091624.AA16331@malibu.sfu.ca> MIME-Version: 1.0 Content-Type: text/plain The FBI expects organized crime and terrorists to begin encoding information. Begin? Huh? Give me a break.... -- -----====> Skye Merlin Poier <====----- Undergrad in CMPT/MATH (Virtual Reality) |||| |||| email: poier@sfu.ca p-OO <--> OO-q THINK PGP Public Key available on finger \== ==/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Honeyman Date: Wed, 9 Jun 93 07:23:07 PDT To: cypherpunks@toad.com Subject: Re: CERT: the letter from CERT to berkeley.edu admin Message-ID: <9306091423.AA01017@toad.com> MIME-Version: 1.0 Content-Type: text/plain > It resulted in soda being > closed down for a while to the detriment of all the users. very similar circumstances resulted in penet shutting down for a lengthy period; penet is still operating under severe restrictions. the cert letter could have produced the same result. interestingly, i believe the penet letter was sent to the same address as the earlier, infamous "famous net personality" letter. another coincidence? peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dmandl@lehman.com (David Mandl) Date: Wed, 9 Jun 93 07:25:20 PDT To: crunch@netcom.com Subject: Re: Encrypting Cypherpunks mailing list postings Message-ID: <9306091424.AA17881@disvnm2.shearson.com> MIME-Version: 1.0 Content-Type: text/plain From: crunch@netcom.com (John Draper) > Mikes response to the ideas of encrypting the Cypherpunks mailing list... > > >I was (thinking?) of distributing a common secret key to > >people > >who we know are not spooks, and who would be interested in the cypherpunk's > >cause. > > I think it MAY be possible to write a perl program that would take the > incoming mail encrypted with a single common public key for Cypherpunk > mailing list mail, than would decrypt it internally, then for each > person in the mailing list, using their public keys, encrypt each > message for the individual recipients, and mail them out. But this is a PUBLIC LIST. Our readers from the NSA/FBI/CIA will get the messages along with everyone else--encrypted with their keys, of course, so no spies can read them! I just don't think any of this makes sense for a list this large and this open. Anyone can subscribe. For smaller circles of friends who know and trust one another, it would be more useful. BTW, wouldn't this all be easier using the "multiple recipients" feature of PGP anyway? This is exactly the kind of thing it was designed for: Server gets message, server multiply-encrypts to all subscribers, server distributes message the same way it does now. But again, I think this is pointless on a list like this. > The ravers can really use something like this to keep the Full Moon Raves > location a secret and known ONLY to those dedicated ravers that want to > attend. Yup. Agreed. This is exactly the kind of group that should be using PGP in this way. I do think that it would be a good idea to make an active effort to distribute and certify keys. This will also help to promote the use of encryption, which should be one of our main goals. Also: Making a sub-list of people who are "known not to be spooks," on a list like this, is dangerous. Would be nice if we could really do it, but there would almost certainly be agents getting included in the sub-list, as well as exclusions of folks who aren't agents. --Dave. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Wed, 9 Jun 93 10:38:04 PDT To: poier@sfu.ca Subject: Re: InfoWorld Message-ID: <9306091737.AA21998@servo> MIME-Version: 1.0 Content-Type: text/plain Well, to borrow Whit Diffie's great phrase, those of us who regularly conspire to participate in the political process are already encrypting... Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mark Date: Tue, 8 Jun 93 18:02:02 PDT To: cypherpunks@toad.com Subject: Statement of dissatisfaction with your recent efforts (fwd) Message-ID: <9306090101.AA03818@toad.com> MIME-Version: 1.0 Content-Type: text/plain Probably shouldnt have, but they get on my goat. Forwarded message: >From mark Wed Jun 9 10:59:04 1993 >Subject: Statement of dissatisfaction with your recent efforts >To: cert@cert.org >Date: Wed, 9 Jun 1993 10:59:04 +1000 (EST) > >Dear cert et al, > >It has come to my notice recently that your organisation has been >involved in a number of accusations against individuals and organisations >with very little to back such accusations. > >I am referring to, and these are the ones I will mention here, the >soda.berkeley.edu and the anon.penet.fi sites., both of which ARE >legitamate in all respects and are SEEN as such by the net.community. >Your organisations actions, in my personal opinion, consititute a form >of harrassment of the worse kind, and it basically smells. > >Whilst any one with any knowledge of your workings already knows the >low quality of feedback, lack of helpfulness and general arrogance of >your methods, it doesnt do you any good at all to set about on a >crusade of self-serving actions against those sites or entities or >groups of individuals you dont like or you see as furthering ideas >and software that might one day make your life difficult. You will >alienate a larger proportion of the net.community than you otherwise >have. > >I would suggest in future you take the time to VERIFY, through whatever >legal means are at your disposal, the authenticity of your information, >to view yourselves the problems/files and then take whatever action your >charter states as appropriate. Going off gun-ho and sending ominous form >letters to people you see as gullible enough to carry out your desires >really is less than professional. > >I fail to see where you get authority for a large proportion of your >actions, but that is a matter between you and your financiers. Just dont >expect people to take you seriously if the above scenarios are repeated. > >The above is my own personal observations and not those of any other >individual or organisation, although they are free to explicitly echo >them if they so desire. As of yet, none have. > >Mark. >mark@cheops.anu.edu.au From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Brad Huntting Date: Wed, 9 Jun 93 10:55:54 PDT To: gnu@toad.com (John Gilmore) Subject: Re: McCarthy lives! In-Reply-To: <9306090050.AA03345@toad.com> Message-ID: <199306091755.AA05395@misc.glarp.com> MIME-Version: 1.0 Content-Type: text/plain > Tim, I'll be glad to teach you how to file a Privacy Act request. > It's pretty simple, and it works on all Federal agencies. You get > all records they are keeping on you, with some limited exceptions -- > and for almost all of those, you get notified of the withholding. > If you can identify one or a small number of agencies that might > be keeping this "list", we can see if you are on it. And if we > find the list, we can probably get the whole thing under the Freedom > of Information Act. I'd be very interested in hearing more on this... brad From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mmidboe@cs.uah.edu (Matt Midboe) (Computer Science Dept., Univ. of Alabama-Huntsville) Date: Wed, 9 Jun 93 10:31:53 PDT To: ryan@rtfm.mlb.fl.us (RYAN Alan Porter) Subject: CryptoStacker and hiding the key In-Reply-To: Message-ID: <9306091731.AA28880@uahcs2.cs.uah.edu> MIME-Version: 1.0 Content-Type: text -----BEGIN PGP SIGNED MESSAGE----- You could put the key in the unused sectors of the drive. Chkdsk will probably not like that at all, and I imagine some virus scanners. Virus scanners, there is another problem. Some of them would be useless wouldn't they, because I think they go around int 13h (since viruses can stealth around int 13h, right?) so you would need to tell people about that type of problem. But putting the key in the unused sectors still doesn't provide enough protection. What is the problem with just having a regular key file, and when the user boots up the computer it asks them a pass phrase to decrypt the key file? If they fail wipe the key and force the user to restore the key from a backup somewhere. d. saint -----BEGIN PGP SIGNATURE----- Version: 2.2 iQBVAgUBLBYeX1gV4u6tNx5/AQE66AIA1NVezgP2BkfZUpot6LMVEzciBDCfl1Kq d1QbgNpgK3OINAq/IhYimUMotE+oXng59fHJYeWf+/QINxBwPYfx0Q== =i8F7 -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jet@nas.nasa.gov (J. Eric Townsend) Date: Wed, 9 Jun 93 12:58:01 PDT To: fnerd@smds.com (FutureNerd Steve Witham) Subject: Encrypting the list In-Reply-To: <9306091758.AA04012@smds.com> Message-ID: <9306091955.AA09779@boxer.nas.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain FutureNerd Steve Witham writes: > We're all prime suspects for being spies. 'specially those of us with both .gov and .com email addresses, right? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: geoffw@nexsys.net (Geoff White) Date: Wed, 9 Jun 93 13:15:33 PDT To: bbehlen@soda.berkeley.edu Subject: Re: Paranoid? PGP to the rescue!! Message-ID: <9306092002.AA25856@nexsys.nexsys.net> MIME-Version: 1.0 Content-Type: text/plain Rather then encrypting mailing list and stuff like that, the real solution for "sensitive info" is for EVERYBODY especially people who share a lot of sensitive info with each other, to get themselves PGP keys. Learn how to use PGP or some other form of encryption you will be better off for it, trust me, once this happens, then you can choose who YOU would like to send secure info to. So in other words, if I want to send the FMR instructions to Brian I can encrypt the info and send it. I actually wished he had a key while he was away because then I could send him a private message to any account, just in case he couldn't log into soda. PGP is abount sending secure information to friends and others, information that is private and that you don't want others to read. I would consider it rude to post an encrypted message to a public list unless it was an absolute emergency (i.e. the Thought Police are at my door, and they are going to take me away). The desimination of FMR info should be based on a personal system of trust, PGP is some software that helps you keep the integrity of the communications between TRUSTED members, it is NOT a substitute for that trust and if used as such, will quickly disapoint you, with potentially disasterous consequences for some people. (It's better to assume that "They" are listening and choose your words, then to believe that because you have encrypted your infomation it is safe for you to incriminate yourself and others.) With PGP, if the keys are not handled in a proper manner, it is no better than any normal private e-mail list. The only reason that I would advocate encryption of the FMR instructions is FOR PRACTICE i.e. (danger paranoid statements approaching :) in case the day comes when we will really need to send information that we don't want Them to know. The FMR info is not precious, we don't have much to loose except the party getting busted. But if we did encrypt the data and use that as a method of distribution to TRUSTED roots of the FMR phone tree (which could change from time to time, then If the FMRs are mysteriously busted it would mean one or more of the following: 1) One of the TRUSTED is an informant or cop. 2) One or more of the people on the phone tree (only people who meet visually) are informants or cops. 3) one of the above persons told the info to an informant or cop. 4) The cops "get lucky" 5) The promoters leak the info to someone who knows or who is an informant or cop. 6) The cops can "break" the PGP code (a SERIOUS problem for cypherpunks) It is my assumption that 1 -5 are the most likely, and of 1 - 5 3 - 5 are things that we have absolutely NO control over. So PGP will only help us to enforce 1 and 2, I don't know if all the trouble of going through the motions of PGP are worth it except for the FUN and mystique of it all, it might just draw more attention and make the authorities think that there is something more to it than it really is. I don't think this is a good idea. I think if individuals want to use PGP to send secure messages whether it is FMR info or resumes that should be between them. I think we should take this discussion offline (oh oh elitism strikes :) but everone knows what I mean by that, the people who have access to Future FMR info will I'm sure pledge to make sure that the info is distributed in a fair, secure and hopefully timely manner. Those of you who wish to find the Full Moon Rave, look to the skies, keep your ears peeled and make friends, it's not hard. - G ------------------------------------------------------------------------------- NEXUS SYSTEMS/CYBERTRIBE-5 : Voice:(415)965-2384 Fax: (415)327-6416 Editor/Instigator/Catalyst : Geoff White Production Crew : Universal Movement Trinity "They might stop the party, but they can't stop the future" --PGP Public key available upon request-- Paranoia - Your state of mind when you finally realize what's really going on. ------------------------------------------------------------------------------- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fnerd@smds.com (FutureNerd Steve Witham) Date: Wed, 9 Jun 93 11:22:49 PDT To: cypherpunks@toad.com Subject: Encrypting the list Message-ID: <9306091758.AA04012@smds.com> MIME-Version: 1.0 Content-Type: text/plain On encrypting the list, mostly I vote NO. The idea of "known non-spies" is, to say the least, a shakey one. Not the kind of concept you base security on. Also not the kind of psychological attitude and atmosphere that I want to be part of. "Are you one of US?" Stewart Brand says in the latest Whole Earth Review, that as soon as you become one of the people who knows the kinds of things that THEY want to know, then how do other people know that YOU aren't one of THEM? We're all prime suspects for being spies. I'd feel the most secure if everybody kept the content (not necessarily their true names) out in the open. Of course there's the fact that we want to be as inviting and easy-to-connect-to as possible to serious newcomers and potential friends. I count true spies and near-spies among the potential friends. I just don't want this to be, or seem like, a clique. It would be nice, however, to set up crypto I/O connection OPTIONS to the list, as an incentive for lazy people like me to figure out how to get PGP and mail filters set up. -fnerd quote me From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: AOLCHTNN@vax1.tcd.ie Date: Wed, 9 Jun 93 06:20:05 PDT To: cypherpunks@toad.com Subject: Re: Timothy C. May:superhacker Message-ID: <01GZ6EDS7DHK003YG5@vax1.tcd.ie> MIME-Version: 1.0 Content-Type: text/plain Why doesn't Tim and anyone else who suspects that they have reached the much-sought status of "superhacker on gov't files not just write to their local friendly federal government office and ask for a copy of their own records? As far as I know, the US freedom of information act allows anyone access to information about them that has been stored by the government. (I'm not a laywer and not even a US resident so don't quote me on any of this; but then I'm not charging legal fees either.) Of course any interesting information they've got is likely to be classified, but at least you'll find out whether any such information is stored on the files. Of course, requesting your own government file is likely to draw attention to yourself, so it's probably best not to do so unless you're sure that they already know that you know-that-they-know-something. Yours becoming increasingly paranoid by the minute, Antoin O Lachtnain, Trinity College, Dublin (Colaiste na Trinoide, Baile Atha Cliath) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@soda.berkeley.edu Date: Wed, 9 Jun 93 15:35:01 PDT To: cypherpunks@toad.com Subject: Maclean's Article on privacy issues in Canada Message-ID: <9306092231.AA21926@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Without permission from Maclean's magazine (April 26, 1993) [Any errors are from my poor typing. Some emphasis added to replace italics in the original article.] Business (page 20) Preserving individual privacy New technology has made trafficking in personal data a huge industry Until Jan. 18, 1993, checking out licence plates was a $5-million-a-year business for the Ontario ministry of transportation. For a $5 fee, anyone could walk into their regional vehichle licensing bureau, fill in an application form and learn a wide range of details about a vehicle--including the owner's name and home address. According to ministry spokesman Anne McLaughlin, most people conducted searches for legitimate reasons: they wanted to know the history of a used car they were thinking about buying or they needed to track down a witness to an accident. But some searches clearly resulted in gross violations of privacy. In November, an Ottawa woman, who declined to be named, complained that a man found out where she lived by tracking her licence plates and asked to take here out. McLaughlin said that the ministry "was aware of a few of these situations" and, as a result, stopped providing names and addresses to the general public. Now, she said, the ministry will only provide that personal information for specific purposes, including court proceedings and police investigations. The collection, compilation and trafficking in personal data has become a huge industry: some privacy experts say that it is worth as much as $300 million a year in Canada. It has grown, in part, because rapidly evolving technologies, including telecommunications and computers, have simpily made it easy to do. Said Evan Hendricks, editor of "Privacy Times", a Washington-based newsletter that tracks privacy issues worldwide: "The paper trail has become the electronic trail." But as technology has become more pervasive, so has the sense that it is increasingly difficult to ensure that private matters remain private--as Premier Robert Bourassa's aides discovered during the referendum intercept of cellulas calls and the chatty Prince Charles and his lover Camilla Parker-Bowles now know. As a result, organizations ranging from the federal Office of the Privacy Commissioner to the Canadian Standards Association (CSA) and the Quebec government are taking a new look at the issue. At the heart of the matter is a delicate balancing act: the right of the individual to privacy versus the legitimate needs of government or business to gather information. Privacy advocates express concern, however, that it has become much too easy for organizations to gather, store, use and manipulate data about an individual. "The average Canadian's name is being crunched through various computers five to 10 times a day," said Bruce Phillips, the privacy commissioner of Canada and strong advocate of restraint on snooping. A joint study between several federal government departments and four private-sector organizations indicates that many Canadians share Phillips concern. In Privacy Revealed, a survey of 3,000 Canadians released late last month, 60 per cent daid that they have less personal privacy than they did a decade ago. Nevertheless, the trend towards collecting even greater amounts of data is bound to continue. The advertising and marketing industries are increasingly using consumer-profile data. Part of the reason is that companies need better information on targeting the fickle markets for consumer goods. At the same time, there is an increasing fragmentation in television. In the age of the TV zapper and the proliferation of cable TV channels, advertisers can no longer be certain that they are reaching their target audience. As a result, they are turning more often to other alternatives, including data-based direct-mail campaigns. To reduce the cost of mailings, direct marketers attempt to reach customers who have indicated an interest in a given area. S.I.R. Mail Order, for one, a Winnepeg-based firm specializing in hunting, fishing and camping equipment, rents its customer lists to others who want to attract rural subscribers. In December, Quebec became the first jurisdiction in North America to attemp to regulate personal information in the hands of the private sector when Communications Minister Lawrence Cannon introduced Bill 68. Although the federal government and most provinces have privacy acts, they apply only to information in government records. Still, many consumer advocates say that Quebec's proposed legislation, which should be in force by the end of June, does not go nearly far enough in protecting individual rights. On the other hand, some executives say that the bill places so many restrictions on how companies may share information with third parties that the bill will add greatly to the cost of gathering data. Said Jean-Claude Chartrand, chairman and chief executive officer of Montreal-based Equifax Canada Inc., the nation's largest credit bureau: "That will add to the cost of credit, which in the final analysis will cost the consumer." Several industry organizations in Canada have attempted on their own to deal with privacy concerns. The Canadian Bankers Association adopted a voluntary privacy code in 1990 that spells out how banks should collect, store and use customer information. Since 1990, Canada's six major chartered banks have inmplemented the code or devised their own. Still, the Royal Bank of Canada sparked controversy last month when it revealed that it sometimes included client-card numbers along with names, ages and addresses among the information sent to market-research firms that were testing demand for new products. Although a Royal Bank spokesman insisted that the practice was not an invasion of privacy, the bank has since stopped releasing client-card numbers for research purposes. Another industry group that has passed its own privacy code is the Toronto-based Canadian Direct Marketing Association. Effective next January, members must obtain a customer's permission before they sell or trade any information about that customer to a third party. Association members must provide customers with an easy mechanism, such as a box to check off on an order form, that allows them to remove their names from marketing lists before those lists are transferred to other marketers. Said association president John Gustavson: "This way, our customers can receive information on the things they want and avoid the stuff they don't want." On another front, the CSA, a Toronto-based nonprofit organization that has traditionally restricted itself to the safety testing and certifing of electrical appliances and other consumer products, is also turning its attention to privacy issues. In December, 1992, the CSA established a committe that will try to establish a standard to recommend to companies across Canada. David McKendry, head of the consumer affairs consulting practice with Price Waterhouse in Ottawa, is chairman of the committe, which also includes members from government, the private sector and consumer groups. He said that privacy is a logical issue for the CSA to tackle. "Safety is changing in the marketplace", McKendry said. "Privacy *is* a safety issue in the information age." Many privacy advocates say that they welcome attempts by various sectors to come to terms with privacy issues. At the same time, however, they note that Canadians still need more legal protection. "I'm all in favor of self-regulation," said David Flaherty, a Canadian professor of law and history, currently on sabbatical, at the Woodrow Wilson International Centre for Scholars in Washington. "But it doesn't have the force of law." Flaherty said that many Canadians are surprised to learn that they do not have a constitutional right to privacy. "The word 'privacy' is not in the Charter of Rights and Freedoms," he said. For his part, Privacy Commissioner Phillips, a former newspaper and television reporter, said that he agrees with Flaherty that privacy should be included in the Charter. "It would be a benchmark for the entire country," he said. Many experts, however, maintain that Canadians have adequate protection. Simon Chester, a lawyer with the Toronto firm McMillan Binch, said that there are better ways to protect individual's privacy than spelling it out in the Charter. The charter, which applies only to government and not the private sector, is too blunt an instrument, Chester said. "It is much more important to have specific specific legislation," he added. Equifax's Chartrand said that, as a result, his credit bureau operates its systems to meet the toughest standards in the country, which, he says, are usually Ontario's laws. That means, Chartrand said, that consumers across Canada enjoy the same level of protection, even if they are in the two provinces that have no consumer credit laws. Clearly, however, Canadians will continue to be concerned about whether technology has moved ahead faster than the law's ability to protect their privacy. Barbara Wickens From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Shipley Date: Wed, 9 Jun 93 17:21:42 PDT To: cypherpunks@toad.com Subject: Re: Encrypting the list In-Reply-To: <9306092357.AA00323@triton.unm.edu> Message-ID: <9306100018.AA10070@edev0.TFS> MIME-Version: 1.0 Content-Type: text/plain >> It would be nice, however, to set up crypto I/O connection >> OPTIONS to the list, as an incentive for lazy people like me to >> figure out how to get PGP and mail filters set up. > I also think it would be a good idea (and exercise) to have a cypto option to the list (where all my incoming email is PGP'ed ether with my key or a cypherpunk key. Again I state that this is more of an exercise for us then anything else. -Pete From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Wed, 9 Jun 93 16:57:33 PDT To: fnerd@smds.com (FutureNerd Steve Witham) Subject: Re: Encrypting the list In-Reply-To: <9306091758.AA04012@smds.com> Message-ID: <9306092357.AA00323@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain According to FutureNerd Steve Witham: > On encrypting the list, mostly I vote NO. Well, I suggested it, so I guess I'll unsuggest it. This is a bad idea. I was tired when I perposed it. Lets leave this alone now, ok? ...other stuff deleted. > It would be nice, however, to set up crypto I/O connection > OPTIONS to the list, as an incentive for lazy people like me to > figure out how to get PGP and mail filters set up. Yes! +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: hkhenson@cup.portal.com Date: Wed, 9 Jun 93 22:49:26 PDT To: cypherpunks@toad.com Subject: Re: CERT reply regarding their emails Message-ID: <9306092138.1.26702@cup.portal.com> MIME-Version: 1.0 Content-Type: text/plain Interesting response from CERT! I suspect that they will be more careful in sending out form letters to places where there could be edgy people. Keith From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@alumni.cco.caltech.edu Date: Wed, 9 Jun 93 22:58:25 PDT To: cypherpunks@toad.com Subject: My poll.... Message-ID: <9306100557.AA01443@alumni.cco.caltech.edu> MIME-Version: 1.0 Content-Type: text/plain Uu> I was shocked to find that people still use pgp v2.1. I don't know where you've been, but version 2.2 has a notorious bug that locks up the box under numerous situations. In my experience, version 2.2 locks up 8088-based computers. Version 2.1 does not. There is an unauthorized bug fix version, 2.21. I use 2.2 as it runs well on my system. ********************************************************************* * - PGP Key D30909 via servers * * > What country can preserve its liberties if its rulers are not <* * > warned from time to time that their people preserve the spirit <* * > of resistance? Let them take arms!" - Thomas Jefferson, 1787 <* ********************************************************************* ... Protect your right to privacy --- Say no to Clipper/Capstone! ___ Blue Wave/QWK v2.12 -- M. Stirner - via FidoNet node 1:125/1 UUCP: ...!uunet!kumr!shelter!28!M..Stirner INTERNET: M..Stirner@f28.n125.z1.FIDONET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@alumni.cco.caltech.edu Date: Thu, 10 Jun 93 00:05:02 PDT To: cypherpunks@toad.com Subject: My poll.... Message-ID: <9306100703.AA02027@alumni.cco.caltech.edu> MIME-Version: 1.0 Content-Type: text/plain Uu> I was shocked to find that people still use pgp v2.1. I don't know where you've been, but version 2.2 has a notorious bug that locks up the box under numerous situations. In my experience, version 2.2 locks up 8088-based computers. Version 2.1 does not. There is an unauthorized bug fix version, 2.21. I use 2.2 as it runs well on my system. ********************************************************************* * - PGP Key D30909 via servers * * > What country can preserve its liberties if its rulers are not <* * > warned from time to time that their people preserve the spirit <* * > of resistance? Let them take arms!" - Thomas Jefferson, 1787 <* ********************************************************************* ___ Blue Wave/QWK v2.12 -- M. Stirner - via FidoNet node 1:125/1 UUCP: ...!uunet!kumr!shelter!28!M..Stirner INTERNET: M..Stirner@f28.n125.z1.FIDONET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Thu, 10 Jun 93 01:01:11 PDT To: nobody@alumni.cco.caltech.edu Subject: Re: My poll.... In-Reply-To: <9306100557.AA01443@alumni.cco.caltech.edu> Message-ID: <9306100801.AA11287@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain According to nobody@alumni.cco.caltech.edu: > > Uu> I was shocked to find that people still use pgp v2.1. > > I don't know where you've been, but version 2.2 has a notorious bug > that locks up the box under numerous situations. In my experience, Been reading this list for some time now; never heard of this bug. Thanx. > version 2.2 locks up 8088-based computers. Version 2.1 does not. > There is an unauthorized bug fix version, 2.21. I use 2.2 as it runs > well on my system. Well, now I know. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: rclark@nyx.cs.du.edu (Robert W. F. Clark) Date: Thu, 10 Jun 93 04:46:52 PDT To: cypherpunks@toad.com Subject: Forward of my message to CERT Message-ID: <9306101147.AA20953@nyx.cs.du.edu> MIME-Version: 1.0 Content-Type: text/plain Dear Moira, I was somewhat disturbed to note the recent actions of CERT with regard to Johan Helsingius' site anon.penet.fi; and with regard to the cypherpunks' archive at soda.berkeley.edu. I read a clarification of your position which appeared to regret any inconvenience these actions and others may have caused, it still seemed that you do not intend to exercise any more caution in the phrasing of your message. While the message disclaims that you have verified the information included in it, it still bears the phrasing of an accusation, not an advisory. While it is certainly laudable to bring potential security problems to the attention of system administrators and users, the method in which this was done, and those to whom you mentioned it, cause me serious doubts as to the effectiveness of your actions. In the first case, that of Johann Helsingius, you did not notify the system administrator but the domain manager for all Finland. Not only is the domain manager in no position to patch potential security holes in a local system, but additionally he probably has more important tasks than checking out false reports. Allegations were made by an unnamed officer of CERT that the site was illegally distributing software by anonymous ftp; whereas, even the most rudimentary efforts at verification would have revealed that the site in question does not operate anonymous ftp. It is neither sensible nor equitable to contact a domain administrator without even contacting the administrator of the questionable system; especially the domain administrator of an entire sovereign nation. Certainly, if CERT can not even bother to take the time of even a preliminary verification of their reports before announcing them, certainly it seems to be an imposition to demand that the domain administrator of an entire country spend time investigating spurious reports. If there is suspicion that a particular machine has been compromised, and is thus an insecure method of contacting the administrator, perhaps contacting the administrator by postal mail or by telephone would be more sensible than contacting the administrator of all the machines in Finland. Certainly if the machine itself is compromised, it is quite possible that the entire domain is also compromised, and email may be insecure and easily available to hostile third parties. With the additional implication in the ominous form letter you mail that the person responsible for the machine may be involved in illegal activities, the potential for abuse of CERT by people filing false reports is, though perhaps not in itself a "computer emergency," is certainly something which you ought to consider in your standard procedures. As sites which use TCP/IP without providing for authentication are considered security holes, so is a Computer Emergency Response Team which does the same thing, that is, simply relays accusations without any authentication of their veracity. Considering the possible damage to the reputations of persons not involved in illegal activity, and the disruption of services which results when such accusations are made, actions of this sort are retrogressive and represent as significant a threat to the systems as would a 'denial of service' attack. Please be more careful in the future when relaying such messages. ---- Robert W. F. Clark rclark@nyx.cs.du.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: rclark@nyx.cs.du.edu (Robert W. F. Clark) Date: Thu, 10 Jun 93 04:47:44 PDT To: cypherpunks@toad.com Subject: CryptoStacker (Key storage) Message-ID: <9306101147.AA20987@nyx.cs.du.edu> MIME-Version: 1.0 Content-Type: text/plain mmidboe@uahcs2.cs.uah.edu (Matt Midboe) writes: >What is the problem with just having a regular key file, and when >the user boots up the computer it asks them a pass phrase to decrypt the key >file? If they fail wipe the key and force the user to restore the key from a >backup somewhere. The problem with this is that a hostile third party who has captured a machine will first make a backup of all files on the system, including the key. It is very likely that the party will bypass the initial bootup procedure in which the key is requested, since the hostile party expects some sort of 'data bomb,' having been involved with systems confiscation for quite some time. While there are some options available, such as disallowing bootups from floppy, these are in the main cheap hacks not to be trusted for security. In this case, when the system is booted and the key is requested, even if the key is wiped, they simply restore it from backup and try again. They are likely to keep the system for several months, so they will have time to conquer any 'toy-grade' security. While it is not yet standard procedure to make a snapshot of the system memory when confiscating systems, the increasing cleverness of law enforcement and other bodies makes this seem likely in the future. So you can't have the key on the disk, nor can you have it hanging around in cleartext in memory except when encrypted data is accessed; preferably, the key should be encrypted, and on some fragile (i. e., easily destroyable) media. Any backups should be encrypted, and not easily accessible; preferably with a trusted party and not in the same building as the computer with encrypted information. ---- Robert W. F. Clark "Be sand, not oil, in the rclark@nyx.cs.du.edu machinery of the world." Gunter Eich From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Dave Banisar Date: Thu, 10 Jun 93 05:09:23 PDT To: CYPHERPUNKS@toad.com Subject: Markey Clipper Hearing 6/9 and CPSR Testimony Message-ID: <9306100817.AA34158@hacker2.eff.org> MIME-Version: 1.0 Content-Type: text/plain On June 9, 1993, Congressman Edward Markey, Chairman of the House Subcommittee on Telecommunications and Finance held an oversight hearing on "encryption and telecommunications network security." Panelists were Whitfield Diffie of Sun Microsystems, Dr. Dorothy Denning, Steven Bryen of Secure Communications, Marc Rotenberg of the CPSR Washington Office and E.R. Kerkeslager of AT&T. Congressman Markey, after hearing the testimony presented, noted that the Clipper proposal had raised an "arched eyebrow among the whole committee" and that the committee viewed the proposal skeptically. This statement was the latest indication that the Clipper proposal has not been well recieved by policy makers. Last Friday, the Computer Systems Security and Privacy Advisory Board of NIST issued two resolutions critical of the encryption plan, suggesting that further study was required and that implementation of the plan should be delayed until the review is completed. At the Third CPSR Cryptography and Privacy Conference on Monday, June 7, the Acting Director of NIST, Raymond Kammer, announced that the implementation of the proposal will be delayed and that a more comprehensive review will be undertaken. The review is due in the fall. Kammer told the Washington Post that "maybe we won't continue in the direction we started out." ------------------------------------------------------------------------------ Prepared Testimony and Statement for the Record of Marc Rotenberg, director CPSR Washington Office on Encryption Technology and Policy Before The Subcommittee on Telecommunications and Finance. Committee on Energy and Commerce U.S. House of Representatives June 9, 1993 SUMMARY The cryptography issue is of particular concern to CPSR. During the past several years CPSR has pursued an extensive study of cryptography policy in the United States. CPSR has organized public conferences, conducted litigation under the Freedom of Information Act, and has emphasized the importance of cryptography for privacy protection and the need to scrutinize carefully government proposals designed to limit the use of this technology. To evaluate the Clipper proposal it is necessary to look at a 1987 law, the Computer Security Act, which made clear that in the area of unclassified computing systems, the National Institute of Standards and Technology (NIST) and not the National Security Agency (NSA), would be responsible for the development of technical standards. The Act emphasized public accountability and stressed open decision-making. In the spirit of the Act, in 1989 NIST set out to develop a public key cryptography standard. According to documents obtained by CPSR through the Freedom of Information Act, NIST recommended that the algorithm be "public, unclassified, implementable in both hardware or software, usable by federal Agencies and U.S. based multi-national corporation." However, the Clipper proposal and the full-blown Capstone configuration that resulted is very different: the Clipper algorithm, Skipjack, is classified; public access to the reasons underlying the proposal is restricted; Skipjack can be implemented only in tamper-proof hardware; it is unlikely to be used by multi- national corporations, and the security of Clipper remains unproven. The Clipper proposal undermines the central purpose of the Computer Security Act. Although intended for broad use in commercial networks, it was not developed at the request of either U.S. business or the general public. It does not reflect public goals. The premise of the Clipper key escrow arrangement is that the government must have the ability to intercept electronic communications. However, there is no legal basis to support this premise. In law there is nothing inherently illegal or suspect about the use of a telephone. The federal wiretap statute says only that communication service providers must assist law enforcement execute a lawful warrant. CPSR supports the review of cryptography policy currently underway at the Department of Commerce. CPSR also supports the efforts undertaken by the Subcommittee on Telecommunications and Finance to study the full ramifications of the Clipper proposal. However, we are not pleased about the review now being undertaken at the White House. That effort has led to a series of secret meetings, has asked that scientists sign non-disclosure agreements and accept restrictions on publication, and has attempted to resolve public concerns through private channels. This is not a good process for the evaluation of a technology that is proposed for the public switched network. Even if the issues regarding Clipper are resolved favorably, privacy concerns will not go away. Rules still need to be developed about the collection and use of transactional data generated by computer communications. Several specific steps should be taken. First, the FCC should be given a broad mandate to pursue privacy concerns. Second, current gaps in the communications law should be filled. The protection of transactional records is particularly important. Third, telecommunications companies should be encouraged to explore innovative ways to protect privacy. "Telephone cards", widely available in other countries, are an ideal way to protect privacy. ---------------------------------- TESTIMONY Mr. Chairman, members of the Subcommittee, thank you for the opportunity to testify today on encryption policy and the Clipper proposal. I especially wish to thank you Congressman Markey, on behalf of CPSR, for your ongoing efforts on the privacy front as well as your work to promote public access to electronic information. The cryptography issue is of particular concern to CPSR. During the past several years we have pursued an extensive study of cryptography policy in the United States. We have organized several public conferences, conducted litigation under the Freedom of Information Act, and appeared on a number of panels to discuss the importance of cryptography for privacy protection and the need to scrutinize carefully government proposals designed to limit the use of this technology. While we do not represent any particular computer company or trade association we do speak for a great many people in the computer profession who value privacy and are concerned about the government's Clipper initiative. Today I will briefly summarize our assessment of the Clipper proposal. Then I would like to say a few words about the current status of privacy protection. CLIPPER To put the Clipper proposal in a policy context, I will need to briefly to describe a law passed in 1987 intended to address the roles of the Department of Commerce and the Department of Defense in the development of technical standards. The Computer Security Act of 1987 was enacted to improve computer security in the federal government, to clarify the responsibilities of the National Institute of Standards and Technology (NIST) and the National Security Agency, and to ensure that technical standards would serve civilian and commercial needs. The law made clear that in the area of unclassified computing systems, NIST and not NSA, would be responsible for the development of technical standards. It emphasized public accountability and stressed open decision-making. The Computer Security Act also established the Computer System Security and Privacy Advisory Board (CSSPAB), charged with reviewing the activities of NIST and ensuring that the mandate of the law was enforced. The Computer Security Act grew out of a concern that classified standards and secret meetings would not serve the interests of the general public. As the practical applications for cryptography have moved from the military and intelligence arenas to the commercial sphere, this point has become clear. There is also clearly a conflict of interest when an agency tasked with signal interception is also given authority to develop standards for network security. In the spirit of the Computer Security Act, NIST set out in 1989 to develop a public key standard FIPS (Federal Information Processing Standard). In a memo dated May 5, 1989, obtained by CPSR through the Freedom of Information Act, NIST said that it planned: to develop the necessary public-key based security standards. We require a public-key algorithm for calculating digital signatures and we also require a public-key algorithm for distributing secret keys. NIST then went on to define the requirements of the standard: The algorithms that we use must be public, unclassified, implementable in both hardware or software, usable by federal Agencies and U.S. based multi- national corporation, and must provide a level of security sufficient for the protection of unclassified, sensitive information and commercial propriety and/or valuable information. The Clipper proposal and the full-blown Capstone configuration, which incorporates the key management function NIST set out to develop in 1989, is very different from the one originally conceived by NIST. % The Clipper algorithm, Skipjack, is classified, % Public access to the reasons underlying the proposal is restricted, % Skipjack can be implemented only in tamper-proof hardware, % It is unlikely to be used by multi-national corporations, and % The security of Clipper remains unproven. The Clipper proposal undermines the central purpose of the Computer Security Act. Although intended for broad use in commercial networks, it was not developed at the request of either U.S. business or the general public. It does not reflect public goals. Rather it reflects the interests of one secret agency with the authority to conduct foreign signal intelligence and another government agency responsible for law enforcement investigations. Documents obtained by CPSR through the Freedom of Information Act indicate that the National Security Agency dominated the meetings of the joint NIST/NSA Technical Working group which made recommendations to NIST regarding public key cryptography, and that a related technical standard for message authentication, the Digital Signature Standard, clearly reflected the interests of the NSA. We are still trying to determine the precise role of the NSA in the development of the Clipper proposal. We would be pleased to provide to the Subcommittee whatever materials we obtain. LEGAL AND POLICY ISSUES There are also several legal and constitutional issues raised by the government's key escrow proposal. The premise of the Clipper key escrow arrangement is that the government must have the ability to intercept electronic communications, regardless of the economic or societal costs. The FBI's Digital Telephony proposal, and the earlier Senate bill 266, were based on the same assumption. There are a number of arguments made in defense of this position: that privacy rights and law enforcement needs must be balanced, or that the government will be unable to conduct criminal investigations without this capability. Regardless of how one views these various claims, there is one point about the law that should be made very clear: currently there is no legal basis -- in statute, the Constitution or anywhere else -- that supports the premise which underlies the Clipper proposal. As the law currently stands, surveillance is not a design goal. General Motors would have a stronger legal basis for building cars that could go no faster than 65 miles per hour than AT&T does in marketing a commercial telephone that has a built-in wiretap capability. In law there is simply nothing about the use of a telephone that is inherently illegal or suspect. The federal wiretap statute says only that communication service providers must assist law enforcement in the execution of a lawful warrant. It does not say that anyone is obligated to design systems to facilitate future wire surveillance. That distinction is the difference between countries that restrict wire surveillance to narrow circumstances defined in law and those that treat all users of the telephone network as potential criminals. U.S. law takes the first approach. Countries such as the former East Germany took the second approach. The use of the phone system by citizens was considered inherently suspect and for that reason more than 10,000 people were employed by the East German government to listen in on telephone calls. It is precisely because the wiretap statute does not contain the obligation to incorporate surveillance capability -- the design premise of the Clipper proposal -- that the Federal Bureau of Investigation introduced the Digital Telephony legislation. But that legislation has not moved forward and the law has remained unchanged. The Clipper proposal attempts to accomplish through the standard-setting and procurement process what the Congress has been unwilling to do through the legislative process. On legal grounds, adopting the Clipper would be a mistake. There is an important policy goal underlying the wiretap law. The Fourth Amendment and the federal wiretap statute do not so much balance competing interests as they erect barriers against government excess and define the proper scope of criminal investigation. The purpose of the federal wiretap law is to restrict the government, it is not to coerce the public. Therefore, if the government endorses the Clipper proposal, it will undermine the basic philosophy of the federal wiretap law and the fundamental values embodied in the Constitution. It will establish a technical mechanism for signal interception based on a premise that has no legal foundation. The assumption underlying the Clipper proposal is more compatible with the practice of telephone surveillance in the former East Germany than it is with the narrowly limited circumstances that wire surveillance has been allowed in the United States. UNANSWERED QUESTIONS There are a number of other legal issues that have not been adequately considered by the proponents of the key escrow arrangement that the Subcommittee should examine. First, not all lawful wiretaps follow a normal warrant process. The proponents of Clipper should make clear how emergency wiretaps will be conducted before the proposal goes forward. Second, there may be civil liability issues for the escrow agents, if they are private parties, if there is abuse or compromise of the keys. Third, there is a Fifth Amendment dimension to the proposed escrow key arrangement if a network user is compelled to disclose his or her key to the government in order to access a communications network. Each one of these issues should be examined carefully. CPSR CONFERENCE At a conference organized by CPSR this week at the Carnegie Endowment for International Peace we heard presentations from staff members at NIST, FBI, NSA and the White House about the Clipper proposal. The participants at the meeting had the opportunity to ask questions and to exchange views. Certain points now seem clear: % The Clipper proposal was not developed in response to any perceived public or business need. It was developed solely to address a law enforcement concern. % Wire surveillance remains a small part of law enforcement investigations. The number of arrests resulting from wiretaps has remained essentially unchanged since the federal wiretap law was enacted in 1968. % The potential risks of the Clipper proposal have not been assessed and many questions about the implementation remain unanswered. % Clipper does not appear to have the support of the business or research community. Many comments on the Clipper proposal, both positive and negative as well the materials obtained by CPSR through the Freedom of Information Act, are contained in the Source book compiled by CPSR for the recent conference. I am please to make a copy of this available to the Subcommittee. NETWORK PRIVACY PROTECTION Communications privacy remains a critical test for network development. Networks that do not provide a high degree of privacy are clearly less useful to network users. Given the choice between a cryptography product without a key escrow and one with a key escrow, it would be difficult to find a user who would prefer the key escrow requirement. If this proposal does go forward, it will not be because network users or commercial service providers favored it. Even if the issues regarding the Clipper are resolved favorably, privacy concerns will not go away. Cryptography is a part of communications privacy, but it is only a small part. Rules still need to be developed about the collection and use of transactional data generated by computer communications. While the federal wiretap law generally does a very good job of protecting the content of communications against interception by government agencies, large holes still remain. The extensive use of subpoenas by the government to obtain toll records and the sale of telephone records by private companies are just two examples of gaps in current law. The enforcement of privacy laws is also a particularly serious concern in the United States. Good laws without clear mechanisms for enforcement raise over-arching questions about the adequacy of legal protections in this country. This problem is known to those who have followed developments with the Privacy Act since passage in 1974 and the more recent Video Privacy and Protection Act of 1988. I make this point because it has been the experience in other countries that agencies charged with the responsibility for privacy protection can be effective advocates for the public in the protection of personal privacy. RECOMMENDATIONS Regarding the Clipper proposal, we believe that the national review currently underway by the Computer Security and Privacy Advisory Board at the Department of Commerce will be extremely useful and we look forward to the results of that effort. The Panel has already conducted a series of important open hearings and compiled useful materials on Clipper and cryptography policy for public review. We are also pleased that the Subcommittee on Telecommunications and Finance has undertaken this hearing. This Subcommittee can play a particularly important role in the resolution of these issues. We also appreciate the Chairman's efforts to ensure that the proper studies are undertaken, that the General Accounting Office fully explores these issues, and that the Secretary of Commerce carefully assesses the potential impact of the Clipper proposal on export policy. We are, however, less pleased about the White House study currently underway. That effort, organized in large part by the National Security Council, has led to a series of secret meetings, has asked that scientists sign non-disclosure agreements and accept restrictions on publication, and has attempted to resolve public concerns through private channels. This is not a good process for the evaluation of a technology that is proposed for the public switched network. While we acknowledge that the White House has been reasonably forthcoming in explaining the current state of affairs, we do not think that this process is a good one. For these reasons, we believe that the White House should properly defer to the recommendations of the Computer System Security and Privacy Advisory Board and the Subcommittee on Telecommunications and Finance. We hope that no further steps in support of the Clipper initiative will be taken. We specifically recommend that no further purchase of Clipper chips be approved. Speaking more generally, we believe that a number of steps could be taken to ensure that future communications initiatives could properly be viewed as a boost to privacy and not a set-back. % The FCC must be given a strong mandate to pursue privacy concerns. There should be an office specifically established to examine privacy issues and to prepare reports. Similar efforts in other countries have been enormously successful. The Japanese Ministry of Post and Telecommunications developed a set of privacy principles to ensure continued trade with Europe. The Canada Ministry of Communications developed a set of communications principles to address public concerns about the privacy of cellular communications. In Europe, the EC put forward an important directive on privacy protection for the development of new network services. % Current gaps in the communications law should be filled. The protection of transactional records is particularly important. Legislation is needed to limit law enforcement access to toll record information and to restrict the sale of data generated by the use of telecommunication services. As the network becomes digital, the transaction records associated with a particular communication may become more valuable than the content of the communication itself. % Telecommunications companies should be encouraged to explore innovative ways to protect privacy. Cryptography is a particular method to seal electronic communications, but far more important for routine communications could be anonymous telephone cards, similar to the metro cards here in the District of Columbia, that allow consumers to purchase services without establishing accounts, transferring personal data, or recording personal activities. Such cards are widely available in Europe, Japan, and Australia. I thank you very much for the opportunity to appear before the Subcommittee and would be pleased to answer your questions Computer Professionals for Social Responsibility CPSR is a national membership organization, established in 1982, to address the social impact of computer technology. There are 2,500 members in 20 chapters across the United States, and offices in Palo Alto, California, Cambridge, Massachusetts, and Washington DC. The organization is governed by a board of elected officers and meetings are open to the public. CPSR sponsors an annual meeting and the biennial conference on Directions and Implications of Advanced Computing. CPSR sponsored the first conference on Computers, Freedom, and Privacy in 1991. CPSR also operates the Internet Library at cpsr.org. The library contains documents from the White House on technology policy and a wide range of public laws covering privacy, access to information, and communications law and is available free of charge to all users of the Internet. Marc Rotenberg is the director of the CPSR Washington office and an adjunct professor at Georgetown University Law Center. He is chairman of the ACM Committee on Scientific Freedom and Human Rights, an editor for the Computer Law and Security Report (London), and the secretary of Privacy International, an organization of human rights advocates and privacy scholars in forty countries. He received an A.B. from Harvard College and a J.D. from Stanford Law School, and is a member of the bar of the United States Supreme Court. His forthcoming article "Communications Privacy: Implications for Network Design" will appear in the August 1993 issue of Communications of the ACM. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mark Date: Wed, 9 Jun 93 15:20:21 PDT To: cypherpunks@toad.com Subject: CERT reply regarding their emails Message-ID: <9306092220.AA15407@toad.com> MIME-Version: 1.0 Content-Type: text/plain Just got this: Forwarded message: >From mjw@cert.org Thu Jun 10 07:39:35 1993 >Message-Id: <9306092141.AA15453@shuttle.cert.org> >To: mark@cheops.anu.edu.au >Cc: cert@cert.org >Subject: Re: Statement of dissatisfaction with your recent efforts >In-Reply-To: Your message of "Wed, 09 Jun 93 10:59:04 +1000." <9306090100.AA11648@cert.org> >Date: Wed, 09 Jun 93 17:41:15 EDT >From: Moira J West > >Hello Mark, > We're sorry for any misunderstandings caused by our e-mail. >I have appended a copy of our follow-up to Berkeley on this issue. > >Regards >Moira > >Moira J. West >Technical Coordinator, Computer Emergency Response Team >Software Engineering Institute >Carnegie Mellon University >Pittsburgh, Pa. 15213-3890 > >Internet E-mail: cert@cert.org (monitored during business hours) >Telephone: (412) 268-7090 (answers 24 hour a day) > >---------------------------------------------------------------------- > >We've had a lot of feedback from various sites in response to our >e-mail to you last week referring to possible anonymous FTP abuse on >Berkeley hosts. > >We are concerned at the reaction that our e-mail caused. There's >obviously been a misunderstanding here and we wanted to follow-up with >you on this. There was certainly no intent on the part of CERT to >make accusations of any sort. We were simply trying to alert sites to >the possibility of activity that they might have concerns about. > >Our letter to you was one of many which we sent out to a number of >sites across the world in the form of an FYI of possible abuse of >their anonymous FTP areas. We had been receiving complaints from >sites about wide-scale trading of commercial software on their >writable anonymous FTP areas. During the process of helping sites to >secure their systems we were given copies of files left in abused >archives which indicated lists of hosts (and in some cases >directories) that intruders were using to trade of commercial >software. We chose to contact the sites so that they could check >their systems and take any steps that they thought appropriate. > >There were several reasons why we didn't attempt to verify the >information. There were a large number of hosts involved and with the >resources that we have available to us, it was not possible for us to >attempt to confirm the information on each host. In any case, we felt >it wouldn't be sufficient to check for specific directories or >filenames on an archive, the whole archive would need to be checked >for writable directories and then some verification of the contents of >those directories would need to take place. > >Previously, we have found that sites we contacted with this type of >information, did find writable areas which are being abused. In this >case some sites found such activity on their hosts, others stated that >the information was dated or incorrect. In hindsight, we see that it >would have been better for everyone concerned in this case if we had >undertaken some initial verification of the information or issued an >CERT advisory instead of the individual letters. > >As so many sites are potentially vulnerable to this activity and may >be unaware that it exists, we've decided to put together a CERT >advisory on the topic and hope to issue it in the near future. > >We're sorry if our original e-mail didn't clearly state our intentions >and was the cause of any misunderstandings. > >We'll follow-up with the various sites who have contacted us in regard >to our original e-mail to you, by passing them a copy of this letter. > >Regards >Moira > >Moira J. West >Technical Coordinator, Computer Emergency Response Team >Software Engineering Institute >Carnegie Mellon University >Pittsburgh, Pa. 15213-3890 > >Internet E-mail: cert@cert.org (monitored during business hours) >Telephone: (412) 268-7090 (answers 24 hour a day) -----------End of forwarded message Mark mark@cheops.anu.edu.au From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 10 Jun 93 10:13:52 PDT To: cypherpunks@toad.com Subject: Encrypting the list In-Reply-To: <9306092357.AA00323@triton.unm.edu> Message-ID: <9306101710.AA13192@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Summary: Encrypting the cypherpunks list make no difference in the security of information dispersal, but may make a large difference in local security and as a spur to software development. >> It would be nice, however, to set up crypto I/O connection >> OPTIONS to the list, as an incentive for lazy people like me to >> figure out how to get PGP and mail filters set up. >Yes! Michael, here is a word from your friendly neighborhood list maintainer. I don't have time to work on this, and neither to the people who run toad.com. So it's not going to happen on toad for a while. The good news is that it doesn't have to. You yourself can write the code! The code for the existing cypherpunks remailer is all you need to get started. Here's how. You subscribe to cypherpunks and then forward the list mail, encrypted, to all the people who have subscribed with you for an encrypted version of the cypherpunks mail. With the cypherpunks remailer, you can do all this with your own account. It is a pretty good skeleton for the creation of email servers out of user accounts. You don't need your sysadmin's cooperation to get it running, although you may need their blessing to keep it running. You can implement a listserv type operation if you want, with automatic subscribe/unsubscribe and add all the options you want to it. You'll have to deal with the bounce messages, of course, but you can rwrite software to deal with that. Someone who wants to provide digest service can to a similar thing for digestification. There have been lots of people over the course of the list history who have wanted encryption and digests. I would suggest that those who want them convince someone to run a secondary service to provide them with these services. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Hal <74076.1041@CompuServe.COM> Date: Thu, 10 Jun 93 07:38:15 PDT To: Subject: Re: Encrypting the list Message-ID: <930610142951_74076.1041_FHD65-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain To: cypherpunks@toad.com If we could encrypt the list, and if we could subscribe via Julf's remailer or get our remailers to accept address aliases of some sort, then list subscribers could have "local" privacy. Local sysops and roots would not be able to see our incoming mail, and would not see that we were subscribing to a group like "cypherpunks". My long-term goal would be to have all mail be encrypted, and all mail be sent via anonymous remailers (or equivalent technology), so that the content and routing of our messages is truly private. Hal 74076.1041@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: rwhelan@mason1.gmu.edu (Robert J. Oot) Date: Thu, 10 Jun 93 08:53:32 PDT To: mdiehl@triton.unm.edu (J. Michael Diehl) Subject: Re: My poll.... In-Reply-To: <9306100801.AA11287@triton.unm.edu> Message-ID: <9306101553.AA29767@mason1.gmu.edu> MIME-Version: 1.0 Content-Type: text > > Uu> I was shocked to find that people still use pgp v2.1. > > I don't know where you've been, but version 2.2 has a notorious bug > > that locks up the box under numerous situations. In my experience, > Been reading this list for some time now; never heard of this bug. Thanx. > > version 2.2 locks up 8088-based computers. Version 2.1 does not. ^^^^^^^^^^^^^^^^^^^^ > > There is an unauthorized bug fix version, 2.21. I use 2.2 as it runs > > well on my system. > > Well, now I know. I was not aware that people still used that version of a computer. An 8088???? -- Ryan A. Whelan "Only two good things came out of Berkeley, LSD and BSD, rwhelan@mason1.gmu.edu rwhelan@cosmos.gmu.edu coincidence???" rwhelan@gmuvax.gmu.edu PGP Public Key available via finger "If its not UNIX, its crap" From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peb@PROCASE.COM Date: Thu, 10 Jun 93 18:04:17 PDT To: cypherpunks@toad.com Subject: ATT ad in WSJ Message-ID: <9306102001.AA21195@banff.procase.com> MIME-Version: 1.0 Content-Type: text/plain ATT has an ad in today's (June 10, 1993) Wall Street Journal for their secure phone for $1200; they do not say how it works (neither cryptography nor Clipper are mentioned). Strangely, they suggest that it could be used in places where one could easily be overheard (like an airport--I don't know how they would connect to a public phone). Paul E. Baclace peb@procase.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jeff Ubois Date: Thu, 10 Jun 93 10:13:30 PDT To: cypherpunks@toad.com Subject: crypto print drivers for email Message-ID: <199306101713.AA00144@access.digex.net> MIME-Version: 1.0 Content-Type: text/plain Forgive me if I've missed it on alt.security.pgp, but what would people think of implementing PGP or other crypto schemes using a print driver ? A model could be some of the fax software that lets you fax directly from other applications by issuing a print command. These packages have print drivers that let you enter the name and phone number of the person you are faxing, or select a name from an address book after you give the print command. You can also select high or low resolution, what kinds of headers you want added to the message, and make file attachments. This is a very easy way to send faxes, and seems like it would be an easy way to create and send encrypted messages too. For persons who aren't technically adept, this would be a lot simpler than say pem -e -r recipient@bighost.edu -p bigpubkeyfile -s mysecret or even PGP equivalents. --Jeff From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: eichin@cygnus.com (Mark Eichin) Date: Thu, 10 Jun 93 13:31:10 PDT To: pmetzger@lehman.com Subject: re: query... In-Reply-To: <9306102009.AA27673@snark.shearson.com> Message-ID: <9306102030.AA07054@cygnus.com> MIME-Version: 1.0 Content-Type: text/plain A query -- I understand that the MIT Athena people implemented a DES encrypted telnet/telnetd for use with Kerberos. Anyone out there know where its sources live and how I could hack it to take a user specified DES key? Perry The first one was done by Paul Borman at Cray. A snapshot was up for FTP on uunet (named telnet.91.03.25.tar.Z) though I don't know what was done with it; the authentication and encryption options draft standard that it conformed to has been modified since then, although all of the implementations (such as the utexas version for the Mac) I've seen so far conform to Borman's version. It shouldn't be too hard to specify a key (of course you have the problem of securely getting the key to the other end of the connection -- that is, after all, one of the major side-benefits of Kerberos...) The last release of Kerberos from MIT included a "kstream" library, written by Ken Raeburn, which could be dropped in to an existing telnet or kermit or other application to provide this kind of feature. There is also Derek Atkins' S.B. Thesis project, which included modifications to telnet for accessing Kerberos via the remote host, without having IP access on the client to the KDC (such as on a dialup or with a firewall or something.) I'm sure he'll announce something here about how to get the sources, if they're in a releasable yet. _Mark_ MIT Student Information Processing Board Cygnus Support Cygnus Network Security From cypherpunks-request Thu Jun 10 13:14:32 1993 Received: by toad.com id AA25347; Thu, 10 Jun 93 13:09:48 PDT From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mark S Feldman Date: Thu, 10 Jun 93 13:24:42 PDT To: " L. Detweiler " Subject: Re: TIS/PEM FAQ as of 8 June 1993 In-Reply-To: <9306090337.AA02019@longs.lance.colostate.edu> Message-ID: <9306102025.AA00847@TIS.COM> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PRIVACY-ENHANCED MESSAGE----- Proc-Type: 4,MIC-CLEAR Content-Domain: RFC822 Originator-ID-Asymmetric: MFMxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJNRDE kMCIGA1UEChMbVHJ1c3RlZCBJbmZvcm1hdGlvbiBTeXN0ZW1zMREwDwYDVQQLEwh HbGVud29vZA==,06 MIC-Info: RSA-MD5,RSA,EMzvB0taB3V9fReB4tnloOKIfTeWTa6vIoJ7nM5WuSM UfXytoaJleK/JNTLRxKKhR+rhSL7zORq3d/TnaDV0c2YzvF8UJ1YLl+PheYhQg3D +ylKoRuzlGHJeNj5Mor/G > do you have any plans to get this on news.answers? It would be great > there. Also, You should consider sci.crypt. I can help you with either > if you need it. Thanks. Hadn't thought about news.answers. I thought that we did post it to sci.crypt, though. Regardless, we'll re-evaluate the news groups that we use the next time we post the FAQ. Mark -----END PRIVACY-ENHANCED MESSAGE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: RYAN Alan Porter Date: Thu, 10 Jun 93 13:56:27 PDT To: Jonathan K Saville Subject: Re: CryptoStacker Update In-Reply-To: <18312.9306101807@monge.brunel.ac.uk> Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Thu, 10 Jun 1993, Jonathan K Saville wrote: > > Re: possible problems with INT13 > > I may be mistaken, but I have this feeling that DPMI servers (including > MS Windows) react unkindly to people using INT13. This is certainly what > the Borland Open Architecture handbook says. If your program is resident > when such a server is running, it could throw up a General Protection > fault. I will check into this myself... The programs running on the system will not be using INT13. They will use the higher level interrupts that they normally use. The block driver exists below all of that and merely controls what happens once the higher level interrupts already call INT13. I don't think that it will be any problem, certainly less of a problem than if I tried to screw with higher level interrupts. -=Ryan=- the Bit Wallah From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Brian.Hawthorne@East.Sun.COM (Brian Holt Hawthorne - SunSelect Engineering) Date: Thu, 10 Jun 93 14:46:49 PDT To: huntting@glarp.com Subject: Re: McCarthy lives! Message-ID: <9306102141.AA09055@sea.East.Sun.COM> MIME-Version: 1.0 Content-Type: x-sun-attachment ---------- X-Sun-Data-Type: text X-Sun-Data-Description: text X-Sun-Data-Name: text X-Sun-Charset: us-ascii X-Sun-Content-Lines: 50 > > Tim, I'll be glad to teach you how to file a Privacy Act request. > > It's pretty simple, and it works on all Federal agencies. You get > > all records they are keeping on you, with some limited exceptions -- > > and for almost all of those, you get notified of the withholding. > > If you can identify one or a small number of agencies that might > > be keeping this "list", we can see if you are on it. And if we > > find the list, we can probably get the whole thing under the Freedom > > of Information Act. > > I'd be very interested in hearing more on this... Freedom of Information Act and Privacy Act apply only to federal agencies. Privacy Act Requests for personal data must be notarized. If the agency ignores the request, you must appeal under FOIA, since there are no appeal provisions under the Privacy Act. You must specify the "Systems of Records" you want searched. These are listed in the Federal Register and in "Protecting Your Right to Privacy--A Digest of Systems of Records, which you can get from the GPO). I've included the ones you probably would want with the FBI or CIA. You must pre-authorize a dollar amount for search and copying costs. Attached are some sample letters for the FBI, the CIA and general Privacy Act/FOIA. FOIA requests can be more general, I've got info on that as well. I am not a lawyer, and this is not intended as legal advice. The info is out of a wonderful book: Biggs, Don. How to avoid laywers. Includes index. 1. Forms (Law)--United States. I. Title. KF170.B47 1984 347.73'55 84-18636 ISBN 0-8240-7285-5 347.30755 ISBN 0-8240-7284-7 (pbk.) Garland Publishing, Inc. 136 Madison Ave. New York, NY 10016 It is a bit out of date (1985), but I believe the Privacy Act and FOIA is still pretty much the same. It has extensive instructions for what to actually do and what the pitfalls are. ---------- X-Sun-Data-Type: default X-Sun-Data-Description: default X-Sun-Data-Name: privacy-act X-Sun-Charset: us-ascii X-Sun-Content-Lines: 80 DATE ADDRESS This is a request under provisions of Title 5 USC, Sec. 552, the Freedom of Information Act, and Title 5 USC, Sec. 552a, the Privacy Act. Please furnish me with copies of all records on me retrievable by the use of an individual identifier and by the use of any combination of identifiers (e.g., name + date of birth + social security number, etc.) that are contained in the following systems of records: In order to identify myself and to facilitate your search of records systems, I provide the following information: _________________________________________________________ Last Name First Middle _________________________________________________________ Street City State Zip Code _________________________________________________________ Date of Birth Place of Birth Sex Social Security _________________________________________________________ Other information In the event that any part or all of my records are withheld, I request a complete list of all records being withheld and the specific exemption being claimed for the withholding of each. In the event that search and copyinng fees are estimated to exceed $ _________, I request an opportunity to review such records, or to have a duly authorized representative review such records, in order to select those to be copied. If you have an questions regarding this request, please telephone me at ________________ weekdays between _________ and ____________ or write to me at the above address. As provided for by Sec. 552(a)(6)(i) of the Freedom of Information Act, I shall expect to receive a reply within ten (10) business days. Sincerely, __________________ CERTIFICATE OF NOTARY STATE OF ) ) ss: COUNTY OF ) On this _______ day of _________, 19___, before me personally came and appeared _____________________________, known, and known to me, to be the individual described in and who executed the foregoing instrument, and who duly acknowledged to me that he/she executed same for the purpose therein contained. IN WITNESS WHEREOF, I hereunto set my hand and official seal. ________________________________ Notary Public My commission expires: _____________________ ---------- X-Sun-Data-Type: default X-Sun-Data-Description: default X-Sun-Data-Name: privacy-act-cia X-Sun-Charset: us-ascii X-Sun-Content-Lines: 83 DATE Director Federal Bureau of Investigation J. Edgar Hoover Building 10th Street and Pennsylvania Avenue, N.W. Washington, D.C. 20535 Attn: FOIA/Privacy Act Branch This is a request under provisions of Title 5 USC, Sec. 552, the Freedom of Information Act, and Title 5 USC, Sec. 552a, the Privacy Act. Please furnish me with copies of all records on me retrievable by the use of an individual identifier and by the use of any combination of identifiers (e.g., name + date of birth + social security number, etc.) that are contained in the following systems of records: National Crime Information Center (NCIC) Central Records System Electronic Surveillance (Eisur) Indices In order to identify myself and to facilitate your search of records systems, I provide the following information: _________________________________________________________ Last Name First Middle _________________________________________________________ Street City State Zip Code _________________________________________________________ Date of Birth Place of Birth Sex Social Security _________________________________________________________ Other information In the event that any part or all of my records are withheld, I request a complete list of all records being withheld and the specific exemption being claimed for the withholding of each. In the event that search and copyinng fees are estimated to exceed $ _________, I request an opportunity to review such records, or to have a duly authorized representative review such records, in order to select those to be copied. If you have an questions regarding this request, please telephone me at ________________ weekdays between _________ and ____________ or write to me at the above address. As provided for by Sec. 552(a)(6)(i) of the Freedom of Information Act, I shall expect to receive a reply within ten (10) business days. Sincerely, __________________ CERTIFICATE OF NOTARY STATE OF ) ) ss: COUNTY OF ) On this _______ day of _________, 19___, before me personally came and appeared _____________________________, known, and known to me, to be the individual described in and who executed the foregoing instrument, and who duly acknowledged to me that he/she executed same for the purpose therein contained. IN WITNESS WHEREOF, I hereunto set my hand and official seal. ________________________________ Notary Public My commission expires: _____________________ ---------- X-Sun-Data-Type: default X-Sun-Data-Description: default X-Sun-Data-Name: privacy-act-fbi X-Sun-Charset: us-ascii X-Sun-Content-Lines: 83 DATE Director Federal Bureau of Investigation J. Edgar Hoover Building 10th Street and Pennsylvania Avenue, N.W. Washington, D.C. 20535 Attn: FOIA/Privacy Act Branch This is a request under provisions of Title 5 USC, Sec. 552, the Freedom of Information Act, and Title 5 USC, Sec. 552a, the Privacy Act. Please furnish me with copies of all records on me retrievable by the use of an individual identifier and by the use of any combination of identifiers (e.g., name + date of birth + social security number, etc.) that are contained in the following systems of records: National Crime Information Center (NCIC) Central Records System Electronic Surveillance (Eisur) Indices In order to identify myself and to facilitate your search of records systems, I provide the following information: _________________________________________________________ Last Name First Middle _________________________________________________________ Street City State Zip Code _________________________________________________________ Date of Birth Place of Birth Sex Social Security _________________________________________________________ Other information In the event that any part or all of my records are withheld, I request a complete list of all records being withheld and the specific exemption being claimed for the withholding of each. In the event that search and copyinng fees are estimated to exceed $ _________, I request an opportunity to review such records, or to have a duly authorized representative review such records, in order to select those to be copied. If you have an questions regarding this request, please telephone me at ________________ weekdays between _________ and ____________ or write to me at the above address. As provided for by Sec. 552(a)(6)(i) of the Freedom of Information Act, I shall expect to receive a reply within ten (10) business days. Sincerely, __________________ CERTIFICATE OF NOTARY STATE OF ) ) ss: COUNTY OF ) On this _______ day of _________, 19___, before me personally came and appeared _____________________________, known, and known to me, to be the individual described in and who executed the foregoing instrument, and who duly acknowledged to me that he/she executed same for the purpose therein contained. IN WITNESS WHEREOF, I hereunto set my hand and official seal. ________________________________ Notary Public My commission expires: _____________________ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Thu, 10 Jun 93 10:09:16 PDT To: Peter Honeyman Subject: Re: CERT: the letter from CERT to berkeley.edu admin In-Reply-To: <9306091423.AA01017@toad.com> Message-ID: <9306101732.aa19627@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > interestingly, i believe the penet letter was sent to the same address > as the earlier, infamous "famous net personality" letter. Yes, it was. Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 10 Jun 93 18:52:12 PDT To: cypherpunks-announce@toad.com Subject: cypherpunks physical meeting Message-ID: <9306110134.AA09618@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Cypherpunks Meeting Saturday, June 12, 1993 12:00 noon - 6:00 p.m. Cygnus Support offices, Mt. View, CA I've really got to get some automated software running for posting these announcements. I apologize, again, for the untimeliness of this message. This time there will be a reporter from the BBC attending, not to film, but to talk to people about electronic culture in the Bay Area. We will also have some other visitors, I believe. Topics: 1. Clipper, of course. The CPSR Crypto Policy meeting was earlier this week, as well as the Markey hearings. We will have reports on these. 2. Software development. Mail, links, disks. It is time to make an overall plan for the architecture of encrypted life. I want to brainstorm to make sure we come up with a complete list. 3. Crypto '93 attendance 4. Other, as usual. Eric ----------------------------------------------------------------------------- [Directions to Cygnus provided by John Gilmore. -- EH] Cygnus Support 1937 Landings Drive Mt. View, CA 94043 +1 415 903 1400 switchboard +1 415 903 1418 John Gilmore Take US 101 toward Mt. View. From San Francisco, it's about a 40-minute drive. Get off at the Rengstorff Ave/Amphitheatre Parkway exit. If you were heading south on 101, you curve around to the right, cross over the freeway, and get to a stoplight. If you were heading north on 101, you just come right off the exit to the stoplight. The light is the intersection of Amphitheatre and Charleston Rd. Take a right on Charleston; there's a right-turn-only lane. Follow Charleston for a short distance. You'll pass the Metaphor/Kaleida buildings on the right. At a clump of palm trees and a "Landmark Deli" sign, take a right into Landings Drive. At the end of the road, turn left into the complex with the big concrete "Landmark" sign. Follow the road past the deli til you are in front of the clock tower that rises out of one of the buildings, facing you. Enter through the doors immediately under the clock tower. They'll be open between noon and 1PM at least. (See below if you're late.) Once inside, take the stairs up, immediately to your right. At the top of the stairs, turn right past the treetops, and we'll be in 1937 on your left. The door is marked "Cygnus". If you are late and the door under the clock tower is locked, you can walk to the deli (which will be around the building on your left, as you face the door). Go through the gate in the fence to the right of the deli, and into the back lawns between the complex and the farm behind it. Walk forward and right around the buildings until you see a satellite dish in the lawn. Go up the stairs next to the dish, which are the back stairs into the Cygnus office space. We'll prop the door (or you can bang on it if we forget). Or, you can find the guard who's wandering around the complex, who knows there's a meeting happening and will let you in. They can be beeped at 965 5250, though you'll have trouble finding a phone. Don't forget to eat first, or bring food at noon! I recommend hitting the burrito place on Rengstorff (La Costen~a) at about 11:45. To get there, when you get off 101, take Rengstorff (toward the hills) rather than Amphitheatre (toward the bay). Follow it about ten blocks until the major intersection at Middlefield Road. La Costen~a is the store on your left at the corner. You can turn left into the narrow lane behind the store, which leads to a parking lot, and enter by the front door, which faces the intersection. To get to the meeting from there, just retrace your route on Rengstorff, go straight over the freeway, and turn right at the stoplight onto Charleston; see above. See you there! John Gilmore From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jonathan K Saville Date: Thu, 10 Jun 93 11:07:37 PDT To: cypherpunks@toad.com Subject: Re: CryptoStacker Update Message-ID: <18312.9306101807@monge.brunel.ac.uk> MIME-Version: 1.0 Content-Type: text/plain Re: possible problems with INT13 I may be mistaken, but I have this feeling that DPMI servers (including MS Windows) react unkindly to people using INT13. This is certainly what the Borland Open Architecture handbook says. If your program is resident when such a server is running, it could throw up a General Protection fault. I will check into this myself... -- # Jon Saville | Who alive can say, 'Thou art no John Keats # ee92jks@brunel.ac.uk | Poet, may'st not tell thy dreams?' 1819 PGP 2.2 public key available upon request From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Thu, 10 Jun 93 17:40:17 PDT To: cypherpunks@toad.com Subject: A definite trend Message-ID: MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- I've been very busy this week busting my chops on a networking project for a client, but I have to take a moment to add my own few comments. I realize that this is old news to some of you, but it appears that many of you seem to forget that a rather unpleasant trend seems to be developing within the law enforcement community. While we are voicing our opposition to the "Key-Escrow" proposal (known to most of us as Clipper/Capstone/Skipjack), there are other historical instances which are directly proportionate to where the LEAs are in relationship to their efforts at legislating technology. The point that I am attempting to make is that the "Key-Escrow" initiative is but another extension of the earlier Digital Telephony proposal introduced early last year (also known as "Son of S. 266"). As far as I'm concerned, the "Key-Escrow" initiative is an attempted continuance of a failed effort. Excerpted from "Digital Media: A Seybold Report," April 20 1992 volume 1, number 11, page 7, is one of the first reports of this failed attempt to legislate LEA access to communications on a broad scale - "Though not specifically listed as a target in the proposal, many people are calling Digital Telephony 'Son of S. 266,' a failed Senate bill that required the same 'dumbing-down' for encryption as the F.B.I. proposal does for phone systems. In other words, makers of encryption devices or software were to be required to leave a 'back door' open for law-enforcement and security agencies that wanted to decode encrypted communication. "The bill, of course, completely defeats the purpose of encryption - leaving the 'back door' open for the very same sophisticated techno-criminals that the agencies were trying to thwart. S. 266 was shouted down last year by outraged computer experts and civil libertarians. "At the CFP [CFP II - PF] conference, encryption expert Whitfield Diffie said, 'I understand why the police don't like [encryption]. But a very large part of the essence of a free versus totalitarian society consists of the difference between being answerable for your actions and being subject to prior restraint against actions the society doesn't approve of.'" [End of excerpt] Additionally, later in the article, a summary list is provided which outlined the proposal, which is excerpted below - "The F.B.I. proposal The following is taken directly from a Federal Bureau of Investigation document distributed to legislators and other concerned parties in Washington, DC. Digital Telephony: Summary of Issues * The F.B.I. utilizes electronic surveillance (wire taps) in virtually every area of its investigative responsibilities. * The telecommunications industry, which remained virtually unchanged for approximately 50 years, is now rapidly changing to address the need for more advanced telecommunications systems, such as personal communications networks, advanced cellular and integrated services digital networks (ISDN) which have the capacity for high-speed transmissions of video, voice and data. * One of the telephone telecommunications industry's major developmental efforts is to provide total digital connectivity (end to end) for its subscribers, including residential and business communities, in the near future. * At present, no capability exists to intercept ISDN (digital) transmissions; therefore, the emergence of digital telecommunications technology will preclude the F.B.I. and all of law enforcement from being able to intercept electronic communications, thus all but eliminating a statutorily-sanctioned, court-authorized and extraordinarily successful investigate technique. * The Department of Justice and the F.B.I. have been working with the White House, various Administration agencies, the telecommunications industry and Congress to find a workable solution to this very serious problem that endangers the safety of the American public. A legislative solution has been developed to ensure that the legitimate need for law enforcement to lawfully intercept communications is met by the telecommunications industry. Legislative Remedy The proposal would amend the Communications Act of 1934 to require providers of electronic communications services and private branch exchanges to ensure that the Government's ability to lawfully intercept communications is unimpeded by the introduction of advanced digital telecommunications technology or any other emerging telecommunications technology. Specifically, the amendment provides the following: 1. The FCC, in consultation with the Attorney General, shall determine the technological interception needs of the Government and issue regulations that will preserve the Government's ability to conduct lawful electronic surveillance. 2. The FCC shall issue regulations within 120 days after enactment requiring the modification of existing telecommunication systems if those systems impede the Government's ability to conduct lawful electronic surveillance. 3. Compliance by service providers and private branch exchanges will be required within 180 days of the issuance of the regulations and the use of non-conforming equipment is prohibited thereafter. 4. The FCC has the authority to compensate (through rate structure) telecommunication system operators under FCC jurisdiction for reasonable costs associated with required modifications of existing telecommunications equipment or technology. 5. The Attorney General has specific authority, in addition to that already vested in the FCC, to seek civil penalties and injunctive relief for non-compliance." [End of excerpt] Of course, this bill died on "The Hill" because of lack of support. It does suggest, however, that this is the tell-tale sign of a continuing effort by the law enforcement community (which is grasping at straws) to find ways to exploit domestic communications due to the increasing complexity of technological advances in that area. LEAs are also using highly volatile topics as drug enforcement and terrorism as justification. While being politically correct, this does not justify the scrutiny of private communications without reasonable justification. Hey -- you don't have to get whacked across the head with a 2x4 to see the writing on the wall. Clipper is an offering by a kinder, gentler government. Clipper/Capstone offers a method to secure your communications for you, with a "Key-Escrow" system, a GW (Gee Whiz) chip set whose internals are classified and a premise of good faith. I'm certainly no sage with a crystal ball, but I can't help but wonder which trump card will be played next. Whatever it is, I get the feeling that it is not good. Cheers. -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLBfG+5RLcZSdHMBNAQGO/gQApCXzaIxktfKTpK7nBJUrw1tRzXmw6twR zYPjKYKdiJ9lQ6qPrUwbCGccPjN2Gnv7MP29H782ixzA7wMbMo47SkMbVA2fpxzp 2SpXRYmhkwMNdbD03nooF8QN2qwN6X7FtZ7yCelCf4X+TDXVEN+EAKu+g2AH5rKm 7q0aTzJgKPg= =D3Pp -----END PGP SIGNATURE----- Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp@sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: TO1SITTLER@APSICC.APS.EDU (Kragen Sittler) Date: Thu, 10 Jun 93 21:38:37 PDT To: cypherpunks@toad.com Subject: 8088 Message-ID: <930610223100.da8@APSICC.APS.EDU> MIME-Version: 1.0 Content-Type: text/plain Begin Quoted Message------------------------------------------------------ From: rwhelan@mason1.gmu.edu (Robert J. Oot) Message-Id: <9306101553.AA29767@mason1.gmu.edu> [discussion of pgp versions and locking removed, you all read it three times already] > > version 2.2 locks up 8088-based computers. Version 2.1 does not. ^^^^^^^^^^^^^^^^^^^^ > > There is an unauthorized bug fix version, 2.21. I use 2.2 as it runs > > well on my system. > > Well, now I know. I was not aware that people still used that version of a computer. An 8088???? PGP Public Key available via finger "If its not UNIX, its crap" End Quoted Message----------------------------------------------------------- Not everyone can afford to buy a new computer. I myself am using a 286, because though I want to buy a faster computer, I have no spare money. I am using VMS to connect to the net for a similar reason. I can't afford my own net connection, so I borrow someone else's. VMS with multinet is considerably better for net.connections than turds in a toilet. And an 8088 is considerably better for encryption and word processing than a pencil and paper. Don't be so arrogant. Kragen From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Timothy Newsham Date: Fri, 11 Jun 93 02:21:30 PDT To: cypherpunks@toad.com Subject: Circ Message-ID: <9306110921.AA18240@toad.com> MIME-Version: 1.0 Content-Type: text/plain I uploaded the package Circ.tar.Z which is the latest version of my encryption protocol for use on top of IrcII clients, to soda.berkeley.edu in ~ftp/pub/cypherpunks/incoming. I have also sent Eric the description of the package. It has so far not moved to a normal directory (why?). Oh well I was going to wait before announcing it, but you can get it from this directory now. (I am having technical difficulties posting it to comp.sources.misc so far. Still working on it ) Tim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Thu, 10 Jun 93 22:28:52 PDT To: hughes@soda.berkeley.edu (Eric Hughes) Subject: Re: Encrypting the list In-Reply-To: <9306101710.AA13192@soda.berkeley.edu> Message-ID: <9306110528.AA22688@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain According to Eric Hughes: > Summary: Encrypting the cypherpunks list make no difference in the > > >> It would be nice, however, to set up crypto I/O connection > >> OPTIONS to the list, as an incentive for lazy people like me to > >> figure out how to get PGP and mail filters set up. > > Michael, here is a word from your friendly neighborhood list > maintainer. I don't have time to work on this, and neither to the > people who run toad.com. So it's not going to happen on toad for a > while. > > The good news is that it doesn't have to. You yourself can write the > code! The code for the existing cypherpunks remailer is all you need > to get started. Here's how. You subscribe to cypherpunks and then > forward the list mail, encrypted, to all the people who have > subscribed with you for an encrypted version of the cypherpunks mail. Between a full-time job, my mail system, pgp menu, a software review, a girlfriend, and wedding plans, I sure won't be able to write this code. I'd love to if I had the time.... Will someone else volunteer? +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Timothy Newsham Date: Fri, 11 Jun 93 03:23:51 PDT To: cypherpunks@toad.com Subject: someones bouncing In-Reply-To: <930611093124_515664.456256_BHC50-22@CompuServe.COM> Message-ID: <9306111023.AA20380@toad.com> MIME-Version: 1.0 Content-Type: text/plain got this after my last post. someone is bouncing again. > --- Returned message --- > > Sender: newsham@wiliki.eng.hawaii.edu > Received: from orion.crc.monroecc.edu by ihd.compuserve.com (5.67/5.930129sam) > id AA21224; Fri, 11 Jun 93 05:31:53 -0400 > Message-Id: <9306110931.AA21224@ihd.compuserve.com> > Date: Fri, 11 Jun 1993 05:23:53 -0400 > From: newsham@wiliki.eng.hawaii.edu > To: 71762.2440@compuserve.com > Subject: Circ > X-Vms-To: cypherpunks@toad.com > > ================== RFC 822 Headers ================== > > Return-Path: cypherpunks-request@toad.com > Received: by orion.crc.monroecc.edu (UCX V2.0-05) > Fri, 11 Jun 1993 05:23:47 -0400 > Received: from toad.com by relay2.UU.NET with SMTP > (5.61/UUNET-internet-primary) id AA29927; Fri, 11 Jun 93 05:30:31 -0400 > Received: by toad.com id AA18245; Fri, 11 Jun 93 02:21:30 PDT > Return-Path: > Received: from wiliki.eng.hawaii.edu ([128.171.60.1]) by toad.com id AA18240; Fri, 11 Jun 93 02:21:24 PDT > Message-Id: <9306110921.AA18240@toad.com> > Received: by wiliki.eng.hawaii.edu > (1.37.109.4/15.6) id AA16878; Thu, 10 Jun 93 23:20:53 -1000 > From: Timothy Newsham > Subject: Circ > To: cypherpunks@toad.com > Date: Thu, 10 Jun 1993 23:20:52 -1000 (HST) > X-Mailer: ELM [version 2.4 PL21] > Mime-Version: 1.0 > Content-Type: text/plain; charset=US-ASCII > Content-Transfer-Encoding: 7bit > Content-Length: 509 > > From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Nickey MacDonald Date: Fri, 11 Jun 93 00:44:25 PDT To: "J. Michael Diehl" Subject: Re: Encrypting the list In-Reply-To: <9306110528.AA22688@triton.unm.edu> Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Thu, 10 Jun 1993, J. Michael Diehl wrote: > love to if I had the time.... Will someone else volunteer? Well.. I am starting a project (as soon as my mail alias is set up by the sysadmin) to do something like this... Mostly I just want to play with writing software that intercepts email... and try my hand at calling PGP from other software... which leads to a suggestion... It would be nice if PGP had a publicly available API, similar to that provided by RSAREF. -- Nick MacDonald | NMD on IRC i6t4@jupiter.sun.csd.unb.ca | PGP 2.1 Public key available via finger i6t4@unb.ca | (506) 457-1931 ^{1024/746EBB 1993/02/23} From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Fri, 11 Jun 93 08:16:30 PDT To: cypherpunks@toad.com Subject: Circ In-Reply-To: <9306110921.AA18240@toad.com> Message-ID: <9306111512.AA11268@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >I uploaded the package Circ.tar.Z It's in pub/cypherpunks/applications/misc. >It has so far not moved to a normal directory (why?). Time. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Fri, 11 Jun 93 08:26:58 PDT To: cypherpunks@toad.com Subject: MAIL: logging that happens on soda Message-ID: <9306111523.AA11809@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain I was rooting around soda for some other reason and stumbled upon the mail logs (!) for soda. I just sent myself some mail to generate a sample entry. It's got complete traffic analysis data, complete with to/from pairs, time of day, and message size. Jun 11 08:13:35 soda sendmail[11298]: AA11298: message-id=<9306111513.AA11298@soda.berkeley.edu> Jun 11 08:13:35 soda sendmail[11298]: AA11298: from=hughes, size=66, class=0, received from local Jun 11 08:13:36 soda sendmail[11300]: AA11298: to=hughes, delay=00:00:01, stat=Sent I would recommend that all remailer operators find out what kind of mail logging, if any, takes place on their machines. If you need a place to start looking, the mail log on soda was in the same directory as the syslog messages. I would also recommend that this information on mail logging by the system be put in Karl's remailer list. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: murphy@s1.elec.uq.oz.au (Peter Murphy) Date: Thu, 10 Jun 93 16:42:53 PDT To: cypherpunks-request@toad.com (J. Michael Diehl) Subject: Re: My Poll.... In-Reply-To: <9306090653.AA23961@triton.unm.edu> Message-ID: <9306102341.AA22865@s2.elec.uq.oz.au> MIME-Version: 1.0 Content-Type: text/plain Responding to J. Michael Diehl's post ... > > Well, I finally got to look at the responses to my poll. FYI, I got 33 replies. > This is a small number considering there are (I think) 400+ people on this list. > I didn't take the time to actually tally the results for each question. I'm > inherently lazy... ;^) I can make some comments about what we use, tho. Note > that the lists are in no particular order. Since this was certainly not a > scientific poll, I opted to not include any statistics, sorry. I was kinda > hoping to have a more homogeneous environment than what we have. Kinda naive, > huh? Well, this is what I have to say after reading each of your replies. I > would like to thank everyone who participated in my informal poll. I hope the > results are usefull to any software-developer-cypherpunks out there. > { The rest of the post (documenting results) deleted. } I'm sorry that I didn't answer your poll. However, if I had a little bit more time I would have answered it. Unfortunately, this mailing list is so expansive (and my time is so limited) that I only read my mail about once a week. So I became aware of the poll's closing date (last Thursday, 3/6) the next day (i.e., 4/6). Please give a little more time in future. It was a GREAT idea. Thanks for doing it. Cheers, Peter. P.S. In case you're still interested in accumulating results, I respond to email on Sony News-OS V. 4.3 (analogous to Berkeley 4.1). I also use a lot of MS-DOS PCs (mostly on the Elec. Eng. Novell network, although I might be acquiring a 486 pretty soon). As for PGP, ... well I OFFICIALLY don't have a copy, being not a resident of North America :-) ... > +-----------------------+-----------------------------+---------+ > | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | > | mdiehl@triton.unm.edu | But, I was mistaken. |available| > | mike.diehl@fido.org | | Ask Me! | > | (505) 299-2282 +-----------------------------+---------+ > | | > +------"I'm just looking for the opportunity to be -------------+ > | Politically Incorrect!" | > +-----If codes are outlawed, only criminals wil have codes.-----+ > +----Is Big Brother in your phone? If you don't know, ask me---+ > -- ==================================================== Peter Murphy - Department of Electrical Engineering, University of Queensland: murphy@s2.elec.uq.oz.au . "Contrary to popular belief, the wings of demons are the same as the wings of angels, although they're often better groomed." - Terry Pratchett. ==================================================== From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Shipley Date: Fri, 11 Jun 93 09:51:47 PDT To: Eric Hughes Subject: Re: MAIL: logging that happens on soda In-Reply-To: <9306111523.AA11809@soda.berkeley.edu> Message-ID: <9306111651.AA14556@edev0.TFS> MIME-Version: 1.0 Content-Type: text/plain >I was rooting around soda for some other reason and stumbled upon the >mail logs (!) for soda. I just sent myself some mail to generate a >sample entry. It's got complete traffic analysis data, complete with >to/from pairs, time of day, and message size. Eric, most of us know this stuff you are making yourself look very unix illiterate. I know one person at berkeley who wrote a sh script 5 years ago that would track remote mail aliases by analising who (on campus) who recived with close time stamps. with this info he was able to reverse engineer the containce of a lesbian emailing list. I have a scipt I use the just reads the syslog file and prints out a list of who is emailing who and what their total volume of mail is. >If you need a >place to start looking, the mail log on soda was in the same directory >as the syslog messages. or of you look at the file /etc/syslog.conf is tell you where log the data. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Duncan Frissell <76630.3577@CompuServe.COM> Date: Fri, 11 Jun 93 07:02:21 PDT To: Subject: 8088 Message-ID: <930611135802_76630.3577_EHK30-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain >>>I was not aware that people still used that version of a computer. >>>An 8088???? >>> >>> >>>End Quoted Message----------------------------------------------------- >>> >>>Not everyone can afford to buy a new computer. I myself am using a 286, >>>because though I want to buy a faster computer, I have no spare money. >>> >>>(Kragen Sittler) Additionally, when one is running PGP under Windows the "virtual DOS machine" on which it is running *is* an 8088 (of sorts) and PGP 2.2 will lock it up 2/3 of the time. Duncan Frissell From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Fri, 11 Jun 93 11:05:40 PDT To: cypherpunks@toad.com Subject: MAIL: logging that happens on soda In-Reply-To: <9306111651.AA14556@edev0.TFS> Message-ID: <9306111802.AA17868@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Re: sendmail logs >Eric, most of us know this stuff you are making yourself look very >unix illiterate. I have opened my mouth and removed all doubt. I _am_ mostly illiterate in the details of Unix; this is one system administration detail I did not know. I have known for a long time that these logs were in principle easy for administration to keep, but I did not know that they were an entirely standard feature. I raise this because it affects perceived remailer security and I have not once heard these specific logs brought up, on the list or in person. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Mr. Paul Danckaert (ACS)" Date: Fri, 11 Jun 93 09:11:49 PDT To: cypherpunks@toad.com Subject: List.. Message-ID: <199306111611.AA00781@rpco25.acslab.umbc.edu> MIME-Version: 1.0 Content-Type: text/plain Please remove me from the list for now.. I'm skipping out for a bit and don't want 10000 messages when I get back.. ;) Thanks.. Paul --- Paul Danckaert - pauld@umbc.edu --------------------------------------- ------------------------------------------------- Beware of the Leopard ------- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Timothy Newsham Date: Fri, 11 Jun 93 17:01:31 PDT To: cypherpunks@toad.com Subject: Mail logging Message-ID: <9306120001.AA09108@toad.com> MIME-Version: 1.0 Content-Type: text/plain > > >I was rooting around soda for some other reason and stumbled upon the > >mail logs (!) for soda. I just sent myself some mail to generate a > >sample entry. It's got complete traffic analysis data, complete with > >to/from pairs, time of day, and message size. The goal of this list is not to turn off such "features" but to provide security in the face of these features, in hostile environments, environments not totally under our own control. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter shipley Date: Sat, 12 Jun 93 01:11:59 PDT To: Eric Hughes Subject: Re: MAIL: logging that happens on soda In-Reply-To: <9306111802.AA17868@soda.berkeley.edu> Message-ID: <9306112112.AA21861@merde.dis.org> MIME-Version: 1.0 Content-Type: text/x-pgp -----BEGIN PGP SIGNED MESSAGE----- > >I raise this because it affects perceived remailer security and I have >not once heard these specific logs brought up, on the list or in person. > it is also common practice for have the logs not readable for pople not in the wheel or staff group. As for this remailer security if you use multiple remailers with random delays the ability to correlate the the sendmail & uucp logs should be sufficient retarded. (this is assuming that you were able to get copies of all the logs from sites the sendmail message passed through -Pete -----BEGIN PGP SIGNATURE----- Version: 2.2 iQBFAgUBLBj1HMhmn7GUWLLFAQFxQQF9ESltl2TTn1j8A9CNDsct+Mz7SzZqwsQe w8H7ILI3mbCF8FVqmkuWNjPeHDe5C3xj =h1r8 -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: XXCLARK@indst.indstate.edu Date: Fri, 11 Jun 93 13:20:50 PDT To: cypherpunks@toad.com Subject: No Subject Message-ID: <9306112020.AA05923@toad.com> MIME-Version: 1.0 Content-Type: text/plain According to nobody@alumni.cco.caltech.edu: > version 2.2 locks up 8088-based computers. Version 2.1 does not. > There is an unauthorized bug fix version, 2.21. I use 2.2 as it PGP 2.2 runs without a hitch on at least one 10 MHz+ XT box in which the 8088 was replaced with an NEC V-20 and an 8087 co-processor added when new... about six years ago. Probably far more XT boxes running, worldwide, than some are capable of imagining. Key generation on the XT is as exciting... and as fast... as a baseball game, but who generates new keys daily? Encryption speed is more than adequate. Not so high a brag-ability index as its companion box, a 486/66 EISA... but to use that machine for encryption seems an utter waste of processor power. `Course, if one can only afford a 486, I suppose one must make do as best one can... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Kelly Goen Date: Fri, 11 Jun 93 15:34:51 PDT To: cypherpunks@toad.com Subject: MAIL: logging that happens on soda Message-ID: <9306111524.aa22415@vishnu.sco.com> MIME-Version: 1.0 Content-Type: text/plain Hi Eric, I as well as many others on this list have either worked as security administrators/ and/or designers in the aspect of systems that you have brought up here. Are you aware of the firewalls mailing list, it could be a HUGE resource in terms of these questions. As to the Logs... well the logfile name could be linked to /dev/null :) that would eliminate the logging problem... Another annoying tracking log is the syslog daemon. Mail connects are logged in their syslog using Sun sendmail and the standard syslog.conf. syslog.conf changes are needed to eliminate this misfeature... cheers kelly p.s. ignore that rather uninformed person who complained you were making yourself look illiterate... most of the folks on this list unless they actually do it for a living(such as moi) ARE quite illiterate about matters such as DNS/Mail logging and TCP/UDP/ICMP/IP logging and/or trusted systems etc. Thats part of what this forum is about for each of us to educate the rest of the list so that privacy issues get FULL spectrum coverage. Please do keep bringing these issues to the forefront... some of do appreciate it. I and others will be happy to discuss the technical details of various tracking and auditing. In-Reply-To: Peter Shipley's message of Fri, 11 Jun 1993 09:51:13 -0700 <9306111651.AA14556@edev0.TFS> Subject: MAIL: logging that happens on soda Re: sendmail logs >Eric, most of us know this stuff you are making yourself look very >unix illiterate. I have opened my mouth and removed all doubt. I _am_ mostly illiterate in the details of Unix; this is one system administration detail I did not know. I have known for a long time that these logs were in principle easy for administration to keep, but I did not know that they were an entirely standard feature. I raise this because it affects perceived remailer security and I have not once heard these specific logs brought up, on the list or in person. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jet@nas.nasa.gov (J. Eric Townsend) Date: Fri, 11 Jun 93 16:16:56 PDT To: cypherpunks@toad.com Subject: A note from one of the jackbooted facists... In-Reply-To: <9306111524.aa22415@vishnu.sco.com> Message-ID: <9306112316.AA20618@boxer.nas.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain This is not an official NASA document. Hi. If you saw what I do for a living sometime, you'd probably consider me a jackbooted facist of the highest order. I implement logging systems, help build firewalls, implement security software and teach people how to build secure systems. Luckily, this isn't my job at NASA -- I'm not a *government* facist brown-shirt. > Another annoying tracking log is the syslog daemon. Annoying if you want to be secure. If you're going to send messages through one of 'my' systems, I'm going to track and log them. Period. Don't like it? Route through something else. This list is being run from a UC-system owned computer. It's not in somebody's closet hooked to a phone line. If UC wants to log email, that's just fine. > syslog.conf changes are needed to eliminate this misfeature... A misfeature that helps me keep people from using 'my' machines unless I let them. > forum is about for each of us to educate the rest of the list > so that privacy issues get FULL spectrum coverage. I thought this list was here to discuss cryptography, not system security or firewalls. :-) If you don't control the system, consider it insecure and all of your informational transfer monitored, logged, and analyzed. -- J. Eric Townsend jet@nas.nasa.gov 415.604.4311| personal email goes to: CM-5 Administrator, Parallel Systems Support | jet@well.sf.ca.us NASA Ames Numerical Aerodynamic Simulation |--------------------------- PGP2.2 public key available upon request or finger jet@simeon.nas.nasa.gov From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Shipley Date: Fri, 11 Jun 93 16:34:38 PDT To: fnerd@smds.com (FutureNerd Steve Witham) Subject: Re: MAIL: logging that happens on soda In-Reply-To: <9306112141.AA17441@smds.com> Message-ID: <9306112334.AA15175@edev0.TFS> MIME-Version: 1.0 Content-Type: text/plain >> Eric, most of us know this stuff >> you are making yourself look very unix illiterate. > >You're looking a little like a nerdsnob to me. > Gee can't a guy rib a friend in public? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peb@PROCASE.COM Date: Fri, 11 Jun 93 17:21:43 PDT To: cypherpunks@toad.com Subject: test, delete me Message-ID: <9306120020.AA21501@banff.procase.com> MIME-Version: 1.0 Content-Type: text/plain This is a test; please delete. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Fri, 11 Jun 93 16:53:19 PDT To: kellyg@sco.com (Kelly Goen) Subject: Re: MAIL: logging that happens on soda In-Reply-To: <9306111524.aa22415@vishnu.sco.com> Message-ID: <9306112353.AA28100@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain According to Kelly Goen: > Hi Eric, > I as well as many others on this list have either > worked as security administrators/ and/or designers in the > aspect of systems that you have brought up here. > > > Are you aware of the firewalls mailing list, it could be a HUGE > resource in terms of these questions. As to the Logs... I, for one, am not aware of this mailing list. Could you post info? Thanx. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Fri, 11 Jun 93 18:00:51 PDT To: newsham@wiliki.eng.hawaii.edu Subject: Mail logging In-Reply-To: <9306120001.AA09108@toad.com> Message-ID: <9306120057.AA09590@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >> >It's got complete traffic analysis data, complete with >> >to/from pairs, time of day, and message size. >The goal of this list is not to turn off such "features" but to >provide security in the face of these features, in hostile environments, >environments not totally under our own control. Well said. If you externally observe a remailer, there are three basic items to correlate incoming to outgoing with: body content, body length, and redelivery latency. Notice that items two and three are provided by the mail logs on my machine. A remailer which is a mix needs to confuse all three. The first, content, requires an encryption or decryption operation. The second, length, requires length quantization and therefore padding and packeting. The last, latency, is only solved by random delays if the traffic through the node stays above a certain threshold. The real important characteristic with latency is reordering the incoming and outgoing messages. The simplest way to do this is to accumulate N messages, create a random permutation on N elements, and mail the messages out in the permuted order. The single most basic problem with mail development that we have is that we don't have enough mail volume through the remailers we have in order to be able to experiment with better systems. In particular, we need to examine other reordering algorithms for the case where volume is low and delivery latencies would be too high with the simple gather-and-permute algorithm. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: morpheus@entropy.linet.org (morpheus) Date: Sat, 12 Jun 93 06:59:48 PDT To: cypherpunks@toad.com Subject: No Subject Message-ID: MIME-Version: 1.0 Content-Type: text/plain From: morpheus@entropy.linet.org (morpheus) Subject: Re: Encrypting the list References: <9306091955.AA09779@boxer.nas.nasa.gov> Organization: Ranch Apocalypse Date: Fri, 11 Jun 1993 22:31:42 GMT Message-ID: <1993Jun11.223142.28987@entropy.linet.org> In article <9306091955.AA09779@boxer.nas.nasa.gov> src4src!imageek!nas.nasa.gov!jet (J. Eric Townsend) writes: >FutureNerd Steve Witham writes: > > We're all prime suspects for being spies. > >'specially those of us with both .gov and .com email addresses, right? And worry all the more about ORGanized spies.. Worrying about spies is pointless. Publicity is good. There isn't any point in cutting people "out of the loop" in effort to stop "spies", what is being discussed needs to be known to as many people as possible. We're talking cryptography, not revolution. -- morpheus@entropy.linet.org Vote anarchist. Support your local police, for a more efficient police state. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: eric@Synopsys.COM Date: Fri, 11 Jun 93 18:36:01 PDT To: cypherpunks@toad.com Subject: Re: A note from one of the jackbooted facists... In-Reply-To: <9306112316.AA20618@boxer.nas.nasa.gov> Message-ID: <199306120135.AA17720@gaea.synopsys.com> MIME-Version: 1.0 Content-Type: text/plain >>>>> On Fri, 11 Jun 93 16:16:49 -0700, jet@nas.nasa.gov (J. Eric Townsend) said: jet> This list is being run from a UC-system owned computer. It's not in jet> somebody's closet hooked to a phone line. If UC wants to log email, jet> that's just fine. If you're referring to the cypherpunks list, it should be pointed out that toad.com is not a UC system. It is in fact a system in sombody's closet, hooked to a phone line. That is, unless John Gilmore has taken hoptoad out of his bedroom closet since I saw it last... -eric messick (eric@toad.com) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ""L. Detweiler"" Date: Fri, 11 Jun 93 17:45:52 PDT To: cypherpunks@toad.com Subject: heavy Clipper ammunition Message-ID: <9306120045.AA05435@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain This will be a short note. The apologists for Clipper on sci.crypt including Sternlight, Denning, Tighe, Goble, and others tend to ultimately fall back on the argument `What's the big deal? Its voluntary!' In some ways, this is their last and most desperate argument. Here are the critical reasons why that is not an acceptable excuse or redeeming feature. 1) Whether Clipper is *currently* voluntary is meaningless given the possibility that it could later become a legislated standard. The argument that it is `voluntary' is worthless unless there is an explicit *guarantee* of such. But, as the original Clipper announcement makes obvious, no such promise is made, apparently because it could not be adhered to. 2) As the CPSR statements point out, NSA has no legal authority to propose a domestic cryptographic standard. (That it pretends that President Clinton and the NIST are the actual purveyors is ugly deceit.) Nor, likely, would any such domestic authority ever be granted to the agency. In some ways, that's the whole point of NIST's cryptographic standards role: that it would be unchained and unmanipulated by NSA. Kammer's meek whimperings in the media prove this is clearly not the case. 3) I don't know who first suggested this, but there is every possibility that the entire plan with Clipper was to make it voluntary *initially* followed by a later legislative enforcement with its proliferation. After all, Clipper would give the NSA the critical `foot in the door' into domestic U.S. cryptography, at which point it would have a toehold to make further encroachments. Hence, the current arguments that `it's only voluntary' are perhaps the ultimate hypocritical lie. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Rain.Face@f418.n161.z1.FIDONET.ORG (Rain Face) Date: Sat, 12 Jun 93 03:57:23 PDT To: cypherpunks@toad.com Subject: REMAILER UPDATE Message-ID: <356.2C19A34A@shelter.FIDONET.ORG> MIME-Version: 1.0 Content-Type: text/plain In that I have been off this list for a while, I was wondering if someone could give me a quick update on which anon remailers are still in service and what the current syntax is. Thanks. --------------------------------------------------------------- ||"No apologies, no excuses,| |PGP Key ID # EFAA97 via all servers | no jive and no regrets." | --------------------------------------------------------------- --- Blue Wave/TG v2.12 [NR] * Origin: realitycheckBBS (510)527-1662 (1:161/418.0) -- Rain Face - via FidoNet node 1:125/1 UUCP: ...!uunet!kumr!shelter!161!418!Rain.Face INTERNET: Rain.Face@f418.n161.z1.FIDONET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: bbyer@BIX.com Date: Fri, 11 Jun 93 17:15:26 PDT To: ryan@rtfm.mlb.fl.us Subject: Re: CryptoStacker Message-ID: <9306112008.memo.59593@BIX.com> MIME-Version: 1.0 Content-Type: text/plain If the project is called CryptoStacker, why not use Stacker? Have the program go beneath Stacker (or another disk doubling system) and encrypt/decrypt the actual stacker file as Stacker reads it? It would be a much simpler solution once you found out how te interface with Stacker. Ben Byer From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: M..Stirner@f28.n125.z1.FIDONET.ORG (M. Stirner) Date: Fri, 11 Jun 93 21:57:58 PDT To: cypherpunks@toad.com Subject: Pgp v 2.2/8088 Message-ID: <341.2C1956A8@shelter.FIDONET.ORG> MIME-Version: 1.0 Content-Type: text/plain * Reply to msg originally in CYPHERPUNKS > version 2.2 locks up 8088-based computers. Version 2.1 does not. > There is an unauthorized bug fix version, 2.21. I use 2.2 as it Uu> PGP 2.2 runs without a hitch on at least one 10 MHz+ XT Uu> box in which the 8088 was replaced with an NEC V-20 and an 8087 Uu> co-processor added when new... about six years ago. I don't doubt it for a second, but I know it definitely will lock up a real 8088. Also there is a problem with DesqView in some cases. Uu> Probably far more XT boxes running, worldwide, than some Uu> are capable of imagining. I'm sure of that, too. PGP is a worldwide phenomenon, & there are a whole lot of XT-class computers in the outside world. Uu> Key generation on the XT is as exciting... and as fast... Uu> as a baseball game... Well, more like _cricket_, actually. 8-) Uu> Encryption speed is more than adequate. Considering the math involved, yes. Still even a 20MHz 286 fairly flies doing PGP tasks in comparison, though. ********************************************************************* * - PGP Key D30909 via servers * * > What country can preserve its liberties if its rulers are not <* * > warned from time to time that their people preserve the spirit <* * > of resistance? Let them take arms!" - Thomas Jefferson, 1787 <* ********************************************************************* ___ Blue Wave/QWK v2.12 -- M. Stirner - via FidoNet node 1:125/1 UUCP: ...!uunet!kumr!shelter!28!M..Stirner INTERNET: M..Stirner@f28.n125.z1.FIDONET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ""L. Detweiler"" Date: Fri, 11 Jun 93 19:21:29 PDT To: cypherpunks@toad.com Subject: it's official: PKP sells out for Clipper Message-ID: <9306120221.AA06841@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain From the following document: >PKP will also grant a license to practice key management, at no >additional fee, for the integrated circuits which will implement >both the DSA and the anticipated Federal Information Processing >Standard for the "key escrow" system announced by President Clinton >on April 16, 1993. more weasel words: >Notice of availability of this invention for licensing >was waived because it was determined that expeditious granting of >such license will best serve the interest of the Federal Government >and the public. what else? ===cut=here=== From: jim@rand.org (Jim Gillogly) Newsgroups: sci.crypt Subject: DSA: NIST and PKP come to terms Message-ID: <16860@rand.org> Date: 11 Jun 93 20:56:44 GMT Sender: news@rand.org Organization: Banzai Institute This text was transcribed from a fax and may have transcription errors. We believe the text to be correct but some of the numbers may be incorrect or incomplete. --------------------------------------------------------------------- ** The following notice was published in the Federal Register, Vol. 58, No. 108, dated June 8, 1993 under Notices ** National Institute of Standards and Technology Notice of Proposal for Grant of Exclusive Patent License This is to notify the public that the National Institute of Standards and Technology (NIST) intends to grant an exclusive world-wide license to Public Key Partners of Sunnyvale, California to practice the Invention embodied in U.S. Patent Application No. 07/738.431 and entitled "Digital Signature Algorithm." A PCT application has been filed. The rights in the invention have been assigned to the United States of America. The prospective license is a cross-license which would resolve a patent dispute with Public Key Partners and includes the right to sublicense. Notice of availability of this invention for licensing was waived because it was determined that expeditious granting of such license will best serve the interest of the Federal Government and the public. Public Key Partners has provided NIST with the materials contained in Appendix A as part of their proposal to NIST. Inquiries, comments, and other materials relating to the prospec- tive license shall be submitted to Michael R. Rubin, Active Chief Counsel for Technology, Room A-1111, Administration Building, National Institute of Standards and Technology, Gaithersburg, Maryland 20899. His telephone number is (301) 975-2803. Applica- tions for a license filed in response to this notice will be treated as objections to the grant of the prospective license. Only written comments and/or applications for a license which are received by NIST within sixty (60) days for the publication of this notice will be considered. The prospective license will be granted unless, within sixty (60) days of this notice, NIST receives written evidence and argument which established that the grant of the license would not be consistent with the requirements of 35 U.S.C. 209 and 37 CFR 404.7. Dated: June 2, 1993. Raymond G. Kammer Acting Director, National Institute Standards and Technology. Appendix "A" The National Institute for Standards and Technology ("NIST") has announced its intention to grant Public Key Partners ("PKP") sublicensing rights to NIST's pending patent application on the Digital Signature Algorithm ("DSA"). Subject to NIST's grant of this license, PKP is pleased to declare its support for the proposed Federal Information Processing Standard for Digital Signatures (the "DSS") and the pending availability of licenses to practice the DSA. In addition to the DSA, licenses to practice digital signatures will be offered by PKP under the following patents: Cryptographic Apparatus and Method ("Diffie-Hellman") No. 4,200,770 Public Key Cryptographic Apparatus and Method ("Hellman-Merkle") No. 4,315,552 Exponential Cryptographic Apparatus and Method ("Hellman-Pohlig") No. 4,434,414 Method For Identifying Subscribers And For Generating And Verifying Electronic Signatures In A Data Exchange System ("Schnorr") No. 4,995,082 It is PKP's intent to make practice of the DSA royalty free for personal, noncommercial and U.S. Federal, state and local government use. As explained below, only those parties who enjoy commercial benefit from making or selling products, or certifying digital signatures, will be required to pay royalties to practice the DSA. PKP will also grant a license to practice key management, at no additional fee, for the integrated circuits which will implement both the DSA and the anticipated Federal Information Processing Standard for the "key escrow" system announced by President Clinton on April 16, 1993. Having stated these intentions, PKP now takes this opportunity to publish its guidelines for granting uniform licenses to all parties having a commercial interest in practicing this technology: First, no party will be denied a license for any reason other that the following: (i) Failure to meet its payment obligations, (ii) Outstanding claims of infringement, or (iii) Previous termination due to material breach. Second, licenses will be granted for any embodiment sold by the licensee or made for its use, whether for final products software, or components such as integrated circuits and boards, and regard- less of the licensee's channel of distribution. Provided the requisite royalties have been paid by the seller on the enabling component(s), no further royalties will be owned by the buyer for making or selling the final product which incorporates such components. Third, the practice of digital signatures in accordance with the DSS may be licensed separately from any other technical art covered by PKP's patents. Fourth, PKP's royalty rates for the right to make or sell products, subject to uniform minimum fees, will be no more than 2 1/2% for hardware products and 5% for software, with the royalty rate further declining to 1% on any portion of the product price exceeding $1,000. These royalty rates apply only to noninfringing parties and will be uniform without regard to whether the licensed product creates digital signatures, verifies digital signatures or performs both. Fifth, for the next three (3) years, all commercial services which certify a signature's authenticity for a fee may be operated royalty free. Thereafter, all providers of such commercial certification services shall pay a royalty to PKP of $1.00 per certificate for each year the certificate is valid. Sixth, provided the foregoing royalties are paid on such products or services, all other practice of the DSA shall be royalty free. Seventh, PKP invites all of its existing licensees, at their option, to exchange their current licenses for the standard license offered for DSA. Finally, PKP will mediate the concerns of any party regarding the availability of PKP's licenses for the DSA with designated representatives of NIST and PKP. For copies of PKP's license terms, contact Michael R. Rubin, Acting Chief Counsel for Technolo- gy, NIST, or Public Key Partners. Dated: June 2, 1993. Robert B. Fougner, Esq., Director of Licensing, Public Key Partners, 310 North Mary Avenue, Sunnyvale, CA 94033 [FR Doc. 93-13473 Filed 8-7-93; 8:45 am] --------------------------------------------------------------------- Forwarded by: -- Jim Gillogly Trewesday, 21 Forelithe S.R. 1993, 20:56 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: smb@research.att.com Date: Fri, 11 Jun 93 17:28:06 PDT To: "J. Michael Diehl" Subject: Re: MAIL: logging that happens on soda Message-ID: <9306120028.AA09550@toad.com> MIME-Version: 1.0 Content-Type: text/plain According to Kelly Goen: > > Are you aware of the firewalls mailing list, it could be a HUGE > resource in terms of these questions. As to the Logs... I, for one, am not aware of this mailing list. Could you post info? To subscribe, send mail to majordomo@greatcircle.com, with the body of the message saying subscribe firewalls From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@rosebud.ee.uh.edu Date: Fri, 11 Jun 93 18:38:57 PDT To: cypherpunks@toad.com Subject: DH for email Message-ID: <9306120138.AA10588@toad.com> MIME-Version: 1.0 Content-Type: text/plain Suppose you are communicating with someone using email about something which the government wouldn't like. Being careful, you use PGP or something similar. Later, the government gets wind of your activities. They seize your computer, recovering your encrypted secret key. You do not have copies of your old mail, but to your dismay, you discover that your email service provider keeps backups of old mail. Using a court order, the government is able to recover copies of all of your old email. The court orders you to reveal your pass phrase for your secret key. Any refusal will result in your being jailed for contempt. You are forced to comply. The result is that your old messages are decrypted and used against you as evidence. It would be good to have an alternative which would not be subject to this kind of attack. Diffie-Hellman key exchange is generally suitable for an interactive environment like an encrypted telnet session or a secure serial line. But it could be adapted to email by having each side create one or more "key halves" in advance, and exchanging these in an initial message. Future email could use a session key created by taking the next pair of key halves (one from each person). When the supply of key halves got low, more could be generated and piggybacked with the next email message. Such a system would be more secure against the kind of attack described here. There would be no possibility of reconstructing the session key used if the key halves were destroyed after use. You may choose to keep your own personal copies of email, but you can delete them and be secure in the knowledge that no attacker will be able to reconstruct them. A program like PGP could be created which would automatically take care of the bookkeeping involved with creating and exchanging key halves for the DH algorithm. Then users could have electronic conversations which were freer from the threat of being coerced into revealing their secret keys and having the contents of their mail exposed. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ""L. Detweiler"" Date: Fri, 11 Jun 93 19:54:25 PDT To: cypherpunks@toad.com Subject: more Clipper proponents on sci.crypt Message-ID: <9306120254.AA07220@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain Call me paranoid, but I think the NSA has decided that sci.crypt is now a good spot to level propaganda. From: pugh@cs.umd.edu (Bill Pugh) Organization: U of Maryland, Dept. of Computer Science, Coll. Pk., MD 20742 >I don't like the Clipper, and don't think it will succeed. However, on the >chance that we get stuck with it, we should figure out ways to solve many >of the concerns people have raised. > >A lot of people have concerns about the key escrow system. There are >good reasons to be worried about a system in which the government can >get a court order to decode your communications. But an even greater >concern to many people is how to make sure that key disclosure is limited >to lawfully authorized cases. The more I see statements like these, the more I suspect that the Clipper has a backdoor besides the key escrow systems. I think the whole escrow issue is a decoy to getting a widespread NSA standard in place. Also, keep in mind it could be the case that NSA builds different versions of the chips over time. How would we ever know? From: rja14@cl.cam.ac.uk (Ross Anderson) Organization: U of Cambridge Computer Lab, UK >At Eurocrypt 93 a few weeks ago, the NSA's technical director said that the >key escrow system was still `vaporware' and that they had no objection to >interested parties getting involved in the design, to make sure that it was >`whiter than white'. > >Here's my twopenceworth: you can in fact make an escrow system which will be >goood enough to silence all or most of the reasonable objections, and here is >how to do it. > >1. The International Problem. > >... if clipper is restricted to the US, it will lose a lot of its value. >The bad guys such as the Mafia and the various terrorist groups will just >buy their communications systems in Europe or the Far East. Indeed, >respectable US corporations may end up buying their kit there as this is the >only way in which they can get the same kind of scrambler phone in each of >their offices. This guy then goes on to propose a lot of bizarre international configurations of key escrow. Holy cow-- this guy is advocating *international* key escrow? Good lord, cypherpunks, I wouldn't be surprised if Britain soon official endorses the Clipper. All our worst paranoia would be reality. Consider it: the NSA and GCHQ have been in active collaboration ever since WWII and especially in recent years. This is all documented by Bamford. What if Clipper is not just amenable to the NSA, but was also developed with British input? >The big question of course is whether the Agency would be happy with an >escrow system which really worked, on top of algorithms which were really >hard to break and were implemented well. Perhaps the object of the current >exercise is simply to sow fear, uncertainty and doubt, and thus postpone the >uptake of crypto in the commercial sector, I don't care if `the Agency' is happy or not. I think they would most definitely *not* be happy under such an arrangement and would use any significant Clipper entrenchment as torque to later ban alternative cryptographic schemes. I'm growing desperately weary. I think the tidal wave is approaching. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: The Phantom Date: Fri, 11 Jun 93 21:38:02 PDT To: cypherpunks@toad.com Subject: Remailer mail logging: Message-ID: MIME-Version: 1.0 Content-Type: text/plain just for your info: the mead remailer has no logging enabled! :) Matt Thomlinson Say no to the Wiretap Chip! University of Washington, Seattle, Washington. Internet: phantom@u.washington.edu phone: (206) 528-5732 PGP 2.2 key available via email or finger phantom@hardy.u.washington.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: M..Stirner@f28.n125.z1.FIDONET.ORG (M. Stirner) Date: Fri, 11 Jun 93 22:57:57 PDT To: cypherpunks@toad.com Subject: Nsa/gshq Message-ID: <343.2C196B79@shelter.FIDONET.ORG> MIME-Version: 1.0 Content-Type: text/plain * Reply to msg originally in CYPHERPUNKS Uu> Good lord, cypherpunks, I wouldn't be surprised if Britain soon Uu> official endorses the Clipper. All our worst paranoia would be Uu> reality. Consider it: the NSA and GCHQ have been in active Uu> collaboration ever since WWII and especially in recent years. Uu> This is all documented by Bamford. To say nothing of Peter Wright's [MI5] revelations, the publication of which I understand was banned in the UK. Very interesting stuff - I hope Britons eventually got the chance to read his book, _Spycatcher_. ********************************************************************* * - PGP Key D30909 via servers * * > What country can preserve its liberties if its rulers are not <* * > warned from time to time that their people preserve the spirit <* * > of resistance? Let them take arms!" - Thomas Jefferson, 1787 <* ********************************************************************* ___ Blue Wave/QWK v2.12 -- M. Stirner - via FidoNet node 1:125/1 UUCP: ...!uunet!kumr!shelter!28!M..Stirner INTERNET: M..Stirner@f28.n125.z1.FIDONET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Leo Reilly Date: Fri, 11 Jun 93 22:11:51 PDT To: cypherpunks@toad.com Subject: Unsubscribe Message-ID: <93Jun11.221119pdt.13922-2@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain could you please remove me from the mail list. I am on the road for two weeks, without a laptop, and I cannot affored the disk space to be taken up while I am gone. Cheers! Leo Reilly From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Matt Blaze Date: Fri, 11 Jun 93 19:28:11 PDT To: cypherpunks@toad.com Subject: Privacy panel at USENIX Conference Message-ID: <9306120218.AA07373@crypto.com> MIME-Version: 1.0 Content-Type: text/plain Anyone who's going to be attending USENIX the week after next will want to make sure not to miss the privacy panel, to be held Friday afternoon (First session after lunch, I think). The topic to be discussed is anonymity on the net... Here's the official announcement: USENIX SUMMER 1993 TECHNICAL CONFERENCE June 21 -25, 1993 Cincinnati, Ohio Privacy Panel: Anonymity Servers - Finding The Bounds of Rights This USENIX Panel session will address anonymity servers, systems serving to sanitize e-mail and NetNews postings in order to conceal the source. We will explore the legal and ethical issues involved, and try to shed some light on the subtle complexities involving "the bounds of rights" such systems pose. Some of the issues are considerably more complex than they might first appear. Our panel will consist of Dan Appelman, John Gilmore, Johan ("Julf") Helsingius, and will be convened by Mike O'Dell. Biographies of the participants follow. Dan Appelman, Panelist Dan Appelman is a lawyer who practices computer and telecommunications law from his office in Palo Alto, California. He also teaches a course in telecommunications policy, law and regulation and has written and lectured about the legal issues in both the telecommunications and data processing industries. Dan is the lawyer the USENIX Association and several other amusing high-tech enterprises. He is a partner in the law firm of Heller, Ehrman, White & McAuliffe. John Gilmore, Panelist Among his other interests and accomplishments, John Gilmore is a dedicated champion of civil liberties in cyberspace. John was a cofounder of the Electronic Frontier Foundation and has campaigned aggressively for public availability of high-quality encryption systems. He was employee number five at Sun Microsystems, may well have written more APL interpreters than any other single human, and his most recent business venture is the founding of Cygnus Support, a software support company dedicated to the commercial viability of free software. He notes that he has never had time to attend college or buy a suit. Johan Helsingius, Panelist The last time anyone really referred to Johan Helsingius using his family name was while he was doing his military service long ago. As the memories are not too fond, he prefers to be called "Julf", a name based on a play on words involving 3 languages. He has been heavily involved in all manner of European Unix-related activities for longer than he cares to remember. He founded and still runs two successful consultancy and training companies, Penetron and Penetic, which manage to fund his well-developed tastes for global travel and exploring the native arcania. Most recently Julf established an anonymity server, anon.penet.fi, that quickly became the most popular anonymous posting service on the Internet with more than 20,000 users. Although he is based in downtown Helsinki, Julf tends to spend most of his time in airport departure lounges. Mike O'Dell, Provocateur Mike O'Dell is Vice-president of the USENIX Association and he is also Editor-in-Chief of the USENIX journal, Computing Systems. When he is not busy doing either of those two things, he is Vice-president of Engineering at UUNET Technologies, Inc., a commercial IP and UUCP connectivity provider. Mike's role in this panel, however, is to reprise his occasional role as Resident Crank and thereby provoke a lively analysis of the issues. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: hal@alumni.cco.caltech.edu (Hal Finney) Date: Fri, 11 Jun 93 22:28:15 PDT To: cypherpunks@toad.com Subject: PKP sellout? Message-ID: <9306120527.AA03229@alumni.cco.caltech.edu> MIME-Version: 1.0 Content-Type: text/plain This was my response on sci.crypt to this announcement that PKP will be supporting DSS, and licensing its technology for use by Clipper phones. Thanks to Lance for alerting us to this announcement. ----- jim@rand.org (Jim Gillogly) forwards: >This is to notify the public that the National Institute of >Standards and Technology (NIST) intends to grant an exclusive >world-wide license to Public Key Partners of Sunnyvale, California >to practice the Invention embodied in U.S. Patent Application No. >07/738.431 and entitled "Digital Signature Algorithm." And so it appears that another patent jewel will be added to the crown worn by PKP, the de facto owner of cryptographic technology in the United States. They will have an exclusive license to the DSA, as they already do to RSA and most other worthwhile encryption technologies. This also appears to put to rest the much-publicized feud between RSA and NIST/NSA. Conspiracy theorists can now comfortably return to the position that PKP/RSADSI is actually an arm of the NSA, dedicated to restricting and delaying access to strong cryptography as much as possible. >Notice of availability of this invention for licensing >was waived because it was determined that expeditious granting of >such license will best serve the interest of the Federal Government >and the public. Once again we are presented with a fait accompli; no other organizations were given an opportunity to bid for the licensing of this patent. The government prefers to see PKP holding the keys to all cryptography in the U.S. Remember how Clipper's technology was similarly assigned to particular corporations on a non-competitive basis? >Subject to NIST's grant of this license, PKP is pleased to declare >its support for the proposed Federal Information Processing >Standard for Digital Signatures (the "DSS") and the pending >availability of licenses to practice the DSA. And what of the technical objections to DSA/DSS raised in earlier documents by officials of RSADSI, such as in the recent CACM? No doubt those objections are now moot. >PKP will also grant a license to practice key management, at no >additional fee, for the integrated circuits which will implement >both the DSA and the anticipated Federal Information Processing >Standard for the "key escrow" system announced by President Clinton >on April 16, 1993. So PKP is now supporting key escrow and Clipper. Can anyone seriously argue that this company is a friend to supporters of strong cryptography? These are dark times indeed. PKP has thrown in with the government, getting behind DSS and Clipper in exchange for exclusive licensing rights. Their ownership of DH and RSA will make it that much harder for any competition to Clipper to arise. If the 60-day comment period really means anything, perhaps public criticism can be effective here. There is much to be concerned about in this announcement. Hal Finney hal@alumni.caltech.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Fri, 11 Jun 93 23:09:14 PDT To: hal@alumni.cco.caltech.edu (Hal Finney) Subject: Re: PKP sellout? In-Reply-To: <9306120527.AA03229@alumni.cco.caltech.edu> Message-ID: <9306120609.AA05252@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Yep, dark times indeed. As Hal and Lance note, these decisions are all made in complete secrecy. Bidzos and RSA appear to have sold out. If true, we'll have lots to talk about at Saturday's meeting. -Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: XXCLARK@indst.indstate.edu Date: Sat, 12 Jun 93 00:16:38 PDT To: cypherpunks@toad.com Subject: Pgp v 2.2/8088/V-20 Message-ID: <9306120716.AA13031@toad.com> MIME-Version: 1.0 Content-Type: text/plain ms>I don't doubt it for a second, but I know it definitely will ms>lock up a real 8088. Grew so accustomed to the NEC V-series I suspect I'd come to think of them as the *real* 8088... and 8080. Uu> Key generation on the XT is as exciting... and as fast... Uu> as a baseball game... ms> Well, more like _cricket_, actually. 8-) There is *nothing* like cricket. Uu> Encryption speed is more than adequate. ms> Considering the math involved, yes. Still even a 20MHz 286 ms> fairly flies doing PGP tasks in comparison, though. Agreed. Just didn't want the potential PGP user with an XT to feel he'd have to settle for a Clipper chip... and had my button pushed by the naif overly impressed with the originovelnew. One wonders what reaction one would elicit were he confronted with an Altair kit and its quarter mile of white wire or MS Basic on paper tape or cassette. --------------------------------------------------------------------- internet : xxclark@indst.indstate.edu RelayNet (488) Vanilla BITNET: XXCLARK@INDST FidoNet (1:2230/114) Phone: 911 TechNet 11:800/0 One need not be a weatherman to know which way the wind is blowing. --------------------------------------------------------------------- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: RYAN Alan Porter Date: Fri, 11 Jun 93 23:35:50 PDT To: bbyer@BIX.com Subject: Re: CryptoStacker In-Reply-To: <9306112008.memo.59593@BIX.com> Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Fri, 11 Jun 1993 bbyer@BIX.com wrote: > If the project is called CryptoStacker, why not use Stacker? > Have the program go beneath Stacker (or another disk doubling system) > and encrypt/decrypt the actual stacker file as Stacker reads it? It > would be a much simpler solution once you found out how te interface > with Stacker. Problems: 1) Defeats the purpose of free/cheap-ware. 2) Mixes abstraction levels and causes drivers to run redundantly (and thus, more slowly) 3) Would not be modular with further expandability Solution: Take the meat of the suggestion (building upon an already working system of sector remapping and data mangling) and build upon it. Indeed, what I am doing is finding working sources for drivers and network redirectors and examining them to find one which will serve as a good model to work from. This will provide the benefits of working under Stacker, as you suggested, and will also have the advantages of freeing us from the list of disadvantages. > Ben Byer -=Ryan=- the Bit Wallah cat cypherpunk.flames > /dev/null From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: smb@research.att.com Date: Sat, 12 Jun 93 05:02:23 PDT To: hal@alumni.cco.caltech.edu (Hal Finney) Subject: Re: PKP sellout? Message-ID: <9306121202.AA16880@toad.com> MIME-Version: 1.0 Content-Type: text/plain It's worth remembering that for the most part, corporations don't have ethics, they have bottom lines. Most of PKP's objections to the DSA were not really solid; rather, they were in defense of RSA as a profit center. There only two really big ones -- that DSA as originally proposed had too small a key size, and that it doesn't provide secrecy, only authentication. The former has been fixed by NIST, and the latter was a design goal. In this case, NIST really had no choice but to deal with PKP. Apart from the question of the Diffie-Hellman patent -- and in my opinion, DSA definitely did infringe on it -- the proposed algorithm was very close to Schnorr's algorithm, which was patented, and to which PKP had purchased the rights. If NIST had gone ahead without making a deal with PKP, the standard would have been tied up in lawsuits for years, with the outcome quite uncertain. And while that may or may not have suited this community, it would not meet NIST's objectives. I don't see the hand of conspiracy here; rather, I see an encouraging trend, that the private sector is able to compete in cryptographic competence with NSA. I am encouraged by the pledges to allow non-commercial use -- note the lack of any RSAREF-like interface -- and to engage in non-discriminatory licensing. --Steve Bellovin From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jet@nas.nasa.gov (J. Eric Townsend) Date: Sat, 12 Jun 93 12:51:59 PDT To: cypherpunks@toad.com Subject: Re: A note from one of the jackbooted facists... In-Reply-To: <199306120135.AA17720@gaea.synopsys.com> Message-ID: <9306121951.AA23408@boxer.nas.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain eric@Synopsys.COM writes: > If you're referring to the cypherpunks list, it should be pointed out > that toad.com is not a UC system. It is in fact a system in sombody's I'm a big idiot. I just have a 'cypher' alias, and I forgot what it pointed to. Still, the person with the machine 'in their closet' has the right to keep records. :-) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pozar@kumr.lns.com (Tim Pozar) Date: Sat, 12 Jun 93 12:59:03 PDT To: eric@Synopsys.COM Subject: Re: A note from one of the jackbooted facists... In-Reply-To: <199306120135.AA17720@gaea.synopsys.com> Message-ID: MIME-Version: 1.0 Content-Type: text eric@Synopsys.COM wrote: > If you're referring to the cypherpunks list, it should be pointed out > that toad.com is not a UC system. It is in fact a system in sombody's > closet, hooked to a phone line. That is, unless John Gilmore has > taken hoptoad out of his bedroom closet since I saw it last... Wrong room of the house and wiring, but right concept. Tim -- Internet: pozar@kumr.lns.com FidoNet: Tim Pozar @ 1:125/555 Snail: Tim Pozar / KKSF / 77 Maiden Lane / San Francisco CA 94108 / USA POTS: +1 415 788 2022 Radio: KC6GNJ / KAE6247 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jet@nas.nasa.gov (J. Eric Townsend) Date: Sat, 12 Jun 93 13:10:49 PDT To: cypherpunks@toad.com Subject: evil government and corporate plot Message-ID: <9306122010.AA23499@boxer.nas.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain It appears that both NASA and Thinking Machines are involved in a plot to keep me from attending today's meeting. Said plot involves agents of both parties deliberately crashing the CM-5 and requiring me to fix it before I'm allowed to do anything else. [sigh] -eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mark Date: Fri, 11 Jun 93 20:56:41 PDT To: cypherpunks@toad.com Subject: Re: Mail logging Message-ID: <9306120356.AA11546@toad.com> MIME-Version: 1.0 Content-Type: text/plain >The single most basic problem with mail development that we have is >that we don't have enough mail volume through the remailers we have in >order to be able to experiment with better systems. In particular, we >need to examine other reordering algorithms for the case where volume >is low and delivery latencies would be too high with the simple >gather-and-permute algorithm. Well, I hate to point out the obvious but can we organise with the list maintainer to have our mail routed through random machines until it gets to us? I'd only recommend this for the more email aware members as it might prove confusing. Also, to save my own sanity and others certain header munglings might be desirable to ensure that the mail is still filterable. I'd suggest either an addition to the remailer scripts to allow a predefined header line through, or the Subject: line of each message is prefixed with CRYPTO: so the end users can still filter the messages as they now do. Currently I use 'procmail' to filter out various things and it works on the contents of the mail header as so: --------.procmailrc-------------------------- IFS="" PATH=/home/coombs/mark/bin:/usr/local/bin:/usr/bin:/bin MAILDIR=$HOME/mail DEFAULT=/usr/mail/$USER # Filtering for cypherpunks :2 # Two 'if' clauses (^To:.*cypherpunks@toad.com.*|^Cc: .*cypherpunks@toad.com.*) (^Subject: .*(UNSUBSCRIBE|nsubscribe).*) /dev/null # If a match send mail here. --------.procmailrc-------------------------- If we were to route all the mail through remailers I would lose the functionality of filtering as I wouldnt know where the email was coming from, nor would I be able to know it was cypherpunks mail until I read the message body. thats why a Subject: line change or a modification to the remailer scripts (if needed) should be made. Assuming the above was made, all the maintainer would have to do is change my mark@coombs.anu.edu.au line in the alias file to a: |/bin/random-remail -dest mark@coombs.anu.edu.au or |/bin/random-pgp-remail -dest mark@coombs.anu.edu.au -key mark@coombs.anu.edu.au where 'random-remail' is a short program that scans a list of remailers and randomly selects some, puts the addresses and remail triggers into a file, appends the message and changes the "Subject: blah" line to "Subject: CRYPTO: blah". 'random-pgp-remail' does the same and encrypts the whole message before sending, possibly encrypting again a few times with remailer keys. This approach would (dramatically :) increase the remailer traffic to levels where mail re-ordering is possible. Padding would be the next step, add the lines on the end to bring the message to 512 bytes, 1024 bytes, 2048 bytes or greater. Maybe pad all messages to the nearest 1024 bytes? (see below for a method :) The only problem I can see after the programs are debugged etc is the extra overhead on toad.com, wther it's a non encrypted mail out or not. But if that is acceptable to the maintainer in the intrests of giving remailer operators some fodder then we can implement it I dont see any of the random-[pgp-]remailer programs being longer than 30 or 40 (perl script) lines. I'd write them myself if I could get some mail aliases installed on this host. Admittedly they aren't essential but I'd like them for testing purposes. Mark mark@coombs.anu.edu.au PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PADDING PA <---- end of padding to make this 2048 bytes long From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Fred Heutte Date: Sat, 12 Jun 93 20:08:39 PDT To: hal@alumni.cco.caltech.edu Subject: Re: PKP sellout? Message-ID: <93Jun12.200814pdt.13879-2@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain This PKP announcement is the last straw. This is clearly a case of the federal policy/procurement bureaucracy going completely out of control. The way things ran under Bush, except if they tried to pull this blatant a deal their bluff would have been called immediately. I think it's time to demand the White House put a total moratorium on all policies related to digital and telecommunications data and privacy until they can extract themselves from this quicksand. And if they won't do that, it's time to kick some *serious* political butt. Don't you let that deal go down! Fred Heutte Sunlight Data Systems "Why make it simple and easy when you can make it complex and wonderful!" From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@cicada.berkeley.edu Date: Sat, 12 Jun 93 20:36:00 PDT To: cypherpunks@toad.com Subject: what happens when you reply to nobody@cicada.berkeley.edu ? Message-ID: <9306130335.AA16404@cicada.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Ya, I wanted to know what happens when you responded to mail from nobody@cicada.berkeley.edu ? Thanks From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "William H. Oldacre" <76114.2307@CompuServe.COM> Date: Sat, 12 Jun 93 18:49:16 PDT To: Subject: 8088/PGP failures. Message-ID: <930613014638_76114.2307_BHA60-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain >I don't know where you've been, but version 2.2 has a notorious bug >that locks up the box under numerous situations. In my experience, >version 2.2 locks up 8088-based computers. Version 2.1 does not. >I was not aware that people still used that version of a computer. >An 8088???? >Don't be so arrogant. >Additionally, when one is running PGP under Windows the "virtual DOS >machine" on which it is running *is* an 8088 (of sorts) and PGP 2.2 will >lock it up 2/3 of the time. >PGP 2.2 runs without a hitch on at least one 10 MHz+ XT box in which >the 8088 was replaced with an NEC V-20 and an 8087 co-processor added >when new... about six years ago. >I don't doubt it for a second, but I know it definitely will lock up a >real 8088. Also there is a problem with DesqView in some cases. I live in Central Florida which experiences more lightning discharges than almost anywhere else in the country (excepting certain mountain tops). We are now entering our most violent season. Yesterday, a semi-trailer was struck on I-75 at a Gainesville exit and had both front tires blown out and his front window shattered. In Florida, you are roughly thirteen times more likely to be killed by lightning than win any single entry in the Florida lottery (lottery odds: 13.9 million to one). My home has been directly struck by lightning and suffered heavy damage. This may help to explain to those who authored the sentences above why I still employ an 8 MHz, 8088 based, Sanyo MBC-775 computer as my primary communications computer (no hard drive). Not counting the disfunctional Honeywell mainframe in the garage, I have over a dozen computers. Why risk a more expensive (and failure prone) system when it's sophistication is not necessary? PGP 2.2 works perfectly on my unit. I suggest that the lockup problem may be more related to the many different approaches to writing an IBM compatible ROM BIOS, rather than to the processor used. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ""L. Detweiler"" Date: Sat, 12 Jun 93 23:02:29 PDT To: cypherpunks@toad.com Subject: PKP sellout = betrayal In-Reply-To: <9306121202.AA16880@toad.com> Message-ID: <9306130602.AA19359@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain S. Bellovin >I don't see the hand of conspiracy here; rather, I see an encouraging >trend, that the private sector is able to compete in cryptographic >competence with NSA. > >I am encouraged by the pledges to allow non-commercial use -- note the >lack of any RSAREF-like interface -- and to engage in non-discriminatory >licensing. By cooperating with NIST on DSA and Clipper, they are implicitly sending the message that the poorly-to-outrageously directed standards making processes for both are wholly acceptable assuming PKP directly profits. That is, that is the weak `nonconspirational' interpretation. The conspirational interpretation is that this announcement is just a blatant indication that PKP, in addition to NIST, is controlled by the NSA. Let me remind everyone that Capstone has a yet-unspecified exchange protocol. Denning suggested on RISKS that Diffie-Hellman (covered by PKP patents) `could be used'. There is some serious evasion going on here. If Capstone is already built, with a public-key algorithm installed, it suggests that PKP has been cooperating on the Clipper/Capstone proposals all along. It will be most interesting to hear announcements on Capstone that announce its key exchange mechanism. PKP `had' the ability to murder Clipper/Capstone in its crib if it so desired, more so than any other single nexus, by denying the right to use public key algorithms (on which it now has a strangling, monopolistic lock). Gad, I can't believe it didn't occur to me to lobby them to do so. In retrospect, it wouldn't have done anything more than heighten the inevitable betrayal. Maybe Mr. Bellovin can clarify how this agreement represents an `encouraging trend in the private sector to compete with the NSA' -- Good lord man, not unless you think that PKP represents the entire private sector in cryptographic applications. Uh, touche' -- you do and it does. Does anybody feel like raiding PKP dumpsters? :( P.S. doubt P.R.Z. will be in a docile mood after hearing this one... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Sun, 13 Jun 93 01:17:55 PDT To: cypherpunks@toad.com Subject: alt.whistleblowing Message-ID: <9306130817.AA01161@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain I just started reading the alt.whistleblowing newsgroup. It would seem that it has already digressed into a flamefest. Could the person who created it please post a set of guidelines for the group! Also, people are using their REAL names! Appearantly, they don't know anything about the anon remailers....Could someone post a notice about that, too? Same thing goes WRT pgp. We helped create this group, we ought to help keep it worth reading. ;^) +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: smb@research.att.com Date: Sun, 13 Jun 93 01:34:11 PDT To: ld231782@longs.lance.colostate.edu Subject: Re: PKP sellout = betrayal Message-ID: <9306130834.AA01183@toad.com> MIME-Version: 1.0 Content-Type: text/plain Let me remind everyone that Capstone has a yet-unspecified exchange protocol. Denning suggested on RISKS that Diffie-Hellman (covered by PKP patents) `could be used'. There is some serious evasion going on here. If Capstone is already built, with a public-key algorithm installed, it suggests that PKP has been cooperating on the Clipper/Capstone proposals all along. It will be most interesting to hear announcements on Capstone that announce its key exchange mechanism. I'm not sure what your point is here. It requires no conspiracy to opt for Diffie-Hellman as a key exchange mechanism; it's simply the obvious way to do things. (I'm speaking professionally here; cryptographic protocols are one of my research areas.) The STU-III's already use Diffie-Hellman; it's possible that the government's license for that patent grants it broad rights for such things. (The government does have free use of RSA; is there any such clause with respect to Diffie- Hellman?) PKP `had' the ability to murder Clipper/Capstone in its crib if it so desired, more so than any other single nexus, by denying the right to use public key algorithms (on which it now has a strangling, monopolistic lock). Gad, I can't believe it didn't occur to me to lobby them to do so. In retrospect, it wouldn't have done anything more than heighten the inevitable betrayal. No, PKP had no such ability. Clipper was always a potential source of profit to them, precisely because either RSA or Diffie-Hellman was needed for it. Given that they were going to make money from Clipper, the only question was how much. As Deep Throat said ~20 years ago, ``Follow the money''. (Those a bit older still should recall Dow Chemical's position on co-operating with the government.) ``Betrayal'' is a moral term. As I said before, corporations don't care about such things, only about bottom lines. That some settlement about DSA would be reached was inevitable. NIST needed PKP's assent to go ahead with DSA. PKP wanted to make money from the DSA, because it extends their profitable lifetime -- the RSA patent expires in 2001, whereas the Schnorr patent doesn't expire till 2008. PKP only opposed DSA while they didn't own the Schnorr patent; their other handle on DSA, the Diffie-Hellman patent, expires even earlier (1997). The interesting thing is the incentive to use Clipper. That's not something PKP cares about one way or another, compared with any sort of widespread use of cryptography (though perhaps RSADSI does; if private cryptography is restricted, RC2 and RC4 have much less of a market). Obviously, NIST wanted some clause like that. In exchange, they had to give PKP something more. My guess is that the hook was to grant them exclusive world-wide licensing rights to DSA, rather than simply a cut of the royalties. Maybe Mr. Bellovin can clarify how this agreement represents an `encouraging trend in the private sector to compete with the NSA' -- Good lord man, not unless you think that PKP represents the entire private sector in cryptographic applications. Uh, touche' -- you do and it does. I was unclear; I wasn't referring to the agreement at all. Rather, I meant that Schnorr had invented the algorithm that NIST had to have -- a signature scheme that is very efficient for smart cards, but could not be used for secrecy. NSA apparently didn't have anything better; I can't believe they and NIST were unaware of Schnorr's work (though perhaps they were unaware of the patent). (I suppose, of course, that NSA might have had something totally different, which they couldn't discuss because it would open up new areas for civilian research...) P.S. doubt P.R.Z. will be in a docile mood after hearing this one... Especially given the part about reserving the right not to license to infringers.... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sun, 13 Jun 93 07:40:57 PDT To: cypherpunks@toad.com Subject: what happens when you reply to nobody@cicada.berkeley.edu ? In-Reply-To: <9306130335.AA16404@cicada.berkeley.edu> Message-ID: <9306131437.AA22430@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain The name 'nobody' is frequently aliased to /dev/null, i.e. the bit bucket. I cannot speak for cicada in particular. When I wrote the first of these remailers, I remailed from nobody because it was the /dev/null alias; responding to anonymity should get you nothing. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Sun, 13 Jun 93 08:14:53 PDT To: cypherpunks@toad.com Subject: Mail logging In-Reply-To: <9306120356.AA11546@toad.com> Message-ID: <9306131511.AA22941@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >>The single most basic problem with mail development that we have is >>that we don't have enough mail volume through the remailers we have >Well, I hate to point out the obvious but can we organise with the >list maintainer to have our mail routed through random machines until >it gets to us? No. toad.com is overloaded as it is. It's slow as molasses already, and adding any encryption at all to cypherpunks would make it even worse. Even forking a process per user would be way to much. As I said before, any experimentation that people want to do with list distribution can be done by hacking the current remailer code. You don't have to have any sysadmin privileges to do this. You don't even have to have my permission to do this. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Doug Porter Date: Sun, 13 Jun 93 09:46:04 PDT To: cypherpunks@toad.com Subject: PKP Message-ID: <93Jun13.094534pdt.13887-3@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Ok, PKP now effectively has a monopoly. Is an antitrust action appropriate? The timing of this announcement, just after Clipper got set back hard, may be significant. It would have raised far fewer suspicions to put the license out to bid and then make sure PKP got it. My partner, who rejects conspiracy theories out of hand, described the action as "stupid". The folks at Meade may be running scared. The announcement is viewed by some as unnecessarily verifying PKP as a previously hidden asset. If someone is overreacting, perhaps those fighting for freedom are getting to them. Doug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: hkhenson@cup.portal.com Date: Sun, 13 Jun 93 18:05:22 PDT To: cypherpunks@toad.com Subject: Re: alt.whistleblowing Message-ID: <9306131218.1.10271@cup.portal.com> MIME-Version: 1.0 Content-Type: text/plain Can an alt.group be moderated? If so, the moderator could be through an anon remailer. Of course, bozos can still add their sig line. :) Keith From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Doug Porter Date: Sun, 13 Jun 93 12:36:28 PDT To: cypherpunks@toad.com Subject: Re: PKP Message-ID: <93Jun13.123601pdt.13888-1@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain > establishing and securing a monopoly is the whole point of patent law. Sure is; but patents are intended to convey a sharply limited monopoly. I seem to remember Judge Green expressing intense dissatisfaction with interlocking patents used to control an entire industry. We need info from someone who knows. Mike, are you listening, and are you familiar with antitrust law? Doug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peter honeyman Date: Sun, 13 Jun 93 10:06:12 PDT To: Doug Porter Subject: Re: PKP In-Reply-To: <93Jun13.094534pdt.13887-3@well.sf.ca.us> Message-ID: <9306131706.AA09634@toad.com> MIME-Version: 1.0 Content-Type: text/plain > Ok, PKP now effectively has a monopoly. Is an antitrust action > appropriate? no. establishing and securing a monopoly is the whole point of patent law. personally, i plan to continue to infringe on the pkp patents -- protected by the research use exclusion and the rsaref noncommerical-use license -- while the onslaught of time makes pkp assets ever less viable. fuck 'em. join me. peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Timothy Newsham Date: Sun, 13 Jun 93 19:51:13 PDT To: cypherpunks@toad.com Subject: digital cash Message-ID: <9306140251.AA27197@toad.com> MIME-Version: 1.0 Content-Type: text/plain Several people on this list seem interested in the idea of setting up a digital cash system. A while back someone was dumping legal info on the legitimacy of running your own bank. I have an idea that would allow for "fun" use of digital cash systems while allowing a platform to test out ideas and put the system into a somewhat "real" environment. All that is needed for a digital cash environment is a way to earn money and a way to spend money. The ideas proposed so far seemed to be "send me real money and we'll give you credits." How about putting the digital money in a game/bbs environment? Example: mud's could allow people to transfer their funds between different games, to give away some of their game money electronically to others, etc. BBS's might let you spend your digital cash earned from a MUD for more time or other services. Maybe they'll let you earn money from them in special ways. A bank could be set up, and fixed sized donations could be sent out to each service (BBS, MUD, etc) participating. Each service could then award its participants with earnings as they play. How could something like this actually come about? Banking routines for transfer of funds would have to be written in portable code, with an easy interface for software authors to use in their packages. Most people running BBS's, MUD's and other services on the net have the technical knowledge to patch something this simple into their programs. I am not a big fan of MUD's, and hardly BBS around, but I think this might be a good way to get a system up and running. This will enable flaws in the system to surface, and even under very bad circumstances, no one loses real money. Tim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: surfpunk@osc.versant.com (erfhetraf) Date: Sun, 13 Jun 93 18:37:47 PDT To: cypherpunks@toad.com (__CYPHERPUNKS) Subject: [surfpunk-0086] CRYPT: PKP and NIST cross-license Message-ID: MIME-Version: 1.0 Content-Type: text/plain #ifdef __CYPHERPUNKS fellow cypherpunks -- I'm forwarding you this copy of SURFPUNK that I just produced. It tries to deal with the cypherpunk events of the last few days. If someone has a good summary of all this, a cypherpunk press release, so to speak, I'd love to publish it, too. Also corrections and clarifications and even flames are welcome. Brief info on SURFPUNK -- we cover cypherpunk, cyberpunk, conscious hacking, public policy, what's new on the net, etc. We republish a lot of hard information from other lists. We have some overlap with cypherpunks, but pretty much SURFPUNK is reaching 300 more people. keep practicing, strick strick@versant.com #endif /*__CYPHERPUNKS*/ # Subject: I want my SURFPUNK # # I don't know what happened to my subscription to # SURFPUNK, but I haven't received an issue since # May 5. I'd like to have it back. Thanks. # # -- a concerned surfpunker Whew. It's been a long time. Apologies. I've had a different sort of mailer problems each week. But I hope we're back now to stay. If you haven't received an issue since #0085 on Wed, 5 May 93, you're not missing any. We've been out for a good month. Our address has simplified. We are now simply "surfpunk@versant.com". It used to be "surfpunk@osc.versant.com". You can now drop the "osc". If you are missing surfpunks, or want old backissues, use the "www" (or "xmosaic") server with the Universal Record Locator http://www.acns.nwu.edu/surfpunk/ (and check out the first issue of BLINK while you're there). [ Write for more info on BLINK. ] This is a theme issue -- see the first article. --strick ________________________________________________________________________ ________________________________________________________________________ 0000000 a55a e970 d8f6 7ea7 3838 6988 5c4e 337c 0000020 ba89 c087 915b 4652 fa21 e20e c5db 3e03 0000040 a856 e161 fa23 50d3 efa9 0641 96c8 50a5 0000060 ee84 beb0 b865 d2d8 8299 f98c 2e97 a2d3 0000100 4df7 db2a 8845 6ea3 1068 a3f8 331f 0c6d 0000120 efe8 4ac7 d0c7 5eb7 f4ce 9434 22f8 c2c6 0000140 d2bd 2db2 40d9 8672 f4f4 f0ed da9f 7393 0000160 b9d2 15d4 e653 d649 a15c 2161 f7bc 62ed ________________________________________________________________________ Subject: _f y__ c_n wr_t_ th_s, g_ t_ j__l From: strick This issue will contain a number of documents relating to cryptography. The last couple of months have seen a lot of action in this realm, and I wish I had a good summary of what the big moves were and what the current status is. It would be difficult, however, to separate the plain fact of what documents say from what they imply and what is really going on behind the scenes. Here's a very brief, highlevel summary, from my own point of view. It's probably not too far off from the consensus at the Mountain View Cypherpunks physical meeting last weekend. It discussses US policy, but it will certainly influence the rest of the world's policies. We seem to be moving from an era when the US policy on cryptography was something like this: Any encryption is legal within the US [ and perhaps Canada ] boundaries, but only very weak encryption can be exported. The restrictions on export may not have made much sense on the surface, but they have sucessfully prevented the really popular products from using encryption. In effect, the available encryption is weak enough that a determined agent, perhaps the U S Government, can easily crack it. The new era might be this: Strong encryption is available within the US, and even mandated in some cases, but only encryption that leaves "escrowed" keys is allowed. The escrowed keys are available to the U S Government. Any other strong encryption is made illegal. How to make encryption illegal is a good question. Any strings of seemingly random numbers could potentially be an encrypted message. Could you imagine going to jail if you cannot decode stray bits? I'm not going to try to convince you that this is the ultimate goal, but I do hope you will try to understand what is happening. A paranoid view is that all of these decisions are already made, and the technology is in place, and now, with only token public debate, the system will be put in place. If this is correct, then President Clinton will be of little help; he is already a strong proponent of the Clipper chip. I don't know if the paranoid view is correct, but it is plausible. Sorry if this isn't a fun issue. I hope the documents I pick are helpful. What's in this issue of SURFPUNK: -- NIST and PKP cross-lisence, to lock public key encryption and the NIST-proposed digitial signature algorithm. About two months ago PKP acquired the Schorr patent, which supposedly covers the DSA algorithm that NIST proposes for digital signatures. -- Opinion by Hal Finney -- Opinion by L. Detweiler -- NIST Crypto Resolutions, Computer System Security and Privacy Advisory Board, June 4, 1993 -- CPSR Crypto Statement to NIST Computer System Security and Privacy Advisory Board, June 1993 -- CPSR Crypto Statement to The Subcommittee on Telecommunications and Finance, Committee on Energy and Commerce, U.S. House of Representatives, June 9, 1993 [ from CuD #5.43 ] For more info, try these resources: ** Usenet groups sci.crypt ** Usenet groups comp.risks (RISKS Forum) ** Usenet groups comp.org.eff.news ** Usenet groups comp.org.eff.talk ** EFF ftp site: ftp.eff.org ** Cypherpunks mailing list: cypherpunk-request@toad.com ** Cypherpunks ftp site soda.berkeley.edu : /pub/cypherpunks ** Computer Underground Digest Usenet group comp.society.cu-digest subscriptions: tk0jut2@mvs.cso.niu.edu ANONYMOUS FTP SITES: UNITED STATES: ftp.eff.org (192.88.144.4) in /pub/cud uglymouse.css.itd.umich.edu (141.211.182.53) halcyon.com( 202.135.191.2) in /pub/mirror/cud AUSTRALIA: ftp.ee.mu.oz.au (128.250.77.2) in /pub/text/CuD. EUROPE: nic.funet.fi in pub/doc/cud. (Finland) ftp.warwick.ac.uk in pub/cud (United Kingdom) ________________________________________________________________________ 0000200 ff5d 91ce 4fff ad85 57b4 a2a8 b354 9cd0 0000220 ab61 c3f6 ad38 d6dd 7f74 01ad e27e ca2e 0000240 e348 3346 1c03 c629 dfa0 09b7 43f6 f992 0000260 25a1 e863 6f16 49a1 cf88 2fdb 4562 00ec 0000300 b330 9bff 2493 5b5c 59cc 7dbc c0cf 46f2 0000320 888d b538 d02a ae5a 0153 ad8f fd19 8ebb 0000340 f25a 0712 8e87 be58 6e27 b639 21ab ddb7 0000360 4026 b065 f228 bad9 bc7e f407 3713 1246 ________________________________________________________________________ To: cypherpunks@toad.com Subject: it's official: PKP sells out for Clipper Date: Fri, 11 Jun 93 20:19:45 -0600 From: ""L. Detweiler"" >From the following document: >PKP will also grant a license to practice key management, at no >additional fee, for the integrated circuits which will implement >both the DSA and the anticipated Federal Information Processing >Standard for the "key escrow" system announced by President Clinton >on April 16, 1993. more weasel words: >Notice of availability of this invention for licensing >was waived because it was determined that expeditious granting of >such license will best serve the interest of the Federal Government >and the public. what else? ===cut=here=== From: jim@rand.org (Jim Gillogly) Newsgroups: sci.crypt Subject: DSA: NIST and PKP come to terms Message-ID: <16860@rand.org> Date: 11 Jun 93 20:56:44 GMT Sender: news@rand.org Organization: Banzai Institute This text was transcribed from a fax and may have transcription errors. We believe the text to be correct but some of the numbers may be incorrect or incomplete. --------------------------------------------------------------------- ** The following notice was published in the Federal Register, Vol. 58, No. 108, dated June 8, 1993 under Notices ** National Institute of Standards and Technology Notice of Proposal for Grant of Exclusive Patent License This is to notify the public that the National Institute of Standards and Technology (NIST) intends to grant an exclusive world-wide license to Public Key Partners of Sunnyvale, California to practice the Invention embodied in U.S. Patent Application No. 07/738.431 and entitled "Digital Signature Algorithm." A PCT application has been filed. The rights in the invention have been assigned to the United States of America. The prospective license is a cross-license which would resolve a patent dispute with Public Key Partners and includes the right to sublicense. Notice of availability of this invention for licensing was waived because it was determined that expeditious granting of such license will best serve the interest of the Federal Government and the public. Public Key Partners has provided NIST with the materials contained in Appendix A as part of their proposal to NIST. Inquiries, comments, and other materials relating to the prospec- tive license shall be submitted to Michael R. Rubin, Active Chief Counsel for Technology, Room A-1111, Administration Building, National Institute of Standards and Technology, Gaithersburg, Maryland 20899. His telephone number is (301) 975-2803. Applica- tions for a license filed in response to this notice will be treated as objections to the grant of the prospective license. Only written comments and/or applications for a license which are received by NIST within sixty (60) days for the publication of this notice will be considered. The prospective license will be granted unless, within sixty (60) days of this notice, NIST receives written evidence and argument which established that the grant of the license would not be consistent with the requirements of 35 U.S.C. 209 and 37 CFR 404.7. Dated: June 2, 1993. Raymond G. Kammer Acting Director, National Institute Standards and Technology. Appendix "A" The National Institute for Standards and Technology ("NIST") has announced its intention to grant Public Key Partners ("PKP") sublicensing rights to NIST's pending patent application on the Digital Signature Algorithm ("DSA"). Subject to NIST's grant of this license, PKP is pleased to declare its support for the proposed Federal Information Processing Standard for Digital Signatures (the "DSS") and the pending availability of licenses to practice the DSA. In addition to the DSA, licenses to practice digital signatures will be offered by PKP under the following patents: Cryptographic Apparatus and Method ("Diffie-Hellman") No. 4,200,770 Public Key Cryptographic Apparatus and Method ("Hellman-Merkle") No. 4,315,552 Exponential Cryptographic Apparatus and Method ("Hellman-Pohlig") No. 4,434,414 Method For Identifying Subscribers And For Generating And Verifying Electronic Signatures In A Data Exchange System ("Schnorr") No. 4,995,082 It is PKP's intent to make practice of the DSA royalty free for personal, noncommercial and U.S. Federal, state and local government use. As explained below, only those parties who enjoy commercial benefit from making or selling products, or certifying digital signatures, will be required to pay royalties to practice the DSA. PKP will also grant a license to practice key management, at no additional fee, for the integrated circuits which will implement both the DSA and the anticipated Federal Information Processing Standard for the "key escrow" system announced by President Clinton on April 16, 1993. Having stated these intentions, PKP now takes this opportunity to publish its guidelines for granting uniform licenses to all parties having a commercial interest in practicing this technology: First, no party will be denied a license for any reason other that the following: (i) Failure to meet its payment obligations, (ii) Outstanding claims of infringement, or (iii) Previous termination due to material breach. Second, licenses will be granted for any embodiment sold by the licensee or made for its use, whether for final products software, or components such as integrated circuits and boards, and regard- less of the licensee's channel of distribution. Provided the requisite royalties have been paid by the seller on the enabling component(s), no further royalties will be owned by the buyer for making or selling the final product which incorporates such components. Third, the practice of digital signatures in accordance with the DSS may be licensed separately from any other technical art covered by PKP's patents. Fourth, PKP's royalty rates for the right to make or sell products, subject to uniform minimum fees, will be no more than 2 1/2% for hardware products and 5% for software, with the royalty rate further declining to 1% on any portion of the product price exceeding $1,000. These royalty rates apply only to noninfringing parties and will be uniform without regard to whether the licensed product creates digital signatures, verifies digital signatures or performs both. Fifth, for the next three (3) years, all commercial services which certify a signature's authenticity for a fee may be operated royalty free. Thereafter, all providers of such commercial certification services shall pay a royalty to PKP of $1.00 per certificate for each year the certificate is valid. Sixth, provided the foregoing royalties are paid on such products or services, all other practice of the DSA shall be royalty free. Seventh, PKP invites all of its existing licensees, at their option, to exchange their current licenses for the standard license offered for DSA. Finally, PKP will mediate the concerns of any party regarding the availability of PKP's licenses for the DSA with designated representatives of NIST and PKP. For copies of PKP's license terms, contact Michael R. Rubin, Acting Chief Counsel for Technolo- gy, NIST, or Public Key Partners. Dated: June 2, 1993. Robert B. Fougner, Esq., Director of Licensing, Public Key Partners, 310 North Mary Avenue, Sunnyvale, CA 94033 [FR Doc. 93-13473 Filed 8-7-93; 8:45 am] --------------------------------------------------------------------- Forwarded by: -- Jim Gillogly Trewesday, 21 Forelithe S.R. 1993, 20:56 ________________________________________________________________________ 0000400 408c 5e2c 8c0b 8ad6 d941 4bae a2a9 0c4f 0000420 8aee 82fa 2e90 5515 e195 31a9 34d0 103c 0000440 aecc 33d5 7ab8 2f94 ce33 78e4 0419 d967 0000460 2808 d042 0e59 c194 d2d0 d0bc 3299 d18e 0000500 7266 8380 cd47 0372 40a2 9d1f ff6d d234 0000520 69ae 12d4 539c 70cc ac9a 5877 c689 ebeb 0000540 3074 5be2 68ec 3b91 961d 48f0 82c8 dc2d 0000560 bf18 1cd2 edb2 f1d0 1480 80f0 c634 f119 ________________________________________________________________________ From: hal@alumni.cco.caltech.edu (Hal Finney) Date: Fri, 11 Jun 93 22:27:09 PDT To: cypherpunks@toad.com Subject: PKP sellout? This was my response on sci.crypt to this announcement that PKP will be supporting DSS, and licensing its technology for use by Clipper phones. Thanks to Lance for alerting us to this announcement. ----- jim@rand.org (Jim Gillogly) forwards: >This is to notify the public that the National Institute of >Standards and Technology (NIST) intends to grant an exclusive >world-wide license to Public Key Partners of Sunnyvale, California >to practice the Invention embodied in U.S. Patent Application No. >07/738.431 and entitled "Digital Signature Algorithm." And so it appears that another patent jewel will be added to the crown worn by PKP, the de facto owner of cryptographic technology in the United States. They will have an exclusive license to the DSA, as they already do to RSA and most other worthwhile encryption technologies. This also appears to put to rest the much-publicized feud between RSA and NIST/NSA. Conspiracy theorists can now comfortably return to the position that PKP/RSADSI is actually an arm of the NSA, dedicated to restricting and delaying access to strong cryptography as much as possible. >Notice of availability of this invention for licensing >was waived because it was determined that expeditious granting of >such license will best serve the interest of the Federal Government >and the public. Once again we are presented with a fait accompli; no other organizations were given an opportunity to bid for the licensing of this patent. The government prefers to see PKP holding the keys to all cryptography in the U.S. Remember how Clipper's technology was similarly assigned to particular corporations on a non-competitive basis? >Subject to NIST's grant of this license, PKP is pleased to declare >its support for the proposed Federal Information Processing >Standard for Digital Signatures (the "DSS") and the pending >availability of licenses to practice the DSA. And what of the technical objections to DSA/DSS raised in earlier documents by officials of RSADSI, such as in the recent CACM? No doubt those objections are now moot. >PKP will also grant a license to practice key management, at no >additional fee, for the integrated circuits which will implement >both the DSA and the anticipated Federal Information Processing >Standard for the "key escrow" system announced by President Clinton >on April 16, 1993. So PKP is now supporting key escrow and Clipper. Can anyone seriously argue that this company is a friend to supporters of strong cryptography? These are dark times indeed. PKP has thrown in with the government, getting behind DSS and Clipper in exchange for exclusive licensing rights. Their ownership of DH and RSA will make it that much harder for any competition to Clipper to arise. If the 60-day comment period really means anything, perhaps public criticism can be effective here. There is much to be concerned about in this announcement. Hal Finney hal@alumni.caltech.edu ________________________________________________________________________ 0000600 c8aa 62f7 811f e878 3616 b536 f59e fe2d 0000620 90fe 7f30 88fd 3576 29bf 9a02 0929 f48b 0000640 51a5 089b 795e 5849 61eb 1a5e f78f 3c6b 0000660 46c2 dd52 ae1b 42bb 926c 6be1 7709 5de3 0000700 0be1 7ae3 d9d4 1421 ca27 c0c0 e202 3814 0000720 850c 5164 74a1 2586 c012 660e f38a 1ba9 0000740 7fd0 dd7a 3608 63de 20ee 94fd c55c ef3d 0000760 41b2 89f9 e373 f2b5 df3e eaf0 142e a17b ________________________________________________________________________ To: cypherpunks@toad.com Subject: PKP sellout = betrayal Date: Sun, 13 Jun 93 00:00:45 -0600 From: ""L. Detweiler"" S. Bellovin >I don't see the hand of conspiracy here; rather, I see an encouraging >trend, that the private sector is able to compete in cryptographic >competence with NSA. > >I am encouraged by the pledges to allow non-commercial use -- note the >lack of any RSAREF-like interface -- and to engage in non-discriminatory >licensing. By cooperating with NIST on DSA and Clipper, they are implicitly sending the message that the poorly-to-outrageously directed standards making processes for both are wholly acceptable assuming PKP directly profits. That is, that is the weak `nonconspirational' interpretation. The conspirational interpretation is that this announcement is just a blatant indication that PKP, in addition to NIST, is controlled by the NSA. Let me remind everyone that Capstone has a yet-unspecified exchange protocol. Denning suggested on RISKS that Diffie-Hellman (covered by PKP patents) `could be used'. There is some serious evasion going on here. If Capstone is already built, with a public-key algorithm installed, it suggests that PKP has been cooperating on the Clipper/Capstone proposals all along. It will be most interesting to hear announcements on Capstone that announce its key exchange mechanism. PKP `had' the ability to murder Clipper/Capstone in its crib if it so desired, more so than any other single nexus, by denying the right to use public key algorithms (on which it now has a strangling, monopolistic lock). Gad, I can't believe it didn't occur to me to lobby them to do so. In retrospect, it wouldn't have done anything more than heighten the inevitable betrayal. Maybe Mr. Bellovin can clarify how this agreement represents an `encouraging trend in the private sector to compete with the NSA' -- Good lord man, not unless you think that PKP represents the entire private sector in cryptographic applications. Uh, touche' -- you do and it does. Does anybody feel like raiding PKP dumpsters? :( P.S. doubt P.R.Z. will be in a docile mood after hearing this one... ________________________________________________________________________ 0001000 26b5 740f 361d c550 1053 5998 56dc 1e64 0001020 01e9 8f39 a3e2 e991 1e37 bd23 3c9d 07f2 0001040 9892 7e43 17ed bef3 10d0 c9ea 7b1a f2ed 0001060 5b94 23ef d25f ebe4 91d8 b9fc 638b 7704 0001100 adf7 ac9f 412f 7a67 a2a7 9c59 dcf4 135b 0001120 fdfa 3dd3 4656 4ce2 74bc 4fe7 17e4 ec78 0001140 52c3 93e5 4472 1336 7e88 b901 cc76 c18e 0001160 a949 456d 2c94 6c0e 90fc d109 e2ed 224b ________________________________________________________________________ From: Dave Banisar Newsgroups: alt.privacy,alt.security,comp.org.eff.talk,sci.crypt,alt.privacy.clipper Subject: NIST CSSPAB Resolutions 6/4/93 Date: 5 Jun 1993 00:48:11 GMT Organization: CPSR Washington Office NIST Crypto Resolutions Computer System Security and Privacy Advisory Board June 4, 1993 Resolution #1 At Mr. Kammer's request we have conducted two days of hearings. The clear message of the majority of input was that there are serious concerns regarding the Key Escrow Initiative and the Board concurs with these concerns. Many of these issues are still to be fully understood and more time is needed to achieving that understanding. Accordingly, this Board resolves to have an additional meeting in July 1993 in order to more completely respond to Mr. Kammer's request and to fulfill its statutory obligations under P.L. 100-235. The Board recommends that the inter-agency review take note of our input collected, our preliminary finding, and adjust the timetable to allow for resolution of the significant issues and problems raised. Attached to this resolution is a preliminary distillation of the serious concerns and problems. Resolution #2 Key escrowing encryption technology represents a dramatic change in the nation's information infrastructure. The full implications of this encryption technique are not fully understood at this time. Therefore, the Board recommends that key escrowing encryption technology not be deployed beyond current implementations planned within the Executive Branch, until the significant public policy and technical issues inherent with this encryption technique are fully understood. [Attachment to Resolution #1]] - A convincing statement of the problem that Clipper attempts to solve has not been provided. - Export and important controls over cryptographic products must be reviewed. Based upon data compiled from U.S. and international vendors, current controls are negatively impacting U.S. competitiveness in the world market and are not inhibiting the foreign production and use of cryptography (DES and RSA) - The Clipper/Capstone proposal does not address the needs of the software industry, which is a critical and significant component of the National Information Infrastructure and the U.S. economy. - Additional DES encryption alternatives and key management alternatives should be considered since there is a significant installed base. - The individuals reviewing the Skipjack algorithm and key management system must be given an appropriate time period and environment in which to perform a thorough review. This review must address the escrow protocol and chip implementation as well as the algorithm itself. - Sufficient information must be provided on the proposed key escrow scheme to allow it to be fully understood by the general public. It does not appear to be clearly defined at this time and, since it is an integral part of the security of the system, it appears to require further development and consideration of alternatives to the key escrow scheme (e.g., three "escrow" entities, one of which is a non-government agency, and a software based solution). - The economic implications for the Clipper/Capstone proposal have not been examined. These costs go beyond the vendor cost of the chip and include such factors as customer installation, maintenance, administration, chip replacement, integration and interfacing, government escrow systems costs, etc. - Legal issues raised by the proposal must be reviewed. - Congress, as well as the Administration, should play a role in the conduct and approval of the results of the review. ======================================================= NIST Resolutions on Key Escow Issues and Clipper provided by CPSR Washington office 666 Pennsylvania Ave., SE Suite 303 Washington, DC 20003 rotenberg@washofc.cpsr.org ======================================================= ________________________________________________________________________ 0001200 87ce da42 62c0 89bf aae8 c933 f8c2 c29b 0001220 9e7b c03b 3c4f b60e 27b0 1114 2018 d5f7 0001240 2dd0 e567 12aa df8b ae74 86bc aed8 48e4 0001260 5b1e 9e14 5d51 6dca 158a 16ae 4590 87f4 0001300 2bbf d387 bcc6 9e23 aaa9 6af1 591d eb26 0001320 a780 9bbb 85fb 0cef fabe fe9f 2d63 f2ad 0001340 460d 2de6 4e0e 7058 85de bc5e 17f1 4ffb 0001360 006a 3347 8da1 192b 01d3 da57 98ed f6c3 ________________________________________________________________________ Organization: CPSR Civil Liberties and Computing Project From: Dave Banisar To: CYPHERPUNKS Date: Wed, 2 Jun 1993 21:20:10 EST Subject: CPSR NIST Crypto Statement CPSR NIST Crypto Statement Department of Commerce National Institute of Standards and Technology Computer System Security and Privacy Advisory Board Review of Cryptography Policy June 1993 Statement of CPSR Washington office Marc Rotenberg, director (rotenberg@washofc.cpsr.org) with David Sobel, legal counsel, Dave Banisar, policy analyst Mr. Chairman, members of the Advisory Panel, thank you for the opportunity to speak today about emerging issues on cryptography policy. My name is Marc Rotenberg and I am director of the CPSR Washington office. Although CPSR does not represent any computer firm or industry trade association, we speak for many in the computer profession who value privacy and are concerned about the government's Clipper proposal. During the last several years CPSR has organized several meetings to promote public discussion of cryptography issues. We have also obtained important government documents through the Freedom of Information Act. We believe that good policies will only result if the public, the profession, and the policy makers are fully informed about the significance of these recent proposals. We are pleased that the Advisory Board has organized hearings. This review of cryptography policy will help determine if the Clipper proposal is in the best interests of the country. We believe that a careful review of the relevant laws and policies shows that the key escrow arrangement is at odds with the public interest, and that therefore the Clipper proposal should not go forward. Today I will address issues 1 through 3 identified in the NIST announcement, specifically the policy requirements of the Computer Security Act, the legal issues surrounding the key escrow arrangement, and the importance of privacy for network development. 1. CRYPTOGRAPHY POLICY The first issue concerns the 1987 statute enacted to improve computer security in the federal government, to clarify the responsibilities of NIST and NSA, and to ensure that technical standards would serve civilian and commercial needs. The Computer Security Act, which also established this Advisory Panel, is the true cornerstone of cryptography policy in the United States. That law made clear that in the area of unclassified computing systems, the Department of Commerce and not the Department of Defense, would be responsible for the development of technical standards. It emphasized public accountability and stressed open decision-making. The Computer Security Act grew out of a concern that classified standards and secret meetings would not serve the interests of the general public. As the practical applications for cryptography have moved from the military and intelligence arenas to the commercial sphere, this point has become clear. There is also clearly a conflict of interest when an agency tasked with signal interception is also given authority to develop standards for network security. In the spirit of the Computer Security Act, NIST set out in 1989 to develop a public key standard FIPS. In a memo dated May 5, 1989 and obtained by CPSR through the Freedom of Information Act, NIST said that it planned: to develop the necessary public-key based security standards. We require a public-key algorithm for calculating digital signatures and we also require a public-key algorithm for distributing secret keys. NIST then went on to define the requirements of the standard: The algorithms that we use must be public, unclassified, implementable in both hardware or software, usable by federal Agencies and U.S. based multi-national corporation, and must provide a level of security sufficient for the protection of unclassified, sensitive information and commercial propriety and/or valuable information. The Clipper proposal and the full-blown Capstone configuration, which incorporates the key management function NIST set out to develop in 1989, is very different from the one originally conceived by NIST. % The Clipper algorithm, Skipjack, is classified, % Public access to the reasons underlying the proposal is restricted, % Skipjack can be implemented only in tamper-proof hardware, % It is unlikely to be used by multi-national corporations, and % Its security remains unproven. The Clipper proposal undermines the central purpose of the Computer Security Act. Although intended for broad use in commercial networks, it was not developed at the request of either U.S. business or the general public. It does not reflect public goals. Rather it reflects the interests of one secret agency with the authority to conduct foreign signal intelligence and another government agency responsible for law enforcement investigations. It is our belief that the Clipper proposal clearly violates the intent of the Computer Security Act of 1987. What is the significance of this? It is conceivable that an expert panel of cryptographers will review the Skipjack algorithm and find that it lives up its billing, that there is no "trap door" and no easy way to reverse-engineer. In fact, the White House has proposed just such a review process But is this process adequate? Is this the procedure the Advisory Board would endorse for the development of widespread technical standards? The expert participants will probably not be permitted to publish their assessments of the proposal in scientific journals, further review of the standard will be restricted, and those who are skeptical will remain in the dark about the actual design of the chip. This may be an appropriate process for certain military systems, but it is clearly inappropriate for a technical standard that the government believes should be widely incorporated into the communications infrastructure. Good government policy requires that certain process goals be satisfied. Decisions should be made in the open. The interests of the participating agencies should be clear. Agencies should be accountable for their actions and recommendations. Black boxes and government oversight are not compatible. There is an even greater obligation to promote open decisions where technical and scientific issues are at stake. Innovation depends on openness. The scientific method depends on the ability of researchers to "kick the tires" and "test drive" the product. And, then, even if it is a fairly good design, additional testing encourages the development of new features, improved performance and reduced cost. Government secrecy is incompatible which such a development process. Many of these principles are incorporated into the Computer Security Act and the Freedom of Information Act. The current government policy on the development of unclassified technical standards, as set out in the Computer Security Act, is a very good policy. It emphasizes public applications, stresses open review, and ensures public accountability. It is not the policy that is flawed. It is the Clipper proposal. To accept the Clipper proposal would be to endorse a process that ran contrary to the law, that discourages innovation, and that undermines openness. 2. LEGAL AND CONSTITUTIONAL ISSUES There are several legal and constitutional issues raised by the government's key escrow proposal. The premise of the Clipper key escrow arrangement is that the government must have the ability to intercept electronic communications, regardless of the economic or societal costs. The FBI's Digital Telephony proposal, and the earlier Senate bill 266, was based on the same assumption. There are a number of arguments made in defense of this position: that privacy rights and law enforcement needs must be balanced, or that the government will be unable to conduct criminal investigations without this capability. Regardless of how one views these various claims, there is one point about the law that should be made very clear: currently there is no legal basis -- in statute, the Constitution or anywhere else -- that supports the premise which underlies the Clipper proposal. As the law currently stands, surveillance is not a design goal. General Motors would have a stronger legal basis for building cars that could not go faster than 65 miles per hour than AT&T does in marketing a commercial telephone that has a built-in wiretap capability. In law there is simply nothing about the use of a telephone that is inherently illegal or suspect. The federal wiretap statute says only that communication service providers must assist law enforcement in the execution of a lawful warrant. It does not say that anyone is obligated to design systems to facilitate future wire surveillance. That distinction is the difference between countries that restrict wire surveillance to narrow circumstances defined in law and those that treat all users of the telephone network as potential criminals. U.S. law takes the first approach. Countries such as the former East Germany took the second approach. The use of the phone system by citizens was considered inherently suspect and for that reason more than 10,000 people were employed by the East German government to listen in on telephone calls. It is precisely because the wiretap statute does not contain the obligation to incorporate surveillance capability -- the design premise of the Clipper proposal -- that the Federal Bureau of Investigation introduced the Digital Telephony legislation. But that legislation has not moved forward on Capitol Hill and the law has remained unchanged. The Clipper proposal attempts to accomplish through the standard-setting and procurement process what the Congress has been unwilling to do through the legislative process. On legal grounds, adopting the Clipper would be a mistake. There is an important policy goal underlying the wiretap law. The Fourth Amendment and the federal wiretap statute do not so much balance competing interests as they erect barriers against government excess and define the proper scope of criminal investigation. The purpose of the federal wiretap law is to restrict the government, it is not to coerce the public. Therefore, if the government endorses the Clipper proposal, it will undermine the basic philosophy of the federal wiretap law and the fundamental values embodied in the Constitution. It will establish a technical mechanism for signal interception based on a premise that has no legal foundation. I am not speaking rhetorically about "Big Brother." My point is simply that the assumption underlying the Clipper proposal is more compatible with the practice of telephone surveillance in the former East Germany than it is with the narrowly limited circumstances that wire surveillance has been allowed in the United States. There are a number of other legal issues that have not been adequately considered by the proponents of the key escrow arrangement that the Advisory Board should examine. First, not all lawful wiretaps follow a normal warrant process. It is critical that the proponents of Clipper make very clear how emergency wiretaps will be conducted before the proposal goes forward. Second, there may be civil liability issues for the escrow agents if there is abuse or compromise of the keys. Escrow agents may be liable for any harm that results. Third, there is a Fifth Amendment dimension to the proposed escrow key arrangement if a network user is compelled to disclose his or her key to the government in order to access a communications network. Each one of these issues should be examined. There is also one legislative change that we would like the Advisory Board to consider. During our FOIA litigation, the NSA cited a 1951 law to withhold certain documents that were critical to understand the development of the Digital Signature Standard. The law, passed grants the government the right restrict the disclosure of any classified information pertaining to cryptography. While the government may properly withhold classified information in FOIA cases, the practical impact of this particular provision is to provide another means to insulate cryptographic policy from public review. Given the importance of public review of cryptography policy, the requirement of the Computer Security Act, and the Advisory Board's own commitment to an open, public process, we ask the Advisory Board to recommend to the President and to the Congress that section 798 be repealed or substantially revised to reflect current circumstances. This is the one area of national cryptography policy where we believe a change is necessary. 3. INDIVIDUAL PRIVACY Communications privacy remains a critical test for network development. Networks that do not provide a high degree of privacy are clearly less useful to network users. Given the choice between a cryptography product without a key escrow and one with a key escrow, it would be difficult to find a user who would prefer the key escrow requirement. If this proposal does go forward, it will not be because network users or commercial service providers favored it. Many governments are now facing questions about restrictions on cryptography similar to the question now being raised in this country. It is clear that governments may choose to favor the interests of consumers and businesses over law enforcement. Less than a month ago, the government of Australia over-rode the objections of law enforcement and intelligence agencies and allowed the Australian telephone companies to go forward with new digital mobile phone networks, GSM, using the A5 robust algorithm. Other countries will soon face similar decisions. We hope that they will follow a similar path To briefly summarize, the problem here is not the existing law on computer security or policies on cryptography and wire surveillance. The Computer Security Act stresses public standards, open review, and commercial applications. The federal wiretap statute is one of the best privacy laws in the world. With the exception of one provision in the criminal code left over from the Cold War, our current cryptography policy is very good. It reflects many of the values -- individual liberty, openness, government accountability -- that are crucial for democratic societies to function. The problem is the Clipper proposal. It is an end-run around policies intended to restrict government surveillance and to ensure agency accountability. It is an effort to put in place a technical configuration that is at odds with the federal wiretap law and the protection of individual privacy. It is for these reasons that we ask the Advisory Board to recommend to the Secretary of Commerce, the White House, and the Congress that the current Clipper proposal not go forward. I thank you for the opportunity to speak with you about these issues. I wish to invite the members of the Advisory Committee to the third annual CPSR Privacy and Cryptography conference that will be held Monday, June 7 in Washington, DC at the Carnegie Endowment for International Peace. That meeting will provide an opportunity for further discussion about cryptography policy. ATTACHMENTS "TWG Issue Number: NIST - May 5, 1989," document obtained by CPSR as a result of litigation under the Freedom of Information Act. "U.S. as Big Brother of Computer Age," The New York Times, May 6, 1993, at D1. "Keeping Fewer Secrets," Issues in Science and Technology, vol. IX, no. 1 (Fall 1992) "The Only Locksmith in Town," The Index on Censorship (January 1990) [The republication of these articles for the non-commercial purpose of informing the government about public policy is protected by section 107 of the Copyright Act of 1976] =============================================== ________________________________________________________________________ 0001400 f135 cf93 65f4 004a 2351 719b b2c9 cabe 0001420 c052 c788 2fff b5a3 616c 7fe0 6f45 6fe1 0001440 2005 3c8f 7ca8 29eb ee14 0785 5491 8039 0001460 2035 cc23 1a87 7a6c 4551 7869 7008 1d34 0001500 ac37 e2d2 6bb5 5139 d137 9d38 0727 50af 0001520 fd74 2e07 4bcd 2bc4 200b 4349 d2b0 9151 0001540 b5a2 e493 41d2 c559 9dbc 2a17 61aa cf59 0001560 9aa2 81b6 e41b 13ca 70b6 470c 5cd6 30a7 ________________________________________________________________________ Source: Computer underground Digest Sun June 13 1993 Volume 5 : Issue 43 ISSN: ISSN 1004-043X Date: Sat, 12 Jun 1993 12:30:38 EST From: Dave Banisar Subject: File 2--CPSR Clipper Testimony (6-9-93) in House Subcommittee CPSR Clipper Testimony 6/9 On June 9, 1993, Congressman Edward Markey, Chairman of the House Subcommittee on Telecommunications and Finance held an oversight hearing on Rencryption and telecommunications network security. Panelists were Whitfield Diffie of Sun Microsystems, Dr. Dorothy Denning, Steven Bryen of Secure Communications, Marc Rotenberg of the CPSR Washington Office and E.R. Kerkeslager of AT&T. Congressman Markey, after hearing the testimony presented, noted that the Clipper proposal had raised an arched eyebrow among the whole committeeS and that the committee viewed the proposal skeptically. This statement was the latest indication that the Clipper proposal has not been well received by policy makers. Last Friday, the Computer Systems Security and Privacy Advisory Board of NIST issued two resolutions critical of the encryption plan, suggesting that further study was required and that implementation of the plan should be delayed until the review is completed. At the Third CPSR Cryptography and Privacy Conference on Monday, June 7, the Acting Director of NIST, Raymond Kammer, announced that the implementation of the proposal will be delayed and that a more comprehensive review will be undertaken. The review is due in the fall. Kammer told the Washington Post that Rmaybe we wonUt continue in the direction we started ous. +------------------------------------------------- Prepared Testimony and Statement for the Record of Marc Rotenberg, director CPSR Washington Office on Encryption Technology and Policy Before The Subcommittee on Telecommunications and Finance. Committee on Energy and Commerce U.S. House of Representatives June 9, 1993 SUMMARY The cryptography issue is of particular concern to CPSR. During the past several years CPSR has pursued an extensive study of cryptography policy in the United States. CPSR has organized public conferences, conducted litigation under the Freedom of Information Act, and has emphasized the importance of cryptography for privacy protection and the need to scrutinize carefully government proposals designed to limit the use of this technology. To evaluate the Clipper proposal it is necessary to look at a 1987 law, the Computer Security Act, which made clear that in the area of unclassified computing systems, the National Institute of Standards and Technology (NIST) and not the National Security Agency (NSA), would be responsible for the development of technical standards. The Act emphasized public accountability and stressed open decision-making. In the spirit of the Act, in 1989 NIST set out to develop a public key cryptography standard. According to documents obtained by CPSR through the Freedom of Information Act, NIST recommended that the algorithm be "public, unclassified, implementable in both hardware or software, usable by federal Agencies and U.S. based multi-national corporation." However, the Clipper proposal and the full-blown Capstone configuration that resulted is very different: the Clipper algorithm, Skipjack, is classified; public access to the reasons underlying the proposal is restricted; Skipjack can be implemented only in tamper-proof hardware; it is unlikely to be used by multi-national corporations, and the security of Clipper remains unproven. The Clipper proposal undermines the central purpose of the Computer Security Act. Although intended for broad use in commercial networks, it was not developed at the request of either U.S. business or the general public. It does not reflect public goals. The premise of the Clipper key escrow arrangement is that the government must have the ability to intercept electronic communications. However, there is no legal basis to support this premise. In law there is nothing inherently illegal or suspect about the use of a telephone. The federal wiretap statute says only that communication service providers must assist law enforcement execute a lawful warrant. CPSR supports the review of cryptography policy currently underway at the Department of Commerce. CPSR also supports the efforts undertaken by the Subcommittee on Telecommunications and Finance to study the full ramifications of the Clipper proposal. However, we are not pleased about the review now being undertaken at the White House. That effort has led to a series of secret meetings, has asked that scientists sign non-disclosure agreements and accept restrictions on publication, and has attempted to resolve public concerns through private channels. This is not a good process for the evaluation of a technology that is proposed for the public switched network. Even if the issues regarding Clipper are resolved favorably, privacy concerns will not go away. Rules still need to be developed about the collection and use of transactional data generated by computer communications. Several specific steps should be taken. First, the FCC should be given a broad mandate to pursue privacy concerns. Second, current gaps in the communications law should be filled. The protection of transactional records is particularly important. Third, telecommunications companies should be encouraged to explore innovative ways to protect privacy. "Telephone cards", widely available in other countries, are an ideal way to protect privacy. TESTIMONY Mr. Chairman, members of the Subcommittee, thank you for the opportunity to testify today on encryption policy and the Clipper proposal. I especially wish to thank you Congressman Markey, on behalf of CPSR, for your ongoing efforts on the privacy front as well as your work to promote public access to electronic information. The cryptography issue is of particular concern to CPSR. During the past several years we have pursued an extensive study of cryptography policy in the United States. We have organized several public conferences, conducted litigation under the Freedom of Information Act, and appeared on a number of panels to discuss the importance of cryptography for privacy protection and the need to scrutinize carefully government proposals designed to limit the use of this technology. While we do not represent any particular computer company or trade association we do speak for a great many people in the computer profession who value privacy and are concerned about the government's Clipper initiative. Today I will briefly summarize our assessment of the Clipper proposal. Then I would like to say a few words about the current status of privacy protection. CLIPPER To put the Clipper proposal in a policy context, I will need to briefly to describe a law passed in 1987 intended to address the roles of the Department of Commerce and the Department of Defense in the development of technical standards. The Computer Security Act of 1987 was enacted to improve computer security in the federal government, to clarify the responsibilities of the National Institute of Standards and Technology (NIST) and the National Security Agency, and to ensure that technical standards would serve civilian and commercial needs. The law made clear that in the area of unclassified computing systems, NIST and not NSA, would be responsible for the development of technical standards. It emphasized public accountability and stressed open decision-making. The Computer Security Act also established the Computer System Security and Privacy Advisory Board (CSSPAB), charged with reviewing the activities of NIST and ensuring that the mandate of the law was enforced. The Computer Security Act grew out of a concern that classified standards and secret meetings would not serve the interests of the general public. As the practical applications for cryptography have moved from the military and intelligence arenas to the commercial sphere, this point has become clear. There is also clearly a conflict of interest when an agency tasked with signal interception is also given authority to develop standards for network security. In the spirit of the Computer Security Act, NIST set out in 1989 to develop a public key standard FIPS (Federal Information Processing Standard). In a memo dated May 5, 1989, obtained by CPSR through the Freedom of Information Act, NIST said that it planned: to develop the necessary public-key based security standards. We require a public-key algorithm for calculating digital signatures and we also require a public-key algorithm for distributing secret keys. NIST then went on to define the requirements of the standard: The algorithms that we use must be public, unclassified, implementable in both hardware or software, usable by federal Agencies and U.S. based multi-national corporation, and must provide a level of security sufficient for the protection of unclassified, sensitive information and commercial propriety and/or valuable information. The Clipper proposal and the full-blown Capstone configuration, which incorporates the key management function NIST set out to develop in 1989, is very different from the one originally conceived by NIST. % The Clipper algorithm, Skipjack, is classified, % Public access to the reasons underlying the proposal is restricted, % Skipjack can be implemented only in tamper-proof hardware, % It is Unlikely to be used by multi-national corporations, and % The security of Clipper remains unproven. The Clipper proposal undermines the central purpose of the Computer Security Act. Although intended for broad use in commercial networks, it was not developed at the request of either U.S. business or the general public. It does not reflect public goals. Rather it reflects the interests of one secret agency with the authority to conduct foreign signal intelligence and another government agency responsible for law enforcement investigations. Documents obtained by CPSR through the Freedom of Information Act indicate that the National Security Agency dominated the meetings of the joint NIST/NSA Technical Working group which made recommendations to NIST regarding public key cryptography, and that a related technical standard for message authentication, the Digital Signature Standard, clearly reflected the interests of the NSA. We are still trying to determine the precise role of the NSA in the development of the Clipper proposal. We would be pleased to provide to the Subcommittee whatever materials we obtain. LEGAL AND POLICY ISSUES There are also several legal and constitutional issues raised by the government's key escrow proposal. The premise of the Clipper key escrow arrangement is that the government must have the ability to intercept electronic communications, regardless of the economic or societal costs. The FBI's Digital Telephony proposal, and the earlier Senate bill 266, were based on the same assumption. There are a number of arguments made in defense of this position: that privacy rights and law enforcement needs must be balanced, or that the government will be unable to conduct criminal investigations without this capability. Regardless of how one views these various claims, there is one point about the law that should be made very clear: currently there is no legal basis -- in statute, the Constitution or anywhere else -- that supports the premise which underlies the Clipper proposal. As the law currently stands, surveillance is not a design goal. General Motors would have a stronger legal basis for building cars that could go no faster than 65 miles per hour than AT&T does in marketing a commercial telephone that has a built-in wiretap capability. In law there is simply nothing about the use of a telephone that is inherently illegal or suspect. The federal wiretap statute says only that communication service providers must assist law enforcement in the execution of a lawful warrant. It does not say that anyone is obligated to design systems to facilitate future wire surveillance. That distinction is the difference between countries that restrict wire surveillance to narrow circumstances defined in law and those that treat all users of the telephone network as potential criminals. U.S. law takes the first approach. Countries such as the former East Germany took the second approach. The use of the phone system by citizens was considered inherently suspect and for that reason more than 10,000 people were employed by the East German government to listen in on telephone calls. It is precisely because the wiretap statute does not contain the obligation to incorporate surveillance capability -- the design premise of the Clipper proposal -- that the Federal Bureau of Investigation introduced the Digital Telephony legislation. But that legislation has not moved forward and the law has remained unchanged. The Clipper proposal attempts to accomplish through the standard-setting and procurement process what the Congress has been unwilling to do through the legislative process. On legal grounds, adopting the Clipper would be a mistake. There is an important policy goal underlying the wiretap law. The Fourth Amendment and the federal wiretap statute do not so much balance competing interests as they erect barriers against government excess and define the proper scope of criminal investigation. The purpose of the federal wiretap law is to restrict the government, it is not to coerce the public. Therefore, if the government endorses the Clipper proposal, it will undermine the basic philosophy of the federal wiretap law and the fundamental values embodied in the Constitution. It will establish a technical mechanism for signal interception based on a premise that has no legal foundation. The assumption underlying the Clipper proposal is more compatible with the practice of telephone surveillance in the former East Germany than it is with the narrowly limited circumstances that wire surveillance has been allowed in the United States. UNANSWERED QUESTIONS There are a number of other legal issues that have not been adequately considered by the proponents of the key escrow arrangement that the Subcommittee should examine. First, not all lawful wiretaps follow a normal warrant process. The proponents of Clipper should make clear how emergency wiretaps will be conducted before the proposal goes forward. Second, there may be civil liability issues for the escrow agents, if they are private parties, if there is abuse or compromise of the keys. Third, there is a Fifth Amendment dimension to the proposed escrow key arrangement if a network user is compelled to disclose his or her key to the government in order to access a communications network. Each one of these issues should be examined carefully. CPSR CONFERENCE At a conference organized by CPSR this week at the Carnegie Endowment for International Peace we heard presentations from staff members at NIST, FBI, NSA and the White House about the Clipper proposal. The participants at the meeting had the opportunity to ask questions and to exchange views. Certain points now seem clear: % The Clipper proposal was not developed in response to any perceived public or business need. It was developed solely to address a law enforcement concern. % Wire surveillance remains a small part of law enforcement investigations. The number of arrests resulting from wiretaps has remained essentially unchanged since the federal wiretap law was enacted in 1968. % The potential risks of the Clipper proposal have not been assessed and many questions about the implementation remain unanswered. % Clipper does not appear to have the support of the business or research community. Many comments on the Clipper proposal, both positive and negative as well the materials obtained by CPSR through the Freedom of Information Act, are contained in the Source book compiled by CPSR for the recent conference. I am please to make a copy of this available to the Subcommittee. NETWORK PRIVACY PROTECTION Communications privacy remains a critical test for network development. Networks that do not provide a high degree of privacy are clearly less useful to network users. Given the choice between a cryptography product without a key escrow and one with a key escrow, it would be difficult to find a user who would prefer the key escrow requirement. If this proposal does go forward, it will not be because network users or commercial service providers favored it. Even if the issues regarding the Clipper are resolved favorably, privacy concerns will not go away. Cryptography is a part of communications privacy, but it is only a small part. Rules still need to be developed about the collection and use of transactional data generated by computer communications. While the federal wiretap law generally does a very good job of protecting the content of communications against interception by government agencies, large holes still remain. The extensive use of subpoenas by the government to obtain toll records and the sale of telephone records by private companies are just two examples of gaps in current law. The enforcement of privacy laws is also a particularly serious concern in the United States. Good laws without clear mechanisms for enforcement raise over-arching questions about the adequacy of legal protections in this country. This problem is known to those who have followed developments with the Privacy Act since passage in 1974 and the more recent Video Privacy and Protection Act of 1988. I make this point because it has been the experience in other countries that agencies charged with the responsibility for privacy protection can be effective advocates for the public in the protection of personal privacy. RECOMMENDATIONS Regarding the Clipper proposal, we believe that the national review currently underway by the Computer Security and Privacy Advisory Board at the Department of Commerce will be extremely useful and we look forward to the results of that effort. The Panel has already conducted a series of important open hearings and compiled useful materials on Clipper and cryptography policy for public review. We are also pleased that the Subcommittee on Telecommunications and Finance has undertaken this hearing. This Subcommittee can play a particularly important role in the resolution of these issues. We also appreciate the Chairman's efforts to ensure that the proper studies are undertaken, that the General Accounting Office fully explores these issues, and that the Secretary of Commerce carefully assesses the potential impact of the Clipper proposal on export policy. We are, however, less pleased about the White House study currently underway. That effort, organized in large part by the National Security Council, has led to a series of secret meetings, has asked that scientists sign non-disclosure agreements and accept restrictions on publication, and has attempted to resolve public concerns through private channels. This is not a good process for the evaluation of a technology that is proposed for the public switched network. While we acknowledge that the White House has been reasonably forthcoming in explaining the current state of affairs, we do not think that this process is a good one. For these reasons, we believe that the White House should properly defer to the recommendations of the Computer System Security and Privacy Advisory Board and the Subcommittee on Telecommunications and Finance. We hope that no further steps in support of the Clipper initiative will be taken. We specifically recommend that no further purchase of Clipper chips be approved. Speaking more generally, we believe that a number of steps could be taken to ensure that future communications initiatives could properly be viewed as a boost to privacy and not a set-back. % The FCC must be given a strong mandate to pursue privacy concerns. There should be an office specifically established to examine privacy issues and to prepare reports. Similar efforts in other countries have been enormously successful. The Japanese Ministry of Post and Telecommunications developed a set of privacy principles to ensure continued trade with Europe. The Canada Ministry of Communications developed a set of communications principles to address public concerns about the privacy of cellular communications. In Europe, the EC put forward an important directive on privacy protection for the development of new network services. % Current gaps in the communications law should be filled. The protection of transactional records is particularly important. Legislation is needed to limit law enforcement access to toll record information and to restrict the sale of data generated by the use of telecommunication services. As the network becomes digital, the transaction records associated with a particular communication may become more valuable than the content of the communication itself. % Telecommunications companies should be encouraged to explore innovative ways to protect privacy. Cryptography is a particular method to seal electronic communications, but far more important for routine communications could be anonymous telephone cards, similar to the metro cards here in the District of Columbia, that allow consumers to purchase services without establishing accounts, transferring personal data, or recording personal activities. Such cards are widely available in Europe, Japan, and Australia. I thank you very much for the opportunity to appear before the Subcommittee and would be pleased to answer your questions Computer Professionals for Social Responsibility CPSR is a national membership organization, established in 1982, to address the social impact of computer technology. There are 2,500 members in 20 chapters across the United States, and offices in Palo Alto, California, Cambridge, Massachusetts, and Washington DC. The organization is governed by a board of elected officers and meetings are open to the public. CPSR sponsors an annual meeting and the biennial conference on Directions and Implications of Advanced Computing. CPSR sponsored the first conference on Computers, Freedom, and Privacy in 1991. CPSR also operates the Internet Library at cpsr.org. The library contains documents from the White House on technology policy and a wide range of public laws covering privacy, access to information, and communications law and is available free of charge to all users of the Internet. Marc Rotenberg is the director of the CPSR Washington office and an adjunct professor at Georgetown University Law Center. He is chairman of the ACM Committee on Scientific Freedom and Human Rights, an editor for the Computer Law and Security Report (London), and the secretary of Privacy International, an organization of human rights advocates and privacy scholars in forty countries. He received an A.B. from Harvard College and a J.D. from Stanford Law School, and is a member of the bar of the United States Supreme Court. His forthcoming article "Communications Privacy: Implications for Network Design" will appear in the August 1993 issue of Communications o0f the ACM. ------------------------------ End of Computer Underground Digest #5.43 ************************************ ________________________________________________________________________ 0001600 177c fd13 f000 3011 ccc9 ba18 6823 3cf2 0001620 0811 2a14 eda0 ddbe 7745 d8e1 c6bf ee7e 0001640 fa73 d3ec 9a34 8eea 0598 ff85 2133 d0ec 0001660 e9b1 8cbe add6 a48a 1ae8 80bd efd2 1a9f 0001700 9ba0 d3d6 4e83 2a9f 8dee 2039 cb9c 5ebf 0001720 3d41 6e32 8251 bc3c 4231 4e6c 482f d31e 0001740 6e0e 72dd 164d a663 3d6a 1b44 1a26 9835 0001760 e4c7 2fd7 11d2 6b25 4335 64e8 b746 da0c ________________________________________________________________________ ________________________________________________________________________ The SURFPUNK Technical Journal is a dangerous multinational hacker zine originating near BARRNET in the fashionable western arm of the northern California matrix. Quantum Californians appear in one of two states, spin surf or spin punk. Undetected, we are both, or might be neither. ________________________________________________________________________ Send postings to , subscription requests to . MIME encouraged. Xanalogical archive access at "http://www.acns.nwu.edu/surfpunk/" ________________________________________________________________________ ________________________________________________________________________ /* xor files together, M bytes max */ #include #define M 9999 char buf[M]; char pad[M]; readin(s) char* s; { int cc; int i; FILE* f= fopen( s, "r" ); if (!f) { perror(s); return; } bzero(buf, sizeof buf); cc= fread( buf, 1, M, f ); for ( i=0; i Date: Sun, 13 Jun 93 18:12:17 PDT To: miron@extropia.wimsey.com (Miron Cuperman) Subject: Re: alt.whistleblowing In-Reply-To: <1993Jun13.213716.16151@extropia.wimsey.com> Message-ID: <9306140111.AA16461@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain According to Miron Cuperman: > mdiehl@triton.unm.edu (J. Michael Diehl) writes: > >I just started reading the alt.whistleblowing newsgroup. It would seem that > > That is strange, I'm not getting anything here. Maybe there is a > propagation problem. Well, it took a week to make it here..... > What is the recommended action in this case? Posting to alt.config, > or resending the newgroup message? Couldn't tell you, except, perhapse to be patient? +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Sun, 13 Jun 93 18:15:25 PDT To: cypherpunks@toad.com Subject: Digital Cash$$$$ Message-ID: <9306140115.AA16633@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain Hay all! I'm becomming very intrigued about digital cash. But, I have a few qestions. 1. How does one start a digital cash economy? How is the initial distribution of currency done? This is, of course, assuming the technical stuff is taken care of. 2. Is digital cash supposed to be backed by actuall cash on deposit at the bank? 3. How would one "get out" of such an economy if he wanted to? 4. If DC is to be backed by actual cash, is this really such a good idea? Looking forward to hearing any and all comments. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: smb@research.att.com Date: Sun, 13 Jun 93 17:08:10 PDT To: cypherpunks@toad.com Subject: corporations and morality Message-ID: <9306140008.AA22117@toad.com> MIME-Version: 1.0 Content-Type: text/plain I stumbled on a quote that succinctly expresses what I was saying about the lack of corporate morality. This is the head quote from Chapter XIX of Niven and Pournelle's ``Oath of Fealty'': They [corporations] cannot commit treason, nor be outlawed nor excommunicated, for they have no souls. --Sir Edward Coke, Lord Chief Justice of England Sutton's Hospital Case, 10 Report 32, 1628 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: miron@extropia.wimsey.com (Miron Cuperman) Date: Sun, 13 Jun 93 15:49:12 PDT To: cypherpunks@toad.com Subject: Re: alt.whistleblowing In-Reply-To: <9306130817.AA01161@triton.unm.edu> Message-ID: <1993Jun13.213716.16151@extropia.wimsey.com> MIME-Version: 1.0 Content-Type: text/plain mdiehl@triton.unm.edu (J. Michael Diehl) writes: >I just started reading the alt.whistleblowing newsgroup. It would seem that That is strange, I'm not getting anything here. Maybe there is a propagation problem. What is the recommended action in this case? Posting to alt.config, or resending the newgroup message? -- Miron Cuperman | NeXTmail/Mime ok Unix/C++/DSP, consulting/contracting | Public key avail AMIX: MCuperman | Laissez faire, laissez passer. Le monde va de lui meme. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter shipley Date: Mon, 14 Jun 93 02:11:28 PDT To: cypherpunks@toad.com, shipley Subject: Re: Mail logging Message-ID: <9306140456.AA29696@merde.dis.org> MIME-Version: 1.0 Content-Type: text/x-pgp -----BEGIN PGP SIGNED MESSAGE----- >>>The single most basic problem with mail development that we have is >>>that we don't have enough mail volume through the remailers we have > >As I said before, any experimentation that people want to do with list >distribution can be done by hacking the current remailer code. You >don't have to have any sysadmin privileges to do this. You don't even >have to have my permission to do this. > My home system has lots of spare CPU then I am willing to setup a cypherpunks crypto remailer. In enough people want to recive cypherpunks in PGP'ed crypt text I will set it up. -----BEGIN PGP SIGNATURE----- Version: 2.2 iQBFAgUBLBwE4Mhmn7GUWLLFAQGjzAF8DwqasQMdJATSkMD2HBEzQdDqVC8nSszn BewSSI0NW8YrrXo0ZWV2g6pos5dJOIN0 =UyFN -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Mon, 14 Jun 93 00:09:53 PDT To: cypherpunks@toad.com Subject: Digital cash software Message-ID: <9306140709.AA05436@toad.com> MIME-Version: 1.0 Content-Type: text/plain I spoke with David Chaum, the inventor of digital money, last week at the cryptography meetings in DC. He is willing to give us a noncommercial license to use his digital money patents, and copies of some of his software for digital cash, for us to deploy somehow, and start using. He'll be back in August for Crypto '93 in Santa Barbara, and will bring one of his assistants (Nils) up to the Bay Area to teach us about the software. I think we can get a copy from him in the meantime, and puzzle it out ourselves between now and then. We'll also need to work out the legalese on the patents; it should be simple, but then again, almost everything *should* be simple... If we have a small group of people (say 2 to 5) who are seriously interested in building a digital-cash-on-the-Internet application and getting it into use, then speak up and get organized, and I will cross-connect you to David and Nils so things will start moving. David's company Digicash has been working on toll collection systems; he showed pictures of their newest system that allows driving full speed through the tollbooths and still does the transaction, using infrared through the windshield, I think. If someone wanted to present his system and his company to the authoritarians who were last seen preparing to put unencrypted automated vehicle-ID numbers on cars in California for toll collection, that would be a good thing. Speak up... John From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ""L. Detweiler"" Date: Sun, 13 Jun 93 23:21:39 PDT To: cypherpunks@toad.com Subject: alt.whistleblowing-cypherpunk FAQ In-Reply-To: <9306130817.AA01161@triton.unm.edu> Message-ID: <9306140621.AA29371@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain J. Michael Diehl >I just started reading the alt.whistleblowing newsgroup. It would seem that it >has already digressed into a flamefest. Could the person who created it please >post a set of guidelines for the group! Also, people are using their REAL >names! Appearantly, they don't know anything about the anon remailers....Could >someone post a notice about that, too? Same thing goes WRT pgp. We helped >create this group, we ought to help keep it worth reading. ;^) Mr. Diehl: If you had taken the time to read any significant portion of alt.whistleblowing traffic, I would imagine you would have stumbled on messages where I presented an outline/preliminary FAQ and an anonymous posting described precisely how to use Julf's remailer to send traffic (which were posted under a week ago). I take great offense at your hasty, flippant denigration of it so far as a `flamefest'. While of course I'm not really associated with alt.whistleblowers at all in the grand cyberspatial scheme of things, I feel a smidgeon of personal responsibility for the group. Are you paying attention? Have you seen my promises there and on the cypherpunk list to create the FAQ? So far, IMHO, the traffic has mostly been very high-caliber and even spectacular. A lady named Karen Lofstrom reported how her boss at a Hawaii university misused ~$100,000 in funds and work of public employees on his private company -- from NSA grant money -- starting a long thread of sympathetic responses (she alluded to this earlier on sci.crypt I believe but expanded it beautifully in alt.whistleblower). We have other interesting revelations so far too. There are messages pointing out a private `whistleblowing support organization' and how to contact them. Your message, upon rereading it, makes me extremely exasperated. It reconfirms my suspicion that a large part of traffic on this list and tactics in the Cypherpunk arsenal are to just give lip service to interesting ideas but leave the messy and laborious detail work to others. Despite plenty of great fireworks on this list, I have seen no tangible contributions from others on the whistleblowing project other than Miron Cuperman's gracious effort to create the group (despite grandiose reassurances to the contrary), and Julf's immediate support of it, two individuals who are already highly active and motivated outside of their cypherpunk involvement. Furthermore, I've encountered many extremely frustrating obstructions here. I've seen great accomplishments by individuals who call themselves `cypherpunks' but none by well-orchestrated collections of them. This is not to discourage positive effort in the future by anyone on this list on the whistleblower project or anything else. It is to suggest that the Cypherpunks are so intensely individualistic as to preclude group projects and large-scale cooperation, and that this is a serious obstacle to enacting meaningful, critical change on the agenda. (Go ahead, flame me and ask what I've done for everyone lately --- I won't respond. That is not the spirit of my words.) The statement that makes my blood boil violently is the following: >We helped >create this group, we ought to help keep it worth reading. ;^) How is it that `we' created this group? All I've seen here is voluminous verbiage (yes, mine included). I appreciate the call to arms and cooperation, but I've tried it here before with impoverished, negligible, and excruciatingly painful results. How long ago did you join the list? I've already posted ways for cypherpunks to help out on the whistleblowing newsgroup. The simplest way is to just go there and post something useful or assimilate existing traffic into something useful. Mr. Diehl, the following is not a personal request. On behalf of the hundreds of people who read the cypherpunks list, I humbly ask you (and remind all other cypherpunks) to put the tiniest greater effort into your postings to the mailing list that, like all others, take the time of everyone to sort in their mailbox, and make every effort to direct messages through personal email where appropriate. I've asked you before politely in private email to no response, or apparently, effect. It is only in the rarest of occasions I will ever put forth such a request, and an even more unusual case to go public with it. I appreciated your volunteering to do the email survey but turning around with the final summary and admitting yourself that you're `too lazy to tabulate results' I find highly annoying (what is the point?), and I think does a disservice to the people who took the time to respond (including myself). Following is some traffic from the group. Some favorite quotes: From Greg Welch, who's been extremely helpful in contributing to the FAQ referring to that private whistleblower agency: >BTW, you just made me realize that I need to contact them to see if they >can read (or are already reading) this news group somehow. Boy, I wish this >group was around when I was in a similar situation. Also, from Karen Lofstrom, the NSA grant whistleblower: >If we can get a number of other whistleblowers posting here, or people >from organizations that support whistleblowers, perhaps we can create some >group wisdom about how to blow the whistle _effectively_. I certainly >could have used some informed advice when I started. ===cut=here=== From yuma!csn!magnus.acs.ohio-state.edu!usenet.ins.cwru.edu!agate!ames!news.H awaii.Edu!uhunix3.uhcc.Hawaii.Edu!lofstrom Tue, 8 Jun 1993 03:55:08 GMT Newsgroups: alt.whistleblowing Path: yuma!csn!magnus.acs.ohio-state.edu!usenet.ins.cwru.edu!agate!ames!news.H awaii.Edu!uhunix3.uhcc.Hawaii.Edu!lofstrom From: lofstrom@uhunix3.uhcc.Hawaii.Edu (Karen Lofstrom) Subject: NSA Grant Misused Message-ID: Summary: Grantee runs private business with government paid labor Keywords: NSA, whistleblowing Sender: news@news.Hawaii.Edu Organization: University of Hawaii X-Newsreader: TIN [version 1.2 PL0] Date: Tue, 8 Jun 1993 03:55:08 GMT Lines: 83 I noted with interest the creation of this newsgroup and looked forward to reading the contributions of other whistleblowers. However, no whistleblowers have come forward. I suppose I'll have to post, then. I'm a fired whistleblower. After working five months of a part-time job funded by a NSA grant, at Chaminade University (note that this case does not involve the University of Hawaii, under whose auspices I post), I had begun to realize that my boss was misusing the grant. He was using government paid clerical labor, including mine, to run several businesses. He was ordering equipment for the grant from his own company, and charging the government twice what he charged any other customers (and a 1000% markup over what he actually paid for the equipment). I started collecting documentation of the problems, sneaking xeroxes when no one was looking. I didn't know anything about how to blow a whistle, so I consulted a friend of mine who worked in the state prosecutor's office. He suggested I contact a LARGE, reputable law firm, which I did. The lawyer I consulted was friendly and helpful, even refusing to charge for his services. I had been planning to go talk to the university. The lawyer said that they had failed in their oversight, would probably be more inclined to cover things up than fix them. He suggested I phone the granting agency and talk to someone there (though not the person directly responsible for the grant, who was a friend of the grantee, and had taken an expensive present from him). Well, the lawyer didn't know that you can't phone the NSA. I had a phone number from the copy of the grant I had surreptitiously xeroxed, but the operator said they would accept calls from secure lines only. Write a letter, she said. I wrote a letter and chewed my nails for a week. They didn't respond at all. So I took the advice of another friend and went to the FBI and the DCIS (Defense Criminal Investigation Services). They started an investigation. I was fired. I didn't go to the press because I was trying to be nice, and reasonable, and hoping that the government would take some action. I didn't necessarily want my ex-boss prosecuted, I just wanted the waste stopped. Well, the DCIS decided not to prosecute. They said that my charges weren't unfounded, but that the case was so complex that they weren't sure they could win it in a jury trial. Well, the investigator told me that. The DCIS never put anything on paper. So I wrote the NSA, asking if they were taking any steps to prevent further waste and fraud. They advised me to contact the DCIS. I wrote the DCIS, they didn't answer. I went to my Congressman, who wrote to the NSA. The NSA told him to tell me to write to the DCIS. I wrote the DCIS and they didn't answer. I wrote the Congressman again and got no reply. So I went to the papers. The local alternative weekly wasn't interested; they said they didn't have enough writers to cover all the stories. I went to the mainstream newspaper, which was extremely interested at first. Then the reporter discovered that I had been fired over a year ago. This made the whole thing non-news. Apparently if I had contacted them while the investigation was still going on, it would have been news. Several people have advised me to sue. There is a law forbidding the firing of whistleblowers. However, the damages to be to be recovered might be slight, given that it was a low-paying clerical job, and I would have to pay for the suit out of my own pocket. The NSA didn't renew the grant. However, they didn't do anything to crack down on my ex-boss. He stole approximately $100,000 from the taxpayers, and he's going to get away with it. For the halls of infamy: the grant was NSA Grant PR #00-91-0016 MDA904-91-H-5002. The grantee was Dr. John Wollstein. I keep asking myself, what could I have done differently? I do wish that I had been on the net then, that this topic had existed, and that I could have gotten some advice from other whistleblowers. I wish that I'd contacted the press as soon as I was fired, rather than trying to be "nice". I'd like some discussion of this, but I would hope that it could be productive. It wouldn't make me feel any better to have peoplle flaming for being stupid about this or that, given that _I'm_ the one who paid the price for trying to do the right thing. ----- Karen Lofstrom lofstrom@uhunix.uhcc.Hawaii.edu K.Lofstrom on GEnie From yuma!csn!magnus.acs.ohio-state.edu!usenet.ins.cwru.edu!howland.reston.an s.net!darwin.sura.net!news-feed-1.peachnet.edu!concert!borg.cs.unc.edu!c s.unc.edu!welchg 8 Jun 1993 12:59:43 GMT Path: yuma!csn!magnus.acs.ohio-state.edu!usenet.ins.cwru.edu!howland.reston.an s.net!darwin.sura.net!news-feed-1.peachnet.edu!concert!borg.cs.unc.edu!c s.unc.edu!welchg From: welchg@cs.unc.edu (Gregory Welch) Newsgroups: alt.whistleblowing Subject: Re: NSA Grant Misused Date: 8 Jun 1993 12:59:43 GMT Organization: The University of North Carolina at Chapel Hill Lines: 109 Distribution: world Message-ID: <1v22fvINNc4f@borg.cs.unc.edu> References: NNTP-Posting-Host: sirius.cs.unc.edu Keywords: NSA, whistleblowing My God Karen, I would hope that nobody would "flame" you! Nobody should have to go through what you did, but unfortunately it happens. The world has enough problems without people like your old employer adding their garbage. Good for you for being strong & courageous enough to do something. My hat is off to you. I have a few suggestions/comments inserted below. But *most* importantly, I *strongly* suggest that you contact: Project on Government Oversight 2025 I Street, NW Suite 1117 Washington, DC 20006 202-466-5539 (this should be placed in a FAQ or such for this group...?) Ask to speak to someone about your situation, and ask them to send you some literature about their organization (they have a booklet, etc.) They may be able to help you obtain legal help (ACLU?) etc. Best of all it will do you good to know that there *are* people, even organizations, who are trying to stop the waste, abuse, fraud, etc. Some background: "The Project" (as they like to refer to it) is a non-profit organization that has been around for several years (previously called the Government Accountability Project or GAP.) I have worked with them in the past (a guy named Keith Rutter in particular -- don't know if he's still there) and feel that they are a *great* source for help in a situation like yours. In fact, that's all they do, full-time, is assist "whistleblowers" in correcting or exposing such problems. This organization has access to government officals (congressmen & women, etc.) as well as other legal & publicity entities. Their goal is to assist people like you (and me it so happens) in addressing such problems in the most *effective* manner. In other words, they are experienced in working quietly with people like us (reading this group) to accomplish as much as possible, without causing one to become a martyr for the cause. And when "quiet" is no longer appropriate, they will also help doing whatever is necessary. The organization also maintains an extensive network of past whistleblowers, and experts in various fields who are happy to assist (e.g. with problems that are of a particular technical nature.) BTW, you just made me realize that I need to contact them to see if they can read (or are already reading) this news group somehow. Boy, I wish this group was around when I was in a similar situation. Now, a few posting-specific comments... In article , lofstrom@uhunix3.uhcc.Hawaii.Edu (Karen Lofstrom) writes: [stuff deleted] |> |> Several people have advised me to sue. There is a law forbidding |> the firing of whistleblowers. However, the damages to be |> to be recovered might be slight, given that it was a low-paying clerical |> job, and I would have to pay for the suit out of my own pocket. |> Most certainly ask the people at "The Project" about this. It *sounds* like you have a pretty tight case (caveat: I'm *not* a lawyer :-) ). Anyway, it *is* against the law for anyone to seek retribution against someone in your situation. It is also possible that punitive damages could be awarded (not sure) in which case you might get enough to make the disruption to your life a little more tolerable. Besides, if you could get the ACLU (or such) to represent you, the greatest accomplishment might be to publicize your case, giving hope to those in similar situations, and cause to worry to other would-be thieves. |> The NSA didn't renew the grant. However, they didn't do anything to crack |> down on my ex-boss. He stole approximately $100,000 from the taxpayers, |> and he's going to get away with it. |> Boy, not if we can help it! I will call "the project" today to let them know about the net. Please send me mail if you want me to mention your name & situation, I could ask them to contact you if you want. [stuff deleted] |> I keep asking myself, what could I have done differently? I do wish that |> I had been on the net then, that this topic had existed, and that I could |> have gotten some advice from other whistleblowers. I wish that I'd |> contacted the press as soon as I was fired, rather than trying to be "nice". |> Don't look back too much, it may not be over yet. You may still be able to do something about this. |> I'd like some discussion of this, but I would hope that it could be |> productive. It wouldn't make me feel any better to have peoplle flaming |> for being stupid about this or that, given that _I'm_ the one who paid the |> price for trying to do the right thing. |> |> |> |> ----- Karen Lofstrom lofstrom@uhunix.uhcc.Hawaii.edu |> K.Lofstrom on GEnie Thanks for the most meaningful posting to this newsgroup yet, and thanks for doing what you did. -- _____________________________________________________________________________ GREG WELCH | Email: welchg@cs.unc.edu University of North Carolina at Chapel Hill | Department of Computer Science | Room 323, Sitterson Hall | Chapel Hill, NC 27599 | From yuma!csn!magnus.acs.ohio-state.edu!usenet.ins.cwru.edu!howland.reston.an s.net!agate!ames!news.Hawaii.Edu!uhunix3.uhcc.Hawaii.Edu!lofstrom Wed, 9 Jun 1993 01:59:42 GMT Newsgroups: alt.whistleblowing Path: yuma!csn!magnus.acs.ohio-state.edu!usenet.ins.cwru.edu!howland.reston.an s.net!agate!ames!news.Hawaii.Edu!uhunix3.uhcc.Hawaii.Edu!lofstrom From: lofstrom@uhunix3.uhcc.Hawaii.Edu (Karen Lofstrom) Subject: Re: NSA Grant Misused Message-ID: Sender: news@news.Hawaii.Edu Organization: University of Hawaii X-Newsreader: TIN [version 1.2 PL0] References: <1993Jun8.202526.26656@oucsace.cs.ohiou.edu> Date: Wed, 9 Jun 1993 01:59:42 GMT Lines: 22 Thanks all, for the appreciative posts and the E-mails of support that I received. No flames. Why was I expecting them? Perhaps because I felt that I had been a bit naive in expecting the government to police itself, without the glare of outside publicity to force it to do the right thing. So the question I put up for discussion is: when should a whistleblower go the media? How? If we can get a number of other whistleblowers posting here, or people from organizations that support whistleblowers, perhaps we can create some group wisdom about how to blow the whistle _effectively_. I certainly could have used some informed advice when I started. Someone upstream asked what the grant was funding. Nothing classified. Something that was actually beneficial and socially benign. It was to help high-school age immigrants from Asian and especially SE Asian countries maintain their first languages. Eventually useful to the NSA, as providing a pool of possible translators, but also good for the kids involved. That's one reason I wanted to step lightly. -- --- Karen Lofstrom lofstrom@uhunix.uhcc.Hawaii.edu K.Lofstrom on GEnie From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Fred Heutte Date: Mon, 14 Jun 93 01:51:32 PDT To: smb@research.att.com Subject: Re: corporations and morality Message-ID: <93Jun14.015105pdt.13893-1@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Feh on Pournelle and Niven especially, dreary drones of the Ayn Rand school of pseudo-insight. Read some of Peter Drucker's new work on corporate responsibility and tell me corporate America isn't thinking about ethics and morality. And just this weekend on a PBS forum on workplace harassment issues I heard a CEO quoting Milton Friedman approvingly on the issue of ethical behavior not only being the right thing to do but central to achieving the corporate mission. Wake up -- it's not 1880 any more!! From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jdblair@nextsrv.cas.muohio.EDU Date: Sun, 13 Jun 93 23:27:20 PDT To: cypherpunks@toad.com Subject: thanks Message-ID: <9306140637.AA02012@ nextsrv.cas.muohio.EDU > MIME-Version: 1.0 Content-Type: text/plain Thanks to everyone for a really interesting and informative discussion group. I started out knowing almost nothing about encryption systems, and now I feel like I am at least an informed novice. I have learned a lot, and I really appreciate it. I will be in the Sangre de Christo Mtns. in New Mexico for the rest of the summer (w/o net access, this time), so I'll have to catch up in the fall. thanks again, -john From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Nickey MacDonald Date: Sun, 13 Jun 93 23:21:16 PDT To: cypherpunks list Subject: request for patent info Message-ID: MIME-Version: 1.0 Content-Type: text/plain Seems to me that now might be a good time to get a list together of all encryption related patents and when they expire. Unless someone already has such a list, I will compile and repost any info sent to me. -- Nick MacDonald | NMD on IRC i6t4@jupiter.sun.csd.unb.ca | PGP 2.1 Public key available via finger i6t4@unb.ca | (506) 457-1931 ^{1024/746EBB 1993/02/23} From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mlshew@dixie.com (Mark Shewmaker) Date: Mon, 14 Jun 93 06:49:09 PDT To: cypherpunks@toad.com Subject: Rude CryptoStacker Suggestion Message-ID: MIME-Version: 1.0 Content-Type: text/plain I have one possible suggestion that might speed up your goals of getting an ecrypting filesystem on PC Clones, although I'm not exactly sure how to put it politely: Seeing as you're looking for encrypting filesystems to work on PC clones, have you made sure such code doesn't exist already? Why not just scrounge through ftp sites (or archie) until you find an already written DOS program that does what you like, and use it instead? With DOS's huge installed user base, I have an extremely difficult time believing that this stuff doesn't already exist for it. Ryan, I don't intend to demean your efforts to bring privacy to the hard drives of the great unwashed masses, (especially if they really are without options at this point)--on the contrary, it's quite a noble goal, and would be a good programming project in its own right even if other solutions do exist, but I'd hate to see you waste your efforts if the same thing really exists elsewhere. -Mark Shewmaker From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Mon, 14 Jun 93 07:36:03 PDT To: cypherpunks@toad.com Subject: request for patent info In-Reply-To: Message-ID: <9306141432.AA05436@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >Seems to me that now might be a good time to get a list together of all >encryption related patents and when they expire. As much as we need this, we also need the actual text of the patents. What a patent actually covers is often much narrower than what is claimed. >Unless someone already >has such a list, I will compile and repost any info sent to me. The experience of others trying to gather such information as this is that you have to be proactive if you expect to get anything done. Waiting for people to send you stuff is an exercise in patience. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Mon, 14 Jun 93 07:47:25 PDT To: cypherpunks@toad.com Subject: digital cash In-Reply-To: <9306140251.AA27197@toad.com> Message-ID: <9306141443.AA05997@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >How about putting the digital money in a game/bbs >environment? I had a talk with a fellow named Joichi Ito at CFP about this subject. He's a total MUD addict and told me, "I would pay real money for MUD money." The legal issues involved in setting up a real world money system are enormous. Doing a game environment implementation would allow the technical issues to be worked out without having to hire lawyers. And if some people transact for real money, we can't help that. For MUD's in particular, there's a problem with conservation of mass, er, gold. It's really easy to create more MUD money. However, if there were a currency exchange system available between MUD's, you would have a classical free banking environment. Everyone issues currency, and as gamemaster your money deflates to the extent that you allow more gold to exist in your game. I can't think of a better way to get people to learn about monetary effects in macroeconomics. I also spoke with Pavel Curtis at CFP, but only enough to interest him in talking further. Pavel runs the largest MUD on the planet. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jet@nas.nasa.gov (J. Eric Townsend) Date: Mon, 14 Jun 93 09:00:18 PDT To: cypherpunks@toad.com Subject: forward: Cu Digest, #5.43 -- 2600 & CPSR House Subcommittee Testimony Message-ID: <9306141559.AA01370@boxer.nas.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain Emmanuel's comments are somewhat disturbing... > > > Computer underground Digest Sun June 13 1993 Volume 5 : Issue 43 > ISSN 1004-043X > > Editors: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET) > Archivist: Brendan Kehoe > Shadow-Archivists: Dan Carosone / Paul Southworth > Ralph Sims / Jyrki Kuoppala > Ian Dickinson > Copy Editor: Etaoin Shrdlu, Seniur > > CONTENTS, #5.43 (June 13 1993) > File 1--Hacker testimony to House subcommittee largely unheard > File 2--CPSR Clipper Testimony (6-9-93) in House Subcommittee > > Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are > available at no cost electronically from tk0jut2@mvs.cso.niu.edu. The > editors may be contacted by voice (815-753-6430), fax (815-753-6302) > or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL > 60115. > > Issues of CuD can also be found in the Usenet comp.society.cu-digest > news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of > LAWSIG, and DL0 and DL12 of TELECOM; on GEnie in the PF*NPC RT > libraries and in the VIRUS/SECURITY library; from America Online in > the PC Telecom forum under "computing newsletters;" > On Delphi in the General Discussion database of the Internet SIG; > on the PC-EXEC BBS at (414) 789-4210; and on: Rune Stone BBS (IIRG > WHQ) 203-832-8441 NUP:Conspiracy > CuD is also available via Fidonet File Request from 1:11/70; unlisted > nodes and points welcome. > EUROPE: from the ComNet in LUXEMBOURG BBS (++352) 466893; > In ITALY: Bits against the Empire BBS: +39-461-980493 > > ANONYMOUS FTP SITES: > UNITED STATES: ftp.eff.org (192.88.144.4) in /pub/cud > uglymouse.css.itd.umich.edu (141.211.182.53) in /pub/CuD/cud > halcyon.com( 202.135.191.2) in /pub/mirror/cud > AUSTRALIA: ftp.ee.mu.oz.au (128.250.77.2) in /pub/text/CuD. > EUROPE: nic.funet.fi in pub/doc/cud. (Finland) > ftp.warwick.ac.uk in pub/cud (United Kingdom) > > COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing > information among computerists and to the presentation and debate of > diverse views. CuD material may be reprinted for non-profit as long > as the source is cited. Authors hold a presumptive copyright, and > they should be contacted for reprint permission. It is assumed that > non-personal mail to the moderators may be reprinted unless otherwise > specified. Readers are encouraged to submit reasoned articles > relating to computer culture and communication. Articles are > preferred to short responses. Please avoid quoting previous posts > unless absolutely necessary. > > DISCLAIMER: The views represented herein do not necessarily represent > the views of the moderators. Digest contributors assume all > responsibility for ensuring that articles submitted do not > violate copyright protections. > > ---------------------------------------------------------------------- > > Date: Thu, 10 Jun 1993 16:53:48 -0700 > From: Emmanuel Goldstein > Subject: File 1--Hacker testimony to House subcommittee largely unheard > > What follows is a copy of my written testimony before the House > Subcommittee on Telecommunications and Finance. The June 9th hearing > was supposed to have been on the topic of network security, toll > fraud, and the social implications of the rapidly emerging > technologies. I was asked to speak for those who had no voice, which > translates to hackers and consumers. Instead I found myself barraged > with accusations from the two representatives in attendance (Rep. Ed > Markey D-MA and Rep. Jack Fields R-TX) who considered 2600 Magazine > (of which I'm the editor) nothing more than a manual for computer > crime. One article in particular that Markey latched upon was one in > our Spring issue that explained how a cable descrambler worked. > According to Markey, there was no use for this information outside of > a criminal context. Fields claimed we were printing cellular "codes" > that allowed people to listen in on cellular calls. In actuality, we > printed frequencies. The difference didn't seem to matter - after > explaining it to him, he still said he was very disturbed by the fact > that I was allowed to keep publishing. It soon became apparent to me > that neither one had read my testimony as there seemed to be no > inclination to discuss any of the issues I had brought up. In a way, > it was very much like being on the Geraldo show. Somehow I thought > elected representatives would be less sensationalist and more > interested in learning but this was not the case here. We got > absolutely nowhere. Markey in particular was rude, patronizing, and > not at all interested in entertaining any thought outside his narrow > perception. It's too bad this opportunity was lost. There is a real > danger in elected officials who don't listen to all relevant opinions > and who persist in sticking to old-fashioned, outdated notions that > just don't apply to high technology. You can look forward to more > restrictive regulations and higher penalties for violating them if > this mentality continues to dominate. > > +++++++++++++++++++ > WRITTEN TESTIMONY FOLLOWS: > > Mr. Chairman, members of the Committee, thank you for the > opportunity to speak on the issue of the rapid growth and changes in > the telecommunications industry. > > My name is Emmanuel Goldstein and I am the publisher of 2600 > Magazine, which is a journal for computer hackers as well as anyone > else who happens to be interested in the direction that technology is > taking us. We tend to be brutally honest in our assessments and, as a > result, we do get some corporations quite angry at us. But we've also > managed to educate a large number of people as to how their telephone > system works, what kinds of computers may be watching them, and how > they can shape technology to meet their needs, rather than be forced > to tailor their existence to meet technology's needs. > > I am also the host of a weekly radio program called Off The Hook > which airs over WBAI in New York. Through that forum we have > discovered the eagerness and curiosity that many "ordinary people on > the street" possess for technology. At the same time we have seen > fears and suspicions expressed that would be unwise to ignore. > > HOW TO HANDLE RAPIDLY CHANGING TECHNOLOGY > > The next few years will almost certainly go down in history as > those in which the most change took place in the least amount of time. > The computer and telecommunications revolution that we are now in the > midst of is moving full speed ahead into unknown territory. The > potential for amazing advances in individual thought and creativity is > very real. But so is the potential for oppression and mistrust the > likes of which we have never before seen. One way or the other, we > will be making history. > > I think we can imagine it best if we think of ourselves speeding > down a potentially dangerous highway. Perhaps the road will become > slick with ice or fraught with sharp curves. It's a road that nobody > has gone down before. And the question we have to ask ourselves is > what kind of a vehicle would we prefer to be in if things should start > getting out of control: our own automobile where we would have at > least some chance of controlling the vehicle and bringing it down to a > safe speed or a bus where we, along with many others, must put all of > our trust behind a total stranger to prevent a disaster. The answer is > obviously different depending on the circumstances. There are those of > us who do not want the responsibility of driving and others who have > proven themselves unworthy of it. What's important is that we all have > the opportunity at some point to choose which way we want to go. > > Rapidly changing technology can also be very dangerous if we > don't look where we're going or if too many of us close our eyes and > let someone else do the driving. This is a ride we all must stay awake > for. > > I am not saying we should be overly suspicious of every form of > technology. I believe we are on the verge of something very positive. > But the members of this committee should be aware of the dangers of an > uninformed populace. These dangers will manifest themselves in the > form of suspicion towards authority, overall fear of technology, and > an unhealthy feeling of helplessness. > > HOW NEW TECHNOLOGY CAN HURT US > > The recent FBI proposal to have wiretap capabilities built into > digital telephone systems got most of its publicity because American > taxpayers were expected to foot the bill. But to many of the > non-technical people I talked to, it was just another example of Big > Brother edging one step closer. It is commonly believed that the > National Security Agency monitors all traffic on the Internet, not to > mention all international telephone calls. Between Caller ID, TRW > credit reports, video cameras, room monitors, and computer > categorizations of our personalities, the average American feels as if > life no longer has many private moments. Our Social Security numbers, > which once were for Social Security, are now used for everything from > video rentals to driver's licenses. These numbers can easily be used > to track a person's location, expenses, and habits - all without any > consent. If you know a person's name, you can get their telephone > number. If you have their phone number, you can get their address. > Getting their Social Security number is not even a challenge anymore. > With this information, you can not only get every bit of information > about this person that exists on any computer from Blockbuster Video > to the local library to the phone company to the FBI, but you can > begin to do things in this poor person's name. It's possible we may > want a society like this, where we will be accountable for our every > movement and where only criminals will pursue privacy. The American > public needs to be asked. But first, they need to understand. > > In Germany, there is a fairly new computerized system of identity > cards. Every citizen must carry one of these cards. The information > includes their name, address, date of birth, and nationality - in > other words, the country they were originally born in. Such a system > of national identity can be quite useful, but in the wrong hands it > can be extremely scary. For example, if a neo-Nazi group were to > somehow get their hands on the database, they could instantly find out > where everyone of Turkish nationality lived. A malevolent government > could do the same and, since not carrying the card would be a crime, > it would be very hard to avoid its wrath. > > Before introducing a new technology that is all-encompassing, all > of its potential side-effects and disadvantages should be discussed > and addressed. Opportunities must exist for everyone to ask questions. > In our own country, nobody was ever asked if they wanted a credit file > opened on them, if they wanted to have their phone numbers given to > the people and companies they called through the use of Caller ID and > ANI, or if they wanted to be categorized in any manner on numerous > lists and databases. Yet all of this has now become standard practice. > > This implementation of new rules has resulted in a degree of > cynicism in many of us, as well as a sense of foreboding and dread. We > all know that these new inventions will be abused and used to > somebody's advantage at some point. There are those who would have us > believe that the only people capable of such misdeeds are computer > hackers and their ilk. But it just isn't that simple. > > UNDERSTANDING COMPUTER HACKERS > > To understand computer hackers, it helps to think of an alien > culture. We have such cultures constantly around us - those with > teenage children ought to know what this means. There are alien > cultures of unlimited varieties throughout the globe, sometimes in the > most unexpected places. I'm convinced that this is a good thing. > Unfortunately, all too often our default setting on whatever it is we > don't understand is "bad". Suspicion and hostility follow and are soon > met with similar feelings from the other side. This has been going on > between and within our cultures for as long as we've existed. While we > can't stop it entirely, we can learn to recognize the danger signs. > The best way that I've found to deal with an alien culture, whether > it's in a foreign country or right here at home, is to try and > appreciate it while giving it a little leeway. There is not a single > alien culture I've encountered that has not been decidedly friendly. > That includes deadheads, skateboarders, Rastafarians, and hackers. > > When we talk about computer hackers, different images spring to > mind. Most of these images have come about because of perceptions > voiced by the media. Too often, as I'm sure the members of this > committee already suspect, the media just doesn't get it. This is not > necessarily due to malice on their part but rather a general lack of > understanding and an overwhelming pressure to produce a good story. > Hence we get an abundance of sensationalism and, when the dust clears, > hackers are being compared with bank robbers, mobsters, terrorists, > and the like. It's gotten to the point that the word hacker is almost > analogous to the word criminal. > > Fortunately, the media is learning. Reporters now approach > hackers with a degree of technological savvy. For the most part, they > have stopped asking us to commit crimes so they can write a story > about it. As the technology envelops us, journalists are developing > the same appreciation and curiosity for it that hackers have always > had. Any good reporter is at least part hacker because what a hacker > does primarily is relentlessly pursue an answer. Computers naturally > lend themselves to this sort of pursuit, since they tend to be very > patient when asked a lot of questions. > > WHAT CONSTITUTES A HI-TECH CRIME? > > So where is the boundary between the hacker world and the > criminal world? To me, it has always been in the same place. We know > that it's wrong to steal tangible objects. We know that it's wrong to > vandalize. We know that it's wrong to invade somebody's privacy. Not > one of these elements is part of the hacker world. > > A hacker can certainly turn into a criminal and take advantage of > the weaknesses in our telephone and computer systems. But this is > rare. What is more likely is that a hacker will share knowledge with > people, one of whom will decide to use that knowledge for criminal > purposes. This does not make the hacker a criminal for figuring it > out. And it certainly doesn't make the criminal into a hacker. > > It is easy to see this when we are talking about crimes that we > understand as crimes. But then there are the more nebulous crimes; the > ones where we have to ask ourselves: "Is this really a crime?" Copying > software is one example. We all know that copying a computer program > and then selling it is a crime. It's stealing, plain and simple. But > copying a program from a friend to try it out on your home computer -- > is this the same kind of crime? It seems obvious to me that it is not, > the reason being that you must make a leap of logic to turn such an > action into a crime. Imagine if we were to charge a licensing fee > every time somebody browsed through a magazine at the local bookshop, > every time material was borrowed from a library, or every time a phone > number was jotted down from the yellow pages. Yet, organizations like > the Software Publishers Association have gone on record as saying that > it is illegal to use the same computer program on more than one > computer in your house. They claim that you must purchase it again or > face the threat of federal marshalls kicking in your door. That is a > leap of logic. > > It is a leap of logic to assume that because a word processor > costs $500, a college student will not try to make a free copy in > order to write and become a little more computer literate. Do we > punish this student for breaking a rule? Do we charge him with > stealing $500? To the hacker culture on whose behalf I am speaking > today, the only sensible answer is to make it as easy as possible for > that college student to use the software he needs. And while we're at > it, we should be happy that he's interested in the first place. > > Of course, this represents a fundamental change in our society's > outlook. Technology as a way of life, not just another way to make > money. After all, we encourage people to read books even if they can't > pay for them because to our society literacy is a very important goal. > I believe technological literacy is becoming increasingly important. > But you cannot have literacy of any kind without having access. > > If we continue to make access to technology difficult, > bureaucratic, and illogical, then there will also be more computer > crime. The reason being that if you treat someone like a criminal, > they will begin to act like one. If we succeed in convincing people > that copying a file is the same as physically stealing something, we > can hardly be surprised when the broad-based definition results in > more overall crime. Blurring the distinction between a virtual > infraction and a real-life crime is a mistake. > > LEGISLATION FOR COMPUTER AGE CRIME > > New laws are not needed because there is not a single crime that > can be committed with a computer that is not already defined as a > crime without a computer. But let us not be loose with that > definition. Is mere unauthorized access to a computer worthy of > federal indictments, lengthy court battles, confiscation of equipment, > huge fines, and years of prison time? Or is it closer to a case of > trespassing, which in the real world is usually punished by a simple > warning? "Of course not," some will say, "since accessing a computer > is far more sensitive than walking into an unlocked office building." > If that is the case, why is it still so easy to do? If it's possible > for somebody to easily gain unauthorized access to a computer that has > information about me, I would like to know about it. But somehow I > don't think the company or agency running the system would tell me > that they have gaping security holes. Hackers, on the other hand, are > very open about what they discover which is why large corporations > hate them so much. Through legislation, we can turn what the hackers > do into a crime and there just might be a slim chance that we can stop > them. But that won't fix poorly designed systems whose very existence > is a violation of our privacy. > > THE DANGERS OF UNINFORMED CONSUMERS > > The concept of privacy is something that is very important to a > hacker. This is so because hackers know how fragile privacy is in > today's world. Wherever possible we encourage people to protect their > directories, encrypt their electronic mail, not use cellular phones, > and whatever else it takes to keep their lives to themselves. In 1984 > hackers were instrumental in showing the world how TRW kept credit > files on millions of Americans. Most people had never even heard of a > credit file until this happened. Passwords were very poorly guarded - > in fact, credit reports had the password printed on the credit report > itself. More recently, hackers found that MCI's Friends and Family > program allowed anybody to call an 800 number and find out the numbers > of everyone in a customer's "calling circle". As a bonus, you could > also find out how these numbers were related to the customer: friend, > brother, daughter-in-law, business partner, etc. Many times these > numbers were unlisted yet all that was needed to "verify" the > customer's identity was the correct zip code. In both the TRW and MCI > cases, hackers were ironically accused of being the ones to invade > privacy. What they really did was help to educate the American > consumer. > > Nowhere is this more apparent than in the telephone industry. > Throughout the country, telephone companies take advantage of > consumers. They do this primarily because the consumer does not > understand the technology. When we don't understand something > complicated, we tend to believe those who do understand. The same is > true for auto mechanics, plumbers, doctors, and lawyers. They all > speak some strange language that the majority of us will never > understand. So we tend to believe them. The difference with the phone > companies, and here I am referring to the local companies, is that you > cannot deal with somebody else if you happen to disagree with them or > find them untrustworthy. The phone companies have us in a situation > where we must believe what they say. If we don't believe them, we > cannot go elsewhere. > > This is the frustration that the hacker community constantly > faces. We face it especially because we are able to understand when > the local phone companies take advantage of consumers. Here are a few > examples: > > Charging a fee for touch tone service. This is a misnomer. It > actually takes extra effort to tell the computer to ignore the tones > that you produce. Everybody already has touch tone capability but we > are forced to pay the phone company not to block it. While $1.50 a > month may not seem like much, when added together the local companies > that still engage in this practice are making millions of dollars a > year for absolutely nothing. Why do they get away with it? Because too > many of us don't understand how the phone system works. I try to draw > an analogy in this particular case - imagine if the phone company > decided that a fee would be charged to those customers who wanted to > use the number five when dialing. They could argue that the five takes > more energy than the four but most of us would see through this flimsy > logic. We must seek out other such dubious practices and not blindly > accept what we are told. > > Other examples abound: being charged extra not to have your name > listed in the telephone directory, a monthly maintenance charge if you > select your own telephone number, the fact that calling information to > get a number now costs more than calling the number itself. > > More recently, we have become acquainted with a new standard > called Signalling System Seven or SS7. Through this system it is > possible for telephones to have all kinds of new features: Caller ID, > Return Call, Repeat Calling to get through a busy signal, and more. > But again, we are having the wool pulled over our eyes. For instance, > if you take advantage of Call Return in New York (which will call the > last person who dialed your number), you are charged 75 cents on top > of the cost of the call itself. Obviously, there is a cost involved > when new technologies are introduced. But there is no additional > equipment, manpower, or time consumed when you dial *69 to return a > call. It's a permanent part of the system. As a comparison, we could > say that it also costs money to install a hold button. Imagine how we > would feel if we were charged a fee every time we used it. > > The local companies are not the only offenders but it is > particularly bad in their case because, for the vast majority of > Americans, there is no competition on this level. The same complaints > are being voiced concerning cable television companies. > > Long distance telephone companies are also guilty. AT&T, MCI, and > Sprint all encourage the use of calling cards. Yet each imposes a > formidable surcharge each and every time they're used. AT&T, for > example, charges 13 cents for the first minute of a nighttime call > from Washington DC to New York plus an 80 cent surcharge. Since a > calling card can only be used to make telephone calls, why are > consumers expected to pay an extra fee as if they were doing something > above and beyond the normal capability of the card? Again, there is no > extra work necessary to complete a calling card call - at least not on > the phone company's part. The consumer, on the other hand, must enter > up to 25 additional digits. But billing is accomplished merely by > computers sending data to each other. Gone are the days of tickets > being written up by hand and verified by human beings. Everything is > accomplished quickly, efficiently, and cheaply by computer. Therefore, > these extra charges are outdated. > > SOCIAL INJUSTICES OF TECHNOLOGY > > The way in which we have allowed public telephones to be operated > is particularly unfair to those who are economically disadvantaged. A > one minute call to Washington DC can cost as little as 12 cents from > the comfort of your own home. However, if you don't happen to have a > phone, or if you don't happen to have a home, that same one minute > call will cost you $2.20. That figure is the cheapest rate there is > from a Bell operated payphone. With whatever kind of logic was used to > set these prices, the results are clear. We have made it harder and > more expensive for the poor among us to gain access to the telephone > network. Surely this is not something we can be proud of. > > A direct result of this inequity is the prevalence of red boxes. > Red boxes are nothing more than tone generators that transmit a quick > burst of five tones which convince the central office that a quarter > has been deposited. It's very easy and almost totally undetectable. > It's also been going on for decades. Neither the local nor long > distance companies have expended much effort towards stopping red > boxes, which gives the impression that the payphone profits are still > lucrative, even with this abuse. But even more troubling is the > message this is sending. Think of it. For a poor and homeless person > to gain access to something that would cost the rest of us 12 cents, > they must commit a crime and steal $2.20. This is not equal access. > > CORPORATE RULES > > Hackers and phone phreaks, as some of us are called, are very > aware of these facts. We learn by asking lots of questions. We learn > by going to libraries and doing research. We learn by diving into > phone company trash dumpsters, reading discarded material, and doing > more research. But who will listen to people like us who have been > frequently characterized as criminals? I am particularly grateful that > this committee has chosen to hear us. What is very important to us is > open communications. Freedom of information. An educated public. > > This puts us at direct odds with many organizations, who believe > that everything they do is "proprietary" and that the public has no > right to know how the public networks work. In July of 1992 we were > threatened with legal action by Bellcore (the research arm of the > Regional Bell Operating Companies) for revealing security weaknesses > inherent in Busy Line Verification (BLV) trunks. The information had > been leaked to us and we did not feel compelled to join Bellcore's > conspiracy of silence. In April of this year, we were threatened with > legal action by AT&T for printing proprietary information of theirs. > The information in question was a partial list of the addresses of > AT&T offices. It's very hard for us to imagine how such information > could be considered secret. But these actions are not surprising. They > only serve to illustrate the wide disparities between the corporate > mindset and that of the individual. It is essential that the hundreds > of millions of Americans who will be affected by today's > all-encompassing inventions not be forced to play by corporate rules. > > In 1990 a magazine similar to 2600 was closed down by the United > States government because Bell South said they printed proprietary > information. Most people never found out about this because Phrack > Magazine was electronic, i.e., only available on computer bulletin > boards and networks. This in itself is wrong; a publication must have > the same First Amendment rights regardless of whether it is printed > electronically or on paper. As more online journals appear, this basic > tenet will become increasingly critical to our nation's future as a > democracy. Apart from this matter, we must look at what Bell South > claimed - that a document discussing the Enhanced 911 system which was > worth $79,449 had been "stolen" and printed by Phrack. (Some newspaper > accounts even managed to change it into an E911 program which gave the > appearance that hackers were actually interfering with the operation > of an E911 system and putting lives at risk. In reality there has > never been a report of a hacker gaining access to such a system.) It > was not until after the publisher of Phrack was forced to go to trial > that the real value of the document was revealed. Anyone could get a > copy for around $14. The government promptly dropped its case against > the publisher who, to this day, is still paying back $100,000 in legal > fees. As further evidence of the inquity between individual justice > and corporate justice, Bell South was never charged with fraud for its > claim that a $14 document was worth nearly $80,000. Their logic, as > explained in a memo to then Assistant U.S. Attorney Bill Cook, was > that the full salaries of everyone who helped write the document, as > well as the full cost of all hardware and software used in the > endeavor ($31,000 for a Vaxstation II, $6,000 for a printer), was > perfectly acceptable. It is very disturbing that the United States > government agreed with this assessment and moved to put a pre-law > student behind bars for violating corporate rules. > > MISGUIDED AUTHORITY > > I wish I could stand before this committee and say that we have > been successful in stopping all such miscarriages of justice. While > the Phrack case may have been the most bizarre, there are many more > instances of individuals being victimized in similar manners. A > teenager in Chicago was jailed for a year for copying a file that was > worth millions, according to AT&T, but was utterly worthless and > unusable to a kid. A bulletin board operator in California, along with > his entire family, was held at gunpoint for hours while authorities > seized his equipment in an unsuccessful attempt to find child > pornography. Three hackers in Atlanta, after being imprisoned up to a > year for dialing into a Bell South computer system that had no > password, were forced to pay $233,000 in restitution so the company > could install a password system. More recently, a student at the > University of Texas at Houston was suspended from school for a year > because he accessed a file that merely listed the users of the system > (a file which the system allows all users to access). In increasing > numbers, young people are being sent to jail, not necessarily for > something they did, but rather for something they could have done in a > worst-case scenario. Again this indicates fear and misunderstanding of > technology and its applications. But this time those feelings emanate > from those in authority. > > Locally, an ominous happening occurred at a 2600 monthly meeting > last November. (These meetings occur in public areas in cities > throughout the nation on the first Friday of every month.) Shortly > after it began, the Washington meeting was broken up by Pentagon City > Mall security guards. Without any provocation, people were forced to > submit to searches and everybody's name was taken down. One of the > attendees who was writing down an officer's name had the paper ripped > from his hand, another had his film taken from his camera as he tried > to document what was going on. Upon questioning by a reporter from > Communications Daily, the mall security chief claimed that he was > acting under orders from the United States Secret Service. Subsequent > Freedom of Information Act requests by Computer Professionals for > Social Responsibility have yielded more evidence implicating the > Secret Service in this illegal and unwarranted action. Nothing of a > criminal nature was ever found in any of the bags that were searched. > But a full list of the attendees wound up in the possession of the > Secret Service. It seems ironic that while hackers are conducting an > open gathering in the middle of a shopping mall in order to share > knowledge and welcome new people, agents of the Secret Service are > lurking in the shadows trying to figure out ways to stop them. > > How can we move forward and talk about exciting new applications > of technology when we're off to such a bad start? The people that are > being arrested, harassed, and intimidated are the people who will be > designing and running these new systems. They are the ones who will > appreciate their capabilities and understand their weaknesses. Through > our short-sightedness and eagerness to listen to the loudest voices, > we are alienating the promises of the future. How many here, who grew > up in decades past, remember hearing teenagers talk of how the > government is after them, watching their every move, listening to > their phone calls, doing everything one might expect in a totalitarian > regime. Such feelings are the sure sign of an ailing society. It does > not matter if these things are not actually occurring - their mere > perception is enough to cause lasting harm and mistrust. > > PROMISE OF THE INTERNET > > The future holds such enormous potential. It is vital that we not > succumb to our fears and allow our democratic ideals and privacy > values to be shattered. In many ways, the world of cyberspace is more > real than the real world itself. I say this because it is only within > the virtual world that people are really free to be themselves - to > speak without fear of reprisal, to be anonymous if they so choose, to > participate in a dialogue where one is judged by the merits of their > words, not the color of their skin or the timbre of their voice. > Contrast this to our existing "real" world where we often have people > sized up before they even utter a word. The Internet has evolved, on > its own volition, to become a true bastion of worldwide democracy. It > is the obligation of this committee, and of governments throughout the > world, not to stand in its way. > > This does not mean we should stand back and do nothing. Quite > the contrary, there is much we have to do if accessibility and > equality are our goals. Over-regulation and commercialization are two > ways to quickly kill these goals. A way to realize them is to have a > network access point in every house. Currently, network access is > restricted to students or professors at participating schools, > scientists, commercial establishments, and those who have access to, > and can afford, local services that link into the Internet. Yes, a lot > of people have access today. But a far greater number do not and it > is to these people that we must speak. The bigger the Internet gets, > the better it gets. As it exists today, cultures from around the globe > are represented; information of all kinds is exchanged. People are > writing, reading, thinking. It's potentially the greatest educational > tool we have. Therefore, it is essential that we not allow it to > become a commodity that only certain people in society will be able to > afford. With today's technology, we face the danger of widening the > gap between the haves and the have-nots to a monumental level. Or we > can open the door and discover that people really do have a lot to > learn from each other, given the opportunity. > > It is my hope that this committee will recognize the importance > of dialogue with the American public, in order to answer the questions > so many are asking and to address the concerns that have been > overlooked. I thank you for this opportunity to express those issues > that I feel relevant to this hearing. > > ------------------------------ > > Date: Sat, 12 Jun 1993 12:30:38 EST > From: Dave Banisar > Subject: File 2--CPSR Clipper Testimony (6-9-93) in House Subcommittee > > CPSR Clipper Testimony 6/9 > > On June 9, 1993, Congressman Edward Markey, Chairman of the > House Subcommittee on Telecommunications and Finance held an > oversight hearing on Rencryption and telecommunications network > security. Panelists were Whitfield Diffie of Sun Microsystems, Dr. > Dorothy Denning, Steven Bryen of Secure Communications, Marc > Rotenberg of the CPSR Washington Office and E.R. Kerkeslager of AT&T. > > Congressman Markey, after hearing the testimony presented, > noted that the Clipper proposal had raised an arched eyebrow among > the whole committeeS and that the committee viewed the proposal > skeptically. This statement was the latest indication that the Clipper > proposal has not been well received by policy makers. Last Friday, > the Computer Systems Security and Privacy Advisory Board of NIST > issued two resolutions critical of the encryption plan, suggesting > that further study was required and that implementation of the plan > should be delayed until the review is completed. > > At the Third CPSR Cryptography and Privacy Conference on > Monday, June 7, the Acting Director of NIST, Raymond Kammer, announced > that the implementation of the proposal will be delayed and that a > more comprehensive review will be undertaken. The review is due in > the fall. Kammer told the Washington Post that Rmaybe we wonUt > continue in the direction we started ous. > > +------------------------------------------------- > > Prepared Testimony > and > Statement for the Record > of > Marc Rotenberg, director > CPSR Washington Office > on > Encryption Technology and Policy > Before > The Subcommittee on Telecommunications and Finance. > Committee on Energy and Commerce > > U.S. House of Representatives > June 9, 1993 > > SUMMARY > > The cryptography issue is of particular concern to CPSR. > During the past several years CPSR has pursued an extensive study of > cryptography policy in the United States. CPSR has organized public > conferences, conducted litigation under the Freedom of Information Act, > and has emphasized the importance of cryptography for privacy > protection and the need to scrutinize carefully government proposals > designed to limit the use of this technology. > To evaluate the Clipper proposal it is necessary to look at a > 1987 law, the Computer Security Act, which made clear that in the area > of unclassified computing systems, the National Institute of Standards > and Technology (NIST) and not the National Security Agency (NSA), would > be responsible for the development of technical standards. The Act > emphasized public accountability and stressed open decision-making. > In the spirit of the Act, in 1989 NIST set out to develop a > public key cryptography standard. According to documents obtained by > CPSR through the Freedom of Information Act, NIST recommended that the > algorithm be "public, unclassified, implementable in both hardware or > software, usable by federal Agencies and U.S. based multi-national > corporation." However, the Clipper proposal and the full-blown Capstone > configuration that resulted is very different: the Clipper algorithm, > Skipjack, is classified; public access to the reasons underlying the > proposal is restricted; Skipjack can be implemented only in > tamper-proof hardware; it is unlikely to be used by multi-national > corporations, and the security of Clipper remains unproven. > The Clipper proposal undermines the central purpose of the > Computer Security Act. Although intended for broad use in commercial > networks, it was not developed at the request of either U.S. business > or the general public. It does not reflect public goals. > The premise of the Clipper key escrow arrangement is that the > government must have the ability to intercept electronic > communications. However, there is no legal basis to support this > premise. In law there is nothing inherently illegal or suspect about > the use of a telephone. The federal wiretap statute says only that > communication service providers must assist law enforcement execute a > lawful warrant. > CPSR supports the review of cryptography policy currently > underway at the Department of Commerce. CPSR also supports the efforts > undertaken by the Subcommittee on Telecommunications and Finance to > study the full ramifications of the Clipper proposal. However, we are > not pleased about the review now being undertaken at the White House. > That effort has led to a series of secret meetings, has asked that > scientists sign non-disclosure agreements and accept restrictions on > publication, and has attempted to resolve public concerns through > private channels. This is not a good process for the evaluation of a > technology that is proposed for the public switched network. > Even if the issues regarding Clipper are resolved favorably, > privacy concerns will not go away. Rules still need to be developed > about the collection and use of transactional data generated by > computer communications. Several specific steps should be taken. > First, the FCC should be given a broad mandate to pursue privacy > concerns. Second, current gaps in the communications law should be > filled. The protection of transactional records is particularly > important. Third, telecommunications companies should be encouraged to > explore innovative ways to protect privacy. "Telephone cards", widely > available in other countries, are an ideal way to protect privacy. > > > TESTIMONY > > Mr. Chairman, members of the Subcommittee, thank you for the > opportunity to testify today on encryption policy and the Clipper > proposal. I especially wish to thank you Congressman Markey, on behalf > of CPSR, for your ongoing efforts on the privacy front as well as your > work to promote public access to electronic information. > The cryptography issue is of particular concern to CPSR. > During the past several years we have pursued an extensive study of > cryptography policy in the United States. We have organized several > public conferences, conducted litigation under the Freedom of > Information Act, and appeared on a number of panels to discuss the > importance of cryptography for privacy protection and the need to > scrutinize carefully government proposals designed to limit the use of > this technology. > While we do not represent any particular computer company or > trade association we do speak for a great many people in the computer > profession who value privacy and are concerned about the government's > Clipper initiative. > Today I will briefly summarize our assessment of the Clipper > proposal. Then I would like to say a few words about the current > status of privacy protection. > > CLIPPER > To put the Clipper proposal in a policy context, I will need to > briefly to describe a law passed in 1987 intended to address the roles > of the Department of Commerce and the Department of Defense in the > development of technical standards. The Computer Security Act of 1987 > was enacted to improve computer security in the federal government, to > clarify the responsibilities of the National Institute of Standards and > Technology (NIST) and the National Security Agency, and to ensure that > technical standards would serve civilian and commercial needs. > The law made clear that in the area of unclassified computing > systems, NIST and not NSA, would be responsible for the development of > technical standards. It emphasized public accountability and stressed > open decision-making. The Computer Security Act also established the > Computer System Security and Privacy Advisory Board (CSSPAB), charged > with reviewing the activities of NIST and ensuring that the mandate of > the law was enforced. > The Computer Security Act grew out of a concern that classified > standards and secret meetings would not serve the interests of the > general public. As the practical applications for cryptography have > moved from the military and intelligence arenas to the commercial > sphere, this point has become clear. There is also clearly a conflict > of interest when an agency tasked with signal interception is also > given authority to develop standards for network security. > In the spirit of the Computer Security Act, NIST set out in > 1989 to develop a public key standard FIPS (Federal Information > Processing Standard). In a memo dated May 5, 1989, obtained by CPSR > through the Freedom of Information Act, NIST said that it planned: > > to develop the necessary public-key based security standards. We > require a public-key algorithm for calculating digital signatures and > we also require a public-key algorithm for distributing secret keys. > > NIST then went on to define the requirements of the standard: > > The algorithms that we use must be public, unclassified, implementable > in both hardware or software, usable by federal Agencies and U.S. based > multi-national corporation, and must provide a level of security > sufficient for the protection of unclassified, sensitive information > and commercial propriety and/or valuable information. > > The Clipper proposal and the full-blown Capstone configuration, > which incorporates the key management function NIST set out to develop > in 1989, is very different from the one originally conceived by NIST. > > % The Clipper algorithm, Skipjack, is classified, > % Public access to the reasons underlying the proposal is > restricted, > % Skipjack can be implemented only in tamper-proof hardware, > % It is Unlikely to be used by multi-national corporations, and > % The security of Clipper remains unproven. > > The Clipper proposal undermines the central purpose of the > Computer Security Act. Although intended for broad use in commercial > networks, it was not developed at the request of either U.S. business > or the general public. It does not reflect public goals. Rather it > reflects the interests of one secret agency with the authority to > conduct foreign signal intelligence and another government agency > responsible for law enforcement investigations. > Documents obtained by CPSR through the Freedom of Information > Act indicate that the National Security Agency dominated the meetings > of the joint NIST/NSA Technical Working group which made > recommendations to NIST regarding public key cryptography, and that a > related technical standard for message authentication, the Digital > Signature Standard, clearly reflected the interests of the NSA. > We are still trying to determine the precise role of the NSA in > the development of the Clipper proposal. We would be pleased to > provide to the Subcommittee whatever materials we obtain. > > LEGAL AND POLICY ISSUES > There are also several legal and constitutional issues raised > by the government's key escrow proposal. The premise of the Clipper > key escrow arrangement is that the government must have the ability to > intercept electronic communications, regardless of the economic or > societal costs. The FBI's Digital Telephony proposal, and the earlier > Senate bill 266, were based on the same assumption. > There are a number of arguments made in defense of this > position: that privacy rights and law enforcement needs must be > balanced, or that the government will be unable to conduct criminal > investigations without this capability. > Regardless of how one views these various claims, there is one > point about the law that should be made very clear: currently there is > no legal basis -- in statute, the Constitution or anywhere else -- > that supports the premise which underlies the Clipper proposal. As the > law currently stands, surveillance is not a design goal. General > Motors would have a stronger legal basis for building cars that could > go no faster than 65 miles per hour than AT&T does in marketing a > commercial telephone that has a built-in wiretap capability. In law > there is simply nothing about the use of a telephone that is inherently > illegal or suspect. > The federal wiretap statute says only that communication > service providers must assist law enforcement in the execution of a > lawful warrant. It does not say that anyone is obligated to design > systems to facilitate future wire surveillance. That distinction is > the difference between countries that restrict wire surveillance to > narrow circumstances defined in law and those that treat all users of > the telephone network as potential criminals. U.S. law takes the first > approach. Countries such as the former East Germany took the second > approach. The use of the phone system by citizens was considered > inherently suspect and for that reason more than 10,000 people were > employed by the East German government to listen in on telephone calls. > It is precisely because the wiretap statute does not contain > the obligation to incorporate surveillance capability -- the design > premise of the Clipper proposal -- that the Federal Bureau of > Investigation introduced the Digital Telephony legislation. But that > legislation has not moved forward and the law has remained unchanged. > The Clipper proposal attempts to accomplish through the > standard-setting and procurement process what the Congress has been > unwilling to do through the legislative process. > On legal grounds, adopting the Clipper would be a mistake. > There is an important policy goal underlying the wiretap law. The > Fourth Amendment and the federal wiretap statute do not so much balance > competing interests as they erect barriers against government excess > and define the proper scope of criminal investigation. The purpose of > the federal wiretap law is to restrict the government, it is not to > coerce the public. > Therefore, if the government endorses the Clipper proposal, it > will undermine the basic philosophy of the federal wiretap law and the > fundamental values embodied in the Constitution. It will establish a > technical mechanism for signal interception based on a premise that has > no legal foundation. The assumption underlying the Clipper proposal is > more compatible with the practice of telephone surveillance in the > former East Germany than it is with the narrowly limited circumstances > that wire surveillance has been allowed in the United States. > > UNANSWERED QUESTIONS > There are a number of other legal issues that have not been > adequately considered by the proponents of the key escrow arrangement > that the Subcommittee should examine. First, not all lawful wiretaps > follow a normal warrant process. The proponents of Clipper should make > clear how emergency wiretaps will be conducted before the proposal goes > forward. Second, there may be civil liability issues for the escrow > agents, if they are private parties, if there is abuse or compromise of > the keys. Third, there is a Fifth Amendment dimension to the proposed > escrow key arrangement if a network user is compelled to disclose his > or her key to the government in order to access a communications > network. Each one of these issues should be examined carefully. > > > CPSR CONFERENCE > At a conference organized by CPSR this week at the Carnegie > Endowment for International Peace we heard presentations from staff > members at NIST, FBI, NSA and the White House about the Clipper > proposal. The participants at the meeting had the opportunity to ask > questions and to exchange views. > Certain points now seem clear: > > % The Clipper proposal was not developed in response to any > perceived public or business need. It was developed solely to address > a law enforcement concern. > % Wire surveillance remains a small part of law enforcement > investigations. The number of arrests resulting from wiretaps has > remained essentially unchanged since the federal wiretap law was enacted > in 1968. > % The potential risks of the Clipper proposal have not been > assessed and many questions about the implementation remain unanswered. > % Clipper does not appear to have the support of the business or > research community. > > Many comments on the Clipper proposal, both positive and > negative as well the materials obtained by CPSR through the Freedom of > Information Act, are contained in the Source book compiled by CPSR for > the recent conference. I am please to make a copy of this available to > the Subcommittee. > > > NETWORK PRIVACY PROTECTION > Communications privacy remains a critical test for network > development. Networks that do not provide a high degree of privacy are > clearly less useful to network users. Given the choice between a > cryptography product without a key escrow and one with a key escrow, it > would be difficult to find a user who would prefer the key escrow > requirement. If this proposal does go forward, it will not be because > network users or commercial service providers favored it. > Even if the issues regarding the Clipper are resolved > favorably, privacy concerns will not go away. Cryptography is a part > of communications privacy, but it is only a small part. Rules still > need to be developed about the collection and use of transactional data > generated by computer communications. While the federal wiretap law > generally does a very good job of protecting the content of > communications against interception by government agencies, large holes > still remain. The extensive use of subpoenas by the government to > obtain toll records and the sale of telephone records by private > companies are just two examples of gaps in current law. > The enforcement of privacy laws is also a particularly serious > concern in the United States. Good laws without clear mechanisms for > enforcement raise over-arching questions about the adequacy of legal > protections in this country. This problem is known to those who have > followed developments with the Privacy Act since passage in 1974 and > the more recent Video Privacy and Protection Act of 1988. I make this > point because it has been the experience in other countries that > agencies charged with the responsibility for privacy protection can be > effective advocates for the public in the protection of personal > privacy. > > RECOMMENDATIONS > Regarding the Clipper proposal, we believe that the national > review currently underway by the Computer Security and Privacy Advisory > Board at the Department of Commerce will be extremely useful and we > look forward to the results of that effort. The Panel has already > conducted a series of important open hearings and compiled useful > materials on Clipper and cryptography policy for public review. > We are also pleased that the Subcommittee on Telecommunications > and Finance has undertaken this hearing. This Subcommittee can play a > particularly important role in the resolution of these issues. We also > appreciate the Chairman's efforts to ensure that the proper studies are > undertaken, that the General Accounting Office fully explores these > issues, and that the Secretary of Commerce carefully assesses the > potential impact of the Clipper proposal on export policy. > We are, however, less pleased about the White House study > currently underway. That effort, organized in large part by the > National Security Council, has led to a series of secret meetings, has > asked that scientists sign non-disclosure agreements and accept > restrictions on publication, and has attempted to resolve public > concerns through private channels. This is not a good process for the > evaluation of a technology that is proposed for the public switched > network. While we acknowledge that the White House has been reasonably > forthcoming in explaining the current state of affairs, we do not think > that this process is a good one. > For these reasons, we believe that the White House should > properly defer to the recommendations of the Computer System Security > and Privacy Advisory Board and the Subcommittee on Telecommunications > and Finance. We hope that no further steps in support of the Clipper > initiative will be taken. We specifically recommend that no further > purchase of Clipper chips be approved. > Speaking more generally, we believe that a number of steps > could be taken to ensure that future communications initiatives could > properly be viewed as a boost to privacy and not a set-back. > > % The FCC must be given a strong mandate to pursue privacy > concerns. There should be an office specifically established to > examine privacy issues and to prepare reports. Similar efforts in > other countries have been enormously successful. The Japanese Ministry > of Post and Telecommunications developed a set of privacy principles to > ensure continued trade with Europe. The Canada Ministry of > Communications developed a set of communications principles to address > public concerns about the privacy of cellular communications. In > Europe, the EC put forward an important directive on privacy protection > for the development of new network services. > > % Current gaps in the communications law should be filled. The > protection of transactional records is particularly important. > Legislation is needed to limit law enforcement access to toll record > information and to restrict the sale of data generated by the use of > telecommunication services. As the network becomes digital, the > transaction records associated with a particular communication may > become more valuable than the content of the communication itself. > > % Telecommunications companies should be encouraged to explore > innovative ways to protect privacy. Cryptography is a particular > method to seal electronic communications, but far more important for > routine communications could be anonymous telephone cards, similar to > the metro cards here in the District of Columbia, that allow consumers > to purchase services without establishing accounts, transferring > personal data, or recording personal activities. Such cards are widely > available in Europe, Japan, and Australia. > > I thank you very much for the opportunity to appear before the > Subcommittee and would be pleased to answer your questions Computer > Professionals for Social Responsibility > > CPSR is a national membership organization, established in > 1982, to address the social impact of computer technology. There are > 2,500 members in 20 chapters across the United States, and offices in > Palo Alto, California, Cambridge, Massachusetts, and Washington DC. The > organization is governed by a board of elected officers and meetings > are open to the public. CPSR sponsors an annual meeting and the > biennial conference on Directions and Implications of Advanced > Computing. CPSR sponsored the first conference on Computers, Freedom, > and Privacy in 1991. CPSR also operates the Internet Library at > cpsr.org. The library contains documents from the White House on > technology policy and a wide range of public laws covering privacy, > access to information, and communications law and is available free of > charge to all users of the Internet. > > Marc Rotenberg is the director of the CPSR Washington office > and an adjunct professor at Georgetown University Law Center. He is > chairman of the ACM Committee on Scientific Freedom and Human Rights, > an editor for the Computer Law and Security Report (London), and the > secretary of Privacy International, an organization of human rights > advocates and privacy scholars in forty countries. He received an A.B. > from Harvard College and a J.D. from Stanford Law School, and is a > member of the bar of the United States Supreme Court. His forthcoming > article "Communications Privacy: Implications for Network Design" will > appear in the August 1993 issue of Communications o0f the ACM. > > ------------------------------ > > End of Computer Underground Digest #5.43 > ************************************ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jet@nas.nasa.gov (J. Eric Townsend) Date: Mon, 14 Jun 93 09:06:44 PDT To: Eric Hughes Subject: request for patent info In-Reply-To: <9306141432.AA05436@soda.berkeley.edu> Message-ID: <9306141606.AA01411@boxer.nas.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain Eric Hughes writes: > As much as we need this, we also need the actual text of the patents. > What a patent actually covers is often much narrower than what is > claimed. Anyone near a federal patent repository can easily get this information. Walk in, find the patent by number, have the nice attendant print it out on a crappy photostat machine, pay in cash, leave. No written record! Rice U. has a nice staff. (I don't know where the west coast ones are.) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: m5@vail.tivoli.com (Mike McNally) Date: Mon, 14 Jun 93 07:15:49 PDT To: cypherpunks@toad.com Subject: DH for email (re: email protection and privacy) Message-ID: <9306141414.AA07349@vail.tivoli.com> MIME-Version: 1.0 Content-Type: text/plain In light of a conversation (not a private conversation; it was at an EFF-Austin gathering) with Mike Godwin in which he stated that the court has ample precedent to cite you for contempt upon refusal to produce encryption keys, I think it's clear that no decypherable encryption scheme is really adequate to protect private materials during a legal investigation. Similarly, I suspect that a scheme to protect information by automatic destruction or obfuscation (as a friend described it, "digital flash paper") would be considered illegal obstruction of justice. Therefore, were I to be in possession of information that for political or business reasons I strongly required absolute privacy, I would resort to physical security as the closest thing to a sure-fire solution. Back things up onto high-density tape, and keep the tapes (*and* the tape drive, lest its presence be taken as prima facie evidence of the existance of off-line "evidence") in some secure place. - -- Mike McNally From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Chael Hall) Date: Mon, 14 Jun 93 07:29:43 PDT To: cypherpunks@toad.com Subject: REMAIL/ANON/PGP: System becoming available Message-ID: <9306141432.AA08208@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain Cypherpunks, I realize that I have been completely quiet on the list for a few months... Sorry about that, but I have been away from the University. Right now I am working in Indianapolis and telnetting from IUPUI up to BSU. Anyway, to the heart of the matter... I have gotten permission from one of the "good guys" at BSU to put my 486dx/33 with 386BSD in his office (secure) and get it on the Ethernet. I will probably run my anonymous remailer on there (the current one will stay in business) where it is safer. In addition, I want to run a pseudonymous service like anon.penet.fi. I have written some software in C that does it, but does not quite support PGP yet (it's not as easy as I would like to have believed before starting the project). It will give you an ID and will restrict mail from and to certain addresses/sites. It also puts a standard header into the message and has features to add header lines and footers to the messages automatically. The system will sit idle (aside from mail) most of the time, so I have no problem using PGP and being an encryption drop-point. I am about to start a rewrite of my remailer pretty soon because it needs some help. Anyway, I will send you all the IP address and host name of my computer when it's online. This could get exciting... I have a guest account on there where you can request an account, but I can't afford to give out too many accounts. Of course, I would much rather cypherpunks have accounts than a bunch of sniveling netbrats. Anyway, gotta run. Incidentally, I have about 3 MB of backed up mail here. It's only since the second week of May! Chael Hall -- Chael Hall nowhere@bsu-cs.bsu.edu, 00CCHALL@BSUVC.BSU.EDU, chall@bsu.edu chall@phantom.bsu.edu, nowhere@chaos.bsu.edu [not online yet] (317) 776-4000 from 8 am - 5 pm CST From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Mon, 14 Jun 93 10:03:55 PDT To: jet@nas.nasa.gov (J. Eric Townsend) Subject: Re: request for patent info In-Reply-To: <9306141606.AA01411@boxer.nas.nasa.gov> Message-ID: <9306141704.AA24572@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain J. Eric Townsend writes: > Anyone near a federal patent repository can easily get this > information. Walk in, find the patent by number, have the nice > attendant print it out on a crappy photostat machine, pay in cash, > leave. No written record! Rice U. has a nice staff. (I don't know > where the west coast ones are.) Sunnyvale, CA. Near the public library off Mathilda Ave. -Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mike Godwin Date: Mon, 14 Jun 93 07:42:19 PDT To: dporter@well.sf.ca.us (Doug Porter) Subject: Re: PKP In-Reply-To: <93Jun13.123601pdt.13888-1@well.sf.ca.us> Message-ID: <199306141442.AA00948@eff.org> MIME-Version: 1.0 Content-Type: text/plain > We need info from someone who knows. Mike, are you listening, and are you > familiar with antitrust law? Doug, I am listening, but antitrust is not my area. Many of the developers and businessfolk on this list have a clearer knowledge of antitrust law than I. You are right, of course, that "patents are intended to convey a sharply limited monopoly." --Mike From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peb@PROCASE.COM Date: Mon, 14 Jun 93 11:08:25 PDT To: marc@GZA.COM Subject: Re: DH for email (re: email protection and privacy) Message-ID: <9306141807.AA21784@banff.procase.com> MIME-Version: 1.0 Content-Type: text/plain >Case 4: "I forgot." This one seems to work for U.S. presidents. Paul E. Baclace peb@procase.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peb@PROCASE.COM Date: Mon, 14 Jun 93 11:15:13 PDT To: mlshew@dixie.com Subject: Re: Rude CryptoStacker Suggestion Message-ID: <9306141813.AA21788@banff.procase.com> MIME-Version: 1.0 Content-Type: text/plain >have you made sure such code doesn't exist already? In case no one has mentioned this yet: There is a Norton Utility (not free, but fairly priced) that makes a crypto disk. I saw this last summer, but disregarded it since it use the amateur "secrecy through obscurity" method. Thus, the meme is out to some degree, but not strong enough. Paul E. Baclace peb@procase.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jet@nas.nasa.gov (J. Eric Townsend) Date: Mon, 14 Jun 93 11:15:19 PDT To: Marc Horowitz Subject: Re: DH for email (re: email protection and privacy) In-Reply-To: <9306141743.AA01676@dun-dun-noodles.aktis.com> Message-ID: <9306141815.AA01755@boxer.nas.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain Marc Horowitz writes: > Case 4: "I forgot." Can they do anything? "I don't recall" worked for Reagan, Bush, et al quite well. :-( From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: m5@vail.tivoli.com (Mike McNally) Date: Mon, 14 Jun 93 09:29:00 PDT To: Mike Godwin Subject: Re: DH for email (re: email protection and privacy) In-Reply-To: <199306141623.AA01688@eff.org> Message-ID: <9306141627.AA07743@vail.tivoli.com> MIME-Version: 1.0 Content-Type: text/plain Mike Godwin writes: > Note that a court could cite you for contempt for not complying > with a subpoena duces tecum (a subpoena requiring you to produce objects > or documents) if you fail to turn over subpoenaed backups. I understand this, but could I be cited for failure to produce evidence not known by the court to exist? (Clearly, I could be so cited if the evidence were ever discovered.) Is there a process that the court can use that says "hand over absolutely all artifacts pertinent to the case at hand known to *you*, whether such artifacts be known to the court or not." ? Or is it the case that failure on my part to offer up such evidence is inherently contemptuous? > To be honest, I don't think *any* security measure is adequate against a > government that's determined to overreach its authority and its citizens' > rights, but crypto comes close. I wholeheartedly agree; I'd of course encrypt my secret backups :-) Gee, now that I've publicized this great idea, I suppose it can never work for me. -- Mike McNally From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mike Godwin Date: Mon, 14 Jun 93 09:23:21 PDT To: m5@vail.tivoli.com (Mike McNally) Subject: Re: DH for email (re: email protection and privacy) In-Reply-To: <9306141414.AA07349@vail.tivoli.com> Message-ID: <199306141623.AA01688@eff.org> MIME-Version: 1.0 Content-Type: text/plain Mike McNally writes: > In light of a conversation (not a private conversation; it was at an > EFF-Austin gathering) with Mike Godwin in which he stated that the > court has ample precedent to cite you for contempt upon refusal to > produce encryption keys, I think it's clear that no decypherable > encryption scheme is really adequate to protect private materials > during a legal investigation. Similarly, I suspect that a scheme to > protect information by automatic destruction or obfuscation (as a > friend described it, "digital flash paper") would be considered > illegal obstruction of justice. > > Therefore, were I to be in possession of information that for > political or business reasons I strongly required absolute privacy, I > would resort to physical security as the closest thing to a sure-fire > solution. Back things up onto high-density tape, and keep the tapes > (*and* the tape drive, lest its presence be taken as prima facie > evidence of the existance of off-line "evidence") in some secure > place. Note that a court could cite you for contempt for not complying with a subpoena duces tecum (a subpoena requiring you to produce objects or documents) if you fail to turn over subpoenaed backups. To be honest, I don't think *any* security measure is adequate against a government that's determined to overreach its authority and its citizens' rights, but crypto comes close. --Mike From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Henry Strickland Date: Mon, 14 Jun 93 12:33:02 PDT To: cypherpunks@toad.com Subject: FORWARD: Burt Kaliski: Anderson's RSA Trapdoor Can Be Broken Message-ID: <9306141935.AA05358@versant.com> MIME-Version: 1.0 Content-Type: text/plain [nando] ------- Forwarded Message Date: Mon, 14 Jun 93 11:21:38 PDT From: burt@RSA.COM (Burt Kaliski) Message-Id: <9306141821.AA06771@RSA.COM> To: rsaref-users@RSA.COM, pem-dev@TIS.COM Subject: Anderson's RSA Trapdoor Can Be Broken Sender: pem-dev-relay@TIS.COM In a recent issue of Electronics Letters, Ross Anderson proposes a trapdoor in RSA whereby a hardware device generates special RSA keys that the device's manufacturer can break easily. The following note, just submitted to EL, shows that the special keys can be broken by anyone, not just the manufacturer. The trapdoor is ineffective. - -- Burt Kaliski RSA Laboratories - ---------------------------------------------------------------------- \documentstyle[12pt]{article} \newcommand{\mat}[2] {\left( \begin{array}{#1}#2 \end{array} \right)} \begin{document} \title{Anderson's RSA Trapdoor Can Be Broken} \author{Burton S. Kaliski Jr.\thanks{RSA Laboratories, 100 Marine Parkway, Redwood City, CA 94065. Email address: {\tt burt@rsa.com}.}} \date{June 11, 1993} \maketitle \begin{abstract} The RSA trapdoor proposed in Ross Anderson's recent letter can be broken. \end{abstract} \section{Introduction} A recent letter by Ross Anderson \cite{anderson-trapdoor} proposes a ``trapdoor'' in the RSA public-key cryptosystem \cite{rsa} whereby a hardware device generates RSA primes $p$ and $p'$ in such a way that the hardware manufacturer can easily factor the RSA modulus $n = pp'$. Factoring the modulus hopefully remains difficult for all other parties. The proposed trapdoor is based on a secret value $A$ known only to the manufacturer. For 256-bit RSA primes, the secret value $A$ is 200 bits long. The device generates primes $p$ of the form \begin{equation} \label{prime-form} p = rA + q = r(q,A)A + q, \end{equation} where $q$ is at most about 100 bits long, and $r$ is 56 bits long and a function of $A$ and $q$. To factor the RSA modulus $n = pp'$, the manufacturer reduces the modulus modulo $A$ to recover the product $qq'$, following the relationship \begin{equation} \label{modulus-form} n = pp' = rr'A^2 + (rq'+r'q)A + qq'. \end{equation} The 200-bit product $qq'$ is easily factored, and the manufacturer recovers the primes $p$ and $p'$ according to Equation \ref{prime-form}. \section{Breaking the trapdoor} While the trapdoor is indeed practical, it can be broken: Factoring such ``trapped'' moduli is easy. Let $n_0, \ldots, n_k$ be a set of such moduli, and let $r_0,r_0', \ldots, r_k,r_k'$ be the corresponding parameters from Equation \ref{modulus-form}. It is easy to show the following inequalities for the given parameter lengths: \begin{equation} \left\| r_0r_0' \frac{n_i}{n_0} - r_ir_i' \right\| \le 2^{-41}, \quad 1 \le i \le k. \end{equation} Such inequalities are called ``simultaneous Diophantine approximations,'' and they are classified as ``unusually good'' if the error term is less than $n_0^{-1/k}$ \cite{lagarias-approx}. For the given parameter lengths, this is so when $k$ is 13 or more. Given a set of moduli known to have such approximations, finding the approximations is straightforward. Following techniques for breaking knapsack cryptosystems (see \cite{brickell-survey}, \cite{lagarias-approx}, \cite{lll}), one finds a set of short vectors in the lattice generated by the basis \begin{equation} \mat{ccccc} {\lambda n_0 & 0 & 0 & \cdots & 0 \\ 0 & \lambda n_0 & 0 & \cdots & \vdots \\ \vdots & 0 & \ddots & 0 & \vdots \\ 0 & \cdots & 0 & \lambda n_0 & 0 \\ - -\lambda n_1 & -\lambda n_2 & \cdots & -\lambda n_k & 1}, \end{equation} where $\lambda$ is an integer near $n_0^{-1/k}$. In most cases, the short vector \begin{equation} \mat{ccccc}{\lambda(r_1r_1'n_0-r_0r_0'n_1) & \cdots & \lambda(r_kr_k'n_0-r_0r_0'n_k) & r_0r_0'} \end{equation} is a member of the set. The secret value $A$ follows from $r_0r_0'$, since, by Equation \ref{modulus-form}, the integer nearest to $n_0/(r_0r_0')$ is $A^2$. One way to overcome this attack is to assign a different secret value to each device, a precaution Anderson has suggested for another purpose. Then a user can only factor his or her own moduli. The user does not need 14 moduli to find $A$, however. Two prime factors $p$ and $p'$ suffice, since the fraction $r'/r$ is such a good approximation to the fraction $p'/p$ that it is guaranteed to be a convergent in the continued fraction expansion of $p'/p$. The user can therefore detect a trapdoor even if the device generates each modulus with a different secret value. \section{Conclusion} The manufacturer's only recourse, at least as far as the proposed trapdoor is concerned, is for the device to generate each modulus with a different secret value and to keep the prime factors secret. In such a situation, the manufacturer may as well preload the device with the primes and escrow copies---a practical ``trapdoor'' to which all cryptosystems, not just RSA, are vulnerable. \section{Acknowledgements} Matt Robshaw offered helpful comments and suggestions. I also thank God (Col. 3:17). \bibliographystyle{plain} \begin{thebibliography}{1} \bibitem{anderson-trapdoor} Ross Anderson. \newblock A practical {RSA} trapdoor. \newblock {\it Electronics Letters}, 29(11):995, 27 May 1993. \bibitem{brickell-survey} E.F. Brickell and A.M. Odlyzko. \newblock Cryptanalysis: {A} survey of recent results. \newblock {\it Proceedings of the IEEE}, 76:578--593, 1988. \bibitem{lagarias-approx} J.C. Lagarias. \newblock Knapsack public key cryptosystems and diophantine approximation. \newblock In D. Chaum, editor, {\it Advances in Cryptology: Proceedings of CRYPTO '83}, pages~3--23, Plenum Press, New York, 1984. \bibitem{lll} A.K. Lenstra, H.W. {Lenstra Jr.}, and L. Lovasz. \newblock Factoring polynomials with rational coefficients. \newblock {\it Math. Annalen}, 261:513--534, 1982. \bibitem{rsa} R.L. Rivest, A. Shamir, and L. Adleman. \newblock A method for obtaining digital signatures and public-key cryptosystems. \newblock {\it Communications of the ACM}, 21(2):120--126, February 1978. \end{thebibliography} \end{document} ------- End of Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mike Godwin Date: Mon, 14 Jun 93 10:06:44 PDT To: m5@vail.tivoli.com (Mike McNally) Subject: Re: DH for email (re: email protection and privacy) In-Reply-To: <9306141627.AA07743@vail.tivoli.com> Message-ID: <199306141706.AA02197@eff.org> MIME-Version: 1.0 Content-Type: text/plain Mike McNally writes: > I understand this, but could I be cited for failure to produce > evidence not known by the court to exist? Absolutely. And it looks very, very bad for you if the court later discovers that you were holding back. > Is there a process that > the court can use that says "hand over absolutely all artifacts > pertinent to the case at hand known to *you*, whether such artifacts > be known to the court or not." ? Yes. > Or is it the case that failure on my > part to offer up such evidence is inherently contemptuous? You're not required to go *beyond* what is specified in a subpoena. But the subpoena's specifications can be pretty broad. --Mike From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: m5@vail.tivoli.com (Mike McNally) Date: Mon, 14 Jun 93 11:22:57 PDT To: peb@PROCASE.COM Subject: Re: DH for email (re: email protection and privacy) In-Reply-To: <9306141807.AA21784@banff.procase.com> Message-ID: <9306141821.AA08042@vail.tivoli.com> MIME-Version: 1.0 Content-Type: text/plain peb@PROCASE.COM writes: > >Case 4: "I forgot." > > This one seems to work for U.S. presidents. My suspicion is (gee Mike, you're right! I *am* a lawyer!) that in such cases the court makes a judgement as to whether a particular claim of forgetfulness is credible. If the information in question is clearly critical to the life or livelihood of the person being subpoenaed (is there a legal term for "person being subpoenaed"?), the claim that the key has been forgotten is likely to be disbelieved. Of course, the court might say "Ok, gee, that's too bad. I guess it's OK then if we just hold these floppies under this head demagnetizer." -- Mike McNally From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Mon, 14 Jun 93 10:43:25 PDT To: Mike Godwin Subject: Re: DH for email (re: email protection and privacy) In-Reply-To: <199306141623.AA01688@eff.org> Message-ID: <9306141743.AA01676@dun-dun-noodles.aktis.com> MIME-Version: 1.0 Content-Type: text/plain >> Note that a court could cite you for contempt for not complying >> with a subpoena duces tecum (a subpoena requiring you to produce objects >> or documents) if you fail to turn over subpoenaed backups. This is gonna sounds weird, but.... Let's say I have a (paper) document which explains how I (for example) embezzled money from Megacorp, Inc. I presume that the Fifth Amendment means I cannot be forced to produce this document. Case 1: let's say that I have the same document on disk, in the clear. Can they force me to produce that? Case 2: They sieze a disk from an associate which has the document, but it's encrypted. Can they force me to produce the key? Mike, you claim that there is precedent which says that they can. I'm curious how the Fifth Amendment allows this. I've heard you say in the past that key escrow doesn't violate the 5th because you're not disclosing anything at the time. But if the government possesses an incriminating document, wouldn't forcing me to give them the key constitute self-incrimination? Case 3: I keep all my stuff encrypted, and enter the key from (say) a smartcard of some sort when I boot up. They seize my machine, and insist that I give them the key. I refuse, because the key is stored in a cleartext document, which incriminates me in some way. (Say the key is a hash of the document itself.) Since I'm sure there's no precedent for this, what are the legal implications of seizing this document? Case 4: "I forgot." Can they do anything? Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mike Godwin Date: Mon, 14 Jun 93 11:19:55 PDT To: marc@GZA.COM (Marc Horowitz) Subject: Re: DH for email (re: email protection and privacy) In-Reply-To: <9306141743.AA01676@dun-dun-noodles.aktis.com> Message-ID: <199306141820.AA03729@eff.org> MIME-Version: 1.0 Content-Type: text/plain Marc asks a bunch of legal questions: > This is gonna sounds weird, but.... > > Let's say I have a (paper) document which explains how I (for example) > embezzled money from Megacorp, Inc. I presume that the Fifth > Amendment means I cannot be forced to produce this document. Why presume this? Suppose the document doesn't directly incriminate you (it doesn't say "I did this crime," for example), but, taken together with other evidence the government has, does tend to incrimininate you. In some circuits, at least, production of that document can be compelled. (In others, there is a "last link" exception--the government can't compel evidence that would constitute the "last link" in proving the government's criminal case against you.) > Case 1: let's say that I have the same document on disk, in the clear. > Can they force me to produce that? Assume that the rules are the same for paper or electronic documents. > Case 2: They sieze a disk from an associate which has the document, > but it's encrypted. Can they force me to produce the key? This has never been decided, but I think that, in terms of the relevant legal precedents, they can. The rule is that you can be compelled to produce anything that is not, in itself, testimonial in nature and tending to incriminate you. An encryption key, *taken by itself*, normally doesn't tend to incriminate anyone--after all, it usually looks like gibberish. > Mike, you > claim that there is precedent which says that they can. I'm curious > how the Fifth Amendment allows this. See above. The Fifth Amendment bars compelled testimony. If what is being compelled is not testimonial in nature, it doesn't violate the Fifth. > I've heard you say in the past > that key escrow doesn't violate the 5th because you're not disclosing > anything at the time. More precisely, what I've said is that this is the argument the government would make. In spirit, I think it violates the Fifth Amendment. > But if the government possesses an > incriminating document, wouldn't forcing me to give them the key > constitute self-incrimination? Possibly, in a circuit that recognizes the "last link" rule. > Case 3: I keep all my stuff encrypted, and enter the key from (say) a > smartcard of some sort when I boot up. They seize my machine, and > insist that I give them the key. If you mean the smartcard itself, well, that can be compelled or seized. But I take it you mean the key information. > I refuse, because the key is stored > in a cleartext document, which incriminates me in some way. (Say the > key is a hash of the document itself.) There is an exception to the rule that nontestimonial stuff can be compelled, and it's called, loosely, "the production privilege"--when the very act of producing what is sought tends to incriminate you, (by showing your ownership, control, authorship, or something similar), compelled production may violate the Fifth Amendment. But your question is more on the order of "What if the key is (or is derived from) a document that says 'I did this crime'?" My answer is: "I don't know." But I should note that if you set up elaborate schemes to block a law enforcement investigation that you already know or have reason to believe is taking place, you may be creating risk of criminal liability for obstruction of justice. > Case 4: "I forgot." Can they do anything? Yes. They can conclude that you're lying and cite you for contempt or (if you say "I forgot" under oath) charge you with perjury. Remember, courts and judges *frequently* have to decide whether people are lying or not, and they could decide you're lying in this case. --Mike From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Brian.Hawthorne@East.Sun.COM (Brian Holt Hawthorne - SunSelect Engineering) Date: Mon, 14 Jun 93 18:57:45 PDT To: marc@GZA.COM Subject: Re: DH for email (re: email protection and privacy) Message-ID: <9306141918.AA26700@sea.East.Sun.COM> MIME-Version: 1.0 Content-Type: text/plain > Let's say I have a (paper) document which explains how I (for example) > embezzled money from Megacorp, Inc. I presume that the Fifth > Amendment means I cannot be forced to produce this document. Bad assumption. Written documents, even if written by you and even if it incriminates you, can be subpoenaed. I forget the case that set the precedent for this, but it had to do with someone's diary. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Tom Knight Date: Mon, 14 Jun 93 12:35:50 PDT To: jet@nas.nasa.gov Subject: Re: request for patent info In-Reply-To: <9306141704.AA24572@netcom3.netcom.com> Message-ID: <19930614193442.0.TK@ROCKY.AI.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain Full text of patents and claims are available (for a fee) from Dialog Information Systems on-line. Subscribers can access it in file 654. If there are particular patents that are important and that we need full text versions of quickly, I can oblige. Also extremely useful is the cross-indexing and forward references, so that you can find all patents, e.g., which reference a particular patent as prior art. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stanton McCandlish Date: Mon, 14 Jun 93 14:36:59 PDT To: sci-crypt@cs.utexas.edu Subject: NitV open again Message-ID: <9306142136.AA05402@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain Your PGP *utilities* source for the BBS side of things in back online again, though there still remain some hardware probs of nasty proportions. I have upped the online time for the ANONYMOUS, password GUEST, account so you can get the larger stuff. See .sig for info. Note that FREQing may not work after the next Fido nodelist comes out, but that will only be temporary. I have the latest PGPShell (2.1), plus some innovative Fido-tech networking crypto goodies. I'd likely UL them to soda, but I was told that if it doesn't come with source code don't bother. Slightly frustrating, but oh well that's not my site. Anyway, got lots of other such goodies too, for Unix, and about 6 other platforms, including various shell and Perl scripts, NeXT diffs, etc. Disclaimer: Due to legal threats from RSADSI/PKP, I am not able to provide PGP itself. Anyone know if it would be legal to provide it in "kit form" (source code)? -- When marriage is outlawed only outlaws will be inlaws! Stanton McCandlish, SysOp: Noise in the Void DataCenter Library BBS Internet anton@hydra.unm.edu IndraNet: 369:1/1 FidoNet: 1:301/2 Snail: 1811-B Coal Pl. SE, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stanton McCandlish Date: Mon, 14 Jun 93 14:58:09 PDT To: cypherpunks@toad.com Subject: funky wierdmail Message-ID: <9306142158.AA06863@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain Anyone got any idea why I keep getting mail like this? It appears to be a bounce of some sort. Dunno which list (if any) it is coming from, but many mailwizzes seem to be reading, so I am hoping no one will mind the bandwidth use... This is the WHOLE message, it's just header and no body. I get several of them per day, starting about 5 days ago. Quoth uucp@attmail.com, verily I saith unto thee: > From uucp@attmail.com Sun Jun 13 18:38:55 1993 > id ; Sun, 13 Jun 1993 18:38:53 -0600 > Message-Id: <9306140038.AA02312@hydra.unm.edu> > From: uucp@attmail.com > Date: 14 Jun 93 00:30:46 GMT > To: anton@hydra.unm.edu > Report-Version: 2 > Confirming-Mts-Message-Id: > Confirming-Ua-Content-Id: > Original-Date: Mon Jun 14 00:30:46 GMT 1993 > Not-Delivered-To: mhs!wu/O=duncan_frissell/DD.ELN=62896145 due to 05 Unavailable User Agent > Content-Type: text > > -- When marriage is outlawed only outlaws will be inlaws! Stanton McCandlish, SysOp: Noise in the Void DataCenter Library BBS Internet anton@hydra.unm.edu IndraNet: 369:1/1 FidoNet: 1:301/2 Snail: 1811-B Coal Pl. SE, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Duncan Frissell <76630.3577@CompuServe.COM> Date: Mon, 14 Jun 93 14:19:35 PDT To: Subject: Digital Cash$$$$ Message-ID: <930614200936_76630.3577_EHK40-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- L;>INTERNET:cypherpunks@toad.com;Digital Cash$$$$ (J. Michael Diehl) >>>1. How does one start a digital cash economy?<<< A digital cash economy doesn't have to be separate from the regular economy. 1.) You mail cash/MO to First Digital Bank of Cyberspace (at an offshore maildrop) together with a public (unique if you like) key and anonymous email address (on Julf's remailer perhaps). 2.) The Bank opens an account denominated in the (traded) currency of your choice or a commodity (gold). There is no reason not to use existing monies to back digital cash. 3.) You request digital banknotes and the bank emails them to you as detailed in David Chaum's Scientific American article. 4.) You find someone to accept the digital cash. Initially it can be used for gambling and telecoms/storage fees, eventually buying digital goods (software, print, audio, video, VR) will be easy. Remember, within a few years 100 million homes in OECD countries will have 1.5 megabit lines into them. This is a huge market for digital entertainment. 5.) After a bit of development when the First Digital Bank of Cyberspace cuts a deal with a physical offshore bank, it can issue VISA debit cards and ATM cards in a Nome de Guerre. This is already done for large depositors, the nets make it possible to do it for all. You can then access your account from any streetcorner in the OECD. Remember money market funds are pseudo banks these days with VISA cards and check writing and all. 6.) If you want to close your account, and you can't find any way to spend your money as digital cash, you can have funds wired to a regular bank account you maintain in a Nome de Guerre, have it wired via Western Union with a code phrase because you've 'lost' your ID (for small amounts), have it wired to an out-of- country bank in your truename and go pick it up in person, arrange a gold purchase from a dealer somewhere and have the funds sent to him by wire or draft and take physical delivery of the gold. (There are many other techniques known to privacy experts). Eventually there will be plenty of moneychangers on the nets happy to take your digital cash. Most money is already digital. The digital cash technology just gives us a way to make easy financial transfers over public networks. If there is a demand for economic transactions over the nets, the money will be supplied. ****************************************************************************** * DUNCAN FRISSELL Attorney at Law, Writer, and Privacy * * CIS 76630,3577 Consultant since the Nixon * * Internet 76630.3577@compuserve.com Administration * * or frissell@panix.com * * Easylink 62853962 * * Attmail !dfrissell * * TLX: 402231 FRISSELL NYK * * * * * Privacy Checkup still only $29.95. Buy today before price * * * * controls force me to raise my prices. * * * * * "If Mohammed A. Salameh had seen me in January, he'd be * * vacationing in Tunisia today." * * * ****************************************************************************** From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "J. J. Larrea" Date: Mon, 14 Jun 93 14:20:13 PDT To: cypherpunks@toad.com Subject: Re: request for patent info In-Reply-To: <9306141606.AA01411@boxer.nas.nasa.gov> Message-ID: <199306142119.AA17206@sun.Panix.Com> MIME-Version: 1.0 Content-Type: text/plain Eric Hughes writes: > As much as we need this, we also need the actual text of the patents. > What a patent actually covers is often much narrower than what is > claimed. And J. Eric Townsend adds: > Anyone near a federal patent repository can easily get this > information. Walk in, find the patent by number, have the nice > attendant print it out on a crappy photostat machine, pay in cash, > leave. No written record! Rice U. has a nice staff. (I don't know > where the west coast ones are.) Ah, the things we put up with in New York... the friendly attendants at the FPR run by the New York Public Library will happily change your bills into nickels and quarters so you can print it from microfilm yourself at $0.30 per page... But, they have a free dialup to the PTO's online "USPAT" database, which I have been using for the past few months. I will be there using the system sometime during the week of June 22. It would certainly be possible for me to capture abstracts, legal info (assignees etc.), etc. on a floppy and transfer it to the c-punks archive. Depending on how busy the library happens to be, I might also be able to get the fulltext of claims, and even maybe the full disclosure statement, for a limited number of patents (it takes a *long* time to download, and anything but citations is considered bad etiquette if anyone is waiting for the single terminal). I am willing to do this (time permitting, of course), if: (1) a person of credibility can assure me that I am not violating any copyright or other legislation by doing so. (2) one or more cypherpunks takes responsibility for gathering and summarizing a list of pertinent patent numbers, and keywords for further searching (which can include any word in the fulltext, inventor's name, assignee's name, etc.) - JJ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Mon, 14 Jun 93 07:56:16 PDT To: John Gilmore Subject: Re: Digital cash software In-Reply-To: <9306140709.AA05436@toad.com> Message-ID: <9306141710.aa20936@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > I spoke with David Chaum, the inventor of digital money, last week at > the cryptography meetings in DC. He is willing to give us a noncommercial > license to use his digital money patents, and copies of some of his > software for digital cash, for us to deploy somehow, and start using. Wow! Great! > If we have a small group of people (say 2 to 5) who are seriously > interested in building a digital-cash-on-the-Internet application > and getting it into use, then speak up and get organized, and I > will cross-connect you to David and Nils so things will start moving. Definitely interested! Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu@cygnus.com Date: Mon, 14 Jun 93 18:09:45 PDT To: gnu@cygnus.com Subject: Kahn Sees On-Going Battle On Cryptography 06/14/93 Message-ID: <9306150109.AA21678@cygnus.com> MIME-Version: 1.0 Content-Type: text/plain From: newsbytes@clarinet.com Newsgroups: clari.nb.general Subject: Kahn Sees On-Going Battle On Cryptography 06/14/93 PALO ALTO, CALIFORNIA, U.S.A., 1993 JUN 14 (NB) -- David Kahn, author of "The Codebreakers", speaking at the Third CPSR Cryptography Conference, told those assembled that he sees an on- going battle between government and privacy advocates over personal and business uses of cryptography. Kahn began by saying "My thesis is that the growth of cryptography follows the growth of communication. When there was little literacy, writing itself was a form of cryptography" "A great leap forward came in World War I -- the use of radio brought the need for greater use of codes to insure the privacy of messages. In the fall out after the war, the use of cipher machines was attempted but this approach was not really practical until computers came along," he added. According to Khan, in recent times, interest in cryptography has grown dramatically. "When the RSA algorithm was mentioned in Scientific American, there were 5,000 requests for reprints of the article; the story "Ultra Secret" about the breaking of the Germans' code raised interest and threats such as computer "hackers", viruses and cellular phone fraud raised additional interest in cryptography and the protection of privacy," he said. Kahn then moved to his Antithesis: "(The) Government wants to stop the movement toward privacy. (The) Government wants to know about criminal and terrorists. It tries to accomplish this objective through such things as export controls and the Clipper & Capstone chips," he told the audience. "The Government sees its activity. not as an additional intrusion into individual privacy. but as an attempt to maintain the present state. However, the domain of individual rights has been expanding -- the Miranda warnings, abortion decisions and the more strident avocation of privacy rights are examples of this trend," he said. "The Government moves are trying to block the advance of privacy rather than intrude into present rights. Export limits inhibits business expansion," he added. Kahn concluded: "Now we have to look for the synthesis. It's a matter of "privacy is good" and "business profits are good" versus "security is good." The question that must be answered is how to balance these goods. Do we give up the first for the second?" "The World Trade Center bombing shows that terrorism is here and is a concern. Government wants to hold back technology. This can't be done forever but can be done for a while. Government will argue that the temporary holding back will save some lives and properties," he said. In the question and answer period that followed, Bill Murray, consultant to Deloite and Touche, commented: "When the government wants us to give up the right to private communications, it must show us the danger (that warrants it). If drug dealers and terrorists are the problem, it should be demonstrated that drug dealers and terrorists are abusing private communications." In response to a Newsbytes question as to whether the triumph of the expansion of privacy rights over government concerns was inevitable, Kahn said: "Privacy is to powerful a force to be stopped. It will eventually prevail." Ross Stapleton, a Central Intelligence Agency (CIA) analyst, commented: "These changes in information may cause a rethinking of the concept of national sovereignty. Governments have always have tried to control the flow of information; with the new technology and communications capabilities, they cannot. control it any longer." Murray said: "We cannot control it but we can criminalize it and that would be a mistake. By criminalizing drugs, we have destabilized society. There is so much illegal money from this policy that courts, law enforcement departments and legislatures have been corrupted." Asked by Newsbytes if he saw illegal money growing if the government tries to rein in the growth of cryptography or tries to make wiretapping more pervasive, Murray said: "No, it's not analogous in the money sense. But the criminalizing of anything without real justification causes destabilization." (Barbara E. McMullen & John F. McMullen/19930614/Press Contact: David Banisar, Computer Professionals For Social Responsibility, 202-544-9240 (voice); 202-547-5481 (fax); banisar@washofc.cpsr.org on the Internet) "Copyright 1993 by (I have no idea who). Reposted with permission from the ClariNet Electronic Newspaper newsgroup clari.nb.general. For more info on ClariNet, write to info@clarinet.com or phone 1-800-USE-NETS." From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com Date: Mon, 14 Jun 93 16:59:32 PDT To: cypherpunks@toad.com Subject: Re: DH for email (re: email protection and privacy) Message-ID: <9306142224.AA14117@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text peb@PROCASE.COM writes: > > >Case 4: "I forgot." > > > > This one seems to work for U.S. presidents. Yes, but in Reagan's case it was quite believable that he had forgotten; you, on the other hand, are presumed to be competent :-) Bill From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Mon, 14 Jun 93 20:31:23 PDT To: cypherpunks@toad.com Subject: Re: 2600 testimony to Markey's subcommittee In-Reply-To: <9306141559.AA01370@boxer.nas.nasa.gov> Message-ID: <9306150331.AA08630@toad.com> MIME-Version: 1.0 Content-Type: text/plain I was at the subcommittee hearing last Wednesday when "Emmanuel Goldstein" testified, and I took notes. It is true that two committee members (about half of the total who were present) focused on 2600 as being a handbook for crime. Don Delaney, who was also on the panel, giving good evidence about the extent and organization of phone fraud in New York City, noted that the First Amendment had already been abridged to protect kids from pornography, and proposed a law that would make it a crime to sell security-related information to juveniles. Subcommittee Chairman Markey told a long rambling story about people going down Maple St. rattling the doorknobs and why that was a bad thing. He compared 2600 to people who rattle the doorknobs and then post on the bulletin board downtown, "The door to 123 Maple St. is unlocked". Rep. Fields said to "Emmanuel" that it was "frightening that someone like you thinks there's a protected right to violate someone's privacy." The ironic thing is that another panelist, John J. Haugh, heads a consulting firm that publishes details about similar topics. He's the editor and principal author of a two volume reference work, _Toll Fraud and Telabuse_, published by his company in early 1992. He's also the editor of a national newsletter, _Telecom & Network Security Review_, also published by his company, with subscribers in 49 states and 18 countries. Mr. Haugh did not get hectored by the panel. But Mr. Haugh charges $170/year for six issues of his newsletter, and wore a suit to the hearing. When the same information is published at 2600 prices, packaged for more adventurous people, it is "troubling". My opinion is that when the privacy and security of society depends on those doors being locked, then yes, we ought to have whole squads of Boy Scouts, cops, hackers, and ordinary citizens rattling those doorknobs hourly and daily. And when we find one open, we should let the world know, because the privacy and security of the world depends on it. This applies to information like, "if you tune an ordinary radio to these frequencies, you can hear everyone's phone calls." If the info is suppressed, the problem will never be fixed, because not enough public pressure will be brought to bear on those responsible for fixing it. John Gilmore PS: The first half of the hearing was on encryption and Clipper, and I am pleased to say that the subcommittee took the *right* stance on that issue -- that the Clipper proposal was trouble and that fundamental rights, upon which our society is based, were at stake. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: bbyer@BIX.com Date: Mon, 14 Jun 93 17:53:26 PDT To: hughes@soda.berkeley.edu Subject: Re: CERT: the letter from CERT to berkeley.edu admin Message-ID: <9306142046.memo.62427@BIX.com> MIME-Version: 1.0 Content-Type: text/plain In-Reply-To: <9306081620.AA07331@soda.berkeley.edu> > Here, in its almost full glory, is the letter that CERT sent to the > admin at berkeley. I've removed the addressee, since there's no need > to involve that person. I have not, however, removed the name of the > sender. > ... > > We have been passed information that indicates that the anonymous FTP > archive on the following host(s) may be in use by intruders for ^ > illegal trading of commercial software: > > >>>>>>> soda.berkeley.edu /pub/cypherpunks > > We have not confirmed this information, nor have we identified that > the anonymous FTP configuration on the above-listed host(s) is open > for abuse. ^ > > ... This look suspiciously like a form letter. The possible plurals ("(s)") and the fact that the site name is in a "list type" format indicate this is probably a form letter. This is even more disturbing; do they have a form letter because they use it often or do they have a daemon that searches for highly undesirable things such as ftp sites with lots of encryption related things and automatically fires off this harassing form letter? Ben Byer From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: stig@netcom.com (Stig) Date: Tue, 15 Jun 93 01:36:40 PDT To: cypherpunks@toad.com Subject: Re: Steganography and Steganalysis In-Reply-To: <9305252227.AA27968@toad.com> Message-ID: <9306150837.AA16621@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain In <9305252227.AA27968@toad.com>, John Gilmore wrote... > My favorite scheme was to encode messages in trailing spaces and/or tabs > in netnews messages. You could also put internal tabs in place of spaces. > > In fact, you could do this with news messages that flow "through" your > site, (if the messages aren't protected with a crypto checksum), so that > you would not be the message's sender (and it wouldn't be addressed to anyone > either -- recipients get very good privacy). > > This would be one way for a Unix "worm" program to report back to its > master...and/or receive instructions. > > John Gilmore > > PS: You could put short interesting stuff just in your message-ID's! > Not to mention the low order bits of timestamps (exactly *what* second > did it arrive, now?). /* Jonathan Stigelman, Stig@netcom.com, PGP public key by finger */ /* fingerprint = 32 DF B9 19 AE 28 D1 7A A3 9D 0B 1A 33 13 4D 7F */ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: stig@netcom.com (Stig) Date: Tue, 15 Jun 93 01:40:10 PDT To: cypherpunks@toad.com Subject: Re: Digital cash software In-Reply-To: <9306140709.AA05436@toad.com> Message-ID: <9306150840.AA16772@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain In <9306140709.AA05436@toad.com>, John Gilmore wrote... > I spoke with David Chaum, the inventor of digital money, last week at > the cryptography meetings in DC. He is willing to give us a noncommercial > license to use his digital money patents, and copies of some of his > software for digital cash, for us to deploy somehow, and start using. > What constitutes 'noncommercial'? I mean, we are talking about cash... Stig /* Jonathan Stigelman, Stig@netcom.com, PGP public key by finger */ /* fingerprint = 32 DF B9 19 AE 28 D1 7A A3 9D 0B 1A 33 13 4D 7F */ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Wayner Date: Tue, 15 Jun 93 05:36:39 PDT To: gnu@toad.com Subject: Re: 2600 testimony to Markey's subcommittee Message-ID: <199306151236.AA29913@access.digex.net> MIME-Version: 1.0 Content-Type: text/plain Of course, it seems perfectly obvious to Markey that 2600 is a "handbook on crime", but EG should have turned around and pointed out that he's just transmitting information on the world and there is nothing wrong with that. Gosh, if there was then Congressional Hearings and C-Span should be rated R to prevent the little whippersnappers from seeing and hearing demonstrations like the one that John Gage gave the committee several weeks ago. One person commented that Time magazine's latest article on Crack was practically a "How-To" guide. It satisfied the "Enquiring Minds" that wanted to know just what those people did with the magic crystals. Another friend informs me that Pornography is often transmitted with the label "For Scientific Research purposes only." Apparently, the law contains some exception for Doctors and Biologists. Hmmm. I wonder where Masters and Johnson fit in here. -Peter Wayner From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 15 Jun 93 09:04:47 PDT To: cypherpunks@toad.com Subject: request for patent info In-Reply-To: <199306142119.AA17206@sun.Panix.Com> Message-ID: <9306151600.AA08672@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain The main rationale behind granting patent monopoly is for the disclosure of the technique to the public. As such, patents are public record. There is no danger of violating copyright by publishing patents, already public information. Here is RSADSI's patent portfolio: Public Key Cryptographic Apparatus and Method ("Hellman-Merkle") No. 4,315,552 Exponential Cryptographic Apparatus and Method ("Hellman-Pohlig") No. 4,434,414 Cryptographic Apparatus and Method ("Diffie-Hellman") No. 4,200,770 Cryptographic Communications System and Method ("Rivest-Shamir-Adelman") No. 4,405,829 Method For Identifying Subscribers And For Generating And Verifying Electronic Signatures In A Data Exchange System ("Schnorr") No. 4,995,082 In my own opinion, the RSA and DH patents are relatively strong, given that they cover particular algorithms and not whole classes of techniques. The key word here is relative; they might not hold themselves, but they are certainly much more likely to hold that some of their others. PKP makes the following statement. This is right out of RFC-1421, one of the Privacy Enhanced Mail (PEM) documents. "These patents are stated by PKP to cover all known methods of practicing the art of Public Key encryption, including the variations collectively known as El Gamal." It is my opinion that this statement is false, and not only false, but an improper extension of patent monopoly. The weakest link is the Hellman-Merkle patent, which PKP uses to claim all public key cryptography. Public key cryptography as such is certainly not patentable, since it is merely a collection of characteristics of specific systems; public key cryptography is not a specific process or method, but a collection of such processes and methods. Only specifics are patentable. Public key cryptography is an idea, and ideas are not patentable. The next weakest link is the Hellman-Pohlig patent, which is, I believe, that which PKP uses to claim that all uses of the discrete log problem (e.g. El-Gamal) are also covered. Here again, the use of an item without reference to a specific process or machine is not patentable. The specific use of exponentiation in the H-P patent is for an RSA pseudofield (i.e. mod pq), but with exponent two. As such, if we are going to prioritize patents, I would gather them in the order indicated. As far as doing forward references, The H-M patent is likely the most interesting, since it will lead to many other patent public key ciphers. The RSA patent is likely the next, because it is so widely known and mathematically simple. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 15 Jun 93 10:02:24 PDT To: cypherpunks@toad.com Subject: request for patent info In-Reply-To: <9306141704.AA24572@netcom3.netcom.com> Message-ID: <9306151658.AA10959@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >Sunnyvale, CA. Near the public library off Mathilda Ave. Do they have electronic access at this library, or is it paper only? I know they have a fax service for which they charge, but is there downloadable text available? As much as we need the text of the patents, we also need to gather them in electronic form. I thank those who have offered to do so. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Tue, 15 Jun 93 10:16:12 PDT To: cypherpunks@toad.com Subject: REMAIL: X-Discard header line added In-Reply-To: <199306151642.AA07985@tramp.cc.utexas.edu> Message-ID: <9306151711.AA11398@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >Headers are always >unencrypted, so anyone watching the flow will be able to write a 3 line >perl script to filter out all of these messages and there is nothing a >header line can do to hide this discard information. The cypherpunks remailers use a little invention called 'header pasting' where header fields may be added into the header after receipt but before processing. These pasted header fields may in addition be put inside encryption wrappers, thus hiding them from the outside world. 'Discard' headers may use this technique. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Chael Hall) Date: Tue, 15 Jun 93 08:34:30 PDT To: cypherpunks@toad.com Subject: REMAIL: X-Discard header line added Message-ID: <9306151537.AA07449@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain In an effort to make creating more traffic for the Cypherpunks remailers easier, I have added a feature to my remailer. Whenever it receives a message that would otherwise be remailed but contains a header line saying "X-Discard:" it will discard the message and act as though it got remailed. If all of the Cypherpunks remailers supported an automatic discard feature, we could setup cron jobs or whatever kind of software we want to send "junk mail" to the remailers that does not get forwarded on. An idea I just had was to make the X-Discard have a counter. If the number is greater than zero, decrement it and forward the message to another known remailer. If it is less than one or non-numeric, discard the message. Right now, it just discards whatever message has that header. Example Message: ==================================== From: nobody@no.com To: nowhere@bsu-cs.bsu.edu Subject: Test :: Request-Remailing-To: bob&tom@bit.bucket.net X-Discard: Please! Test Message ==================================== Chael -- Chael Hall nowhere@bsu-cs.bsu.edu, 00CCHALL@BSUVC.BSU.EDU, chall@bsu.edu (317) 776-4000 from 8 am - 5 pm CST From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: falcor@agora.rain.com (Andy Burt) Date: Tue, 15 Jun 93 11:21:19 PDT To: cypherpunks@toad.com Subject: digcash Message-ID: MIME-Version: 1.0 Content-Type: text/plain If anyone out there has a non-PS FAQ on digcash, I'd appreciate it. Thanx! -- ----------------------------------------------------------------------------- // Falcor, aka // InterNet: falcor@agora.rain.com // "Curiouser and // // Andy Burt // FidoNet: 1:105/354.0 // curiouser!"-Alice, // // // PGP2.2 PublicKey Avail On Request // Lewis Carroll // ---------------------------------------------------------------------------- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jim McCoy Date: Tue, 15 Jun 93 09:42:56 PDT To: cypherpunks@toad.com Subject: Re: REMAIL: X-Discard header line added In-Reply-To: <9306151537.AA07449@bsu-cs.bsu.edu> Message-ID: <199306151642.AA07985@tramp.cc.utexas.edu> MIME-Version: 1.0 Content-Type: text > > In an effort to make creating more traffic for the Cypherpunks > remailers easier, I have added a feature to my remailer. Do you mean easier to create more flow to thwart analysis or easier for an observer to determine which messages it does not need to examine after reaching a certain line in the header. This seems like a nice effort, but will not deter traffic analysis in the slightest. Headers are always unencrypted, so anyone watching the flow will be able to write a 3 line perl script to filter out all of these messages and there is nothing a header line can do to hide this discard information. What might be more usefull is a counter that signals the remailer system to stop passing a message and unwrap part of the message and act upon the instructions there; thus the counter would let tell the system how long to bounce the message around internally and when the counter hits zero it could send the message on to the target. For example you could create a little MIME x-anon-remailer body part that contains lines with the the final destination wrapped in the remailer pubkeys. When the counter hits zero the remailer checks the x-anon-remailer body part of the line that matches its pubkey, decrypts that line to get the final address and then sends the message on. In this sort of system all you would really need to do is send someone a message with your destination address wrapped in one anon remailer pubkey. When Alice replies to Bobs message she includes the x-anon-remailer body part which has the line provided by Bob (or several it Bob provides more than one). Alice sends this message to any remailer entry point and the message gets bounced around the system until the counter hits 0. At this point the remailer checks to see if it can decrypt any of the destination lines, if not it ups the counter by one (and maybe sets a TTL counter so that messages that have destination keys corrupted do not float forever...) and tosses it back into the system, if it can decrypt one of the destination keys it sends the message off to the address Bob has provided inside the destination key (Bob could even have the destination key send it the message into another remailer system if he is sufficiently paranoid). This would make traffic analysis much harder because once the message enters the remailer system it bounces around so much; the remailers become a black box that deliver the message without really knowing anythign about it until the last phase of delivery. This would also not waste bandwidth moving useless messages around. jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Henry Strickland Date: Tue, 15 Jun 93 12:37:56 PDT To: cypherpunks@toad.com Subject: MEDIA: Steven Levy on 91.7 re Cypherpunks (already happened) Message-ID: <9306151940.AA03720@versant.com> MIME-Version: 1.0 Content-Type: text/plain Steven Levy was interviewed on FM91.7 (san francisco public radio, I forget the call letters) this morning. My patch cable isnt working for some reason, or I would have caught it in a ulaw file. I don't know the name of the show, or if they will rebroadcast it, but if you're interested, you might try to track it down. As one might expect, he did a good job of introducing some hard-edge issues in fairly-mainstream-but-technical media... strick From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Nickey MacDonald Date: Tue, 15 Jun 93 09:10:48 PDT To: Chael Hall Subject: Re: REMAIL: X-Discard header line added In-Reply-To: <9306151537.AA07449@bsu-cs.bsu.edu> Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Tue, 15 Jun 1993, Chael Hall wrote: > An idea I just had was to make the X-Discard have a counter. If > the number is greater than zero, decrement it and forward the message > to another known remailer. If it is less than one or non-numeric, > discard the message. Right now, it just discards whatever message > has that header. Seems like a very good idea, at least for the short term, to generate traffic. Just make sure that you do not accept a value for X-Discard that is too large, or else you'll find the same message floating around (Internet Worm sytle) when you *don't* need any extra traffic! If you wanted to really have fun, you could also add X-Discarded-By to keep a list of all sites the message has visitied, and make sure the same message doesn't cycle through the same site too many times. -- Nick MacDonald | NMD on IRC i6t4@jupiter.sun.csd.unb.ca | PGP 2.1 Public key available via finger i6t4@unb.ca | (506) 457-1931 ^{1024/746EBB 1993/02/23} From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Chael Hall) Date: Tue, 15 Jun 93 12:36:23 PDT To: mccoy@ccwf.cc.utexas.edu (Jim McCoy) Subject: Re: REMAIL: X-Discard header line added In-Reply-To: <199306151642.AA07985@tramp.cc.utexas.edu> Message-ID: <9306151939.AA13767@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain >will not deter traffic analysis in the slightest. Headers are always >unencrypted, so anyone watching the flow will be able to write a 3 line >perl script to filter out all of these messages and there is nothing a >header line can do to hide this discard information. Eric has already addressed this; I intend to make my remailer PGP capable soon. If not the one on bsu-cs, the new one will have PGP as soon as I can get to it. >paranoid). This would make traffic analysis much harder because once the >message enters the remailer system it bounces around so much; the remailers >become a black box that deliver the message without really knowing anythign >about it until the last phase of delivery. I'm not sure what you mean about bouncing it around to different remailers, because if there are a lot of remailers, it could take a long time before it finally gets to the appropriate one that can decrypt the destination information (perhaps longer than the TTL and therefore it does not get delivered). With encryption, the remailers don't have to know the recipient until the last phase anyway. In addition, they may not know the contents of the message either. >This would also not waste bandwidth moving useless messages around. Right now, we have plenty of bandwidth because the remailers don't get much use. ALL: Which is better: X-Discard or X-TTL? I can easily change it to X-TTL. Chael -- Chael Hall nowhere@bsu-cs.bsu.edu, 00CCHALL@BSUVC.BSU.EDU, chall@bsu.edu (317) 776-4000 from 8 am - 5 pm CST From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: zane@genesis.mcs.com (Sameer) Date: Tue, 15 Jun 93 15:08:49 PDT To: Nickey MacDonald Subject: Re: REMAIL: X-Discard header line added In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: text/plain In message , Nickey MacDonald writes: > > Seems like a very good idea, at least for the short term, to generate > traffic. Just make sure that you do not accept a value for X-Discard that I don't understand what the point is in adding unnecessary, junk traffic to the remailers. Please explain. Peace, -- | Sameer Parekh-zane@genesis.MCS.COM-PFA related mail to pfa@genesis.MCS.COM | | Apprentice Philosopher, Writer, Physicist, Healer, Programmer, Lover, more | | "Symbiosis is Good" - Me_"Specialization is for Insects" - R. A. Heinlein_/ \_______________________/ \______________________________________________/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nowhere@bsu-cs.bsu.edu (Chael Hall) Date: Tue, 15 Jun 93 13:21:12 PDT To: cypherpunks@toad.com Subject: REMAIL: X-TTL functional Message-ID: <9306152024.AA14776@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain I should know by now that whenever I get an idea and send it to the list it ends up getting lots of addons and changes from other list members. So.... I added an X-TTL field to the header. It reads it, decrements it, and writes it. If it's in the message received, it will be decremented and passed on. If it isn't in the message, it will be set to one then later decremented (last stop). If it should be zero when it arrives, it will be swallowed up. Messages that get sent will have a header field of X-TTL with a value of zero or greater. Note that it shows up as X-Ttl in ELM, but doesn't matter in the software because it converts everything to lowercase then checks it against its keyword list. The X-TTL field can be either in the main header or in the pasted "::" header block. I suppose that if the TTL is greater than zero when it goes to send, the remailer should throw in another remailer's name at random and make up its own "::" header block, but that is for later... Chael -- Chael Hall nowhere@bsu-cs.bsu.edu, 00CCHALL@BSUVC.BSU.EDU, chall@bsu.edu (317) 776-4000 from 8 am - 5 pm CST From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Duncan Frissell <76630.3577@CompuServe.COM> Date: Tue, 15 Jun 93 13:15:29 PDT To: Subject: digital cash Message-ID: <930615194400_76630.3577_EHK24-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- >>>The legal issues involved in setting up a real world money system are enormous.<<< No need. This is the advantage of piggy backing a digital cash application onto an existing offshore financial institution. It is true that if I sat in the US and started to offer digital cash accounts I would be subject to a lot of regulation. DC would probably be held to be a 'security' and there are all sorts of financial regulations involved. It might be possible to get a regulatory waiver for an experimental system if we got an academic partner like the Iowa Political Stock Market which also traded 'securities' with account sizes up to $1,000. On the other hand, other jurisdictions are not as regulated as the US is. Generally, solicitations for unregistered securities cannot be directed to Americans except in international publications. I would advocate that all physical mail involved in such an application be sent and received overseas (The City of London would be convenient) and that all email be sent via Julf's remailer. We could also start an internet DC email group (as a feedback and semi-advertising medium) sent from Finland. (Julf willing of course.) It would be interesting to see the litigation about whether or not such a publication is a "domestic" publication. It should be easy to find non-US residents to be the nominal "publishers." Now all we need is a banking haven jurisdiction with good internet connections... I *have* been looking. Duncan Frissell -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLB36L4VO4r4sgSPhAQFGswQA3JTCDiFHPfazuWYo8+4BALg4cvGFWVXq mBJYhx7avEWUYIqZOK5b/XinmmJvoPNxAIKhjk/bNDOxq21kAKE/29PPygQgSXt8 uQPcG45MB5tBwS6fBNuSG/4uljiPveAYvD5xU0JuOGev03Zd8FOV9tvRsBiYGudn eGeH96j0Oxc= =wVQT -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jim McCoy Date: Tue, 15 Jun 93 14:54:03 PDT To: nowhere@bsu-cs.bsu.edu (Chael Hall) Subject: Re: REMAIL: X-Discard header line added In-Reply-To: <9306151939.AA13767@bsu-cs.bsu.edu> Message-ID: <199306152153.AA08290@tramp.cc.utexas.edu> MIME-Version: 1.0 Content-Type: text [...] > >paranoid). This would make traffic analysis much harder because once the > >message enters the remailer system it bounces around so much; the remailers > >become a black box that deliver the message without really knowing anythign > >about it until the last phase of delivery. > > I'm not sure what you mean about bouncing it around to different > remailers, because if there are a lot of remailers, it could take a long > time before it finally gets to the appropriate one that can decrypt the > destination information (perhaps longer than the TTL and therefore it does > not get delivered). With encryption, the remailers don't have to know the > recipient until the last phase anyway. In addition, they may not know the > contents of the message either. I set the "breakout counter" at 10 and throw it into any port on the remailer web. It bounces around 10 times and then the "deliver this damn message" flag gets tripped and the TTL counter starts. The TTL counter is actually the number of hops from this point on that the message will traverse looking for someone who can decode the encrypted destination address before the message dies or is otherwise checked for problems. It could take a long time to deliver the message, but time latency is another possible means of confounding traffic analysis. What I was basically thinking was that the breakout counter tells the message how many times to randomly bounce around the internal structure of the remailer web (and hopefully becoming lost in the clutter) before it tries to find someone who can deliver it; the TTL would be used once the breakout counter had hit zero and would try to keep a message from bouncing around forever if there is an addressing problem. This would obviously increase the complexity of the system and require a collection of remailers scattered across the net, but it seems to me to have the advantages of providing more security as the number of remailers grows and to allow bepopel to set up thier own forwarding and addressing that is independant of the remailer system (you generate your own destination certificates and can string together whatever you want in the destination, even another hop back into the remailer system.) It may be overly complex, but it just seemed to me that it might offer the possiblity of truly untracable mail: two messages sent into the same entry port with the same destination certificates at the same time could end up coming out of two different exit ports on the black box depending on how they bounced around inside the system. If you want someone to be able to send you a reply to an anonymous message you give them a destination certificate that contains the destination you want the message sent to wrapped in various remailer pubkeys (one or more, it is up to you). They do not need to know where the message is going, they just attach the certificate to thier message and drop it into _any_ remailer and know that it will either get to the destination or get bounced back to them. A distributed anonymous remailer system of sorts... jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Steven Levy Date: Tue, 15 Jun 93 19:38:20 PDT To: cypherpunks@toad.com Subject: on the radio Message-ID: <93Jun15.193753pdt.13987-4@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain >Steven Levy was interviewed on FM91.7 (san francisco public radio, I >forget the call letters) this morning. My patch cable isnt working for >some reason, or I would have caught it in a ulaw file. >I don't know the name of the show, or if they will rebroadcast it, but >if you're interested, you might try to track it down. I think the name of the show was TechAmerica, or something like that, a show syndicated on public radio. I did the interview about a month ago, me in Amherst, a fairly sharp interviewer in San Francisco. Steven From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: bbyer@BIX.com Date: Tue, 15 Jun 93 17:53:46 PDT To: AOLCHTNN@vax1.tcd.ie Subject: Re: Timothy C. May:superhacker Message-ID: <9306152043.memo.64107@BIX.com> MIME-Version: 1.0 Content-Type: text/plain In-Reply-To: <01GZ6EDS7DHK003YG5@vax1.tcd.ie> > Why doesn't Tim and anyone else who suspects that they have reached > the much-sought status of "superhacker on gov't files not just write > to their local friendly federal government office and ask for a copy > of their own records? > > Of course any interesting information they've got is likely to be classified, > but at least you'll find out whether any such information is stored on the > files. > > Of course, requesting your own government file is likely to draw attention > to yourself, so it's probably best not to do so unless you're sure that > they already know that you know-that-they-know-something. Yes, acoording to a 2600 article (admittedly not the best source), requesting a file on yoursself causes one to be created if one does not exist. Ben Byer From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mlshew@dixie.com (Mark Shewmaker) Date: Tue, 15 Jun 93 19:57:37 PDT To: mlshew@dixie.com Subject: Re: Rude CryptoStacker Suggestion Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Mon, 14 Jun 1993, RYAN Alan Porter wrote: >On Mon, 14 Jun 1993, Mark Shewmaker wrote: > >I don't consider us without options, I just have yet to see a program that >I would trust my data with. > >Besides, I wouldn't consider it a waste of effort even if there were such >a system out there (which I doubt) Well then I have doubts about your doubts: Even I've got a few ways of getting transparent compression or encryption on my own system (amiga), most of them simply device drivers or some other standalone sets of code one would then to use to mount a (virtual) partition, and there's also a more standardized compression/encryption modular system to do the same thing (sort of), just like you talk about later. That's why I keep thinking that for PC's and freely distributable source code for encrypting file systems, that by now someone *must* have already invented the wheel. (Although you could still invent the radial tire, so to speak, and make the original idea more usable.) >Anyway, thanks for the suggestion; I would be interested in any parallel >systems which anyone might happen to stumble upon. Seeing as you had previously said: >The sources for bare network redirectors and block device drivers are, >indeed, in wide supply. I guess I really should upload some of the amiga code then, even though a great deal of it will absolutely useless to you, (but I must admit it would be kinda cool if pc's and amigas could both access the same compressed/encrypted xpk files.) If it's really just the encryption part per se that you are missing, then they might be helpful to your project. I'll write up a description, plagiarizing the readme files somewhat, and upload a few of the archives to Eric's site. >The more people who know how to implement good encryption, the more >widespread other cypher code will become. Very true. (I'm always annoyed when I download a new "security" type program, only to find it lets you encrypt/decrypt with any of ten proprietary methods, numbered one through ten. Absolutely useless. And of course the scums never include the source. Grrr.) >(Oh also, have I come off lately as being incredibly overflamesensitive, >or are you just a very cautionary guy? I can understand it if I have >projected a flameshield attitude, but I'm really not that bruisable...) "Jane, you ignorant slut." (Implied smileys for the SNL-impaired.) Partly I'm cautionary, trying to be polite, tit for tat and all that, but also I don't like being the 100th person whining about your project, (especially knowing next to nothing about DOS systems), while people who think it's a neat idea keep quiet. Plus I overdid the cautiousness a bit. (And I've got this pet peeve about people re-introducing obvious ideas in sci.crypt, and similar places.) -Mark Shewmaker From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Tue, 15 Jun 93 19:49:30 PDT To: ld231782@longs.lance.colostate.edu (L. Detweiler) Subject: Re: alt.whistleblowing-cypherpunk FAQ In-Reply-To: <9306140621.AA29371@longs.lance.colostate.edu> Message-ID: <9306160249.AA18896@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain According to L. Detweiler: > > Mr. Diehl: > If you had taken the time to read any significant portion of > alt.whistleblowing traffic, I would imagine you would have stumbled on > messages where I presented an outline/preliminary FAQ and an anonymous > posting described precisely how to use Julf's remailer to send traffic I read the entire newsgroup! All 27 articles. In these articles, I counted exactly ONE from you, and it had nothing to do with what you describe above. > (which were posted under a week ago). I take great offense at your > hasty, flippant denigration of it so far as a `flamefest'. While of Then, IMHO, you are easily offended. But, lets look at what I was refering to: Several messages in alt.whistleblowing.... Drasticly condensed to save BW. From cypherpunks-request Tue Jun 15 20:49:52 1993 Received: by toad.com id AA21533; Tue, 15 Jun 93 20:48:23 PDT Return-Path: Received: from triton.unm.edu ([129.24.8.235]) by toad.com id AA21529; Tue, 15 Jun 93 20:48:19 PDT Received: by triton.unm.edu (5.65/0.1) id ; Tue, 15 Jun 1993 21:48:06 -0600 From: J. Michael Diehl Message-Id: <9306160348.AA20651@triton.unm.edu> Subject: Re: Digital Cash$$$$ To: 76630.3577@compuserve.com (Duncan Frissell) Date: Tue, 15 Jun 1993 21:48:05 -0600 (MDT) Cc: cypherpunks@toad.com In-Reply-To: <930614200936_76630.3577_EHK40-1@CompuServe.COM> from "Duncan Frissell" at Jun 14, 93 04:09:37 pm X-Also-Known-As: Thunder X-Goal-In-Life: To make a lot of money -- Wanna make a donation? X-Mailer: ELM [version 2.4 PL21] Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Content-Length: 1721 According to Duncan Frissell: > A digital cash economy doesn't have to be separate from the regular economy. > 1.) You mail cash/MO to First Digital Bank of Cyberspace (at an offshore > maildrop) together with a public (unique if you like) key and anonymous email > address (on Julf's remailer perhaps). Then DC is actually backed by "legal" currency? Then, what's to keep someone from opening a digital bank, and takeing the money and runing? > 4.) You find someone to accept the digital cash. Initially it can be used > for gambling and telecoms/storage fees, eventually buying digital goods > (software, print, audio, video, VR) will be easy. Remember, within a few > years 100 million homes in OECD countries will have 1.5 megabit lines into > them. This is a huge market for digital entertainment. OECD? Obviously, DC can lead to quite a few opportunities for corruption, taxes for example. This will hinder (or help, in Washington D.C! ;^]) the spread of DC. Is there any arguements for DC, to offer to counter this major drawback? +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks-request Tue Jun 15 22:09:53 1993 Received: by toad.com id AA23778; Tue, 15 Jun 93 22:08:10 PDT Return-Path: Received: from jarthur.Claremont.EDU ([134.173.42.1]) by toad.com id AA23770; Tue, 15 Jun 93 22:08:04 PDT Message-Id: <9306160508.AA23770@toad.com> To: cypherpunks@toad.com From: nobody@eli-remailer Subject: REMAIL: X-TTL and X-Discard Date: Tue Jun 15 22:07:41 PDT 1993 Remailed-By: Eli Brandt Source-Info: From (or Sender) name not authenticated. -----BEGIN PGP SIGNED MESSAGE----- I don't see that X-TTL is very useful as currently proposed. As I see it, I would have to create something like this: ======================================= :: X-TTL: 5 Request-Remailing-To: remailer1 :: Request-Remailing-To: remailer2 :: Request-Remailing-To: remailer3 :: Request-Remailing-To: remailer4 :: Request-Remailing-To: remailer5 Dummy message to be sent. ======================================= (Or an equivalent structure could be set up with nested PGP encryptions.) This would go through remailers 1, 2, 3, 4, and 5, decrementing the X-TTL field each time, and after the last one when it was 0 the message would be deleted. The X-TTL is not very convenient in this case since you still have to come up with a path for sending your message which is at least as long as the X-TTL value. It seems to me that the X-Discard idea is simpler; you can just put the X-Discard in the command block for the last remailer, and you don't have to count them. What is needed to make X-TTL useful is for the remailer to choose another remailer as its destination, and ideally to encrypt the message before sending it. This way X-TTL can be used to insert a random remailer path of n hops in the middle of a sender-constructed remailing path. This leads to a system where the remailer decrypts an incoming message, reads the X-TTL value, decrements it, re-encrypts the message for the next remailer in the chain, and sends it. The X-TTL value is never exposed to outsiders. At one point I wrote a modification to my remailer to cause it to encrypt any message which it sent to another remailer which supported PGP. But I decided that this didn't really help security enough to be worthwhile. It would be much better to encourage users to encrypt their messages themselves in a nested fashion so that no remailer sees any more information than the bare minimum necessary. Hal Finney 74076.1041@compuserve.com -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLB5mUKgTA69YIUw3AQHlRwQAmQ4t6ZcSNbieK4Y8ywj2t1vT1WR9amsY RB1H/cBGfIsVZOcpFb7K5OLrwhTh+aIO6b7sUzXVBsbsgNKLtv0yPjracDpPH5y1 EJ6U9k+74mXDpxl7vo4tqFUiEFd3s3I6by/TjmVAtKy8eX1+o83yo0BJgt9YgNSr psi8xbAFGUI= =4DtE -----END PGP SIGNATURE----- From cypherpunks-request Tue Jun 15 21:14:38 1993 Received: by toad.com id AA22244; Tue, 15 Jun 93 21:11:02 PDT Return-Path: Received: from relay2.UU.NET by toad.com id AA22240; Tue, 15 Jun 93 21:10:58 PDT Received: from spool.uu.net (via LOCALHOST) by relay2.UU.NET with SMTP (5.61/UUNET-internet-primary) id AA04442; Wed, 16 Jun 93 00:11:04 -0400 Received: from sytex.UUCP by spool.uu.net with UUCP/RMAIL (queueing-rmail) id 000929.231; Wed, 16 Jun 1993 00:09:29 EDT Received: by sytex.com (Smail3.1.28.1 #1) id m0o5oMo-00017IC; Tue, 15 Jun 93 23:40 EDT To: cypherpunks@toad.com Subject: YAA (yet another article) From: fergp@sytex.com (Paul Ferguson) Message-Id: <0BX85B2w165w@sytex.com> Date: Tue, 15 Jun 93 23:39:20 EDT Organization: Sytex Communications, Inc ComputerWorld June 14, 1993 Volume 27, Number 24 pages 73,74 Enterprise Networking Commentary All Eyes On Clipper by Gary H. Anthes If any conclusion can be drawn from the cacophony of conflicting views put forth at a recent public hearing on government-sponsored encryption technology, it is that the Clinton administration should slow down and take a closer look at Clipper. Clipper is the government's attempt to give law enforcers the ability to unscramble coded messages from suspected criminals while guaranteeing constitutional safeguards to legitimate users. To do that, a secret algorithm embedded in a chip will use encryption/decryption keys maintained "in escrow" by two government-approved agencies and subject to use in wiretaps only via court order. The first image brought to mind when presented with the key-escrow concept is that of a digital Big Brother, able to siphon off electronic secrets from anyone not in favor with the establishment. Stanford University Professor Martin E. Hellman says former Attorney General John Mitchell was in the habit of handing down blank but signed wiretap authorizations, 40 to 50 at a pop, rather than personally reviewing each request as required by law. "Two escrow authorities do little good if only one court order is required," Hellmman contends. The government has done little so far to put those fears to rest or to From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: bear@eagle.fsl.noaa.gov (Bear Giles) Date: Tue, 15 Jun 93 19:40:11 PDT To: bbyer@bix.com Subject: Re: Timothy C. May:superhacker Message-ID: <9306160237.AA20240@eagle.fsl.noaa.gov> MIME-Version: 1.0 Content-Type: text/plain Ben Byers writes: In-Reply-To: <01GZ6EDS7DHK003YG5@vax1.tcd.ie> >> Of course, requesting your own government file is likely to draw attention >> to yourself, so it's probably best not to do so unless you're sure that >> they already know that you know-that-they-know-something. > >Yes, acoording to a 2600 article (admittedly not the best source), >requesting a file on yourself causes one to be created if one does >not exist. Naturally they'll open a file on you to document the fact that you requested information under the FOIA and to file a copy of the information returned to you. Will they start an investigation on the basis of the fact that you requested information under the FOIA? How many people with rather, shall we say, unusual ideas do you think have pestered the CIA or NSA with FOIA requests? Of course, if you admit you learned about this on a cryptoanarchist e-mail list... :-) Bear Giles From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Johan Helsingius Date: Tue, 15 Jun 93 21:26:54 PDT To: Duncan Frissell <76630.3577@compuserve.com> Subject: Re: digital cash In-Reply-To: <930615194400_76630.3577_EHK24-1@CompuServe.COM> Message-ID: <9306160611.aa19291@penet.penet.FI> MIME-Version: 1.0 Content-Type: text/plain > Generally, solicitations for unregistered securities cannot be directed to > Americans except in international publications. I would advocate that all > physical mail involved in such an application be sent and received overseas > (The City of London would be convenient) and that all email be sent via > Julf's remailer. We could also start an internet DC email group (as a > feedback and semi-advertising medium) sent from Finland. (Julf willing of > course.) It would be interesting to see the litigation about whether or > not such a publication is a "domestic" publication. It should be easy to > find non-US residents to be the nominal "publishers." I'd be more than happy to participate in this! Julf From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@alumni.cco.caltech.edu Date: Wed, 16 Jun 93 07:33:23 PDT To: cypherpunks@toad.com Subject: fast des Message-ID: <9306161432.AA00270@alumni.cco.caltech.edu> MIME-Version: 1.0 Content-Type: text/plain how fast is fast des these days? (i have measured over 2 mbps on decent workstations.) i was in a meeting today attended by someone from nsa who said that 2.4 gbps des chips exists today. (he got real silent after blurting this out. hmm.) 2.4 gbps is 37.5 million des per sec. it is probably not much challenge to put together a 65,536 element machine, which would run at 2.5 trillion des per sec. if i have my arithmetic right, this could exhaustively test the space of 56 bit keys in about eight hours. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jthomas@kolanut.mitre.org (Joe Thomas) Date: Wed, 16 Jun 93 06:08:13 PDT To: cypherpunks@toad.com Subject: Re: REMAIL: X-TTL and X-Discard Message-ID: <9306161306.AA09342@kolanut> MIME-Version: 1.0 Content-Type: text/plain Hal wrote: > > What is needed to make X-TTL useful is for the remailer to choose another > remailer as its destination, and ideally to encrypt the message before > sending it. This way X-TTL can be used to insert a random remailer path of > n hops in the middle of a sender-constructed remailing path. This leads to > a system where the remailer decrypts an incoming message, reads the X-TTL > value, decrements it, re-encrypts the message for the next remailer in the > chain, and sends it. The X-TTL value is never exposed to outsiders. > > At one point I wrote a modification to my remailer to cause it to > encrypt any message which it sent to another remailer which supported > PGP. But I decided that this didn't really help security enough to > be worthwhile. It would be much better to encourage users to encrypt > their messages themselves in a nested fashion so that no remailer sees > any more information than the bare minimum necessary. Rolling your own encryption wrapper for the remailer chain you're sending through is a Good Thing, but your modification would be useful if you think of the cypherpunk remailer network as a "back end" for an anonymous/pseudonymous server like Julf's. Ideally, a pseudonym server will only keep an encrypted remailer chain for a user's return address (along with the unencrypted adress of the first remailer on the chain). The nymserver _doesn't_know_ what remailers are in the chain, so it can't encrypt the message with each of their public keys. But if the server can include a header line inside the encryption envelope that tells the remailer to encrypt with the next remailer's key, we can be sure that an adversary is still unable to match up incoming and outgoing messages. Setting up a pseudonym server with this kind of encrypted return address is good, of course, if you're worried about its database being seized. Without the cooperation of each remailer in the chain, the database doesn't give an adversary anything useful. And since now we've got TTL as another use for a next-step-encryption feature in the remailers... I'd better go get those remailer scripts and a UUCP feed for my new Linux box. Joe From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: eichin@cygnus.com (Mark Eichin) Date: Wed, 16 Jun 93 09:06:59 PDT To: nobody@alumni.cco.caltech.edu Subject: fast des In-Reply-To: <9306161432.AA00270@alumni.cco.caltech.edu> Message-ID: <9306161606.AA29187@cygnus.com> MIME-Version: 1.0 Content-Type: text/plain >> SUB: fast des >> how fast is fast des these days? (i have measured over 2 mbps >> on decent workstations.) On that note, what's the best available software implementation? The best one I've run across is the Ferguson code (both small and fast, uses some clever tables rather than big ones.) _Mark_ MIT Student Information Processing Board Cygnus Support From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mulivor@orion.crc.monroecc.edu Date: Wed, 16 Jun 93 07:00:37 PDT To: cypherpunks@toad.com Subject: MACWORLD article Message-ID: <9306161400.AA10411@toad.com> MIME-Version: 1.0 Content-Type: text/plain In case this hasn't been mentioned here: There's a sizeable story in the July issue of MACWORLD magazine called "Privacy in Peril." It's a general roundup on electronic privacy. I didn't notice any reference to Clipper or digital currency. See pp. 118-130. Carry on, patriots. Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Timothy Newsham Date: Wed, 16 Jun 93 14:01:38 PDT To: cypherpunks@toad.com Subject: Link protocol Message-ID: <9306162101.AA24381@toad.com> MIME-Version: 1.0 Content-Type: text/plain I just uploaded ami-link1.0lha ami-link1.0-src.lha link1.0.tar.Z link.readme to the soda.berkeley.edu cypherpunks/incoming directory. link.readme says: ---------------------- Link1.0 -------- Link is a protocol designed to provide a secure link over a serial channel. At this time there are ends only for Amiga and Unix. The protocol grabs input bytes, encrypts them with DES and frames them in packets for transfer over a serial channel. The protocol also allows transfers of random DES keys over the channel encrypted with the RSA algorithm. Key exchange happens automatically at startup (in the future there will be options to change keys mid-session). The client end written for Amiga is a vt100 terminal emulator. The server end written for Unix opens a pty and executes a shell. link1.0.tar.Z : This file contains the protocol engine and server to be run on the Unix end. Also contains docs on the protocol engine. Tested on HPUX and SunOS (compiled and tested minimally on an Ultrix at one point in time) ami-link1.0.lha : This file contains the protocol engine and client to be run on the Amiga end. Contains minimal docs pertaining to setup. ami-link1.0-src.lha : Contains the source for the amiga end. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: smb@research.att.com Date: Wed, 16 Jun 93 08:15:48 PDT To: cypherpunks@toad.com Subject: Re: fast des Message-ID: <9306161515.AA12958@toad.com> MIME-Version: 1.0 Content-Type: text/plain how fast is fast des these days? (i have measured over 2 mbps on decent workstations.) i was in a meeting today attended by someone from nsa who said that 2.4 gbps des chips exists today. (he got real silent after blurting this out. hmm.) 2.4 gbps is 37.5 million des per sec. it is probably not much challenge to put together a 65,536 element machine, which would run at 2.5 trillion des per sec. if i have my arithmetic right, this could exhaustively test the space of 56 bit keys in about eight hours. I don't know of any 2.4 gbps DES chips, but DEC has built a 1 gbps chip. They've even published a technical report on it, though I don't have the number handy. But there's more to know than simply the raw speed. First of all, most real DES chips -- i.e., those designed for encryption, rather than brute-force cryptanalysis -- are optimized for encrypting large blocks of data. Key-loading is a different operation, and that might not go nearly as fast. Any hardware assists (i.e., DMA) would be for the data, not for the next key to use on the same block of data. Second, what does this chip cost? If it costs, say, 10x what the DEC chip costs, it's not cost-effective; you can build your DES-cracker more cheaply with the slower chips. (The DEC TR gave cost figures for DES-cracking...) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jason Zions Date: Wed, 16 Jun 93 09:18:58 PDT To: cypherpunks@toad.com Subject: Re: YAA (yet another article) In-Reply-To: <1vm73lINN97i@hal.com> Message-ID: <9306161618.AA00319@jazz.hal.com> MIME-Version: 1.0 Content-Type: text/plain >ComputerWorld >June 14, 1993 >Volume 27, Number 24 >pages 73,74 > >However, a summary of some of those wiretaps, provided by the Federal >Bureau of Investigation, might cause even the most wary to warm up a >little closer to Clipper: > >* A wiretap led to the arrest and conviction of a "sexually deviant > serial murderer" who had operated in New Jersey and New Mexico. As an individual, who would he be talking to via Clipper? His victims? Not bloody likely. High-tech protection doesn't fall under the MO of this kind of killer. >* Another wiretap enabled authorities to thwart Chicago's "El Rukns > street gang" from a Libyan government-sponsored attempt to shoot > down a U.S. commercial airliner with a military weapons system. They find these all the time through other mechanisms. >* The entire leadership of the Mafia's Colombo family was convicted > with the help of wiretaps. Legalize drugs and prostitution and the Mafia will dry up and blow away. Besides, these guys have enough money to have purchased and used private scrambling gear anyway; the fact that they haven't (leading to their capture) leads one to believe they wouldn't use Clipper anyway. If the current leadership is smarter, they'll be smart enough to use non-Clipper gear anyway, eliminating the advantage Clipper gives to the Justice Dept. >Hellman has an ingenious idea that might appeal to those concerned >about civil liberties. He would require not one but three judges to >authorize a Clipper wiretap. A judge could answer the request with >"Yes," "No or "Oh, my God!" The latter means, "This looks like an >attempted abuse of power, as in Watergate." > >If a Clipper tap request got even one "Oh, my God!" decision, the >target of the wiretap would be notified. Because that is the last thing >the requestor would want, it would serve as a powerful check on >frivolous or improper requests. I gotta admit that I kinda like this. I should point out, though, that it ought to be applied regardless of the wiretapping technology applied; that is, this mechanism should be used today for all court-authorized wiretaps. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Wed, 16 Jun 93 11:42:27 PDT To: cypherpunks@toad.com Subject: Re: WORD... Message-ID: <9306161842.AA07762@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Phiber Optik writes: >I was just curious... I saw the WordPerfect crack files on soda, and I'm With the hypodermic syringes being found in Pepsi cans, the "crack files on soda" phrase takes on new meaning. I wonder if the media knows? -Tim May From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Richard Newsome Date: Wed, 16 Jun 93 08:44:55 PDT To: cypherpunks@toad.com Subject: Re: Digital cash Message-ID: <199306161544.AA14392@sun.Panix.Com> MIME-Version: 1.0 Content-Type: text/plain I have a friend who is working on developing a digital cash-like electronic payments system that would be connected to real financial institutions. He says that tthis system will essentially make the entire Internet a single ATM. I don't know any more about this as he is being very tight-lipped about this project. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@pmantis.berkeley.edu Date: Wed, 16 Jun 93 11:45:06 PDT To: cypherpunks@toad.com Subject: Re: YAA (yet another article) Message-ID: <9306161846.AA15062@pmantis.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain Really from: dmandl@lehman.com > From: "Perry E. Metzger" > > Torture, believe it or not, is a very effective way of police to get > information. Our society bans it. But keep in mind that it's still used often enough, just not usually against anyone with the power or credibility to speak out about it. Don't you remember the Queens police precinct that got involved in that stun-gun scandal a few years ago? --Dave (trying to give some extra business to the anonymous remailers). From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Craig Ellis <72550.1614@CompuServe.COM> Date: Wed, 16 Jun 93 09:05:33 PDT To: Cypherpunks Subject: unsubscribe Message-ID: <930616154636_72550.1614_FHG29-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain Please take me off the cypherpunks mailing list. Thank you. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: sneal@muskwa.ucs.ualberta.ca (Sneal) Date: Wed, 16 Jun 93 11:49:58 PDT To: cypherpunks@toad.com Subject: Patent libraries Message-ID: <9306161849.AA16059@muskwa.ucs.ualberta.ca> MIME-Version: 1.0 Content-Type: text/plain Re west coast patent libraries: The two that I've personally used are the Sunnyvale patent library (which Tim May mentioned in an earlier post) and the one at University of Washington in Seattle. The Sunnyvale library is the more complete, with all patents (microfilm for older ones, paper for newer) and gazettes availble. UW only goes back to the mid-sixties or so, but I suspect this will cover all crypto patents. Eric asks: >Do they have electronic access at this library, or is it >paper only? I know they have a fax service for which they charge, >but is there downloadable text available? Both libraries mentioned above have CD-ROM facilities which you can browse onsite. To the best of my recollection, though, the CDs only include abstracts and licensing information, and not the full text of the patents. I'll likely be back in the Sunnyvale area sometime in the next couple of months, but in the meantime, someone might want to verify my recollections about the CD-ROM info. The CD-ROM reader at the Sunnyvale library seems to be heavily utilized, so you might want to call ahead and book some time on it. If you want to check out the UW library and you're not familiar with the area, stop at the UW Visitor's Centre first, or risk getting lost in a strange and bizarre environment. Canadians looking for patent info... don't bother, unless you're in the Ottawa/Hull area, are near a university that has the stuff on CD, or have sufficient connections to get the stuff through CTIS at a reasonable price. Our government (now headed by the flakiest female PC politician this side of Hilary Clinton ) seems to have granted exclusive rights to patent distribution to some bogus little microfiche company in Hull (MicroMedia) that wants some ungodly per-page charge for copying. -- Steve From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: David Heck Date: Wed, 16 Jun 93 09:54:21 PDT To: cypherpunks@toad.com Subject: unsubscribe Message-ID: <9306161654.AA16306@toad.com> MIME-Version: 1.0 Content-Type: text/plain Please remove me from the mailing list, I'm going to be gone for awhile, completely unplugged...ahhhhh...I'll catch up when I get back. Thanks, David From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stanton McCandlish Date: Wed, 16 Jun 93 12:31:21 PDT To: cypherpunks@toad.com Subject: Bidzos responds to "sellout" cry! Message-ID: <9306161931.AA06662@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain I expressed my displeasure over PKP/RSA's apparent support for Clipper/ Capstone/Key Escrow to RSA's head, Jim Bidzos. Here's his reply. Quoth Jim Bidzos, verily I saith unto thee: > From jim@RSA.COM Wed Jun 16 13:03:04 1993 > id ; Wed, 16 Jun 1993 13:03:01 -0600 > Date: Wed, 16 Jun 93 12:01:09 PDT > From: jim@RSA.COM (Jim Bidzos) > Message-Id: <9306161901.AA16476@RSA.COM> > To: anton@hydra.unm.edu > In-Reply-To: Stanton McCandlish's message of Sun, 13 Jun 1993 23:01:03 -0600 (MDT) <9306140501.AA13212@hydra.unm.edu> > Subject: hmph > > > RSA/PKP supporting Clipper? Where did you hear that? (It's untrue.) > For a year and a half, we have been claiming that DSS is covered by > patents we hold. NIST has finally stopped fighting, and asked for > licensing terms. We provided them. Hardly "support for Clipper." > > --Jim > > -- Stanton McCandlish * Space Migration * Networking * ChaOrder * NO GOV'T. * anton@hydra.unm.edu * Intelligence Increase * Nano * Crypto * NO RELIGION * FidoNet: 1:301/2 * Life Extension * Ethics * VR * Now! * NO MORE LIES! * Noise in the Void BBS * +1-505-246-8515 (24hr, 1200-14400, v32bis, N-8-1) * From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: M..Stirner@f28.n125.z1.FIDONET.ORG (M. Stirner) Date: Wed, 16 Jun 93 17:54:05 PDT To: cypherpunks@toad.com Subject: Re: yaa (yet another arti Message-ID: <455.2C1F9199@shelter.FIDONET.ORG> MIME-Version: 1.0 Content-Type: text/plain > Another wiretap enabled authorities to thwart Chicago's "El Rukns > street gang" from a Libyan government-sponsored attempt to shoot > down a U.S. commercial airliner with a military weapons system. Uu> They find these all the time through other mechanisms. This episode was hilarious. An imprisoned El Rukun was conducting gang business via jailhouse payphone. One chuckly FBI agent was "decoding" the simple slang-code by which the goons communicated. After _three months_ he figured out enough of the code to bring an indictment. Some of the more amusing of these sophisticated subterfuges: Peanut = Jimmy Carter Hollywood = Ronald Reagan Roman = Policeman Change = Kill Our Friend = Qadaffi Long Demonstration = Shotgun It's interesting to note the length of time required for this "plaintext" to be decoded in an urgent matter of national security. . ~ . M. ********************************************************************* * - PGP Key D30909 via servers * * > What country can preserve its liberties if its rulers are not <* * > warned from time to time that their people preserve the spirit <* * > of resistance? Let them take arms!" - Thomas Jefferson, 1787 <* ********************************************************************* ___ Blue Wave/QWK v2.12 -- M. Stirner - via FidoNet node 1:125/1 UUCP: ...!uunet!kumr!shelter!28!M..Stirner INTERNET: M..Stirner@f28.n125.z1.FIDONET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Wed, 16 Jun 93 10:47:01 PDT To: cypherpunks@toad.com Subject: Re: YAA (yet another article) In-Reply-To: <9306161618.AA00319@jazz.hal.com> Message-ID: <9306161746.AA02809@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain Jason Zions says: > >* A wiretap led to the arrest and conviction of a "sexually deviant > > serial murderer" who had operated in New Jersey and New Mexico. > > As an individual, who would he be talking to via Clipper? His victims? Not > bloody likely. High-tech protection doesn't fall under the MO of this kind > of killer. Look, lets get real here. Wiretaps ARE an effective mechanism for law enforcement -- no question about it. The issue is not the effectiveness of wiretaps. Its the overall effect on society. Torture, believe it or not, is a very effective way of police to get information. Our society bans it. Every mechanism that is useful is not acceptable. Stopping crypto to allow wiretaps forces every person in society to give up their privacy, which probably costs billions of dollars and thousands of lives, for the sake of only a small amount of money and lives saved. Outlawing strong privacy might stop some mafiosi -- but it will allow others to rake in billions via wirefraud and dozens of other mechanisms. It also likely won't stop the mafiosi and terrorists since they will get strong cryptosystems anyway for virtually no cost. What do they care that they are breaking the law? Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Wed, 16 Jun 93 10:51:50 PDT To: cypherpunks@toad.com Subject: Re: on the radio In-Reply-To: <93Jun15.193753pdt.13987-4@well.sf.ca.us> Message-ID: <9306161750.AA02825@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain Steven Levy says: > > > >Steven Levy was interviewed on FM91.7 (san francisco public radio, I > >forget the call letters) this morning. My patch cable isnt working for > >some reason, or I would have caught it in a ulaw file. > > >I don't know the name of the show, or if they will rebroadcast it, but > >if you're interested, you might try to track it down. > > I think the name of the show was TechAmerica, or something > like that, a show syndicated on public radio. Technation. > I did the interview > about a month ago, me in Amherst, a fairly sharp interviewer in > San Francisco. I believe that this is already on line via Internet Talk Radio. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phiber Optik Date: Wed, 16 Jun 93 11:10:40 PDT To: cypherpunks@toad.com Subject: WORD... Message-ID: <199306161811.AA20516@eff.org> MIME-Version: 1.0 Content-Type: text/plain I was just curious... I saw the WordPerfect crack files on soda, and I'm interesting in knowing if anyone knows where I can find a utility that can crack Microsoft WORD encryption. If you don't have an actual utility, but you know how they encrypt, that's fine too. Thanks. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marianne Mueller Date: Wed, 16 Jun 93 14:28:52 PDT To: cypherpunks@toad.com Subject: Draft Solaris Teleservices API doc, anon ftp Message-ID: <93Jun16.142816pdt.13877-2@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain FYI From: stoltz@denwa.Eng.Sun.COM (Ben Stoltz) Newsgroups: comp.dcom.isdn,sun.tstech,sun.audio,sun.sw.arch,sun.telco Subject: Draft Solaris Teleservices API document is available for anonymous ftp Date: 11 Jun 1993 18:10:29 GMT A PostScript version of the Solaris Teleservices 1.0 API Programming Guide is available for anonymous ftp from sunsite.unc.edu in the directory /pub/sun-info/white-papers/API_xtel.tar.Z If you have any comments or suggestions, please send email to xtel-api-comments@denwa.Eng.Sun.COM. Marketing inquiries should be directed to bob.mckee@Eng.Sun.COM (415)336-4840. The IAFA info follows: Document-Name: API_xtel Title: Solaris Teleservices 1.0 API Programming Guide Authors: Jonathan Chang UMTV18-217, Sun Microsystems, Inc., 2550 Garcia Ave. Mountain View, CA 94043-1100 Revision-Date: June 7, 1993 Category: Programming Guide Abstract: This manual is for C++ programmers who are developing Solaris Teleservices (XTEL) applications. A good understanding of the UNIX(tm) operating system and the C++ programming language are required. Example programs are provided that illustrate the concepts in the text. The manual explains how to use XTEL to write applications that: o Place or answer multiple calls o Hold, drop, conference and transfer calls o Provide access to data channels o Enable security and sharing of calls between processes. Format: PostScript Citation: Solaris Teleservices 1.0 API Programming Guide, Draft June 7 1993, SunSoft, Inc. Publication-Status: draft Keywords: Teleservices, Telephony, ISDN, POTS, voice, API, C++ Size: 90 pages From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: hibbert@memex.com (Chris Hibbert) Date: Wed, 16 Jun 93 15:36:31 PDT To: cypherpunks@toad.com Subject: FOIA Kit [long] Message-ID: <9306162148.AA24767@memexis.memex.com> MIME-Version: 1.0 Content-Type: text/plain A few weeks people were talking here about filing FOIA and Privacy Act requests to find out what info the gov't has on them. Here's a kit on how to file FOIA requsts. It's a relatively standard kit that the Fund for Open Information and Accountability has been making available for years. This version was posted to alt.privacy by Paul Ferguson. He had this advice in addition to what's in the kit: "FOIA requests submitted to either the FBI or CIA concerning an individual (including self) must be notarized to ensure identity." here 'tis: FOIA FILES KIT - INSTRUCTIONS USING THE FREEDOM OF INFORMATION ACT REVISED EDITION Fund for Open Information and Accountability, Inc. 339 Lafayette Street, New York, NY 10012 (212) 477-3188 INSTRUCTIONS The Freedom of Information Act entitles you to request any record maintained by a federal Executive branch agency. The agency must release the requested material unless it falls into one of nine exempt categories, such as "national security," "privacy," "confidential source" and the like, in which case the agency may but is not compelled to refuse to disclose the records. This kit contains all the material needed to make FOIA requests for records on an individual, an organization or on a particular subject matter or event. HOW TO MAKE A COMPLETE REQUEST Step 1: Select the appropriate sample letter. Fill in the blanks in the body of the letter. Read the directions printed to the right of each letter in conjunction with the following instructions: For organizational files: In the first blank space insert the full and formal name of the organization whose files you are requesting. In the second blank space insert any other names, acronyms or shortened forms by which the organization is or has ever been known or referred to by itself or others. If some of the organization's work is conducted by sub-groups such as clubs, committees, special programs or through coalitions known by other names, these should be listed. For individual files: Insert the person's full name in the first blank space and any variations in spelling, nicknames, stage names, marriage names, titles and the like in the second blank space. Unlike other requests, the signatures of an individual requesting her/his own file must be notarized. For subject matter or event files: In the first blank space state the formal title of the subject matter or event including relevant dates and locations. In the second blank space provide the names of individuals or group sponsors or participants and/or any other information that would assist the agency in locating the material you are requesting. Step 2: The completed sample letter may be removed, photocopies and mailed as is or retyped on your own stationary. Be sure to keep a copy of each letter. Step 3: Addressing the letters: Consult list of agency addresses. FBI: A complete request requires a minimum of two letters. Sen done letter to FBI Headquarters and separate letter to each FBI field office nearest the location of the individual, the organization or the subject matter/event. Consider the location of residences, schools, work and other activities. INS: Send a request letter to each district office nearest the location of the individual, the organization or the subject matter/event. Address each letter to the FOIA/PA office of the appropriate agency. Be sure to make clearly on the envelope: ATTENTION--FOIA REQUEST. FEE WAIVER You will notice that the sample letters include a request for fee waiver. Many agencies automatically waive fees if a request results in the release of only a small number of documents, e.g. 250 pages or less. Under the Act, you are entitled to a waiver of all search and copy fees associated with your request if the release of the information would primarily benefit the general public. However, in January 1983, the Justice Department issued a memo to all federal agencies listing five criteria which requesters must meet before they are deemed entitled to a fee waiver. Under these criteria, a requester must show that the material sought to be released is already the subject of "genuine public interest" and "meaningfully contributes to the public development or understanding of the subject"; and that she/he has the qualifications to understand and evaluate the materials and the ability to interpret and disseminate the information to th public and is not motivated by any "personal interest." Finally, if the requested information is already "in the public domain," such as in the agency's reading room, no fee waiver will be granted. You should always request a waiver of fees if you believe the information you are seeking will benefit the public. If your request for a waiver is denied, you should appeal that denial, citing the ways in which your request meets the standards set out above. MONITORING THE PROGRESS OF YOUR REQUEST Customarily, you will receive a letter from each agency within 10 days stating that your request has been received and is being processed. You may be asked to be patient and told that requests are handled cafeteria style. You have no alternative but to be somewhat patient. but there is no reason to be complacent and simply sit and wait. A good strategy is to telephone the FOIA office in each agency after about a month if nothing of substance has been received. Ask for a progress report. The name of the person you talk with and the gist of the conversation should be recorded. try to take notes during the conversation focusing especially on what is said by the agency official. Write down all the details you can recall after the call is completed. Continue to call every 4 to 6 weeks. Good record keeping helps avoid time-consuming and frustrating confusion. A looseleaf notebook with a section devoted to each request simplifies this task. Intervening correspondence to and from the agency can be inserted between the notes on phone calls so that all relevant material will be at hand for the various tasks: phone consultations, writing the newsletter, correspondence, articles, preparation for media appearances, congressional testimony or litigation, if that course is adopted. HOW TO MAKE SURE YOU GET EVERYTHING YOU ARE ENTITLED TO ... AND WHAT TO DO IF YOU DO NOT After each agency has searched and processed your request, you will receive a letter that announces the outcome, encloses the released documents, if any, and explains where to direct an appeal if any material has been withheld. There are four possible outcomes: 1. Request granted in full: This response indicates that the agency has released all records pertinent to your request, with no exclusions or withholdings. The documents may be enclosed or, if bulky, may be mailed under separate cover. This is a very rare outcome. Next Step: Check documents for completeness (see instructions below). 2. Requested granted in part and denied in part: This response indicates that the agency is releasing some material but has withheld some documents entirely or excised some passages from the documents released. The released documents may be enclosed or, if bulky, mailed under separate cover. Next step: Check documents released for completeness (see instructions below) and make an administrative appeal of denials or incompleteness (see instructions below). 3. Request denied in full: This response indicates that the agency is asserting that all material in its files pertaining to your request falls under one or the nine FOIA exemptions. These are categories of information that the agency may, at its discretion, refuse to release. Next step: Make an administrative appeal (see instructions below). Since FOIA exemptions are not mandatory, even a complete denial of your request can and should be appeals. 4. No records: This response will state that a search of the agency's files indicates that it has no records corresponding to those you requested. Next step: Check your original request to be sure you have not overlooked anything. If you receive documents from other agencies, review them for indications that there is material in the files of the agency claiming it has none. For example, look for correspondence, or references to correspondence, to or from that agency. If you determine that there are reasonable grounds, file an administrative appeal (see instructions below). HOW TO CHECK FOR COMPLETENESS Step 1: Before reading the documents, turn them over and number the back of each page sequentially. The packet may contain documents from the agency's headquarters as well as several field office files. Separate the documents into their respective office packets. Each of these offices will have assigned the investigation a separate file number. Try to find the numbering system. Usually the lower right hand corner of the first page carries a hand-written file and document number. For instance, an FBI document might be marked "100-7142-22". This would indicate that it is the 22nd document in the 7142nd file in the 100 classification. As you inspect the documents, make a list of these file numbers and which office they represent. In this way you will be able to determine which office created and which office received the document you have in your hand. Often there is a block stamp affixed with the name of the office from whose files this copy was retrieved. the "To/From" heading on a document may also give you corresponding file numbers and will help you puzzle out the origin of the document. When you have finally identified each document's file and serial number and separated the documents into their proper office batches, make a list of all the serial numbers in each batch to see if there any any missing numbers. If there are missing serial numbers and some documents have been withheld, try to determine if the missing numbers might reasonably correspond to the withheld documents. If not, the release may be incomplete and an administrative appeal should be made. Step 2: Read all the document released to you. Keep a list of all document referred to the text--letters, memos, teletypes, reports, etc. Each of these "referred to" documents should turn up in the packet released to you. If any are not in the packet, it is possible they may be among those document withheld; a direct inquiry should be made. In an administrative appeal, ask that each of these "referred to" documents be produced or that the agency state plainly that they are among those withheld. Of course, the totals of unproduced vs. withheld must be within reasons; that is, if the total number of unproduced documents you find referred to the text of the documents produced exceeds the total number of documents withheld, the agency cannot claim that all the referred to documents are accounted for by the withheld category. You will soon get the hand of making logical conclusions from discrepancies in the totals and missing document numbers. Another thing to look for when reading the released documents if the names of persons or agencies to whom the document has been disseminated. the lower left-hand corner is a common location for the typed list of agencies or offices to whom the document has been directed. In addition, there may be additional distribution recorded by hand, there or elsewhere on the cover page. There are published glossaries for some agencies that will help in deciphering these notations when they are not clear. Contact FOIA, Inc., if you need assistance in deciphering the text. Finally, any other file numbers that appear on the document should be noted, particularly in the subject of the file is of interest and is one you have not requested. You may want to make an additional request for some of these files. HOW TO MAKE AN ADMINISTRATIVE APPEAL Under the FOIA, a dissatisfied requester has the right of administrative appeal. the name and address of the proper appeal office will be given to you by each agency in its final response letter. This kit contains a sample appeal letter with suggesting for adapting it to various circumstances. However, you need not make such an elaborate appeal; in fact, you need not offer any reasons at all but rather simply write a letter to the appeals unit stating that "this letter constitutes an appeal of the agency's decision." Of course, if you have identified some real discrepancies, you will want to set them for fully, but even if you have not found any, you may simply ask that the release be reviewed. If you are still dissatisfied after the administrative appeal process, the FOIA gives you the right to bring a lawsuit in federal district court on an expedited basis. SAMPLE FBI REQUEST LETTER Date: To: FOIA/PA Unit Federal Bureau of Investigation This is a request under the Freedom of Information Act. I request a complete and thorough search of all filing systems and locations for all records maintained by your agency pertaining to and/or captioned: ______ _____________________________________________________ [describe records desired and/or insert full and _____________________________________________________ formal name] _____________________________________________________ _____________________________________________________ including, without limitations, files and documents captioned, or whose captions include _____________________________________________________ [insert changes in name, commonly used names, _____________________________________________________ acronyms, sub-groups, and the like] _____________________________________________________ _____________________________________________________ This request specifically includes "main" files and "see references," including, but not limited to numbered and lettered sub files, "DO NOT FILE" files, and control files. I also request a search of the ELSUR Index,a nd the COINTELPRO Index. I request that all records be produced with the administrative pages. I wish to be sent copies of "see reference" cards, abstracts, search slips, including search slips used to process this request, file covers, multiple copies of the same documents if they appear in a file, and tapes of any electronic surveillances. I wish to make it clear that I want all records in you office "identifiable with my request," even though reports on those records have been sent to Headquarters and even though there may be duplication between the two sets of files. I do not want just "interim" documents. I want all documents as they appear in the "main" files and "see references" of all units of your agency. If documents are denied in whole or in part, please specify which exemption(s) is(are) claimed for each passage or whole document denied. Please provide a complete itemized inventory and a detailed factual justification of total or partial denial of documents. Give the number of pages in each document and the total number of pages pertaining to this request. For "classified" material denied please include the following information: the classification (confidential, secret or top secret); identity of the classifier; date or event for automatic de-classification, classification review, or down-grading; if applicable, identity of official authorizing extension of automatic de-classification or review; and if applicable, the reason for extended classification. I request that excised material be "blacked out" rather than "whited out" or cut out and that the remaining non-exempt portions of documents will be released as provided under the Freedom of Information Act. Please send a memo (copy to me) to the appropriate units in your office to assure that no records related to this request are destroyed. Please advise of any destruction of records and include the date of and authority for such destruction. As I expect to appeal any denials, please specify the office and address to which an appeal should be directed. I believe my request qualifies for a waiver of fees since the release of the requested information would primarily benefit the general public and be "in the public interest." I can be reached at the phone listed below. Please call rather than write if there are any questions or if you need additional information from me. I expect a response to this request within ten (10) working days, as provided for in the Freedom of Information Act. Sincerely, name: _______________________________________________ address: ____________________________________________ ____________________________________________ telephone: __________________________________________ signature: __________________________________________ SAMPLE AGENCY REQUEST LETTER DATE: TO: FOIA/PA Unit This is a request under the Freedom of Information Act. I request a complete and thorough search of all filing systems and locations for all records maintained by your agency pertaining to and/or captioned ______________________________________________________ [describe records desired and/or insert full and ______________________________________________________ formal name] ______________________________________________________ ______________________________________________________ including, without limitation, files and documents captioned, or whose captions include: ______________________________________________________ [insert changes in name, commonly used names, ______________________________________________________ acronyms, sub-groups and the like] ______________________________________________________ ______________________________________________________ I also request all "see references" to these names, a search of the ELSUR Index or any similar technique for locating records of electronic surveillance. This request is also a request for any corresponding files in INS Headquarters or regional offices. Please place any "missing" files pertaining to this request on "special locate" and advise that you have done this. If documents are denied in part or whole, please specify which exemption(s) is(are) claimed for each passage or whole document denied. Please provide a complete itemized inventory and detailed factual justification of total or partial denial of documents. Specify the number of pates in each document and th total number of pages pertaining to this request. For classified material denied, please include the following information: the classification rating (confidential, secret, or top secret); identify the classifier; date or event for automatic de-classification, classification review or downgrading; if applicable, identify the official authorizing extension of automatic de-classification or review; and, if applicable, give the reason for extended classification. I request that excised material be "blacked out" rather than "whited out" or cut out. I expect, as provided by the Freedom of Information Act, that the remaining non-exempt portions of documents will be released. Please send a memo (copy to me) to the appropriate units in your office or agency to assure that no records related to this request are destroyed. Please advise of any destruction of records and include the date of and authority for such destruction. As I expect to appeal any denials, please specify the office and address to which an appeal should be directed. I believe my request qualifies for a waiver of fees since the release of the requested information would primarily benefit the general public and be "in the public interest." I can be reached at the phone listed below. Please call rather than write if there are any questions or if you need additional information from me. I expect a response to this request within ten (10) working days, as provided for in the Freedom of Information Act. Sincerely, name: _______________________________________________ address: ____________________________________________ ____________________________________________ telephone: (___)_______________________________________ signature: __________________________________________ SAMPLE ADMINISTRATIVE APPEAL LETTER Date: To: FOIA/PA Appeals Office RE: Request number [Add this if the agency has given your request a number] This is an appeal pursuant to subsection (a)(6) of the Freedom of Information Act as amended (5U.S.C. 552). On [date], I received a letter from [name of official] of your agency denying my request for [describe briefly the information you are after]. This reply indicated that an appeal letter could be sent to you. I am enclosing a copy of my exchange of correspondence with your agency so that you can see exactly what files I have requested and the insubstantial grounds on which my request has been denied. [Optional paragraph, to be used if the agency has withheld all or nearly all the material which has been requested]: You will note that your agency has withheld the entire (or nearly the entire) document (or file, or report, or whatever) that I requested. Since the FOIA provides that "any reasonably secregable portion of a record shall be provided to any person requesting such record after deletion of the portions which are exempt," I believe that your agency has not complied with the FOIA. I believe that there must be (additional) secregable portions which do not fall within FOIA exemptions and which must be released. [Optional paragraph, to be used in the agency has used the (b)(1) exemption for national security, to withhold information] Your agency has used the (b)(1) exemption to withhold information [I question whether files relating to events that took place over twenty years ago could realistically harm the national security.] [Because I am familiar with my own activities during the period in question, and know that none of these activities in any way posed a significant threat to the national security, I question the designation of my files or portions of my file as classified and exempt from disclosure because of national security considerations.] [Sample optional argument to be used if the exemption which is claimed does not seem to make sense; you should cite as many specific instances as you care to of items withheld from the documents that you have received. We provide two examples which you might want to adapt to your own case.] "On the memo dated _____________ the second paragraph withheld under the (b)(1) exemption appears to be describing a conversation at an open meeting. If this is the case, it is impossible that the substance of this conversation could be properly classified." Or, "The memo dated _____ refers to a meeting which I attended, but a substantial portion is deleted because of the (b)(6) and (b)(7)(c) exemptions for unwarranted invasions of personal privacy. Since I already know who attended this meeting, no privacy interest is served by the withholding." I trust that upon examination of my request, you will conclude that the records I requested are not properly covered by exemption(s) [here repeat the exemptions which the agency's denial letter claimed applied to your request] of the amended FOIA, and that you will overrule the decision to withhold the information. [Use if an itemized inventory is not supplied originally] If you choose instead to continue to withhold some or all of the material which was denied in my initial request to your agency, I ask that you give me an index of such material, together with the justification for the denial of each item which is still withheld. As provided in the Act, I will expect to receive a reply to this administrative appeal letter within twenty working days. If you deny this appeal and do not adequately explain why the material withheld is properly exempt, I intend to initial a lawsuit to compel its disclosure. [You can say that you intend to sue, if that is your present inclination; you may still decide ultimately not to file suit.] Sincerely yours, name: ____________________________________________ address: ____________________________________________ ____________________________________________ signature: ___________________________________________ [Mark clearly on envelope: Attention: Freedom of Information Appeals] FBI ADDRESSES AND PHONE NUMBERS FBI Headquarters, J. Edgar Hoover Bldg, Washington, D.C., 20535, 202-324-5520 (FOI/PA Unit) Field Offices Albany, NY 12207, U.S. Post Office and Courthouse, 518-465-7551 Albuquerque, NM 87101, Federal Office Bldg., 505-247-1555 Alexandria, VA 22314, 300 N. Lee St., 703-683-2681 Anchorage, AK 99510, Federal bldg., 907-272-6414 Atlanta, GA 30303, 275 Peachtree St. NE, 404-521-3900 Baltimore, MD 21207, 7142 Ambassador Rd., 301-265-8080 Birmingham, AL 35203, Room 1400, 2121 Bldg. 205-252-7705 Boston, MA 02203, J.F. Kennedy Federal Office Bldg., 617-742-5533 Buffalo, NY 14202, 111 W. Huron St., 716-856-7800 Butte, MT 59701, U.S. Courthouse and Federal Bldg., 406-792-2304 Charlotte, NC 28202, Jefferson Standard Life Bldg., 704-372-5485 Chicago, IL 60604, Everett McKinley Dirksen Bldg., 312-431-1333 Cincinnati, OH 45202, 400 U.S. Post Office & Crthse Bldg., 513-421-4310 Cleveland, OH 44199, Federal Office Bldg., 216-522-1401 Columbia, SC 29201, 1529 Hampton St., 803-254-3011 Dallas TX 75201, 1810 Commerce St., 214-741-1851 Denver, CO 80202, Federal Office Bldg., 303-629-7171 Detroit, MI 48226, 477 Michigan Ave., 313-965-2323 El Paso, TX 79901, 202 U.S. Courthouse Bldg., 915-533-7451 Honolulu, HI 96850, 300 Ala Moana Blvd., 808-521-1411 Houston, TX 77002, 6015 Fed. Bldg and U.S.Courthouse, 713-224-1511 Indianapolis, IN 46202, 575 N. Pennsylvania St., 317-639-3301 Jackson, MS 39205, Unifirst Federal and Loan Bldg., 601-948-5000 Jacksonville, FL 32211, 7820 Arlington Expressway, 904-721-1211 Kansas City, MO 64106, 300 U.S. Courthouse Bldg., 816-221-6100 Knoxville, TN 37919, 1111 Northshore Dr., 615-588-8571 Las Vegas, NV 89101, Federal Office Bldg., 702-385-1281 Little Rock, AR 72201, 215 U.S Post Office Bldg., 501-372-7211 Los Angeles, CA 90024, 11000 Wilshire Blvd, 213-272-6161 Louisville, KY 40202, Federal Bldg., 502-583-3941 Memphis, TN 38103, Clifford Davis Federal bldg., 901-525-7373 Miami, FL 33137, 3801 Biscayne Blvd., 305-573-3333 Milwaukee, WI 53202, Federal Bldg and U.S. Courthouse, 414-276-4681 Minneapolis, MN 55401, 392 Federal Bldg., 612-339-7846 Mobile, AL 36602, Federal Bldg., 205-438-3675 Newark, NJ 07101, Gateway I, Market St., 201-622-5613 New Haven, CT 06510, 170 Orange St., 203-777-6311 New Orleans, LA 70113, 701 Loyola Ave., 504-522-4671 New York, NY 10007, 26 Federal Plaza, 212-553-2700 Norfolk, VA, 23502, 870 N. Military Hwy., 804-461-2121 Oklahoma City, OK 73118, 50 Penn Pl. NW, 405-842-7471 Omaha, NB 68102, 215 N. 17th St., 402-348-1210 Philadelphia, PA 19106, Federal Office Bldg., 215-629-0800 Phoenix, AZ 85004, 2721 N. central Ave., 602-279-5511 Pittsburgh, PA 15222, Federal Office Bldg., 412-471-2000 Portland, OR 97201, Crown Plaza Bldg., 503-224-4181 Richmond, VA 23220, 200 W. Grace St., 804-644-2531 Sacramento, CA 95825, Federal Bldg., 916-481-9110 St. Louis, MO 63103, 2704 Federal Bldg., 314-241-5357 Salt Lake City, UT 84138, Federal Bldg., 801-355-7521 San Diego, CA 92188, Federal Office Bldg., 619-231-1122 San Francisco, CA 94102, 450 Golden Gate Ave., 415-552-2155 San Juan, PR 00918 U.S. Courthouse and Fed. Bldg., 809-754-6000 Savannah, GA 31405, 5401 Paulson St., 912-354-9911 Seattle, WA 98174, 915 2nd Ave., 206-622-0460 Springfield, IL 62702, 535 W. Jefferson St., 217-522-9675 Tampa, FL 33602, Federal Office Bldg., 813-228-7661 Washington, DC 20535, 9th and Pennsylvania Ave. NW, 202-324-3000 FEDERAL AGENCIES (SELECTED ADDRESSES) Central Intelligence Agency: Mr. John H. Wright Information and Privacy Coordinator Central Intelligence Agency Washington, DC 20505 Federal Bureau of Investigation: Federal Bureau of INVESTIGATION J. Edgar Hoover Building 9th and Pennsylvania Avenue, N.W., Washington, DC 20535 ATTN: FOIA/PA Section National Security Agency: Director, NSA/CSS 9800 Savage Road Fort George G. Meade, Maryland 20755-6000 ATTN: FOIA/N5 For those who live in The Commonwealth of Virginia, this is the address of the Richmond field office: Federal Bureau of Investigation 111 Greencourt Road Richmond, Virginia 23228 ATTN: FOIA/PA Section Civil Service Commission Appropriate Bureau (Bureau of Personnel Investigation, Bureau of Personnel Information Systems, etc.) Civil Service Commission 1900 E Street, N.W. Washington, D.C. 20415 202-632-4431 Commission on Civil Rights General Counsel, U.S. Commission on Civil Rights 1121 Vermont Ave., N.W. Room 600 Washington, D.C. 20415 202-254-6610 Consumer Product Safety Commission Office of the Secretary Consumer Product Safety Commission 1111 18th St., N.W. Washington, D.C. 20207 202-624-7700 Department of Defense/Dept. of Air Force Freedom of Information Manager Headquarters, USAF/DADF Washington, D.C. 20330-5025 202-697-3467 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@rosebud.ee.uh.edu Date: Wed, 16 Jun 93 12:56:32 PDT To: cypherpunks@toad.com Subject: Digital Cash Message-ID: <9306161956.AA22233@toad.com> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Responding to Mike Diehl's comments about digital cash: It is not really the right question to ask what digital cash "is". It is better to ask how it might work, what it could be. Digital cash is basically just a cryptographic technology that provides tokens, messages, bit patterns, etc. which are (A) unforgeable, (B) verifiable (by the institution that issues them, at least), and (C) untraceable. What you do with this technology is then limited only by your imagination. Eric Hughes has pointed out that you can use it for things having nothing to do with cash. Use it to represent fuel in a space game and this way people can transfer fuel but can't create more. Use it for anything for which you want the quantity to be conserved. If we want to use it as a substitute for cash, though, Mike asks what gives it value. There are many possible answers. One is, as Duncan suggested, to allow digital cash to be exchanged for regular cash. But this is not the only possibility. Eric pointed out that it could be used as a "play money" in a game, such as a Multi User Dungeon (MUD), allowing cash to be transfered between games. Another possibility would be for a company to issue "digital coupons" good for discounts off of its software products when you order them by email. This would give the coupons value and they could be used as the cash in a barter network, perhaps. Conceivable, a government might issue digital cash in parallel with its paper cash. It would then give it backing in the same way that the paper cash is backed; among other things, you can pay your taxes in digital cash. This is probably not too likely among the big countries but there are many countries in the world. In some areas of rural England, "scrip" is used by barter networks to help stimulate the local economies. A twenty-first century equivalent could use digital cash. Mike also asks what would prevent the digital cash "bank" from just absconding with the money, assuming that the digital cash was backed by regular cash. The answer is presumably the same things that stop a regular bank from doing this. If the cash is legal in the country of issue, laws will allow prosecution of bankers who steal. In the more anarchic world of international finance, people already face the problem of safeguarding their overseas investments. I know of a non-profit organization that lost several hundred thousand dollars in an overseas investment a few years ago (money it could hardly afford to lose) due to fraud. There are no certainties, but you can take some care. Invest only a small amount at first, then gradually increase your investment as you gain confidence. Choose a bank which has been in business for many years. Look at the reputations of the people behind the bank - have they had previous positions of responsibility and trust? These are all the kinds of things which you should do anyway, and they should work just as well for a digital cash bank as for any other case where you have to trust someone with your money. Mike asks what the benefits and purpose would be for digital cash. I see the main benefit as allowing electronic transactions with greater protection for consumer privacy. Presently when you make an electronic transaction (purchasing something from a catalog over the telephone, for example, or buying gas with your ATM card), you as the consumer have to trust a lot of people. The catalog company gets your credit card number, and you have to trust that none of the people who see it will use it illicitly, or sell the number to criminals. The credit card company itself gets a full record of the transaction, and you have to trust that they will treat this information as confidential, not sell your name to a mailing list of people who like to purchase certain kinds of items, and safeguard it so that computer criminals and snoopy investigators can't violate your privacy. Similarly, with the ATM transaction, you are trusting the bank, the point-of-sale vendor, and many other people to keep your Personal Identification Number (PIN) secret, and also to safeguard the records of your transaction. With digital cash and a smartcard, you should be able to engage in these kinds of transactions with no organization or institution able to violate your privacy or steal your money. You can protect yourself, rather than having to trust others. This puts more power into the hands of the consumer. Granted, in today's political climate, empowering individuals is perhaps not as persuasive an argument as we might wish. But I am optimistic that as people begin to learn that there is an alternative to trusting VISA (through such means as Chaum's article in Scientific American, for example) and as the inevitable horror stories continue to spread about ATM fraud, credit card fraud, and invaded privacy, political support for this proposal will grow. I do think that in an increasingly networked world people are going to be more jealous about guarding the privacy they have left. In this sense, digital cash may be the wave of the future. Hal Finney 74076.1041@compuserve.com -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLB8c1qgTA69YIUw3AQHdJwP9EUJ+KqQzg4/1i46ojlSqKyZtyCL0CELB kvol3Ipupae5d1NKg87sZHwNZMo/7FQQxQ2B89qNUPaJlx4Au3HdTjsSj85JwvQ7 aC7pGttnG9fdE957FAoXvwR1szDs3D6NDYttBqp6IUsmfdNaId31NiR2QEgj1Rj/ nAYPWrgbGCE= =+9VM -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Wed, 16 Jun 93 13:07:51 PDT To: Stanton McCandlish Subject: Re: Bidzos responds to "sellout" cry! In-Reply-To: <9306161931.AA06662@hydra.unm.edu> Message-ID: <9306162007.AA02747@dun-dun-noodles.aktis.com> MIME-Version: 1.0 Content-Type: text/plain > RSA/PKP supporting Clipper? Where did you hear that? (It's untrue.) Quote this paragraph: PKP will also grant a license to practice key management, at no additional fee, for the integrated circuits which will implement both the DSA and the anticipated Federal Information Processing Standard for the "key escrow" system announced by President Clinton on April 16, 1993. I'm not going to respond directly to him, since I don't know if you want him to know you reforwarded his mail. However, I would make the argument that if RSA really didn't want the clipper chip, they would license it to NIST in such a way that "all implementations based on our patents will be made available in software source form for non-commercial use". I'm sure legal language can be constructed which would prohibit hardware-only implementations. I couldn't write it though. Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Chris Hibbert Date: Wed, 16 Jun 93 17:36:14 PDT To: djw@eff.org (Daniel J. Weitzner) Subject: Re: Census and privacy In-Reply-To: <9305142234.AA20885@toad.com> Message-ID: <9306170012.AA24905@entropy.memex.com> MIME-Version: 1.0 Content-Type: text/plain In the list of questions that the Digital Privacy and Security Working Group sent to the white house was this one: >> 38. How will the government ensure that unanticipated uses of >> the escrow database are prevented in the long term? (E.g., the >> Census database was supposed to stay confidential for 75 years, but >> was released during World War Two to allow Japanese-Americans to be >> imprisoned without cause. What protections are in place to make >> sure that this never happens again? I believe this account of the use of the census is incorrect. I don't have documentation, but the version I know doesn't require anyone to break any laws, and is just as invasive of privacy. Given that, I think it's a stronger argument against the census, but possibly a weaker example for clipper. As I've heard it, the Selective Service got lists from the Census of how many people of Japanese descent lived in each census tract. This information is publicly available, and doesn't require anyone breaking any laws or promises to the public. The Census makes summaries of all the information they collect available, usually at the level of census tracts. Armed with such a list, the SS could go door to door in any neighborhood in which they hadn't yet found enough Japanese-Americans. I don't believe that people should respond to the census, given that the information can be abused in this way, according to the strictest interpretation of the assurances given to the public. The only valid purpose of the census is to count citizens and apportion congressional districts. Any other purpose makes it less likely that the original purpose will be served well. Chris From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Tom Knight Date: Wed, 16 Jun 93 15:00:07 PDT To: cypherpunks@toad.com Subject: Re: fast des In-Reply-To: <9306161515.AA12958@toad.com> Message-ID: <19930616211451.5.TK@ROCKY.AI.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain Date: Wed, 16 Jun 1993 11:09 EDT From: smb@research.att.com .... 2.4 gbps is 37.5 million des per sec. .... arithmetic right, this could exhaustively test the space of 56 bit keys in about eight hours. I don't know of any 2.4 gbps DES chips, but DEC has built a 1 gbps chip. .... Key-loading is a different operation, and that might not go nearly as fast. Any hardware assists (i.e., DMA) would be for the data, not for the next key to use on the same block of data. Usually the limiting factor is examining the decrypted data for statistically significant patterns indicating that you have the correct key. The fast DES chips don't help with this at all. A known plaintext attack, of course, doesn't have this problem, but these are probably of limited interest in real applications. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: whitfield.diffie@Eng.Sun.COM Date: Wed, 16 Jun 93 19:28:04 PDT To: cypherpunks@toad.com Subject: Second epistle of Whit apostle to Congress Message-ID: <9306170230.AA03298@ushabti.Eng.Sun.COM> MIME-Version: 1.0 Content-Type: text/plain Here is what I told Markey's telecommunications committee last Wednesday about the business impact of key escrot. What follows has been corrected for a major error for which I apologize to CPSR. I had carelessly cited EFF as the extractor of some documents under FOIA. It also makes some minor corrections; the changes are shown at the end. Whit TESTIMONY BEFORE THE HOUSE SUBCOMMITTEE ON TELECOMMUNICATIONS AND FINANCE 9 June 1993 The Impact of Regulating Cryptography on the Computer and Communications Industries Whitfield Diffie Distinguished Engineer Sun Microsystems, Inc. I'd like to begin by expressing my thanks to Chairman Markey, the other members of the committee, and the committee staff for giving us the opportunity to appear before the committee and express our views. We stand at a moment in history when an amazing coincidence of developments in technology and world politics is showing us opportunities in both business and personal life that no one could have anticipated. These developments rest on two closely related cornerstones: communication and internationalism. Business today is characterized by an unprecedented freedom and volume of travel by both people and goods. It is an era of rapid inexpensive transportation coupled with declining trade barriers. All this movement is made possible, however, by the reality of instant telecommunication between places thousands of miles apart, conveying voices, images, and data wherever they are needed. Ease of communication, both physical and electronic, has ushered in an era of international markets and multinational corporations. No country is large enough that its industries can concentrate on the domestic market to the exclusion of all others. When foreign sales rival or exceed domestic ones, the structure of the corporation follows suit with new divisions placed in proximity to markets, materials, or labor. The result is a world in which much of the population enjoys a standard of material wealth and freedom of action previously unknown. It is also a world in which no company, community, or country can afford not to compete in the global market. Security of communication and computing is essential to this telecommunication driven environment. The communication system must ensure that orders for goods and services are genuine, guarantee that payments are credited to the proper accounts, and protect the privacy of business plans and personal information. In the past, these diverse assurances have been provided by an ad hoc patchwork that has evolved slowly over the century and a half since the invention of the telegraph, but two factors are now making that patchwork obsolete. The first is the rise in importance of intellectual property. Much of what is now bought and sold is information that varies from computer programs to surveys of customer buying habits. Information security has become an end in itself rather than just a means for insuring the security of people and property. The second is the universal demand for mobility in communications. Traveling corporate computer users sit down at workstations they have never seen before and expect the same environment that is on the desks in their offices. They carry cellular telephones and communicate constantly by radio. They haul out portable PCs and dial their home computers from locations around the globe. With each such action they expose their information to threats of eavesdropping and falsification barely known a decade ago. It is the lack of security for these increasingly common activities that we encounter when we hear that most cellular telephone calls in major metropolitan areas are overheard or even recorded by eavesdroppers with scanners; that a new computer virus is destroying data on the disks of PCs; or that industrial spies have broken into a database half a world away. In this troubling scenario, however, there is a large ray of hope. Most of the technology to provide the needed protection is already available in the form of contemporary cryptography and its allied disciplines. Some of it has existed for nearly fifty years; some dates from the last five. It isn't in widespread use, but it does exist. Why then are proper security measures not incorporated in every cell phone, laptop, and workstation? Part of the answer is economic. Collecting intelligence by spying on information is so hard to detect that most users are unaware that they are suffering from it and unwilling to pay to protect themselves. Another lies in a unique problem of implementing security standards: security mechanisms are designed to block access to everyone who does not conform exactly to their demands. This makes them very unforgiving of that flexibility at the margins that makes much of standardization possible. Compounding these internal difficulties is one that is entirely external: a regulatory structure that goes back to the cold war and does not recognize the realities of the present situation. In the United States, export control has been the major barrier. Companies are deterred from building proper security mechanisms into their products because to do so will limit their exports and subject them to tedious administrative procedures required to comply with the law. The alternatives are to support two versions of each product, one for domestic use and one for export or to dilute the security measures in all products to a level whose export the government permits. At Sun Microsystems, approximately half our customers are outside the United States. Were we to build a workstation and an operating system embodying the best security we know how to provide and the security that we believe is needed, we would not be permitted to export them. This would present us with insuperable problems in maintaining distinct but somehow compatible domestic and foreign product lines. Not least of the consequences is that we are unable to provide security features that elements of the U.S. Government would like in the systems they buy, because that market does not come close to making up for the one we would have to forgo. I believe we are typical of computer companies in these respects. Digital Equipment after having made some outstanding contributions to network security, appears to have abandoned its lead in the field. Export issues were cited when it discontinued development of an operating system designed to achieve an National Computer Security Center A1 rating some five years back and I suspect they may have played a role in its larger retreat from security as well. We have also suffered from the government's failure to take the lead in championing security standards, both domestic and international. The first proposed federal standard in the area of public key cryptography has appeared only after such techniques had been employed for more than a decade and does not conform to the conventional practice that has evolved both in the U.S. and abroad. Some have even suggested that the government has actively worked to block standardization citing the United States failure to vote for its own national cryptographic standard (DES) in the International Standards Organization and material on the working relationship between NIST and NSA recently released to the Computer Professionals for Social Responsibility under the Freedom of Information Act. Now we are faced with the greatest challenge to our ability to secure the personal and business communications of the modern world that we have yet encountered. The administration proposes to adopt as a federal standard a system that is not only secret, but incorporates provisions for the government secretly to decode any person's communications when it deems this necessary for law enforcement or national security purposes. The effect is very much like that of the little keyhole in the back of the combination locks used on the lockers of school children. The children open the locks with the combinations, which is supposed to keep the other children out, but the teachers can always look in the lockers by using the key. The stated objective is to require the use of equipment based on these new `key escrow' chips for certain communications within the government and between the government and business. If they are successful in their objective, the latter provision could force the inclusion of these chips in all devices used, for example, to communicate with the government about contracts or taxes. What would be the effect of such broad inclusion? We have been assured by NIST that the finished chips, once their key escrow provisions have been programmed, will be available without restriction for incorporation in any piece of domestic equipment, but it is hard to see how either the security or wiretap objectives could be achieved if this were the case. It appears more likely that key escrow chips will be available only to companies that agree to employ them in approved ways. Probably this will be done by using existing regulatory machinery (called the Type II Commercial COMSEC Endorsement Program) that requires the manufacturers to submit their designs to NSA for approval. Were this to happen, the nation's computer manufacturers would be trapped in a regulatory web more confining than any we have seen so far. If we at Sun were required by customers' needs to communicate with the government to put the key escrow chip on the mother board of our machine and by regulations to have the board design approved, the government would have effective control of our development cycle. One of the requirements that would likely be imposed in these circumstances would be that we not offer any other security mechanisms that could be used to defeat the escrow provisions. This would mean we could not even maintain compatibility with our existing product line. It seems especially unlikely that customer acceptance of a chip explicitly designed to provide only partial security could ever be achieved other than by the coercive force of regulations. Nor does it seem likely that a system to which the U.S. held the keys would ever be accepted by more than a handful of other countries. They do not need it to achieve security, because an understanding of cryptography is now global and developing rapidly. Faced with a choice between secret U.S. technology known to embody a compromise and foreign systems of published function that at least claim not to, customer response seems hardly in doubt. The result may give the government a devastating choice: accept the import of foreign technology, losing both market share and the new law enforcement capability or forbid the import of foreign cryptographic systems altogether. In the latter case, the U.S., currently a leader in computers and software, seems likely to become a backwater, cut off from one of the most profitable segments of the global economy. Another problem presented by the key escrow technology is cost. No matter how essential it may be, security is still difficult to sell and extremely price sensitive. To require that cryptography not merely be isolated in hardware (by and large a good security practice) but that that hardware be a tamper resistant chip entirely dedicated to one security function will push the prices of many products and features beyond the reach of their potential markets. Cryptography can perfectly safely be embodied in microcode, implemented in cells incorporated in multi-function chips, or programmed on dedicated, but standard, microcontrollers at a tiny fraction of the tens of dollars per chip that Clipper is predicted to cost. The effect of giving the government and one or a small number of companies a monopoly control over an essential technology is also troubling to contemplate. The present key escrow chips operate in the megabit range. Can companies depend on NSA to have hundred megabit or gigabit chips available just when they are needed or might U.S. companies miss critical market windows while they wait for delivery of parts over which they have no control? Will there come a time, as occurred with DES, when NSA wants the standard changed even though industry still finds it adequate for many applications? If that occurs will industry have any recourse but to do what it is told? And if this happens who will pay for the conversion? Last month, before another committee of Congress, I discussed at some length the impact that the key escrow proposal could have on personal freedom, concluding that if it is adopted, we will take a big step toward a world in which the right of private conversation belongs only to those rich enough to travel to face to face meetings. Rather than repeat those arguments, I have attached my earlier testimony as an appendix and focus here on a few essential points. It is clear that the costs of key escrow will be monumental whether measured in dollars spent for computers, squandered business opportunities, or lost liberties. Even if these costs are accepted, there remain two questions: can the law enforcement function be achieved, and is it even necessary? In a world in which cryptographic expertise is widespread and cryptography is readily implemented on small processors, rules seem no more likely to keep security out of the hands of criminals than export controls guarantee it will not be available to hostile nations. This, however, may not matter. Despite the concern of law enforcement that advancing technology will reduce the effectiveness of wiretaps, that technology has been at least as much a blessing to the police as a curse. Even ignoring the contribution of police communication systems and databases, modern telephone switches make wiretaps more effective by supplying caller ID in real time under many circumstances. In a world in which conspiracies were conducted via conference calls on secure phones, criminals could never be sure that one of the participants was not an informer recording everything in high fidelity without the risk of being caught wearing a body wire. Corrections to First Version Given to Congress line 89 unaware of that ==> unaware that line 137 Electronic Frontiers Foundation ==> Computer Professionals for Social Responsibility line 181 design cycle ==> development cycle line 213 implemented in dedicated ==> programmed on dedicated From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Philip Zimmermann Date: Wed, 16 Jun 93 18:06:18 PDT To: cypherpunks@toad.com (Cypherpunks) Subject: Need consulting work Message-ID: <9306170107.AA05669@columbine.cgd.ucar.EDU> MIME-Version: 1.0 Content-Type: text/plain Hello Cypherpunks. I'm looking for some more consulting work in data security. Anyone have any leads? You can respond by email or phone. Thanks. -Philip Zimmermann 303 541-0140 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Giuseppe Cimmino <0005533039@mcimail.com> Date: Wed, 16 Jun 93 13:13:36 PDT To: cypherpunks Subject: YAA (yet another article) Message-ID: <95930616191659/0005533039ND2EM@mcimail.com> MIME-Version: 1.0 Content-Type: text/plain PC Week - June 14, 1993 "Clipper security scheme criticized" By Kimberly Patch A proposed National Security Agency standard for voice and data encryption is not winning votes among U.S. executives concerned with security issues. Executives attending hearings held by the federal Computer Systems Security and Privacy Advisory Board earlier this month said the proposed Clipper chip encryption standard does not meet their technical or export needs. Under the Clipper guidelines, PCs would be outfitted with a board that contains the encryption chip, while the U.S. government would be privy to a pair of software "escrow keys" used to unlock the encryption. Although the Clipper chip uses an 80-bit encryption scheme, executives said it would be more expensive and slower than more popular software encryption schemes. Moreover, some expressed concern about its security since NSA is keeping the details of how it works secret. "Why would any law-abiding corporation buy equipment that has escrow keys that [allow] the government to [decrypt information] whenever they want without telling the corporation?" asked Ed Zeitler, a vice president at Fidelity Investments, a financial-services firm in Boston. An NSA spokeswoman in Fort Meade, MD., defended the scheme, claiming the keys would be protected and law-enforcement agencies would have to go through a formal legal process to decrypt messages. "People will only have access if they have a legal need for it," she said. Corporate users, however, objected. "[The government] wants [the Clipper standard] to be widely used so that law-enforcement people can listen in on things that are used by criminals," said Steven Walker, president of Trusted Information Systems, Inc., a Boston software company. "The criminals will find some other way to do it, which is the irony of this. It's not going to accomplish what [that government] wants, no matter what." One problem with today's encryption business is that U.S. firms are restrained from exporting software that offers powerful encryption capabilities, the executives said. Currently, U.S. firms can only export products that use a 40-bit key, which would take a fast computer about two and a half weeks to crack, said Zeitler. By contrast, the Data Encryption Standard -- a 56-bit key scheme not approved for export -- would take the same computer 2,200 years to crack, while the proposed Clipper chip, an 80-bit scheme, would take even longer. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com Date: Wed, 16 Jun 93 20:29:16 PDT To: cypherpunks@toad.com Subject: Re: Digital Cash$$$$ Message-ID: <9306170234.AA14426@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text J. Michael Diehl asks: > 1. How does one start a digital cash economy? How is the initial distribution > of currency done? This is, of course, assuming the technical stuff is taken > care of. Issuing digital cash is easy - the problem is getting someone to take it :-) Other than anonymity, the problems of starting a digicash exchange economy are pretty similar to those of starting any other private money system - governments avoid the problem by pointing guns at people (i.e. issuing fiat currency and making legal tender laws), and commodity money systems mostly avoid it by using a commodity people care about as a standard (gold, silver, cordwood, tobacco, etc. - doesn't have to be fixed value), but everybody else has to solve it somehow. (The other main issue, which someone brought up, is whether there are applicable laws like banking law or taxable transaction reporting laws that may require you to get permits or let regulators regulate you or whatever, which vary from country to country, and also depend on how you define and manage your digicash accounts.) My current involvement in token-based currencies, aside from government fiat, includes NJ parkway toll tokens, which went up in value when the toll went up, Washington DC Metro tickets, which aren't redeemable for anything, and Joe's Coffee Money at work. Joe prints it on the Macintosh, there's a box of them on the counter, you leave a dollar when you take more, the coffee's ok, profits pay for new hardware and occasional free days, and unlike the bozos who run New Jersey's highways and Arts Center, Joe's a guy you can trust :-) One way to get people to accept your digicash is to use it for convenient anonymous payment for a service, like highway tolls or subway fares, or anonymous remailer payments. Essentially, you're getting a group of vendors together, selling digibucks for cash, and distributing the cash among the vendors according to the digibucks they've received. It's not much different from other systems using tokens. As long as the vendors agree to accept tokens at the current value for an extended period of time, you don't risk much. If you ran a barter club using tokens, you could do it with digicash; the problem then is how to agree on when tokens will be generated, and by whom. One solution that would be readily accepted is to only issue tokens in return for real cash or other valuable commodities. This means everybody knows that a digibuck is worth a buck, and has a reasonable expectation that the currency won't be inflated away. For commodities, some reasonable valuation needs to be done. (ObMovieReference - the poker game in "Benny and Joon" is marvelous :-) For payment for services, it's tougher - the demand side of your market depends on how much money is floating around as well as how many people want your services, and a market that's too small won't be able to generate much. On the other hand, unless there's some way for people to perform services that become part of the bank's assets and available to creditors, it shouldn't issue more digibucks to pay for them; that's inflating the currency merely for the bank's benefit. Another way to start a digicash system is as a credit card analogue, where the bank bills the customers later and only has enough cash backing to cover the float, but that's not much different from a cash-based system except that in a pay-first cash system, it's possible for the digibank to invest the cash in an external investment, with the usual issues of risk, liquidity, etc. that normal banks have, only the account balances exist as digibucks in people's digiwallets instead of ledger entries in the bank's computer. > 2. Is digital cash supposed to be backed by actual cash on deposit at the bank? Or by a promise of future services from vendors hired by the bank (presumably for real cash), if the customers find that acceptable, but that's essentially backed by the bank's negotiable assets, including cash. > 3. How would one "get out" of such an economy if he wanted to? The ideal way is by spending all your digicash, either for the Collect the system service / product if it's a vendor-based system, or for services or products sold by other members. It's somewhat of a system failure to redeem your digicash for paper cash, unless the system is basically intended as a payment system, in which case it's fine. Or abandon your investment, or sue. > 4. If DC is to be backed by actual cash, is this really such a good idea? I once knew someone who had invested in a bank-like system that denominated its accounts in gold rather than fiat currency, and paid its depositors in gold on demand. It also paid interest, which should have been a clue.... It eventually collapsed, and turned out to be a semi-scam; it had invested most of its money in high-yield, high-risk stocks (South African gold mines,mainly, which were actually doing quite well in 1980), and when it folded he had to file SEC complaints and sue them in Federal court to get them to distribute the stocks to their creditors instead of distributing stock in a worthless subsidiary company that it had formed to take over the assets. He was successful, so he lost a lot less than he could have, but being a hard-money paranoid isn't all it's cracked up to be :-( Bill From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mbriceno@ideath.goldenbear.com (Marc Briceno) Date: Wed, 16 Jun 93 23:22:08 PDT To: cypherpunks@toad.com Subject: Need hard Clipper data Message-ID: MIME-Version: 1.0 Content-Type: text/plain I am representing the anti-clipper side in an ongoing debate in the "Wired " conference on OneNet. The governmental lemmings question the existence of the "Law Enforcement Exploitation Field" and want citations. Would the person who posted the hard facts about Clipper please send me all the info? Thanks in advance, -Marc Briceno PGP public key From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: CWHITCOM@bentley.edu Date: Thu, 17 Jun 93 10:13:18 PDT To: cpsr-members@eff.org (cpsr-members mailing list) Subject: help on hacking Message-ID: <01GZGPCWLN32000911@bentley.edu> MIME-Version: 1.0 Content-Type: text/plain This is a followup to a request I sent around last week. I have a bit more information now. The request is from a major news organization that is working on a project concerning privacy. They are interested in how one gains access to private and public databases, security measures, etc. If you are interested in helping out, please contact tye@nws.globe.com. Coralee By the way, don't forget the Computers and Social Change Conference this Friday and Saturday at Roxbury Community College. There is a wide variety of workshops offered as well as lunch. For more information call Marlene Archer at 617-252-0600. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: M..Stirner@f28.n125.z1.FIDONET.ORG (M. Stirner) Date: Thu, 17 Jun 93 09:06:27 PDT To: cypherpunks@toad.com Subject: Re: yaa (yet another arti Message-ID: <475.2C208FF7@shelter.FIDONET.ORG> MIME-Version: 1.0 Content-Type: text/plain Uu> --Dave (trying to give some extra business to the anonymous Uu> remailers). I'd love to, but there hasn't been any sort of an updated description of the address syntax posted here since I got back on this list. I'd be thrilled if someone could post a current how-to for the remailers, or at least send it to me at the following address: ********************************************************************* * - PGP Key D30909 via servers * * > What country can preserve its liberties if its rulers are not <* * > warned from time to time that their people preserve the spirit <* * > of resistance? Let them take arms!" - Thomas Jefferson, 1787 <* ********************************************************************* ___ Blue Wave/QWK v2.12 -- M. Stirner - via FidoNet node 1:125/1 UUCP: ...!uunet!kumr!shelter!28!M..Stirner INTERNET: M..Stirner@f28.n125.z1.FIDONET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Wed, 16 Jun 93 23:31:08 PDT To: cypherpunks@toad.com Subject: Weak stenography. Message-ID: <9306170631.AA19575@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain Recent discussion reguarding court-requested plaintext has made if obvious that data conceilment techniques need to be developed before real privacy can be obtained. For the sake of discussion, lets define "weak stenography" as any data-hiding techinique which will fool all but the "informed and skilled" intruder. For example, hiding encrypted data in "hidden" files in msdog would qualify as (very) weak stenography. By "informed," I mean that the intruder has reason to think that you are hiding something. "Skilled" simply means that the intruder has the needed skills to find and verify anything you might be hiding. Now, lets say some LEA thought you had plotted to (your favorite crime here.) And that they also suspected that you had encrypted all of the needed evidence. Further, that you had hidden the data, but couldn't prove it. In order for them to get you to produce that plaintext, they would have to be able to prove that you actually had such data. The only way that I can think of for them to prove such a thing is to produce a piece of cyphertext, and prove that it is, indeed, cyphertext. Further, they would have to prove that it belongs to you. So, if the data is hidden, they have to find it before they can compel you to decrypt it. Now for a proposal: Lets say we have to binary files, one that is an executable, and the other some type of (pgp?) encrypted file. We take these two files and put the cyphertext on the end of the executable, and encode the length of the the cyphertext at the end of the resulting file. Now, lets say that we had xor'ed the cyphertext with some string before we did the concatenation. The file-size-change would be a sure tip-off, if the LEA had another copy of the executable to compare with, so assume they don't. Looking at the file with a binary editor would reveal nothing. Since the cyphertext was transformed, running the decrypter program on the file would be fruitless. Disassembling the executable might, to the real skilled, reveal something, so we can assume this is what happens. After this much work, the LEA has some kind of binary file which they now have to tie to you and prove that it contains some kind of message. BTW, you can always claim to have downloaded it from somewhere.... Now they need to figure out how you transformed your cyphertext, if they even think of that. Lets say they figure out how you did it. Now they have to find what string you used in the xor process. Give that such a string might be about 6 ascii characters, they have to look at 64^6 different strings; each time through, they have to run the decryption program to see if it recognizes the cyphertext. If they can do one such examination per second, this process will take 2.2 years! And when their done, they still have to prove you put the message there in the first place. Bummer. ;^) Is there something wrong with my reasoning? Does this sound plausable. Would it be as effective as I envision? Comments are welcome. If the response is favorable, I will try to get it coded in (portable?) C and release it. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Wed, 16 Jun 93 23:54:47 PDT To: tcmay@netcom.com (Timothy C. May) Subject: Re: Weak stenography. In-Reply-To: <9306170647.AA09320@netcom3.netcom.com> Message-ID: <9306170654.AA19944@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain According to Timothy C. May: > > (very) weak stenography. By "informed," I mean that the intruder has reason > > I dislike spelling flames, but you consistently misspelled > "steganography" as "stenography," which is what a secretary does. > > Thought you might want to watch out for this in future postings. You may dislike them, but I sure appreciate it. Thanx. I can do a lot of things; spelling isn't one of them. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: hkhenson@cup.portal.com Date: Thu, 24 Jun 93 00:05:33 PDT To: cypherpunks@toad.com Subject: Re: Timothy C. May:superhacker Message-ID: <9306170149.1.15731@cup.portal.com> MIME-Version: 1.0 Content-Type: text/plain A lot of people are afraid to ask if the goverment keeps files on them-- because they would be disapointed to find out that they have never done anything to warrant the government opening a file on them. I have never asked the feds, but I had an interesting experience with what a reporter had been given suposedly from a local police file. During a time I was starting a business (and had no time for such nonsense even if I had been so inclined) they had me pegged as the leader of a local group of eco terriorist who were buring down houses to contain "urban sprawl." I felt the file (I did not get a copy) was real, because I could remember a few things from several years previous I had done while under survailance, but, gad, I didn't even *know* any of the bozos who were eventually caught. At least in that case, the quality of the data in my file was complete nonsense. Keith From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "George A. Gleason" Date: Thu, 17 Jun 93 03:21:59 PDT To: jazz@hal.com Subject: Re: YAA (yet another article) Message-ID: <93Jun17.032128pdt.13971-1@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Re your "I like this ("Oh My God" proposal for tap authorisations): THis gives us a possibly interesting place to start from. Sponsor and lobby for (etc) new legislation which would update the existing wiretap laws to include the Oh My God! standard. The point being to put that standard in place & let it run in test mode for a while to see how it works. If it works out well in practice, and isnt subject to "venue abuse" (judge shopping), then it could be extended to key escrow systems. However, I still have a strong preference that even an "improved" key escrow system be implemented via the free market and make provision for free choice in cyphers. -gg From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mlshew@dixie.com (Mark Shewmaker) Date: Thu, 17 Jun 93 05:37:13 PDT To: mlshew@dixie.com Subject: Rude CryptoStacker Suggestion (LONG) Message-ID: MIME-Version: 1.0 Content-Type: text/plain Earlier I talked about some amiga programs I had that did compression and encryption. I've uploaded some to soda. As I've said, most of them are amiga-specific, but of course the encryption-only bits of code can still be educational to other-machine users. If not, Eric can erase them, or not make them public, which is of course okay. It's his site and all that. I figured I'd go through these files here to explain a bit of what they are and do, if nothing else, with liberal amounts of plagiarism from the readme files. This should at least prevent people from downloading interesting sounding titles for nothing. First, the list of files. Although I don't know where they'll end up, The full list of things I uploaded are: ************************************************* * * rdes.lha 25K DES encryption program * idea.lha 31K File encryption tool using IDEA * Crypt.device-1.8.lha 23K Crypting handler * crypdisk.zoo 55K Sector oriented disk encryption * xpk25dev.lha 141K Compression package, developer's additions * xpk25usr.lha 215K Compression package, user's edition * XFH134.lha 135K (De-)compressing handler, uses Xpk. * xPack_1.5.lha 9K OS 2.x Shell Interface for XPK * ************************************************* Now for the individual descriptions: ************************************************* * * rdes.lha 25K Another DES encryption program * ************************************************* Any collection of encryption programs should of course include a version of DES, so I'll start off with one. The following is taken from the RDES man file. Note the -x option. *********** * * The usage for RDES is * * RDES [-e | -d] [-x] [-b] [-m mode] [-k key] [in_file [out_file]] * * where: * * -e => encrypt the file (default) * -d => decrypt the file * * -x => add n random bytes to the end of the file, where n is * a random integer between 0 and 7 inclusive (used in * encryption mode only). * * -b => use straight DES (default is to use cipher block chaining). * -m => set `mode' bits (see below for details). * -k => set key string * *********** ************************************************* * * idea.lha 31K File encryption tool using IDEA * ************************************************* This is another one that should be easily recompilable on multiple platforms--it's straight C, and it even includes the original unix code. It is small, does IDEA encryption/decryption, and that's all. Here's the top of idea.doc. If it looks interesting you'll probably just want to get it anyway. *********** * * NAME * idea - encrypt and decrypt using IDEA * * SYNOPSIS * idea [ -e | -d ] [ -ecb | -cbcN | -cfbN | -ofbN ] * ( -k keyString | -K keyHexString ) * [ inputFile [ ouputFile ] ] * * idea [ -h | -H ] [ -tan | -abr ] * [ -k keyString | -K keyHexString ] * [ inputFile [ [ ouputFile ] hashvalFile ] * *********** ************************************************* * * Crypt.device-1.8.lha 23K Crypting handler * ************************************************* This is a device driver that you can use to mount an encrypting virtual partition as a file in top of an existing AmigaDos device. It says it's based on fdev.device -- "filesystem in a file". You can edit the virtual partition parameters however you want (such as sectors/cylinders/filesystem etc.) The encryption method is IDEA in cbc mode, which is written in 68000 assembly. ************************************************* * * crypdisk.zoo 55K sector oriented disk encryption * ************************************************* This is a sector based disk- (or AmigaDos device-) based encryption program. It works a bit differently from crypt-device, and also uses a 68000 handcoded IDEA algorithm, and it's not limited to cbc mode. It's a modification of the xpkIDEA library assembler source which will be mentioned in the next section. ************************************************* * * xpk25dev.lha 141K Compression package, developer's additions * xpk25usr.lha 215K Compression package, user's edition * XFH134.lha 135K (De-)compressing handler, uses Xpk. * xPack_1.5.lha 9K OS 2.x Shell Interface for XPK * ************************************************* * * Note: The bottom two files are updates to subparts of the top two. * (Obviously, I didn't want to modify the original distribution.) * ************************************************* The easiest way for me to describe the xpk???.lha files is to cheat, and mostly just include the overview file. Here it is, with a lot of deletions: (Including the list of way-cool authors.) *********** * * THE XPK DATA COMPRESSION PACKAGE * ================================ * * * 1. What is XPK * -------------- * * For a long time, there have been various compression programs for different * purposes on the Amiga. But every application supported only one compressor, * and most compressors were only supported by one application. XPK wants to * put an end to this: Every application with XPK interface can use very packer * with XPK interface. An XPK packer is a library with a four letter library * name. * * * 3. XPK-Compressors * ------------------ * * First a general overview of the most important packers and crypters and * their uses. [...] * - FEAL encrypts data at reasonable speed with very high safety, ie. it has * not yet been broken in the higher-round modes. Any kind of private data * is safe in the hands of FEAL. ===> [Is this still true?] ===> [Also: On the chart below, A3000 means a 25Mhz 68030 machine.] * Now for the complete overview of all existing compressors. You may not have * all of them. The meaning of the fields: * * Name: 4 letter name of the packer. * CSpd: Compression speed in K/sec on an A3000 * USpd: Decompression speed in K/sec on an A3000 * CF : Compression factor in % * Mo : This packer supports modes * Cry : This packer can encrypt * Desc: Description of the packer * * Name CSpd USpd CF Mo Cry Desc * ---- ---- ---- -- -- --- ---- * BLZW 139 364 32 + - Fast compression & decompression, usable CF * CBR0 410 1918 3 - - Byte run encoding, only for simple files (Gfx) * DLTA 104 1265 - - - Pre-processor for packing of sound samples * ENCO 393 393 - - + Sample library for cryptors * FEAL 109 109 - + + Encryption with selectable safety * HUFF 88 138 24 - - Huffman coding, low CF and speed * IDEA 90 90 - + + Safe Encryption, not too fast, many variations * IMPL 6 280 44 + - Imploder, good CF, slow compression, fast decomp * NONE 1918 2477 0 - - Do-nothing packer * NUKE 36 630 45 - - Very fast decompression, good CF & fast compression * RLEN 170 1351 4 - - Sample library for packers * SHRI 5 9 52 + - Excellent CF but low speed * VERN 861 874 - - + Less safe but very fast Vernam encryption * ---- ---- ---- -- -- --- ---- * * Also, XPK supports powerpacker.library for decompression. * *********** Note that there are multiple encrypting "compressors" there, including a blank one for an example. The distribution also contains two handlers to allow one to use these compression/encryption libraries transparently instead of semi-explicitly. One of these, XFH, (the one that Urban mentions), has been upgraded since this distribution. The latest version of which I am aware is 1.34, so I uploaded XFH134.lha also. Now to discuss some of the individual encryption libraries within this XPK distribution. I recall people having asked about what the speed of doing on-the-fly encryption would be. For Vernam encryption (Has anyone heard of this???), not only are the benchmarks not included but neither is the library nor the docs. Maybe the author didn't contact Urban for inclusion in the master archive, I dunno, I don't even have an xpkVERN.library. However, I do have numbers for FEAL and IDEA. Here are the speeds for the FEAL encryption, from a speed chart from its docfile. (I believe this is for a 25Mhz 68030 machine.) *********** * * Speed and Memoryusage * --------------------- * * Rounds Memory En-/Decryptioncryption * Usage Speed * ------ ------ ---------------------- * 4 1K 190 K/sec * 8 1K 144 K/sec * 16 1K 96 K/sec * 32 1K 58 K/sec * 64 1K 33 K/sec * *********** Here are the IDEA speeds: *********** * * The xpkIDEA implementation uses the following XPK modes for different * encryption methods: * * XPK Mode Encr. Method Nr. States 68030/25 68000/7.14 * -------- ------------ ---------- -------- ---------- * 0..25 ECB / 90 K/s 12 K/s * -------------------------------------------------------------------------- * 26 CFB 1 * . . . 87 K/s 11 K/s * . . . * 50 CFB 25 * -------------------------------------------------------------------------- * 51 OFB 1 * . . . 84 K/s 11 K/s * . . . * 75 OFB 25 * -------------------------------------------------------------------------- * 76 CBC 1 * . . . 84 K/s 11 K/s * . . . * 100 CBC 25 * -------------------------------------------------------------------------- * *********** Rather obvious possibilities for those wanting to do similar things on other machines: o Forget it, your machines are inferior pieces of... Oh sorry, I'm supposed to be being polite. Scratch that. o Scavenge source code from some of the above packages and use it in the skeletons of DOS 'redirectors' (?) o Go the whole way and implement the XPK standard on other machines. (You might want to bring get with Urban and the others though. By the way, when quoting sections of the XPK overview, I didn't inlcude the partial author list of nine people. Anyone interested in these projects do have lots of other people to talk with about the standard.) o Disassociate from the mediocritins and.. oops, there I go again. And finally, o Keep part of your mind still thinking about standards for secure data links. I have my own ideas on the subject, which should translate to other machines mostly. They are as follows: On the amiga, I think it would be best to write a driver one would use instead of the default of serial.device or whoever, to handle the encryption. It would then call serial.device or whoever to actually transmit the data. The advantage here is the modularity of having any terminal program work with this device driver, so you could at any time bring up its window on the workbench screen or a public screen, to adjust its parameters in a way independent of whatever terminal programs you might have running, if need be, or controlled with ARexx scripts or from other programs. The neat parts here are that (a), it could do compression as it goes, too, but more importantly, (b), it would be transparent to any other binary transfer protocol you'd be useing, except for speed. (Although it could somewhat make up for that by making them slightly more efficient--seeing as the encrypting device would have to do it's own error checking, dynamic transfer protocols used by the term programs would tend to use larger and larger window sizes), and (c) this could be standardized across machines, so it would also be neat if (d) the standard allowed for multiple concurrent sessions transparently, as well as file transfers, all dynamically configurable. (Not just multiple resident invocation of the same code, but one link turned into 12, like uwm, or dnet on amigas and unix.) (I'm almost making it into a terminal program itself.) One of the main things would be to make it very transparent to the other programs running--so that even if you were on some weird (but somewhat secure) network, you could run a program on this standard between your telnet on your machine and it's connection to the network. (I may be speaking nonsense here.) Whether you were really using kermit, telnet, ftp, or zmodem, the underlying connection would be secure. Anyway, I was just thinking that this might be especially cool if it were compatible across platforms. I figured I'd share those thoughts with any others thinking about secure links, to help maximize the spread of ideas. (And then Timothy Newsham uploads something along those lines even before I can post this. Sheesh! Okay, here's a way to make money by taking bets on this phenomenon: Pick a random person and a cypherpunk, and let them race, with the random person describing a neat program he'd like to have, and the cypherpunk writing it. I'd place my bets on the cypherpunk finishing first. :-) ) Hoping to add to the general confusion, -Mark Shewmaker From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Paul Goggin Date: Thu, 17 Jun 93 02:35:39 PDT To: cypherpunks@toad.com (Cryptoanarchists are Us) Subject: Binaries Message-ID: <9306170935.AA17555@toad.com> MIME-Version: 1.0 Content-Type: text/plain In order to equalize, what may be construed as a growing disparity between ripem and pgp availability (i.e. ripem binaries being kept online for ftp). I have taken upon myself to start collecting binaries for PGP. If you would be kind enough to email me if you would like to offer any binaries. I will check against what I already have and get back to you for retrieval. Please enclose your OS and sytem type (pretty much referring to UNIX here). For instance, -r--r--r-- 1 ftp guest 252829 Jun 17 05:05 pgp-hp720-8.07.Z -r--r--r-- 1 ftp guest 166958 Jun 17 05:00 pgp-ibm-rs6000-3.1.Z Paul -- R O All Comments Copyright by | Technofetisht A N Paul S. Goggin (1993) | Cypher, Cyber, Chaos V Information Broker | Ergoflux, Interzone E chaos@aql.gatech.edu | Carpe Diem: Stop the Clipper wiretap chip Finger account for latest _Phrack_ | Public Key: PGP and RIPEM available For anonymous communication:---> anonymus+4744@charcoal.com ------------------------------------------------------------------------------ Title 18 USC 2511 and 18 USC 2703 Protected -- Monitoring Absolutely Forbidden From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stanton McCandlish Date: Thu, 17 Jun 93 07:10:10 PDT To: cypherpunks@toad.com Subject: Jimbo B. responds again! Message-ID: <9306171409.AA13003@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain Faced with the "charge" of selling out the govt, by "supporting Clipper" (more specifically for granting a license to them to use RSA's patented encryption in the key escrow scheme [as far as I can tell; I don't read legalese too well]), RSADSI/PKP's head Jim Bidzos responds thusly: Quoth Jim Bidzos, verily I saith unto thee: > From jim@RSA.COM Wed Jun 16 15:37:37 1993 > id ; Wed, 16 Jun 1993 15:37:34 -0600 > Date: Wed, 16 Jun 93 14:35:49 PDT > From: jim@RSA.COM (Jim Bidzos) > Message-Id: <9306162135.AA17052@RSA.COM> > To: anton@hydra.unm.edu > In-Reply-To: Stanton McCandlish's message of Wed, 16 Jun 1993 13:26:42 -0600 (MDT) <9306161926.AA06434@hydra.unm.edu> > Subject: hmph > > > Well, I don't know where these things get discussed, but you can > certainly feel free to resend or post my email to you. I'm genuinely > confused, as I believe the situation is as simple as I put it to you. > Our claims of patent infringement by DSS, made over the last 18 > months, were well-known and publicized. NIST has capitulated. Seems > pretty straightforward to me. > > BTW, on Clipper, ATT, Motorola, IBM could have done Clipper without > ever talking to us. Contrary to popular belief, we don't dictate > terms to licensees. So, with their RSA or Diffie-Hellman licenses, > these companies could have simply replaced DES with Clipper > (continuing to use RSA for Clipper key management) and supported > Clipper without ever talking to us. (In fact, I believe this is > exactly what ATT did, as they had a DH/DES phone before they "joined" > the Clipper club.) Clipper will not fail or succeed because of any > Public-key patent license. It will go away simply because it was > ill-conceived, ill-timed, and undesirable. > > > --Jim > -- Stanton McCandlish * Space Migration * Networking * ChaOrder * NO GOV'T. * anton@hydra.unm.edu * Intelligence Increase * Nano * Crypto * NO RELIGION * FidoNet: 1:301/2 * Life Extension * Ethics * VR * Now! * NO MORE LIES! * Noise in the Void BBS * +1-505-246-8515 (24hr, 1200-14400, v32bis, N-8-1) * From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Timothy Newsham Date: Thu, 17 Jun 93 11:20:22 PDT To: jka@ECE.CMU.EDU (Jay Adams) Subject: Re: fast des In-Reply-To: <9306171547.AA02951@mustang.ece.cmu.edu> Message-ID: <9306171820.AA03851@toad.com> MIME-Version: 1.0 Content-Type: text/plain > > If you were interested in cracking DES, I wonder if you couldn't just > build the hardware out of FPGAs. That way, you could make key loading > and the decrypted data test fast as well. > > - Jay > I tried this on the xilinx 3090 chip. The tools to handle palasm didnt seem to be designed to handle a job that size, I had to split up the file into 3 sub parts (S boxes, key scheduler and everything else). I never got it completed but judging by some of the output I got, it wouldnt have fit on the 3090, which is quite a big FPGA. The implementation is straight forward, but there is alot of juggling you have to do to put it on a 3090 since the S boxes are slightly bigger than the CLB's tables, and you end up wasting alot of space when you just need a bunch of xor gates (2 xor's per CLB, and you need alot of XORs). Implementation with standard cell technology would probably be very easy, and save alot of space too. (routing the thing is another problem too, since there are so many permutations, I am not sure if a near-full-capacity FPGA would be able to route all the permutations) Tim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 17 Jun 93 08:32:17 PDT To: cypherpunks@toad.com Subject: fast des In-Reply-To: <19930616211451.5.TK@ROCKY.AI.MIT.EDU> Message-ID: <9306171528.AA29921@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >Usually the limiting factor is examining the decrypted data >for statistically significant patterns indicating that you have the >correct key. If you know that your plaintext is 7-bit ASCII, then you can reject if you see too many 8th bits set. Assuming that the size of your intercepted ciphertexts is generous, say ten blocks, then the likelihood of a false decryption which has all the 8th bits off is extremely small. Hint for implementors: don't allow such easy bit correlations in your plaintext. In any case, the point of a DES cracker is to reduce the size of the space of probable decryptions, so that more computationally expensive statistical tests of possible plaintexts may be performed on a shorter list. If your cracker can reduce the size of the probable keyspace by eight bits, then you can run, in parallel, tests which take 2^8 times as long. For example, you may be able to reject many potential plaintexts from a CBC ciphertext stream after the first block; longer tests would look at a longer stream. This is where measures of n-gram distribution really come into their own. These measures can distinguish between text types extremely finely, but are often expensive. Nevertheless, they are highly suited to automation, particularly to distinguish between different languages and to recognize non-linguistic forms such as protocol encapsulations, object code, and compressed text. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: m5@vail.tivoli.com (Mike McNally) Date: Thu, 17 Jun 93 06:51:32 PDT To: Duncan Frissell <76630.3577@CompuServe.COM> Subject: Contempt of court In-Reply-To: <930617132906_76630.3577_EHK27-1@CompuServe.COM> Message-ID: <9306171350.AA14019@vail.tivoli.com> MIME-Version: 1.0 Content-Type: text/plain Duncan Frissell writes: > >>>Note that a court could cite you for contempt for not complying > >>>with a subpoena duces tecum (a subpoena requiring you to produce objects > >>>or documents) if you fail to turn over subpoenaed backups. > > Assume that your application is running (mirrored) on five > machines ... I think that Mr. Frissell's suggestion falls into the category of what I've humbly termed "digital flash paper" mechanisms. In the days of yore, numbers runners and gangsters and nefarious bad guys would keep records on cellulose (?) flash paper which could be ignited and destroyed very rapidly should Elliot Ness be seen approaching the front door. Another (simpler) suggestion made by a friend was to devise motion-sensitive devices which would cause total corruption of information stored on a disk if it were moved. My highly esteemed legal opinion is that this could be considered criminal obstruction of justice, though as with the contempt of court issue such a charge might be preferrable to one of Sedition :-) -- Mike McNally From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Duncan Frissell <76630.3577@CompuServe.COM> Date: Thu, 17 Jun 93 05:56:02 PDT To: Subject: Re: Digital Cash$$$$ Message-ID: <930617125212_76630.3577_EHK27-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain (J. Michael Diehl) >>>Then DC is actually backed by "legal" currency? Then, what's to keep >>>someone from opening a digital bank, and takeing the money and runing? Nothing. Just like the First National City Bank of New York or Bank Leu, Zurich. You should deal with someone with a rep and perhaps a history. Obviously the risk of fraud would be greater with a digital cash issuer completely unconnected to an existing financial institution. >>>OECD? The Organization for Economic Cooperation and Development. AKA the rich countries (plus Turkey). The 12 EEC Countries (we can all name them, can't we? %{) + Canada, US, Japan, AU, NZ, Iceland, Norway, Sweden, Finland, Austria, Switzerland, and Turkey. >>>Obviously, DC can lead to quite a few opportunities for corruption, >>>taxes for example. This will hinder (or help, in Washington D.C! ;^]) >>>the spread of DC.Is there any arguements for DC, to offer to counter >>>this major drawback? That's not a bug that's a *feature*. Those are the main arguements in *favor* of DC. The main argument that DC can use against D.C. is that conventional regulatory techniques have been obsoleted by the nets, downsizing effects *all* sorts of institutions not just corporations, and the denizens of the District had better start figuring out what they will do when they are forced to get honest work. Duncan Frissell Laws are local, communication is universal. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jim@RSA.COM (Jim Bidzos) Date: Thu, 17 Jun 93 09:26:10 PDT To: anton@hydra.unm.edu Subject: "RSA sells out" hue and cry In-Reply-To: <9306171208.AA11770@hydra.unm.edu> Message-ID: <9306171626.AA20285@RSA.COM> MIME-Version: 1.0 Content-Type: text/plain Re "source" requirements for Clipper: See my last email to you. ATT, Motorola, etc. are licensed to use RSA and Diffie-Hellman. They are free to use those techniques to manage Clipper keys, as long as they pay their royalties for those techniques, without any contact with us. Or perhaps, when we lciensed them back in the mid and late 80's, we should have limited the use of public key to key management of "future algorithms we approve of?" ********************** END FORWARD *********************************** Draw your own conclusions. I sure will. -- Stanton McCandlish * Space Migration * Networking * ChaOrder * NO GOV'T. * anton@hydra.unm.edu * Intelligence Increase * Nano * Crypto * NO RELIGION * FidoNet: 1:301/2 * Life Extension * Ethics * VR * Now! * NO MORE LIES! * Noise in the Void BBS * +1-505-246-8515 (24hr, 1200-14400, v32bis, N-8-1) * From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: axelrod@s106.es.llnl.gov (Mike Axelrod 422-0929) Date: Thu, 17 Jun 93 09:24:41 PDT To: cypherpunks@toad.com Subject: Contempt of court Message-ID: <9306171626.AA23636@s106.es.llnl.gov> MIME-Version: 1.0 Content-Type: text/plain I gather that a court can order you to produce the means to decrypt cyphertext that the court has ruled is evidence. This would imply that the giving of the means to decrypt (which could simply be the uttering of a password) is not considered testimony, because you cannot be forced to give testimony under the 5th amendment. Is there a court decision on point for this issue. In another but similar context, can a court order you to give it the combination of a safe, that contains evidence? I suspect, if that is the case, then there is no 5th amendment protection against being so ordered to produce the means to decrypt messages, documents etc. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Duncan Frissell <76630.3577@CompuServe.COM> Date: Thu, 17 Jun 93 06:33:17 PDT To: Subject: Contempt of court Message-ID: <930617132906_76630.3577_EHK27-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain >>>Note that a court could cite you for contempt for not complying >>>with a subpoena duces tecum (a subpoena requiring you to produce objects >>>or documents) if you fail to turn over subpoenaed backups. Assume that your application is running (mirrored) on five machines in five different jurisdictions and the machines will lock out one or more of their number if they receive a panic code, or one goes offline unexpectedly, or is not accessed in exactly the right way, you could easily respond to a subpoena duces tecum by stating truthfully that the requested records are not (or are no longer) under your control. The machines themselves can also be protected by careful choice of location and judicious use of remailers and requirements that they only be accessed by telenetting, etc. Besides what's the big deal about contempt of court. If you are worried about doing 2 years or less, locate yourself in another jurisdiction. No need to expose your body to high risk legal regimes. Duncan Frissell "But your Honor, I'm desperately trying to *conceal* my contempt for this court." From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Tom Knight Date: Thu, 17 Jun 93 07:18:41 PDT To: cypherpunks@toad.com Subject: Contempt of court In-Reply-To: <930617132906_76630.3577_EHK27-1@CompuServe.COM> Message-ID: <19930617141632.8.TK@ROCKY.AI.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain I wouldn't want to encourage anyone to contempt of court, but, strictly hypothetically, there is a very simple way to answer the request to hand over keys to encrypted data. Simply assure that you have a copy of the encrypted data available, then construct one-time-pad data of the same length as the encrypted data, such that when the two are XORed, you get your choice of plaintext. Hand over the "one time pad." This argues powerfully that one might want such one time pads available and in use even if you are really using a more convenient encryption technology. Kids: don't do this at home. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jason Zions Date: Thu, 17 Jun 93 08:41:53 PDT To: "George A. Gleason" Subject: Re: YAA (yet another article) In-Reply-To: <93Jun17.032128pdt.13971-1@well.sf.ca.us> Message-ID: <9306171541.AA09044@jazz.hal.com> MIME-Version: 1.0 Content-Type: text/plain > However, I still have a strong preference that even an "improved" key >escrow system be implemented via the free market and make provision for >free choice in cyphers. As do I; I think this is just another part of daily life that the government has no business being in. As for freedom of choice with respect to privacy technology, I believe that's a must. Jason From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@soda.berkeley.edu Date: Thu, 17 Jun 93 10:49:12 PDT To: cypherpunks@toad.com Subject: Weak steganography Message-ID: <9306171745.AA05015@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Responding to Mike Diehl's ideas about weak steganography: (Speaking of which, did anyone notice that there weren't any stegosaurs in Jurassic Park? Just another sign of the government crackdown on crypto?) There are a couple of problems with the idea of sticking encrypted files onto the end of executable files. The first is, to make this easy, you need a program to do it (and to "undo" it). Well, if someone steals your computer and gets access to these files, they will probably also get access to this program. This will tip them off to what you have done. This is an example of the general principle that you need to assume that your attackers know or can discover the methods you are using, but they don't know the keys. Another problem is that encrypted files look different from executable files. Encrypted files have a uniform histogram (that is, all 256 different possible byte values are equally frequent), but exe files do not. The appending of an encrypted file to an executable file will be very obvious. The exact boundary may not be immediately apparent, but it can probably be narrowed down to ten or twenty words without much effort at all. In any case, exe files which have had this treatment will stick out like a sore thumb. Last, XOR'ing a PGP file with a repeated string is probably not a very good method. PGP has a header at the front whose structure is known and which has some fixed bytes. These can be used to immediately recover some letters of your string. Given that the string is mnemonic (memorable) it may be possible to guess more of it. Again, this is basically effortless and it narrows down the search space considerably before they even start to try to break it. Of course, even if they recover the original PGP file they would then need your pass phrase to decrypt it. If you are assuming that they already had that then they didn't need to go through the rigamarole of deducing the repeated string which cloaked the PGP file; once they found an executable with a uniform histogram at the end, along with your program which creates such files, that should be enough evidence to force you to reveal the string just as you were forced to reveal your pass phrase. In sum, I don't think this approach will help much. Hal Finney 74076.1041@compuserve.com -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLCBm8agTA69YIUw3AQFbMAQAqsZE3Zs3oC1RcTqZ+yGDv0uf0avWUI9N l7Lr+XlOxryu7m7zo7S2knZIjUMa6a0v0EolnpPw/tK0SUkqGwOBrdfkn8BNPIM6 uZe9kzhJJYbc+w+TQqPB8PoVc3ZQ78OAOwyvhdu28KwG6kXLO4mCiX9n6faIDK1I 3G4Ez8v+6Xg= =F8de -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stanton McCandlish Date: Thu, 17 Jun 93 10:16:30 PDT To: cypherpunks@toad.com Subject: "RSA sells out" hue and cry (fwd) Message-ID: <9306171716.AA19271@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain More from Big Jim at RSA, criticizing the idea that RSA should have licensed "its" algorithms to NIST only on the condition that they not be used for clipper/capstone/key escrow and similar schemes ********* Quoth Jim Bidzos, verily I saith unto thee: ************** From cypherpunks-request Thu Jun 17 09:30:24 1993 Received: by toad.com id AA29434; Thu, 17 Jun 93 09:23:01 PDT Return-Path: Received: from tivoli.com ([146.84.1.5]) by toad.com id AA29426; Thu, 17 Jun 93 09:22:52 PDT Received: from vail.tivoli.com by tivoli.com (4.1/SMI-4.1) id AA27085; Thu, 17 Jun 93 11:22:38 CDT Received: by vail.tivoli.com (4.1/SMI-4.1) id AA14350; Thu, 17 Jun 93 11:21:26 CDT Date: Thu, 17 Jun 93 11:21:26 CDT From: m5@vail.tivoli.com (Mike McNally) Message-Id: <9306171621.AA14350@vail.tivoli.com> To: Duncan Frissell <76630.3577@CompuServe.COM> Cc: cypherpunks@toad.com Subject: Contempt of court In-Reply-To: <930617153447_76630.3577_EHK50-1@CompuServe.COM> References: <930617153447_76630.3577_EHK50-1@CompuServe.COM> Duncan Frissell writes: > I call it a network operating system designed to cope with local security > breaches. I am not required by law to keep business records in any > particular jurisdiction. I am not even required to have access to > everything in a business with which I am connected. Of course you're likely to be right; my Highly Esteemed legal opinion is worth about as much as the electrons transmitting it. > But a charge of Sedition is such a rare honor ... > Besides, if the system is From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Duncan Frissell <76630.3577@CompuServe.COM> Date: Thu, 17 Jun 93 08:44:22 PDT To: Subject: Contempt of court Message-ID: <930617153447_76630.3577_EHK50-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain >>>I think that Mr. Frissell's suggestion falls into the category of what >>>I've humbly termed "digital flash paper" mechanisms. >>>My highly esteemed legal opinion is that this could be considered >>>criminal obstruction of justice I call it a network operating system designed to cope with local security breaches. I am not required by law to keep business records in any particular jurisdiction. I am not even required to have access to everything in a business with which I am connected. >>>such a charge might be preferrable to one of Sedition :-)<<< But a charge of Sedition is such a rare honor. It's tough to get the Feds to bring one. One Sedition trial during WWII and one against White Supremicists a few years back. Feds lost both. Besides, if the system is run by non-Americans outside of the US, sedition can't apply (can it? - no treason certainly). (Mike McNally) Duncan Frissell From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@rosebud.ee.uh.edu Date: Thu, 17 Jun 93 09:42:42 PDT To: cypherpunks@toad.com Subject: Subject lines for remailers Message-ID: <9306171642.AA00115@toad.com> MIME-Version: 1.0 Content-Type: text/plain Another way in which incoming and outgoing messages can be linked up in a remailer is the Subject line. Most of the remailers keep this the same for incoming and outgoing messages. Most of the remailers also have the ability to let the user change the subject line as it goes through the remailer. My "chain" program which I put on soda lets you set the subject line but only in the last remailer of the chain (so that it goes to the destination with the right subject). If more people did that and we also adopted the convention of not having a subject line at all for the mail up to that point, then all mail through the remailers would have no subject and it would all look the same. (Actually, my mailer won't conveniently let me have no subject, so I would either have to have a blank subject or some default string.) Hal Finney 74076.1041@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jay Adams Date: Thu, 17 Jun 93 08:48:07 PDT To: cypherpunks@toad.com Subject: Re: fast des In-Reply-To: <19930616211451.5.TK@ROCKY.AI.MIT.EDU> Message-ID: <9306171547.AA02951@mustang.ece.cmu.edu> MIME-Version: 1.0 Content-Type: text/plain > I don't know of any 2.4 gbps DES chips, but DEC has built a 1 gbps > chip. > .... Key-loading is a different operation, > and that might not go nearly as fast. Any hardware assists (i.e., DMA) > would be for the data, not for the next key to use on the same block of > data. > > Usually the limiting factor is examining the decrypted data > for statistically significant patterns indicating that you have the > correct key. The fast DES chips don't help with this at all. A known > plaintext attack, of course, doesn't have this problem, but these are > probably of limited interest in real applications. If you were interested in cracking DES, I wonder if you couldn't just build the hardware out of FPGAs. That way, you could make key loading and the decrypted data test fast as well. - Jay From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Thu, 17 Jun 93 12:00:26 PDT To: cypherpunks@toad.com Subject: Re: Weak stegosaurs In-Reply-To: <9306171745.AA05015@soda.berkeley.edu> Message-ID: <9306171900.AA27241@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Hal Finney writes: > Responding to Mike Diehl's ideas about weak steganography: (Speaking of > which, did anyone notice that there weren't any stegosaurs in Jurassic > Park? Just another sign of the government crackdown on crypto?) No, the stegosaurs were not in the Jurassic Era...they were in the *Cryptozoic* Era. At least according to my copy of PGP ("Pretty Good Paleontology"). -Tim (P.S. I wonder what kind of DNA they'll get from the "Nine Princes in Amber"?) -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@rosebud.ee.uh.edu Date: Thu, 17 Jun 93 10:50:18 PDT To: cypherpunks@toad.com Subject: Contempt of court Message-ID: <9306171750.AA02648@toad.com> MIME-Version: 1.0 Content-Type: text/plain Personal opinions: People should not be able to be forced by a subpoena duces tecum to provide incriminating documents. The fifth amendment protection against self- incrimination normally extends to personal papers. There are cases which show that corporate officers cannot avoid turning over corporate papers even if they incriminate themselves, but personal papers are provided much wider protection. People can be forced to produce handwriting samples, where the content of what is written is not significant but the physical writing will be analyzed; they can be forced to produce breath, blood or urine samples; they can be forced to stand in a police lineup, and to repeat words which a witness may have heard a criminal make (but the words do not carry significance); they may be forced to submit to psychiatric evaluation. But none of these involve giving testimony against themselves. Producing a personal diary or notes which provide incriminating testimony should be protected by the fifth amendment. By this reasoning, someone may be able to be forced to reveal an encryption key, since that is not testimony. But if the resulting documents, when decrypted, are personal and contain damaging, incriminating statements, they would not be usable in court. To introduce them in court against the wishes of the defendant would be a clear violation of his fifth amendment rights. By the same token, people are not obligated to keep records specifically to facilitate government investigation of any crime they may have committed. (They are required to keep normal records, such as those relating to the income tax.) It is perfectly permissible for people to destroy their personal records, notebooks, mail, in any way they wish, whether those records would be of use to law enforcement or not. (This is not true, of course, after receipt of a subpoena calling for those records.) "Digital flash paper" should be perfectly legal for all record keeping, whether or not those records would have contained evidence of a crime. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: bear@eagle.fsl.noaa.gov (Bear Giles) Date: Thu, 17 Jun 93 12:27:59 PDT To: cypherpunks@toad.com Subject: Re: Weak steganography Message-ID: <9306171924.AA13544@eagle.fsl.noaa.gov> MIME-Version: 1.0 Content-Type: text/plain Eric Hollander writes: >Another problem is that encrypted files look different from executable >files. Encrypted files have a uniform histogram (that is, all 256 different >possible byte values are equally frequent), but exe files do not. The >appending of an encrypted file to an executable file will be very obvious. So write an encryption routine that wastes bandwidth but outputs executable code. You could even encapsulate it within procedures which randomly call one another, to make it look more like real code. (Your encrypted data would be limited to shuffling data between registers and operations within registers, e.g.: mov ax, bx add ax, cx mov bx, dx or ax, bx It's not a crime to write bad assembler code... yet. A nice piece of misdirection would be a homebrew compiler for some really bizarre language. A compiler which produces output remarkably like the output of your encryption program. If someone asks why you are only using a small subset of the instruction set, you shrug and claim that optimized code generation is on your "to-do" list. Bear Giles From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: axelrod@s106.es.llnl.gov (Mike Axelrod 422-0929) Date: Thu, 17 Jun 93 14:12:07 PDT To: cypherpunks@toad.com Subject: Contempt of Court Message-ID: <9306172113.AA24029@s106.es.llnl.gov> MIME-Version: 1.0 Content-Type: text/plain If the key itself had embedded testimony that was incriminating, then it is possible one could invoke the 5th amendment to avoid disclosure of the key. But, I suppose a court could do an end run around that by giving limited use immunity for the incriminating content of the key. Comments? Mike. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Thu, 17 Jun 93 15:48:07 PDT To: cypherpunks@toad.com Subject: Re: Contempt of court In-Reply-To: <9306172054.AA09055@snark.shearson.com> Message-ID: <9306172248.AA19024@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Perry Metzger writes: ... > technically exhausted his right to appeal. It seems like its only a > matter of time before other than stopping the government from > quartering soldiers in your home except in time of war, there will be > nothing more the courts will prevent. > > Fun, ain't it? Ah, but this happens all the time! For example, at a recent dinner for Dave Nolan, founder of the Libertarian Party, a middle-aged Santa Cruz couple told us the story of how police/DEA/SWAT/BATF/not sure which "took over" all the houses on their block to wait for a suspected drug dealer to come out of his house. By "take over" I mean the middle-aged couple was awakened by knocks on the door at dawn, told they had 5 minutes to pack a few things, and then told to get out of the house, that the SWAT team was using their house as one of their command posts. Several other houses were as well. Around mid-afternoon, the blissfully-oblivious suspect wandered out into into driveway and was immediately surrounded. Now this may not be "quartering of troops," technically, in that they didn't sleep over, eat the food (so far as I know), etc., but I sure would call it something very similar. And what do you think would happen to me if I answered the door with my Heckler and Koch submachinegun, as I sometimes do (perfectly legal, since it's on my property...so long as I don't "brandish" it)? My guess is the pigs would shoot first. With the Clinton Clipper rolling along, with the New World Order looking like a liberal left police state, it's time more than ever for the long-discussed "Cypherpunks Shooting Club." Time for us to fight back. "Kill the code grabbers." -Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stanton McCandlish Date: Thu, 17 Jun 93 14:51:38 PDT To: fnerd@smds.com (FutureNerd Steve Witham) Subject: Re: "RSA sells out" hue and cry (fwd) In-Reply-To: <9306172009.AA16710@smds.com> Message-ID: <9306172150.AA01239@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain This is in reference to the material direct from Jim Bidzos of RSA that I have posted, re: the charges that NSA is selling out to the Clipper scheme by licensing NIST to use their "patented algorithms" Quoth FutureNerd Steve Witham, verily I saith unto thee: > > Draw your own conclusions. I sure will. > > What the hell kind of conclusions are you drawing? Will you cut the > sniffing and say what you mean? Sniping is tiresome. Sniping that > doesn't even make a whiff of sense is doubly so because it's > confusing. Pardon my pique but there's a *real* war on. RELAX, fnerd! I almost sent you my new "Dear flamer" form letter, but I guess this deserves an answer. Please don't yell at me like this. My cautious conclusion from this and other discussions with Jim directly (at least I presume it is he; as I said before I get suspicious when the head of the worlds largest cryptography corp. does not use his own signatory authentication software), is that 1) RSADSI/PKP cares only for its bottom line. People like Jim Bidzos may care about stopping Clipper, but that is largely irrelevant in a corp. It's like your brain deciding it doesn't want food. Your body will go on craving food if you like it or not. 2) DSI is more-or-less anti-clipper, because it will hurt their biz in the long term. It is, being a typical corp., driven more by immediate profit motive; thus it calls bullshit on the Gov't violating their "patent", and thus accepting the deal when the govt "capitulates". In typical corporate double think, it does not see the blindinly obvious conflict of interests here. The weasel factor is likely the rationalization that key escrow does not equal clipper, which is true, though as we all know, they two are intertwined like snakes in a basket. 3) there is no conspiracy of PKP/RSA with NIST/NSA. It's just a product of commercial short-sightedness and even outright stupidity and illogic. 4) regardless of this, this move on the part of RSA is likely to be detrimental to the cause, and is dangerous. As for your other points: A) I am "sniffing" and I said this is a "cautious" conclusion, because all the evidence is not in. B) sniping is USEFUL. Ask any revolutionary. This is not a pitched battle, it is a guerilla war, a propaganda war, & a political cold war. C) it makes plenty of sense. My intent was to present the facts and material I find (for which I actually expected some thanks, imagine that! Who else among you bothered to make the effort to contact Big Jim personally and get their side of the story?), and to encourage people to think about it and weigh the data and "draw your own conclusions". I do not Know All in this matter, and did not wish to try to force my view on the whole. Furthermore, I think you are upset with the messenger, rather than concentrating on the message. All I am doing is saying, "Here I got this. It made me think. Look at it and think about it too." D) Yes there's a war on. But I am not Rambo, I'm the USAF journalist who doesn't feel like getting shot thank you very much ;) Note this is being passed on to the appropriate list and groups, in case others need this clarification. -- Stanton McCandlish * Space Migration * Networking * ChaOrder * NO GOV'T. * anton@hydra.unm.edu * Intelligence Increase * Nano * Crypto * NO RELIGION * FidoNet: 1:301/2 * Life Extension * Ethics * VR * Now! * NO MORE LIES! * Noise in the Void BBS * +1-505-246-8515 (24hr, 1200-14400, v32bis, N-8-1) * From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mike Godwin Date: Thu, 17 Jun 93 13:07:56 PDT To: cypherpunks@toad.com Subject: Contempt of court Message-ID: <199306172008.AA00361@eff.org> MIME-Version: 1.0 Content-Type: text/plain Forwarded message: From daemon Thu Jun 17 16:05:40 1993 Date: Thu, 17 Jun 1993 16:05:38 -0400 From: Mail Delivery Subsystem Message-Id: <199306172005.AA00336@eff.org> To: mnemonic Cc: mailer-errors Subject: Returned mail: User unknown ----- Transcript of session follows ----- While talking to RoseBud.EE.UH.EDU: >>> RCPT To: <<< 550 ... User unknown 550 nobody@rosebud.ee.uh.edu... User unknown ----- Unsent message follows ----- Received: by eff.org id AA00334 (5.65c/IDA-1.5/ident for nobody@rosebud.ee.uh.edu); Thu, 17 Jun 1993 16:05:38 -0400 (ident-sender: mnemonic@eff.org) From: Mike Godwin Message-Id: <199306172005.AA00334@eff.org> Subject: Re: Contempt of court To: nobody@rosebud.ee.uh.edu Date: Thu, 17 Jun 1993 16:05:37 -0400 (EDT) In-Reply-To: <9306171750.AA02648@toad.com> from "nobody@rosebud.ee.uh.edu" at Jun 17, 93 12:52:05 pm Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Content-Length: 1440 nobody writes: > People should not be able to be forced by a subpoena duces tecum to provide > incriminating documents. The fifth amendment protection against self- > incrimination normally extends to personal papers. There are cases > which show that corporate officers cannot avoid turning over corporate > papers even if they incriminate themselves, but personal papers are > provided much wider protection. This is true, but it's not precisely the issue with regard to encryption keys. > But none of these involve giving testimony against themselves. Producing > a personal diary or notes which provide incriminating testimony should > be protected by the fifth amendment. Providing the key would not be seen as legally identical to providing the unencrypted document. > By this reasoning, someone may be able to be forced to reveal an encryption > key, since that is not testimony. But if the resulting documents, when > decrypted, are personal and contain damaging, incriminating statements, > they would not be usable in court. To introduce them in court against > the wishes of the defendant would be a clear violation of his fifth > amendment rights. Unfortunately, this has not been Fifth Amendment law for a long time. If a search and seizure takes place at your house, and the investigating agents find your diary, they can use it against you. If the diary is in code, they can attempt to decode it. --Mike From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jason Zions Date: Thu, 17 Jun 93 14:13:23 PDT To: cypherpunks@toad.com Subject: re: fast des Message-ID: <9306172113.AA10922@jazz.hal.com> MIME-Version: 1.0 Content-Type: text/plain >>Usually the limiting factor is examining the decrypted data >>for statistically significant patterns indicating that you have the >>correct key. > >If you know that your plaintext is 7-bit ASCII, then you can reject if you >see too many 8th bits set. [ ... ] Hint for implementors: don't allow such >easy bit correlations in your plaintext. Run your plaintext through compress first; remove the compress header; then encrypt. Compression will screw up character frequencies (and use all eight bits) enough to make automated detection of a successfully-broken encryption really darn hard. Especially if you keep changing compression technology each message. Jazz From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Thu, 17 Jun 93 13:55:53 PDT To: Mike Godwin Subject: Re: Contempt of court In-Reply-To: <199306172008.AA00361@eff.org> Message-ID: <9306172054.AA09055@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain Mike Godwin says: [Lots of stuff that add up to "Gee, what fifth amendment"] I wonder when the last remaining clause of the Bill of Rights will be declared to be meaningless tripe. FDR destroyed the 9th and 10th amendments with his threats of court packing. PC is destroying the 1st amendment. The fourth and fifth amendments are nearly gone thanks to things like the war on drugs. Lots of people have been claiming the second amendment doesn't mean what it says, and the supreme court has refused to take a case since the Miller case in the 1930s. The court recently held that you can execute a person even if there is evidence that he's innocent without giving the evidence a hearing provided he's technically exhausted his right to appeal. It seems like its only a matter of time before other than stopping the government from quartering soldiers in your home except in time of war, there will be nothing more the courts will prevent. Fun, ain't it? Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: smb@research.att.com Date: Thu, 17 Jun 93 14:28:09 PDT To: Timothy Newsham Subject: Re: fast des Message-ID: <9306172128.AA10049@toad.com> MIME-Version: 1.0 Content-Type: text/plain The DEC gigabit/second DES chip was based on the FURY VSC15K gate array from Vitesse. It's a gallium arsenide device. The full paper is ``A High-speed DES Implementation for Network Applications'', by Hans Eberle, SRC Research Report 90, DEC Systems Research Center. Abstracts are (apparently) online in pub/DEC/srcabstracts.list, on gatekeeper.pa.dec.com. You can get hard-copy by sending email to src-report@src.dec.com. Oh yeah -- he gives the search time as 16 days, for about $1M in DES chips alone, without any support circuitry. The chips are estimated to cost $300 apiece. His chip is well-suited for DES-cracking because it has a separate key-loading port, so you can change the key each cycle without slowing down the pipeline. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fnerd@smds.com (FutureNerd Steve Witham) Date: Thu, 17 Jun 93 15:29:16 PDT To: cypherpunks@toad.com Subject: Stegosaurs Message-ID: <9306172126.AA17087@smds.com> MIME-Version: 1.0 Content-Type: text/plain Hal Finney <74076.1041@compuserve.com> sez > (...did anyone notice that there weren't any stegosaurs in Jurassic > Park? Just another sign of the government crackdown on crypto?) No, silly! They were hiding behind treetrunks and disguising themselves as tourguides! Don't you know the first thing about stegosaurs? -fnerd quote me time to recycle some elephant jokes From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Thu, 17 Jun 93 18:06:27 PDT To: cypherpunks@toad.com Subject: fast des In-Reply-To: <9306172113.AA10922@jazz.hal.com> Message-ID: <9306180102.AA26143@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain > Compression will screw up character frequencies [...] enough to make >automated detection of a successfully-broken encryption really darn >hard. The question is just how hard is "really darn hard"? Compressed English text has characteristic patterns just as plain English does. The salient difference is that these patterns take longer to emerge at the same confidence level. The compressibility limit is a limit not usually reached; the difference between that limit and the actual compressed text will be non-zero. This difference manifests itself in patterns in the compressed text. Some estimates of this size are necessary in order that the designer have an assurance that automatic recognition of decrypted text is difficult. These concerns are largely obviated by using ciphers with longer key lengths, of course. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: kqb@whscad1.att.com Date: Thu, 17 Jun 93 15:16:40 PDT To: cypherpunks@toad.com Subject: Re: Weak steganography Message-ID: <9306172216.AA11412@toad.com> MIME-Version: 1.0 Content-Type: text/plain Hal Finney said: > Another problem is that encrypted files look different from executable > files. Encrypted files have a uniform histogram (that is, all 256 different > possible byte values are equally frequent), but exe files do not. ... I am building a "steganosaurus" and eventually will need to solve a similar problem. (A "steganosaurus" applies a primitive steganographic technique to English text by using a thesaurus to generate enough word variation to encode a hidden message.) One of the weaknesses of this "steganosaurus" is that the resulting output has statistical differences from normal English text. For example, word frequency will be skewed. Worse, I have to assume that the eavesdropper knows my steganization algorithm and can "desteganize" any innocuous-looking text I produce. That "desteganized" text will show clearly the existence of a hidden, encrypted message because, as Hal pointed out, it has a uniform histogram. What I want is a program that will transform an encrypted file to a (slightly larger) file that mimics the distribution achieved by applying the "desteganization" algorithm to normal English text that does *not* contain any hidden message. The steganization algorithm then gets applied to this stealthy, mimic file, not directly to the encrypted hidden message. By the way, since we must assume that the eavesdropper knows all our algorithms but not our secret keys, this algorithm will require a *second* secret key in addition to the secret key used in the original encryption. I'm not ready to tackle that yet. Unless I hear otherwise, I'll assume that if anyone knows how to achieve this, they're not telling... Kevin Q. Brown INTERNET kqb@whscad1.att.com or kevin_q_brown@att.com PS: I found that a simple, semi-automatic algorithm can generate a public message only 5 to 10 times as long as the hidden message. Unfortunately, the public message from my simple algorithm is almost always a bizarre, disconnected sequence of rants, which, for most people, is not normal. That is why I am building my "steganosaurus". After that I will see if combining a natural language parser with transformational grammars can produce a less primitive, more efficient "trans-steganosaurus". From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Thu, 17 Jun 93 17:41:14 PDT To: cypherpunks@toad.com Subject: Clipper fact Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Wed, 16 Jun 93 22:41:33 PDT, Marc Briceno wrote - > I am representing the anti-clipper side in an ongoing debate in > the "Wired " conference on OneNet. The governmental lemmings > question the existence of the "Law Enforcement Exploitation > Field" and want citations. Would the person who posted the > hard facts about Clipper please send me all the info? > Thanks in advance, I've collected about 700 kb worth of information regarding Clipper/Capstone, but this post from Dorothy Denning should be exactly what you are looking for. It was originally posted to sci.crypt and reposted to cypherpunks by Tim May. 8<------- Cut Here -------------------- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: uunet!netcom.com!tcmay (Timothy C. May)denning@guvax.acc.georgetown.edu Date: Tue, 20 Apr 93 00:39 EDT To: toad.com!cypherpunks, gnu.ai.mit.edu!extropians Subject: (fwd) THE CLIPPER CHIP: A TECHNICAL SUMMARYTHE CLIPPER CHIP: A TECHNICAL SUMMARY Message-ID: <9304200403.AA18854@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp@sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: zane@genesis.mcs.com (Sameer) Date: Thu, 17 Jun 93 21:04:36 PDT To: pmetzger@lehman.com Subject: Re: Contempt of court In-Reply-To: <9306172054.AA09055@snark.shearson.com> Message-ID: MIME-Version: 1.0 Content-Type: text/plain In message <9306172054.AA09055@snark.shearson.com>, "Perry E. Metzger" writes: > technically exhausted his right to appeal. It seems like its only a > matter of time before other than stopping the government from > quartering soldiers in your home except in time of war, there will be > nothing more the courts will prevent. > I read somewhere on the net a *very* interesting interpretation of the 3rd amendment, which cypherpunks might find interesting. It was claimed that in colonial times, the British authorities quartered troops in people's homes as a form of surveillance. E.g. Tom Jefferson is suspected of conspiring with friends to communicate privately :-), thus the local British military leader learns of this suspicion and quarters troops in Tom's home. Under this interpretation, it was claimed that the 3rd amendment provides protection from government surveillance. I think it's stretching things a bit, but a very interesting way to look at it. -- | Sameer Parekh-zane@genesis.MCS.COM-PFA related mail to pfa@genesis.MCS.COM | | Apprentice Philosopher, Writer, Physicist, Healer, Programmer, Lover, more | | "Symbiosis is Good" - Me_"Specialization is for Insects" - R. A. Heinlein_/ \_______________________/ \______________________________________________/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com (Bill_Stewart(HOY002)1305) Date: Thu, 17 Jun 93 19:40:40 PDT To: cypherpunks@toad.com Subject: Re: fast des Message-ID: <9306180042.AA03435@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text Steve Bellovin refers to Hans Eberle's paper on a GAs-based 1Gb/s DES chip, which is available on gatekeeper.dec.com under the SRC directory. The search time of 16 days for $1M, aka 1 day for $30M (incl. support chips), is fairly similar to Peter Wayner's Content-Addressible-Memory approach, which would cost an estimated $30M for a 1 day search. (Average search time is about half as long as exhaustive searches.) To put this in a cost-per-solution context, if you amortize over 5 years, that's about 4000 solutions, so that's a bit under $10K per solution. It's more expensive than David Sternlight's $25/solution guess, but it's interestingly small - certainly worthwhile for occasional national security applications, or robbing electronic funds transfer networks, (at least for the $1M slower version), and it's in the ballpark of the rental rate for Congressmen :-) (the Abscam folks paid $50K to Senator Harrison Williams for some light work...) Since Skipjack uses an 80-bit key, the NSA or other rich organizations with access to it ought to be able to get similar performance in 24-48 years, assuming speed doubling continues at its 1-2 year rate. We'd be better off with something with a longer key, such as triple-DES. Bill Stewart From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ""L. Detweiler"" Date: Thu, 17 Jun 93 20:28:26 PDT To: cypherpunks@toad.com Subject: Blasting Bidzos Blather Message-ID: <9306180328.AA15661@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain The following message is FOR CYPHERPUNKS ONLY. I specifically *prohibit* further distribution past the mailing list! Please do not betray my trust! [Bidzos] >I'm genuinely > confused, as I believe the situation is as simple as I put it to you. > Our claims of patent infringement by DSS, made over the last 18 > months, were well-known and publicized. NIST has capitulated. Seems > pretty straightforward to me. The more I read from Bidzos, the less I believe he has any overall control or even awareness of the company, or is purposely duplicitous. His vague and weak defenses I find personally intelligence-insulting. DSS seemed to defy the face of all public input into the standard, which opposed the NIST algorithms (`handed down' in a dictatorial and authoritarian manner, sound familiar?) in favor of RSA. How is it that Bidzos makes no reference to this? Apologists for DSS such as Denning do so on two major grounds: 1) it is part of the larger plan involving Clipper, therefore lack of duality in encryption and authentication features (an implicit characteristic of RSA) is not a problem 2) the security is `no weaker' (cunningly disguised as to appear to say `better') than RSA. Both are noxiously misleading arguments in themselves, but are also decoys (like key escrow agencies and procedures) to the critical issues at stake. The critical point is that even the *appearance* of a `fair and impartial' standards making process was totally defied, to the point of suggesting a complete clandestine backroom collusion! (hm, sound familiar?) But gosh, I wonder how many people would have advocated RSA back then when they could predict the future: that NIST would not only embrace PKP but would award them a complete monopoly on signature standards. Somehow proponents of this new NSA-Clipper-Capstone obscenity are now pointing back to history and saying that the main objections to DSS standards were *technical* (strength of the algorithm) and *legal* (PKP patenting) and that they have been wholly ameliorated by improvements (in key size) and recent events (PKP support). This is historical revisionism at its worst! From my point of view, critical main objections were on the warped process that permitted an unpopular (and perhaps even subversive) standard be adopted! This revisionism definitely suggests something deeper and `ulterior' is going on---that a comprehensive NSA-PKP alliance is in place? > BTW, on Clipper, ATT, Motorola, IBM could have done Clipper without > ever talking to us. Contrary to popular belief, we don't dictate > terms to licensees. First, I find it absolutely ridiculous for an informed agent of PKP, and for that person to coincidentally be called the *president*, to claim that `we don't dictate terms to licensees'. This is only true in the sense that if the licensee does not agree to the terms put down by PKP, they don't get the license! Second, I would like to see PKP contracts. There are probably more clauses than a bad run-on sentence. I'll go out on a limb and wager that PKP *does* limit the use of RSA in the company's products, and that the licenses are fairly specific. It seems rather inconceivable to me that any such corporate agreement that could be so simplistically summarized as `PKP gives rights to company [x] to use RSA in *any* of their products as long as they pay [y] royalties'. The agreement is very likely product-specific and implementation-limiting. Perhaps Mr. Bidzos or representatives of companies involved would be willing to forward copies of these agreements for our consideration of Mr. Bidzos' claims, assuming they are not `classified'... Third, regardless of presence of product-specific limitations in the licenses, and even if PKP has sold licenses to companies that somehow permit them the latitude to include RSA technology in their Clipper implementations, PKP can certainly take the future stance that they will prohibit that use in future corporate contracts! If Mr. Bidzos really thinks that Clipper is `ill-conceived, ill-timed, and undesirable' perhaps he should figure out how to keep his company from supporting, nay, *promoting* and *profiting* from it. Let's look again at the announcement: >PKP will also grant a license to practice key management, at no >additional fee, for the integrated circuits which will implement >both the DSA and the anticipated Federal Information Processing >Standard for the "key escrow" system announced by President Clinton >on April 16, 1993. `at no additional fee'? What does that mean, `for free'? This apparently means Mycotronx, despite being a private company, does not need to license (read: pay for) the RSA patents on the critical key-exchange function for use in Capstone for *any* implementations (public or private), nor does any other company NSA decides to induct into its privileged enclave. Hm, I wonder how RSA's other `customers' feel about that? And why would PKP voluntarily give up this potentially valuable revenue source? Clipper implementations could be *extremely* lucrative for PKP. That they don't license them specifically, and in fact voluntarily give up the perogative to do so, suggests that they gave up something greater in return for them. Namely, the award of an official U.S. government-endorsed monopoly on DSS and arguably all valuable cryptographic techniques. By the way, let's look Mr. Bidzos' quote on Clipper. Clipper is `ill-timed'? What does this suggest, that a NSA-PKP partnership would be better served if it came out sooner or later? Clipper is `ill-conceived and undesirable'? For who? Was it that PKP perhaps didn't hear about it soon enough to rob all the tasty new cryptographic algorithm patents surrounding it, like it did with the Schnorr patent? The licensing notice (which was probably reviewed and approved by PKP representatives) refers to Clipper as `an anticipated Federal Information Processing Standard?' How, Mr. Bidzos, can this new revelation possibly be construed to indicate that Clipper `will go away'? Yes, I suppose Mr. Bellovin was right. The omnipresent underlying message here is that nothing is unethical if PKP profits from it. I advise cypherpunks not to take Mr. Bidzos' comments literally. They are, however, interesting from the perspective of the study of the speech of either an uninformed figurehead or a capitalist (or even nationalist) co-conspirator. P.S. all cypherpunks `for' an alliance with PKP, please raise your hand. I personally find the image of `lumbering but ultimately benevolent corporation' too incredible to hold in the face of recent events, and am now actually quite embarrassed to have advocated some `good faith' proposals involving the company which look naively misguided in hindsight. PKP is not going to go away when a few of its patents expire. To the contrary, it appears to be clutching everything within reach to ensure its eternal domination in the commercial cryptographic field. (sound familiar? a PKP-NSA alliance makes perfect sense.) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: TO1SITTLER@APSICC.APS.EDU (Kragen Sittler) Date: Thu, 17 Jun 93 21:18:34 PDT To: cypherpunks@toad.com Subject: xor w/prbs Message-ID: <930617221448.c97@APSICC.APS.EDU> MIME-Version: 1.0 Content-Type: text/plain Some MORON wrote an article in Computer Shopper, about doing a one-time pad with a PRBS... in fact, he even challenged any cryptographers to break it. (He used a 32-bit seed for the PRBS.) He also included a number of fallacies in the article, among them that you change your algorithm when you think the enemy knows what it is, but you change your keys regularly even when you don't have any basis to think so. How *do* you break this cypher? He is generating a lot of random numbers between 0 and 255, and xor'ing each successive one with the next byte of plain- text. I know that this is a trivial cypher to break, according to PRZ at least, but how do you do it? This arrogant moron with pretensions to cryptographic knowledge needs to be corrected. (Some might say the above epithet applies to me too, to which I reply: I don't pretend to know crypto. I just read cypherpunks.) He is: David Stafford, care of Computer Shopper ONe Park Avenue New York, NY 10016 This kind of misinformation is dangerous to the public at large. The article is on page 558 af the July, 1993 Computer Shopper. It uses a random number generator, (now that I look, it's not a PRBS) from the June, 1993, Computer Shopper, by the same author. The random number generator used is like this: It uses a global variable called RandomSeed, and each time thru the random function, RandomSeed, a 32-bit long, is multiplied by 0x015a4e35, and incremented; and then the new Randomseed, modulo the largest desired return value, is returned. (Actually, mod the largest desired value +1.) a code fragment: #define MULTIPLIER 0x015a4e35L #define INCREMENT 1 long RandomSeed; int GetRandomNumber(int Range) { RandomSeed = MULTIPLIER * RandomSeed + INCREMENT; return(RandomSeed % Range); } So how do you crack this cipher without trying all the keys, guys? Kragen From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@eli-remailer Date: Thu, 17 Jun 93 23:50:08 PDT To: cypherpunks@toad.com Subject: OTP dual decryption Message-ID: <9306180650.AA26990@toad.com> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Using a one-time pad for dual decryption might work like this. I have a file, D (for Dangerous), which I want to conceal. I construct a random file of the same length, K (for Key), which will be my "encryption key". I xor K and D to produce E (for Encrypted), the encrypted file. I delete D and hide K somewhere. Now, in case an intruder steals E and coerces a decryption out of me, I prepare S (for Safe), a file containing some safe plaintext. I xor S and E to produce F (for Fake), the fake key file I will be able to present. I destroy S and hide F somewhere, but perhaps not as securely as I hid K. Now, if the intruder comes, he finds E, the encrypted file. He demands the key, and I explain that the file was encrypted with a one-time pad, and here is the key, and I provide him F. He xor's F and E to find S, the safe plaintext, and I am protected. This is all well and fine, but it depends on successfully hiding K, the actual key file. But if you can successfully hide files, it seems to me that you might as well have just hidden D, the dangerous file, in the first place, in whatever hiding place you were going to use for K. Then substitute S, the safe file, for D. This is just the old idea of having two sets of books for a crooked business, one innocent and public and one incriminating but hidden. So I'm not sure the one-time pad idea really helps much since if you can meet the requirements to use it you might as well just hide your data the old-fashioned way. Are there any advantages that I'm overlooking? Hal Finney 74076.1041@compuserve.com -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLCEucqgTA69YIUw3AQFBlAP/ZHeOKs71H2d0HD2vLwupRB/TwzuEy7dD iE91swoYo8FK5a66DAi8f2kmDIqoiPai+jieI/506zWFuHJRiCW7PLs6v8ga4Aj6 WglBJ1ksOlY74X6qrlykw3kXMjX6x8t7lbp+e6R7Fy67n6gUSGaRozyniv3JusrY c7wXxxh9rvs= =AAV7 -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@alumni.cco.caltech.edu Date: Thu, 17 Jun 93 23:50:08 PDT To: cypherpunks@toad.com Subject: Computer Shopper encryption Message-ID: <9306180648.AA04035@alumni.cco.caltech.edu> MIME-Version: 1.0 Content-Type: text/plain If Kragen's RNG from Computer Shopper is called repeatedly with range=256, so that the resulting values are in the range 0-255 for xor'ing, it is very weak. That will mean that the RNG will repeat with period of at most 256, and so the only question is which of the 256 possible starting points was used. In other words you only need to do 256 trial decryptions (just try seeds from 0-255) and you've got it. Using the low-order bits of an LCM RNG like this one is a bad idea. You should use the high order bits, or use a range which is not a power of 2 so you end up using all the bits. Even then LCM RNG's aren't crypto- graphically strong, although from what I have seen the techniques of breaking them are what a layman would call complicated. Compared to breaking, say, DES, though, they are no doubt trivial. Hal Finney 74076.1041@compuserve.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: remail@tamsun.tamu.edu Date: Fri, 18 Jun 93 00:12:47 PDT To: cypherpunks@toad.com Subject: Shorter PGP keys Message-ID: <9306180712.AA27809@tamsun.tamu.edu> MIME-Version: 1.0 Content-Type: text/plain I was thinking of trying to come up with a short form of my PGP key. Very few people put their PGP keys into their .sig's any more because they are so lengthy. Here is my key, 1024 bits, as it would normally appear: -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.0 mQCNAiqsNkwAAAEEAMKWM52m5EWi0ocK4u1cC2PPyHT6tavk9PC3TB5XBYDegf3d sldRpnjJj1r+aO08FFO+QLEI9wtBqvf1PPP5iLX7sD2uIVlJH14MPtyVtjm9ZKb8 JMtCW74045BgtHBC9yQ3V7vXNV5jM6dE2ocnH4AI/pBFrGLJPKgTA69YIUw3AAUR tCZIYWwgRmlubmV5IDw3NDA3Ni4xMDQxQGNvbXB1c2VydmUuY29tPokAlQIFECqu M1Tidd4O/2f3CwEByrUD/3uoV2y+Fuicrrd2oDawgOw9Ejcx6E+Ty9PVPqKvflLs 0zYyGfeFVSgBbTSDP3X91N3F68nydl9J9VA6QRCGelHM1cZRukCJ0AYbKYfpwUN0 xjEGHsDrd2gT5iWlB3vBZvi+6Ybs4rSq+gyZzVm1/+oRrMen32fz2r0CLgUtHok2 =fF6Z -----END PGP PUBLIC KEY BLOCK----- This has a couple of signatures on it and is pretty long. I stripped the signatures, figuring that people can get them from a key server, and that helped quite a bit. Also, the "Version: 2.x" line is not currently used, and if you eliminate it you don't need the blank line after it. Also, the last line is a checksum for the key and in today's internet environment you don't have to worry about noise that much. Stripping all these gives: -----BEGIN PGP PUBLIC KEY BLOCK----- mQCNAiqsNkwAAAEEAMKWM52m5EWi0ocK4u1cC2PPyHT6tavk9PC3TB5XBYDegf3d sldRpnjJj1r+aO08FFO+QLEI9wtBqvf1PPP5iLX7sD2uIVlJH14MPtyVtjm9ZKb8 JMtCW74045BgtHBC9yQ3V7vXNV5jM6dE2ocnH4AI/pBFrGLJPKgTA69YIUw3AAUR tCZIYWwgRmlubmV5IDw3NDA3Ni4xMDQxQGNvbXB1c2VydmUuY29tPg== -----END PGP PUBLIC KEY BLOCK----- This is pretty compact and wouldn't be bad in a .sig. We've gone from 12 to 6 lines. I wish there were a mode in which PGP would scan a file looking not for "-----BEGIN PGP" but rather for lines which are exactly 64 lines long and contain just the RFC1113 (or whatever it's called now) character set. I realize it would get fooled by PEM but maybe the user would only run it if he knew it was a PGP file. Then you could reduce the key to four lines. If you were willing to use a 512 bit key, good enough for casual use, you could get it down to 3 lines. This is probably an appropriate level of privacy for people on multi-user workstations (i.e. as much privacy as they can expect). Hal Finney -- 74076.1041@compuserve.com -- Stripped PGP key: mQCNAiqsNkwAAAEEAMKWM52m5EWi0ocK4u1cC2PPyHT6tavk9PC3TB5XBYDegf3d sldRpnjJj1r+aO08FFO+QLEI9wtBqvf1PPP5iLX7sD2uIVlJH14MPtyVtjm9ZKb8 JMtCW74045BgtHBC9yQ3V7vXNV5jM6dE2ocnH4AI/pBFrGLJPKgTA69YIUw3AAUR tCZIYWwgRmlubmV5IDw3NDA3Ni4xMDQxQGNvbXB1c2VydmUuY29tPg== From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "George A. Gleason" Date: Fri, 18 Jun 93 02:25:06 PDT To: tk@reagan.ai.mit.edu Subject: Re: Contempt of court Message-ID: <93Jun18.022436pdt.14012-3@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain One-time pads for coerced confessions: Consider that the cyphertext of an OTP could come from *any* combination of plaintext and keystream. Okay, now you have in hand your cyphertext of an original file having to do with your lawsuit against the govt. Take that cyphertext, and get another file of equal or longer length which is completely innocuous, for instance some mild-sounding diary entries or some such. Now XOR these together, and what pops out is the *keystream* which *would have been used for encyphering the innocuous plaintext into the cyphertext you have there. Okay, now you have five files: 1) your original plaintext re your lawsuit against the govt. 2) the keystream which converted that into the cyphertext below. 3) the cyphertext. 4) the innocuous text file for instance edited journal entries. 5) the "keystream" which resulted from XORing (3) and (4), which can be claimed to be the keystream which was used to encypher (4) into (3). Okay, now Big Brother comes to get you and coerce you to decypher your file, but you don't want your attorney-client confidentiality violated, so you hand over items (3) and (5), and when Big Bro "decrypts" (3), out pops (4) thereby proving that you aren't the dastardly subversive who is trying to sue the govt...! "Dear diary..." -gg From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "George A. Gleason" Date: Fri, 18 Jun 93 02:33:53 PDT To: cypherpunks@toad.com Subject: Re: "RSA sells out" hue and cry (fwd) Message-ID: <93Jun18.023323pdt.14012-2@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain I'm not so sure that all this Bidzos Biz is as evil as it may sound. Consider the management have an obligation to the stockholders to make money. Now here is a huge market. Do they turn it down on the basis of political rectitude...? Are we seriously expecting that Bidzos will refrain from tapping into this market, and refrain from charging a cent for an RSA-PGP thing...? Oh, okay, so he's supposed to go into poverty to prove his ethics. Oh, I see. Gee whiz, I thought I was the most socialistic of anyone on this list. -gg From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "George A. Gleason" Date: Fri, 18 Jun 93 02:45:42 PDT To: cypherpunks@toad.com Subject: Re: Blasting Bidzos Blather Message-ID: <93Jun18.024325pdt.13995-3@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Oh, here goes another Big Bad Corporation abusing our rights...! Well, are there any Libertarians out there who will please speak up for the right of Bidzos & co to earn a legal profit any way they see fit...? Or am I, the token leftist in the crowd, going to stick my neck out solo on this one...? Pardon my rhetoric, but I find it truly amazing how the much extolled rights of private property can suddenly become a non-issue when you consider you've found a bigger issue. Some of us feel that way about ecology. -gg From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "George A. Gleason" Date: Fri, 18 Jun 93 02:46:02 PDT To: nobody@toad.com Subject: Re: OTP dual decryption Message-ID: <93Jun18.024542pdt.13995-1@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Yeah, the advantage is, if they think they've found it, they might just stop looking much further. It's a chance that might save your ass. -gg From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: bear@eagle.fsl.noaa.gov (Bear Giles) Date: Thu, 17 Jun 93 22:37:47 PDT To: cypherpunks@toad.com Subject: Re: xor w/prbs Message-ID: <9306180534.AA01952@eagle.fsl.noaa.gov> MIME-Version: 1.0 Content-Type: text/plain >How *do* you break this cypher? He is generating a lot of random numbers >between 0 and 255, and xor'ing each successive one with the next byte of plain- >text. I know that this is a trivial cypher to break, according to PRZ at >least, but how do you do it? In this case, since the modulus is a small power of 2, you can do exhaustive search. There is _one_ sequence of 256 distinct values. Still want to know how long it will take to crack his ciphertext? >#define MULTIPLIER 0x015a4e35L >#define INCREMENT 1 > >long RandomSeed; > >int GetRandomNumber(int Range) > { > RandomSeed = MULTIPLIER * RandomSeed + INCREMENT; > return(RandomSeed % Range); > } > >So how do you crack this cipher without trying all the keys, guys? Since max_integer / gcd (range, max_integer) > range you can move the modulus operation around without worrying about weird effects from the finite word size. This is because the closed form of the loop is: seed[k] = (seed[0] * mult^k + incr * sum (j = 0 to k-1) of mult^j) % range which is equal to seed[k] = (seed[0] % range) * (mult % range)^k + (incr % range) * sum (j = 0 to k-1) of (mult % range)^j and the modulus operation with a power-of-2 range simply keeps the last n bits. But, this also means there are effectively only "range" possible values for the initial seed. Even if you make the increment and multiplier part of the key, they must (both?) be odd so you only have 22 bits of key. Of course at this point you can simply use the fact that this "one time pad" is actually a Vigenere cipher with 256 columns -- easy to crack if you have some insight into the nature of the plaintext (e.g., English text). For instance, 10-15 small documents (40 lines) encrypted with the same key is enough to crack it even if the multiplier and increment are unknown but constant. Bear Giles From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Fred Heutte Date: Fri, 18 Jun 93 06:11:07 PDT To: cypherpunks@toad.com Subject: Re: Blasting Bidzos Blather Message-ID: <93Jun18.061041pdt.13937-1@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain > PKP is not going to go away when a few of its patents expire. Right. Contracts and licensing arrangements can last much longer than patents. That's why it's so important to see the exact details of this latest deal and find out why someone in the federal bureaucracy was greasing the procurement skids. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Fred Heutte Date: Fri, 18 Jun 93 06:41:16 PDT To: smb@research.att.com Subject: Re: RRe: Blasting Bidzos Blather Message-ID: <93Jun18.064055pdt.13949-2@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain I beg to differ. I know about federal procurement regs a little, having been employed by a federal contractor for a decade and being one my own personal self now. They greased this process bigtime, and it has the ugly smell of politics all over it. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "W. Kinney" Date: Fri, 18 Jun 93 06:13:59 PDT To: gg@well.sf.ca.us (George A. Gleason) Subject: Re: Blasting Bidzos Blather In-Reply-To: <93Jun18.024325pdt.13995-3@well.sf.ca.us> Message-ID: <199306181313.AA13845@spot.Colorado.EDU> MIME-Version: 1.0 Content-Type: text/plain > Oh, here goes another Big Bad Corporation abusing our rights...! Well, are > there any Libertarians out there who will please speak up for the right of > Bidzos & co to earn a legal profit any way they see fit...? Or am I, the > token leftist in the crowd, going to stick my neck out solo on this one...? Nah. You ain't alone. Why shouldn't Bidzos allow NIST a license? Seems perfectly reasonable to me. Bidzos appears to see this as unrelated to any larger policy question involving Clipper, and I agree. -- Will From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric Hughes Date: Fri, 18 Jun 93 08:44:38 PDT To: cypherpunks@toad.com Subject: fast des In-Reply-To: <9306180042.AA03435@anchor.ho.att.com> Message-ID: <9306181540.AA22168@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain >To put this in a cost-per-solution context, if you amortize over 5 years, >that's about 4000 solutions, so that's a bit under $10K per solution. Here are a few assumptions that lower this estimate for the NSA. -- The NSA has it's own fab and design facilities. If you assume you want a few dozen or hundred DES cracking boxes, you can afford a fair bit of money on design; the design cost per chip drops. The more of these you have, the lower the cost per solution. -- The amortization period is longer than 5 years. From what I have heard, the NSA just keeps running most every machine it owns. -- The possibility of a trap door which gives hints about exhaustive search should not be ruled out. Suppose, for example, that all combinations of 16 bits exhibited flat distribution as 16-grams, but that certain combinations of 22 bits did not. Just to find these correlations might be an infeasible problem, but to exploit them would not be. Drop your cost estimates by 2^6 in the above example if true. -- There will be different machines designed for attacks on different types of intercepts. Known plaintext, probable plaintext, known ASCII, etc. The recognition circuitry on each of these is different and custom design would reduce silicon costs significantly. -- If you use micropipelines, you can keep the encryption circuitry constantly full, as opposed to putting in a new value after the old one pops out. If this technique is not already being used, divide cost by 16, the number of rounds of DES. -- One can design circuitry to test multiple ciphertexts on the same key at some savings in chip cost. Not useful for encryption, but useful for cracking. Call this a factor of 1.5 to 2. -- Wafer scale integration could yield some savings in die cost and packaging. Eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dmandl@lehman.com (David Mandl) Date: Fri, 18 Jun 93 05:51:38 PDT To: gg@well.sf.ca.us Subject: Re: "RSA sells out" hue and cry (fwd) Message-ID: <9306181250.AA10789@disvnm2.shearson.com> MIME-Version: 1.0 Content-Type: text/plain > From: "George A. Gleason" > > I'm not so sure that all this Bidzos Biz is as evil as it may sound. > Consider the management have an obligation to the stockholders to make > money. Now here is a huge market. Do they turn it down on the basis of > political rectitude...? I don't run my life based on a spreadsheet. There are plenty of very profitable things I could do that I don't because I think they're scummy. The makers of napalm didn't take "political rectitude" into account either; nor did those bastards (Dow Corning?) who knew the truth about breast implants but hid it to protect their bottom line. Sorry, but I find this attitude extremely disturbing. > Are we seriously expecting that Bidzos will refrain from tapping into this > market, and refrain from charging a cent for an RSA-PGP thing...? Oh, okay, > so he's supposed to go into poverty to prove his ethics. Oh, I see. Gee > whiz, I thought I was the most socialistic of anyone on this list. > > -gg I'm not expecting anything of the kind. I'm not a capitalist, so it's not my job to work out these contradictions. --Dave. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: smb@research.att.com Date: Fri, 18 Jun 93 06:26:06 PDT To: Fred Heutte Subject: RRe: Blasting Bidzos Blather Message-ID: <9306181326.AA08720@toad.com> MIME-Version: 1.0 Content-Type: text/plain > > PKP is not going to go away when a few of its patents expire. > Right. Contracts and licensing arrangements can last much longer > than patents. > That's why it's so important to see the exact details of this latest > deal and find out why someone in the federal bureaucracy was greasing > the procurement skids. I repeat -- NIST had no choice, because PKP held all the patent cards. Even if you don't believe PKP's claim to all of public-key cryptography, both the Diffie-Hellman and Schnorr patents would most likely be infringed by DSA. You can argue with the specifics of the deal -- and with what NIST gave away in order to get the Clipper exemption through -- but they had to reach some settlement. Btw -- the deal is *not* final; the announcement is just the start of a 60-day comment period. --Steve Bellovin From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Fri, 18 Jun 93 09:53:52 PDT To: cypherpunks@toad.com Subject: Re: Blasting Bidzos Blather In-Reply-To: <93Jun18.024325pdt.13995-3@well.sf.ca.us> Message-ID: <9306181654.AA10641@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain George Gleason writes: > Oh, here goes another Big Bad Corporation abusing our rights...! Well, are > there any Libertarians out there who will please speak up for the right of > Bidzos & co to earn a legal profit any way they see fit...? Or am I, the > token leftist in the crowd, going to stick my neck out solo on this one...? > > Pardon my rhetoric, but I find it truly amazing how the much extolled rights > of private property can suddenly become a non-issue when you consider you've > found a bigger issue. Some of us feel that way about ecology. I'm a card-carrying Libertarian, and I respect certain types of private property--but not others. When someone "claims" the Amazon jungle, perhaps with the blessings of a corrupt Pope, I don't. (Just and out-of-band example to quickly make the point the even Libertarians can have doubts about some property claims and even have sympathies with radical environmentalists.) The whole cloud of issues surrounding intellectual property, patents on algorithms and methods, the specifics of RSA, and so on, is a complicated set. Discussions on this list and in newsgroups makes this clear. RSADSI has licensed some of their patents to the Clipper folks. What this means is not clear to me. If Clipper (or related things) is ever _mandated_, with alternatives outlawed, then the government would effectively have granted an exclusive franchise to RSADSI, and others, sort of like _mandating_ MacDonald's hamburgers as the national standard and requiring license fees be paid to MacDonald's every time a hamburger is made or bought. So, in answer to George's question, this Libertarian is angry at the growing police state (RICO, civil forfeiture, no knock searches, the War on Drugs, national socialist health care, wars on several fronts, etc.) and fears the imminent outlawing of unapproved encryption. -Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Brad Huntting Date: Fri, 18 Jun 93 09:30:04 PDT To: Jason Zions Subject: Re: fast des In-Reply-To: <9306172113.AA10922@jazz.hal.com> Message-ID: <199306181629.AA08794@misc.glarp.com> MIME-Version: 1.0 Content-Type: text/plain > Run your plaintext through compress first; remove the compress > header; then encrypt. Compression will screw up character frequencies > (and use all eight bits) enough to make automated detection of a > successfully-broken encryption really darn hard. Especially if you > keep changing compression technology each message. Most encryption scheams use cypher block chaining or some other mechanism where a change in one block will affect every block to come after it, no? Given this, would inserting a block of random data at the begining of the datastream help? brad From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Duncan Frissell <76630.3577@CompuServe.COM> Date: Fri, 18 Jun 93 07:50:08 PDT To: Subject: Re: Contempt of court Message-ID: <930618143143_76630.3577_EHK21-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain ("Perry E. Metzger") >>>It seems like its only a matter of time before other than >>>stopping the government from quartering soldiers in your home >>>except in time of war, there will be nothing more the courts >>>will prevent. That's the answer to the question: "The US Government violates 9 of the 10 amendments of the Bill of Rights every second of every day. What is the one Amendment of the 10 that they hold inviolate?" The Third: 3rd Amendment No soldier shall, in time of peace, be quartered in any house, without the consent of the owner; nor in time of war, but in a manner to be prescribed by law. Say, maybe that's an argument against the Clipper Chip! Aren't the NSA types sort of soldiers who want to be quartered in our telephones at our expense? Duncan Frissell Who possesses the worlds longest list of flaky legal arguments which will be an enormous source of entertainment to a federal judge some day. "Did you know that Federal Reserve Notes are not money?" ******************************************************************** * DUNCAN FRISSELL Attorney at Law, Writer, and Privacy * * CIS 76630,3577 Consultant since the Nixon * * Internet: Administration * * 76630.3577@compuserve.com * * or frissell@panix.com * * Easylink 62853962 * * Attmail !dfrissell * * TLX: 402231 FRISSELL NYK * * * * Privacy Checkup still only $29.95. Get yours today to * * find out how to dodge federal child registration. * * * * "Register Communists Not Kids. Fight SB 732 & 733 for * * national computer registration and tracking of every * * child in America." * * * ******************************************************************** From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: collins@newton.apple.com (Scott Collins) Date: Fri, 18 Jun 93 10:57:41 PDT To: TO1SITTLER@APSICC.APS.EDU (Kragen Sittler) Subject: Re: xor w/prbs Message-ID: <9306181746.AA15078@newton.apple.com> MIME-Version: 1.0 Content-Type: text/plain While the pseudo-random bit sequence algorithm used in the Computer Shopper article is weak, it is important to note that the article is on the right track. However, a one time pad based on PRBS is only as secure as the PRBS itself. If the author did not state this, he was remiss. There *are* cryptographically strong pseudo-random bit generators. A one time pad based on a CSPRBS would be as secure as the underlying 'hard' problem. For example, Blum and Micali's paper "How to Generate Cryptographically Strong Sequences of Pseudo-Random Bits" (Nov. 84 SIAM), details a scheme based on the discrete log problem. Essentially, this system is based on selecting bits from successive exponentiations of a seed. If you could guess the next bit to be selected, without knowing the seed, you could reverse this into an algorithm to solve the discrete log problem. The Blum and Micali paper also references a paper by Shamir (which I have not read) called "On the generation of cryptographically strong pseudo-random sequences" 8th International Colloquium on Automata, Languages and Programming, Lecture Notes in Coputer Science, 62, Spring-Verlag, New York, 1981. The difference being that the Shamir scheme generates *numbers* while the Blum/Micali scheme generates *bits*. I try never to label anyone a moron until I am sure their stupidity is not just my failure to communicate. Scott Collins | "Few people realize what tremendous power | there is in one of these things." | -- Willy Wonka ...................................................................... Apple Computer, Inc. | phone: 408 862-0540(v), 974-6094(f) 1 Infinite Loop, MS 301-2C | AppleLink: SCOTTCOLLINS Cupertino, CA 95014 | internet: collins@newton.apple.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fnerd@smds.com (FutureNerd Steve Witham) Date: Fri, 18 Jun 93 08:14:48 PDT To: cypherpunks@toad.com Subject: My recent flame at Stanton Message-ID: <9306181507.AA21082@smds.com> MIME-Version: 1.0 Content-Type: text/plain Stanton McCandlish recently quoted a rant of mine directed at him. I really thought directed it to him literally--that I mailed it to his address, not the list's. Stanton, I didn't mean to flame you in public. I apologize. This is the second time this has happened this week. I'm starting to think that when I created this "fnerd" mail account I accidentally created an alter ego--my evil twin who posts personal insults to mailing lists... I will try to be triply, not just doubly sure of what I'm doing and put lots of warnings on any such personal grouch mail: "I DIDN'T POST THIS; BETWEEN YOU AND ME; PLEASE DON'T QUOTE ME," etc. in control now--SEIG HEIL!--down! down!... --Steve Witham (aka fnerd) quote me, this WAS posted From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mike Godwin Date: Fri, 18 Jun 93 08:22:17 PDT To: zane@genesis.mcs.com (Sameer) Subject: Re: Contempt of court In-Reply-To: Message-ID: <199306181522.AA06530@eff.org> MIME-Version: 1.0 Content-Type: text/plain Sameer, the roots of the Third Amendment are not in surveillance, but in the English Crown's desire to minimize the costs of maintaining troops abroad. --Mike > In message <9306172054.AA09055@snark.shearson.com>, "Perry E. Metzger" writes: > > technically exhausted his right to appeal. It seems like its only a > > matter of time before other than stopping the government from > > quartering soldiers in your home except in time of war, there will be > > nothing more the courts will prevent. > > > I read somewhere on the net a *very* interesting interpretation of > the 3rd amendment, which cypherpunks might find interesting. > It was claimed that in colonial times, the British authorities > quartered troops in people's homes as a form of surveillance. E.g. Tom > Jefferson is suspected of conspiring with friends to communicate > privately :-), thus the local British military leader learns of this > suspicion and quarters troops in Tom's home. > Under this interpretation, it was claimed that the 3rd amendment > provides protection from government surveillance. > > I think it's stretching things a bit, but a very interesting way > to look at it. > > -- > | Sameer Parekh-zane@genesis.MCS.COM-PFA related mail to pfa@genesis.MCS.COM | > | Apprentice Philosopher, Writer, Physicist, Healer, Programmer, Lover, more | > | "Symbiosis is Good" - Me_"Specialization is for Insects" - R. A. Heinlein_/ > \_______________________/ \______________________________________________/ > From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Kent Hastings" Date: Fri, 18 Jun 93 11:49:46 PDT To: cypherpunks@toad.com Subject: Inviso-Crypt(r) Message-ID: <199306181849.AA16946@aerospace.aero.org> MIME-Version: 1.0 Content-Type: text/plain Inviso-Crypt(r) I'm proud to announce a new fuzzy-logic application that can access sub-digital biticles. These vitalistic fractional bits were never discovered before now because computer scientists are still clinging to a rigid notion of Aristotelian "A or not-A" on-off binary logic. It took a Fate magazine advertisement to inspire this scam, er- breakthrough. One of my beta testers was delighted to find his bank account dramatically compressed and his computer network rendered userless. Here is a sample of the program's output: !!! BEGIN INVISO-CRYPT(R) DATA BLOCK !!! !!! END INVISO-CRYPT DATA BLOCK !!! The preceding message may look like all spaces, but those 10 lines contain over 100 megabytes of encrypted biticles. Inviso-Crypt(r) works on graphic files, too. "+". That single character holds a 4-megabyte GIF image. Nothing works like, well, uh - nothing ... to the naked eye, of course. You've heard of Beethoven's "Emperor Concerto," this is nicknamed "The Emperor's New Code" around our data center. Our recent advance in applied cryptology works as described here or my name isn't Mr. Burns, oops, uh - Mr. Snrub, a dedicated computer scientist working at, uh - a lab very far away, on a chain of islands with affordable liability immunity and anonymous trust business structures. That'll do. This software not only does real time bit-slicing, it rolls virtual dice to generate random keys. Yes, it slices, it dices, and it will decrypt your DNA and cure cancer, colds, baldness, and all other ailments. This program is so important that my lobbyists are "passing bills" through Congress as you read this. (Ok Senator, I'm putting these bills on the trash dumpster, and when I get back, I expect them to be hauled away. Don't forget the free bar of soap to wash your hands of this whole affair. See, I DO support clean government.) Soon, Inviso-Crypt(r) will be the exclusive national standard. Why, my payroll expenses have been amazingly smaller since I printed paychecks using the Inviso-Cash(r) standard. Homer: "Hello - money, where are you?" "I like the way that Inviso-Crypt(r) works!" - Smithers.#000# From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: smb@research.att.com Date: Fri, 18 Jun 93 10:04:10 PDT To: Brad Huntting Subject: Re: fast des Message-ID: <9306181704.AA15365@toad.com> MIME-Version: 1.0 Content-Type: text/plain > Run your plaintext through compress first; remove the compress > header; then encrypt. Compression will screw up character frequencie s > (and use all eight bits) enough to make automated detection of a > successfully-broken encryption really darn hard. Especially if you > keep changing compression technology each message. Most encryption scheams use cypher block chaining or some other mechanism where a change in one block will affect every block to come after it, no? Given this, would inserting a block of random data at the begining of the datastream help? Probably not. The DES-crackers are already going to be looking at a couple of blocks, because in general, the cryptanalyst won't know the IV. But not knowing it only affects your ability to decrypt the very next block; you can still get the one after it. The decrypt equation for CBC mode is P[n] <- D(C[n]) xor C[n-1] That is, without knowing the IV -- C[0] -- you can't recover P[1]. But P[2] depends only on C[2] and C[1]. If P[1] is random garbage, you've actually made life a bit easier -- the block they can't recover isn't important. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phil Karn Date: Fri, 18 Jun 93 18:26:33 PDT To: gnu@toad.com (John Gilmore) Subject: Re: Helping from Canada re Clipper Message-ID: <9306190126.AA26864@servo> MIME-Version: 1.0 Content-Type: text/plain >Another argument the U.S. government is making is that they surveyed >encryption policy in various countries and "it's not beyond the pale >to limit domestic encryption -- France does it, for example". Is this an actual Administration quote? If so, they're playing with fire because France is the very same country that the US has recently accused of using its national security apparatus to spy on foreign corporations. It shouldn't be too hard to draw a link between these two policies that would cause this particular quote to blow up in the Administration's face. Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Fri, 18 Jun 93 18:26:34 PDT To: cypherpunks@toad.com Subject: Re: Software infrastructure Message-ID: <9306190126.AA26872@servo> MIME-Version: 1.0 Content-Type: text/plain I'm just catching up on a very large mail backlog (much of which is Cypherpunks). Many Cypherpunks are apparently unaware of the security work going on within the Internet Engineering Task Force (IETF). Besides the infamous Privacy Enhanced Email (PEM), there are lesser known groups working on application layer security interfaces and on IP-level security (encryption and/or authentication of individual IP datagrams). Okay, I'm not saying all this work is being done right. In some cases it's not being done at all (or very slow progress is being made). In my opinion, the situation is ripe for some highly motivated Cypherpunks to read the stuff that's already been published (available from the standard FTP repositories like nic.ddn.mil), digest and critique it, and either implement the ideas that have been proposed or do them better yourself. But you should really be aware of what other work is going on in these areas before you reinvent the wheel. My personal interests and preferences lie in doing security at the IP layer. It doesn't solve all problems, but it is an approach that has been almost totally unexplored until now. And with the ever-increasing use and availability of low-cost dialup SLIP/PPP connections as an alternative to dumb terminal emulators and UUCP, I think it's a powerful technique. But I just don't have as much time to work on this as I'd like, and it would really be nice to find others to help in the effort. Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fnerd@smds.com (FutureNerd Steve Witham) Date: Fri, 18 Jun 93 13:47:27 PDT To: cypherpunks@toad.com Subject: Re: Blasting Bidzos Blather Message-ID: <9306182028.AA22659@smds.com> MIME-Version: 1.0 Content-Type: text/plain > Oh, here goes another Big Bad Corporation abusing our rights...! Well, are > there any Libertarians out there who will please speak up for the right of > Bidzos & co to earn a legal profit any way they see fit...? I'm a libertarian. I happen to be a type of libertarian who doesn't believe in patents. So I think nobody has a "right" to use government (or any force) to enforce their patents. BUT, many people believe patents are okay, and many feel they do have a right to enforce their patents. I think the RSADSI/PKP people are like this. It's a perfectly common belief. So except for the whole patent issue, (including the validity of their particular patents), I think they have a right to sell or not sell licenses to anyone they choose. BUT, to libertarians there's a big distinction between "You have a right to..." and "It's right for you to..." It's possible they're acting within their rights (with the exception noted above) and yet doing something wrong or evil. BUT, in this case I'm not sure whether what they're doing is particularly wrong, although I haven't seen a good case one way or the other. -fnerd quote me From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fnerd@smds.com (FutureNerd Steve Witham) Date: Fri, 18 Jun 93 13:58:25 PDT To: cypherpunks@toad.com Subject: Re: Blasting Bidzos Blather Message-ID: <9306182053.AA22777@smds.com> MIME-Version: 1.0 Content-Type: text/plain Let's see if I understand L. Detweiler's recent comments: 1) PKP licensed key exchange for use with Clipper and DSS. Clipper and DSS are bad. Therefore PKP is "supporting, nay, *promoting* and *profiting* from" DSS and Clipper. a) "supporting, nay, *promoting*"--this is not good publicity against Clipper and DSS. Therefore PKP is our enemy. b) "*profiting from*"--this is dirty money, therefore PKP is dirty and we can't trust them. 2) They did it "at no additional charge." (Someone please explain relation to 1b, above.) Therefore they must be receiving some other compensation behind our backs. Therefore they're bad guys and we shouldn't trust them. 3) Bidzos says they don't dictate terms, yet their licenses DO have terms. Therefore he is lying, should not be trusted, etc. 4) They should have refused to license bad uses of "their" technology, but they didn't. Therefore they're bad, etc. Have I got that right? -fnerd quote me From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Brendan Kehoe Date: Fri, 18 Jun 93 18:35:01 PDT To: cypherpunks@toad.com Subject: backpack left at Cygnus Message-ID: <9306190136.AA05971@lisa> MIME-Version: 1.0 Content-Type: text/plain There's a steel blue backpack in my office here at Cygnus; it's got "Kahn on Codes" in it. If it's yours, drop me a line and we can figure out a way for you to get it. Brendan -- Brendan Kehoe brendan@cygnus.com Cygnus Support, Mountain View, CA +1 415 903 1400 ``Ya know Quaker Oats make you feel good twice?'' Hmm. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Linda Boyd Date: Fri, 18 Jun 93 21:40:51 PDT To: cypherpunks@toad.com Subject: PGP 2.3 Message-ID: <199306190439.AA20123@Alice-Thurman.tenet.edu> MIME-Version: 1.0 Content-Type: text/plain Help!! I don't have Usenet access, so I can't post this on the pgp newsgroup, and this is the only other place I know of to ask this... I just got pgp23.zip and pgp23src.zip from soda, and I can't make it give valid signatures with the -a option (well, actually the Armor=on line in the config.txt file)! It will work correctly if Armor=off, and if the file is also encrypted, but a straight signature with ascii armor appended to the message doesn't work. Even pgp22 gives me an invalid signature "doesn't match contents" message! Has anyone else had this problem with 2.3? I've even re- compiled with Borland C++ 3.1, and get the same problem. sean From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Tyler Yip - UnixWeenie(tm) Date: Sat, 19 Jun 93 00:28:31 PDT To: cypherpunks@toad.com Subject: The Computer Shopper cipher Message-ID: <9306190728.AA09090@hairball.ecst.csuchico.edu> MIME-Version: 1.0 Content-Type: text/plain Compared to the lines of the Computer Shopper program, how would this variant evaluate out time-complexity wise? I'm not sure how sophisticated the attacks on pseudo-random generators are. This one includes an random generator shift, based upon the random numbers. ----------------------------------------------------------------------------- #include static int seed; int rand1(int seedval) { return (seed * 183041 % 183319 + 1); } int rand2(int seed) { return (seed * 502001 % 502441 + 1); } void main(int argc, char *argv[]) { int current; FILE *input, *output; if (argc !=3) { fprintf(stderr, "Usage: %s input output\n", argv[0]); exit(1); } if ((input = fopen(argv[1], "rb")) == NULL) { fprintf(stderr, "Error opening inputfile %s\n",argv[1]); } if ((output = fopen(argv[2], "wb")) == NULL) { fprintf(stderr, "Error opening outputfile %s\n",argv[1]); } printf("Enter cipher key: "); seed = getc(stdin); current = fgetc(input); while(!feof(input)) { fputc(current ^ seed, output); current = fgetc(input); if (seed && 8) { seed = rand1(seed); } else { seed = rand2(seed); } } fclose(input); fclose(output); } -- Tyler Yip, UnixWeenie(tm) \ God put me on Earth to accomplish a certain email: davros@ecst.csuchico.edu \ number of things. Right now I am so far California State University, Chico \ behind I will never die. -Calvin & Hobbes From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wet!naga (Peter Davidson) Date: Sat, 19 Jun 93 02:11:53 PDT To: cypherpunks@toad.com Subject: weak pseuodrandom number generator Message-ID: MIME-Version: 1.0 Content-Type: text/plain A pseudorandom number generator recently proposed here, namely: int rand1(int seedval) { return (seed * 183041 % 183319 + 1); } needs some cleaning up. It should be something like: unsigned long rand1(unsigned long n) { return ( ( ( n * 183041L) % 183319 ) + 1 ); } where n is initally set to some seed value. However, this is particularly weak, and quickly degenerates into a cycle, usually of length 208, as the following program will confirm: #include #include unsigned long a[15000]; unsigned long rand1( unsigned long n ); void main(int argc, char **argv) { unsigned int i=0, j; if ( argc < 2 ) return; a[0] = atol(argv[1]); while ( ++i < 15000 ) { a[i] = rand1(a[i-1]); for ( j=0; j Date: Sat, 19 Jun 93 02:34:15 PDT To: cypherpunks@toad.com Subject: that cipher I wrote Message-ID: <9306190933.AA12046@hairball.ecst.csuchico.edu> MIME-Version: 1.0 Content-Type: text/plain Peter Davidson: thanks for the cycle tester!!!!! hadn't thought about testing a generator. As for those generators, they are seeded with the key, but, I messed it up by getting the primes in the wrong order. What characteristics of the multiplier and modulator provide large periods? -- Tyler Yip, UnixWeenie(tm) \ God put me on Earth to accomplish a certain email: davros@ecst.csuchico.edu \ number of things. Right now I am so far California State University, Chico \ behind I will never die. -Calvin & Hobbes From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Nickey MacDonald Date: Fri, 18 Jun 93 22:58:41 PDT To: cypherpunks list Subject: PGP question Message-ID: MIME-Version: 1.0 Content-Type: text/plain I am working on an interesting application using PGP.. and I have come upon a snag. I want to have a message with more that one "pgp block" ie more than one file encrypted and then all the encrypted files concatenated as one new file. If you just use "pgp file" it tries to overwrite the same file each time. If you give it multiple -o specifications, it only takes the last one, and tries to keep overwriting it. If you use -p, it names each file based on what the original encryptor called it, but in this application that would allow for the files to still overwrite each other. What I really need is a way to specify a "base" that is modified for each output. (eg base="file" and output files become "file.1" "file.2" "file.3" etc) Is this possible... can anyone give me *any* suggestions to improve the situation... This has to be an unattended operation. -- Nick MacDonald | NMD on IRC i6t4@jupiter.sun.csd.unb.ca | PGP 2.1 Public key available via finger i6t4@unb.ca | (506) 457-1931 ^{1024/746EBB 1993/02/23} From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Linda Boyd Date: Sat, 19 Jun 93 01:10:49 PDT To: cypherpunks@toad.com Subject: correction on pgp 2.3 problem Message-ID: <199306190808.AA28340@Alice-Thurman.tenet.edu> MIME-Version: 1.0 Content-Type: text/plain Please forgive me! It seems that the signature generated by the pgp 2.3 _IS_ good (according to 2.2), in any form. It's just that pgp 2.3 will not read a signature that is appended to an ascii message and ascii armored. If the signature is in a separate file, or if it isn't armored, it will read it fine. Just not a message with the signature block attached to it... So the problem is in the reading of the pgp signature block, not in the generation of the signature. I'm not very adept at programming, but am trying to work my way through it to see if I can find the problem. Sorry for the previous mistake. Again, maybe this is just my machine... sean From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Doug Porter Date: Sat, 19 Jun 93 03:41:07 PDT To: cypherpunks@toad.com Subject: Re: Blasting Bidzos Blather Message-ID: <93Jun19.034042pdt.13994-2@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain > NIST had no choice Pure bull puckey. First, they could have let DSA die. The commercial sector, particularly banks, would have come up with alternatives we could trust. Second, they could do what competent engineers have done for many decades: designed around inconvenient patents. Third, if they knew they weren't up to it, they could have asked for public help in that design. Fourth, they could have challenged PKP's patents on their merits. Fifth, they could have worked to get those patents declared void in the public interest. I personally don't support this one until PKP is shown to be primarily government controlled. They did none of these things. Why? Doug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "George A. Gleason" Date: Sat, 19 Jun 93 04:18:38 PDT To: smb@research.att.com Subject: Re: RRe: Blasting Bidzos Blather Message-ID: <93Jun19.041815pdt.13927-1@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Consider also the possibility that Bidzos might have felt that it was either sell it now or have it seized later. National security seizures of crypto patents are nothing new. "He who turns and sells away, will live to sell another day..." From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: starr@genie.slhs.udel.edu Date: Sat, 19 Jun 93 03:15:34 PDT To: cypherpunks@toad.com Subject: Violation of 3rd Amendment Message-ID: <9306191011.aa09178@genie.genie.slhs.udel.edu> MIME-Version: 1.0 Content-Type: text/plain I don't think it's correct to say that the 3rd amendment isn't violated. If you consider police forces standing armies and policemen soldiers, then the cases of confiscation of private homes under civil forfeiture for the occupation of cops constitutes violation of the 3rd amendment. The problem with this is that it takes some doing to persuade that police are standing armies and cops soldiers by different names. Tim Starr - Renaissance Now! Assistant Editor: Freedom Network News, the newsletter of ISIL, The International Society for Individual Liberty, 1800 Market St., San Francisco, CA 94102 (415) 864-0952; FAX: (415) 864-7506; 71034.2711@compuserve.com Think Universally, Act Selfishly - starr@genie.slhs.udel.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Sat, 19 Jun 93 11:38:34 PDT To: i6t4@jupiter.sun.csd.unb.ca (Nickey MacDonald) Subject: Re: PGP question In-Reply-To: Message-ID: <9306191838.AA25943@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain According to Nickey MacDonald: > > I am working on an interesting application using PGP.. and I have come > upon a snag. I want to have a message with more that one "pgp block" ie > more than one file encrypted and then all the encrypted files concatenated > as one new file. If you just use "pgp file" it tries to overwrite the same I remember doing this once. What I did was (I think) I encrypted each file in turn and copied it to the end of the "master" file. You can then go back and wipe the temp-cypher files. When you pgp master.fil, it will extract each file in turn. And, yes, this is an automatic process. Hope this helps. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wet!naga (Peter Davidson) Date: Sat, 19 Jun 93 16:53:37 PDT To: cypherpunks@toad.com Subject: testing pseudorandom number generators Message-ID: MIME-Version: 1.0 Content-Type: text/plain Tyler Yip, UnixWeenie(tm), asks: >What characteristics of the multiplier and modulator provide large periods? The standard reference is D. Knuth, The Art of Computer Programming (as I recall), Volume II, the chapter on random numbers. Knuth gives conditions involving a, k and m for n = ( n*a + k ) mod m to have a long (or maximal) period. For the less mathematically-inclined, a pleasing and quick way to eliminate weak pseudorandom number generators is to use the generator to pick row and column pixel positions on a graphics screen. Turn on "randomly" selected pixels. If the screen does not get completely filled in a visibly random way then the generator is weak. A particularly weak generator will turn on 1% or so of the pixels then nothing further happens because it has entered a cycle. A weak generator may fill the screen with parallel lines. Writing a program to test generators in this way is a useful, easy and amusing task and is left as an exercise for the reader. Someone may be inclined to reply that this test does not show that a generator is cryptographically strong, to which the answer is: True, but it certainly eliminates the ones that aren't, and it's fun to watch the pixel display for different generators. Well, on second thought, maybe some generators that are not crypto- graphically bullet-proof might pass this test. But if some generator does not, you can throw it away immediately. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: stig@netcom.com (Stig) Date: Sat, 19 Jun 93 14:20:28 PDT To: cypherpunks@toad.com Subject: Trimmed down pgp.hlp Message-ID: <9306192120.AA10808@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain I edited down the pgp.hlp file so that it's more readable (for me anyway). In case you think that the help file is less than helpful, just replace it. PGP maintainers: please add this (or an even more concise version) to the pgp distribution...contrib directory is fine. Stig ------------ Here's a quick summary of PGP v2.2 commands. pgp ciphertextfile [-o plaintextfile] decrypt or verify signature pgp -e textfile her_userid encrypt file w/ pubkey pgp -e textfile userid1 userid2 userid3 multiple recipients pgp -s textfile [-u your_userid] sign plaintext file pgp -es textfile her_userid [-u your_userid] sign, then encrypt pgp -c textfile traditional symmetric cipher only KEY MANAGEMENT: pgp -kg generate your own unique key pair pgp -ka keyfile [keyring] add new key(s) to your keyrings pgp -kx userid keyfile [keyring] extract (copy) a key from a keyring pgp -kxa userid keyfile [keyring] same, except it's ascii pgp -kv[v] [userid] [keyring] view the contents of your public ring pgp -kvc [userid] [keyring] view the "fingerprint" of a public key pgp -kc [userid] [keyring] check signatures of public keys pgp -ke userid [keyring] edit userid/pass-phrase for your keypair pgp -ke userid [keyring] edit the trust parameters for a public key pgp -kr userid [keyring] remove a key (or userid) from your pubring pgp -ks her_userid [-u your_userid] [keyring] sign/certify a public key pgp -krs userid [keyring] remove selected signatures from a pubkey pgp -kd your_userid revoke your key & issue compromise certificate pgp -kd userid disable or reenable a key on your pubring ESOTERIC USAGES: pgp -d ciphertextfile decrypt message and leave its signature pgp -sb textfile [-u your_userid] create signature separate from textfile pgp -b ciphertextfile detach signature from a signed message OTHER FLAGS -a (ascii) produce ascii radix-64 output suitable for email -m (more) read in more mode, force reading in more mode -w (wipe) erase plaintext after encrypting -f (filter) input from stdin and output to stdout -t (text) when encrypting, treat input as ascii text -p when decrypting, recover original filename Ex: pgp -feast her_userid outputfile /* Jonathan Stigelman, Stig@netcom.com, PGP public key by finger */ /* fingerprint = 32 DF B9 19 AE 28 D1 7A A3 9D 0B 1A 33 13 4D 7F */ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Sat, 19 Jun 93 18:57:35 PDT To: cypherpunks@toad.com, gnu Subject: Re: that cipher I wrote (pseudo random generators) In-Reply-To: <9306190933.AA12046@hairball.ecst.csuchico.edu> Message-ID: <9306200157.AA06857@toad.com> MIME-Version: 1.0 Content-Type: text/plain > What characteristics of the multiplier and modulator provide large periods? Don't bother with looking for a large period (though Knuth spends about half a book on pseudorandom number generators). The problem is that the sequence is predictable. Given ten sequential values from anywhere in the sequence, I think there are algorithms that will determine the sequence. This is from dim recall of some Crypto '90 presentations. Perhaps someone has the papers in front of them, or can re-derive the results? Given plaintext XOR'd with a sequence, you can make pretty good guesses at ten values in the sequence, and if you have to try a few thousand guesses, it will still only take minutes or hours to crack. John From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@apsicc.aps.edu Date: Sun, 20 Jun 93 14:31:02 PDT To: cypherpunks@toad.com (Those Rascals!) Subject: basic truth Message-ID: <030620151902.63b@APSICC.APS.EDU> MIME-Version: 1.0 Content-Type: text/plain Make it sufficiently difficult for people to do something, and most people will stop doing it. -- Robert Sommer -Forwarded by Nobody. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: zane@genesis.mcs.com (Sameer) Date: Sun, 20 Jun 93 16:20:43 PDT To: "George A. Gleason" Subject: Re: OTP dual decryption In-Reply-To: <93Jun18.024542pdt.13995-1@well.sf.ca.us> Message-ID: MIME-Version: 1.0 Content-Type: text/plain In message <93Jun18.024542pdt.13995-1@well.sf.ca.us>, "George A. Gleason" writes: > > > Yeah, the advantage is, if they think they've found it, they might just > stop looking much further. It's a chance that might save your ass. > > -gg Wouldn't it be possible to encrypt the plaintext with DES and then when some TLA tells you to hand over they key tell them that it's an OTP and give them an OTP which produces an innocuous plaintext? Then you don't have to worry about key storage, right? (Because DES-keys are hashed from strings [right?] which can be kept in human memory.) -- | Sameer Parekh-zane@genesis.MCS.COM-PFA related mail to pfa@genesis.MCS.COM | | Apprentice Philosopher, Writer, Physicist, Healer, Programmer, Lover, more | | "Symbiosis is Good" - Me_"Specialization is for Insects" - R. A. Heinlein_/ \_______________________/ \______________________________________________/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Mon, 21 Jun 93 03:08:27 PDT To: cypherpunks@toad.com, gnu Subject: Re: Patent libraries In-Reply-To: <9306161849.AA16059@muskwa.ucs.ualberta.ca> Message-ID: <9306211008.AA00861@toad.com> MIME-Version: 1.0 Content-Type: text/plain Here's some info about the Sunnyvale patent library. You can walk-in and do it all yourself, for free. Bring a few rolls of dimes, since they don't make change and their copiers don't have mag-cards. Or, you can put down a deposit and have them copy patents and mail or fax them to you. I've done it both ways. It's on a back street, in an old elementary school complex. A bit hard to find. Call for directions. It's worth spending a day there e.g. looking up crypto patents, if your days aren't in short supply. I found the microcode to the 68000 in there, among other things. John Gilmore Sunnyvale Patent Information Clearinghouse 1500 Partridge Avenue, Building 7 Sunnyvale, CA 94087 +1 408 730 7290 voice +1 408 735 8762 fax Sunnyvale Patent Information Clearinghouse has a complete set of US patents and trademarks from number one to the present issue. We provide rapid document delivery at an affordable price. Orders may be phoned in during office hours (M-F, 9-5) or faxed at your convenience. Patent copy charges are: Regular charge -- $3.55 per patent, 90c/page, plus postage 24 hour turnaround Express mail -- $3.55 per patent, 90c/page, handling fee $8.60, same day service plus express charge (3pm cutoff) Fax -- same day $14.30 per patent, $1.60/page Fax -- within 2 hours $35.65 per patent, $1.60/page Special pick-up $3.55 per patent, 90c/page, handling fee $8.60 in person DEPOSIT ACCOUNT SERVICE: You must establish a deposit account before receiving patent copies. The minimum deposit is $75. On your letterhead stationary, submit names authorized to use the deposit account. Checks should be made payable to the City of Sunnyvale. -- John Gilmore gnu@toad.com -- gnu@cygnus.com -- gnu@eff.org Creating freedom, rather than longer chains, bigger cages, better meals, . . . From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jim@tadpole.com (Jim Thompson) Date: Mon, 21 Jun 93 14:21:52 PDT To: gnu@toad.com Subject: Re: Patent libraries Message-ID: <9306211509.AA04645@tadpole.tadpole.com> MIME-Version: 1.0 Content-Type: text/plain If there are any other Austin-based cypherpunks, UT is a federal IP depository. Jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Wayner Date: Mon, 21 Jun 93 07:53:26 PDT To: cypherpunks@toad.com Subject: A cite desired... Message-ID: <199306211453.AA17846@access.digex.net> MIME-Version: 1.0 Content-Type: text/plain I remember reading that IBM originally started looking into cryptosystems like DES after they were informally tipped off that the Russians were evesdropping on their internal network. Can anyone give me a pointer to this fact? Thanks, Peter Wayner From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: cdodhner@indirect.com (Christian D. Odhner) Date: Mon, 21 Jun 93 10:57:51 PDT Subject: No Subject Message-ID: <9306211756.AA03344@indirect.com> MIME-Version: 1.0 Content-Type: text Just checking out a "patently false rumor" I heard about... Yeah I'll bite. Drop me a note or not... -Happy Hunting. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Tom Keenan Date: Mon, 21 Jun 93 12:51:25 PDT To: cypherpunks@toad.com Subject: The other Clipper Message-ID: <9306211719.AA32503@acs3.acs.ucalgary.ca> MIME-Version: 1.0 Content-Type: text/plain Just to avert any confusion... I see (Communications Week, June 7, 1993, pg 1) that the code name for IBM's soon to be announced ATM (asynchronous transfer mode) switch happens (?) to be "Clipper." It's apparently based on "IBM's experimental Planet switch, a 6 gigabit per second switch that handles both variable and fixed length packets" and is in test at Rogers Communications in Toronto. (Just in case you hear communications types using the term "Clipper" in a different sense from the one usually seen on this list.) -- Dr. Tom Keenan, I.S.P. Associate Dean, R&D, Faculty of Cont. Ed. University of Calgary 2500 University Dr. NW Calgary, AB T2N 1N4 CANADA (403) 220-4715 (voice) (403) 284-5702 (fax) keenan@acs.ucalgary.ca (email) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: zane@genesis.mcs.com (Sameer) Date: Mon, 21 Jun 93 11:34:40 PDT To: "George A. Gleason" Subject: Re: OTP dual decryption In-Reply-To: <93Jun21.003959pdt.14001-3@well.sf.ca.us> Message-ID: MIME-Version: 1.0 Content-Type: text/plain In message <93Jun21.003959pdt.14001-3@well.sf.ca.us>, "George A. Gleason" writes: > > interesting... If I understand you; it's keep your DES key in your head, and > use the DES cyphertext to create an appropriate OTP key that decrypts back > to something innocuous. good. The thing is, to make this credible, we > still need an OTP program which is in general use for communications. Yeah. OTP's seem awfully cumbersome. > > Now here's another possible problem. Let's say that They are tapping you > and grab all the cyphertext of your actual communications. Now they grab > your hard drive and what they get is a different batch of cyphertext. That > in and of itself might call up some suspicions. Any solution in sight...? Hmm? I don't understand this problem. There's only one set of cyphertext.. the actual cyphertext. Do you mean "different batch of cyphertext" as the OTP which creates the innocuous plaintext from the cyphertext? Maybe encrypt the OTP w/DES and keep it on your hard drive. When "they" snag the drive, they see the different cyphertext, you tell them that it's the OTP you used and give them the DES-key to decrypt the innocuous OTP. I sense a problem with histogram equalization, however. Is there a problem here or does OTP-encryption take care of that? -- | Sameer Parekh-zane@genesis.MCS.COM-PFA related mail to pfa@genesis.MCS.COM | | Apprentice Philosopher, Writer, Physicist, Healer, Programmer, Lover, more | | "Symbiosis is Good" - Me_"Specialization is for Insects" - R. A. Heinlein_/ \_______________________/ \______________________________________________/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Mon, 21 Jun 93 14:30:02 PDT To: cypherpunks@toad.com Subject: Some FOIA results re Clipper Message-ID: <9306212130.AA19632@toad.com> MIME-Version: 1.0 Content-Type: text/plain Lee Tien and I have submitted a pile of FOIA requests about Clipper. Here is scanned-in text from some of the more interesting results, courtesy of Lee. Search for "required", for a mention of the proposal to require the use of Clipper. Also note that the role of the "national security community" has been deliberately withheld from the public statements (search for "mentioned"). Most agencies have not yet responded with documents. FBI is claiming it will take them a year, and we are preparing to file suit to force them to do it within 10 days like the law requires. (Our NSA suit over the same thing, is continuing through the gears of the court process.) John Gilmore [This page originally XXXXXXXXXXXXXXX TOP SECRET; now UNCLASSIFIED] OFFICE OF THE ASSISTANT SECRETARY OF DEFENSE WASHINGTON, DC 20301-3040 COMMAND CONTROL COMMUNICATIONS AND INTELLIGENCE MEMORANDUM FOR MS. JOANN H. GRUBE, NSA REPRESENTATIVE/NSC PRD-27 EXPORT CONTROL WORKING GROUP SUBJECT: Comments on PRD-27/NSA Draft (U) (U) Following are comments concerning your proposed memorandum to Jim Lewis, Department of State: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXX blacked out via FOIA (b)(1) exemption. XXXXXXXXXXXXXXXXXXX (U) The assertions in this draft are merely unsupported statements. Recommend that the memorandum provide more empirical evidence to back up its assertions, and that the above comments be reflected in its contents. (signed) Daniel J. Ryan Director, Information Systems Security CLASSIFIED BY: OASD(C3I)/DIR, ISS DECLASSIFY ON: OADR [This page originally XXXXXXXX SECRET; now UNCLASSIFIED] OFFICE OF THE ASSISTANT SECRETARY OF DEFENSE WASHINGTON DC 20301-3040 COMMAND, CONTROL, COMMUNICATIONS AND INTELLIGENCE 30 APR 1993 (stamped) MEMORANDUM FOR THE ACTING ASSISTANT SECRETARY OF DEFENSE (C3I) Subject: PRD/NSC-27 Advanced Telecommunications and Encryption (U) (U) Advances in telecommunications have created the opportunity for public use of encryption to ensure the privacy and integrity of business and personal communications. These same advances threaten the capabilities of law enforcement and national security operations that intercept the communications of narcotraffickers, organized criminals, terrorists, espionage agents of foreign powers and SIGINT targets. Diverse interests are in diametric opposition with regard to industry's right to sell and the public's right to use such capabilities. A highly-emotional, spirited public debate is likely. (U) In its simplest construct, this complex set of issues places the public's right to privacy in opposition to the public's desire for safety. The law enforcement and national security communities argue that if the public's right to privacy prevails and free use of cryptography is allowed, criminals and spies will avoid wiretaps and other intercepts and consequently prosper. They propose that cryptography be made available and required which contains a "trapdoor" that would allow law enforcement and national security officials, under proper supervision, to decrypt enciphered communications. Such cryptography exists, and while there are many practical problems to be solved, this proposal is technically possible to achieve. (U) Opponents of the proposal argue that the public has a right to and an expectation of privacy, that a trapdoor system would be prone to misuse and abuse, and that the proposed solution would not work in any practical sense. They assert that people who are deliberately breaking much more serious laws would not hesitate to use cryptography that does not have a trapdoor, and that secure cryptography will inevitably be supplied by offshore companies. Thus, freedom will be lost and many tax dollars spent to no effect. (U) This situation is complicated by the existence of other interests. For example, there currently exist strict controls on the export of cryptography. The computer industry points out that it has one of the few remaining positive trade balances and that it is vital that the dominance of the American computer industry in world markets be preserved. The industry fears that this will be lost if offshore developers incorporate high-quality cryptography into their products while U.S. industry either cannot do so or suffers higher costs or delays due to requirements for export licenses. The industry argues persuasively that overseas markets (much less drug lords or spies) will not look with favor on U.S. products which have known trapdoors when offshore products which do not have them are available. In support of their argument, they note that powerful public-key cryptography developed and patented by RSA using U.S. tax dollars is free to developers in Europe, subject to royalties in the United States, and cannot be exported without expensive and time-late export licenses. These charges are true. (U) The national security community is especially interested in preventing the spread of high-quality encipherment routines overseas, and argues that more extensive use here at home will inevitably result in such a proliferation. Actually, it is too late. The Data Encryption Standard (DES) is already widely available throughout the world in both hardware and software forms, and DES software can be downloaded anywhere in the world from public bulletin boards by anyone with a PC, a MODEM and a telephone. In one recent experiment it took three minutes and fourteen seconds to locate a source-code version of DES on the INTERNET. Widespread availability of DES and RSA will enable offshore developers to provide high-quality encipherment for voice and data communications in competition with U.S. industry's products. XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXX blacked out via FOIA exemption (b)(1) XXXXXXXXXXX (U) Despite these concerns, the President has directed that the Attorney General request that manufacturers of communications hardware use the trapdoor chip, and at least AT&T has been reported willing to do so (having been suitably incentivised by promises of Government purchases). The Attorney General has also been directed to create a system for escrow of key material. The Secretary of Commerce has been directed to produce standards based on the use of the trapdoor chip. (U) The President has also directed that the fact that law enforcement officials will have access to the keys will not be concealed from the public. National security officials are not mentioned. (U) The new administration is committed to the development of an information superhighway and a National Information Infrastructure in support of the economy. This worthy goal is independent of arguments as to whether or not law enforcement and national security officials will be able to read at will traffic passing along the information superhighway. A full-scale public debate is needed to ascertain the wishes of U.S. citizens with regard to their privacy, and the impact on public safety of preserving privacy at the expense of wiretapping and communications intercept capabilities of law enforcement and national security personnel. It is not clear what the public will decide. In the meantime, DoD has trapdoor technology and the Government is proceeding with development of the processes needed to apply that technology in order to maintain the capability to perform licit intercept of communications in support of law enforcement and national security. (signed) Ray Pollari Acting DASD (CI & SCM) [This page originally SECRET; now UNCLASSIFIED] ASSISTANT SECRETARY OF DEFENSE WASHINGTON DC 20301-3040 May 3, 1993 COMMAND, CONTROL, COMMUNICATIONS AND INTELLIGENCE EXECUTIVE SUMMARY MEMORANDUM FOR DEPUTY SECRETARY OF DEFENSE FROM: CHARLES A. HAWKINS, JR., ACTING ASD(C3I) (initialed C. Hxxx) SUBJECT: Advanced Telecommunications and Encryption (U) PURPOSE: INFORMATION DISCUSSION: (U) In response to DEPSECDEF's tasking of 21 Apr 93 (TAB A) this information is provided. Advances in telecommunications have created the opportunity for public use of encryption to ensure the privacy and integrity of business and personal communications. These same advances threaten the capabilities of law enforcement and national security operations that intercept the communications of narcotraffickers, organized criminals, terrorists, espionage agents of foreign powers and a broad range of SIGINT targets. Diverse interests are in diametric opposition with regard to industry's right to sell and the public's right to use such capabilities. A highly-emotional, spirited public debate is likely. (U) The law enforcement and national security communities argue that if the public's right to privacy prevails and free use of cryptography is allowed, criminals and spies will avoid wiretaps and other intercepts. They propose that cryptography be made available to the public which contains a "trapdoor" that would allow law enforcement and national security officials, under proper supervision, to decrypt enciphered communications. Such cryptography exists, and while there are many practical problems to be solved, this proposal is technically possible to implement. (U) Opponents of the proposal argue that the public has a right to and expectation of privacy, that such a system would be prone to misuse and abuse, and that the proposed solution would not work in any practical sense. They assert that criminals and spies will not hesitate to use secure cryptography supplied by offshore companies. Thus, the loss of privacy would outweigh any advantages to law enforcement or national security. (U) The computer industry points out that it has one of the few remaining positive trade balances and that it is vital that the dominance of the American computer industry in world markets be preserved. The industry fears that this will be lost if offshore developers incorporate high-quality cryptography into their products while U.S. industry either cannot do so or suffers higher costs or delays due to requirements for export licenses because of strict controls of export of cryptography. The industry argues persuasively that overseas markets (much less drug lords or spies) will not look with favor on U.S. products which have known trapdoors when offshore products which do not have them are available. CLASSIFIED BY: DASD(CI&SCM) DECLASSIFY ON: OADR [This page originally XXXXXXXX SECRET; now UNCLASSIFIED] (U) The national security community is especially interested in preventing the spread of high-quality encipherment routines overseas, and argues that more extensive use here at home will inevitably result in such a proliferation. This would increase the cost of performing the SIGINT mission or decrease the amount of intelligence, or both. The Data Encryption Standard (DES) is already widely available throughout the world in both hardware and software forms, and DES software can be downloaded anywhere in the world from public bulletin boards by anyone with a PC, a MODEM, and a telephone. Thus far, widespread availability has not led to widespread use. However, widespread availability of DES and RSA will make it possible for offshore developers to provide high- quality encipherment for voice and data communications in competition with U.S. industry's products. XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXX blacked out under FOIA exemption (b)(1) XXXXXXXXXXXXXXXXXXXXX (U) The President has directed that the Attorney General request that manufacturers of communications hardware use the trapdoor chip. The Attorney General has also been directed to create a system for escrow of key material. The Secretary of Commerce has been directed to produce standards based on the use of the trapdoor chip. The President has also directed that the fact that law enforcement officials will have access to the keys will not be concealed from the public. National security officials are not mentioned. (U) The new administration is committed to the development of an information superhighway and a National Information Infrastructure in support of the economy. This worthy goal is independent of arguments as to whether or not law enforcement and national security officials will be able to read at will traffic passing along the information superhighway. A full-scale public debate is beginning which will ascertain the wishes of U.S. citizens with regard to their privacy and the impact on public safety of preserving privacy at the expense of wiretapping and communications intercept capabilities of law enforcement and national security personnel. It is not clear what the public will decide. In the meantime, DoD has trapdoor technology and the Government is proceeding with development of the processes needed to apply that technology in order to maintain the capability to perform licit intercept of communications in support of law enforcement and national security. Prepared by: Dan Ryan/ODASD(CI & SCM)/x 41779/28 Apr 93/OSD ------- End of Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Mon, 21 Jun 93 14:42:04 PDT To: cypherpunks, tk0jut2@mvs.cso.niu.edu Subject: A public experiment in how private our lives really are Message-ID: <9306212142.AA19867@toad.com> MIME-Version: 1.0 Content-Type: text/plain A reported has asked me for help in finding people who will help to pentrate the privacy of four volunteers, for a major newspaper story. Any takers? Contact the reporter: Reporter for major metro paper is interested in help finding out anything there is to find on four prominent people who have volunteered to have their privacy breached. Financial fundamentals. Lives of crime. Aches and pains. How rich they are, where they vacation, who they socialize with. You name it, we're interested in seeing if it's out there. All for a good cause. If you're willing to advise this computer-ignorant reporter, or dig in and get the dope on these volunteers, please contact him at tye@nws.globe.com Or call at +1 617 929 3342. Soon. Thanks. Feel free to forward this far and wide. -- John Gilmore gnu@toad.com -- gnu@cygnus.com -- gnu@eff.org Creating freedom, rather than longer chains, bigger cages, better meals, . . . From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ""L. Detweiler"" Date: Mon, 21 Jun 93 15:56:19 PDT To: cypherpunks@toad.com Subject: one reaction: early FOIA results In-Reply-To: <9306212130.AA19632@toad.com> Message-ID: <9306212255.AA29611@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain >The industry argues persuasively that overseas markets >(much less drug lords or spies) will not look with favor on U.S. >products which have known trapdoors when offshore products >which do not have them are available. [...] These charges are true. I'm really amazed how unbiased these letters are. In fact, maybe they were designed to be suitable for FOIA release. There is none of the one-sided propaganda tone of the Clipper announcement. Virtually all the critical arguments *against* Clipper (which can always be taken in parallel as criticisms of the current NSA role) are present -- except for the constitutionality of its introduction or enforcement. The arguments `against' are even labelled `true' and `persuasive'. I wonder if any of this means anything. It could just be a gimmick to suggest that `all concerns were fairly balanced in the proposal'. Does anyone suppose that the important military aides anticipate FOIA requests and come up with bland and benign documents to satisfy them? >The law enforcement and national security communities ... > propose that > cryptography be made available and *required* which contains a > "trapdoor" that would allow law enforcement and national security > officials, under proper supervision, to decrypt enciphered > communications. For the first time we have an official confirmation that the original intent of Clipper (or similar technology) was to make it *mandatory*. I think this is rather ironic considering many of the apologist's current main rationalizations (Denning, Sternlight, etc.) that it is a `voluntary' program. Caveat Emptor! >at least AT&T has been >reported willing to do so (having been suitably incentivised by >promises of Government purchases). `incentivised' -- a cute euphemism for collusion. I wonder to what extent they were `incentivised'. >(U) The President has also directed that the fact that law >enforcement officials will have access to the keys will not be >concealed from the public. National security officials are not >mentioned. eeks, that sounds amazingly ominous. Why would they say in one sentence `law enforcement officials have access to the keys' and then in the next `the security of the scheme for national security purposes is not revealed'? >In the meantime, DoD has trapdoor technology ... wow, they call Clipper `trapdoor technology' -- great PR, for us. >These same advances threaten the >capabilities of law enforcement and national security operations that >intercept the communications of narcotraffickers, organized >criminals, terrorists, espionage agents of foreign powers and a broad >range of SIGINT targets. `narcotraffickers' -- doesn't sound as hysterically paranoid as `drug dealers'. Also, first time I've heard SIGINT and `espionage agents of foreign powers' mentioned `officially' relative to Clipper (although of course that intent was obvious). Just another effective death threat on Clipper, because it will have the absolute *least* effect in foreign countries. >A highly-emotional, spirited public debate >is likely. hehe, it's the NSA that is highly emotional. I'd say they're shuddering and crying. OK OK, low blow, sorry. [proliferation of strong cryptography] >This would increase the cost >of performing the SIGINT mission or decrease the amount of >intelligence, or both. both. already. >Thus far, widespread availability has not >led to widespread use. hm, how could that be? It wouldn't have anything to do with draconian export regulations, would it? So, in short, we have greater confirmation of our worst fears: Clipper was not just designed to be domestic, the purveyors of Clipper were considering a *mandatory* scheme from the start, and national intelligence interests have been obscured intentionally. Also, we have many more obfuscations of who `directed' the Clipper approach -- it claims that the president did. This phrasing is very critical, understand, because the NSA has no authority to make such a proposal, and they must continue to assert that it was originated by the Executive branch for it to have any semblance of legitimacy. Note how they always evade mention of *which* president, it is just The President. (Or as Sternlight once told me, The Whitehouse.) >A highly-emotional, spirited >public debate is likely. Hm. This from a letter dated April 30, Clipper released April 16. Is this a `reaction' or an `anticipation'? This terminology overall closely mirrors the Clipper announcement. Blacked out sections presumably contain arguments on NSA capabilities relative to the new technology. Things like `the proliferation of strong cryptography is a very serious threat to the continued existence of the agency' and `a major current trend of diminuition and erosion in signal interception capabilities can be identified.' It seems to me that the next major threat will be something approximating a mandatory scheme using cloaked terminology (e.g. under the guise of `regulating the industry' and `protecting the consumer') as I wrote on sci.crypt. I think we really have to drive home the point that any mandatory scheme is fundamentally unconstitutional. This little epiphany apparently has not occured to anyone who matters in the development of Clipper policy yet. BTW what is the significance of two copies of the same letter here? p.s. special thanks to J. Gilmore for this critical information. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tye@nws.globe.com Date: Mon, 21 Jun 93 14:21:43 PDT To: cypherpunks@toad.com Subject: No Subject Message-ID: <0096E5DE60478A40.29620183@globe.com> MIME-Version: 1.0 Content-Type: text/plain Reporter for major metro paper is interested in help finding out anything there is to find on four prominent people who have volunteered to have their privacy breached. Financial fundamentals. Lives of crime. Aches and pains. How rich they are, where they vacation, who they socialize with. You name it, we're interested in seeing if it's out there. All for a good cause. If you're willing to advise this computer-ignorant reporter, or dig in and get the dope on these volunteers, please contact him at tye@nws.globe.com Or call at 617-929-3342. Help especially appreciated from anyone in the BOSTON area. Soon. Thanks. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Derek L Davis Date: Mon, 21 Jun 93 17:06:06 PDT To: cypherpunks@toad.com Subject: FOIA differences Message-ID: <930621171001_1@ccm.hf.intel.com> MIME-Version: 1.0 Content-Type: text/plain Note that the 30 APR version of the memorandum (for the acting assistant secretary of defense) and the May 3 version (from the assistant secretary of defense to the deputy secretary of defense) has some differences. In particular, the "required" reference is dropped on the second version. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Timothy Newsham Date: Mon, 21 Jun 93 20:40:44 PDT To: zane@genesis.mcs.com (Sameer) Subject: Re: OTP dual decryption In-Reply-To: Message-ID: <9306220340.AA02067@toad.com> MIME-Version: 1.0 Content-Type: text/plain > > Hmm? I don't understand this problem. There's only one set of > cyphertext.. the actual cyphertext. Do you mean "different batch of > cyphertext" as the OTP which creates the innocuous plaintext from the > cyphertext? Maybe encrypt the OTP w/DES and keep it on your hard drive. > When "they" snag the drive, they see the different cyphertext, you tell > them that it's the OTP you used and give them the DES-key to decrypt the > innocuous OTP. > I sense a problem with histogram equalization, however. Is there a > problem here or does OTP-encryption take care of that? With a OTP any plaintext can correspond with any cyphertext given: PAD (+) plaintext = cyphertext meaning PAD (+) cyphertext = plaintext and plaintext (+) cyphertext = PAD so, take your output of DES, xor its contents with desired "false plaintext" this is your false pad. store this on a seperate disk and make it look all secret-like. When feds come and take your cyphertext (which is output of DES) they ask for your key. You hand over your disk with (fake) PAD. They xor the two together to get (fake) plaintext which reads. You dont have to do this before hand either, if you have a copy of your cyphertext after the feds confiscate a copy from you you can generate pad to make it say something that will really freak them out, like something you couldnt have known prior to the seizure of the cyphertext : "I will be illegally raided on July 2, 1994, sounds sort of like '1984' to me. I wish the government would stay out of my life" > | Sameer Parekh-zane@genesis.MCS.COM-PFA related mail to pfa@genesis.MCS.COM | peace. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Douglas Sinclair Date: Mon, 21 Jun 93 19:54:11 PDT To: cypherpunks@toad.com Subject: hardware RNG Message-ID: <9306220012.AA37450@acs1.acs.ucalgary.ca> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Cypherpunks, A while back there was lots of discussion in the list about hardware random number generation. The consensus was that diode white noise was the easiest thing to use. It probably is, but I havn't been able to persuade a single diode to be noisy yet. Anyhow, I turned to the simplest white noise source that I have, which happens to be a radio tuned to a dead channel. I hooked that up to a home made interface board that has previously served as a frame grabber, and wrote some software to grab random numbers. The hardware compares the signal to four known voltages, and sets the feedback pins on my printer port correspondingly. Thus, I get a nibble of information every cycle. However, it's fairly interrelated (if the high bit is set, the low ones must be set too, &c). So, this is the scheme I came up with to randomize it. Read two nibbles and concatenate them into a byte. Take the parity of this byte to give you one bit. Read eight bits this way, to make one byte. Read 128 bytes by this method, and take a MD5 hash of this data. Use the 16 byte message digest as the final random bitstream. Do this as many times as needed to get the desired number of bytes. Using the ENTROPY1 software submitted to the list by Peter Meyer, I determined that a 1000000 byte file had a relative entropy of 0.999980. This seems close enough to 1 for cryptographical use. For each bit of output, 64 bits have been read from the device. The MD5 transposition should eliminate all of the wave nature of the signal and make adjacent bytes unrelated. So, the question now is, is it safe? An obvious method of attack is to simply connect an identical device to a radio and grab identical data. However, I feel this is unfeasible. Radio noise is omnidirectional and thus (I think) should give you very different signals at different geographic locations due to the different phases of the various sources. There are too many variables in the hardware itself. What frequency is it at? What are the comparison values set to? What other method could be used to attack this except for the obvious tempest attack on the host computer? Doug -----BEGIN PGP SIGNATURE----- Version: 2.3 iQCVAgUBLCZM4SEF9mfcHsd/AQGpYgP+OaJl7v7GO4SITR7nalpdU0wx6mdXHYwD CYP/u1f5BVrPfE85Thsi7beiZMp8o8aI+H5MK1uCMQ1X6pj7SOODuRXhRaXmbjnv jghthWkt19SH4AbpDz7wpV2X7BXmIO0zGBv1rZB84cBgsXQH7cmlgyUCNJP86EUq cCmt7bFSG+U= =tmPC -----END PGP SIGNATURE----- -- PGP 2.2 Key by finger From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: sommerfeld@apollo.hp.com Date: Mon, 21 Jun 93 16:48:55 PDT To: gnu@toad.com Subject: comments on your recent post of FOIAed documents. Message-ID: <9306212348.AA24641@toad.com> MIME-Version: 1.0 Content-Type: text/plain 1) The first document is particularly compelling, especially considering the apparant references to the censored paragraph in the un-censored paragraph... it makes it obvious that there are two sets of reasons for clipper; the ones that they'll admit, and the ones which are classified and which they won't admit in public. 2) The second document makes it clear that requiring the use of key escrow is a goal of law enforcement and national security. 3) The dates on the documents are dated after Ms. Denning's infamous "trial balloon".. 4) From the second document: > In one recent experiment it took three minutes and > fourteen seconds to locate a source-code version of DES on the > INTERNET. Hmm. It only took me under minute when I tried it (using the command "archie -s des.tar"). Maybe they tried it when the archie servers were overloaded :-), or maybe they counted the time needed to read the archie man page.. 5) What kind of a dork uses words like "incentivized"? - Bill From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: bear@eagle.fsl.noaa.gov (Bear Giles) Date: Mon, 21 Jun 93 19:13:04 PDT To: cypherpunks@toad.com Subject: Re: one reaction: early FOIA results Message-ID: <9306220209.AA27208@eagle.fsl.noaa.gov> MIME-Version: 1.0 Content-Type: text/plain "L. Detweiler" writes >The >arguments `against' are even labelled `true' and `persuasive'. I wonder >if any of this means anything. It could just be a gimmick to suggest >that `all concerns were fairly balanced in the proposal'. It's always a dangerous strategy to recognize your opponent has a legitimate position. If they dismissed our concerns with hand-waving they could also defuse Congressional (or other) inquiries with an appeal to authority; but with these documents they've acknowledged the legitimacy of our concerns. >Does anyone >suppose that the important military aides anticipate FOIA requests and >come up with bland and benign documents to satisfy them? You mean they _wouldn't_? Refusal to provide all documents and the dates of these documents (i.e., not during the initial design stages) suggests that they could well be covers for other documents. If nothing else, I would like to see correspondence at the same level from a year ago, back when it appeared Bush was a shoo-in for reelection. I suspect we will find a substantially different tone.... >For the first time we have an official confirmation that the original >intent of Clipper (or similar technology) was to make it *mandatory*. I don't think we have _any_ information about the *original* intent. We have some indications of what they intended after Clinton was elected, but none of these documents are from the Bush era. >>at least AT&T has been >>reported willing to do so (having been suitably incentivised by >>promises of Government purchases). > >`incentivised' -- a cute euphemism for collusion. I wonder to what >extent they were `incentivised'. Why not accept this at face value -- the government asked AT&T how many phones they would need to purchase to make it worthwhile for AT&T to make the things, AT&T gave them a number, and the government said "Okay!" >>(U) The President has also directed that the fact that law >>enforcement officials will have access to the keys will not be >>concealed from the public. National security officials are not >>mentioned. > >eeks, that sounds amazingly ominous. Why would they say in one sentence >`law enforcement officials have access to the keys' and then in the >next `the security of the scheme for national security purposes is not >revealed'? I read this as "National security officials will have access to the keys, but this will not be revealed to the public." Nothing I hadn't already assumed. :-( >`narcotraffickers' -- doesn't sound as hysterically paranoid as `drug >dealers'. No, "narcotraffickers" are the people who bring the drugs into the country. Apparently the Feds have decided to leave persecution of alleged drug dealers (note tenses) to local authorities using forfeiture laws, while the Feds concentrate on the people bringing the drugs into the country and the major distribution networks. >>Thus far, widespread availability has not >>led to widespread use. > >hm, how could that be? It wouldn't have anything to do with draconian >export regulations, would it? More likely the tendency of people to pretend "this can't happen to me!" After all, most people only deal with other residents of North America and there are no internal cryptographic restrictions. Yet. Bear Giles From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: TO1SITTLER@APSICC.APS.EDU (Kragen Sittler) Date: Mon, 21 Jun 93 22:03:07 PDT To: cypherpunks@toad.com Subject: What is going on here? Message-ID: <930621225905.d46@APSICC.APS.EDU> MIME-Version: 1.0 Content-Type: text/plain From: SMTP%"Postmaster" 21-JUN-1993 22:58:06.38 To: CC: Subj: Undeliverable Mail Date: Mon, 21 Jun 1993 22:57:59 -0600 (MDT) From: Postmaster@APSICC.APS.EDU Subject: Undeliverable Mail To: Bad address -- Error -- Address refused by receiver: (550 ... User unknown) Start of returned message Date: Mon, 21 Jun 1993 22:57:54 -0600 (MDT) From: TO1SITTLER@APSICC.APS.EDU (Kragen Sittler) Message-Id: <930621225754.d46@APSICC.APS.EDU> Subject: What? To: cdohner@indirect.com X-Vmsmail-To: SMTP%"cdohner@indirect.com" From: SMTP%"cypherpunks-request@toad.com" 21-JUN-1993 15:27:12.37 To: TO1SITTLER CC: Subj: Date: Mon, 21 Jun 93 10:56:26 MST From: cdodhner@indirect.com (Christian D. Odhner) Message-Id: <9306211756.AA03344@indirect.com> Content-Type: text Content-Length: 123 Apparently-To: cypherpunks@toad.com Just checking out a "patently false rumor" I heard about... Yeah I'll bite. Drop me a note or not... -Happy Hunting. What are you talking about? End of returned message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Fred Heutte Date: Mon, 21 Jun 93 23:36:18 PDT To: sommerfeld@apollo.hp.com Subject: Re: comments on your recent post of FOIAed documents. Message-ID: <93Jun21.233550pdt.13996-1@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain I did better than that: 2 seconds flat for archie -m10 des.tar :-) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: rclark@nyx.cs.du.edu (Robert W. F. Clark) Date: Tue, 22 Jun 93 00:02:21 PDT To: cypherpunks@toad.com Subject: FOIA request Message-ID: <9306220702.AA14470@nyx.cs.du.edu> MIME-Version: 1.0 Content-Type: text/plain ngs.lance.colostate.edu (L. Detweiler) says: >I'm really amazed how unbiased these letters are. In fact, maybe they >were designed to be suitable for FOIA release. There is none of the >one-sided propaganda tone of the Clipper announcement. Perhaps they were prepared. However, it seems just as likely that they realized that there would be a vast outcry over Clipper, just as there was over the "Digital Telephony" proposal. They would have to be dumber than even I consider them not even to consider the possibility of public outcry. >Does anyone >suppose that the important military aides anticipate FOIA requests and >come up with bland and benign documents to satisfy them? I'll bet they started doing this the moment that the FOIA was passed. Why wouldn't they? It's expedient. >For the first time we have an official confirmation that the original >intent of Clipper (or similar technology) was to make it *mandatory*. Yep. This particular quote ought to be distributed widely. We cypherpunks have known this since the Clipper proposal reared its monstrous head; now it's official writ, only recently declassified. Let's make the most of it. >I think this is rather ironic considering many of the apologist's >current main rationalizations (Denning, Sternlight, etc.) that it is a >`voluntary' program. Caveat Emptor! Well, as we've known, they're either shills or idiots. Perhaps both. >`incentivised' -- a cute euphemism for collusion. I wonder to what >extent they were `incentivised'. 'Incentivised' indeed. I believe that anyone capable of using such a revolting neologism is, _ipso facto_, untrustworthy. Even Hollywood people don't speak _that_ badly. [. . .] >>In the meantime, DoD has trapdoor technology ... >wow, they call Clipper `trapdoor technology' -- great PR, for us. It's pretty appalling that they even _admit_ that it is 'trapdoor' technology. However, as P. T. Barnum once said: "No one ever went broke underestimating the intelligence of the American public." They're probably planning some new crime already, realizing that Clipper will be defeated. They had Clipper in the hopper since before Digital Telephony was defeated. As Clipper makes Digital Telephony look like a schoolboy prank, prepare for something genuinely monstrous in a few months. Probably just when we start feeling a little complacent and victorious, too. [Thanks to John Gilmore repeated; the FOIA gave very useful information.] ---- Robert W. F. Clark (still waiting on the results rclark@nyx.cs.du.edu of my OWN FOIA request) clark@metal.psu.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: rclark@nyx.cs.du.edu (Robert W. F. Clark) Date: Tue, 22 Jun 93 00:02:57 PDT To: cypherpunks@toad.com Subject: The Bizdos flap Message-ID: <9306220703.AA14721@nyx.cs.du.edu> MIME-Version: 1.0 Content-Type: text/plain bout all the Bizdos flap: It is entirely possible that PKP has no sensible alternative but to capitulate to the NSA's offer. While Bizdos himself may oppose the Clipper chip, it is obviously in PKP's best interest to accept a virtual monopoly on the crypto industry. While Bizdos' title may be "President," it is very easy for a company to remove a "President" who makes unprofitable choices. As has been said before, corporations have no truck with ethics. To expect a corporate entity to behave ethically is the same as to expect a T-cell to cease absorbing phagocytes. It ain't in its nature. If one wishes PKP to behave "ethically," it is necessary for us to make it unprofitable for PKP to behave in the manner in which it is. E. g. question their patents, bring suits against them, and otherwise make PKP's existence unprofitable. Suddenly, it will behave "ethically." Any ideas, folks? Don't expect help from Bizdos on it, though. [P. S. Ever notice that the only two people who have automatic form-letter answers to their email are Billys? Billy Idol and Billy Clinton. Fitting, somehow.] ---- Robert W. F. Clark rclark@nyx.cs.du.edu clark@metal.psu.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Tue, 22 Jun 93 02:00:04 PDT To: Douglas Sinclair Subject: Re: hardware RNG In-Reply-To: <9306220012.AA37450@acs1.acs.ucalgary.ca> Message-ID: <9306220859.AA01020@toad.com> MIME-Version: 1.0 Content-Type: text/plain > persuade a single diode to be noisy yet. Anyhow, I turned to the simplest > white noise source that I have, which happens to be a radio tuned to a dead > channel. . . > What other method could be used to attack this except for the > obvious tempest attack on the host computer? Well, the most obvious is for the attacker to TRANSMIT on that frequency. Then they control the 'random' data you are getting. John From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "George A. Gleason" Date: Tue, 22 Jun 93 02:42:11 PDT To: zane@genesis.mcs.com Subject: Re: OTP dual decryption Message-ID: <93Jun22.024135pdt.13981-1@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Cyphertexts: I was thinking, you do your actual comms in a PKS and then decrypt on disc and then reencrypt same over to OTP with an innocuous covertext stored alongside... oh poo, now of course; I was mistaken. You take your PKS cyphertext and generate a spurious OTP covertext from there. Okay, my error. Sorry.... -gg From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "George A. Gleason" Date: Tue, 22 Jun 93 03:05:56 PDT To: cypherpunks@toad.com Subject: Re: one reaction: early FOIA results Message-ID: <93Jun22.030531pdt.13994-3@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Re AT&T being "incentivised;" again, I'd like to suggest it's time to dis-incentivise them like right now. If you're on AT&T long distance, change your carrier. If you're using an AT&T phone system, replace it with anything else. It would be interesting to find out that magic number of phones which AT&T were promised under the Federal contract. Then we can either a) set that as a target for business phone systems getting rid of AT&T, i.e. one for one; or b) figure out what the revenues would be and get an equivalent amount in disconnected AT&T long distance (this one could be done on a gross dollar equivalent amount, assuming one year's worth of service is the relevant gross dollar value of a given client), or c) *both.* Well....? -gg From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "George A. Gleason" Date: Tue, 22 Jun 93 03:09:37 PDT To: rclark@nyx.cs.du.edu Subject: Re: The Bizdos flap Message-ID: <93Jun22.030907pdt.13994-2@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Quoting you, "If one wishes PKP to behave "ethically," it is necessary for us to make it unprofitable for PKP to behave in the manner in which it is. E. g. question their patents, bring suits against them, and otherwise make PKP's existence unprofitable. Suddenly, it will behave "ethically." That's like, if you want your kid to behave, beat him any time he misbehaves. Yeah, uh-huh. If we want PKP to behave ethically, we have to show them positive i.e. profitmaking incentives for doing so. For instance commitments to buy their products if they do (whatever). -gg From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: collins@newton.apple.com (Scott Collins) Date: Tue, 22 Jun 93 11:23:48 PDT To: cypherpunks@toad.com Subject: Re: gov. contracts for Clipper phones Message-ID: <9306221822.AA11940@newton.apple.com> MIME-Version: 1.0 Content-Type: text/plain Jason Zions writes: >[...] I find it >highly unlikely that the contracts in question are for clipper-based phones; >we already know the government doesn't plan to use clipper technology >itself, since it can be suborned by LEO types. I think it *very* likely that the government would want to spy on itself just as much as it wants to spy on everybody else. Remember, the government is not a single entity -- out to get us -- but a collection of individuals, some fraction of whom are covering their butts and looking for goats at any given moment (as has been revealed to us by the media). All of whom are interested in maintaining/improving their current status. This is true at the level of the individual, the committee, the agency, the party... in fact at any identifiable organizational level, entities will engage in behavior that profits them even (or especially) at the expense of entities outside themselves. Scott Collins | "Few people realize what tremendous power | there is in one of these things." | -- Willy Wonka ...................................................................... Apple Computer, Inc. | phone: 408 862-0540(v), 974-6094(f) 1 Infinite Loop, MS 301-2C | AppleLink: SCOTTCOLLINS Cupertino, CA 95014 | internet: collins@newton.apple.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jason Zions Date: Tue, 22 Jun 93 09:55:25 PDT To: cypherpunks@toad.com Subject: Re: comments on your recent post of FOIAed documents. Message-ID: <9306221655.AA29404@jazz.hal.com> MIME-Version: 1.0 Content-Type: text/plain >1) The first document is particularly compelling, especially >considering the apparant references to the censored paragraph in the >un-censored paragraph... it makes it obvious that there are two sets >of reasons for clipper; the ones that they'll admit, and the ones >which are classified and which they won't admit in public. I also find it interesting that, while the President directed that the fact of access to keys by Law Enforcement Officials should not be hidden from the public, the fact of access to keys by ithe intelligence community (i.e. FBI/CIA/NSA) was not to be similarly disclosed. >> In one recent experiment it took three minutes and >> fourteen seconds to locate a source-code version of DES on the >> INTERNET. > >Hmm. It only took me under minute when I tried it (using the command >"archie -s des.tar"). Maybe they tried it when the archie servers >were overloaded :-), or maybe they counted the time needed to read the >archie man page.. They probably ran the client at the far end of a 9600-baud straw on a bad archie day. >5) What kind of a dork uses words like "incentivized"? A government dork. I find it more damning that the government basically bought-off AT&T by promising them contracts; whatever happened to competetive bid? I find it highly unlikely that the contracts in question are for clipper-based phones; we already know the government doesn't plan to use clipper technology itself, since it can be suborned by LEO types. Hi, Bill! Jason "Jazz" Zions From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tribble@memex.com (E. Dean Tribble) Date: Tue, 22 Jun 93 15:39:10 PDT To: agorics@memex.com Subject: address chagne Message-ID: <9306222153.AA09164@memexis.memex.com> MIME-Version: 1.0 Content-Type: text/plain Please send mail to me now at `tribble@netcom.com` thanks, dean From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: stub23 Date: Tue, 22 Jun 93 15:58:49 PDT To: cypherpunks@toad.com Subject: FOIA request Message-ID: <199306222258.AA23793@orion.oac.uci.edu> MIME-Version: 1.0 Content-Type: text/plain the FOIA request looks very interesting and im near positive that something is on me somewhere just becuase i have the wrong type of friends who keep me in their address books but how bad will it look if i actually make the request? and will it mean that i am more likely to have people pay attention to me? and how much info shoudl i include about myself? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Dr. Cat Date: Tue, 22 Jun 93 14:28:03 PDT To: cypherpunks@toad.com Subject: Perspectives Message-ID: <9306222124.AA00723@wixer.bga.com> MIME-Version: 1.0 Content-Type: text/plain The letters John Gilmore received through FOIA are interesting. So are the reactions of the cypherpunks. I think it's valuable for society to have a group of people examine such information in an extremely skeptical manner, even bordering on paranoia. The notion that these documents are a ploy to fool people into thinking the government is aware of the problems with their proposal and has weighed them carefully is worthy of speculation. Such thoughts lead to potential avenues of investigation that may turn up useful information. But there seems to be an overabundance of such views... I think the cypherpunks can better serve society by considering ALL possibilities and investigating the more plausible ones. Including the possibilities that some of the bad guys aren't maximally devious, competent, or even bad guys. I see a lot of use of the word "they", as if the Department of Defense was part of the same group of people as NIST, NSA, the president, etc. etc. and they all are working together with the exact same set of goals and motivations. I think the situation in Washington is more complex than that. And DoD is one player I haven't heard anything previous about with regard to their stance on and involvement with Clipper. In addition to the notion that they totally support Clipper, it should be considered whether they might totally oppose it (unlikely), whether they've chosen not to be involved in the struggle over it and are simply trying to analyze its potential effects on them and disseminate the information internally to be better prepared, or whether perhaps there are differences of opinion between varying individuals in the DoD power structure. And of course, even if you label them bad guys, there's the possibility that someone wanted a summary of valid opposition arguments in order to be able to combat them more effectively, and naively failed to adequately protect them from being revealed to the opposition through the FOIA. I don't have any particular opinion as to what's going on here. I just feel I ought to say something any time I only see one point of view represented in a discussion of such a complicated issue. Particularly when such a small portion of the relevant information is, thus far, available. Dr. Cat From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: M..Stirner@f28.n125.z1.RBBS-NET.ORG (M. Stirner) Date: Wed, 23 Jun 93 07:21:16 PDT To: cypherpunks@toad.com Subject: Origin lines in remailers Message-ID: <44.2C280DA9@wyrm.rbbs-net.ORG> MIME-Version: 1.0 Content-Type: text/plain In response to to call for more remailer traffic, I have been attempting to disseminate the instructions for remailer use among users not members of this list. One of the problems that has arisen is the retention of the origin lines placed at the bottom of the outgoing message by various gates & net whatnot (see bottom of this message for an example). Just before I lost access to this list a few months ago, I know that there was a discussion on how this problem could be solved with both the Cypherpunks & Penet remailers, but a conclusion had not been reached by the time I left. I did not notice a reference to this problem/solution in either the Penet or Cypherpunks remailer helpfiles (which seem to be both unchanged from earlier this year). If this problem has been solved, would some kind soul post the fix here for us? Thanks. M. ___ Blue Wave/QWK v2.12 -- M. Stirner - via RBBS-NET node 8:914/201 INTERNET: M..Stirner@f28.n125.z1.RBBS-NET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: rclark@nyx.cs.du.edu (Robert W. F. Clark) Date: Tue, 22 Jun 93 22:10:42 PDT To: cypherpunks@toad.com Subject: Corporate Ethics and the Profit Margin Message-ID: <9306230510.AA04248@nyx.cs.du.edu> MIME-Version: 1.0 Content-Type: text/plain rge Gleason) writes: [My suggestions on ways to make it unprofitable for PKP to behave "unethically" deleted.] >That's like, if you want your kid to behave, beat him any time he >misbehaves. Yeah, uh-huh. Unlike the child, though, a corporation is not human. In addition, it is, alas, the manner of American business of late to be reactive instead of proactive. Thus, rather than see the future catastrophe which will inevitably result if Clipper/Capstone is mandated as a standard, PKP will look toward this year's profit margin. To get the attention of an American corporation, it is regrettably necessary to "beat it every time it misbehaves." If it behaves, free market forces will take care of the reward. In the case of PKP and AT & T, though, free market forces have been subverted because they have been "incentivised" by Uncle Sam. ("Incentivised," ecch. Sounds like a suitably grisly operation, no? Ever notice that euphemisms are usually uglier than what they euphemise? Even "bribe" would sound less tawdry and criminal.) >If we want PKP to behave ethically, we have to show them positive i.e. >profitmaking incentives for doing so. For instance commitments to buy their >products if they do (whatever). Unfortunately, it's far easier for a large, diverse group to agree _not_ to purchase something than get all of them to sign a group contract to buy a certain company's merchandise. It works, too. Check out the Chavez grape boycott, and the alarming success of the Moron Majority in bullying advertisers and television networks to cancel "immoral" programming. Unless there were a "Cypherpunks procurement committee," which purchased crypto merchandise from "cypherpunk correct" dealers and resold to cypherpunks, this would be difficult to manage. It may be a good idea, but I, for one, don't have the capital to set it up; and it doesn't seem likely to happen in the immediate future. Even you, when making concrete suggestions, seem to realize that punishment and/or negative reinforcement are effective tools, as in your next message you write: >Re AT&T being "incentivised;" again, I'd like to suggest it's time to >dis-incentivise them like right now. If you're on AT&T long distance, >change your carrier. If you're using an AT&T phone system, replace it with >anything else. [Other good suggestions elided.] This is the "whack 'em when they misbehave" tactic which you seemed to oppose in your prior message. It's really the main weapon in our arsenal against corporate misbehavior. ---- Robert W. F. Clark Stop the Clipper Chip! rclark@nyx.cs.du.edu clark@metal.psu.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Tue, 22 Jun 93 22:58:05 PDT To: caadams@triton.unm.edu (Clifford A Adams) Subject: PGP Menu on soda.berkeley.edu Message-ID: <9306230557.AA22297@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain I have just uploaded version 1.0 of my pgp menu system for 4dos/Ndos. It presents a menu interface to all of the major pgp functions and I'm quite proud of it. It does, however, require 4dos or Norton's Ndos to run. But hey, once you use 4dos, you will never go back to regular dos. If there is positive response to this version, I will try to port it into portable C so that it can run on (anything?). Hope you enjoy it. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mulivor@orion.crc.monroecc.edu Date: Tue, 22 Jun 93 21:51:54 PDT To: cypherpunks@toad.com Subject: Re: Scott Collins' comments Message-ID: <9306230451.AA08776@toad.com> MIME-Version: 1.0 Content-Type: text/plain Scott Collins writes: Remember, the government is not a single entity -- out to get us -- but a collection of individuals, some fraction of whom are covering their butts and looking for goats at any given moment (as has been revealed to us by the media). All of whom are interested in maintaining/improving their current status. What a superb observation. As a newspaper journalist who's seen government slime up close for a while, I can tell you that this is true, true, true. The _biggest_ threat to Clipper isn't cypherpunks or other patriots; it's a bureaucratic civil war. Phil mulivor@orion.crc.monroecc.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Wed, 23 Jun 93 01:43:48 PDT To: karn@qualcomm.com (Phil Karn) Subject: Re: Weak stenography. In-Reply-To: <9306230815.AA25862@qualcomm.com> Message-ID: <9306230844.AA27879@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Phil Karn writes: ... > etc). But if you ever want to be able to retrieve it, you have to leave > yourself an Achilles Heel: somewhere you need to keep a computer > program, in plaintext, that you can execute to extract and decrypt the > hidden ciphertext. > > You may be able to get away with claiming that the low order bits of > your Doors tapes really *are* meaningless random bits picked up when you > dubbed all your worn-out LPs to DAT, but if they find "readdat.exe" on > your PC, disassemble it and discover that it's a program to extract and > decrypt ciphertext from DAT tapes, you're in trouble. And if you encrypt > your copy of "readdat.exe", well, you now need a plaintext decryption > program to decrypt THAT. > > Short of devising a scheme that's so simple that you don't mind recoding > it from scratch (and from memory) every time you want to extract and > decrypt something, what can be done? Some solutions: 1. Make programs like "readdat.exe" ubiquitous...distribute them on shareware disks, CD-ROMs, etc. Thus, many households and offices will have "readdat.exe"-like programs, whether they use them or not. Mere possession of such a program will thus not be unusual or suspicion-provoking. (This is of course one of the strategies in making PGP and related programs ubiquitous.) (Note that the storage of the _key_ is another matter, and is a problem with most crypto schemes. For data stored in low-order bits on a DAT, and retrievable with "readdat.exe," a pass-phrase of sufficient length can be used.) 2. The bit-reading program "readdat.exe" can be stored remotely, perhaps at an ftp site, so the user can retrieve it only when he needs to use it, then flush it. (I favor the "ubiquitous" route, as frequent retrievals make themselves known in other ways....and may even draw attention to a user in the first place.) -Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "George A. Gleason" Date: Wed, 23 Jun 93 03:36:09 PDT To: rclark@nyx.cs.du.edu Subject: Re: Corporate Ethics and the Profit Margin Message-ID: <93Jun23.033544pdt.14090-2@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Re Robert. Good one there, catching me saying "positive reinforcement for PKP and negative reinforcement for AT&T." The thing is, I agree corporations don't have feelings, but Jim Bidzos *does* have feelings and he is singularly responsible as an individual, to a range of constituencies. Some of those constituencies have legal relationships such as stockholders. Others are informal, such as Us Here. But all of them come directly to HIM. That's not the case with AT&T which is a HUGE bureaucracy. If someone would find the single individual in AT&T who got them involved with the Clipper thing, we might have an interesting round of questions to ask. The thing is though, once you're dealing with a specific person, the relationship of adversariality has to be modified to take into account the respect for the individual human being. -gg From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "George A. Gleason" Date: Wed, 23 Jun 93 03:39:11 PDT To: karn@qualcomm.com Subject: Re: YAA (yet another article) Message-ID: <93Jun23.033851pdt.14087-2@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Re Phil's criticism of warrants and the Oh My god proposal on wiretaps. It would seem that an additional safeguard can be put in place which would create some kind of liability for deliberately exaggerated warrants. One could also require the services of an investigator serving in the capacity of a public defender, who would act as devil's advocate against warrants by bringing countervailing information to bear. -gg From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Tue, 22 Jun 93 22:12:19 PDT To: Duncan Frissell Subject: Re: Digital Cash$$$$ Message-ID: <9306230512.AA11503@qualcomm.com> MIME-Version: 1.0 Content-Type: text/plain At 04:09 PM 6/14/93 EDT, Duncan Frissell wrote: > > 1.) You mail cash/MO to First Digital Bank of Cyberspace (at an >offshore > maildrop) together with a public (unique if you like) key and anonymous >email > address (on Julf's remailer perhaps). Recall that the US has money-laundering laws that require you to file a form every time you move $10,000 or more in or out of the country. If the First Digital Bank of Cyberspace is offshore, it could come under these laws, at least with respect to priming your account with real money. It's an interesting question whether they could then get you for sending more than $10,000 of digital cash across the border without filing the form. It's even more interesting if you encrypt all these cross-border transactions... Another wonderful set of laws we can credit to the "war on drugs". Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: szabo@techbook.com (Nick Szabo) Date: Wed, 23 Jun 93 05:59:46 PDT To: karn@qualcomm.com (Phil Karn) Subject: Re: Weak stenography. In-Reply-To: <9306230815.AA25862@qualcomm.com> Message-ID: MIME-Version: 1.0 Content-Type: text/plain Phil Karn: > if they find "readdat.exe" on > your PC, disassemble it and discover that it's a program to extract and > decrypt ciphertext from DAT tapes, you're in trouble. And if you encrypt > your copy of "readdat.exe", well, you now need a plaintext decryption > program to decrypt THAT. Perhaps some hacks (ab)used by virus writers might be useful here. We might hide "readdat.exe" inside a larger "innocuous.exe" and scramble it with the "mutation engine", which creates a unique signature for each copy of readdat.exe's code (including the engine itself, which bootstraps from a very short common code sequence). The result is they have no signature to search for, even if they already have a copy of "readdat.exe" and the mutation engine. Nick Szabo szabo@techbook.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Tue, 22 Jun 93 23:08:45 PDT To: cypherpunks@toad.com Subject: Re: 2600 testimony to Markey's subcommittee Message-ID: <9306230608.AA14038@qualcomm.com> MIME-Version: 1.0 Content-Type: text/plain Having heard Markey in action (during John Gage's testimony, and again during some hearings on HDTV), and having read his atrocious "scanner bill" really drives home the old saying: a little knowledge is *dangerous*. To which I would add "especially in the hands of a politician". Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: eichin@cygnus.com (Mark Eichin) Date: Wed, 23 Jun 93 07:06:19 PDT To: cypherpunks@toad.com Subject: re: Weak stenography. In-Reply-To: <9306230844.AA27879@netcom3.netcom.com> Message-ID: <9306231406.AA29189@cygnus.com> MIME-Version: 1.0 Content-Type: text/plain >> 1. Make programs like "readdat.exe" ubiquitous...distribute them on Well, you need a program to read your DATs and play them anyhow. What's a few extra options? Presumably it would handle various filtering and sampling anyhow; perhaps the common DAT tools or audio tools could just happen to contain a bit slicer... Still doesn't sound like it's useful for anything you need to access alot or use in the short term. Best to keep fighting for real privacy... >> I must admit I'm disappointed to hear Hellman say something like this. >> Every time somebody comes up with a "new" or "improved" key escrow scheme, >> they give implicit approval to the whole basic idea of key escrow. Which >> is fundamentally unacceptable in *any* form. It could be said that this focusses the argument on the real issue... which is *not* the technology, but the trust of government (or the need for it.) Perhaps this analogy isn't too stretched: suppose your child wants to keep a private diary. They can keep it under two locks -- but only if mother has one key and father has the other (so that if they agree that they need to see the diary, they can.) Does this seem fair itself? [too many would argue yes... that as the parents are responsible for the child, it is reasonable to do this] Does this seem like a good analogy? [perhaps closer than some would like to admit... "but mother and father are closer than any escrow agencies would be..." "oh really?" etc.] _Mark_ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Wed, 23 Jun 93 00:05:24 PDT To: Jason Zions MIME-Version: 1.0 Content-Type: text/plain At 11:18 AM 6/16/93 -0500, Jason Zions wrote: >Legalize drugs and prostitution and the Mafia will dry up and blow away. Amen. It was a real eye-opener to see the statistics on legal wiretaps (the ones they tell us about, anyway). The vast majority, and I do mean vast, are related to drugs. A distant second was gambling, and I think "racketeering" was in there somewhere (not sure what makes that distinct from "drugs" these days). >>Hellman has an ingenious idea that might appeal to those concerned >>about civil liberties. He would require not one but three judges to >>authorize a Clipper wiretap. A judge could answer the request with >>"Yes," "No or "Oh, my God!" The latter means, "This looks like an >>attempted abuse of power, as in Watergate." I must admit I'm disappointed to hear Hellman say something like this. Every time somebody comes up with a "new" or "improved" key escrow scheme, they give implicit approval to the whole basic idea of key escrow. Which is fundamentally unacceptable in *any* form. Although his idea may appeal to some naive people, I wonder how many have actually seen any search warrant affidavits. I read the one for Steve Jackson Games, and you certainly wouldn't know from that that they weren't all guilty as sin. Too bad it was completely defective. Do I sound like I don't place much faith in the warrant requirement acting as a meaningful safeguard? You bet! Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Wed, 23 Jun 93 00:23:02 PDT To: cypherpunks@toad.com Subject: Re: YAA (yet another article) Message-ID: <9306230722.AA00336@qualcomm.com> MIME-Version: 1.0 Content-Type: text/plain At 01:46 PM 6/16/93 -0400, Perry E. Metzger wrote: >Torture, believe it or not, is a very effective way of police to get >information. Our society bans it. Every mechanism that is useful is >not acceptable. Not to dilute your argument or anything (you know I agree with it), but the reading I've done on the history of the Fifth Amendment says that one of the reasons torture was eventually banned in Western countries (through mechanisms like the American Fifth Amendment) was the growing realization that it actually was NOT particularly effective. People would falsely confess to all sorts of crimes just to get the torture to stop. Consider how many confessed witches were burned in New England. One of the problematic things about encryption (as it's usually practiced now) is that it's relatively easy to tell if an encryption key is the right one or not. This makes it tempting to resort to torture (or a "contempt of court citation", in modern terms) to extract it from an unwilling defendant. That's why both steganography and "duress key" schemes will remain important for some time, even if the 5th amendment were to be held as applicable to compelling crypto keys. You could cry "torture", while the police would claim that they discovered the key by other means (or that you disclosed it "voluntarily") and it would be your word against theirs. Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Wed, 23 Jun 93 01:15:19 PDT To: J. Michael Diehl MIME-Version: 1.0 Content-Type: text/plain One thing keeps bugging me about steganography. Let's say that "unlicensed cryptography", including the mere possession of ciphertext, is totally outlawed. You may well be able to bury encrypted data in all sorts of things (gif files, digital audio, "free" blocks on a hard disk, etc). But if you ever want to be able to retrieve it, you have to leave yourself an Achilles Heel: somewhere you need to keep a computer program, in plaintext, that you can execute to extract and decrypt the hidden ciphertext. You may be able to get away with claiming that the low order bits of your Doors tapes really *are* meaningless random bits picked up when you dubbed all your worn-out LPs to DAT, but if they find "readdat.exe" on your PC, disassemble it and discover that it's a program to extract and decrypt ciphertext from DAT tapes, you're in trouble. And if you encrypt your copy of "readdat.exe", well, you now need a plaintext decryption program to decrypt THAT. Short of devising a scheme that's so simple that you don't mind recoding it from scratch (and from memory) every time you want to extract and decrypt something, what can be done? Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: bear@eagle.fsl.noaa.gov (Bear Giles) Date: Wed, 23 Jun 93 08:50:42 PDT To: cypherpunks@toad.com Subject: Re: Digital Cash$$$$ Message-ID: <9306231547.AA13751@eagle.fsl.noaa.gov> MIME-Version: 1.0 Content-Type: text/plain Phil Karn writes: > >Recall that the US has money-laundering laws that require you to file a >form every time you move $10,000 or more in or out of the country. If the >First Digital Bank of Cyberspace is offshore, it could come under these >laws, at least with respect to priming your account with real money. > >It's an interesting question whether they could then get you for sending >more than $10,000 of digital cash across the border without filing the >form. It's even more interesting if you encrypt all these cross-border >transactions... This could tie a lawyer up in fits, because even if you sent digital cash across the border, you could still produce a _spendable_ copy in the originating country! In fact, you could have the same 'bill' residing on media in a dozen countries! You couldn't legally spend more than one copy of the digital cash, of course, but digital cash (unlike hard cash) can be located in several places -- and probably would be if you're talking about a substantial amount of money. >Another wonderful set of laws we can credit to the "war on drugs". Many countries restrict or monitor the flow of currency across their border; this isn't simply a result of the WoD. However, the WoD was the main reason publicly acknowledged. Bear Giles From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl Barrus Date: Wed, 23 Jun 93 08:13:32 PDT To: cypherpunks@toad.com Subject: REMAIL: public keys Message-ID: <199306231513.AA14546@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain A while ago Dave Sun suggested keeping a file containing the public keys of the remailers in an easy to get format. (I'm embarrased how long it has taken me to do this!) I recently upload the keys I have, signed by myself and occasionally others. I recently uploaded a tar-gzip file with the public keys I have, and an MSDOS zip file of the same info will follow shortly. I'd like to (at least) get the remailer operators to sign their keys. I must apologize in advance because once I went through my key ring and removed all the "unknown signator" signatures, and thus have probably erased the signatures that some put on in the first place. If this is the case, please send me the remailer keys, your public key, and I'll add them both to my ring so I won't have those errors in the future! /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: elee9sf@Menudo.UH.EDU Date: Wed, 23 Jun 93 08:20:37 PDT To: cypherpunks@toad.com Subject: REMAIL: Origin lines in remailers In-Reply-To: <44.2C280DA9@wyrm.rbbs-net.ORG> Message-ID: <199306231520.AA15363@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain > One of the problems that has arisen is the retention of the origin lines > placed at the bottom of the outgoing message by various gates & net > whatnot (see bottom of this message for an example). Yeah, the discussion centered on whether remailers should modify text (converting tabs, crlf, strip signatures, etc.) or not. I guess it would be "best" if the remailers just pass text on through, but then some people can't help extra stuff their mail software puts in. Right now, you can form your message and encrypt it with extropia's public key - that remailer will only forward text encrypted text, so your signature will get removed. /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mike Godwin Date: Wed, 23 Jun 93 07:36:54 PDT To: karn@qualcomm.com (Phil Karn) Subject: Re: DH for email (re: email protection and privacy) In-Reply-To: <9306230023.AA21092@qualcomm.com> Message-ID: <199306231437.AA11378@eff.org> MIME-Version: 1.0 Content-Type: text/plain Phil Karn asks: > >You're not required to go *beyond* what is specified in a subpoena. > >But the subpoena's specifications can be pretty broad. > > Are you talking civil, criminal, or both? I assume you're asking about civil versus criminal contempt. My tentative answer (I can't look this up because my reference books are still packed) is both. Civil contempt, strictly speaking, is not a separate legal action--a federal judge has broad authority to impose civil-contempt sanctions on people who are noncompliant with subpoenas, who disrupt court proceedings, and so on. Criminal contempt *is* a separate legal action, and I think you can be prosecuted for intentional noncompliance with court orders, but I'd have to look up the criminal-contempt statute to be sure. --Mike From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mike Godwin Date: Wed, 23 Jun 93 08:10:59 PDT To: karn@qualcomm.com (Phil Karn) Subject: Re: YAA (yet another article) In-Reply-To: <9306230705.AA22288@qualcomm.com> Message-ID: <199306231511.AA11641@eff.org> MIME-Version: 1.0 Content-Type: text/plain Phil Karn writes: > Do I sound like I don't place much faith in the warrant requirement acting > as a meaningful safeguard? You bet! I agree with Phil that, in practice, the warrant requirement is a very thin reed on which to base our Fourth Amendment rights. The magistrates who review warrant applications tend to accept uncritically what they're told by the government officials seeking the warrant. Hellman's proposal would address only the most obvious and most extreme abuses. --Mike From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: skyhawk@cpac.washington.edu Date: Wed, 23 Jun 93 11:31:39 PDT To: cypherpunks@toad.com Subject: Re: weak stenography and hiding readdat.exe Message-ID: <9306231831.AA04870@bailey.cpac.washington.edu> MIME-Version: 1.0 Content-Type: text/plain The simplest effective way I know of to hide an executable (such as readdat.exe) is to have it masquerade as another program, preferably one that is complex enough to justify its size. (You couldn't hide PGP in cat, but you could hide it in Mathematica.) You'd want the original program to be something you compile yourself, like some large X program, or gcc, or emacs. (You can hide *anything* in emacs. In fact, you can make pgp a hidden *primitive* in emacs. Hmmmmmm... Or Perl. Hmmmmmmm.....) That way you don't have a file that differs noticably from your OS release (they might check sizes and checksums), and you don't want to bother with patching a binary anyway. Then you've got the problem of invoking the alter ego of your program. Methods I've used in the past include new command-line flags, time of day, multiple "normal" invocations with slightly strange flags (this would save simple state information in /tmp), and special environment variables. To avoid leaving a trail to the hidden goodies, it's important to wipe any special arguments from argv[] (or your language's equivalent), insure that any special environment variables look completely innocent since ps(1) will display them to anyone who asks, (both assuming you're on a multiuser Unix box), and to not leave an intact .history file where some bright anti-subversive in the SS lab could see it on your confiscated hard drive, or your university's confiscated backup tapes. To make cleaning up simpler, you could hack your shell's history mechanism to not put incriminating strings into your .history. Leaving a false trail is better than simply removing the real trail, after all. (You wouldn't really need to do the same thing for your accounting log, if your machine keeps it at all, since it would only have the name of the executable. It would be important, though, that your program's public function be something that you could credibly be using 20 times a day. Compiler, linker, editor, finger, archie...) I've never had to worry about someone running a virus-style checker for naughty code, since mine's all been home-grown, but if there is a particular routine (say, pgp) that's hidden all over, Nick Szabo's excellent idea for using a virus-type mutation engine would be essential. For distribution of something like this, all we'd really need to do is co-opt some project that is distributing code on the net already, preferably something big. Then we could set up an ftp site for the binaries, for those people who don't want to bother with compiling the program. Wink wink, nudge nudge. (And many projects do this anyway.) The development of the "cover" program could go on in parallel, thus justifying continuous releases of the binaries, and the source is available (sort of) thus making the ruse that much more effective. Scott -- Scott Northrop (206)784-2083 ObVirus: The demand for obedience is inherently evil. ObVirus2: As a juror in a Trial by Jury, you have the right, power and duty to acquit the defendant if you judge the law itself to be unjust. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jim McCoy Date: Wed, 23 Jun 93 09:37:57 PDT To: cypherpunks@toad.com Subject: Re: Digital Cash$$$$ In-Reply-To: <9306231547.AA13751@eagle.fsl.noaa.gov> Message-ID: <199306231637.AA28018@tramp.cc.utexas.edu> MIME-Version: 1.0 Content-Type: text > From: bear@eagle.fsl.noaa.gov (Bear Giles) > > Phil Karn writes: > > > >Recall that the US has money-laundering laws that require you to file a > >form every time you move $10,000 or more in or out of the country. [...] > > > >It's an interesting question whether they could then get you for sending > >more than $10,000 of digital cash across the border without filing the > >form. It's even more interesting if you encrypt all these cross-border > >transactions... > > This could tie a lawyer up in fits, because even if you sent digital > cash across the border, you could still produce a _spendable_ copy > in the originating country! In fact, you could have the same 'bill' > residing on media in a dozen countries! Not only that, but a digital cash certificate, unlike regular cash, can be cut up into little segments that each have no value other than being random numbers. You send one segment to each of various accounts arond the world and then reconnect the segments at some site located in a country with weak banking regulations... An idea I had for this digital cash stuff that might be a little easier is to consider some of the nations within the borders of the U.S. The various Native American tribes have a degree of semi-sovereignty that may allow them to get away with something like this. This would make things easier for using this system in the U.S. because it would be fairly trivial to get the reservations on to the net if they are not already. The advantage for those running such a cyberbank is that they would get connected, and get machines to do this stuff, and the rest of us would effectively be paying them to do so :) [it probably would not be a hard sell, but the question is whether or not the various tribes have enough sovereignty to get away with it.] It is things like this that probably give regulators fits. IMHO, the real reason governments are opposed to strong cryptography is that in an information society it effectively places the population outside the control of the government, the central government becomes superfluous. jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@shell.portal.com Date: Thu, 24 Jun 93 00:05:29 PDT To: cypherpunks@toad.com Subject: Testing remailers Message-ID: <9306231925.AA00271@jobe.shell.portal.com> MIME-Version: 1.0 Content-Type: text/plain This is a remailer test. This message has just passed through 16 remailers. Sorry for the waste of bandwidth. Have a nice day. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: crunch@netcom.com (John Draper) Date: Wed, 23 Jun 93 13:14:53 PDT To: cypherpunks@toad.com Subject: An Awsome party coming up Message-ID: <9306232015.AA18970@netcom4.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Greetings Cypherpunks!! We are looking for folks with laptop computers with both MS-DOS and Mac compatability to participate in an upcoming fun event to take place at Pyramid lake in Nevada. The dates are 16th thru 18th of July, where a table will be set up for those with laptops. Our purpose and goals are to make copies of PGP available to those that don't have net access, generate PGP keys, sign keys, and hand out literature to those folks interested in cryptography and the Cypherpunks cause. The event itself will offer a great time to those attending, as there will be camping, swimming, and raving, as well as other happenings to make a total memorial weekend. The event costs $30 for the weekend, and the money goes towards the Western Shoshone and Paiute Indian nation, so the money goes to a worthy cause. I am trying to set it up so that those bringing laptops and who are willing to sit at the table for a period of time, copying disks, generating PGP keys, signing keys, etc will NOT have to pay the $30. What we need from Cypherpunks: ** Make up some brocures and hand out material describing the interests of the Cypherpunks. These can be created using PageMaker, or other page layout software, and can be xeroxed for handouts. ** Volunteers who have laptops (Both Dos and Mac, and possibly others) who can make them available for key generation, PGP distributions, etc. They would NOT have to let their laptops out of their sight, but just be there for a specific time to answer questions, and do what was previous described. So, do we have any volunteers willing to participate in this rather unusual venture? For those people out of the area, and who might be planning a trek out to the west coast, this might be a great time to come. Pyramid lake is out in the Nevada Desert, there is NO shade, so tarps and other camping equipment would also be necessary and desirable. Anyone with RV's, Campers, etc would be really useful for the ocassion. So be looking forward to a great time. Bring your family and kids, I'm sure they will enjoy the happenings, as there is also swimming, horse back riding, fishing, and all of the other camping activities. Brings lots of water, ice, and drinks. Please contact me, and I'll try and put it all together. Right now, I need to collaborate and work on the wording of the brocure. Thanx John D. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com Date: Wed, 23 Jun 93 10:40:03 PDT To: cypherpunks@toad.com Subject: Re: Corporate Ethics and the Profit Margin Message-ID: <9306231736.AA26526@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text gg@well.sf.ca.us writes: > Re Robert. Good one there, catching me saying "positive reinforcement for > PKP and negative reinforcement for AT&T." The thing is, I agree corporations > don't have feelings, but Jim Bidzos *does* have feelings and he is > singularly responsible as an individual, to a range of constituencies. [...] > That's not the case with AT&T which is a HUGE bureaucracy. If someone > would find the single individual in AT&T who got them involved with the > Clipper thing, we might have an interesting round of questions to ask. The > thing is though, once you're dealing with a specific person, the > relationship of adversariality has to be modified to take into account the > respect for the individual human being. A nice distinction, and possibly useful tactically. (Disclaimer: This represents about 10**-7 of AT&T's official position, i.e. I'm a stockholder like most employees, and nobody listens to me, at least not when I'm right :-) It's more than a single individual; it'd mainly be the managers of the group that makes their current line of secure phones for the government. Some of the phone models already have special government encryption chips; this is yet another design variant, and not a really major decision to make as long as there's enough tentatively-promised volume to expect a decent return on the investment. Motorola's in about the same situation. Back when the STU-III first came out, the government was talking about total sales of maybe half a million units to governments and contractors; I don't think sales were anywhere near that large... The interesting questions are whether there are any other strings attached, especially about whether that group will also attempt to market non-wiretapped phones to the public (I don't have any knowledge on that one), and also what the impact is on the parts of our "huge bureaucracy" which weren't in on the secret until we read about it in the New York Times or on the net but will be affected by it (much discussion is still going on, especially by people on standards committees which are getting pressured by the NIST and co-conspirators to specify SkipJack/escrow in industry standards.) The rest of the U.S. telecomm industry is in about the same situation. If you want to pressure AT&T or other large corporations, one popular approach is to buy stock and put a stockholder question on the ballot for the annual meeting; unfortunately the government's trying to railroad everybody into using Clipper fast enough that that's probably not practical here, but there are SEC rules on how to do it, and it does reach a lot of people and make a lot of noise if you can pull it off before it becomes moot, even if you lose (directors of large corporations almost always oppose stockholder resolutions - if do they support something, they can just do it and avoid the need for the voting process.) Having never done this myself, and don't know the costs or level of effort involved, but enough wackos put enough things on stockholder ballots that sane people like us can probably do it as well. It's important to make any ballot questions SHORT, clear to the uninitiated, positive, non-adversarial, and actionable, which ain't easy for complex topics like crypto. Bill From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: bear@eagle.fsl.noaa.gov (Bear Giles) Date: Wed, 23 Jun 93 12:53:26 PDT To: cypherpunks@toad.com Subject: Re: Digital Cash$$$$ Message-ID: <9306231950.AA21578@eagle.fsl.noaa.gov> MIME-Version: 1.0 Content-Type: text/plain >As far as using digibanks on Native American territory, most of the >rules restricting Federal control seem pretty flexible when the Feds want >something, and even states can often get away with restricting gambling >on reservations. Also, the Constitution gives CONgress the power to >regulate commerce with foreign nations, Indian tribes, and between states, >so they can still regulate any interactions between digibanks on >Indian reservations and elsewhere. (Sigh - the Commerce Clause has been >rabidly overused, but it's written in a way that lets them do nearly anything.) This still raises some interesting possibilities: Items: Federal law requires that Indian tribes be permitted to offer all forms of gambling permitted _anywhere_ under state law. Indian reservations have a serious problem with poverty, unemployment, etc. Most gambling is hard to arrange at a distance, but it is possible to form _digital cards_ and then play any of the usual card games. Idea: An Indian tribe in an appropriate jursidiction installs a Internet node with digital cash (backed by checks, credit cards, etc) and _digital cards_. Or even a Compuserve account. (ugh). Anything, as long as the processor is located on Indian land. It offers real-time poker games. For real money. From anywhere in the world. :-) (BTW, you would _not_ offer blackjack, or only with _very_ large decks, because of the large potential for card counting programs). Just to confuse issues further, the poker software is owned by a nonprofit organization and licensed to the Indian nation with the condition that a portion of their profits go towards education. When someone claims that the tribe is offering gambling in an area where it is prohibited, you can legitimately claim that the actual processing is done on the Indian land; the only thing done in other jurisdictions is communications. Example: if a man stood just outside of the reservation and yelled instructions to a confederate at a game just inside the boundary, would that be illegal gambling _on the part of the House_? In this case, digital cash isn't _required_ since the House could simply keep accounting records directly. However, it would make it simpler for the House to honor outside bets, if a person could get a "chip" from the House, pay off a bet to a third party with the "chip", and then the third party could use the "chip" himself. Bear Giles * * Don't let them index you on a key field. Order my Special * * Report "How to Defeat a Data Base and Preserve Your Privacy" * * * ******************************************************************** From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com Date: Wed, 23 Jun 93 10:59:39 PDT To: cypherpunks@toad.com Subject: Re: Digital Cash$$$$ Message-ID: <9306231800.AA26751@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text Do the money-laundering laws require reporting all transactions, or only movement of currency and gold? Digicash is most like EFT, which is transmitted encrypted today - does all of that have to be reported, or only the "real" paper money that backs up the numbers? As far as using digibanks on Native American territory, most of the rules restricting Federal control seem pretty flexible when the Feds want something, and even states can often get away with restricting gambling on reservations. Also, the Constitution gives CONgress the power to regulate commerce with foreign nations, Indian tribes, and between states, so they can still regulate any interactions between digibanks on Indian reservations and elsewhere. (Sigh - the Commerce Clause has been rabidly overused, but it's written in a way that lets them do nearly anything.) There's also the issue of tribal law, but most of the tribes are probably run by small numbers of reasonable people that you can talk to about things, and you can at least shop around to find them, unlike Federal bureaucracies which you're stuck with. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wcs@anchor.ho.att.com Date: Wed, 23 Jun 93 11:31:49 PDT To: cypherpunks@toad.com Subject: Re: Origin lines in remailers Message-ID: <9306231830.AA27125@anchor.ho.att.com> MIME-Version: 1.0 Content-Type: text There are several possible solutions to the origin-lines problem, but they offer different benefits and place different requirements on the users; unfortunately there's been no agreement on what the users should have to do, so there's no agreement on "best" solutions. 1) Chop off anything that even *looks* signature-like, whether the user intended it or not -- I consider this ugly, evil, and unreliable, and likely to chop stuff I want kept and leave stuff I'd like chopped, but there are users out there (e.g. variants on alt.highly.personal.stuff or alt.whistleblowing) who are assumed to be computer-naive and used to this kind of automagic anonymity, and maybe they need it, especially if they don't realize that some systems *do* add them since their local system doesn't. A "Dont-Mess-With-Trailers:" header line would help a bit. I don't know how much of M. ___ Blue Wave/QWK v2.12 -- M. Stirner - via RBBS-NET node 8:914/201 INTERNET: M..Stirner@f28.n125.z1.RBBS-NET.ORG was added by the author, how much by the Blue Wave and/or 8:914/201, or even for certain whether M. Stirner is the author or merely a machine owner; I'm guessing the author, and I'm guessing everything but the initial "M." was added automagically under the machine-owner's control. 2) Cut-Here: lines of various sorts, either following a pre-specified syntax or a MIME-like flexible syntax. I like this approach, since it gives the user a reasonable level of control and very seldom guesses wrong, but there are so many standards to choose from, and a proper implementation would have to leave in the line (or add an equivalent) at each hop to avoid accretion of path-traces, and make sure it gets the correct syntax for each following remailer. And the user *does* have to explicitly request it, which some people view as a problem, especially if they don't know the characteristics of the later mail-handlers in the chain. 3) Encryption-based systems, which only retain the encrypted portion; this means the user has to know more about the remailers being used, and there has to be a standard for expressing which remailers to forward to if more than one will be used (which it probably will be, for anybody security-aware enough to really want an encrypting remailer.) It *does* give you absolute control over how much gets through, but also makes most steganography more difficult. Solving the problem for message *headers* is tougher than solving it for trailers, since you need to know how much to retain of the beginning, and need to avoid trashing the information required to successfully deliver the mail with enough information that its intended recipient can decode and use it. Bill From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Chuck Lever Date: Wed, 23 Jun 93 12:16:10 PDT To: cypherpunks@toad.com Subject: Re: weak stenography and hiding readdat.exe In-Reply-To: <9306231831.AA04870@bailey.cpac.washington.edu> Message-ID: <9306231916.AA05582@toad.com> MIME-Version: 1.0 Content-Type: text/plain Scott Northrop writes: < The simplest effective way I know of to hide an executable (such as < readdat.exe) is to have it masquerade as another program, preferably one that < is complex enough to justify its size. (You couldn't hide PGP in cat, but you < could hide it in Mathematica.) You'd want the original program to be something < you compile yourself, like some large X program, or gcc, or emacs. (You can < hide *anything* in emacs. In fact, you can make pgp a hidden *primitive* in < emacs. Hmmmmmm... Or Perl. Hmmmmmmm.....) That way you don't have a file < that differs noticably from your OS release (they might check sizes and < checksums), and you don't want to bother with patching a binary anyway. these are interesting ideas. but it seems to me you can't beat just using a pre-existing popular application for steganography. in other words, choose an algorithm which doesn't require you to create a new program to do the job. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: M..Stirner@f28.n125.z1.RBBS-NET.ORG (M. Stirner) Date: Thu, 24 Jun 93 17:32:16 PDT To: cypherpunks@toad.com Subject: Remailer origin lines Message-ID: <47.2C2951B0@wyrm.rbbs-net.ORG> MIME-Version: 1.0 Content-Type: text/plain * Reply to msg originally in CYPHERPUNKS Uu> 1) Chop off anything that even looks signature-like, whether the Uu> user intended it or not -- I consider this ugly, evil, and Uu> unreliable, and likely to chop stuff I want kept and leave stuff I'd Uu> like chopped. Yes, this seems fraught with problems. Uu> A "Dont-Mess-With-Trailers:" header line would help a bit. I agree. Uu> I don't know how much of Uu> M. Uu> ___ Blue Wave/QWK v2.12 Uu> -- Uu> M. Stirner - via RBBS-NET node 8:914/201 Uu> INTERNET: M..Stirner@f28.n125.z1.RBBS-NET.ORG Uu> was added by the author, how much by the Blue Wave and/or Uu> 8:914/201, or even for certain whether M. Stirner is the author or Uu> merely a machine owner; I'm guessing the author, and I'm guessing Uu> everything but the initial "M." was added automagically under the Uu> machine-owner's control. The BlueWave blurb was added by the program & can be stripped by re-editing the message before upload. Everything else is out of my control completely & added automagically by the host or the UUCP gateway. The sucker stays, no matter what I do. Some anonymity! Uu> 2) Cut-Here: lines of various sorts, either following a pre-specified Uu> syntax or a MIME-like flexible syntax. I like this approach, since Uu> it gives the user a reasonable level of control and very seldom Uu> guesses wrong, but there are so many standards to choose from, and a Uu> proper implementation would have to leave in the line (or add an Uu> equivalent) at each hop to avoid accretion of path-traces, and make Uu> sure it gets the correct syntax for each following remailer. And Uu> the user does have to explicitly request it, which some people Uu> view as a problem, especially if they don't know the characteristics Uu> of the later mail-handlers in the chain. I, personally, could live with it just to get the remailers to be truly anonymous. The rest of the user input is not especially easy anyway, particularly if accessing internet via a gateway. Another line wouldn't kill me. Uu> 3) Encryption-based systems, which only retain the encrypted portion; Uu> this means the user has to know more about the remailers being Uu> used, and there has to be a standard for expressing which remailers Uu> to forward to if more than one will be used (which it probably will Uu> be, for anybody security-aware enough to really want an encrypting Uu> remailer.) As an interrim measure I guess this is what I'll have to do, but as an early PGP partisan, I've had enough PGP experience not to be turned off by the extra trouble. Most casual users would be. In any case, I think that this is undoubtedly the most user-labor-intensive solution. Uu> Solving the problem for message headers is tougher than solving it Uu> for trailers. In that case, let's have this solved by Monday. 8-) ********************************************************************* * - PGP Key D30909 via servers * * > What country can preserve its liberties if its rulers are not <* * > warned from time to time that their people preserve the spirit <* * > of resistance? Let them take arms!" - Thomas Jefferson, 1787 <* ********************************************************************* ___ Blue Wave/QWK v2.12 -- M. Stirner - via RBBS-NET node 8:914/201 INTERNET: M..Stirner@f28.n125.z1.RBBS-NET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Pat Farrell" Date: Wed, 23 Jun 93 18:12:21 PDT To: cypherpunks@toad.com Subject: Government fear of strong crypto [was Re: Digital Cash$$$$ Message-ID: <70188.pfarrell@cs.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain Jim McCoy writes: > IMHO, the real >reason governments are opposed to strong cryptography is that in an >information society it effectively places the population outside the >control of the government, the central government becomes superfluous. I'm not going to disagree that long term, the net makes governments obsolete, but I think that far fewer folks in the US government have _any_ understanding of the issues arround strong crypto. I spent yesterday at the "Computer Security Institute" conference in Washington (it is a commercial educational conference on computer security). Lots of government employees were there learning about security, products, etc. Most of the products were virus scanners, sigh. The "government" as a whole is not against crypto. The NSA is _very strongly_ against it. There are 60,000 or more bureaucrats in NSA that would be effectively put out of work by widespread strong crypto. All the $17 Billion that they use on signal intercepts would go to competing approachs (satelite recon, spys in the field, etc.) that are controlled by other agencies. Why? because signal intellegence is so easy now that it is extremely cheap and cost effective. Widespread strong crypto will not make evesdropping impossible, but it will make it _very_ expensive in time and money, and thus make it much less attractive. Rather than simply ranting about the evils of bureaucrats, think for a second about their motivation. There is no profit metric for bureaucrats to rely upon - they have to do their job as well as expected for the least amount of money. If they fail to deliver, they lose their jobs. (yes, they can be fired or reassigned to siberia...) So they spend all their life making sure that they do a "good enuff" job and follow all the approved actions. Having Signal intercepts work cheaply and well makes it easy to keep their jobs. I believe that the FBI and other more public agencies are simply shills for NSA. The many posting about real wiretap usage and costs simply can't support taking all the heat last year of Digital Telophony and this year over Clipper, esp. when they admit that smart crooks wouldn't bother to use Clipper. BTW, I talked to Dorothy Denning at the conference. She says that it is now called the "Key escrow chip" because of Intergraph's trademark on Clipper. I'll post more on my conversations with DE Denning later. Pat Pat Farrell Grad Student pfarrell@cs.gmu.edu Department of Computer Science George Mason University, Fairfax, VA Public key availble via finger #include From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Douglas Sinclair Date: Wed, 23 Jun 93 19:49:00 PDT To: karn@qualcomm.com (Phil Karn) Subject: crypto pklite In-Reply-To: <9306240119.AA00555@servo> Message-ID: <9306240247.AA16249@acs1.acs.ucalgary.ca> MIME-Version: 1.0 Content-Type: text/plain I have a friend who wrote a gadget called EXELOCK. It will throw a password stub into the front of an of an EXE file. Now, I'm sure it doesn't use encryption but just compares the hash of the password to a stored value. However, I'm sure an IDEA or DES version could be implemented. As for compression, no need to re-invent the wheel. Simply run pklite and then run the new EXELOCK on the result. I'll contact this person and see if I can lay my hands on the source code for the gadget. -- PGP 2.2 Key by finger From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ""L. Detweiler"" Date: Wed, 23 Jun 93 21:59:33 PDT To: cypherpunks@toad.com Subject: a new role for the NSA In-Reply-To: <70188.pfarrell@cs.gmu.edu> Message-ID: <9306240459.AA10744@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain "Pat Farrell" >The "government" as a whole is not against crypto. The NSA is _very >strongly_ against it. There are 60,000 or more bureaucrats in NSA that would >be effectively put out of work by widespread strong crypto. All the >$17 Billion that they use on signal intercepts would go to competing >approachs (satelite recon, spys in the field, etc.) that are controlled by >other agencies. Why? because signal intellegence is so easy now that it is >extremely cheap and cost effective. Widespread strong crypto will not make >evesdropping impossible, but it will make it _very_ expensive in time and >money, and thus make it much less attractive. Hey cypherpunks, I recognize that it is critical to balance our criticisms with proposals for improvement. For example, in an earlier list of chief criticisms on Clipper I also brought up the point that a cryptographic standard developed under an impartial standards-creation process would be acceptable. Hence, let's get this into the collective psyche: NSA is definitely extremely endangered in the `signal interception' role. However, just to prove that we're not totally out to get all those black spooks, I propose that we emphasize that the NSA pursue a different role that they are in an immensely beneficial position to undertake: *promoting* cryptography use among the public and in government. Don't laugh! A very major part of NSA is dedicated to maintaining and developing the codes and machines that the rest of the military uses. The dichotomy in the two aspects of the organization was apparent with e.g. Kahn's speculation on the development of DES (make it stronger! say the makers. make it weaker! say the breakers). If we gently or jarringly prod NSA into more of the `making' instead of the `breaking' role, that would be a way of not overly offending too many bureacrats by giving them the sacred escape hatch. So: don't advocate completely dismantling the NSA. (That may happen, but if it does it will happen on its own without any encouragement.) Instead, say that in the Post Cold War era they are better suited to shift into the code*making* arena instead of the overlong insistence of the code*breaking* domination. Gosh, think of all those lonely NSA geniuses who have secure schemes but are being overruled. Imagine what this expertise could do for commercial cryptography and American technological competitiveness/supremacy if they were allowed to say `your algorithm is weak because' and not `---[CENSORED-CONFIDENTIAL-INFORMATION]---'. We have to paint ourselves as moderates before we can shine as extremists. Also, let me remind everyone to COUNTER the arguments that we now need a vast framework of intelligence gathering on `commercial espionage' -- I'm not denying that it is a problem or even an increasingly significant one, but this is *not* the role for government. That's why the word `commercial' is in there! Government involvement here will do nothing but restrain and restrict the mobility of companies involved; they have plenty of opportunities to hire deft independent consultants but a large bureacracy can do nothing for them but endanger them. * * * Satellite Torque By the way, I've been reading a lot about how satellite intelligence data is starting to get freed up based on pressure by companies such as Martin Marietta, who would like to sell the lucrative information (surprise, other countries already are and since we aren't allowed to we're dying in an important market we could potentially dominate). There is a great deal of classified satellite surveillance data out there and the fact that some of it might be on the way to being unchained is highly encouraging for the overall Cypherpunk cause. Just a little sunshine disinfectant leaking through, eh? Opening up satellite data is a way of putting more pressure on NSA, which, from what I understand, devotes a great deal of staff toward interpreting it. Or maybe that's another intelligence agency. Either way, it's a valuable wedge and torque we need to pry loose some major obstacles. If anybody is in a position to facilitate the release or dissemination of this data, go for it! * * * NSA: a big bureacracy or a bunch of bureacrats? Someone brought up the point that NSA is really just a whole lot of disconnected bureacrats who are really more interested in saving their own careers than any selfless motive such as promoting the stability of any overall government agency. This of course has relative accuracy, but either way we should try to use it as leverage against Clipper and the NSA cryptography-regulation role. I'd say the first step is to get in contact with whoever makes these policies or is involved! If we could get a list of email addresses of `VIPS in CRYPT' together to lobby, that would be stupendous. However, it seems to me that as soon as anyone tries this they are going to find out pretty fast how much of a uniform monolith the whole of NSA is. It's extremely isolated and guarded as a cohesive *whole*. But! I get the feeling there are a lot of independent *contractors* and *consultants* associated with the NSA. Anybody have any idea of how to get a list of them? We have the people from Mycotronx by name--why don't we have any email addresses? What about AT&T? Surely somebody who matters besides jim@rsa.com has an email address. Consider this the Great CypherPunk Treasure Hunt. happy hunting! From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: an12070@anon.penet.fi Date: Wed, 23 Jun 93 22:58:48 PDT To: cypherpunks@toad.com Subject: A Long, Personal, and Tedious Anecdote on Police Warrants & Searches Message-ID: <9306240456.AA13161@anon.penet.fi> MIME-Version: 1.0 Content-Type: text/plain I considered bringing up this little anecdote that happened to me in `real time' but decided against it, but now can't resist while the subject is in the list's psyche and nanosecond attention span: karn@qualcomm.com (Phil Karn) >I wonder how many have >actually seen any search warrant affidavits. I read the one for Steve >Jackson Games, and you certainly wouldn't know from that that they weren't >all guilty as sin. Too bad it was completely defective. > >Do I sound like I don't place much faith in the warrant requirement acting >as a meaningful safeguard? You bet! I write the following with some hesitation and reservation. This happened about a month ago. If anyone wants to forward this message elsewhere please check with me first. Anyway, after a long and tedious exposition I will tell you how this personal experience affected how I think of search warrants and police work. * * * SEARCH ME I had the misfortune to be in a computer lab on the night a computer was stolen. I admit the following with sheepish embarrassment: there is some possibility it happened while I was in the lab! Yes, I was writing one of those characteristically rabid letters of mine to this list, and was quite oblivous to anything outside of cyberspace. Anyway, I get a call from Officer Burke the next day. Were you in the lab? Yes. Do you remember what was going on? No. He thought the computer was stolen on Saturday night based on a `highly reliable source'. `Are you absolutely sure?' I told him I didn't remember seeing it all over the weekend (we're talking about a particular souped up 486 with the works, color monitor, huge RAM, everything but the pickles). My vague memory surely sounded less than convincing (I had been in there at various times on Friday, Saturday, and Sunday, in the period that he was considering). The lab has key card entry, and I told him his job must be easy since he knew everyone who came and went. He says, To the contrary! The doors were `propped' and friends let in friends. I told him that I didn't let anybody in and the doors were emphatically not propped (I had to use my card) all nights I went there. The system adminstrators of the lab, in their infinite wisdom, had given the officer a massive list of logins that include all *remote* logins to machines *anywhere* on the entire network (as opposed to console logins from a single lab). The cardreader logs they had were 19 and some odd minutes out of time, and the officer was trying to synchronize them with the login times. The night of his call I went back through and looked at the logs of the computer I had used to try to jog my memory. I remembered somebody *in* the lab on one of two machines who let in some other people, who may have snuck to the dastardly spot, all on a night that was very busy. The logs showed that Friday night was the busiest. This all happened after his phone call when I was able to better reconstruct what happened on given nights. I compiled and hand-edited lists of console logins from all the 5 Unix machines in the lab based on the `last' records. I called Officer Burke and told him of the person I thought let in some other people during the night (assuming he had logged in), and some vague physical descriptions of all (it all happened mostly just in my peripheral vision and awareness). Officer Burke was a bit hazy on assimilating and recording the information, and didn't seem to be able to get it all written down. He was trying to simultaneously cross reference everything I said with the reams of computer printouts in front of him. I was really surprised that he didn't seem to have been supplied with the critical information I was giving him. Why was going through all this trouble? I really wanted him to catch the culprit because this was a perfect opportunity and excuse for the local illustrious computer administration to shut down the computer labs to after hours because `someone had spoiled it for everyone' (the slimiest excuse for intolerable restrictions that is widely accepted). I suppose there were visions of Perry Mason episodes dancing around in my subconscious. Computer geek helps campus police nab computer thief. I was really convinced that there were enough `leads' to track down the computer and all that was needed was somebody clever and discriminating to piece them together. Judging the severity of the matter (the only thing I'd heard taken prior to this in the labs was hundreds of pages of paper for redundant printouts), I volunteered to stop by the police office on campus to bring along the printouts. Officer Burke agreed that it would be a good idea. So I trudge to the police office and give them a lot of helpful information on what I thought went on. I gave them excellent records which showed *console* logins (not remote logins from e.g. modem lines he had from the extremely meticulous and helpful Administration) on all the Unix machines in the lab (surprise! the Banyan Vines network was down!). Officer Burke's Sergeant was there scrutinizing my comments (his name I forget). I told them I was pretty sure the computer was stolen Friday night, despite their opinion, because I recalled being surprised by its absence on Saturday. Officer Burke reveals that they are convinced based on `other sources' that they agree with that and that the earlier source pointing to Saturday turned out to be `unreliable'. I went through a lot of trouble to draw pictures of the arrangement of the computer lab and describe the basic operation of the network for local/remote logins. Apparently I was *too* helpful. This is where it all turns from the unpleasant to the grisly. Officer Burke announces to me `You've been extremely helpful...' and I'm waiting for some lame reassurance like `we're doing the best we can'. But instead there's that ugly tone underneath that turns to `BUT if everything here is as you say it is, you won't mind us searching your residence...' Gad, my stomache lurched and my expression paled. I didn't expect to be rewarded but on the other hand, I didn't expect to be punished! I have a Mac IIsi and an ancient 286 and I had horrid visions of them carting them BOTH off because they didn't know the difference between them and a 486. At first I mumbled some shocked statements about `well, I just sort of oppose searches in general' and asked if they would be able to get a warrant. Officer Burke looked at his Sergeant and it was his turn to mumble some rationalizations. Oh, we surely could get a warrant if we needed one. No, we don't have one for this instance *but* you wouldn't and shouldn't mind *if* (that `if' was unspoken but understood!). So at this point I realized that if I said `no' I would probably not hear anything else. They also told me that they had been doing a lot of searching of other's apartments based on their voluntary submission. I got the impression this was a fairly routine process for them. In fact, they probably deal with this kind of thing all the time, with missing computer equipment all over campus. I asked them if they had pursued all their other leads (I was thinking, I would like them in my apartment as an absolute last resort). They told me they were waiting for someone to `call them back'. I had this absurd vision of the thief absconding out of town, snickering among his black friends, saying `I told him I would call him BACK! HAHAHAHA!' After a bit more of this extremely awkward back-and-forth for everyone involved, I asked them if they had any warrants they could show me. I was trying to turn this into as much as an educational experience as possible (others will recognize that truly educational experiences tend to be painful). They pull out massive file full of warrants right out of a file cabinet. I would have liked to study them very closely, but of course I had no such privilege. In the few brief instants that I peered at them I was able to make out some details. First, they were extremely specific in their wording. They named exact addresses, people, and articles that came under the search. They named the reasons for the search, the chain of evidence and suspicion that was to justify it, and all the formal legalese required. Each was a few pages long. They were printed out on a dot-matrix printer. The one I saw in particular was drug related. I can't make any quotes. I asked them what percentage of warrants were approved by the judge. Mr. Burke looked at his Sergeant and did the `well (er) we write very fine warrants' bit. (How many have been turned down?) Oh, we put a lot of effort into them to get all the details right, and we're good at it, we have a lot of experience. (In what cases have any been turned down?) We don't waste our time writing warrants that wouldn't be granted--we don't submit weak ones. (Have you *ever* had one turned down?) Finally, Officer Burke reveals to me, in however many years of his police work, that he has (ahem) never had the experience of having a warrant turned down, but that was solely evidence of his masterful warrant-writing aptitude and had no other significance. Maybe it was just my imagination but he referred to the judge involved in a way as if they were personal friends--perhaps they even played golf on Tuesdays. Ah, well, it's a small town. But the warrant spectacle was for me only a sideshow--this whole time I had uneasy visions of Steve Jackson Games dancing through my head. Finally, after telling them of my fear of them carting off my computers, Officer Burke reassured me that he had a 386 or something at home and could tell the difference between brands. They were extremely persistent. I had no idea why after all my cooperation. What thief would have the audacity to walk into the police station and talk about the night he stole it? So Officer Burke and his Sergeant stick me in the back of their police car (since I had walked) and cart me off to my apartment complex. I find it quite a surrealistic experience to be making uneasy and intermittent small-talk on 386's with Officer Burke behind a steel-and-plexiglass divider. I'm hoping that most of the neighbors have their venetian blinds drawn today. I take them to my apartment which as usual, to say the least, has that `strewn about' look (perhaps one of my deep Freudian reasons for being reluctant in the search). Upon entering the Sergeant says `Oh, my place looked a lot worse than this when I was living alone.' Officer Burke notes with some strange irony that Yep, Sure Enough, there's a Mac IIsi and a cheap 286 in the corner. I open up some of the computer boxes I use as stylish computer nerd furniture tables and settings, to show they are empty. After about 5 minutes of this they are clearly unimpressed and disappointed at the same time. While Officer Burke is looking under the kitchen sink and in the kitchen cabinets, the Sergeant says to me `so what would be your dream computer? a Mac or an IBM?' It seemed like a simple query just to distract me from the unpleasantness of two police officers breathing down my space and eyeing things such as dirty plates on the floor and dirty clothes in the corners, and disordered stacks of manuals and magazines in various stages of undress. I hesitated to think but was completely straightforward and honest in saying that I probably would prefer a Mac, namely a Quadra 950, and made some vague noises about how one's computers reflect how much money one has! Later I realized that the question could have been hardly innocent, but a way of judging whether I was lusting after a juicy 486 like the one stolen, and was glad I didn't say anything suspicious. Then again, maybe my response *was* suspicious. Officer Burke says `I guess that's about it unless...' (with a sort of dangling irony from a Perry Mason episode just before a sudden, surprising, damning revelation) and looks inside the oven, which has never held anything but two thawing pizzas and is empty at the moment. Finally, they leave, and I'm encouraged that they take the handcuffs with them without me in them. At least I had *proven* (to use their own terminology) that I wasn't guilty... I was hacking away in the same computer lab on the next night (I forget when--Tuesday?), and officer Burke and another officer came in to survey the area for the first time. They talked to some people in the lab and looked around. Officer Burke had brought with him all the logs he had been given including mine. It was at this point that I realized his version of the logs were vastly superfluous. I thought I probably got some brownie points for the extremely tight hand-edited ones I gave him (listing only the console logins to all Unix machines in the lab). I found out about his haystack versions only because he let me see them after asking rather simplistic questions of me about the network (where can people log in from?), and I realized that *he* had just realized for the first time that the Adminstration-supplied logs were far more raw data than was necessary--in fact, it was highly misleading because it listed logins from *anywhere* (modems, off campus-sites, internet connections, etc.) He talked to me some more to ask me about the details I had gone over of the people I saw let in. He sat down at the desk where the computer was stolen and went through them as I banged away on a remote computer. Finally the pair are about to leave. Officer Burke reveals that the people he talked to today and residences he searched didn't help at all, and has a very emptyhanded tone. I told him, `well, at least you have a lot of other things to look at' indicating the printouts. `No, we've hit a dead end. In fact, at this moment, I'd have to say that you're our prime suspect.' Yeeks. I was completely crestfallen, and turned away from looking at him, having a queasy replay of the gut-wrenching feelings of the earlier Residence Search Initiative. He told me that he had a 3 day vacation starting that night (as I recall, it was about 5:30 then) and hopefully some new `leads' would pop up afterwards. He and I traded some more of that halting, eerie small talk about campus computer politics and network administration jobs, and there's the brief illusion that we're just two human beings yacking. But then just before he left he said, `say, by the way, just check everything up, do your apartments have any storage facilities?' I assured him they did not, shaking my head and looking away for the third and final time. I went back to the computer and tapped the keyboard, brushed the mouse, and tried to lose myself in cyberspace. * * * In pondering the whole episode I have come to various conclusions. 1) A supremely delicate balance exists between the ability of the police to conduct meaningful investigations and the preservation of the rights of people they are investigating. It would be possible to argue based on this experience that the warrantless search is critical to their role, but on the other hand it would be equally possible to argue that it is completely useless. 2) Police do not need warrants to make searches. Probably most searches are done without them. Many people submit to them voluntarily with only the slightest hesitation. Was I perpetuating a dangerous or cavalier approach by assenting to the search? I don't know. I felt like I could remove suspicion by doing so and that their assurances were adequate... 3) I didn't gain any tangible benefit from cooperating fully with the police. To the contrary, it chewed up my time and emotions with only the effect of drawing greater suspicion to me and for all I know I am still a `prime suspect'. Your mileage may vary; I certainly don't advocate this experience as a complete disillusionment in `the process' or want it to be referred to in that way. If you do cooperate with police I urge you to have a rock-solid alibi and be absolutely certain of your facts. Lacking either makes you suspect. For me the sentence `if you are innocent you can prove it' now sounds as warped and cruelly hollow as `if you loved me you'd prove it.' 5) I certainly don't envy the job of being a policeman. In an investigation they don't know who to trust, and have to tiptoe around revealing details to get more information and not revealing details that imperil the overall investigation. Under this scenario, solid information and its knowledgeable interpretation is absolutely invaluable. 6) The policeman does not always have a great incentive to solve a case. There is no change in his salary in doing so or any other basic reward. There is probably a vague hint of promotion in consistently solving cases, but in many other cases there is probably greater incentive *not* to solve a case--the tedious legwork is diminished. 7) Probably most of the cases that *are* solved are mostly based on rock-solid information such as confessions and informant tips and not inspired sleuthing and searches. The argument could be made that this is the major legitimate role of investigative police work--following existing leads, not going on `fishing expeditions'. 8) Warrants, like any other bureacratic tool, can become meaningless under the variations of local circumstances. My impression was that they do seem to be used, but they are only used in extreme circumstances and do not form the basis of routine police work. I think the critical message is that we have to judge law enforcement techniques not by their *intent* but their actual use and effect in *practice*. 9) I still wonder if the officers would have been able to get a warrant under my circumstances. At the time I was convinced that they wouldn't have without additional evidence (of which there assurredly is none). I had in the back of my mind that I would rather have them search when I didn't expect it or through my landlord when I wasn't there. In other words, as ugly and unpleasant as it was, it could have even been far worse. Thanks for listening to all this, it is immensely therapeutic for me and hopefully some insight is contained herein to minimize a burden for you. P.S. Even though elements of this note make my identity exceedingly obvious, in interests of preserving my privacy, please refrain from speculating publicly or privately on it. Just sign me: SEARCH ME P.P.S. As of this writing, neither the thief nor the computer have been found. ------------------------------------------------------------------------- To find out more about the anon service, send mail to help@anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin@anon.penet.fi. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Wed, 23 Jun 93 23:58:28 PDT To: nobody@soda.berkeley.edu Subject: Re: Weak steganography In-Reply-To: <9306171745.AA05015@soda.berkeley.edu> Message-ID: <9306240658.AA15654@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain According to nobody@soda.berkeley.edu: > There are a couple of problems with the idea of sticking encrypted > files onto the end of executable files. The first is, to make this > easy, you need a program to do it (and to "undo" it). Well, if someone > steals your computer and gets access to these files, they will probably > also get access to this program. This will tip them off to what you have > done. The technique I advocated was so simple, I could code it on my lunch hour at work. I did. If you didn't want to have such a thing on your machine, you could store it remotely, either on an ftp site or a local bbs. Clean up your hard disk and there is no sign of anything. > This is an example of the general principle that you need to assume that > your attackers know or can discover the methods you are using, but they > don't know the keys. If steganography is to work, we must find ways to make this "principle" invalid. Strong encryption will protect our "plain-sight-text." It falls to Data-hiding to protect our cyphertext. > Another problem is that encrypted files look different from executable > files. Encrypted files have a uniform histogram (that is, all 256 different > possible byte values are equally frequent), but exe files do not. The > appending of an encrypted file to an executable file will be very obvious. > The exact boundary may not be immediately apparent, but it can probably > be narrowed down to ten or twenty words without much effort at all. In > any case, exe files which have had this treatment will stick out like a > sore thumb. I was going to suggest, but Phil beet me to it, that we compress our executables > Last, XOR'ing a PGP file with a repeated string is probably not a very > good method. PGP has a header at the front whose structure is known and > which has some fixed bytes. These can be used to immediately recover some Well, we could do a lot of things here. We could have the option of xor'ing, adding, or subtracting.... We could add random bytes to the cyphertext, at offsets we specify and memorize.... I still think this could be done, and that it would work. If anyone else shares my enthusiasm, I'll try to get it coded up +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Wed, 23 Jun 93 18:19:15 PDT To: 76630.3577@CompuServe.COM> Subject: Re: Contempt of court Message-ID: <9306240119.AA00543@servo> MIME-Version: 1.0 Content-Type: text/plain At 08:50 AM 6/17/93 CDT, Mike McNally wrote: In the days of >yore, numbers runners and gangsters and nefarious bad guys would keep >records on cellulose (?) flash paper which could be ignited and >destroyed very rapidly should Elliot Ness be seen approaching the >front door. Nitrocellulose. Very popular before the development of cellulose acetate, mylar and other modern polymers. It was the standard material used for movie film stock, which explains the bunker-like construction of the projection rooms in many older movie houses. Newer theaters often display signs in their projection rooms saying "Safety film only". (Now you know the meaning of the phrase "KODAK Safety Film" along the edges of your print negatives.) Today the main civilian use of nitrocellulose that I know of (other than in smokeless gunpowder) is to make ping-pong balls. Try igniting one sometime (in a safe area!) >Another (simpler) suggestion made by a friend was to devise >motion-sensitive devices which would cause total corruption of >information stored on a disk if it were moved. I've heard Gail Thackeray claim that hackers she'd raid would put big electromagnets in doorways to erase magnetic media as it was being seized. She never actually gave any proof of this, and it did always seem just a little far-fetched given the relative ease with which a hacker could just encrypt his/her incriminating data. I once asked her what she'd do once the "bad guys" started encrypting, and she said "I'm hoping you guys will tell us". (At the time I was one of the so-called "good guys", working for Bellcore.) Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Wed, 23 Jun 93 18:19:11 PDT To: cypherpunks@toad.com Subject: Re: Weak steganography Message-ID: <9306240119.AA00555@servo> MIME-Version: 1.0 Content-Type: text/plain At 10:45 AM 6/17/93 -0700, Hal Finney wrote: >Another problem is that encrypted files look different from executable >files. Encrypted files have a uniform histogram (that is, all 256 different >possible byte values are equally frequent), but exe files do not. Not necessarily. If you use pklite or lzexe, you produce an automatically self-decompressing executable that will appear to have a much flatter distribution than an ordinary exe file. What we need is a crypto version of pklite - instead of (or in addition to) compressing the executable, it encrypts it and sticks a stub decryptor on the front of the executable. Each time you run it, it prompts you for a password, decrypts and decompresses the executable and runs it. Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jim McCoy Date: Wed, 23 Jun 93 23:25:25 PDT To: cypherpunks@toad.com Subject: Re: Government fear of strong crypto In-Reply-To: <70188.pfarrell@cs.gmu.edu> Message-ID: <199306240625.AA19484@tigger.cc.utexas.edu> MIME-Version: 1.0 Content-Type: text > From: "Pat Farrell" [...] > > The "government" as a whole is not against crypto. The NSA is _very > strongly_ against it. There are 60,000 or more bureaucrats in NSA that would > be effectively put out of work by widespread strong crypto. Hmmm..... actually I must disagree with this. The NSA may oppose strong crypto, but a few facts should be brought up: 1) The NSA is not chartered for domestic surveillance work. If you discover the NSA watching you within the US you can have them arrested. They are probably more interested in the systems being put in use around the world and less about systems internal to the U.S. 2) The NSA has been dealing with strong cryptography for a long time. These are the people who have been playing crypto games with "the Ruskies" since before I was born. I sincerely doubt they are losing a great deal of sleep over the fate of Clipper. They may have an interest in promoting relatively weak cryptography that will be exported and may actually favor weak crypto at home (hoping for the Beta v. VHS effect to spread this weak crypto from the U.S. to the rest of the world) but no one at Fort Meade is going to be getting a pink slip if Clipper goes down in flames. The FBI, and other domestic law enforcement agencies are probably very gung ho for weak crypto, but I just don't think that No Such Agency is going to be greatly effected by it. Thier fingerprints are all over the Clpper stuff, but seeing as how thier other mission is to develop ciphers this is only natural. Just a little thought late at night... jim > > I believe that the FBI and other more public agencies are simply shills for > NSA. The many posting about real wiretap usage and costs simply can't > support taking all the heat last year of Digital Telophony and this year > over Clipper, esp. when they admit that smart crooks wouldn't bother to use > Clipper. > > BTW, I talked to Dorothy Denning at the conference. She says that it is now > called the "Key escrow chip" because of Intergraph's trademark on Clipper. > I'll post more on my conversations with DE Denning later. > > Pat > > Pat Farrell Grad Student pfarrell@cs.gmu.edu > Department of Computer Science George Mason University, Fairfax, VA > Public key availble via finger #include > From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mike Godwin Date: Wed, 23 Jun 93 22:35:44 PDT To: karn@qualcomm.com (Phil Karn) Subject: Re: Contempt of Court In-Reply-To: <9306240119.AA00561@servo> Message-ID: <199306240536.AA18014@eff.org> MIME-Version: 1.0 Content-Type: text/plain Phil Karn writes: > At 02:13 PM 6/17/93 PDT, Mike Axelrod 422-0929 wrote: Who's this Axelrod guy? I'm Godwin. > >If the key itself had embedded testimony that was incriminating, then it is > >possible one could invoke the 5th amendment to avoid disclosure of the key. > >But, I suppose a court could do an end run around that by giving limited > >use immunity for the incriminating content of the key. Comments? > > > >Mike. I think Phil thinks we're one and the same. See below. > What I've never been able to understand about Mike's claim is why the > "fruit of the poisoned tree" principle would not apply to an encryption > key. As I understand it, this principle bars the use of any evidence > that was gathered as a direct or indirect result of inadmissable > evidence (like a warrantless search). Untrue. "Poisonous tree" doctrine applies to illegally obtained evidence, not to "inadmissible evidence" (a very different category, logically). > Mike, back at the Hackers' Conference you mentioned a Supreme Court > decision that said in passing that one could not compel a defendant to > reveal the combination to a lock, but that it wasn't a binding precedent > because it didn't relate to the case at hand. (I forget the legal term > you used). "Dicta." I'm sure Phil is referring to me, not to Axelrod, here. > Could you find and post an excerpt of this particular > decision? I've been trying to find this case, but haven't found it. --Mike From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Wed, 23 Jun 93 18:39:57 PDT To: cypherpunks@toad.com Subject: Re: OTP dual decryption Message-ID: <9306240139.AA00693@servo> MIME-Version: 1.0 Content-Type: text/plain At , nobody@eli-remailer.toad.com wrote: >-----BEGIN PGP SIGNED MESSAGE----- > >Using a one-time pad for dual decryption might work like this. > >I have a file, D (for Dangerous), which I want to conceal. I construct >a random file of the same length, K (for Key), which will be my "encryption >key". I xor K and D to produce E (for Encrypted), the encrypted file. I >delete D and hide K somewhere. I have a better idea. You generate your D (dangerous) file and encrypt it with IDEA or DES and a secret key K that you commit to memory. You then destroy D. If (encrypt(D,K)) is seized and you are ordered to decrypt it, then you produce a file F such that (F XOR encrypt(D,K)) produces whatever bogus plaintext you desire and hand F over to the cops claiming that it's your one-time pad. Much simpler, and no chance of them discovering your plaintext, although there's no guarantee that they won't suspect that you're still hiding something (especially if they read cypherpunks). Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Wed, 23 Jun 93 18:39:58 PDT To: cypherpunks@toad.com Subject: Re: xor w/prbs Message-ID: <9306240139.AA00690@servo> MIME-Version: 1.0 Content-Type: text/plain At 10:14 PM 6/17/93, Kragen Sittler wrote: >Some MORON wrote an article in Computer Shopper, about doing a one-time pad >with a PRBS... in fact, he even challenged any cryptographers to break it. >(He used a 32-bit seed for the PRBS.) Sigh. This is starting to look like the problem that skeptic groups like the Committee for the Scientific Investigation of Claims of the Paranormal have been facing for a long time. The basic problem is that it's far easier to make a bogus claim than it is to carefully refute it. In this case, it *ought* to suffice to simply point people who make "unbreakable" but trivial ciphers at the existing volume of literature. But they can get stubborn and insist that you actually break it, not understanding that there's a big difference between a cipher that you are confident that can be cracked and a cipher in which you can place your confidence that it can't be cracked. Plus ca la change, plus ca la meme chose. Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Wayner Date: Thu, 24 Jun 93 05:53:23 PDT To: ld231782@longs.lance.colostate.edu Subject: Re: a new role for the NSA Message-ID: <199306241253.AA00313@access.digex.net> MIME-Version: 1.0 Content-Type: text/plain Many people have pointed out, perhaps correctly, that strong crypto could mean the end of the line for many of the workers at the NSA. If I was in charge of the NSA, I would argue to my budget-dispensing superiors that all of the strong crypto just meant that I needed a bigger budget to scan for data. So the terrorists get crypto terminals? Well, they probably won't have a Tempest class machine so there is plenty of SIGINT that can still be done. There are plenty of opportunities to target people and their communications links with localized bugs. It just requires some more money. I've often wondered whether the NSA's presumed approach of acting as a huge vacuum cleaner for data was the best way of gathering intelligence. It may have been in the 1960's and earlier when transmission rates were relatively expensive and people didn't call long distance unless their was a death in the family. Now, though, the sheer volume of data has exploded. Vaccuumming it all in and sorting it out in the buildings at Fort Meade must be much less cost effective-- no matter how many voice recognition computers that they have. Today, information is much, much cheaper than it used to be. Intelligence is just as expensive as ever. Incidentally, Bill Safire wrote a great piece on this a year or so ago. He argued that it was time for the Spy agencies to go back to Mata Hari type shenanigans because the magic window of SIGINT was about to be closed again. If anyone could dig it up, I would appreciate the reference. -Peter Wayner From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Duncan Frissell <76630.3577@CompuServe.COM> Date: Thu, 24 Jun 93 06:12:31 PDT To: Subject: Fermat Vindicated Maybe Message-ID: <930624130945_76630.3577_EHK41-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain From today's NYT: Dr. Wiles [Andrew Wiles of Princeton University] presented his results this week at a small conference in Cambridge, England, his birthplace, on "Padic Galois Representations, Iwasawa Theory and the Tamagawa Numbers of Motives." He gave a lecture a day on Monday, Tuesday, and Wednesday with the title "Molecular Forms, Elliptic Curves and Galois Representations." There was no hint in the title that Fermat's last theorem would be discussed, Dr. Ribet said. "As Wiles began his lectures, there was more and more speculation about what it was going to be," Dr. Ribet said. The audience of specialists in these arcane fields swelled from about 40 on the first day to about 60 today [23 June]. Finally, at the end of his third lecture, Dr. Wiles concluded that he had proved a general case of the Tatiyama conjecture. Then, seemingly as an afterthought, he noted that that meant that Fermat's last theorem was true. Q.E.D. Duncan Frissell The bulk of whose experience with Fermat consists of a close reading of "Mathmateca Fantasia" and other maths science fiction as an adolescent. Loved the 5 color map theorem as well. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Thu, 24 Jun 93 09:33:36 PDT To: Dr. Cat Subject: Re: Perspectives In-Reply-To: <9306222124.AA00723@wixer.bga.com> Message-ID: <9306241633.AA11443@toad.com> MIME-Version: 1.0 Content-Type: text/plain I agree with der Cat; the paranoia here is getting excessive. I think it's most likely that the documents we received were genuine, and an attempt of someone in the Secretary of Defense's staff to explain the situation to policy-people in that office who had not kept track of what was going on. There's a lot more for the Secretary of Defense to do than to watch domestic entryption debates, and falsify documents about them just in case someone requests them under FOIA. John From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Doug Porter Date: Thu, 24 Jun 93 09:56:13 PDT To: cypherpunks@toad.com Subject: Re: Government fear of strong crypto Message-ID: <93Jun24.095545pdt.13970-1@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Jim McCoy says: > The NSA is not chartered for domestic surveillance work. This statement keeps showing up. If there is any support for it I'd like to hear it. We know it was not true as far back as twenty years ago, from July 1, 1969 to October 1973. For details on the MINARET Charter see page 150 of "The National Security Agency and Fourth Amendment Rights", and pages 323 and 324 of "The Puzzle Palace". NSA has a long history of ignoring whether they are chartered for an activity, of course. Doug From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@rosebud.ee.uh.edu Date: Thu, 24 Jun 93 09:22:37 PDT To: cypherpunks@toad.com Subject: Re: Weak steganography Message-ID: <9306241622.AA11117@toad.com> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Several people have suggested that PGP or some similar public-key program could be used to exchange encrypted email, then a "fake" one-time pad file could be created to transform the PGP file into a safe plaintext. If your files were seized and the keys demanded, you could supply the fake OTP file as the key which would "decrypt" the PGP file to the safe text. Unfortunately, this doesn't presently work with PGP. PGP puts a header at the front of encrypted file which identifies it as a PGP file. This includes information about whether the file is RSA or IDEA encrypted, and if it is RSA encrypted it includes information about which key(s) it is encrypted with. If files are saved like this, there will be no question that they are actually PGP files, and not the output of a one-time pad. Any attempt to produce a OTP key file which leads to a safe plaintext will be a transparent fabrication. And, of course, PGP's ASCII encoding, which would usually be used for email, boldly displays the "-----BEGIN PGP MESSAGE-----" at the top. If the files were saved in this format it would be a further giveaway. People have called for PGP to have a "stealth" mode in which it would save files without these headers. This would require the user to know which files were truly PGP encrypted, what the encryption algorithm was, and of course the key. If this were implemented it would make PGP files much less recognizable and the "fake OTP key" approach would be workable. Another approach for now would be to super-encrypt the PGP file with some other system. A simple XOR with a repeated random bit pattern (produced by hashing a user pass phrase) which is longer than the PGP header would be adequate, since the non-header portion of a PGP file should be random. Or you could use one of the widely-available DES encryption utilities, since these don't produce any headers, as far as I know. But this would complicate the process of decrypting the file. PGP's IDEA-encrypted files, which you create with the "-c" switch to PGP, put only a five-byte header on: a type byte, and a four-byte file length. This information is redundant and it should be very easy for PGP to recon- struct it if it were removed. RSA encryption headers will be harder to remove, particularly because of the lack of a key ID to tell which secret key to decrypt with. We would just try the default key, I guess. But this would require a more extensive set of changes to PGP. Hal Finney hfinney@shell.portal.com -----BEGIN PGP SIGNATURE----- iQCVAgUBLCmngKgTA69YIUw3AQGDWgP/U/HwP5gwPXn3GZgH3SH3zjnrKd8dHPqn y2OVF7xqiaVPuV5VF/UBGzFcPgfb/DuamIEr/aQmAMX2BlVktQ/fGaluZ8wvIbs/ QlQcsp+BH9AAb0BcojQ6rmwtf8A5c/3VkuGUSvyRGEX1PecdwoW8Eh/FEIfeU/WE njvIwmn92aY= -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Phil Karn Date: Thu, 24 Jun 93 13:51:50 PDT To: cypherpunks@toad.com Subject: Triggerfish Message-ID: <9306241957.AA04530@unix.ka9q.ampr.org> MIME-Version: 1.0 Content-Type: text/plain I just posted this to the CU (Computer Underground) digest in response to a most interesting series of items about the newsletter Full Disclosure's public mention of a Harris Corporation device marketed to law enforcement agencies for intercepting cellular telephone conversations named "Triggerfish". Harris responded with an amazing threat to sue the newsletter for a variety of offenses, including trademark infringement (for merely mentioning the product in a brief "new products" editorial). The CU digest can be read on the usenet newsgroup comp.society.cu-digest; the issue in question is Volume 5, Issue 46. Phil To: tk0jut2@mvs.cso.niu.edu Reply-To: karn@servo.qualcomm.com Subject: Re: Cu Digest, #5.46 In CU Digest 5.46: |> Harris Law Enforcement Products |> |> TRIGGERFISH has a number of cellular phone based applications: |> determining a suspects phone number, dialed number recorder, and |> wiretapping. According to Harris, ``for the first time, law |> enforcement is not at a disadvantage in tracking the high-tech |> criminal.'' Additionally, the unit ``collects and integrates all |> relevant data, including voice, directly from the ether.'' |> Reprinted from Full Disclosure, Box 903, Libertyville, Illinois 60048 I find the phrase "directly from the ether" *most* illuminating given a rather heated exchange I had with Mr. Jim Kallstrom of the FBI at the recent CPSR Cryptography Conference in Washington DC earlier this month. Kallstrom is the FBI's chief public advocate for their "Digital Telephony Initiative". Among other things, they want the ability to intercept suspects' cellular telephone calls at the MTSO (switch). Only with a valid warrant, naturally. At the meeting, I made the following comments. I had seen the standards-setting process for the new digital cellular telephone systems from the inside as they related to security and privacy. And I was wondering why the government (specifically NSA, through its export control reviews) was so strongly opposed to meaningful air link encryption, even if the encryption were to stop at the switch as it would have to in order to be compatible with existing telephones on the land side of a cellular call. Such encryption would secure the air link, the most easily intercepted portion of a cellular telephone call, while leaving the conversation in the clear at the MTSO where it could be tapped, if necessary. In a private conversation, one of the senior members of the committee who didn't want his name mentioned told me why. "It's very simple", he said. "Anybody can intercept the radio link. It's easy. But tapping a call at the switch requires the cooperation of the telephone company, and they generally require warrants. And law enforcement says that sometimes, warrants are, well, just too damn inconvenient." This really set Kallstrom off. He shouted me down, attacking my unwillingness to name my source. I challenged him, unsuccessfully, to back up *his* shrill claims for the absolute necessity of Digital Telephony with anything more than handwaving. After tempers cooled a bit, in a one-on-one conversation during a break, he insisted to me that the FBI was never interested in intercepting the air link portion of cellular calls - "too difficult, too labor-intensive", he said. He agreed that he'd like to see cellular air links encrypted. They only wanted the capability to tap in at the switch, and he couldn't care less if the air link were securely encrypted (though he still wanted the keys to be escrowed for some reason...hmmm...) Perhaps it was a desperate attempt to maintain this "we're not interested in the air link" fiction that triggered Harris's silly overreaction to the public mention of TRIGGERFISH. Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Wayner Date: Thu, 24 Jun 93 10:30:58 PDT To: dporter@well.sf.ca.us Subject: Re: Government fear of strong crypto Message-ID: <199306241730.AA29024@access.digex.net> MIME-Version: 1.0 Content-Type: text/plain I seem to remember that Pres. Reagan authorized the NSA to help domestic law enforcement officials when "lives were at stake." But I don't have a citation. -Peter Wayner From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Kelly Goen Date: Thu, 24 Jun 93 14:37:12 PDT To: cypherpunks@toad.com Subject: Re: Government fear of strong crypto Message-ID: <9306241425.aa09999@vishnu.sco.com> MIME-Version: 1.0 Content-Type: text/plain From mail.netcom.com!toad.com!cypherpunks-request Wed Jun 23 23:23:59 1993 Return-Path: Message-Id: <199306240625.AA19484@tigger.cc.utexas.edu> Subject: Re: Government fear of strong crypto To: cypherpunks@toad.com Date: Thu, 24 Jun 1993 01:25:13 -0500 (CDT) From: Jim McCoy Cc: pfarrell@cs.gmu.edu In-Reply-To: <70188.pfarrell@cs.gmu.edu> from "Pat Farrell" at Jun 23, 93 07:29:41 pm X-Mailer: ELM [version 2.4 PL21] Content-Type: text Content-Length: 2400 > From: "Pat Farrell" [...] > > The "government" as a whole is not against crypto. The NSA is _very > strongly_ against it. There are 60,000 or more bureaucrats in NSA that would > be effectively put out of work by widespread strong crypto. Hmmm..... actually I must disagree with this. The NSA may oppose strong crypto, but a few facts should be brought up: 1) The NSA is not chartered for domestic surveillance work. If you discover the NSA watching you within the US you can have them arrested. They are probably more interested in the systems being put in use around the world and less about systems internal to the U.S. According to the Bill of Rights Foundation Booklet "CIA OFF CAMPUS" Ex-President Reagan signed in 1981 Executive order # 12333 Which permits the CIA to operate domestically against US citizens if it is believed that said citizen is either an agent of a foreign power or acting on behalf of same. Since this definition has been used during COINTELPRO to allow one to have associates /friends that are foreign born to cause one to be subject to a whole range of unconstitutional activities performed by said agencies. BTW ANY federal intelligence agencie will act as a "cutout" for situations where the prime agency cannot operate legally but another can. I believe a FOIA is in order to find out if E.O. #12333 allows the entire national security apparatus to operate or only the CIA... Unhappily yours kelly > I believe that the FBI and other more public agencies are simply shills for > NSA. The many posting about real wiretap usage and costs simply can't > support taking all the heat last year of Digital Telophony and this year > over Clipper, esp. when they admit that smart crooks wouldn't bother to use > Clipper. Entirely True...! From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Derek Atkins Date: Thu, 24 Jun 93 12:18:42 PDT To: cypherpunks@toad.com Subject: Re: Weak steganography In-Reply-To: <9306241622.AA11117@toad.com> Message-ID: <9306241918.AA26021@toxicwaste.MEDIA.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain Hal said: > Unfortunately, this doesn't presently work with PGP. PGP puts a > header at the front of encrypted file which identifies it as a PGP > file. This includes information about whether the file is RSA or IDEA > encrypted, and if it is RSA encrypted it includes information about > which key(s) it is encrypted with. First, this is only true when the file is ASCII armored. You can easily convert the file from armor to binary once you receive it and then keep it in binary form. Second, if the file is encrypted, it only contains the KeyID(s) of the recipient(s) in plain text, not the sender. > RSA encryption headers will be harder to remove, particularly because of > the lack of a key ID to tell which secret key to decrypt with. We would > just try the default key, I guess. But this would require a more extensive > set of changes to PGP. This is not necessrily true. I've been thinking of a way to try this. Don't forget, you only have a limited number of secret keys to try, so you try them all. How many keys could you have? 10, maybe? At most? I, personally, only have one secret key. I could try it, and if it fails, I know I couldn't read the file.... Basically, Hal, you are stretching the "problem" further than it needs to go, IMHO. Relax a little and take a look at what you have at your fingertips. :-) -derek From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Thu, 24 Jun 93 15:33:15 PDT To: pcw@access.digex.net Subject: Re: Karn's note... Message-ID: <9306242232.AA08245@servo> MIME-Version: 1.0 Content-Type: text/plain I tend to doubt that the spooks have voice recognition technology in regular widespread use, at least not the kind of ultra sophisticated stuff that AI types seem to dream about. It's possible that they use less sophisticated stuff as a "pre filter" (compress out silence, perhaps distinguish male from female voices, etc), but I'm sure that the bulk of the work is still very labor intensive. Tens of thousands of clerks, intercept operators and natural language translators have long been employed by the NSA and there don't seem to be mass layoffs of these sorts of people around Fort Meade. And sophisticated voice recognition really isn't necessary when you consider all of the information that cell phones and base stations emit that is almost trivially processed automatically by an intercept device: electronic serial numbers, Mobile Identification Numbers (telephone numbers), handoff messages, channel assignment messages, etc. It's no big deal at all to build boxes that automatically intercept all calls made to or from a specific phone, assuming you have an RF path to the target (e.g., from a car tailing a suspect). As a manufacturer of cellular telephones, we have such a box (commercially made by IFR) in our lab. We use it to test our phones in their FM/analog mode. The spooks (NSA and otherwise) simply cannot be uninterested in boxes like these -- and in preserving their capabilities. One point I keep making about Clipper: it makes this sort of automated identity tracking as easy on regular telephone lines as it already is on cellular, because the chip serial number in the Law Enforcement Block can be decrypted with just the (common) Family Key - you don't need the escrowed keys. And sometimes simple traffic analysis can be almost as deadly as getting the actual contents of a conversation. Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Kelly Goen Date: Thu, 24 Jun 93 16:14:30 PDT To: pcw@access.digex.net Subject: Re: Karn's note... Message-ID: <9306241603.aa11010@vishnu.sco.com> MIME-Version: 1.0 Content-Type: text/plain From toad.com!cypherpunks-request Thu Jun 24 15:34:07 1993 Return-Path: Date: Thu, 24 Jun 93 15:32:54 -0700 From: karn@qualcomm.com (Phil Karn) Message-Id: <9306242232.AA08245@servo> To: cypherpunks@toad.com, pcw@access.digex.net Subject: Re: Karn's note... I tend to doubt that the spooks have voice recognition technology in regular widespread use, at least not the kind of ultra sophisticated stuff that AI types seem to dream about. It's possible that they use ln. Much Deleted... \ Hi Phil... All the reports I have seen on the widespread phone tapping and voice recognition by the NSA allegedly was in reference to Operation HARVEST According to private estimates immense intel value results even if the recog phase gets 15-20% accuracy on most? speakers... for phrases such as Spook, espionage,drugs etc... Most of the references I saw to HARVEST were published by the Bill of Rights foundation in various of their books and phamplets and reports from the Church Subcommittee hearings on intelligence activities during the earlier abuses of COINTELPRO, with a few references in "The Puzzle Palace" by Cliff Bamford. I also saw some refeneces about 5 years ago in comp.dcom.telecom... as to these kind of operations. Do they really do it??? hmm dont know but I am not taking any chances!! :) Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peb@PROCASE.COM (Paul Baclace) Date: Thu, 24 Jun 93 16:27:21 PDT To: pcw@access.digex.net Subject: Re: Karn's note... Message-ID: <9306242327.AA02594@banff.procase.com> MIME-Version: 1.0 Content-Type: text/plain >sounds like Bob Smith on line 42 This is speaker recognition, not voice recognition. It turns out that the problem is solved in a very different way for each; voice recognition, in order to be speaker independent, must throw out the information that makes it possible to do speaker recognition (and vice versa: the latter does not need some of the information that the former needs). This is used in "roving wiretaps" that apparently are used infrequently as they scan whole exchanges or number sets (e.g., all payphones in some city). The idea is to capture phone calls from the suspects that are savvy enough to know that they are being tapped. At least one Mob boss was caught this way (in Los Angeles, I think, about 4-5 years ago). Paul E. Baclace peb@procase.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Wayner Date: Thu, 24 Jun 93 14:57:27 PDT To: cypherpunks@toad.com Subject: Karn's note... Message-ID: <199306242157.AA26979@access.digex.net> MIME-Version: 1.0 Content-Type: text/plain On Over-the-air encryption... If anyone wants to read Tom Clancy's latest book, _Clear and Present Danger_ about a set of covert operations against drug kingpins in South America, they will note that he mentions a magic box that will scan the airwaves for voices on the cellular channels. This allows the protagonists to follow the conversations of the kingpins as they hop from limo to limo using a different phone with each conversation. Does TriggerFish do this? My theory is that the 260-bit repeated XOR code was proffered because it wouldn't interfere with algorithms that were doing simultaneous voice recoginition. It is, after all, just the equivalence of doing a discrete convolution across the signal. I believe that this should be easy to handle with a few clever signal processing algorithms designed for noise reduction. I don't know this with any stretch of confidence so I would like to be disabused of this idea if it's harder than all of that. --Peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: M..Stirner@f28.n125.z1.FIDONET.ORG (M. Stirner) Date: Fri, 25 Jun 93 13:33:00 PDT To: cypherpunks@toad.com Subject: Deniable fed assets Message-ID: <650.2C2A54D4@shelter.FIDONET.ORG> MIME-Version: 1.0 Content-Type: text/plain * Reply to msg originally in CYPHERPUNKS Uu> BTW ANY federal Uu> intelligence agencie will act as a "cutout" for situations where the Uu> prime agency cannot operate legally but another can. This is absolutely true; I personally performed technically illegal domestic intelligence-gathering services [relatively benign] under an identical arrangement for several years. Based on some eighteen years of personal experience, I will attest to the fact that _any_ legal or constitutional safeguard against the invasion of privacy will be routinely ignored by virtually any law enforcement or intelligence agency if it suits their purposes & is within their abilities. ********************************************************************* * - PGP Key D30909 via servers * * > What country can preserve its liberties if its rulers are not <* * > warned from time to time that their people preserve the spirit <* * > of resistance? Let them take arms!" - Thomas Jefferson, 1787 <* ********************************************************************* ___ Blue Wave/QWK v2.12 -- M. Stirner - via FidoNet node 1:125/1 UUCP: ...!uunet!kumr!shelter!28!M..Stirner INTERNET: M..Stirner@f28.n125.z1.FIDONET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Wayner Date: Thu, 24 Jun 93 15:51:28 PDT To: karn@qualcomm.com Subject: Re: Karn's note... Message-ID: <199306242251.AA02335@access.digex.net> MIME-Version: 1.0 Content-Type: text/plain I believe the novel implied that the magic box didn't do voice recognition in the sense of identifying the words being spoken. It just said, "Hey, that sounds like Bob Smith on line 42." The point was that these guys were jumping around from phone to phone. But, I agree with you that traffic analysis should be much easier now with all of the ID tags. I think the Clancy box would be too much overkill because people really don't use that many telephones during the day. Especially now that they call carry pocket cellular phones. -Peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ""L. Detweiler"" Date: Thu, 24 Jun 93 18:00:09 PDT To: cypherpunks@toad.com Subject: NSA expert diagnosis: manic hypercryptophobia In-Reply-To: <199306240625.AA19484@tigger.cc.utexas.edu> Message-ID: <9306250059.AA06932@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain Well, I promise not to rant as long as no one goes soft on Clipper and the NSA. Unfortunately for the cause, I've been busy lately. Jim McCoy posts some (ahem) interesting opinions on the NSA: > 1) The NSA is not chartered for domestic surveillance work. If > you discover the NSA watching you within the US you can have > them arrested. They are probably more interested in the > systems being put in use around the world and less about > systems internal to the U.S. they are not `chartered' per se but as Bamford makes clear everyone from the director and all the way down thinks that they live in a sort of extra-legal limbo. The NSA has a Napoleonic complex and delusions of grandeur that it is the fourth branch of the U.S. government--the Police Branch (with additional powers to make policy submissions on the level of the Executive branch). The vague and secret laws supposedly `governing' them do nothing to restrain them. There is even a law that exempts NSA from certain laws unless specifically mentioned! And tell me, who's job is it to arrest a corrupt police officer? (A: the American public.) `They are probably more interested in systems in use around the world than in the U.S...' well, this is a rather strange comment. It reflects both a false dichotomy and a true mutual exclusion. NSA and its members think that what happens in their bunker and the U.S. is universal. It has a very imperialistic and egotistical view regarding its sovereign cryptographic role, you understand. The argument that what happens in the U.S. cryptographic arena is relevant to the world at large is wrong for precisely the reasons the NSA believes in it and right for precisely the reasons they fear. Namely, yes, if U.S. exports strong cryptography it will penetrate the world faster. That is how the U.S. *does* matter. If the U.S. lags behind from absurd and asphyxiating regulations, we will find ourselves inundated by superior products from the outside by countries that don't have bizarre taboos against strong cryptography and secure protections for the privacy of their citizens. That is how the U.S. *doesn't* matter. Either way, the proliferation of strong cryptography is inevitable. The NSA believes that strong cryptography will be restricted internationally to the point that the U.S. quashes it. The truth is that the U.S. will be quashed internationally to the point that it restricts strong cryptography. > 2) The NSA has been dealing with strong cryptography for a long > time. These are the people who have been playing crypto games > with "the Ruskies" since before I was born. I sincerely doubt > they are losing a great deal of sleep over the fate of Clipper. > ... no one at Fort Meade is going to be getting a pink slip if Clipper goes down in flames. That's the problem. They should be, if they were truly accountable for their actions and not insulated and inbred bureacrats. Where are the rolling heads? Clipper is an unadulterated fiasco in every respect except in bringing greater public attention to unconscionable clandestine machinations in our government and cryptographic technology. For the former, please spare us the depraved exhibitions. For the latter, far more ethically superior demonstrations are possible. (To say the least for both.) >The FBI, and other domestic law enforcement agencies are probably very gung >ho for weak crypto, but I just don't think that No Such Agency is going to >be greatly effected by it. Thier fingerprints are all over the Clpper >stuff, but seeing as how thier other mission is to develop ciphers this is >only natural. Fingerprints? More like a blaring signature in neon or spraypainted graffiti. Clipper as `only natural'? I suppose in the way one would consider a stillborn monster `natural'. NSA will not be affected by strong cryptography if it doesn't spread, that's correct. But that's like saying Communists would be unaffected if they could prevent the spread of technology. The spread of strong cryptography worldwide to the great detriment of signal interception is absolutely inevitable. Clipper only shows that NSA has deluded itself seriously enough to fail to recognize this basic truth to the point of investing huge sums of money, expertise, and audacity in an illegitimate project doomed to failure by its fundamental premise: that a government can control *any* technology (let alone a powerful emerging one) to perpetuate its own warped agenda and status quo. P.S. the `beta vs. VHS' reference is nothing but NSA propaganda and the terminology of apologists and spooks, and I hold it against you for using it. In only one way is it apt: the government is hoping they can entrench their inferior VHS standard by market momentum and black behind-the-scenes machinations despite the technical superiority of competitors. Well, sometimes inferior standards win out in the marketplace, but only temporarily and never indefinitely. And no government proposed VHS, or they would have been either laughed or chased off the face of the earth. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Brad Huntting Date: Thu, 24 Jun 93 19:51:25 PDT To: Kelly Goen Subject: Re: Government fear of strong crypto In-Reply-To: <9306241425.aa09999@vishnu.sco.com> Message-ID: <199306250251.AA01259@misc.glarp.com> MIME-Version: 1.0 Content-Type: text/plain > According to the Bill of Rights Foundation Booklet "CIA OFF CAMPUS" > Ex-President Reagan signed in 1981 Executive order # 12333 Which > permits the CIA to operate domestically against US citizens if > it is believed that said citizen is either an agent of a foreign power > or acting on behalf of same. I seem to remember that at about this time, the entire inteligence community (part or all of the NSA, DEA, DOE, DOJ, CIA, DOD, and the Treasury Dept) was reorganized and placed under something called just "Central Inteligence" (CI). Or is this just mistacken beurocratic trivia? brad From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Brad Huntting Date: Thu, 24 Jun 93 20:26:37 PDT To: Peter Wayner Subject: Re: a new role for the NSA In-Reply-To: <199306241253.AA00313@access.digex.net> Message-ID: <199306250326.AA01446@misc.glarp.com> MIME-Version: 1.0 Content-Type: text/plain > If I was in charge of the NSA, I would argue to my budget-dispensing > superiors that all of the strong crypto just meant that I needed > a bigger budget to scan for data. Indeed, the NSA's opposition to crypto (be it bad standards or arcane export regulations) has one clear intent: to keep down the cost of wiretaping. Wiretaping makes it easier for "law enforcement" to identify and take action against undesirable elements. Be it communists, environmentalists, unsanctioned drug dealers, civil rights activists, union leaders, guerila heating engineers, or just some poor bloke who blew the whistle on the wrong multinational; wiretaping facilitates not only finding them and finding what to charge them with. brad From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@shell.portal.com Date: Thu, 24 Jun 93 22:17:27 PDT To: cypherpunks@toad.com Subject: Re: Chained remails Message-ID: <9306250503.AA27769@jobe.shell.portal.com> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- M. Stirner, , writes: > Gee, am I amazed. An anonymous post claims to have been routed via > SIXTEEN (presumably cypherpunks) remailers. Using the posted list of > "active" cypherpunks remailers & the revised remailer manual, I have > been unable to get simple > > To: remailer@wherever.doodah.edu > > :: > Request-Remailing-To: > > test messages to run through any but a couple (9, 10 & 12 I believe). I > have _never_ been able to get any of the "insects @ Berkeley" remailers > to go with the standard syntax...or otherwise. The problem may be the Fidonet addressing. Many times I have tried to send mail to people with mailing addresses like M's, and not had the mail get through. I don't know what the rules are but perhaps some systems can get it and some can't. I'd suggest to M. that he take one of the systems that does respond to his remailing requests, and have that be the LAST one in a chain of two. So, he could send to, say, hh@cicada.berkeley.edu, and follow that with elee7h5@rosebud.ee.uh.edu. Perhaps this would get through: To: hh@cicada.berkeley.edu :: Request-Remailing-To: elee7h5@rosebud.ee.uh.edu :: Request-Remailing-To: M..Stirner@f28.n125.z1.FIDONET.ORG Even if cicada can't mail to him, perhaps it can mail to rosebud which can then mail to Fido. Hal Finney hfinney@shell.portal.com -----BEGIN PGP SIGNATURE----- iQCVAgUBLCpauqgTA69YIUw3AQEoYwP/TUiqRu8OHgA61WM6HVtrZ/CE37hXjVY7 WM7sN+RkUlO+1QTeZKi2r0gEy/CGKnZiMTbEHYHcWK486tIbDZIDXqdRoZigEemH 5jwComG9Vv6wPMFyhcLQkejgSX7nN0UU4TGzdOOq2kRyiplTysLd+1pqPyUzpsbU qR9lO8ZjVPY= -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wmo@rebma.rebma.mn.org (Bill O'Hanlon) Date: Thu, 24 Jun 93 22:47:36 PDT To: cypherpunks@toad.com Subject: Remailer at rebma.mn.org Message-ID: MIME-Version: 1.0 Content-Type: text/plain My apologies to anyone who has tried to use the anonymous remailer at rebma.mn.org in the past several weeks. I upgraded the system, and forgot, apparently, to test out the remailer. No one reported that the remailer wasn't working, and it didn't occur to me to test it until today. I imagine that people who weren't successful were experimenters who chalked up the failure to something they'd done wrong. It's working again, now. Here's the PGP key. -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.2 mQCNAisUI2QAAAEEAKgm07Hsje5KpmXYd5azk0R6AES+qK7LcofnVGojUs7GBghD WbwrmW8oOEOhRorlShRALKeYspV4xYIw4WDkJcJxuf1B254scz1urF/Eem3zPW9b yPAx7W/cGwvs6SouZvFcSDq4v1zApvGE9hP4szPzHeGmVr0NVNeaDK0guoCpAAUR tCBSZW1haWxlciAocmVtYWlsZXJAcmVibWEubW4ub3JnKQ== =/qHx -----END PGP PUBLIC KEY BLOCK----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ""L. Detweiler"" Date: Thu, 24 Jun 93 22:13:14 PDT To: cypherpunks@toad.com Subject: Denning on Clipper review panel Message-ID: <9306250513.AA09659@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain Denning says she is on the Clipper review panel which has just started. Also, noises about international Clipper cooperation from NIST. Finally the cypherpunk poster's earlier comment about the absurdity of French collaboration left to the imagination is brought to life... From: philip@charon.cto.citicorp.com (Philip Gladstone) Newsgroups: sci.crypt,alt.privacy.clipper Date: 23 Jun 1993 17:53:19 -0400 >According to Lynn McNulty (of NIST) ... > >Also, the civilian review of the Skipjack algorithm has started (on Monday). >2 people are from academia, and 3 from private industry. One of the DOE >national labs is represented (but I don't know whether this counts as academia >or private industry). Dorothy Denning is one member (according to her). >McNulty wouldn't reveal any names. > >Also, McNulty beleives that escrowed keys would be made available to >foreign law enforcement organizations if requested. The following >scenario springs to mind: > > French LE to FBI: We have one suspect from the WTC bombing > under surveillance in Paris. He uses a > clipperphone to communicate. Can we have > the keys to chip ID 145632? > FBI to French LE: Are you working with the French Secret Service > who is trying to tap the phones of corporate > America? > French LE to FBI: NON! > FBI to French LE: Do you promise that the chip ID > 145632 really is in Paris and is not in the > phone of ? > French LE to FBI: OUI! > FBI to French LE: OK - the key is 0b5e7f186ac85e5fb934. > >I'm not trying to pick on the french, but one of the purposes of the >Clipper (sorry Key Escrow) Chip is to protect against foreign >commercial espionage. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: rclark@nyx.cs.du.edu (Robert W. F. Clark) Date: Fri, 25 Jun 93 01:43:51 PDT To: cypherpunks@toad.com Subject: Thanks, anon Message-ID: <9306250844.AA10053@nyx.cs.du.edu> MIME-Version: 1.0 Content-Type: text/plain n12070@anon.penet.fi (Anonymous dude) writes: >I considered bringing up this little anecdote that happened to me in >`real time' but decided against it, but now can't resist while the >subject is in the list's psyche and nanosecond attention span: Thanks. I'm geographically and culturally isolated in Indiana. You warn that your article is tedious, but it is no such thing. Thanks for posting it. It is perversely pleasing to me to know someone else on the list went through this sort of cop crap. Of course, I was at least technically in violation of the law, but hey. They went after practically everyone I knew, for the vile crime of having me in their address books. I wrote an article about that experience which should appear in the next Phrack. So that you won't feel that your anecdote was tedious, which it certainly was not, you might want to check mine out (it clocks in at about five to six times as long as yours.) >Thanks for listening to all this, it is immensely therapeutic for me >and hopefully some insight is contained herein to minimize a burden for you. Thanks for sending it out; it was nicely written, and concise. Bet they never see the computer again, though. Either someone ripped it off for their personal use, or for quick cash, and in either case they would have got them by now. They may just have hassled you as a last resort when the trail went cold. Police are, indeed, ungrateful brutes of the worst dye. Well, good luck, and I hope all that nasty stuff is over for you. Cop betrayals and "investigations" usually leave a bitter taste in the mouths of their targets, especially since cops can get nasty when they're not finding anything. Ah well. ---- Robert W. Clark rclark@nyx.cs.du.edu PGP signature available by mail or finger From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "George A. Gleason" Date: Fri, 25 Jun 93 02:47:40 PDT To: karn@unix.ka9q.ampr.org Subject: Re: Triggerfish Message-ID: <93Jun25.024716pdt.14146-3@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain On-the-air interception *is* too labor intensive, relatively speaking, given that a cellular call originating or terminating at a given switch can pass through a number of individual cells, each of which would need to be monitored. However, that does not negate the potential usefulness of on-air interception as an *intelligence-gathering* tool from which the results can be fed into the process of getting a warrant to tap at the switch. The problem of maintaining privacy can be and in fact *is* effectively solved though. A couple of companies are making cellular to 2500-set adapters which basically allow any regular single-line device to be plugged in and transmit via cellular. This obviously includes standard modems, plus or minus the problems associated with variable transmission quality over the airwaves. So any regular cryptosystem that can work on analog lines should be applicable here. If anyone out there is further interested in these cellular-to-single-line-device adaptors, email me and I can get prices and specifications. -gg From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Fri, 25 Jun 93 03:21:16 PDT To: tcmay@netcom.com Subject: Re: Weak stenography. Message-ID: <9306251019.AA13652@servo> MIME-Version: 1.0 Content-Type: text/plain Tim May: >Some solutions: >1. Make programs like "readdat.exe" ubiquitous...distribute them on >shareware disks, CD-ROMs, etc. Thus, many households and offices will >have "readdat.exe"-like programs, whether they use them or not. Mere I like this idea, as long as the mere possession of such programs isn't also criminalized. Don't laugh -- the government actually seems to think that they can enforce laws banning the mere private possession of certain types of bit patterns, like child pornography. I have about two dozen CD-ROMs on my shelf, containing the usual oodles of gigabytes of stuff. Mostly mirrors of anonymous FTP archives and shareware BBSes. So far I have read only a tiny fraction of the bits on those disks, and I expect I'll never read much more. There's no reasonable way I could be expected to know if there isn't a contraband file or two buried in all those gigabytes. But consider the Akron BBS operator who got busted for a file that somebody had uploaded to his machine, transferred off to backup and forgotten. I wonder how many similar files have already made it to CD-ROM? Makes me kind of wish I had bought all my computer equipment and software anonymously, for cash... Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Fri, 25 Jun 93 03:29:06 PDT To: mnemonic@eff.org Subject: Re: DH for email (re: email protection and privacy) Message-ID: <9306251027.AA13692@servo> MIME-Version: 1.0 Content-Type: text/plain Phil Karn asks: > >You're not required to go *beyond* what is specified in a subpoena. > >But the subpoena's specifications can be pretty broad. > > Are you talking civil, criminal, or both? Mike Godwin replies: I assume you're asking about civil versus criminal contempt. Me again: No, I was actually asking about the differences between subpoenas in civil and criminal cases. Since the 5th amendment specifically mentions criminal cases, I presume that means it can't shield you in a civil case (unless perhaps the same information could also implicate you in a crime.) Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@alumni.cco.caltech.edu Date: Fri, 25 Jun 93 05:32:09 PDT To: cypherpunks@toad.com Subject: Re: Chained remails Message-ID: <9306251230.AA10558@alumni.cco.caltech.edu> MIME-Version: 1.0 Content-Type: text/plain M..Stirner@f28.n125.z1.fidonet.org (M. Stirner) sez: > > Gee, am I amazed. An anonymous post claims to have been routed via > SIXTEEN (presumably cypherpunks) remailers. Using the posted list of > "active" cypherpunks remailers & the revised remailer manual, I have > been unable to get simple > > To: remailer@wherever.doodah.edu > > :: > Request-Remailing-To: > > test messages to run through any but a couple (9, 10 & 12 I believe). I > have _never_ been able to get any of the "insects @ Berkeley" remailers > to go with the standard syntax...or otherwise. > > Are most remailers down on any given day? Could Mr. Sixteen Jumps do it > twice in a lifetime? Well, I really used only 5 different remailers, total of 16 hops. I Should haf made that clearer. The ones I used were: hh@pmantis.berkeley.edu hh@cicada.berkeley.edu hh@soda.berkeley.edu hal@alumni.caltech.edu hfinney@shell.portal.com This message will go through 24 hops, just for the heck of it. ....Mr. Funn From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Brian D Williams Date: Fri, 25 Jun 93 12:27:36 PDT To: cypherpunks@toad.com Subject: triggerfish Message-ID: <93Jun25.122707pdt.13989-3@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Phil Karn posted; In CU Digest 5.46: |> Harris Law Enforcement Products |> |> TRIGGERFISH has a number of cellular phone based applications: |> determining a suspects phone number, dialed number recorder, and |> wiretapping. According to Harris, ``for the first time, law |> enforcement is not at a disadvantage in tracking the high-tech |> criminal.'' Additionally, the unit ``collects and integrates all |> relevant data, including voice, directly from the ether.'' |> Reprinted from Full Disclosure, Box 903, Libertyville, Illinois 60048 It would be child's play for the NSA to accomplish this from orbit.....hmmmmm I wonder what they call it? Brian D Williams From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peb@PROCASE.COM (Paul Baclace) Date: Fri, 25 Jun 93 12:53:23 PDT To: talon57@well.sf.ca.us Subject: Re: triggerfish Message-ID: <9306251953.AA02713@banff.procase.com> MIME-Version: 1.0 Content-Type: text/plain > to accomplish this from orbit How big and sensitive would an antenna need to be in orbit to accomplish this? It would have to be sensitive to 1 watt transmitters. They send up many polar orbit satellites which are not too far away, so that could be a big help. Paul E. Baclace peb@procase.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Fri, 25 Jun 93 14:06:44 PDT To: talon57@well.sf.ca.us Subject: Re: triggerfish Message-ID: <9306252106.AA17092@servo> MIME-Version: 1.0 Content-Type: text/plain >How big and sensitive would an antenna need to be in orbit to accomplish >this? It would have to be sensitive to 1 watt transmitters. They >send up many polar orbit satellites which are not too far away, so that >could be a big help. Sensitivity is not the issue. Two 1-watt walkie-talkies, one in (low) orbit and one on the ground, can (and do) communicate with each other as long as the earth isn't standing in the way. It's done on the ham radio bands on just about every space shuttle mission (like the one currently underway). Higher orbits require better antennas, but they're no big deal. The real problem with a space-based cellular telephone surveillance system is interference - the best spot beam antenna you can make would still take in *many* ground transmitters on the same channel in a place like New York City. From orbit, you see everything, whether you want to or not. This is borne out again and again with tapes from the shuttle. Often you hear nothing at all because there are so many ground stations all transmitting at the same time that none of them are recoverable. Some hams run ungodly amounts of power to get through, not because it's required for the distance to be traveled, but to stand far enough above everybody else that they can capture the shuttle's receiver. Both these systems and cellular telephones use the same modulation method - FM. Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Duncan Frissell <76630.3577@CompuServe.COM> Date: Fri, 25 Jun 93 12:22:17 PDT To: Subject: SEARCH ME Message-ID: <930625191757_76630.3577_EHK47-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain (an12070) It is rarely to one's advantage to "assist the police." In fact in British English the sentence "Fred C. Schwartz is assisting the police in their investigation" means that Fred C. Schwartz is the prime suspect. (Trivia contest for ex right wing nuts - Who was Fred C. Schwartz?) My search warrant story need not use penet.fi. In the early 80's I was residing in a rented house in a city located in a region of the country that was once Democratic Farm Labor Party territory. Being an inveterate reader of the newspaper, I was one day surprised to discover that our house was to be searched by the authorities at some point in the next few weeks. Specifically, the article said that the houses on block of street were going to be searched as part of a survey to determine how many had illegal basement drains. Apparently the criminals who had constructed much of the housing in that neighborhood in the 1920s had connected basement drains to the *storm sewers* from whence who knows what hideous substances could drain into the navigable waters of the United States without undergoing tertiary, secondary, or even primary treatment. What's more, they had not complied with the Water Quality Act of 1970, as amended. Who could believe that such evil exists in the human heart. My wife (who in many ways was just the sort of female Kipling had in mind when he penned 'Deadlier Than the Male') and I decided to resist this search. Since I was away during the day, it would fall to here to deal with the authorities. In due course, a sewer inspector rang our doorbell. My wife demanded to see his warrant. He was shocked and mortified. He tried to talk her into allowing the search. He used primate arguments like "everyone else is letting us in." My wife used Northern European arguments like "I'm not everyone else." He went away. Over the next few weeks, various bureaucrats called my wife and tried to get her to change her mind. They said, "You're not going to force us to waste all that time and money and get a warrant, are you?" She replied, "Consider it a valuable education on the 4th amendment." Eventually, they showed up with a warrant and some cops just in case we resisted. My wife took her time reading the warrant. It said they could search the basement so she led them around to the back door and led them down to the basement where they discovered our criminal drain. If I hadn't been working 70 hours a week, maybe I would have had fun and tried to quash (not squash) the warrant and explored the modern case law involving regulatory searches - a nasty area. When we told our neighbors what we had done they said that they didn't know that one could resist a warrantless search. A good time was had by all. Quo warranto? This was also a town where the public and catholic schools all ended summer vacation on the same day. After that day, my youngest daughter was going about from place to place without apparent lawful occupation when an officious intermeddler asked her why she wasn't in school. She then told her questioner what I had told her to say, "My father doesn't believe in your schools, he says that they are all dominated by communists." Shuts them up every time. Duncan Frissell Who is writing this in the terrorist capital of the US - Jersey City, NJ - but who has been denied a tactically necessary assault rifle by Governor Jim Florio. When amonium nitrate and diesel fuel in a 16 to 1 ratio are outlawed only outlaws (and farmers) will have amonium nitrate and diesel fuel in a 16 to 1 ratio. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: hkhenson@cup.portal.com Date: Fri, 25 Jun 93 21:05:20 PDT To: cypherpunks@toad.com Subject: Re: triggerfish Message-ID: <9306251518.1.29858@cup.portal.com> MIME-Version: 1.0 Content-Type: text/plain Brian D Williams wrote (re TRIGGERFISH): > It would be child's play for the NSA to accomplish this from >orbit.....hmmmmm I wonder what they call it? My guess would be that it can't be done. Just getting up in a light aircraft with a cell phone is instructive. With every cell site in 50 miles being about the same distance (even from LEO) I don't think you could pick out a single conversation. On the other hand, with enough directionality . . . . nah, the antenna would be a monster. Keith From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Timothy Newsham Date: Fri, 25 Jun 93 19:08:12 PDT To: cypherpunks@toad.com Subject: term for ibm Message-ID: <9306260208.AA14613@toad.com> MIME-Version: 1.0 Content-Type: text/plain I needed to do some DOS programming at work, and used the 'MCOMM' serial package. It comes with a demonstration program called 'smalterm.exe' I read through it a few times and it dawned on me how easy it would be to hook it up to LINK (link encryption). The problem is that the package is (c) and shareware. Furthermore none of the documents say anything about the status of the demo programs. I estimate it would take 30 minutes to an hour to get encryption up and running with that term program. Does anyone know of a small terminal program that has a few essential features, with good modularity? One that is publically available or we could use with the authors blessings? ... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: cestes@argos5.DNET.NASA.GOV (Chris Estes) Date: Fri, 25 Jun 93 13:37:26 PDT To: "cypherpunks@toad.com"@EAST.DNET.NASA.GOV Subject: Orbiting antennas Message-ID: <9306252026.AA24642@east.gsfc.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain Paul Baclace asks about receiving data on a polar oribiting spacecraft. That's what my company does for a living. I'm not a radio specialist, and not involved in the design of the on-board instrumentation, but the gear is not to sophisticated. We transmit in the 401 Mhz area, the antenna on the spacecraft is a simple, omnidirectional affair, that I don't have any handy specs for. It's about a meter long and 8cm in diameter; what's inside? I don't know. We typically hit the spacecraft with one watt (at an altitude of 870km), but have one guy who is able to get it at 150 milliwatts (!). I haven't been following the thread, but if you're thinking about phone-type systems, remember that with polar orbiters, you're only going to have about a 15 minute window during which the spacecraft will be overhead. Unless you're doing store and forward messaging, the sender and receiver of the signal have to be in the footprint at the same time. I hope that's relevant (I should do a better job of keeping up!) -Chris Estes- cestes@argos5.dnet.nasa.gov From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: axelrod@s106.es.llnl.gov (Mike Axelrod 422-0929) Date: Fri, 25 Jun 93 17:42:46 PDT To: karn@qualcomm.com Subject: Re: Contempt of Court Message-ID: <9306260044.AA28615@s106.es.llnl.gov> MIME-Version: 1.0 Content-Type: text/plain You do have me confused with Mike Godwin. I did write: > >If the key itself had embedded testimony that was incriminating, then it is > >possible one could invoke the 5th amendment to avoid disclosure of the key. > >But, I suppose a court could do an end run around that by giving limited > >use immunity for the incriminating content of the key. Comments? But the rest of your questions refer to Mike Godwin. My guess is that one could be compelled to reveal the combination to a lock because the combination is not testimony. I'm sure that govenment lawyers would argue that a key is not testimony, just as a combination to a safe is not testimony. Perhaps some research would turn up the answer to this question. There is also the matter of discovery in civil actions. If one had financial records in encrypted form, a court could order you disclose the key under the threat of civil contempt. Civil contempt can be worse than criminal contempt. The court can ruin you financially and keep you in jail until you comply with the order. Mike. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jet@netcom.com (J. Eric Townsend) Date: Fri, 25 Jun 93 12:36:49 PDT To: cypherpunks@toad.com Subject: USAF Incident Summary Message-ID: <9306251937.AA17842@netcom4.netcom.com> MIME-Version: 1.0 Content-Type: text/plain A couple of somewhat interesting crypto tidbits. ------- Start of forwarded message ------- [From the NIST Security Bulletin Board] FROM: AFCSC/SRM 250 Hall Blvd, Suite 347 San Antonio TX 78243-7063 SUBJ: THE CONNECTION Information Letter AFOSI COMPUTER CRIME CASES by TSgt Dwayne L. Thomas AFCSC/SRME Destruction of Government Property, Unauthorized Access to Material, Violation of Article 134 of UCMJ Location: CONUS Motive: Personal revenge and vandalism Duty Position: Systems Administrator, Military An investigation was initiated after a CONUS-based research center had reported that various files contained in the center's mainframe computer had been altered. The subject (a Sgt assigned as the Systems Administrator) had created a program that only he was able to access. This resulted in the subject being able to access, extract, and subsequently delete information without being detected. Being the Systems Administrator, the subject had enough knowledge of the passwords, audit trails, and software to manipulate information at will. After the investigation began, subject admitted fixing the computer so that no one else could access the subject's personal program. The subject was upset with upper management for not giving the amount of recognition due for creating another program for the center's use. Subject stated that months had been spent working on this program. Subject also felt pressured because past job performance and two altercations at the NCO Club might cause denial of reenlistment. Subject also was a co-owner in a failing carpet and upholstery cleaning business and stated that building a program that only one person could run would make the subject important to the mission and increase chance for reenlistment. Subject was fined 1 month's pay, denied reenlistment, and given a bad conduct discharge. BOTTOM LINE: It is vitally important that no one person have all the knowledge about how to operate a system because if one day that person is sick, quits, or dies, the organization will be in a world of trouble. Some ways to prevent this are by assigning a primary and alternate administrator, having continuity books available, and having training sessions. Remember, computers are dumb machines and are only as smart as the person who's programming them. Wrongful Use and Conversion of Government Computer, Theft of Government Property, Copyright Violation, Violation of Title 18 of U.S. Code 641 Location: CONUS Motive: Personal financial gain Duty Position: Functional User, Military An investigation was initiated after it was discovered that a SSgt assigned to the Base Data Processing Facility had been misusing government resources for personal profit. The subject was working part time for a local contractor and was making profit by making illegal copies of government purchased software. The subject would take pieces of equipment from the duty section and provide it to the contractor. The subject would copy the government software and provide one copy to the contractor and keep one copy so that it could be replicated and sold for more money. After the investigation began, the subject admitted making copies of the government software and contacting other companies to see if they wanted to purchase copies of the stolen software. Subject also admitted bringing disks in from home and running them on the government systems for evaluation. Subject felt that even though violations had occurred, accountability was questionable because security briefings on the legalities involved with copying government software had not been provided. The extra money had helped the subject with a bad financial situation. The subject resigned from his part-time job, was fined 2 months' pay, given a letter of reprimand, and placed on a control roster. BOTTOM LINE: Even though the Air Force purchases large amounts of software from various companies, it is still subject to copyright laws the same as any individual. We must continue to educate all our personnel that this is a very, very serious offense and complacency is not an acceptable excuse. Also, the risk of introducing viruses from unauthorized software onto a computer system can completely halt an operation. Never allow unauthorized software into your duty section. Remember, taking chances like this with the security of your system is like having a friend with a drinking problem and for his/her birthday you give him/her a shopping spree at a liquor store--it's a no-win situation! COMSEC INCIDENTS by Mr Richard L. Davis AFCSC/SRMP The total number of physical and cryptographic COMSEC incidents reported within the Air Force for the following past 2 years were: CY91 - 480 CY92 - 364 This Trend Summary will compare CY91 with CY92 COMSEC incidents and the previous 6 months with the past 6 months. Data on practices dangerous to security (PDS) will also be included in this summary. The total number of COMSEC incidents reported for the Jan-Jun 92 time frame was 191 as compared to the Jul-Dec 92 total, which was 173. This is a decrease of 18 incidents. The total and type of COMSEC incidents that occurred in CY91 and CY92 are: Type Of Incident 1991 1992 Physical 432 330 Cryptographic 48 34 Total: 480 364 PDSs 74 116 Physical, cryptographic, and PDS COMSEC incidents are categorized into the following types and totals (comparing the past 6 months with the previous 6 months): Physical Categories: Jan-Jul 92 Jul-Dec 92 Totals Loss Control Of COMSEC 53 63 116 Permanent Loss 49 32 81 Unsecured Safes/Workcenters 20 15 35 Destruction Irregularities 19 17 36 Lost Two-Person Integrity 7 14 21 Unauthorized Access/Use 13 4 17 Damaged Packages 4 6 10 Unauthorized Shipping Mode 5 4 9 Unauthorized Reproduction 2 2 4 Facility Construction 1 0 1 Totals: 173 157 330 Cryptographic Categories: Used Superseded Material 1 1 2 Extended Crypto Period 9 8 17 Unauthorized Use Of Material 6 3 9 Unauthorized Maint Performed 2 4 6 Totals: 18 16 34 PDSs: Inadvertent Destruction 18 37 55 Inadvertent Opening 5 5 10 Physical Loss 3 9 12 Destruction Irregularities 13 6 19 Unauthorized Viewing 1 2 3 Material Pulled from Canister 1 0 1 Unauthorized Shipping Mode 2 0 2 Damaged Packages 1 0 1 Loss of Control of COMSEC 4 6 10 Forced Entry Into Safe 0 1 1 Unauthorized Reproduction 2 0 2 Totals: 50 66 116 Now that you have seen the total breakdown of all the COMSEC incidents of the past 2 years and the two 6-month periods, let's compare the previous 6 months with the past 6 months and show some of our major problems (by categories) that have been and still are the leading factors within the COMSEC incident world. Loss of control of COMSEC has been the front-runner of COMSEC incidents in the past 3 years. If you noticed, during the Jan-Jun time frame, there were 53 incidents and in Jul-Dec there were 63. This was an increase of 10 reported incidents. We are supposed to decrease incidents--not increase them. The same types of occurrences are still happening as before, just different personnel are losing the handle. Material is still being left unattended in hallways, government vehicles, and any place you can think of. As you can see, there were 116 incidents of this type in 1992. We had 116 people go "brain dead" for some reason. This can be the only logical reason for leaving their COMSEC material unsecured/unattended. Permanent loss of COMSEC material is still the second runner-up. There was a decrease of 17 incidents when comparing the two 6-month periods. During the first 6 months, there were 49 COMSEC incidents; and during the latter 6 months, there were 32, with a grand total of 81 for the year. People are very, very careful not to lose their money or paycheck, so why can't they apply the same rules and hard-nosed controls when it comes to protecting their COMSEC? The primary reason for lost COMSEC material is not paying attention to details. Unsecured safe/workcenter incidents decreased by five in the latter 6 months as compared to the first 6 months. There were 20 reported incidents in the first 6 months, while 15 incidents were reported for the latter months. People are still not checking their safes at the end of the day. They are assuming it's locked or secured. One day their assumptions will prove them wrong. The COMSEC Managers must instill in all their users to take that extra minute to check safes and stop the rushing. Remember, speed can cause a COMSEC incident. Destruction irregularities decreased by two for this reporting period. There were 19 incidents for the last reporting period as compared to 17 incidents this period. Single signatures on destruction reports at the users' level, material claiming to be destroyed but later found intact, and falsification of signatures on destruction reports are some of the reasons for the 36 incidents for the year. Loss of two-person integrity was on the down swing, but somehow it's back again and on the increase. The first 6 months there were only seven incidents of this type reported. However, for the last 6-month period, we doubled, with a total of 14 incidents. Even though the total count for 1992 was 21 as compared to 29 for 1991, each 6-month period should show some type of decline, not double its quantity from the last reporting period. It shows we completely fell off track and must get back to where we started the first 6 months. COMSEC users must be retrained on two-person integrity procedures. Unauthorized access/use showed a definite decline for this period as compared to the last reporting period. For this period there were only four incidents compared to 13 for the first reporting period. This low count of incidents can be contributed to unauthorized personnel being stopped at the door, individuals being checked before any material is handed to them, and using the proper material for the right purpose. Damaged packages were due mostly to the inner wrapper splitting open from the heavy weight of the material or to overpacking. There was a total of six incidents for this period as compared to our incidents for the latter period. The grand total for the year was 10 incidents. Unauthorized shipping mode for this period accounted for four incidents, and the latter 6 months had five incidents. Even though there were only 10 incidents for the year, shipping COMSEC material by the correct mode of transportation is a must. Unauthorized reproduction remained the same for both periods with two incidents each. Users are beginning to understand that they must obtain the controlling authorities' approval prior to any reproduction. Use of superseded material also remained the same for both reporting periods with one incident each. Users must check their COMSEC material before it's put into effect. Extended crypto period had a total of 17 violations for the year. There were nine incidents for the first 6 months, while for the latter months there were eight incidents. Both terminal ends are held responsible for incidents of this type. It seems that the one end is waiting for the other to make the call, but somehow no one calls until after the grace period. Unauthorized use of COMSEC material declined by three this reporting period. The majority of these incidents were caused by individuals accidentally using the wrong COMSEC material on equipment not authorized for its use. This type of incident could be totally eliminated if individuals took the time to check the COMSEC material before inserting it into the equipment. Unauthorized maintenance performed on COMSEC equipment is a definite, "no-no," so why do Mr Goodwrenchs who work on cars, coffee pots, and toasters think they are crypto maintenance personnel? There was a total of six incidents for the year. During the last 6 months, we had four personnel who thought they were maintenance personnel. Please inform them to leave COMSEC equipment alone. PDSs are on the rise. Even though no case numbers are assigned to these incidents, they show the Air Force's weakness in handling their COMSEC material. Please notice the category Inadvertent Destruction. People are destroying material with their eyes shut. Perhaps they figure since it's the end of the month, they must destroy something. COMSEC material should be checked more than once before it is put into destruction status. Make sure the right material is being destroyed. All COMSEC incidents could be prevented if everyone followed established procedures and rules for protecting COMSEC material. Also, retraining some of our COMSEC users is a must because the majority of COMSEC incidents are caused by the users. Every effort must be made to continue educating every user within the Air Force. Every COMSEC Manager knows who his/her weak links are. As managers, you must go directly to those weak links and strengthen them with knowledge about COMSEC. If we all work together and continuously educate all COMSEC users, COMSEC incidents will be reduced considerably. ------- End of forwarded message ------- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Fri, 25 Jun 93 21:03:14 PDT To: newsham@wiliki.eng.hawaii.edu (Timothy Newsham) Subject: Re: term for ibm In-Reply-To: <9306260208.AA14613@toad.com> Message-ID: <9306260403.AA08675@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain According to Timothy Newsham: > I needed to do some DOS programming at work, and used > the 'MCOMM' serial package. > It comes with a demonstration program called 'smalterm.exe' > I read through it a few times and it dawned on me how easy > it would be to hook it up to LINK (link encryption). > The problem is that the package is (c) and shareware. Furthermore > none of the documents say anything about the status of the > demo programs. I estimate it would take 30 minutes to an > hour to get encryption up and running with that term program. Well, I have to suggest telix. ;^) Telix has built in hooks for external protocols which you could use to impliment your encryption link. It has a very good script language. Further, I have been using it for some time now and think I am pretty good with it. I could help you get it going. > Does anyone know of a small terminal program that has > a few essential features, with good modularity? One that > is publically available or we could use with the authors > blessings? Telix is relatively small, has many features, and the script language is very modular. It isn't src distribution, though. Still it's a thought. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mail Delivery Subsystem Date: Sat, 26 Jun 93 20:34:39 PDT To: habs@Panix.Com Subject: Returned mail: User unknown Message-ID: <199306261258.AA25065@sun.Panix.Com> MIME-Version: 1.0 Content-Type: text/plain ----- Transcript of session follows ----- While talking to toad.com: >>> RCPT To: <<< 550 ... User unknown 550 cyhperpunks@toad.com... User unknown ----- Unsent message follows ----- Received: by sun.Panix.Com id AA25038 (5.65c/IDA-1.4.4 for cyhperpunks@toad.com); Sat, 26 Jun 1993 08:58:20 -0400 From: Harry Shapiro Message-Id: <199306261258.AA25038@sun.Panix.Com> Subject: Re: Government fear of strong crypto To: kellyg@sco.com (Kelly Goen) Date: Sat, 26 Jun 1993 08:58:19 -0400 (EDT) Cc: cyhperpunks@toad.com In-Reply-To: <9306241425.aa09999@vishnu.sco.com> from "Kelly Goen" at Jun 24, 93 02:25:06 pm Reply-To: habs Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Content-Length: 325 a conscious being, Kelly Goen wrote: > > 1) The NSA is not chartered for domestic surveillance work. I figure this means the FBI has an office at the NSA and has NSA staff members working under contract to the FBI so that while the NSA is ot overseeing domestic interception their staff is doing it for the FBI. /hawk From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@soda.berkeley.edu Date: Sat, 26 Jun 93 12:06:17 PDT To: cypherpunks@toad.com Subject: No Subject Message-ID: <9306261902.AA02316@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain * Reply to msg originally in CYPHERPUNKS Uu> It is rarely to one's advantage to "assist the police." In fact in Uu> British English the sentence "Fred C. Schwartz is assisting the police Uu> in their investigation" means that Fred C. Schwartz is the prime Uu> suspect. Rather like "very tired" when used to describe the public appearance of an MP as in, "...Sir Henry appeared very tired." The term "very tired" apparently is the pervasive newspaper euphemism for "very drunk." Uu> My wife (who in many ways was just the sort of female Kipling had in Uu> mind when he penned 'Deadlier Than the Male')... Splendid finds, these, when one can keep them in alliance. It's always a joy to introduce them to firearms. Uu> In due course, a sewer inspector rang Uu> our doorbell. My wife demanded to see his warrant. He was shocked Uu> and mortified. Uu> Over the next few weeks, various bureaucrats called my wife and tried Uu> to get her to change her mind. They said, "You're not going to force Uu> us to waste all that time and money and get a warrant, are you?" She Uu> replied, "Consider it a valuable education on the 4th amendment." I won't waste a great deal of time in idle & uninformed speculation, but I seem to remember that certain "public safety" types do not need a warrant to intrude. As a matter of fact, I know of instances where cops accompanied such functionaries on trumped-up "inspections" to avoid the trouble of getting warrants. . I should be pleased to hear qualified legal opinion on this. Uu> Who is writing this in the terrorist capital of the US - Jersey City, Uu> NJ - but who has been denied a tactically necessary assault rifle by Uu> Governor Jim Florio. Yes, but don't you feel _much safer_ disarmed? No? Well, be content with a nice shotgun. Uu> When amonium nitrate and diesel fuel in a 16 to 1 ratio are outlawed Uu> only outlaws (and farmers) will have amonium nitrate and diesel fuel Uu> in a 16 to 1 ratio. This shall no doubt turn up in sigs before week's end. ********************************************************************* * - PGP Key D30909 via servers * * > What country can preserve its liberties if its rulers are not <* * > warned from time to time that their people preserve the spirit <* * > of resistance? Let them take arms!" - Thomas Jefferson, 1787 <* ********************************************************************* ___ Blue Wave/QWK v2.12 -- M. Stirner - via RBBS-NET node 8:914/201 INTERNET: M..Stirner@f28.n125.z1.RBBS-NET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@soda.berkeley.edu Date: Sat, 26 Jun 93 12:06:18 PDT To: cypherpunks@toad.com Subject: Remailer at rebma.mn.org Message-ID: <9306261902.AA02325@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain * Reply to msg originally in CYPHERPUNKS Uu> My apologies to anyone who has tried to use the anonymous remailer at Uu> rebma.mn.org in the past several weeks. Uu> I imagine that people who weren't successful were Uu> experimenters who chalked up the failure to something they'd done Uu> wrong. I did, indeed! Uu> It's working again, now. Uu> Here's the PGP key. Does this remailer _require_ an encrypted header, or will it take the | | :: | Request-Remailing-To: | plaintext command? ********************************************************************* * - PGP Key D30909 via servers * * > What country can preserve its liberties if its rulers are not <* * > warned from time to time that their people preserve the spirit <* * > of resistance? Let them take arms!" - Thomas Jefferson, 1787 <* ********************************************************************* ___ Blue Wave/QWK v2.12 -- M. Stirner - via RBBS-NET node 8:914/201 INTERNET: M..Stirner@f28.n125.z1.RBBS-NET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@cicada.berkeley.edu Date: Sat, 26 Jun 93 12:06:45 PDT To: cypherpunks@toad.com Subject: No Subject Message-ID: <9306261906.AA19140@cicada.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain * Reply to msg originally in CYPHERPUNKS > Are most remailers down on any given day? _That_ question has been partially answered in another post! Uu> Well, I really used only 5 different remailers, total of 16 hops. I Uu> Should haf made that clearer. Uu> This message will go through 24 hops, just for the heck of it. Well, it made it, I suppose. I'll try this one via the same remailers, plus another one I know to be working. ********************************************************************* * - PGP Key D30909 via servers * * > What country can preserve its liberties if its rulers are not <* * > warned from time to time that their people preserve the spirit <* * > of resistance? Let them take arms!" - Thomas Jefferson, 1787 <* ********************************************************************* ___ Blue Wave/QWK v2.12 -- M. Stirner - via RBBS-NET node 8:914/201 INTERNET: M..Stirner@f28.n125.z1.RBBS-NET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: zane@genesis.mcs.com (Sameer) Date: Sat, 26 Jun 93 11:41:43 PDT To: M..Stirner@f28.n125.z1.RBBS-NET.ORG (M. Stirner) Subject: Re: Remailer origin lines In-Reply-To: <47.2C2951B0@wyrm.rbbs-net.ORG> Message-ID: MIME-Version: 1.0 Content-Type: text/plain In message <47.2C2951B0@wyrm.rbbs-net.ORG>, M. Stirner writes: > > Uu> A "Dont-Mess-With-Trailers:" header line would help a bit. > > The BlueWave blurb was added by the program & can be stripped by > re-editing the message before upload. Everything else is out of my > control completely & added automagically by the host or the UUCP > gateway. The sucker stays, no matter what I do. Some anonymity! > How about a header line such as: X-Cut-End-Lines: 6 Which would instruct the remailer to cut the last six lines off the mail message as it receives it. Thus a user could figure out how many lines at the end of his message is added on without his control and instruct the remailer to cut out that amount of lines. -- | Sameer Parekh-zane@genesis.MCS.COM-PFA related mail to pfa@genesis.MCS.COM | | Apprentice Philosopher, Writer, Physicist, Healer, Programmer, Lover, more | | "Symbiosis is Good" - Me_"Specialization is for Insects" - R. A. Heinlein_/ \_______________________/ \______________________________________________/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Sat, 26 Jun 93 13:40:32 PDT To: cypherpunks, gnu Subject: Int'l Conf on Signal Processing Apps & Tech, Santa Clara, 28Sep93 Message-ID: <9306262040.AA12510@toad.com> MIME-Version: 1.0 Content-Type: text/plain Folks interested in DSP's, including voice compression and encryption, fast exponentiation, etc, may want to attend this conference. Particular sessions of interest: Workshop, 27 Sep: Low Cost Speech Compression Technology for Consumer Applications. (costs extra $150) Digital Encryption System for Speech Communication over the Public Switching Telephone Network, Sofi'a Moreno Pe'rez, Rafael Sarmiento de Sotomayor, Luis Di'ez del Ri'o, Jose' Parera Bermu'dez, Marcelino Veiga Pe'rez, and Ramo'n Garcia Go'mez, E.T.S.I. de Telecomunicacio'n, Spain. Real-Time Implementation of Variable Rate QCELP Codec using TMS320C30 DSP, Kyongo Han, Byungsik Yoon, Insung Lee, and Sangwon Kang, Electronics & Telecom. Research Institute, Korea Improving the Cryptanalysis Algorithms Based Upon the Multiple Residues, S.J. Tabatabaian and G.P. Singh, University of Newcastle upon Tyne, U.K. three more papers on Speech Coding Algorithms 15 more papers on Speech Coding Implementation and about 100 other papers. Price: $495 before 25Aug93; $595 after. Students: $350 before, $425 after. DSP Associates 18 Peregrine Road Newton Centre, MA 02159 USA +1 617 964 3817 +1 617 969 6689 DSPWorld@world.std.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@rosebud.ee.uh.edu Date: Sat, 26 Jun 93 12:06:01 PDT To: cypherpunks@toad.com Subject: Re: chained remails Message-ID: <9306261905.AA09976@toad.com> MIME-Version: 1.0 Content-Type: text/plain * Reply to msg originally in CYPHERPUNKS Uu> The problem may be the Fidonet addressing. Many times I have tried to Uu> send mail to people with mailing addresses like M's, and not had the Uu> mail get through. I don't know what the rules are but perhaps some Uu> systems can get it and some can't. Note that _this_ message goes through an RBBS/UUCP gate. The problem remains, however. On the other hand, I just noted a sheepish message about the remailer@rebma.mn.org being ill for the past couple of weeks, which would explain my failures with that system. Uu> I'd suggest to M. that he take one of the systems that does respond to Uu> his remailing requests, and have that be the LAST one in a chain of Uu> two. So, he could send to, say, hh@cicada.berkeley.edu, and follow Uu> that with elee7h5@rosebud.ee.uh.edu. Perhaps this would get through: An interesting experiment I shall try today, perhaps with this very message. Thank's, Hal, for the input. I should like to see these remailers popularized, along with encryption, as one of the best political moves we cypherpunks can make. De-glitching them for broader use may be a thankless task, but would be worth it if it results in their general use. Uu> -----BEGIN PGP SIGNATURE----- P.S.: Have you heard anything of the alleged bug with version 2.3 being unable to verify plaintext PGP signatures? ********************************************************************* * - PGP Key D30909 via servers * * > What country can preserve its liberties if its rulers are not <* * > warned from time to time that their people preserve the spirit <* * > of resistance? Let them take arms!" - Thomas Jefferson, 1787 <* ********************************************************************* ___ Blue Wave/QWK v2.12 -- M. Stirner - via RBBS-NET node 8:914/201 INTERNET: M..Stirner@f28.n125.z1.RBBS-NET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: M..Stirner@f28.n125.z1.RBBS-NET.ORG (M. Stirner) Date: Sun, 27 Jun 93 11:33:58 PDT To: cypherpunks@toad.com Subject: Re: remailer origin lines Message-ID: <70.2C2D7E4E@wyrm.rbbs-net.ORG> MIME-Version: 1.0 Content-Type: text/plain * Reply to msg originally in CYPHERPUNKS Uu> How about a header line such as: Uu> X-Cut-End-Lines: 6 Uu> Which would instruct the remailer to cut the last six lines Uu> off the mail message as it receives it. Thus a user could figure out Uu> how many lines at the end of his message is added on without his Uu> control and instruct the remailer to cut out that amount of lines. The number of lines added seems to vary with the gating. I'm sort of leaning toward a ........8<....(cut here).....8<....... kind of solution; I mean, I know for a fact where I stopped, so anything beyond that ought to be eaten by the remailers, IMHO. There is probably a good argument against that solution, but I can't think of it offhand. ********************************************************************* * - PGP Key D30909 via servers * * > What country can preserve its liberties if its rulers are not <* * > warned from time to time that their people preserve the spirit <* * > of resistance? Let them take arms!" - Thomas Jefferson, 1787 <* ********************************************************************* ___ Blue Wave/QWK v2.12 -- M. Stirner - via RBBS-NET node 8:914/201 INTERNET: M..Stirner@f28.n125.z1.RBBS-NET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Pat Farrell" Date: Sun, 27 Jun 93 10:37:01 PDT To: cypherpunks@toad.com Subject: RE: term for ibm Message-ID: <49011.pfarrell@cs.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain In Message Fri, 25 Jun 1993 16:07:03 -1000 (HST), Timothy Newsham writes: >The problem is that the package is (c) and shareware. Furthermore >none of the documents say anything about the status of the >demo programs. I estimate it would take 30 minutes to an >hour to get encryption up and running with that term program. > >Does anyone know of a small terminal program that has >a few essential features, with good modularity? One that >is publically available or we could use with the authors >blessings? The Microsoft C/C++ compilers come with the source code for a simple windows based terminal program. While it is copyrighted, it is all over the planet. In Timmothy Mann's book: Windows Programmer's Guide to Serial Communications, isbn 0-672-30030-3, are sample code for a mid-level terminal program (complete with xmodem). The source is in the book and on a diskette. There are _no_ copyright messages in the sources. The book itself, is of course, copyrighted. In Mark Nelson's book: Serial Communications: a C++ Developer's Guide isbn 1-55851-281-0, are sample code (and diskette)in C++ for DOS, Windows, FOSSIL, and pure UART drivers and a terminal program (complete with ZModem). The code _does not work_ for Windows, but works fine with DOS. Again, no copyright messages in the source code. Kermit (anon-ftp from watsun.cc.columbia.edu) is a free, source available terminal program. Copyrighted Columbia, but enhancements encouraged. Kermit's modularity is at best marginal. Nelson's code is very good. Mann's is acceptable. The Windows TTY is acceptable, but being a Windows program, hardly counts as "small" The Microsoft Visual Control Pack for Visual Basic and Visual C++ includes a "serial control" that should handle most of the hard work in building a terminal program. I can't get it to work from MSVC, and can find no one else on the planet that can either. But if you wanted to start in Visual Basic, I expect that a simple terminal program is no more than a day's work. Pat p.s. I'm using a hacked version of MS TTY as the starting point for my WinPOP mail client. If you think I've spend several hundred dollars looking for working code to build upon, you're right. Pat Farrell Grad Student pfarrell@cs.gmu.edu Department of Computer Science George Mason University, Fairfax, VA Public key availble via finger #include From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@rosebud.ee.uh.edu Date: Sun, 27 Jun 93 12:29:10 PDT To: cypherpunks@toad.com Subject: Remailer ping test Message-ID: <9306271929.AA17347@toad.com> MIME-Version: 1.0 Content-Type: text/plain I tried pinging all the remailers on the latest copy I have of Karl's remailer list (except extropia, which I know only accepts encrypted messages). I sent to each: :: Request-Remailing-To: hfinney@shell.portal.com then a short test message. I only heard back from 8 of them, to wit: hfinney@shell.portal.com Sun Jun 27 08:48:08 1993 hh@soda.berkeley.edu Sun Jun 27 08:48:15 1993 remail@tamsun.tamu.edu Sun Jun 27 08:48:38 1993 nowhere@bsu-cs.bsu.edu Sun Jun 27 08:48:43 1993 phantom@u.washington.edu Sun Jun 27 08:48:40 1993 elee7h5@rosebud.ee.uh.edu Sun Jun 27 08:48:56 1993 hal@alumni.cco.caltech.edu Sun Jun 27 08:48:59 1993 dis.org!remailer@merde.dis.org Sun Jun 27 09:17:24 1993 I did not hear back from the following remailers. Perhaps their operators could check on them, or notify Karl if they are no longer operating. 1: hh@pmantis.berkeley.edu 2: hh@cicada.berkeley.edu 6: remail@tamaix.tamu.edu 7: ebrandt@jarthur.claremont.edu 9: remailer@rebma.mn.org 14: 00x@uclink.berkeley.edu Hal hfinney@shell.portal.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: M..Stirner@f28.n125.z1.FIDONET.ORG (M. Stirner) Date: Mon, 28 Jun 93 01:00:13 PDT To: cypherpunks@toad.com Subject: Remailer ping test Message-ID: <705.2C2EA0A7@shelter.FIDONET.ORG> MIME-Version: 1.0 Content-Type: text/plain * Reply to msg originally in CYPHERPUNKS Uu> I tried pinging all the remailers on the latest copy I have of Uu> Karl's remailer list (except extropia, which I know only accepts Uu> encrypted messages). I sent to each: Uu> :: Uu> Request-Remailing-To: hfinney@shell.portal.com Uu> then a short test message. Uu> I only heard back from 8 of them, to wit: Uu> hfinney@shell.portal.com Sun Jun 27 08:48:08 1993 Uu> hh@soda.berkeley.edu Sun Jun 27 08:48:15 1993 Uu> remail@tamsun.tamu.edu Sun Jun 27 08:48:38 1993 Uu> nowhere@bsu-cs.bsu.edu Sun Jun 27 08:48:43 1993 Uu> phantom@u.washington.edu Sun Jun 27 08:48:40 1993 Uu> elee7h5@rosebud.ee.uh.edu Sun Jun 27 08:48:56 1993 Uu> hal@alumni.cco.caltech.edu Sun Jun 27 08:48:59 1993 Uu> dis.org!remailer@merde.dis.org Sun Jun 27 09:17:24 1993 I have had problems with getting the same test routed through hh@soda and phantom@u.washington. I have not tried dis.org! yet. Uu> I did not hear back from the following remailers. Perhaps their Uu> operators could check on them, or notify Karl if they are no longer Uu> operating. Uu> 1: hh@pmantis.berkeley.edu Uu> 2: hh@cicada.berkeley.edu Uu> 6: remail@tamaix.tamu.edu Uu> 7: ebrandt@jarthur.claremont.edu Uu> 9: remailer@rebma.mn.org Uu>14: 00x@uclink.berkeley.edu #6 has worked for me. The others have not, though the hh@_berkeley remailers will sometimes work if the message is first bounced through another reliable remailer. Why this should be, I know not. Sending the PGP-encrypted message & header to remail@extropia.wimsey.com seems to work very well for losing those stupid footer IDs, & is usually my first leg of multiple-bounce test transmissions. BTW, I note that hal@alumni.caltech.edu has a different address in the first batch of successful remailers. The address hal@alumni.caltech.edu has worked well. Uu> Hal Uu> hfinney@shell.portal.com Thanks for your efforts! ********************************************************************* * - PGP Key D30909 via servers * * > What country can preserve its liberties if its rulers are not <* * > warned from time to time that their people preserve the spirit <* * > of resistance? Let them take arms!" - Thomas Jefferson, 1787 <* ********************************************************************* ___ Blue Wave/QWK v2.12 -- M. Stirner - via FidoNet node 1:125/1 UUCP: ...!uunet!kumr!shelter!28!M..Stirner INTERNET: M..Stirner@f28.n125.z1.FIDONET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Tom Knight Date: Sun, 27 Jun 93 19:25:47 PDT To: cypherpunks@toad.com Subject: SEARCH ME In-Reply-To: <930625191757_76630.3577_EHK47-1@CompuServe.COM> Message-ID: <19930628022527.3.TK@ROCKY.AI.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain Date: Fri, 25 Jun 1993 15:17 EDT From: Duncan Frissell <76630.3577@compuserve.com> When amonium nitrate and diesel fuel in a 16 to 1 ratio are outlawed only outlaws (and farmers) will have amonium nitrate and diesel fuel in a 16 to 1 ratio. If you're going to be cool and make ANFO, you gotta spell it rite: Ammonium nitrate. Don't leave your correct name and address on the rental car, either. Kids: Don't do this at home. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: bear@eagle.fsl.noaa.gov (Bear Giles) Date: Sun, 27 Jun 93 16:49:27 PDT To: cypherpunks@toad.com Subject: Landlords accepting search warrants.... Message-ID: <9306272345.AA18589@eagle.fsl.noaa.gov> MIME-Version: 1.0 Content-Type: text/plain An anonymous writer wrote: >9) I still wonder if the officers would have been able to get a warrant >under my circumstances. At the time I was convinced that they wouldn't >have without additional evidence (of which there assurredly is none). >I had in the back of my mind that I would rather have them search when >I didn't expect it or through my landlord when I wasn't there. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ This keeps popping up, probably due to old _Dragnet_ episodes... As I understand contract law regarding leases, a landlord _cannot_ grant permission for a police search unless the lease is in default. Or, more precisely, if they did you could sue them for "breach of contract" and extract pretty hefty penalties. Perhaps California leases have some standard clause which permits this, but in general a "lease" transfers all "non-freeholder" property rights, except for those explicitly -returned- within the contract. That means the tenant is the property owner for all intents and purposes except for "freeholder" rights (e.g., a tenant can't sell the property). Bear Giles From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@pmantis.berkeley.edu Date: Mon, 28 Jun 93 05:30:19 PDT To: cypherpunks@toad.com Subject: Re: Remailer at rebma.mn.org Message-ID: <9306281231.AA19866@pmantis.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain > * Reply to msg originally in CYPHERPUNKS > > Uu> My apologies to anyone who has tried to use the anonymous remailer at > Uu> rebma.mn.org in the past several weeks. > > Uu> I imagine that people who weren't successful were > Uu> experimenters who chalked up the failure to something they'd done > Uu> wrong. > > I did, indeed! > > Uu> It's working again, now. > > Uu> Here's the PGP key. > > > Does this remailer _require_ an encrypted header, or will it take the > | > | :: > | Request-Remailing-To: > | > plaintext command? From dmandl@lehman.com: It is indeed working OK now. Encryption is not required. Good to see this remailer back up, especially because it introduces a long delay, making traffic analysis more difficult. FYI, sending a message to myself (in NYC) through this remailer, it took about 15 hours for it to come back. This is either very good or very bad depending on your purposes. Bad for urgent messages, good for more...er...sensitive applications. --Dave. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@alumni.cco.caltech.edu Date: Mon, 28 Jun 93 05:46:57 PDT To: cypherpunks@toad.com Subject: Re: Remailer ping test Message-ID: <9306281245.AA14406@alumni.cco.caltech.edu> MIME-Version: 1.0 Content-Type: text/plain > I did not hear back from the following remailers. Perhaps their operators > could check on them, or notify Karl if they are no longer operating. > > 1: hh@pmantis.berkeley.edu > 2: hh@cicada.berkeley.edu > 6: remail@tamaix.tamu.edu > 7: ebrandt@jarthur.claremont.edu > 9: remailer@rebma.mn.org > 14: 00x@uclink.berkeley.edu > > Hal > hfinney@shell.portal.com From: dmandl@lehman.com This is distressing. I just used some of these (1, 2, and 9, which has just been brought back up) with no problems. Have any of these remailers been going up and down? I've found service to be a bit unpredictable in the past. It's a pain to have to test remailers first before each use, and I can't ping from my site, which makes things even more inconvenient. Has anyone else experienced intermittent problems with these reamailers? Is there any reason why they should work from some sites and not others? --Dave. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eli Brandt Date: Mon, 28 Jun 93 08:16:53 PDT To: cypherpunks@toad.com Subject: Re: Remailer ping test In-Reply-To: <9306271929.AA17347@toad.com> Message-ID: <9306281516.AA13805@toad.com> MIME-Version: 1.0 Content-Type: text/plain > 7: ebrandt@jarthur.claremont.edu Something came through here at "Sun Jun 27 08:44:41 PDT 1993", which is close to the stamps on the other messages you sent. Perhaps it didn't make it back to you? If you want to try it again with full logging, tell me and I can turn it on. Incidentally, there have been a couple of messages to the list with the stigmata of my remailer, but the address "eli-remailer@toad.com". Is the list software doing anything that could account for this? > Hal Eli ebrandt@jarthur.claremont.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pat@tstc.edu (Patrick E. Hykkonen) Date: Mon, 28 Jun 93 06:39:17 PDT To: hkhenson@cup.portal.com Subject: Re: triggerfish In-Reply-To: <9306251518.1.29858@cup.portal.com> Message-ID: <9306281338.AA27091@tstc.edu> MIME-Version: 1.0 Content-Type: text/plain > > It would be child's play for the NSA to accomplish this from > >orbit.....hmmmmm I wonder what they call it? > > On the other hand, with enough directionality . . . . nah, the > antenna would be a monster. Actually, no it wouldn't. A yagi antenna at 800 Mhz is not very large at all. A 16 element at that frequency would probably be less than 5 feet long. Beans for a satellite to carry into orbit today. Of course the problem then is the beam will provide a fairly wide "spot" on the surface of the Earth that will still cover several cell sites. Although come to think of it, narrowed to area to adjacent sites you'll not have to contend with hearing two sites on the same frequency due to coordination. -- Pat Hykkonen, N5NPL Texas State Technical College at Waco Internet: {pat,postmaster,root}@tstc.edu Instructional Network Services Packet: N5NPL@WD5KAL.#CENTX.TX.USA.NA 3801 Campus Dr. Waco, Tx 76705 V:(817) 867-4830 F:(817) 799-2843 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Mon, 28 Jun 93 09:10:48 PDT To: cypherpunks@toad.com Subject: 1st Amendment vs. ITAR: bibliography Message-ID: <9306281610.AA15456@toad.com> MIME-Version: 1.0 Content-Type: text/plain We sent this off to the State Dept. today. law office of Lee Tien 1452 Curtis Street Berkeley, California 94702 _______________ tien@well.sf.ca.us voice: (510) 525-0817 fax: (510) 525-3015 June 28, 1993 Clyde Bryant Foreign Affairs Officer Compliance Division Bureau of Politico-Military Affairs Office of Defense Trade Controls U.S. Department of State PM/ODTC SA-6 Rm. 200 Washington, DC 20522 Dear Mr. Bryant: Mr. Dan Cook told my client, Mr. John Gilmore, that you and the Compliance Division of the Office of Defense Trade Controls are presently reviewing aspects of the International Traffic in Arms Regulations (ITAR) with respect to First Amendment questions. My client volunteered to send some law review articles in order that all relevant materials be available to you in this review. I am pleased to provide you with some materials which you may find useful in your review. They address First Amendment and other constitutional issues raised by the Arms Export Control Act, the ITAR, and the Export Administration Act. We believe that information about cryptography, including research papers, discussion of cryptographic algorithms, and implementations in source-code form, is protected speech within the meaning of the First Amendment. We also believe that the export controls of the ITAR violate the First Amendment because they infringe the rights of cryptographers to speak and publish freely. The licensing procedure amounts to prior restraint. The laws and regulations are vague and overbroad. I have enclosed the following materials: 1. Ferguson, Scientific Inquiry and the First Amendment, 64 CORNELL L.REV. 639 (1979) 2. Note, National Security Controls on the Dissemination of Privately Generated Scientific Information, 30 U.C.L.A. L. REV. 405 (1982) 3. Cheh, Government Control of Private Ideas -- Striking a Balance Between Scientific Freedom and National Security, 23 JURIMETRICS J. 1 (1982) 4. Greenstein, National Security Controls on Scientific Information, 23 JURIMETRICS J. 50 (1982) 5. Alexander, Preserving High-Tech Secrets: National Security Controls on University Research and Teaching, 15 LAW & POL'Y IN INT'L BUS. 173 (1983) 6. Wilson, National Security Control of Technological Information, 25 JURIMETRICS J. 109 (1985) 7. John Harmon, Assistant Attorney General, Office of Legal Counsel, Department of Justice, Memorandum to Dr. Frank Press, Science Advisor to the President, Re: Constitutionality Under the First Amendment of ITAR Restrictions on Public Cryptography (May 11, 1978). This memorandum was reprinted in The Government's Classification of Private Ideas: Hearings before a Subcomm. of the House Comm. on Government Operations, 96th Cong., 2d Sess., 268-84 (1980). These hearing transcripts were accompanied by a House Report. House Comm. on Gov't Operations, The Government's Classification of Private Ideas, H.R. REP. NO. 1540, 96TH CONG., 2D SESS. (1980). We strongly recommend that you read both the hearing transcripts and the summary report. We hope that these materials will assist you in formulating a constitutional export control policy for scientific research in general and for cryptography in particular. Please do not hesitate to contact me if you wish to engage in further exchanges. Sincerely, Lee Tien Attorney at Law On behalf of Mr. John Gilmore cc: Mr. Daniel Cook Mr. John Gilmore From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl Barrus Date: Mon, 28 Jun 93 08:08:24 PDT To: cypherpunks@toad.com Subject: REMAIL: problems Message-ID: <199306281508.AA26337@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain There must be some correlation between my weekend trips and other events. Last time I went out of town was "Cliper weekend" :-) I've tested the remailers with unencrypted requests, and have received these replies (within seconds, I might add): soda.berkeley.edu cicada.berkeley.edu pmantis.berkeley.edu bsu-cs.bsu.edu alumni.caltech.edu rosebud.ee.uh.edu mead.u.washington.edu shell.portal.com tamsun.tamu.edu tamaix.tamu.edu <-- note, 'Return-Path: remail@tamaix.tamu.edu' 'From: remail@tamsun.tamu.edu' just in case you see the from line and think tamaix isn't working So I'll wait for the others (rebma, extropia, utter, uclink, jarthur) and then try them all with encrypted requests. A while ago I had a script test all the remailers once a week - I wasn't able to have a cron entry, but I used the 'at' command to schedule the mailing of prepared messages and itself every week. Maybe I'll start that up again since it would help isolate problems if a remailer doesn't respond, especially if twice in a row. /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: peter honeyman Date: Mon, 28 Jun 93 09:06:06 PDT To: cypherpunks@toad.com Subject: Geer Zolot White Paper: Clipper Initiative Message-ID: <9306281606.AA15299@toad.com> MIME-Version: 1.0 Content-Type: text/plain ------- Forwarded Message Geer Zolot White Paper: Clipper Initiative On April 16, 1993, the U.S. Government issued a "Public Encryption Management" directive, requesting that communications vendors install into their products chips that implement a secret algorithm with controversial key-escrow facilities. These chips (called "Clipper" and "Capstone") stem from work by the NSA (National Security Agency) and its contractors; they implement the SKIPJACK algorithm, which is classified SECRET and is therefore not available for public review. For more information on the initiative, consult the National Institute of Standards and Technology (NIST) Computer Security BBS at 301.948.5717 or via Internet ftp to csrc.ncsl.nist.gov in the /pub/nistnews directory. The Government states that one motivation for this initiative is to allow authorized wiretapping of encrypted communications by escrowing the keys corresponding to individual components. A pair of "entities" (choices not announced) will have responsibility for keeping keys secure and releasing them only to government officials who have received legal authorization to perform a wiretap. The Government recommends use of the chips instead of already existing cryptographic algorithms, such as the secret-key DES algorithm (a Federal Information Processing Standard and the basis of Kerberos and other network security tools) and the public-key RSA algorithm. Since DES and RSA have been subject to public scrutiny, experts have tested and confirmed their strength, which has led to their adoption within internationally-agreed networking standards; since SKIPJACK is secret and can never receive this scrutiny, it is unlikely that it will ever have such acceptance. Further, DES and RSA can run in both hardware and software, which satisfies performance and system integration requirements; the Government has limited Clipper/Capstone to hardware, which restricts the range of systems that may use it. For now, the Government is recommending that equipment vendors use the chips on a voluntary basis; however, some observers regard the initiative as an attempt to establish a precedent that could later lead to governmental restrictions on the availability and use of open cryptographic systems. This could limit innovation in cryptographic technology. Further, user organizations could lose control over protecting and managing the keys on which their security depends. This summer, the Government plans inter-agency discussions of future policies in this area; observers have noted that policy development should also reflect private sector interests. Concerns about personal privacy raise additional controversy. Significant debate on these topics is likely in upcoming months. Geer Zolot Associates believes that availability of open and exportable cryptography serves our clients' interests. Because of this, we are concerned about the implications of the "Public Encryption Management" initiative, and of its possible chilling effect on development, availability, and use of cryptographic technology. The initiative raises many issues, including: o If the Government mandates enclosing cryptography in hardware modules, this will surely delay the vital process of enhancing the security of today's distributed computing base--it could even prevent some systems from being secured at all. We want to avoid the prospect of our clients being forced to choose between systems that satisfy their operational needs and other systems containing Government-provided hardware encryption components. o Introducing a requirement for procurement, integration, and use of special-purpose components (which manufacturers must separately handle and program on a per-unit basis) will increase the cost of security integration. o If flaws in the hardware-implemented Clipper/Capstone cryptographic algorithms ever come to light, users of the chips will have been subjected to a data compromise from which no clear recovery path exists. o It appears that gaining access to a Clipper/Capstone chip's escrowed keys, through whatever means (authorized or unauthorized), may reveal the contents of all its encrypted traffic (past, present, and future). Effectively, this is analogous to binding an unchangeable password into hardware, an undesirable characteristic. o It appears unlikely that international telecommunications users and providers will reach uniform agreement on an encryption technology whose algorithms are known only to the US Government. As a result, the initiative may force companies engaging in international commerce to use and support different encryption systems, depending on the parties involved in the communication. Such a course of action will lead to increased costs in hardware, software, user training, and systems management. We invite and encourage you to consider the Government initiative, including its impact on your organizations and distributed system security plans, and that you submit comments to your representatives. If your business plans rely on open cryptographic systems, based on publicly documented algorithms and available in hardware or software form, we encourage you to make this clear to your representatives. If you wish to share any of your comments or observations with us, we would welcome them. Further, we are happy to serve as an organizer for assembling and coordinating such information. Please indicate whether we may identify your organization (specifically or generically) as the information's source. John Linn & Dan Geer ------- End of Forwarded Message this is forwarded to the cypherpunks mailing list with dan geer's permission. peter From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Mon, 28 Jun 93 09:37:48 PDT To: peter honeyman Subject: Re: Geer Zolot White Paper: Clipper Initiative In-Reply-To: <9306281606.AA15299@toad.com> Message-ID: <9306281637.AA05896@dun-dun-noodles.aktis.com> MIME-Version: 1.0 Content-Type: text/plain FYI, several long-time cypherpunks are employees of Geer Zolot, and were involved in writing the White Paper. I hope you all like it :-) Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Derek Atkins Date: Mon, 28 Jun 93 16:03:06 PDT To: cypherpunks@toad.com Subject: My Thesis Presentation... CHARON... Message-ID: <9306282257.AA06812@toxicwaste.MEDIA.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain You are invited to attend my Thesis Presentation, entitled "Charon: Kerberos Extensions For Authentication Over Secondary Networks" Date: Wednesday, June 30, 1993 Time: 12:30 - 2pm Place: MIT Room E40-382 (1 Amherst, Cambridge) You can pick up a PostScript copy of my Thesis either on Athena: attach warlord; cd /mit/warlord/Thesis/Thesis; more thesis.ps or via anonymous ftp to toxicwaste.mit.edu:/pub/charon/thesis.ps.Z Hope to see you there. Please forward this as you see fit. -derek Abstract In this thesis, I describe extensions to the Kerberos Authentication System to enable a secure method of Authentication over multiple networks. Kerberos was designed with a fully-connected IP network in mind, however when you add dialup capabilities to the picture, Kerberos doesn't expand to secure the whole connection. Charon was created to tackle this problem. It was developed to provide a way to securely authenticate to a login server over a modem connection, without allowing a passive attacker to gain enough information to impersonate the user. This means that a user can log into a Kerberized host without typing his password in clear-text over the phone. In addition, no modifications to the login server's base operating system need to be made in order to accomplish this. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: zane@genesis.mcs.com (Sameer) Date: Mon, 28 Jun 93 18:04:25 PDT To: Karl Barrus Subject: Re: REMAIL: problems In-Reply-To: <199306281508.AA26337@Menudo.UH.EDU> Message-ID: MIME-Version: 1.0 Content-Type: text/plain I've been thinking a little bit about the problems with unreliable remailers. Supposing that we can never rely on the reliability of all the remailers in a given path (because of not just bugs in the software, but political hassles) it would be good to figure out a mechanism by which a problem can be noticed. For example: supposing that I made the following mail path :: Request-Remailing-To: hh@soda.berkeley.edu :: Request-Remailing-To: remail@tamsun.tamu.edu :: Request-Remailing-To: hfinney@shell.portal.com :: Request-Remailing-To: cypherpunks@toad.com Suppose that remail@tamsun.tamu.edu wasn't working. Maybe it would be possible for the remailer to notice that the next address in the hop is a remailer, and check to see whether the next remailer is working or not. (Send a ping-message.. This would slow things down greatly, yes.) Then if the remailer isn't working, something can be done. (Maybe figure out some way of telling the originator [through encrypted return-paths] that a certain remailer isn't working) This idea (obviously) isn't fully thought out. There are some glaring problems with the system in that it would end up destroying a good deal of the anonymity in the system. It might be possible, however, to modify this idea to make it workable. It is definitely likely, in my mind, that remailers will continue to be unreliable as long as net-anonymity is a controversial topic. -- | Sameer Parekh-zane@genesis.MCS.COM-PFA related mail to pfa@genesis.MCS.COM | | Apprentice Philosopher, Writer, Physicist, Healer, Programmer, Lover, more | | "Symbiosis is Good" - Me_"Specialization is for Insects" - R. A. Heinlein_/ \_______________________/ \______________________________________________/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Joe Thomas Date: Mon, 28 Jun 93 18:36:31 PDT To: Sameer Subject: Re: REMAIL: problems In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Mon, 28 Jun 1993, Sameer wrote: > I've been thinking a little bit about the problems with unreliable > remailers. > > Supposing that we can never rely on the reliability of all the > remailers in a given path (because of not just bugs in the software, but > political hassles) it would be good to figure out a mechanism by which > a problem can be noticed. I've thought about this as well. I don't think it's right to _ever_ keep return path information in a cypherpunk remailer, even for error reporting. Far better to just drop the message on the floor than provide a loophole to the anonymity of the system. That said, I think there are possible solutions to the problem of vanishing remailers. Let's say there is a method to quickly and easily verify the continuing existance (or lack thereof) of a remailer. When a remailer receives a request to send a message to another remailer, it can quickly check to see if that remailer is in operation. The question is what to do with the information if it turns out the remailer is really down. If the message is unencrypted, a smart remailer could simply skip the missing remailer or send the message on to a substitute remailer, which would then pass the message down the chain. But if the message is encrypted with each remailer's key, it is undeliverable without that remailer to decrypt it. My idea is for remailers to share their private keys using a secret-sharing protocol. When a remailer goes down, all the other remailers that hold pieces of its key would choose a replacement remailer and send it the key pieces. From then on, all mail for the missing remailer would be routed instead to its replacement remailer, which would decrypt and process it as usual. It would be quite a pain to implement, but would make large remailer nets a lot more reliable if it's done right. Joe From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@newsgate.cs.pdx.edu (/Dev/Null) Date: Mon, 28 Jun 93 23:02:59 PDT To: cypherpunks@toad.com Subject: End to End encryption for PC AND UNIX Message-ID: <9306290605.AA12126@newsgate.cs.pdx.edu> MIME-Version: 1.0 Content-Type: text/plain Does anyone out there know if there is a program that will encrypt everything going over the phone line between a IBM MSDOS computer and a unix system? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Nickey MacDonald Date: Mon, 28 Jun 93 22:31:09 PDT To: cypherpunks list Subject: Re: REMAIL: problems In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Mon, 28 Jun 1993, Sameer wrote: > I've been thinking a little bit about the problems with unreliable > remailers. I had another suggestion that might be helpful for people that are chaining through many remailers, but it would require an addition or two to existing remailers. I'm not sure how to make clear what I mean, but lets start with a proposed sample message: :: Request-Remailing-To-Remailer: hh@soda.berkeley.edu :: Request-Remailing-To-Remailer: remail@tamsun.tamu.edu :: Request-Remailing-To-Remailer: hfinney@shell.portal.com :: Request-Remailing-To: cypherpunks@toad.com {Message body goes here} I'm sure you caught the change... You identify for the remailer when the next hop is supposed to be a remailer. Just by itself, this is of no extra help, but hopefully of little extra bother because the old style would still work. Now how do we make it more reliable? If the remailer knows that the message is going to another remailer, it can expect a 'reply' from that remailer once the message has been processed (forwarded), say within 48 hours. Give each message a serial number and the remailer a memory... If the message is not acknowledged within the timeout period, it skips a hop and goes to the next remailer (or the destination). This could also be expanded to let each remailer tell other remailers about itself... it could maintain a database of known remailers. The problem with this approach is that the remailer must store messages locally for up 48 hours (well more if all of the hops were down)... I can't see (as Sameer alluded to) a way to have reliability (which sort of implies, especially with the above approach, storage) and secrecy (which implies quick and dirty 'less safe' message handling). I have source code for serializing things (file access is what it was designed form but I have found lots of neat uses for it). It really quite simple code, and not completely portable (well it uses flock(), not all versions of un*x support flock()...) I wrote the serializer to make sure that my mail alias did not allow more than one copy of my email processing script to run at once (thus creating very nasty log file collisions!). Comments? -- Nick MacDonald | NMD on IRC i6t4@jupiter.sun.csd.unb.ca | PGP 2.1 Public key available via finger i6t4@unb.ca | (506) 457-1931 ^{1024/746EBB 1993/02/23} From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jthomas@kolanut.mitre.org (Joe Thomas) Date: Tue, 29 Jun 93 05:26:56 PDT To: cypherpunks@toad.com Subject: Re: REMAIL: problems Message-ID: <9306291227.AA00990@kolanut> MIME-Version: 1.0 Content-Type: text/plain > > I've been thinking a little bit about the problems with unreliable > > remailers. > > I had another suggestion that might be helpful for people that are > chaining through many remailers, but it would require an addition or two > to existing remailers. . . . > If the remailer knows that the message is going to another remailer, it > can expect a 'reply' from that remailer once the message has been > processed (forwarded), say within 48 hours. Give each message a serial > number and the remailer a memory... If the message is not acknowledged > within the timeout period, it skips a hop and goes to the next remailer > (or the destination). This is a serious misfeature. An essential goal of remailer design is that they be stateless. A message is forwarded, then immediately forgotten. Any historical information about messages that have gone through is a potential weakness. Message serial numbers are a perfect audit trail. > The problem with this approach is that the remailer must store messages > locally for up 48 hours (well more if all of the hops were down)... I > can't see (as Sameer alluded to) a way to have reliability (which sort of > implies, especially with the above approach, storage) and secrecy (which > implies quick and dirty 'less safe' message handling). Consider cryptographic secret-sharing protocols. If we have 20 remailers, each remailer could split his key into 20 pieces, 15 of which would be necessary to reconstruct the key. When a remailer goes down, the key could be reconstructed and given to a substitute remailer. The system can survive the loss of 5 remailers, and would require a collaboration of 15, or 3/4 of the remailer operators to intentionally break the security. Joe (working on my .sig; I don't speak for MITRE) -- Joe Thomas Say no to the Wiretap Chip! PGP key available by request, finger, or pgp-public-keys@toxicwaste.mit.edu PGP key fingerprint: 1E E1 B8 6E 49 67 C4 19 8B F1 E4 9D F0 6D 68 4B From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Timothy Newsham Date: Tue, 29 Jun 93 12:11:07 PDT To: nobody@newsgate.cs.pdx.edu (/Dev/Null) Subject: Re: End to End encryption for PC AND UNIX In-Reply-To: <9306290605.AA12126@newsgate.cs.pdx.edu> Message-ID: <9306291911.AA01818@toad.com> MIME-Version: 1.0 Content-Type: text/plain > > Does anyone out there know if there is a program that will encrypt everything going over the phone line between a IBM MSDOS computer and a unix system? > I wrote such a program, but no MSDOS port exists. I have a Unix end that runs a shell while doing encrpytion and decryption, and an Amiga end that is built on top of a P.D. term program. Someone volunteered to do a DOS port at one point but I havent heard anything from them. I'm thinking of putting in a little time and putting together something simple just so something exists and people can see how it was done (if they care to make something with more bells and whistles). The code is on soda in one of the cypherpunks directories under the name of link1.0.tar.Z, Ami-link1.0-src.lha and Ami-link1.0.lha ... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Timothy Newsham Date: Tue, 29 Jun 93 13:07:07 PDT To: pmetzger@lehman.com Subject: Re: End to End encryption for PC AND UNIX In-Reply-To: <9306291920.AA02902@snark.shearson.com> Message-ID: <9306292007.AA03286@toad.com> MIME-Version: 1.0 Content-Type: text/plain > > > > > > > > I wrote such a program, but no MSDOS port exists. I have a Unix end > > that runs a shell while doing encrpytion and decryption, and an > > Amiga end that is built on top of a P.D. term program. > > Someone volunteered to do a DOS port at one point but I havent > > heard anything from them. I'm thinking of putting in a little > > time and putting together something simple just so something exists > > and people can see how it was done (if they care to make something > > with more bells and whistles). > > The code is on soda in one of the cypherpunks directories under > > the name of link1.0.tar.Z, Ami-link1.0-src.lha and Ami-link1.0.lha > > I wnat to build a unix-unix version of this -- are the sources to both > ends in the tar file? I don't have lha... > > .pm > Yes, the .tar.Z file should have everything you want. Most of the work is already done for you. The program comes as a server (link) but there is also a test client (connect) that I wrote to test out the protocol. If you edit the makefile and include the defines DEBUG and SOCKET link and connect will be built to use a socket as I/O and will talk to each other. If you wish to use it over a serial line you can take the connect client and modify it to use a serial device instead of the socket. ... From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Bernard.A.Galler@um.cc.umich.edu Date: Tue, 29 Jun 93 08:36:11 -0600 To: interesting_people@um.cc.umich.edu Subject: Digital Signature Scandal Message-ID: <24039642@um.cc.umich.edu> MIME-Version: 1.0 Content-Type: text/plain - ------- Forwarded message Received: from eff.org by um.cc.umich.edu via MTS-Net; Mon, 28 Jun 93 19:01:51 EDT Received: by eff.org id AA18269 (5.65c/IDA-1.5/ident for interesting-people-exploder); Mon, 28 Jun 1993 19:01:33 -0400 Posted-Date: Mon, 28 Jun 1993 18:59:37 -0500 Message-Id: <9306282259.AA06949@linc.cis.upenn.edu> X-Sender: farber@linc.cis.upenn.edu Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Date: Mon, 28 Jun 1993 18:59:37 -0500 From: farber@central.cis.upenn.edu (David Farber) Subject: Digital Signature Scandal To: interesting-people@eff.org (interesting-people mailing list) [The following is an official announcement from the League for Programming Freedom. Please redistribute this as widely as possible.] Digital Signature Scandal Digital signature is a technique whereby one person (call her J. R. Gensym) can produce a specially encrypted number which anyone can verify could only have been produced by her. (Typically a particular signature number encodes additional information such as a date and time or a legal document being signed.) Anyone can decrypt the number because that can be done with information that is published; but producing such a number uses a "key" (a password) that J. R. Gensym does not tell to anyone else. Several years ago, Congress directed the NIST (National Institute of Standards and Technology, formerly the National Bureau of Standards) to choose a single digital signature algorithm as a standard for the US. In 1992, two algorithms were under consideration. One had been developed by NIST with advice from the NSA (National Security Agency), which engages in electronic spying and decoding. There was widespread suspicion that this algorithm had been designed to facilitate some sort of trickery. The fact that NIST had applied for a patent on this algorithm engendered additional suspicion; despite their assurances that this would not be used to interfere with use of the technique, people could imagine no harmless motive for patenting it. The other algorithm was proposed by a company called PKP, Inc., which not coincidentally has patents covering its use. This alternative had a disadvantage that was not just speculation: if this algorithm were adopted as the standard, everyone using the standard would have to pay PKP. (The same patents cover the broader field of public key cryptography, a technique whose use in the US has been mostly inhibited for a decade by PKP's assiduous enforcement of these patents. The patents were licensed exclusively to PKP by the Massachusetts Institute of Technology and Stanford University, and derive from taxpayer-funded research.) PKP, Inc. made much of the suspect nature of the NIST algorithm and portrayed itself as warning the public about this. On June 8, NIST published a new plan which combines the worst of both worlds: to adopt the suspect NIST algorithm, and give PKP, Inc. an *exclusive* license to the patent for it. This plan places digital signature use under the control of PKP through the year 2010. By agreeing to this arrangement, PKP, Inc. shows that its concern to protect the public from possible trickery was a sham. Its real desire was, as one might have guessed, to own an official national standard. Meanwhile, NIST has justified past suspicion about its patent application by proposing to give that patent (in effect) to a private entity. Instead of making a gift to PKP, Inc., of the work all of us have paid for, NIST and Congress ought to protect our access to it--by pursuing all possible means, judicial and legislative, to invalidate or annull the PKP patents. If that fails, even taking them by eminent domain is better (and cheaper in the long run!) than the current plan. You can write to NIST to object to this giveaway. Write to: Michael R. Rubin Active Chief Counsel for Technology Room A-1111, Administration Building, National Institute of Standards and Technology Gaithersburg, Maryland 20899 (301) 975-2803. The deadline for arrival of letters is around August 4. Please send a copy of your letter to: League for Programming Freedom 1 Kendall Square #143 P.O.Box 9171 Cambridge, Massachusetts 02139 (The League for Programming Freedom is an organization which defends the freedom to write software, and opposes monopolies such as patented algorithms and copyrighted languages. It advocates returning to the former legal system under which if you write the program, you are free to use it. Please write to the League if you want more information.) Sending copies to the League will enable us to show them to elected officials if that is useful. This text was transcribed from a fax and may have transcription errors. We believe the text to be correct but some of the numbers may be incorrect or incomplete. - --------------------------------------------------------------------- ** The following notice was published in the Federal Register, Vol. 58, No. 108, dated June 8, 1993 under Notices ** National Institute of Standards and Technology Notice of Proposal for Grant of Exclusive Patent License This is to notify the public that the National Institute of Standards and Technology (NIST) intends to grant an exclusive world-wide license to Public Key Partners of Sunnyvale, California to practice the Invention embodied in U.S. Patent Application No. 07/738.431 and entitled "Digital Signature Algorithm." A PCT application has been filed. The rights in the invention have been assigned to the United States of America. The prospective license is a cross-license which would resolve a patent dispute with Public Key Partners and includes the right to sublicense. Notice of availability of this invention for licensing was waived because it was determined that expeditious granting of such license will best serve the interest of the Federal Government and the public. Public Key Partners has provided NIST with the materials contained in Appendix A as part of their proposal to NIST. Inquiries, comments, and other materials relating to the prospec- tive license shall be submitted to Michael R. Rubin, Active Chief Counsel for Technology, Room A-1111, Administration Building, National Institute of Standards and Technology, Gaithersburg, Maryland 20899. His telephone number is (301) 975-2803. Applica- tions for a license filed in response to this notice will be treated as objections to the grant of the prospective license. Only written comments and/or applications for a license which are received by NIST within sixty (60) days for the publication of this notice will be considered. The prospective license will be granted unless, within sixty (60) days of this notice, NIST receives written evidence and argument which established that the grant of the license would not be consistent with the requirements of 35 U.S.C. 209 and 37 CFR 404.7. Dated: June 2, 1993. Raymond G. Kammer Acting Director, National Institute Standards and Technology. Appendix "A" The National Institute for Standards and Technology ("NIST") has announced its intention to grant Public Key Partners ("PKP") sublicensing rights to NIST's pending patent application on the Digital Signature Algorithm ("DSA"). Subject to NIST's grant of this license, PKP is pleased to declare its support for the proposed Federal Information Processing Standard for Digital Signatures (the "DSS") and the pending availability of licenses to practice the DSA. In addition to the DSA, licenses to practice digital signatures will be offered by PKP under the following patents: Cryptographic Apparatus and Method ("Diffie-Hellman") No. 4,200,770 Public Key Cryptographic Apparatus and Method ("Hellman-Merkle") No. 4,315,552 Exponential Cryptographic Apparatus and Method ("Hellman-Pohlig") No. 4,434,414 Method For Identifying Subscribers And For Generating And Verifying Electronic Signatures In A Data Exchange System ("Schnorr") No. 4,995,082 It is PKP's intent to make practice of the DSA royalty free for personal, noncommercial and U.S. Federal, state and local government use. As explained below, only those parties who enjoy commercial benefit from making or selling products, or certifying digital signatures, will be required to pay royalties to practice the DSA. PKP will also grant a license to practice key management, at no additional fee, for the integrated circuits which will implement both the DSA and the anticipated Federal Information Processing Standard for the "key escrow" system announced by President Clinton on April 16, 1993. Having stated these intentions, PKP now takes this opportunity to publish its guidelines for granting uniform licenses to all parties having a commercial interest in practicing this technology: First, no party will be denied a license for any reason other that the following: (i) Failure to meet its payment obligations, (ii) Outstanding claims of infringement, or (iii) Previous termination due to material breach. Second, licenses will be granted for any embodiment sold by the licensee or made for its use, whether for final products software, or components such as integrated circuits and boards, and regard- less of the licensee's channel of distribution. Provided the requisite royalties have been paid by the seller on the enabling component(s), no further royalties will be owned by the buyer for making or selling the final product which incorporates such components. Third, the practice of digital signatures in accordance with the DSS may be licensed separately from any other technical art covered by PKP's patents. Fourth, PKP's royalty rates for the right to make or sell products, subject to uniform minimum fees, will be no more than 2 1/2% for hardware products and 5% for software, with the royalty rate further declining to 1% on any portion of the product price exceeding $1,000. These royalty rates apply only to noninfringing parties and will be uniform without regard to whether the licensed product creates digital signatures, verifies digital signatures or performs both. Fifth, for the next three (3) years, all commercial services which certify a signature's authenticity for a fee may be operated royalty free. Thereafter, all providers of such commercial certification services shall pay a royalty to PKP of $1.00 per certificate for each year the certificate is valid. Sixth, provided the foregoing royalties are paid on such products or services, all other practice of the DSA shall be royalty free. Seventh, PKP invites all of its existing licensees, at their option, to exchange their current licenses for the standard license offered for DSA. Finally, PKP will mediate the concerns of any party regarding the availability of PKP's licenses for the DSA with designated representatives of NIST and PKP. For copies of PKP's license terms, contact Michael R. Rubin, Acting Chief Counsel for Technolo- gy, NIST, or Public Key Partners. Dated: June 2, 1993. Robert B. Fougner, Esq., Director of Licensing, Public Key Partners, 310 North Mary Avenue, Sunnyvale, CA 94033 [FR Doc. 93-13473 Filed 8-7-93; 8:45 am] - --------------------------------------------------------------------- Forwarded by: - -- Jim Gillogly Trewesday, 21 Forelithe S.R. 1993, 20:56 ------- End of Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: morpheus@entropy.linet.org (morpheus) Date: Tue, 29 Jun 93 22:13:42 PDT To: cypherpunks@toad.com Subject: Re: REMAIL: problems In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: text/plain In article Joe Thomas writes: > [...] Let's say there is a method to quickly and easily >verify the continuing existance (or lack thereof) of a remailer. When a >remailer receives a request to send a message to another remailer, it can >quickly check to see if that remailer is in operation. [...] But how would this be done? The first way that comes to my mind is spooling the message in a queue of some sort, sending a "ping" message to the next remailer in the chain, and waiting x minutes for a response. If a response does arrive within x minutes, that remailer is considered alive. But what is the value of x? It can't be too short - the remailer might be on a slow link. For example, I have a remailer running on my machine, which is connected via uucp. The turnaround time of a "ping" message would vary from about 35 minutes to upwards of 13 hours (I don't connect at all from 0855 to 2205 EDT). But the longer the delay, the slower the whole chain runs. If one popular remailer goes down, all messages routed to it would be delayed at least x minutes, which is better than the bit bucket - but with x being, say, 1440 (one day) the delay would not be trival. There also might be security issues with the spooling of the messages. I just wrote a couple extra perl programs for the remailer that do part of the above. I'll try to put them on soda, called "morpheus-remailer-hack" or something similiar. They add another header (called "Request-Safe-Remailing-To for now - please send better suggestions!) that acts just like R-R-To: but spools the message and sends out a email ping, then waits to send the actual message until it gets the "ok" message back. It's slow and ugly, but it seems to work (it works with itself, anyway ;-) There's probably lots of locally-dependant stuff in it (like the MESSAGE_ID and VISIBLE_NAME enviroment variables, etc) that will need to be fixed. The big problem with it at this point is that it's useless - there isn't any code to deal with the "no response" condition. A simple script ran from the crontab could check timestamps in the spool area and do something if they were more than x minutes old - but _WHAT_ should it do? Maybe a better idea would be to add a Recipt-Requested header instead of doing the email ping, which would have the receiving remailer send back an "ok", but continue with delivery.. Then the sending remailer could delete the spooled message, otherwise if it didn't get an ok it would try again at another site. Better or worse? -- morpheus@entropy.linet.org Non serviam! Support your local police for a more efficient police state. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Gerald Dejong Date: Wed, 30 Jun 93 08:15:38 PDT To: cypherpunks@toad.com Subject: cryptomoney Message-ID: <60.230400.104.0C17CC55@canrem.com> MIME-Version: 1.0 Content-Type: text/plain hello folks! i brought up a question about cryptomoney, and i was sent this from a fellow called John Nieder. JN>"Digital money" is a favorite subject of the whiz kids on the usenet JN>"Cypherpunks" request. If you have access to a FIDO/UUCP gate, send a JN>request for this mailing to cypherpunks@toad.com to receive it via JN>netmail. is there something you can send me? )gdj( --- þ DeLuxeý 1.21 #11557 þ testosterone: my drug of choice From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: smb@research.att.com Date: Tue, 29 Jun 93 12:33:09 PDT To: cypherpunks@toad.com Subject: Clipper vs. Russia Message-ID: <9306291933.AA02464@toad.com> MIME-Version: 1.0 Content-Type: text/plain According to an AP wire story, Article 23 of the draft Russian constitution says that ``Each person has the right to secret correspondence, telephone conversations, mail, telegraph and other communications.'' Shucks -- there goes another export market for Clipper... Oh yeah -- the AP explains the clause by referring to the ways that Soviet authorities used to spy on people. --Steve Bellovin From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: anonymous@extropia.wimsey.com (Anonymous) Date: Tue, 29 Jun 93 15:33:09 PDT To: cypherpunks@toad.com Subject: REMAIL: Howto Post Anon to (almost?) any Newsgroup Message-ID: <199306292206.AA23446@xtropia> MIME-Version: 1.0 Content-Type: text/plain This subject came up here a few months ago. I can report that I was able to post to the rec.video.cable-tv newsgroup anonymously through the wimsey remailer plus group-name@cs.utexas.edu. Send the following to Remailer all PGP encrypted with key pub 1024/B5A32F 1992/12/13 Remailer To: group-name@cs.utexas.edu Subject: Text to appear in anonymous post to newsgroup "group-name" "Group-name" is the name of the newsgroup with dashes "-" substituted for periods ".". Where the name already contains a dash, just leave it alone. So, for example, rec.video.cable-tv becomes rec-video-cable-tv. Note that with the wimsey remailer, anything not encrypted is discarded, so no need to worry about your automatic sig. Here is how the anonymous post appears: [Newsgroup rec.video.cable-tv] Post: 614 of 619 From: anonymous@extropia.wimsey.com (Anonymous) Newsgroups: rec.video.cable-tv Subject: TCI San Jose Free(?) Extended Basic Date: 26 Jun 1993 05:50:28 -0500 Organization: UTexas Mail-to-News Gateway Lines: 34 NNTP-Posting-Host: cs.utexas.edu Here in San Jose, CA, TCI recently cut the price of "basic" cable in half, but made a corresponding increase in the fee for "extended" ... So the conclusion is, cancel extended basic immediately. At worst you're losing a vastly overpriced service; at best, you're losing nothing at all, and saving $15/month!! [end of post - no trailer] This apparently works to any newsgroup, which function Julf got in trouble for providing. Use and enjoy! We'll see what happens to UTexas or Wimsey. There is also apparently a new Julf-like forwarder that just appeared. To get more info, send a message to: anonymus+info@charcoal.com. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Tue, 29 Jun 93 13:02:38 PDT To: smb@research.att.com Subject: Re: Clipper vs. Russia In-Reply-To: <9306291933.AA02464@toad.com> Message-ID: <9306292002.AA06961@dun-dun-noodles.aktis.com> MIME-Version: 1.0 Content-Type: text/plain >> According to an AP wire story, Article 23 of the draft Russian >> constitution says that ``Each person has the right to secret >> correspondence, telephone conversations, mail, telegraph and other >> communications.'' That's not really too meaningful. Our Constitution provides for protection against unlawful search and seizure (comments on the reality of this to alt.flame, please :-). Does the draft Russian constitution forbid *all* tapping of mail, phones, etc? I doubt it. So that basically gives them the same protection we (nominally) have, and our government seems quite happy with Key Escrow. Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: zane@genesis.mcs.com (Sameer) Date: Tue, 29 Jun 93 17:52:19 PDT To: jthomas@kolanut.mitre.org (Joe Thomas) Subject: Re: REMAIL: problems In-Reply-To: <9306291227.AA00990@kolanut> Message-ID: MIME-Version: 1.0 Content-Type: text/plain In message <9306291227.AA00990@kolanut>, Joe Thomas writes: > > Consider cryptographic secret-sharing protocols. If we have 20 remailers, > each remailer could split his key into 20 pieces, 15 of which would be > necessary to reconstruct the key. When a remailer goes down, the key could > be reconstructed and given to a substitute remailer. The system can survive > the loss of 5 remailers, and would require a collaboration of 15, or 3/4 of > the remailer operators to intentionally break the security. > > Joe This secret sharing *does* look very appealling. How would the substitute remailer be chosen? Very difficult to build, however, as it would require a great deal of similarity between remailer software. How can a key be split into 20 pieces while only requiring [any?] 15 to work? Redundancy? It would be a good idea to have two sorts of keys for each remailer, maybe. One key for normal usage and another key for communication between remailers, key-part distribution, etc. -- | Sameer Parekh-zane@genesis.MCS.COM-PFA related mail to pfa@genesis.MCS.COM | | Apprentice Philosopher, Writer, Physicist, Healer, Programmer, Lover, more | | "Symbiosis is Good" - Me_"Specialization is for Insects" - R. A. Heinlein_/ \_______________________/ \______________________________________________/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: M..Stirner@f28.n125.z1.FIDONET.ORG (M. Stirner) Date: Tue, 29 Jun 93 21:01:10 PDT To: cypherpunks@toad.com Subject: Charcoal remailer Message-ID: <778.2C310523@shelter.FIDONET.ORG> MIME-Version: 1.0 Content-Type: text/plain Has anyone here had any experience with the "charcoal remailer," a Penet-ish looking system that I saw in another newgroup footer? The footer says to contact "anonymus+info@charcoal.com" for information, but this isn't a good address. The misspelling of anonymous is suggestive, but that's how it read... ___ Blue Wave/QWK v2.12 -- M. Stirner - via FidoNet node 1:125/1 UUCP: ...!uunet!kumr!shelter!28!M..Stirner INTERNET: M..Stirner@f28.n125.z1.FIDONET.ORG From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: khijol!erc@apple.com (Ed Carp) Date: Tue, 29 Jun 93 20:37:07 PDT To: fergp@sytex.com (Paul Ferguson) Subject: Re: PC Week Clipper article In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: text > On the other hand, Clipper chip supporters such as Dorothy > Denning, chairman of the Computer Science Dept. at Georgetown > University in Washington and a noted expert in the field of > cryptography, say the key-escrow system is more than adequate to > protect legitimate American interests. Dorothy Denning is a fucking idiot. Oh, 'scuse me ... is this a family-oriented list? ;) -- Ed Carp erc@apple.com, erc@saturn.upl.com 510/659-9560 For anonymous mailers --> anonymus+5300@charcoal.com "I've met many thinkers and many cats, but the wisdom of cats is infinitely superior." -- Hippolyte Taine (1828-1893) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: khijol!erc@apple.com (Ed Carp) Date: Tue, 29 Jun 93 21:17:36 PDT To: M..Stirner@f28.n125.z1.FIDONET.ORG (M. Stirner) Subject: Re: Charcoal remailer In-Reply-To: <778.2C310523@shelter.FIDONET.ORG> Message-ID: MIME-Version: 1.0 Content-Type: text > Has anyone here had any experience with the "charcoal remailer," a > Penet-ish looking system that I saw in another newgroup footer? > > The footer says to contact "anonymus+info@charcoal.com" for information, > but this isn't a good address. The misspelling of anonymous is > suggestive, but that's how it read... Yes. It works. Some mailers, it seems, don't like "+" in the address...:( -- Ed Carp erc@apple.com, erc@saturn.upl.com 510/659-9560 For anonymous mailers --> anonymus+5300@charcoal.com "I've met many thinkers and many cats, but the wisdom of cats is infinitely superior." -- Hippolyte Taine (1828-1893) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Tue, 29 Jun 93 19:43:14 PDT To: cypherpunks@toad.com Subject: PC Week Clipper article Message-ID: MIME-Version: 1.0 Content-Type: text/plain I just got back from the first day of PC Expo at Javits Center here in New Yawk. (God, how I love these shows. Trinkets, trinkets and more trinkets.) To make a long story short, I picked up a copy (and renewed my subscription) of the latest PC Week. The following article shows (at least) that the Clipper/Capstone debate has not subsided, but rather, is just becoming public knowledge thanks to coverage in trade publications and popular press. This particular article is included amongst several others in a "Special Report" section in the June 28 issue of PC Week relating to Privacy in the Workplace, "Privacy issue comes of age in the networked world." Other articles in this issue include "Encryption, monitoring and E-mail spur the privacy debate," "Some companies spell it right out: We will be watching you," "Privacy Act would force firms to inform their employees about E-mail monitoring, "Electronic monitoring raises legal and societal questions, "Encryption technology is on the rise in the private sector," "UPS toes the line with its package-tracking technologies" and two side-bar articles entitled " Cellular phones: Some like'em and some don't" and "From A too Z: Privacy policies run the gamut." Cheers from Times Square, Manhattan. 8<------- Article follows --------------- PC Week Special Report "Workplace Privacy" "News Analysis" PC Week June 28, 1993 pages 207, 211 Crypto policy and business privacy The White House wants businesses to protect data but leave doors open to law-enforcement agencies by Winn Schwartau Following the Clinton administration's April 16 endorsement of the Clipper chip, law-enforcement and privacy advocates are staking out positions that will likely test the bounds of the Constitution. The Clipper chip, manufactured by Mykotronx Inc., of Torrance, Calif., and officially designated the MYK-78, contains a sophisticated encryption algorithm that protects a company's communications by scrambling the data. Announced as a joint technical effort between the NSA (National Security Agency) and NIST (National Institute for Standards and Technology), the chip is supposed to balance the needs of law enforcement with businesses' need for data privacy. The Clinton administration is encouraging American businesses to adopt Clipper to ensure their own privacy, yet still permit "lawful government electronic surveillance," according to a statement released by the White House. Third-party products that contain the Clipper chip are expected to be announced by fall. The keys to decrypting Clipper communications will be held by two independent parties, such as the Federal Reserve Board and a private company. Attorney General Janet Reno had expected to announce the holders of the keys in early May, but has delayed the announcement until midsummer, according to a spokesman at the Attorney General's office. The Clipper endeavor stems from Bush-era intelligence-agency attempts at adding legislative riders to congressional bills that would have forced telecommunications and networking companies to build in back doors for encrypted transmissions. The EFF (Electronic Frontier Foundation) and CPSR (Computer Professionals for Social Responsibility), citizen groups based in Washington, are generally credited with having such riders removed from the bills. Deep concern drives the anti-Clipper privacy advocates, many of whom focus on the integrity of the encryption key-escrow agents who will ultimately hold the keys to the U.S. digital kingdom if the proposed program is successful. Said Kevin Murray, president of Murray & Assoc., a security-consulting firm in Clinton, N.J., "I don't like Clipper at all. If you're going to offer privacy, then offer it. I've seen too many cases where secrets easily leaked out." Few, if any, businesses appear willing to sign on with the government's plan. Spearheaded by the EFF and the ACLU (American Civil Liberties Union), 31 companies sent a letter last month to the White House and Congress stating "... We believe that there are fundamental privacy and other constitutional rights that must be taken into account when any domestic surveillance is proposed." Among the companies signing the letter were AT&T, Apple Computer Inc., Digital Equipment Corp., IBM, Hewlett-Packard Co., Lotus Development Corp., MCI Communications Corp., Microsoft Corp., RSA Data Security Inc. and Sun Microsystems Inc. One area of concern among the companies is that the government intends to keep all technical information about the Clipper encryption algorithm secret. Conventional cryptological wisdom says that only after wide-spread public analysis and comment can an encryption technique be trusted. CPSR last month filed a lawsuit against the National Security Council seeking information about the Clipper chip. "The Clipper plan was developed behind a veil of secrecy," said Marc Rotenberg, director of CPSR's Washington office. "We need to know why the standard was developed, what alternatives were considered and what the impact will be on privacy. "As the proposal currently stands, Clipper looks a lot like desktop surveillance," Rotenberg said. Said Mitch Kapor, founder of Lotus and chairman of the EFF, "An [encryption] system based upon classified, secret technology will not and should not gain the confidence of the American public." On the other hand, Clipper chip supporters such as Dorothy Denning, chairman of the Computer Science Dept. at Georgetown University in Washington and a noted expert in the field of cryptography, say the key-escrow system is more than adequate to protect legitimate American interests. Padgett Peterson, information-security specialist at defense contractor Martin Marietta Corp., in Orlando, Fla., said, "I believe Clipper's going to work. The government has more to lose than we do." The Justice Department has already placed large orders with AT&T for telephones fitted with Clipper encryption chips. Said Peterson,"Soon enough, everyone will be using Clipper: doctors, lawyers and CPAs." However, the chip's use in other governmental agencies is not assured. Neither the Federal Reserve Board nor the Department of the Treasury has indicated that they will adopt Clipper. Many business executives believe the government's encouragement of voluntary adoption is only the first step in a plan drawn by the intelligence community years ago that will eventually mandate Clipper encryption for private businesses and outlaw all other forms of encryption. The ACLU, EFF, CPSR and other watchdog groups aim to ensure that the government never goes that far. American businesses that adopt Clipper encryption in their networks and communications systems will have to accept some far-reaching assumptions, according to its skeptics: - that the Clipper algorithm is robust enough to secure their corporate information assets domestically and internationally. The international security community already believes American data to be less secure than it should be and worries about leaving doors open to the United States; - that the government does not have its own back door to read encrypted communications; - that the key-escrow agents, once named, can be trusted; - that the key-escrow repository, a vault that contains the Clipper chip serial numbers and encrypting and decrypting keys, will be secure enough to withstand a dedicated attack. The Attorney General's office also plans to announce this summer what form the repository will take -- electronic or otherwise -- and how it will be secured; - that by its very use, the company is not unintentionally giving up its right to privacy or other constitutional rights; and - that purchasing machines that include the hardware-based Clipper chip is better than using currently available and field-tested software encryption techniques such as DES and RSA. The response to Clipper has been negative despite pleas from the administration that "while [other forms of] encryption technology can help Americans protect business secrets and the unauthorized release of personal information, [they] also can be used by terrorists, drug dealers and other criminals." Martin Marietta's Peterson still believes Clipper is "good enough" for business, but he is in the minority. The majority opinion holds that Clipper may be what the government wants, but it shouldn't even think about making any laws mandating its use. ------ Winn Schwartau is the executive director of INTERPACT, a Seminole, Fla., consultancy, publisher of the Security Insider Report and author of "Terminal Compromise" and "Information Warfare: How To Wage It, How To Win It." Paul Ferguson | "Confidence is the feeling you get Network Integrator | just before you fully understand Centreville, Virginia USA | the problem." fergp@sytex.com | - Murphy's 7th Law of Computing Quis Custodiet Ipsos Custodes? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Tue, 29 Jun 93 20:04:01 PDT To: cypherpunks@toad.com Subject: BYTE Clipper article (newsbite) Message-ID: MIME-Version: 1.0 Content-Type: text/plain Okay, here's another one. This time its Peter Wayner in the pages of BYTE magazine (volume 18, number 8, July 1993). 8<------ Article follows ------------- BYTE Magazine July 1993 page 36 News & Views; Data Security Clipped Wings? Encryption Chip Draws Fire Part of the Clinton administration's vision for a digital America is a fast encryption chip to help companies and individuals protect their secrets from prying eyes as voice and data messages are sent over communications wires. The catch is that this encryption chip includes a backdoor that will let law-enforcement agencies listen in. The White House believes that the hardware will protect all Americans' right to privacy while also protecting them from those who break the law. The chip is named Clipper (because Intergraph in Huntsville, Alabama, manufactures a processor with the same name, the Clipper moniker will likely be changed). It is a 12 Mbps encryption coprocessor designed by Mykotronx (Torrance, CA) and manufactured by VLSI (San Jose, CA). The chip is built in a tamper-resistant package to prevent reverse-engineering efforts to reveal the classified algorithm used inside. Along with privacy concerns that the government could abuse its ability to tap digital wires, another impediment to widespread acceptance of Clipper will be its cost. Ben Stolz, a member of the technical staff at Sun Microsystems (Mountain View, CA), says, "Our rule of thumb is that a part that costs n dollars adds 3n to 4n dollars to the final price [of a computer]." Raymond Kammer, acting director of the National Institute of Standards and Technology (Gaithersburg, MD), recently told a U.S. congressional committee that he hopes the Mykotronx chips will eventually cost $26 each if purchased in large quantities. That means a potential $75 to $100 addition to the price of each computer that uses the chip. Critics of the Clipper chip note that less expensive chips that provide DES encryption have not received widespread acceptance because software encryption, although usually slower than hardware, is less expensive. Jim Bidzos, president of RSA Data Securities (Redwood City, CA), says, "This is just another arrow aimed at preventing people from using RSA." RSA's cryptographic routines will be included in new releases of system software written by Apple and Novell and are already used in Lotus Notes. The government will undoubtedly provide a large market for the Clipper chip initially. President Clinton has already directed the U.S. Attorney General Janet Reno to purchase several thousand units for use in computers and secure phones. The impact of the chip on the rest of the world, though, will be governed by economics. Paul Ferguson | "Confidence is the feeling you get Network Integrator | just before you fully understand Centreville, Virginia USA | the problem." fergp@sytex.com | - Murphy's 7th Law of Computing Quis Custodiet Ipsos Custodes? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ""L. Detweiler"" Date: Tue, 29 Jun 93 21:19:01 PDT To: cypherpunks@toad.com Subject: LPF statement on PKP-DSS patent Message-ID: <9306300418.AA25017@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain I especially like the part where they concisely summarize it all as `the worst of both worlds'... ------- Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@mead.u.washington.edu Date: Tue, 29 Jun 93 22:20:46 PDT To: cypherpunks@toad.com Subject: Remailer Test Message-ID: <9306300520.AA49995@mead.u.washington.edu> MIME-Version: 1.0 Content-Type: text/plain This is a remailer test. Please forgive the waste of time/space. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: TO1SITTLER@APSICC.APS.EDU (Kragen Sittler) Date: Tue, 29 Jun 93 22:26:55 PDT To: cypherpunks@toad.com Subject: mailers not liking + in the address Message-ID: <930629231409.3244@APSICC.APS.EDU> MIME-Version: 1.0 Content-Type: text/plain There is, of course, a way around this if you have telnet... telnet to port 25 on charcoal.com, or to somewhere else if you can't reach there, and enter your message as per RFC-821, SMTP. Directions for the lazy: once you get an acknowledgement from the remote computer, type helo apsicc.aps.edu (or whatever your computer is called) It should greet you or hang up. So if it didn't hang up, type mail from: DON'T FORGET THE ANGLE BRACKETS! Then, type rcpt to: if you connected to charcoal directly, or rcpt to: <@somecomputer.com:anonymus+info@charcoal.com> where somecomputer.com is where you are connected to. (It is possible this is wrong and @somecomputer.com either: a) is not necessary or b) should appear in the mail from: line. Try it.) Then, type data and type in the From:, To: Subject:, Date:, Message-ID:, and so on fields. Send yourself a message to find out how it should look. Make the Message-ID something that will not be replicated by the computer you are on. Follow this with a blank line, and type the body of your message. Double any periods appearing alone on lines. End your message with a period alone on a line. Then type quit to close the connection. (BTW: this provides a certain amount of anonymity without need for a remailer, but it is then possible to detect which computer you are mailing from. I sent the anonymous message about people not doing something if you make it hard enough by this method, as a demo, but I kind of botched it. The message arrived, but it did not look right.) Kragen, SMTP wizard (NOT!) hee hee From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: smb@research.att.com Date: Tue, 29 Jun 93 20:20:52 PDT To: zane@genesis.mcs.com (Sameer) Subject: Re: REMAIL: problems Message-ID: <9306300320.AA15034@toad.com> MIME-Version: 1.0 Content-Type: text/plain How can a key be split into 20 pieces while only requiring [any ?] 15 to work? Redundancy? There are a fair number of such schemes. The best overview is in Gus Simmons' own chapter in ``Contemporary Cryptology: The Science of Information Integrity'', edited by Simmons and published last year by IEEE Press. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ""L. Detweiler"" Date: Wed, 30 Jun 93 00:14:52 PDT To: cypherpunks@toad.com Subject: remailer ideas & proposals Message-ID: <9306300657.AA26896@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain The remailer details have always been one of the most persistent, relevant, and interesting aspects of this group. I'm really pleased to see e.g. Hal Finney's attempts to automate a testing process, and others' interests in methods of increasing reliability and security. Unfortunately, it seems to me the same problems keep popping up unresolved. Here are a few brief ideas. 1. `dropping' messages Here is an idea: if a remailer drops a message or forwards it successfully it could broadcast a message to a group such as misc.test. There are all kinds of problems with autoresponders replying to these kinds of messages but I think anyone who has the audacity to run an autoresponder despite no clear mandate to do so is asking for trouble anyway. Regarding traffic analysis, see below. Also, Miron Cuperman was running an anonymous pool mailing list, last I heard email pool0-request@extropria.wimsey.com with `subscribe' in the subject line to get on it. Is this still running? Is anybody playing with this? What are people doing with this anyway? Now, for some *really* radical ideas. If cypherpunk remailers were truly impervious to traffic analysis then we wouldn't *care* if detailed statistics on mail messages were broadcast to the world, because correlations would be intractable to determine so it wouldn't matter. So, I propose that remailers actually start posting to a list somewhere *all* internal traffic. This will create an excellent incentive for them to implement traffic-analysis-thwarting (TAT?) mechanisms. Of course, the mechanisms should be implemented before they start broadcasting this information! The broadcasting of this information is like built-in accountability. If people see trends they can notify operators of their weaknesses. It actually *encourages* the development of traffic analysis and thereby improved safeguards. Also, it helps us paint an excellent *overall* picture of remailer use and increase their exposure to the `unwashed masses'. BTW, I would like to see a list that keeps track of the professed `logging' practices and historical reliability of the various remailers. 2. Embedded messages I've been thinking about the whole idea of message transmission in SMTP, and it strikes me as very sloppy. We have this system where intermediate hosts can tack on junk at the beginning and ending of messages (such as `Received' lines, overflow headers, etc.) without violating any standards. I think this should change--an explicit standard handling this modification should be in place and anyone that doesn't adhere to it can be blamed for `violating the standard' and maybe even cleaning up their act. Here is one such proposed standard. I'd like to see what everyone thinks. I proposed something similar a long time ago. Here is the idea: when a message is submitted to a host, the host is responsible for maintaining a very precise map of what the message appeared as when it went `in', and what was added in the process, `out'. Here is one such way to make this explicit: Have a `x-message-format' line. The way this header works is that it represents the structure of the message in lines. Each new remailer, when it adds *anything* *anywhere* in the message is also responsible for correctly updating the x-message-format line, under the following standard. The line contains text tags, followed by a colon, followed by a number of lines representing that field in the message. Also, the use of paranthesis makes the idea of `embedding' explicit. Each level of paranthesis represents a `wrapper'. A mailer may add any number of new fields anywhere in a message and then `wrap' the whole thing in parenthesis. Fields are separated by spaces. The fields collectively name all lines in the message in sequential order. For example, the first mailer might create a root x-message-format-line like: x-message-format: (headers:4 body:10 signature:3) Then passing through one intermediate remailers, we might get a `recieved' status line added, at the *beginning*: x-message-format: (recd:1 (headers:4 body:10 signature:3)) And some goofy Fidonet gateway may find it necessary to stick something on the end: x-message-format: ((headers:4 body:10 signature:3) fidofooter:4) Of course, under the standard it would make sense to have categories of the tag specifications, so for example any tag that represents a header would have something in its text like `header' so it could be identified. We might even have text fields inside the embedded message routing structure that identify the names, errors-to emails address, etc. of the intermediate hosts. The point is that with all this the recipient has a transparently clear picture of what constitutes the original message and what was added as intermediate fluff, which currently SMTP is frighteningly and embarrassingly lax in identifying. The idea of the *original message* vs. *intermediate fluff* is absolutely critical and we deserve sophisticated protocols that preserve the distinction. (Gad, it's amazing what remailers do to messages. They will mess with lines that contain only hyphens or '>' quote any line that begins `From'. I find all this highly atrocious.) So, what does anyone think? The problems I can see are in the proliferation of tags. Maybe a central authority needed to regulate them to be sensible and unique (a registry). Also, is it the case that some headers can get too large? The solution I have for this is to break up the x-message-format line into multiple lines: x-message-format1: x-message-format2: where successive lines actually represent one level of nested parenthesis. Note: I don't know if the inherent `sloppiness' in SMTP will ever be successfully evaded given its widespread entrenchment. However, I believe protocols superior to it in that regard are inevitable in their adoption. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Sandy <72114.1712@CompuServe.COM> Date: Tue, 29 Jun 93 22:11:03 PDT To: Subject: SEARCH ME Message-ID: <930630050650_72114.1712_FHF19-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT Reply to: ssandfort@attmail.com . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Cypherpunks, Duncan Frissell's experience with the "drain police" reminded me of a similar experience I had some years ago. I found out that the "building police" in Kansas City would be inspecting homes in my neighborhood looking for "code violations." I had put in some electrical plugs without benefit of an electrician. Also, I was still in law school, so naturally I felt like raising some (legal) hell with the Powers That Be. When the inspector showed up, I said "no thank you" when he asked if he could inspect my house. If I had poll-axed him, he couldn't have looked more surprised. Apparently, nobody had *ever* said "no." After he recovered, he asked me why not. I mentioned the Fourth Amendment and the -See- and -Camara- decisions in the Supreme Court. He never came back. I won't go into the embarrassing story of the one time I did cooperate with the police. Suffice it to say, I regretted it. Both events, however, have made it clear to me that it is almost always stupid to cooperate with the cops. To be truthful, I strongly considered leaving out the word *almost* in the previous sentence. I'm afraid some of you will outsmart yourself by thinking you can control a law enforcement situation with "clever" cooperation. Dream on. If you aren't a lawyer, it is very likely you will fuck yourself. But shouldn't you cooperate for the little things, especially when you know you are clean? No, no, no, for two reasons. First, I are you sure you are clean in the officials eyes? The one time I cooperated, the fact that I had 3-4 $100 bills on my dresser made it into the cops report (though he did add, "no other signs of drug dealing"). Are you *sure* you're clean? Second, it's great practice. You have a right to require a valid warrant. These guys (nominally) work for you. Enjoy yourself; make them jump through some hoops for you. Rights are like muscles, if you don't exercise them, they atrophy. Use it, or loose it! S a n d y >>>>>> Please send e-mail to: ssandfort@attmail.com <<<<<< ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ""L. Detweiler"" Date: Wed, 30 Jun 93 00:21:59 PDT To: cypherpunks@toad.com Subject: Kleinpaste's Charcoal anonymous server Message-ID: <9306300721.AA27192@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain One person asked about the Charcoal remailer. I try to stay on top of this area of anonymity servers and have corresponded with the owner Karl Kleinpaste extensively in the past. First, I would like to encourage *everyone* who wants to create and run an anonymous server, which is time-consuming, thankless, and even painful at times, and don't want any of my comments to be construed otherwise. I think something disparaging could probably be said about any remailer operator. However, I also think that remailer policies vary and that we should keep track of the practices and reputed integrity of operators as much as possible. Under that vein I'll just make a few *candid* comments to cypherpunks on Mr. Kleinpaste. Please *do not* forward these notes anywhere. Kleinpaste started his server early this year mostly in response to alt.personals, with the death of another server, I believe. In a *very* scorching-hot incident, an estranged boyfriend posted nude pictures of his old girlfriend to alt.binaries.pictures or some other newsgroup. It is not clear to me that he used an anonymous server to do so--I believe he did not based on some testimony of others. Anyway, this caused a huge eruption as these things inevitably do, and legal action was in motion against the person in his hometown. The guy apparently *later* used Kleinpaste's anonymous server to send mail to another anonymous person who he thought worked with the girlfriend's mother. I guess there was some extortion or `threats' in the letters. Anyway, Kleinpaste gave all the persons mail to the `authorities' (despite marginal relevance to the original picture-posting) and got very emotional and wrapped up in the whole case. In fact, he acted, in my view, very paternalistic in the way a father would protect his daughter. (At one point he made the comment that the young girl had moved to a new town and `was making new friends' -- something that sounds like something one's parent's would say, eh?) BTW--the estranged boyfriend was never prosecuted apparently due to gray legal areas and prosecution cost. Kleinpaste also revealed how a person was suicidal and was posting through his server. It's not clear to me what he did but I think he said he tried to contact the person's home institution. Here is where the ethical quandaries of anonymous servers are rather intense! What should an operator do if a person, who is using the system in *trust* of their anonymity, is suicidal? Is about to commit a crime? Involved in a conspiracy? Well, I'm not advocating anything, but the stance of `unhindered carrier' is certainly the least problematic from the operator point of view. Anyway, through all this it seemed to be clear to me that Kleinpaste may be regularly reading some of the mail that is going through his server, and in any case probably keeping fairly thorough logs. Look at his policies! Essentially they are: if you don't post anything offensive, I'm behind you. If you do, I will restrict your access temporarily, permantently, or even expose you. Kleinpaste soured very seriously on the whole idea of the anonymous server and killed it. Then in the big flame wars J. Palmer started up his server and Kleinpaste appeared to want some attention that Julf & others were getting. I found it highly incongruous in the least and hypocritical at worst given some of his statements on `bastards who abuse the service' that he restarted his own -- he's one of the most strong-mouthed people on that subject. Anyway, charcoal.com seems to have been humming along for a few months now and Kleinpaste does not appear to be ready to shut it down anytime soon. It posts to a limited number of groups. He tells me that he has refused requests to `out' a particular individual in alt.personals by another prominent individual. So, I'd say that if you have his endorsement for your use of anonymity, it's a safe server. But if you're on morally gray areas in your use, by *his* definitions, then Caveat Emptor. p.s. one reference on all this is rtfm.mit.edu:/pub/usenet/news.answers/net-anonymity. I would document further these really volatile incidents (esp. the `nude picture posting') but don't have enough eye-witness accounts to do so (in particular, not my own). From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: skyhawk@cpac.washington.edu Date: Wed, 30 Jun 93 01:31:25 PDT To: cypherpunks@toad.com Subject: Re: remailer ideas & proposals Message-ID: <9306300830.AA18466@bailey.cpac.washington.edu> MIME-Version: 1.0 Content-Type: text/plain > From: ""L. Detweiler"" > Subject: remailer ideas & proposals > > Now, for some *really* radical ideas. If cypherpunk remailers were > truly impervious to traffic analysis then we wouldn't *care* if > detailed statistics on mail messages were broadcast to the world, > because correlations would be intractable to determine so it wouldn't matter. > So, I propose that remailers actually start posting to a list somewhere > *all* internal traffic. [...] That's a big if. I think the idea is interesting, but would *very* much like to see this tested first on a set of "play" remailers, which are advertised as being for research only, don't trust them to actually work, etc. > 2. Embedded messages > > I've been thinking about the whole idea of message transmission in > SMTP, and it strikes me as very sloppy. [...] > Here is the idea: when a message is submitted to a host, the host is > responsible for maintaining a very precise map of what the message > appeared as when it went `in', and what was added in the process, > `out'. [...] > Note: I don't know if the inherent `sloppiness' in SMTP will ever be > successfully evaded given its widespread entrenchment. However, I > believe protocols superior to it in that regard are inevitable in their > adoption. MIME, in particular, solves this problem, along with many others. Three cheers for Metamail! Specifically, you can have several seperate messages within your RFC822 message, arranged hierarchially. You could have your public key, your cute .sig, your message, your signature for the message, contact information for you, a JPEG image (of your cat, say), and a sound ("meow") all in the same mail message. There is even faint hope that it would be portable. -- Scott Northrop (206)784-2083 ObVirus: The demand for obedience is inherently evil. ObVirus2: As a juror in a Trial by Jury, you have the right, power and duty to acquit the defendant if you judge the law itself to be unjust. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ""L. Detweiler"" Date: Wed, 30 Jun 93 00:31:48 PDT To: cypherpunks@toad.com Subject: PGP speech coding on SoundBlaster Message-ID: <9306300731.AA27352@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain This person is very serious about developing a scrambler based on PGP and Soundblaster, topics that get banged around here alot (``...with great sound and fury, told by an idiot, signifying nothing.'') There is room for suggestions on approaches or (more importantly) volunteers in coding. He does not subscribe to the list because of volume. ------- Forwarded Message From: dorsey@lila.com (Bill Dorsey) Subject: PGP Mailing List Date: Tue, 29 Jun 1993 02:12:54 -0700 (PDT) - --- BEGIN SUMMARY --- Voice-PGP is a software package that will allow PC owners to have secure communications over insecure phone lines. It will require only that the users possess a modem capable of 9600 baud or greater and own a SoundBlaster compatible sound card. Later versions may support other sound cards. As the project stands now, I have developed a large number of speech coders of varying complexity based on coders discussed in the literature from the early 70's to the present. Although the sound quality is generally poor among the simple coders at these bit rates, they do allow computers not blessed with fast CPUs to make use of the software. The more complex coders produce sound quality equal to or better than local two-way radio communications and operate on contemporary (486 and fast 386-based) PCs. In addition to the coders, I have developed a simple user-interface and an expandable packet-based communications protocol. What remains to be done includes writing driver modules for the modem (I'll assume they are Hayes compatible) and SoundBlaster card in addition to coding up a set of functions to implement the communications protocol and hooks for encryption. Finally, I'll need to integrate all of the above together and test it out. Initial code development is being done on a Sun Sparcstation and a 486-based PC running Linux. As my DOS experience is severely limited, it is my hope that someone will come forward and volunteer to port the software to DOS. Since the code is being written with portability in mind, this should require little more than re-writing the driver modules. - --- END SUMMARY --- I hope this isn't too long. Feel free to edit/condense as you feel is appropriate. - -- Bill Dorsey "Give me your tired, your poor, I'll piss on 'em dorsey@lila.com That's what the Statue of Bigotry says." PGP 2.x public -- Lou Reed key on request ------- End of Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Timothy L. Nali" Date: Tue, 29 Jun 93 23:29:19 PDT To: cypherpunks@toad.com Subject: Wired tidbit about NSA Message-ID: MIME-Version: 1.0 Content-Type: text/plain Here's a little something about the NSA from the latest issue of Wired: pg 25, in the middle type Clipper Purposely Clipped? Sources cloas to those in the know on Captial Hill claim that NSA deliberately sabatoged the poorly considered Clipper encryption chip (rolled out to the Net.public's dismay by the White House early this spring). The NSA, our sources say, would like nothing more than to see the the Clipper chip fail, resulting in the outlawing of encryption altogether ("Gee, we tried..."). The Electronic Frontier Foundation's response to the Clipper plan, which has been in the works for four years and was formulated by the NSA: "We should not rely on the government as the sole source for Clipper or any other chip. Rather, independent chip manufacturers should be able to produce chip sets based on open standards." ----------------------------------------------------------------- While I wouldn't take this as absolute truth yet, it is certainly food for thought. --Phelix /----- P h e l i x ' s P s y c h o t i c P h i l o s o p h i e s -----\ ***************************************************************************** Perfect Paranoia is Perfect Awareness \---------------------------------------------------------------------------/ _____________________________________________________________________________ Tim Nali \ "We are the music makers, and we are the dreamers of tn0s@andrew.cmu.edu \ the dreams" -Willy Wonka and the Chocolate Factory From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: James Still Date: Wed, 30 Jun 93 07:02:23 PDT To: 'Cypherpunks List' Subject: RE: PGP and offline-readers Message-ID: <2C31A670@kailua.colorado.edu> MIME-Version: 1.0 Content-Type: text/plain >> I am getting involved in networking some local BBS' and >> message bases. I'm beta testing a privacy-oriented BBS right now that I just finished programming, called CryptoBBS and what better place to introduce/ask questions on it than among the cypherpunks! It is geared towards the hobbyist sysop with an old XT clone or something lying around as it is a mere 80K (for the floppy-sysops!) There is no logon prompt asking for name, birthdate, SSAN, and who knows what else, it goes directly onto the board. Callers wishing to post messages, are asked for an alias name to fill in the FROM: block, but real names or call-back verifiers are not supported. My hope is to offer sysop's a choice, between *choosing* to preserve privacy, rather than the current practice of obtaining personal information because the questionnaire's are preprogrammed that way. The unique feature about CryptoBBS is it's "Post Office." The P.O. allows callers to set up a p.o. box from which they can up/download any file (pgp encrypted files for instance) to any other user on the board without the sysop's approval/knowledge. It encourages and nurtures an anonymous "mail drop" community while protecting the caller's privacy. The question is, should I throw away the virtues of a lean 'n mean app at 80K by adding a dolphin or pgp to it that automatically encrypts the message base, uploaded messages, etc? Should we give the BBS caller a little credit and assume he knows to encrypt at his own machine before uploading the text? Or is the temptation to make everyone *lick and seal their message envelopes* too invasive? I know the issue of encouraging pgp use by making it as painless as possible on the end-user is nothing new around here, but as far as I know no one has ever discussed whether or not BBS's should handle the job for the caller. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Kent Hastings" Date: Wed, 30 Jun 93 09:24:29 PDT To: cypherpunks@toad.com Subject: WARLOCK 4.0 Info Message-ID: <199306301621.AA23444@aerospace.aero.org> MIME-Version: 1.0 Content-Type: x-text WARLOCK 4.0 Info The enclosed file is the documentation for WARLOCK 4.0, "A New Matrix-based Paradigm for Public Key Cryptography." The source code and executeable MS-DOS program are included in the shareware version, but my internet gateway complains "permission denied" if I try to send out the ZIP file. Hmm. The text file is about 43k and the ZIP is only 78k. Oh well. This is the first I've heard of WARLOCK. "NIST DSS and RSA systems suffice for authentication but are too slow for ordinary encryption/decryption functions forcing users to employ more complicated hybrid systems resulting in 'double exposure'." "WARNING: The WARLOCK cryptosystem provided herein is a copy- righted system protected by patents (awarded and pending) and is provided solely for private personal use and evaluation only, etc ..." For more info, contact WARLOCK@ACM.org. Kent - kent_hastings@qmail2.aero.org. <<<<<< Attached TEXT file follows >>>>>> .OJ OFF .UL ON WARLOCK - A New Matrix-based Paradigm for Public Key Cryptography (C) 1993 by William J. Wilson and C. Larry Craig 1. INTRODUCTION The following narrative briefly reviews the functionality of contemporary private key and public key (PK) cryptosystems in meeting current and future private sector security needs. To assist in meeting these needs, the WARLOCK paradigm for achieving matrix-based PK cryptosystems is presented and explained. Sys- tems based on this paradigm are designed as alternatives to RSA and RSA-hybrid systems by making available single, high-speed, full bandwidth systems capable of the basic cryptographic func- tions of encryption, decryption, and source authentication (digital signature). The WARLOCK paradigm is outlined in the following paragraphs with actual examples of system keys and step-by-step encryption, decryption, and authentications transformations effected by those keys. User evaluations, comments and suggestions are solicited on the WARLOCK paradigm as well as the particular WARLOCK 4.0 PC imple- mentation (available in C++ source code from file WARLOCK.CPP and in MS DOS executable code as WARLOCK.EXE). Please direct such input to WARLOCK@ACM.org or Datasec Systems, PO Box 4152, Hunts- ville AL 35815-4152, or by calling Wilson at (205) 881-8002. User suggestions and improvements will be incorporated, as appro- priate, and improved versions (as well as other implementations of the WARLOCK paradigm) will made available to interested users in the future. ***************************************************************** WARNING: The WARLOCK cryptosystem provided herein is a copy- righted system protected by patents (awarded and pending) and is provided solely for private personal use and evaluation only. Modifications to (or copies of) WARLOCK source or executable programs must retain the warning and proprietary legend displayed on the first user screen. The use of WARLOCK cryptosystems for private-sector commercial or public-sector governmental purposes is strictly prohibited with- out proper licensing arrangements. Licensing information can be obtained from the above-noted sources. ***************************************************************** 2. BACKGROUND Today's telecommunications and information system designers contemplating cryptographic technology are confronted with a relatively limited set of choices and capabilities (e.g. DES, RSA, proposed NIST DSS (Digital Signature Standard), etc.) which, even when combined in hybrid systems, are inadequate in our opinion to the complex security and authentication needs of the burgeoning information age and the even more daunting require- ments of the emerging digital multimedia revolution. For exam- ple, the NIST DSS and RSA systems suffice for authentication but are too slow for ordinary encryption/decryption functions forcing users to employ more complicated hybrid systems resulting in "double exposure". Hybrid systems typically use the DES standard which has been widely assailed for its all-too-short key length (56 bits). Nor has the proposed NIST standard met with a warm reception either since it presently provides only a time-consum- ing signature capability. In terms of variety, flexibility, speed, and selectable and provable levels of security, we feel that contemporary cryptosystems fall short of efficiently meeting the wide range of known and predicted private sector application security needs, e.g. encrypted digital voice and video, digital satellite communication, ISDN, wireless LAN's, source authentica- tion, IFF (Interrogate Friend or Foe) protocols, smart cards, and a host of other emerging applications. To meet these needs, the authors over the past several years have developed and tested scores of high-speed matrix-based PK crypto- systems beginning with a patented private-key version of the Hill cipher and culminating in the development of the WARLOCK family of PK cryptosystems. Our goal throughout has been the attainment of a single, full-bandwidth PK cryptosystem paradigm (with digi- tal signature) of sufficient simplicity, speed, and selectable levels of security for meeting current and expected cryptographic needs of the private sector. 3. THE HILL PARADIGM In 1929 Lester H. Hill proposed a unique, matrix-based, block ciphering system (1.) unlike any ever proposed before. Although manifestly linear and later shown to be susceptible of chosen plaintext attack, Hill's system represented a quantum leap in the art of cryptography providing for the first time a true block ciphering capability with strengths substantially beyond those of the polyalphabetic systems of his day. If fact, if computing (but not creating) the inverse of a matrix were as difficult as computing its permanent, Hill would have invented in a single stroke the first provably secure public key cryptosystem complete with digital signature. Notwithstanding, Hill's method, employ- ing standard matrix transformations, established a new direction whose full cryptographic potential in our opinion is still unrealized and one capable of nullifying in large measure the standard tools of conventional cryptanalysis. Apart from the issue of cryptographic strength, Hill succeeded in inventing the first two-key cryptosystem and it remained only for Hellman and Diffie to establish a rigorous mathematical paradigm (2.) for one-way, two-key public key cryptosystems and for Rivest et al. to provide the first viable example of such a system (3.). In a later development, McEliece developed a matrix-based public key system (4.) based on Goppa error correction codes. Although inefficient in terms of bandwidth and initially lacking digital signature, his system demonstrated that workable matrix-based PK systems were indeed possible. In spite of the fact that the McEliece system was recently cryptanalyzed (5.), it nevertheless represented a significant step in the evolution of matrix-based cryptosystems. Still later, Rodney Cooper extended Hill's mod 26 systems to Galois Fields GF(p) and GF(q^n) to create a cryptosystem based on matrix theory and Galois Fields (6). In essence, Cooper provided for a matrix of polynomials (subject to two moduli) to be used as an encryption key with the paramount advantage that such ma- trices can be made as large as needed to accommodate any required level of user security. In fact, Patti (7.) has implemented such extensible multi-magabit cryptokeys in PC-based extended memory in which he also concatenates random bits with the plaintext vector prior to encryption to defeat linear attacks (cited in the above reference) as well as known-plaintext and chosen-plaintext attack. Rather than trying to impress a known NP-hard problem into the service of PK cryptography as others such as Merkle et al. (8.) have attempted, we have employed a two-step process instead. In the first step, we developed weak but workable full-bandwidth PK systems with digital signature capability. In the second step, we hardened the resulting system by incorporating artificial com- plexities in the key generation, encryption, and decryption processes with the goal of attaining selectable and provable levels of security -- ideally NP-hard. Payne and McMillen's formula (9.) defines the number of nonsingu- lar nxn binary matrices possible for each dimension of n and thereby the number of reversible linear mappings of n-bit strings possible with such matrices. It is worth noting that such map- pings are a tiny subset of the full range of (2**n)! possible mappings of unique n-bit values. Unfortunately, as Chaitin has noted in another context (10.), all but a small fraction of these mappings are essentially noncomputable and can be effected only by table lookup -- as the small S-box mechanisms of DES exempli- fy. For the WARLOCK paradigm, one of the required private keys consists of a large, non-singular nxn matrix used to disguise the rectangular mxn public key. In the implementation provided here, a smaller nonsingular nxn private key matrix is also required. In the paragraphs that follow, the term "matrix" always refers to a binary matrix and all forms of the term "addition" indicated by the + symbol designate addition modulo-two (XOR operation). Supporting figures for the WARLOCK paradigm and the particular implementation are all found at the end of the paper. 4. THE WARLOCK PARADIGM Overview WARLOCK is a paradigm for a family of advanced, high-speed, full- bandwidth, matrix-based PK cryptosystems with full digital signa- ture. These systems can be operated in ordinary encryption/de- cryption mode or in superencrypted mode, (achieving encryption and authentication simultaneously) as necessary with key and block sizes incrementally selectable according to security needs. All implementations of the WARLOCK paradigm share certain common- alities: - use of a single public key K consisting of a rectangular mxn binary matrix where m>n and where n is the system block size of plaintext and ciphertext - achievement of nonlinear plaintext to ciphertext mappings such that for plaintexts A and B under key K, the follow ing is true: MAP(A,K) + MAP(B,K) <> MAP(A+B). - incorporation of secret "row identifiers" in rows of the public key (which are injected in disguised form into the ciphertext by the encryption process) allowing a private key holder to identify public key rows selected by the encryption process. - use of entropy increasing "noise bits" for selected bit positions of the public key not occupied by row identifiers - use of a secret, nonsingular nxn matrix M to disguise the public key and to serve (in inverse form) as a private key - user-selectable key and system block sizes to accommodate varying levels of security requirements - system key generation from user-supplied "key-seeds" or pass phrases of 1 to 85 bytes As the example below shows, the public key for the implementation provided here is initially constructed of two parts -- an A-part and a B-part. The A-part consists of a key-seed generated and triplicated nxn nonsingular matrix whose n dimension is exactly 1/3 the row dimension of the public key. Construction of the B-part begins with a template matrix (T- matrix) containing a diagonal of submatrices each comprised of "row identifiers" whose value and row positions uniquely identify each matrix row. In the first hardening step, the area above the diagonal is filled with key-seed generated "noise bits" and the area below the diagonal is filled with "replacement bits" con- sisting of key-seed generated but replicated row values. The A- part and the B-part are concatenated to form an mxn matrix where mn and where n is the block size of both the input plaintext and the resulting ciphertext. The purpose of row group jumbling is to disguise the original A-part and B-part row group sequence. WARLOCK encryption is accomplished by expanding an n-bit plain- text block in a nonlinear manner to form an m-bit vector which is multiplied by the public key to create an n-bit ciphertext. This multiplication is greatly hastened (as are all binary matrix multiplications) by the simple expedient of associating each bit position of the expanded vector with a row of K allowing 1-bits in the expanded plaintext vector to select corresponding rows of K which are added modulo two to produce the plaintext. In the first step of the decryption process, the ciphertext is multiplied by private key M_inverse to create the same value as if the plaintext had been multiplied by the completed T-matrix. Rows selected by the encryption process (whose row identifiers are encoded in the ciphertext) are then retrieved by a deconvolu- tion process which removes the effects of the noise bits identi- fied in the private key T-matrix. Accomplishing the inverse of the row selection process employed during encryption serves to identify the original plaintext. Like most computer-based cryptosystems, WARLOCK consists of three basic modules: a key generation module, an encryption module, and a decryption module. Digital signatures (as well as superencryp- tion) are accomplished conventionally by concatenating decryption and encryption functions employing appropriate public and private keys. WARLOCK Key Generation The WARLOCK T matrix is comprised of two major parts: an A-part and a B-part. The A-part consists of a triplicated and expanded nonsingular A matrix as shown in Figures 1. through 3. and the B- part consists of a set of rows each containing a unique 3-bit row identifiers as shown in Figure 5. Note that the triplicated rows of the A part when selected always produce a "fat bit" consisting of 000 or 111. These "fat bits" when combined with the row identifiers of the B-part in the encryption process either pre- serve the row identifier value or complement it with the result that identifiers are recovered in original or complemented form. For example, a row identifier 100 in a given ciphertext row position will be recovered either as 100 or as its complement 011 -- both identifying a particular B-part row selected in the encryption process. Row identifier values for the B-Part are chosen as shown below such that their values and their comple- ments form a unique set of unduplicated values allowing unambigu- ous row identification. 4-let Row Identifier Row Identifier Complement 1 100 011 2 010 101 3 001 110 4 111 000 In the encryption process, an information containing fat bit from the A-part consisting of 000 or 111 is always added to each 3-bit identifier value selected in the B-part. This technique not only preserves identification of the B-part row selected, but permits identification of the value of the information carrying fat bit as well. In other words, if a row identifier is recovered un- changed, its fat bit is known to be 000 otherwise its fat bit is known to be 111. Since the selection of fat bits is also deter- mined by plaintext values, fat bits are also information carry- ing. |----------| | | | B-part | | | |__________| | A-Part | |__________| WARLOCK T-matrix The A-part of the WARLOCK T-matrix is created as follows. A key- seed generated, nonsingular nxn matrix A (whose n dimension is exactly 1/3 the width of the T-matrix) and its inverse A_inverse is initially created as shown in Figures 1. and 2. The A-matrix is then triplicated to create the matrix shown in Fig. 3. As al- ready noted, triplication of the columns of matrix A produces the fat bits required by the encryption process. In the next step, shown in Fig. 4., the matrix row dimension is increased by adding each row pair of the matrix in Fig. 3. to create a third row. A fourth all-zero row is then created completing the row expansion. This last step is necessary to create A-part row groups (4-lets) that allow the row selection process (governed by plaintext values) to be identical for both the A-part and the B-part. Construction of the B-part of the T-matrix begins with an initial template containing row identifiers as shown in Figure 5. In the first hardening step, key-seed generated noise bits are added above the submatrix diagonal to produce the intermediate version shown in Figure 6. In the next step, the A-part and the B-part are joined to form a single T-matrix shown in Figure 7. To eliminate the "sea of zeroes" under the diagonal of the B-part (and to further disguise the T-matrix), a special "replacement bit or R-bit" matrix shown in Figure 8. is created with row values identical for each row 4-let. This matrix is added to the matrix in Figure 7. to produce the final T-matrix shown in Fig. 9. Not only does this step eliminate the "sea of zeroes" under the diagonal, but it also displaces and further disguises all other bits in the T-matrix. If the set of unique replacement row values in the R-matrix has been initially selected to sum to zero, the replacement row values vanish in the encryption proc- ess; otherwise their sum must be removed from the ciphertext as a special step in the decryption process. In the penultimate step of key generation, the T-matrix is multi- plied by the M-matrix in Figure 10. to produce the public key K- matrix shown in Figure 12. In the final step, this key is then key-seed jumbled in two ways: in four row groups (4-lets) and (optionally) by rows within groups. In the example below 4-lets are jumbled as follows: From To 4-let 4-let 6 1 4 2 1 3 2 4 3 5 5 6 WARLOCK Encryption Process The first encryption step consists of expanding the input plain- text block of n-bits (K-matrix column dimension) to a bit vector of m-bits (K-matrix row dimension) in accordance with the trans- lation table below. In the second and final step, this vector is then multiplied as a column vector by public key K to produce the ciphertext. Alternatively, the plaintext bit values could simply select the applicable rows of K directly as mentioned above and add them together. Expanded Plaintext Plaintext 2-bit Seg- Vector ment Segment 00 0001 01 1000 10 0100 11 0010 WARLOCK Decryption Process Decryption is a multi-step process. In the first step, the ciphertext is multiplied by private key M_inverse to produce an "unmasked version" having the same value as if the expanded plaintext had been multiplied by the T-matrix. In the second step, row identifiers of the B-part are recovered beginning with the leftmost row identifier which is always recov- ered in undisguised or complementary form (since it has not been altered by noise bits). The noise bits associated with this identifier row can now be identified using T-matrix private key information and removed from the ciphertext revealing the next leftmost row identifier in the same manner. This process is repeated iteratively until all row identifiers have been identi- fied -- in their original or complemented form. Each identifier value, thus recovered, unequivocally identifies an applicable 4- bit sector of the invoking expanded plaintext vector which, in turn, identifies a 2-bit sector of the plaintext. In addition, each recovered row identifier identifies its associated fat bit value as 000 or 111. When all row identifiers have been recovered, 2/3 of the plain- text has been decrypted. The remaining 1/3 can now be decrypted by examining fat bit values derived from the recovered identifier values themselves, i.e. for unchanged row identifiers, the ap- plicable fat bit = 000; otherwise the applicable fat bit = 111. When all fat bits have been identified, they are reduced from 3 bits to 1 bit and concatenated to form a value which is multi- plied by private key A_inverse (in Fig. 2.) to recover the re- maining 1/3 of the plaintext. In the final step of decryption, the full set of 2-bit plaintext segments are unjumbled to reverse the effects of the row 4-let jumbling of the public key. 7. WARLOCK 4.0 MANUAL EXAMPLE As an example of WARLOCK 4.0 operation, the WARLOCK 4.0 crypto- graphic keys shown in Figures 6., 11., and 12. may be used to manually encrypt and decrypt 12-bit inputs and to create and verify 12-bit digital signatures as desired. For example, to encrypt plain_text P = 001110000110 using pub- lic_key_K shown in Figure 12., accomplish the following steps: Expand plain_text P to expanded_text 000100100100000110000100. Select and add rows of public_key_K under control of 1-bits in expanded_text to produce encrypted_text as follows: bit 4 selects row 4 of K = 101000100001 bit 7 selects row 7 of K = 011110010011 bit 10 selects row 10 of K = 110011110001 bit 16 selects row 16 of K = 011000001000 bit 17 selects row 17 of K = 000010100101 bit 22 selects row 22 of K = 001001110001 encrypted_text = 010110011111 To facilitate understanding of the more complex decryption proce- dure detailed below, the following reference table is provided which relates row identifier values (as recovered) to the follow- ing necessary information: (1) row position selected within each row 4-let (2) selecting 2-bit plaintext values and (3) applicable fat bit values. Row Row Identi- Selected Selecting Associated fier Value within Plaintext Fat Bit (as recovered 4-let Value Value 100 1 01 000 011 1 01 111 010 2 10 000 101 2 10 111 001 3 11 000 110 3 11 111 000 4 00 000 111 4 00 111 The following steps detail the decryption process: A. Multiply encrypted_text 010110011111 by private key key_M_inverse shown in Figure 11. to create the initial value of reverted_text 100101101111. Note that the leftmost row identifier in bit positions 1, 5, and 9 is unaffected by noise bits and is seen to have the value 101 indicating that row 2 of the applica- ble 4-let of the public key was chosen. Accordingly, 1. Initialize the value of resultant_text with the first 2 recovered plaintext bit values, e.g. resultant_text 10. 2. Create the first iteration of intermediate_text by remov- ing from reverted_text the noise bits associated with row 2 of private key key_T_with_noise by XORing subject row 2 with the reverted_text to produce the first intermediate_text value as follows: 100101101111 (reverted_text) 011010010000 (row 2 template and noise bit values) 111111111111 (intermediate_text) This step also records the fat bits in positions 1, 5, and 9. of the intermediate_text and the reduced fat bit in position 1. B. Note that the value of the row identifier in bits 2, 6, and 10 "uncovered" by the previous step is seen to be 111 indicating that row position 4 of its respective 4-let was selected and further indicating an invoking plaintext value of 00 and an associated fat bit value of 000. Accordingly, 1. Append recovered plaintext bits 00 to the current result- ant_text value giving new resultant_text 1000. 2. Remove from the current intermediate_text value the noise bits associated with applicable row 4 of key_T_with_noise_bits by XORing subject row 4 with intermediate_text to produce a new intermediate_text value as follows: 111111111111 (current intermediate_text) 010101110110 (row 4 template and noise bit values) 101010001001 (new intermediate_text) This step also records the reduced fat bits in positions 1 and 2 of the new intermediate_text. C. The value of the third row identifier (bits 3, 7, and 11) uncovered by the previous step is seen to be 100 indicating that row 1 of its respective 4-let was invoked by a plaintext value of 01 and that its associated fat bit value is 000. Accordingly, 1. Append the recovered plaintext bits 01 to the current re- sultant_text value giving 10000. 2. Remove from the intermediate_text the noise bits associ- ated with row position 1 of private key key_T_with_noise_bits by XORing subject row 1 with the current intermediate_text to pro- duce a new intermediate_text value as follows: 101010001001 (current intermediate_text) 001000000000 (row 1 template and noise bit values) 100010001001 (new intermediate_text) This step also records the reduced fat bits in positions 1, 2, and 3 of the new intermediate_text. D. The fourth and final row identifier (bit positions 4, 8, and 12) uncovered by the previous step is seen to be 001 indicating that row 3 was selected by a plaintext value of 11 and that its associated fat bit value is 000. Accordingly, 1. Append recovered plaintext bits 11 to current resultant_text value giving 10000111. 2. Remove from the current intermediate_text value the noise bits associated with row position 3 of the subject 4-let of key_T_with_noise_bits by XORing row 3 with the current intermedi- ate_text to produce a new intermediate_text_value as follows: 100010001001 (current intermediate_text) 000000000001 (row 3 template value) 100010001000 (new intermediate_text) This step also records the final reduced fat bit in position 4 of the new intermediate_text whose current value is now seen to be 1000. D. This completed intermediate_text value 1000 will be multiplied by private key A_inverse to recover the final plaintext values (originally encoded by the A-part of the public key) as follows: 1000 x A_inverse = 1000 The recovered plaintext value 1000 is then appended to the cur- rent value of resultant_text to produce resultant_text = 100001111000. J. The completed resultant_text value 100001111000 (now seen to be a 2-bit permutation of the original plaintext) must now be unjumbled in the final decryption step by reversing the row jumbling accomplished in the last step of the key generation process (described on page 7.) as follows: Source Bit Desti- Destination Source Pair Position nation Bit Pair Position Bit Pair (resultant_ Bit Pair (decrypted_ Number text)/(value) Number text)/(value) 6 11-12 (00) 1 1-2 (00) 4 7-8 (11) 2 3-4 (11) 1 1-2 (10) 3 5-6 (10) 3 3-4 (00) 4 7-8 (00) 2 5-6 (01) 5 9-10 (01) 5 9-10 (10) 6 11-12 (10) This final permutation step produces the sought plaintext value 001110000110 completing the decryption process. Source Authentication and Superencryption To create a source authentication value S (for source authentica- tion purposes) represented by any selected 12-bit value, S must first be "decrypted" by the decryption module by the steps noted in the foregoing paragraphs to create signature value S*. When submitted to the encryption module for validation, S* produces the sought value S thereby proving unequivocally that S emanated from the private key holder. Because of the relatively high encryption and decryption speeds of WARLOCK 4.0, Alice and Bob may choose for purposes of enhanced security to exchange messages that are simultaneously encrypted and authenticated. To accomplish this, Alice and Bob first obtain each others public keys. In encrypting messages for Bob, Alice accomplishes the following: 1. Alice first "decrypts" each plaintext block using her private key to create an "authenticated version" of the plaintext. She then encrypts this version by Bob's public key to create a final ciphertext block which she transmits to Bob. 2. Bob first decrypts the ciphertext block by his private key recovering the "authenticated version". He then transforms this version to Alice's original plaintext by "encrypting" it with Alice's public key thus proving Alice to be the originator of the plaintext since she is the only holder of the private key. In encrypting messages for Alice, Bob follows the same procedure with the appropriate public and private keys. 8. SEEDING THE WARLOCK KEY GENERATION FUNCTION A basic desideratum of classic private key cryptosystems was easily generated and memorized keys to avoid a possibly compro- mising (or incriminating) recording of the key. This desideratum has all but vanished with DES and the advent of PK systems. Who, for example, can remember a thousand-bit RSA modulus or its constituent primes. Nevertheless, there are many occasions where one would not wish to transport private keys to a new operating locations, but regenerate them at their new location, use them, and destroy them. Such a capability is available through the unique WARLOCK key seeding feature which allows users to seed the key generation process with a user secret key-seed (or pass phrase) of 1 to 85 bytes (8 to 680 bits). Such a feature is typically absent from number theoretic cryptosystems such as RSA and the NIST DSS. With the WARLOCK key seeding feature, users can establish simple mnemonic seeding tokens or create elaborate- ly structured key-seeds as needed. Key seeding also facilitates the use of WARLOCK as a stream cipher where Bob and Alice at different locations independently generate a common private key based on a secret shared key-seed. Such a procedure allows then to generate and synchronize a common pseudorandom bit stream beginning with an agreed-on starting value v which is "decrypted" by the private key and the result XORed with plaintext to encrypt and decrypt in the manner of one- time pads or Vernam ciphers. The starting value v would then be incremented by +1 each iteration yielding a nonrepeating cycle of 2**n iterations where n is the system block size in bits. Key seeding also facilitates opportunistic encryption using devices such as PC's and workstations that are generally avail- able but not portable. For example, Bob could freely transport the encryption/decryption program on a 3 1/2" floppy in his shirt pocket without fear of compromising his secret key-seed. Alice could encrypt from any available PC initialized with an installed WARLOCK program. Both would enter their secret key-seed at the time of message exchange. As yet another example of the potential of key seeding, consider an environment where Bob and Alice are deployed as secret agents who must unequivocally authenticate each other's identity prior to commencing their mission. Each has memorized a key-seed given them by their faceless directors and each carries an unknown ciphertext segment as well. When they finally rendezvous in Vienna, Bob and Alice XOR the ASCII representation of their key- seeds to produce a new key-seed value which they use to generate cryptographic keys. Each then decrypts his ciphertext segment with the newly-generated keys. Bob hands his decrypted message to Alice who reads, "Of course, you know my name isn't Bob at all, it's Travis and I am pleased to meet you at last, Tatiana AKA Alice." 9. WARLOCK CRYPTOGRAPHIC STRENGTH It would be presumptuous at this point to assert that WARLOCK is categorically unassailable -- particularly in light of the vast resources of linear algebraic techniques (most of which are unknown to the authors) that might be mustered for its cryptanal- ysis. The rise and fall of numerous PK cryptosystems proposed during the last decade certainly recommend caution as well. However, based on our experience to date in making and breaking scores of matrix-based PK cryptosystems, it is our feeling that the only potentially effective assault possible against WARLOCK is the derivation of private keys (or workable alternatives) from the public key (assuming that the keys are sufficiently large to preclude other attacks). Clearly, the keys themselves cannot be exhaustively enumerated owing to their size. Simmons generalized PK system attack (11.) can be precluded in several ways. Users may choose to operate in superencrypted mode which accomplishes encryption and source authentication simultaneously or they may choose a suitably large system block size. Various kinds of pre- encryption scrambling (to increase input entropy) and post-de- cryption unscrambling may also be employed. Thus far we have been unable to cryptanalyze WARLOCK 4.0 with techniques successful against ancestors of WARLOCK. Under all the attacks that we have been able to muster, the work factor required to cryptanalyze WARLOCK 4.0 is an exponential function of block size which can be made arbitrarily large. What we are seeking from the user community is an assessment of the viability of the WARLOCK paradigm as well as a more precise quantification of the work factor required to cryptanalyze WARLOCK 4.0. 10. CONCLUSION Apart from the undecided issue of security, the WARLOCK paradigm meets our objective of providing users with single high-speed general purpose PK cryptosystems (exemplified by WARLOCK 4.0) as alternatives to number theoretic systems. We feel that WARLOCK cryptosystems can serve the security needs of private users to whom we grant free use subject to the restrictions noted in the source code and in the introduction to this paper. The WARLOCK paradigm also suggests a new direction for the development of PK systems free of the computational burden of number theoretic systems. Finally, the WARLOCK paradigm suggests a potentially fruitful direction for achieving a viable cryptographic embodi- ment of the NP-hard coding problem cited by Berlekamp et al.(12.). 11. WARLOCK 4.0 NUMBERED FIGURES Note: To facilitate de- 1000 1000 101010101010 cryption, Row 1. is row 2 1010 0110 100010001000 of Matrix A triplica- 1110 1100 001000100010 ted. Row 2 is row 1 0011 1101 000000000000 triplicated; row 3 is 001100110011 the XOR of rows 1 and Figure 1. Figure 2. 111011101110 2 and row 4 is the A-Part Private Key 110111011101 XOR of rows 1, 2, and Matrix A Matrix A_ 000000000000 3. The same process inverse using remaining row Figure 3. pairs of Matrix A is re- A-expanded peated to create A_expan- ded. 100000000000 100010101101 101101000011 010000000000 010100100010 011010010000 001000000000 001011001000 000001001110 111000000000 111111001001 110011001111 000100000000 000100101011 011000010011 000010000000 000010111111 001101110011 000001000000 000001111100 001100100110 000111000000 000111011110 010101110110 000000100000 000000100000 001000000000 000000010000 000000010001 000000100001 000000001000 000000001001 000000000011 000000111000 000000111000 001000100010 000000000100 000000000100 000100000000 000000000011 000000000010 000000010000 000000000001 000000000001 000000000001 000000000111 000000000111 000100010001 Figure 4. Figure 5. Figure 6. B-Part B-Part B-Part Initial key_T_temp- Columnar re- key_T_temp- late with arrangement late noise bits = key_T_with_ noise_bits 110000001000 101001010100 000110100011 100100111100 100000100001 010001110011 110101011011 000001101100 111010111100 001111001000 110101000010 110010110100 001000111100 110110001110 100100010001 111111110010 011000000100 101101101000 100001111010 110101000111 000000010010 111111110000 010111011110 010111011010 .OJ OFF Figure 7. Figure 8. key_M Private Key key_M_inverse 101101000011 110100100010 011001100001 011010010000 110100100010 101110110010 000001001110 110100100010 110101101100 110011001111 110100100010 000111101101 011000010011 001101010001 010101000010 001101110011 001101010001 000000100010 001100100110 001101010001 000001110111 010101110110 001101010001 011000100111 001000000000 010011011011 011011011011 000000100001 010011011011 010011111010 000000000011 010011011011 010011011000 001000100010 010011011011 011011111001 000100000000 101100110010 101000110010 000000010000 101100110010 101100100010 000000000001 101100110010 101100110011 000100010001 101100110010 101000100011 101010101010 011111101001 110101000011 100010001000 011111101001 111101100001 001000100010 011111101001 010111001011 000000000000 011111101001 011111101001 001100110011 011001110011 010101000000 111011101110 011001110011 100010011101 110111011101 011001110011 101110101110 000000000000 011001110011 011001110011 Figure 9. Figure 10. Figure 11. key_T_with_ replacement_ key_T_replaced noise (A rows (Figure 9. and B-Part XOR'd with Fi- joined) gure 10.) 11. BIOGRAPHICAL DATA William J. Wilson is an early-retiree of the Sperry half of the current UNISYS corporation. During his 23 years there, he spe- cialized in database design, information storage and retrieval, and system security. He is a member of ACM occasionally consult- ing in his areas of expertise and is also identified in the current Directory of American Fiction Writers and Poets as both a writer (science fiction and horror) and a poet. His light and satirical verse appeared frequently in DATAMATION (Churl's Garden of Verses, Solid-state Jabberwocky, Ode to the Indomitable GOTO, etc.) and other magazines. C. Larry Craig (co-inventor of WARLOCK and author of the C++ WARLOCK program) currently works as a private consultant and software designer in the fields of digital communication, commu- nication networks, and cellular and telephony applications. 12. REFERENCES 1. Hill, L. "Cryptography in an Algebraic Alphabet," Amer. Math. Monthly. 36: 306-312, 1929. 2. Diffie, W., and Hellman, M.E. "New Directions in Cryptog- raphy," IEEE Trans. Inform. Theory IT-22, 644-654, Nov. 1976. 3. Rivest, R. et al., A Method for Obtaining Digital Signa- tures and Public-key Cryptosystems, Communications of the ACM 21, pp. 120-126, Feb 1978. 4. McEleice, R.J. "A Public-key cryptosystem based on Alge- braic Coding Theory," DSN Progress Rep. 42-44, Jet Propulsion Laboratory, pp. 114-116, 1978. 5. Korzhik, V.L. and Turkin, A.I., "Cryptanalysis of McE- liece's Public-key Cryptosystem," Advances in Cryptology - Euro- crypt '91 Proceedings. 6. Cooper, R. "Linear Transformations in Galois Fields and Their Application to Cryptography," Cryptologia, Vol 4., No. 3, pp. 184-188, 1992. 7. Patti, T. "The SUMMIT Cryptosystem," Cryptosystems Jour- na, Vol 2., No. 2, 1992. 8. Merkle, C. and Hellman, M.E. "Hiding Information and Signatures in Trapdoor Knapsacks," IEEE Trans. Inform. Theory.IT- 24: pp. 525-530, 1978. 9. Payne, W.H. and McMillan, K.L., Orderly Enumeration of Nonsingular Binary Matrices Applied to Text Encryption, Communi- cations of the ACM, pp. 259-265, April 1978. 10. Chaitin, G. J. ""Randomness and Mathematical Proof," Scientific American pp. 47-52, May 1975. 11. Simmons, G.J., Forward Search as a Cryptanalytic Tool Against a Public Key Privacy Channel, Proceedings of the IEEE Symposium on Security and Privacy, April 1982. 12. Berlecamp, E.R., McEleice, R.J., and van Tilborg, H.C.A., On the Inherent Intractability of Certain Coding Problems, IEEE Trans. Inform. Theory, IT-24, pp. 384-386, May 1978. #000# From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Breton Date: Wed, 30 Jun 93 06:52:06 PDT To: cypherpunks@toad.com Subject: Boston cpunx meeting? Message-ID: MIME-Version: 1.0 Content-Type: text/plain Are Boston area folks interested in another get together? The last one I went to (early April) was a blast... ------------------------------------------------------------------------- Peter Breton pbreton@cs.umb.edu PGP key by finger ========================================================================= From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: remail@tamsun.tamu.edu Date: Wed, 30 Jun 93 08:23:59 PDT To: cypherpunks@toad.com Subject: Re: Remailer ping test Message-ID: <9306301523.AA20787@tamaix.tamu.edu> MIME-Version: 1.0 Content-Type: text/plain [list of defunct remailers (?)] > 1: hh@pmantis.berkeley.edu > 2: hh@cicada.berkeley.edu > 6: remail@tamaix.tamu.edu > 7: ebrandt@jarthur.claremont.edu > 9: remailer@rebma.mn.org > 14: 00x@uclink.berkeley.edu > > Hal > hfinney@shell.portal.com The remailer at remail@tamaix.tamu.edu and remail@tamsun.tamu.edu are working. Must have been a temporary problem Hal. Thanks for checking it out. Carlos -- [ Carlos Macedo Gomes ][ The Message is ][: .8. :]------ [ gomes@tamu.edu ][ the Media ][ . ooo . ]000000 [ cmghelp@tamsun.tamu.edu ][ :Marshall McLuhan ][ : =o(Y)o= : ]000000 [ PGP 2.2 key by finger ][30 37 40 N, 96 20 03 W][oo .ooooo. oo]------ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: David Heck Date: Wed, 30 Jun 93 08:38:50 PDT To: cypherpunks@toad.com Subject: Speaking of get togethers.... Message-ID: <9306301538.AA06072@toad.com> MIME-Version: 1.0 Content-Type: text/plain While we're on the subject, is there anyone on the list in the NE Ohio area (Cleveland) interested in getting together? I'd love to go to Boston or the West Coast, but just can't swing it with my work schedule ;-) David From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: eric@Synopsys.COM (Eric Messick) Date: Wed, 30 Jun 93 13:32:26 PDT To: cypherpunks@toad.com Subject: Remailer pings Message-ID: <9306302032.AA23540@tiedye.synopsys.com> MIME-Version: 1.0 Content-Type: text/plain I've gotten responses from the following remailers: hfinney@shell.portal.com hh@soda.berkeley.edu remail@tamsun.tamu.edu nowhere@bsu-cs.bsu.edu phantom@mead.u.washington.edu elee7h5@rosebud.ee.uh.edu hal@alumni.cco.caltech.edu dis.org!remailer@merde.dis.org hh@pmantis.berkeley.edu hh@cicada.berkeley.edu remail@tamaix.tamu.edu ebrandt@jarthur.claremont.edu remailer@rebma.mn.org And have not recieved (in two days) a response from: 00x@uclink.berkeley.edu I used the perl script appended to this message. -eric messick (eric@toad.com) #!/usr/local/bin/perl $me = "eric@synopsys.com" ; # put your email address here sub begin_mail { local ($addr, $from, $subject) = (@_); if (!open(MAIL, "| /usr/lib/sendmail '" . $addr . "'")) { &log("error", "Error sending mail to $addr") ; return; } print MAIL "To: $addr\n" ; print MAIL "From: $from\n" ; print MAIL "Reply-To: $from\n" ; print MAIL "Subject: $subject\n" ; print MAIL "\n" ; } $home = $ENV{'HOME'} ; open(REMAILERS, "$home/remail/currentremailers") || die "Can't open $home/remail/currentremailers: $!\n" ; while () { chop; ($addr) = split ; next if ($addr eq "#") ; print "$addr\n" ; &begin_mail($addr, $me, "ferd"); print MAIL "::\n" ; print MAIL "Request-Remailing-To: $me\n" ; print MAIL "\n" ; print MAIL "mailed to $addr\n" ; close MAIL; } From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter shipley Date: Wed, 30 Jun 93 16:02:37 PDT To: shipley@dis.org Subject: Re: remailer ideas & proposals In-Reply-To: <9306300830.AA18466@bailey.cpac.washington.edu> Message-ID: <9306302300.AA14856@merde.dis.org> MIME-Version: 1.0 Content-Type: text/x-pgp -----BEGIN PGP SIGNED MESSAGE----- > >MIME, in particular, solves this problem, along with many others. Three cheers >for Metamail! Specifically, you can have several seperate messages within your >RFC822 message, arranged hierarchially. You could have your public key, your >cute .sig, your message, your signature for the message, contact information >for you, a JPEG image (of your cat, say), and a sound ("meow") all in the same >mail message. There is even faint hope that it would be portable. > it would be nice it remailers accepted MIME multipart messages then procesed each separately thus I can "queue" up outgoing email into a single letter to a remailer. Another side is it a remailer would queue up mail whose desination was another remailer and sent it a digest/MIME multipart format thus making traffic analysis more more difficult. -Pete -----BEGIN PGP SIGNATURE----- Version: 2.3 iQBVAgUBLDIbGXynuL1gkffFAQE+2AH6A9l3QJiYHNie7Ch8aURSDjI1tWBegLms FEf7ah+VsgNos+FotsMOryZYd0oN7KVD/1Mpk9SkrlXkF0PF7OPrjQ== =z5pc -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter shipley Date: Wed, 30 Jun 93 17:42:08 PDT To: cypherpunks@toad.com Subject: Re: remailer ideas & proposals In-Reply-To: Message-ID: <9307010019.AA15108@merde.dis.org> MIME-Version: 1.0 Content-Type: text/x-pgp -----BEGIN PGP SIGNED MESSAGE----- >And some goofy Fidonet gateway may find it necessary to stick something o= n tha end: >> >> x-message-format: ((headers:4 body:10 signature:3) fidofooter:4) >> >I doubt that we will have much control of other net-elements. Well we should then encourage Fidonet mailers to get on the bandwagon for MIME formatted email. then we can send encode arbitrary data with whatever other info tacked on -----BEGIN PGP SIGNATURE----- Version: 2.3 iQBVAgUBLDItl3ynuL1gkffFAQH5SQH+MMWHS7ZCtQeKk45lKHuQBUdB5QH68SVZ Y7deATUA/t07L9MFvQNGWD3T+olyZjdZ2gcj2TUE0KXlC9aFbAo2Cg== =zC5h -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: zane@genesis.mcs.com (Sameer) Date: Wed, 30 Jun 93 16:29:10 PDT To: ""L. Detweiler"" Subject: Re: remailer ideas & proposals In-Reply-To: <9306300657.AA26896@longs.lance.colostate.edu> Message-ID: MIME-Version: 1.0 Content-Type: text/plain In message <9306300657.AA26896@longs.lance.colostate.edu>, ""L. Detweiler"" writes: > > Here is an idea: if a remailer drops a message or forwards it > successfully it could broadcast a message to a group such as misc.test. I like this idea.. How about alt.remail? And a header: :: Request-Remailing-To: remail@extropia.wimsey.com Error-ID: &DNANC*WHS If the message is dropped the remailer posts a note to alt.remail saying, "Remail message &DNANC*WHS has been dropped." Maybe some sort of ID-encryption similar to that used in Chaum's digital cash algorithim could be used for security. > > And some goofy Fidonet gateway may find it necessary to stick something on the end: > > x-message-format: ((headers:4 body:10 signature:3) fidofooter:4) > This would require that the operator of the Fidonet gateway be cypherpunk-friendly. I think it is best if all modifications/ideas be made *only* to remailers, for I doubt that we will have much control of other net-elements. -- | Sameer Parekh-zane@genesis.MCS.COM-PFA related mail to pfa@genesis.MCS.COM | | Apprentice Philosopher, Writer, Physicist, Healer, Programmer, Lover, more | | "Symbiosis is Good" - Me_"Specialization is for Insects" - R. A. Heinlein_/ \_______________________/ \______________________________________________/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jet@nas.nasa.gov (J. Eric Townsend) Date: Wed, 30 Jun 93 18:01:15 PDT To: cypherpunks@toad.com Subject: id this chip? Message-ID: <9307010101.AA26550@boxer.nas.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain Found this in my desk in my new cubicle. I'm not a chip head, so I have no clue as to the id of all sorts of obscure chip manus and whatnot. (I recognize hitachi, intel, motorola, that sort of thing, duh. :-) 48pin marked on top with the following text *only*. No symbols, logos, etc: CIPHER 1984 960430-004 8816 IP8073B So, what do I win? A free clipper phone? -eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ""L. Detweiler"" Date: Wed, 30 Jun 93 17:18:07 PDT To: cypherpunks@toad.com Subject: rumors of Clipper hardware problems Message-ID: <9307010017.AA14364@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain The following came from D. Farber who is closely associated with NSF Internet commitees and has been following Clipper development, as received from an anonymous informant. Items: 1. list of Clipper committee members 2. more NIST irregularities around DSS 3. Clipper: low yield, average failure in 40 hours, `substantial redesign', delayed up to a year? If anyone forwards this past cypherpunks (e.g. Usenet) take out my and D. Farber names. ===cut=here== From: farber@central.cis.upenn.edu (David Farber) Subject: technical review of the Slipjack algorithm Date: Tue, 29 Jun 1993 16:42:24 -0500 In case anyone hasn'y picked this up yet, this is the list of individuals who are participating in the technical review of the Slipjack algorithm: Dorothy Denning, Georgetown U. Walt Tubman, IBM (retired) Ernie Brickell, Sandia Labs Steve Kent, BBN Dave Mayer, AT&T According to Lynn McNulty (NIST), the group met for a few days last week with NIST and NSA representatives. They are now in the process of formulating more questions for a second meeting with the government team. No word yet on the form, content or schedule of the group's report. From: farber@central.cis.upenn.edu (David Farber) Subject: "Digital Signature Scandal" a bit more Date: Tue, 29 Jun 1993 16:40:57 -0500 During a discussion in DC today the following arose. The Federal register announcement was dated and signed on 2 June 1993 (and published on 8 June). The NIST Advisory Board mandated by the congress was meeting at NIST on 2-5 June. They were not told about the announcement even though the matter was of direct interest and importance to their assigned task. Why??? Did someone have something to hide? I hear tell also that the Clipper chip's first run of final silicon was not a winner. Chips failed after 40 hours. I also heard a rumor that the redo would [delay] things for up to a year (sounds like a long time). Any better info out there? Dave "Informant" [forwarded by D. Farber]: "My info is that there were three parallel tests; your number comes from the first, though the others were little better. Batch I n=8 mtbf= 41.5 hrs. Batch II n=11 mtbf= 49.0 hrs. Batch III n=20 mtbf= 32.0 hrs. My NSA source said that he thought that the difficulty was related to thermal issues and that if environmental issues were addressed or at least audit ed to assure proper operating environment the numbers might have been better. I have been unable to get any 'hard' info re what actually happened and what kind of a post mortem is taking place." 2. Re chip health. I heard the same story plus yield was very low. I also understand that there is substantial redesign going on because the story about defaulting to an all-0 key if the LEB were corrupted was apparently true. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: friedman@gnu.ai.mit.edu (Noah Friedman) Date: Mon, 28 Jun 93 17:25:32 edt To: lpf-all-members@prep.ai.mit.edu Subject: Digital Signature Scandal Message-ID: <9306282125.AA13550@nutrimat.gnu.ai.mit.edu> MIME-Version: 1.0 Content-Type: text/plain [The following is an official announcement from the League for Programming Freedom. Please redistribute this as widely as possible.] Digital Signature Scandal Digital signature is a technique whereby one person (call her J. R. Gensym) can produce a specially encrypted number which anyone can verify could only have been produced by her. (Typically a particular signature number encodes additional information such as a date and time or a legal document being signed.) Anyone can decrypt the number because that can be done with information that is published; but producing such a number uses a "key" (a password) that J. R. Gensym does not tell to anyone else. Several years ago, Congress directed the NIST (National Institute of Standards and Technology, formerly the National Bureau of Standards) to choose a single digital signature algorithm as a standard for the US. In 1992, two algorithms were under consideration. One had been developed by NIST with advice from the NSA (National Security Agency), which engages in electronic spying and decoding. There was widespread suspicion that this algorithm had been designed to facilitate some sort of trickery. The fact that NIST had applied for a patent on this algorithm engendered additional suspicion; despite their assurances that this would not be used to interfere with use of the technique, people could imagine no harmless motive for patenting it. The other algorithm was proposed by a company called PKP, Inc., which not coincidentally has patents covering its use. This alternative had a disadvantage that was not just speculation: if this algorithm were adopted as the standard, everyone using the standard would have to pay PKP. (The same patents cover the broader field of public key cryptography, a technique whose use in the US has been mostly inhibited for a decade by PKP's assiduous enforcement of these patents. The patents were licensed exclusively to PKP by the Massachusetts Institute of Technology and Stanford University, and derive from taxpayer-funded research.) PKP, Inc. made much of the suspect nature of the NIST algorithm and portrayed itself as warning the public about this. On June 8, NIST published a new plan which combines the worst of both worlds: to adopt the suspect NIST algorithm, and give PKP, Inc. an *exclusive* license to the patent for it. This plan places digital signature use under the control of PKP through the year 2010. By agreeing to this arrangement, PKP, Inc. shows that its concern to protect the public from possible trickery was a sham. Its real desire was, as one might have guessed, to own an official national standard. Meanwhile, NIST has justified past suspicion about its patent application by proposing to give that patent (in effect) to a private entity. Instead of making a gift to PKP, Inc., of the work all of us have paid for, NIST and Congress ought to protect our access to it--by pursuing all possible means, judicial and legislative, to invalidate or annull the PKP patents. If that fails, even taking them by eminent domain is better (and cheaper in the long run!) than the current plan. You can write to NIST to object to this giveaway. Write to: Michael R. Rubin Active Chief Counsel for Technology Room A-1111, Administration Building, National Institute of Standards and Technology Gaithersburg, Maryland 20899 (301) 975-2803. The deadline for arrival of letters is around August 4. Please send a copy of your letter to: League for Programming Freedom 1 Kendall Square #143 P.O.Box 9171 Cambridge, Massachusetts 02139 (The League for Programming Freedom is an organization which defends the freedom to write software, and opposes monopolies such as patented algorithms and copyrighted languages. It advocates returning to the former legal system under which if you write the program, you are free to use it. Please write to the League if you want more information.) Sending copies to the League will enable us to show them to elected officials if that is useful. ===================================================================== APPENDIX G: THE LETTERS I INTEND TO SEND ======================================== - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Dr Ross N. Williams Rocksoft Pty Ltd (ACN 008-280-153). 16 Lerwick Avenue Hazelwood Park 5066 Australia Net : ross@guest.adelaide.edu.au. Fax : +61 8 373-4911 (C/-Internode Systems) Work : +61 8 379-9217 Michael R. Rubin Acting Chief Counsel for Technology Room A-1111 Administration Building National Institute of Standards and Technology Gaithersburg, MD 20899 4 August 1993. Dear Mr Rubin, As a concerned member of the Australian public, and as a director of an Australian software company, I am writing in response to the notice "Notice of Proposal for Grant of Exclusive Patent License" published by NIST in the U.S. Federal Register, Vol. 58, No. 108, dated June 8, 1993 under Notices and relating to U.S. Patent Application No. 07/738.431 and entitled "Digital Signature Algorithm." This notice affects myself and my company in its relationship to the US commercial environment and because of the propagation of patent claims internationally. The notice states that: >The prospective license will be granted unless, within sixty (60) >days of this notice, NIST receives written evidence and argument >which established that the grant of the license would not be >consistent with the requirements of 35 U.S.C. 209 and 37 CFR 404.7. I am writing because I believe that the license is NOT consistent with the requirements of 35 U.S.C. 209. Here's why. In 35 U.S.C. 209. part (c)(1), the requirements specify a list of conditions (A)..(D) all of which must be met before a U.S. Federal agency may grant an exclusive or partially exclusive license. Part (A) says: >(A) the interests of the Federal Government and the public will >best be served by the proposed license, in view of the applicant's >intentions, plans, and ability to bring the invention to practical >application or otherwise promote the invention's utilization by >the public; I do not wish to debate this clause as satisified or not satisifed except to note that this clause defines NIST's primary goal as the public benefit, not the private. >(B) the desired practical application has not been achieved, or is not >likely expeditiously to be achieved, under any non-exclusive license >which has been granted, or which may be granted, on the invention; There is no reason why the DSA standard should not be widely implemented without the benefit of any patents at all. I am aware of the potential conflict that prospective implementers might have with Public Key Partners (PKP) of Sunnyvale California. However, I believe that this problem should be resolved by the free market and the patent system rather than by NIST. >(C) exclusive or partially exclusive licensing is a reasonable and >necessary initiative to call forth the investment of risk capital and >expenditures to bring the invention to practical application or >otherwise promote the invention's utilization by the public; and The history of innovation and technology diffusion in the computing industry clearly indicates that, in the absence of PKP, there would be no requirement to boost risk capital with the use of patents in order to diffuse the technology. As soon as a technologically workable standard is proclaimed, it will be adopted. In particular, the cost of implementing the standard in software is likely to be less than $30,000. As a result there will soon be many implementations. >(D) the proposed terms and scope of exclusivity are not greater than >reasonably necessary to provide the incentive for bringing the invention >to practical application or otherwise promote the invention's >utilization by the public. It is clause (D) to which I mainly take exception. In (A) I asserted that the goal of NIST should be the public good. In (B) and (C) I asserted that for a much-awaited cheap-to-implement standard such as the DSA, patents are not required in order to attract risk capital. These two clauses in combination with (D) imply that NIST should be doing its best to deliver the standard into the public domain, and if this is not possible, licensing it in the least-restrictive manner possible. Under the current proposal, NIST will license the DSA patent to PKP indefinitely; that is, until it runs out in the year 2010. However, PKP's patents, (which in the light of (A),(B), and (C) should be the sole motivation for the license proposal) expire in 1997 or soon after. This flies in the face of clause (D) which permits NIST to grant at most only the minimum reasonable license, in this case a license lasting only until 1997, after which the DSA patent should be placed in the public domain. This argument applies independent to any arguments stating that PKP have committed to behave in a certain "limited" way once granted the DSA patent licence; my argument applies to the time period over which the patent license is granted not the manner in which PKP conduct themselves during the period in which it is granted. Ideally thought, NIST should not grant DSS to PKP at all. I hope that the above provides a convincing argument that NIST would not be complying with the requirements of 35 U.S.C. 209.(c)(1)(D) if it executed the proposed license. --O-- There are many alternatives to the proposed license that NIST could pursue. For example, NIST could simply issue a general public license to DSA. Or NIST could use it's patent powers to impose the following condition on all implementors: Condition: All implementations of the DSA must be constructed in accordance with <> so that DSA can be quickly and cheaply replaced with other algorithms at a later date. If this move were adopted now, it would pave the way for RSA in 2000, or perhaps for an even better, hitherto uncreate, algorithm. Other, more aggressive strategies exist that could solve the problem too, the extreme being the taking of PKPs patents by "eminant domain". However, I realize that this would be extreme and am writing primarily to submit the objections given above. In addition to the above, I enclose three letters applying for: 1) A license of DSA for myself to use DSA. 2) A license of DSA for myself to implement and distribute DSA for free. 3) An unlimited commercial license for my company Rocksoft Pty Ltd, or failing this a non-commercial license. I would like to end this letter on a lighter note... During times of drought a farmer noticed that his cow was looking a bit thin so he sent his son out with the cow to find some nice green grass to munch on so that the cow would grow fat and yield lots of milk. The son walked the cow for miles and miles (making the cow even thinner in the process), but couldn't find any grass (this is actually the Australian outback). In the end he found a nice green paddock and set the cow grazing. Later the son returned to the homestead: Farmer : How'd it go son? Do we have a happy cow now? Son : Well sort of; I had trouble finding a grassy paddock. Farmer : But you found one in the end didn't you? Son : Yes, and I put the cow in the paddock. But soon another farmer came running out. He said it was his paddock --- he had rented it for three years --- and that I couldn't graze my cow there without giving him some milk. It was the only green paddock there was. Farmer : So what did you do? Son : I gave him the cow. Thank you for your kind attention. Please do not hesitate to contact me if you require any more information or clarification of the above. Yours sincerely, Ross Williams ------------- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Dr Ross N. Williams Rocksoft Pty Ltd (ACN 008-280-153). 16 Lerwick Avenue Hazelwood Park 5066 Australia Net : ross@guest.adelaide.edu.au. Fax : +61 8 373-4911 (C/-Internode Systems) Work : +61 8 379-9217 Michael R. Rubin Acting Chief Counsel for Technology Room A-1111 Administration Building National Institute of Standards and Technology Gaithersburg, MD 20899 4 August 1993. Dear Mr Rubin, I am writing in response to the notice "Notice of Proposal for Grant of Exclusive Patent License" published by NIST in the U.S. Federal Register, Vol. 58, No. 108, dated June 8, 1993 under Notices and relating to U.S. Patent Application No. 07/738.431 and entitled "Digital Signature Algorithm." The notice states that: >Applications for a license filed in response to this notice will be >treated as objections to the grant of the prospective license. >Only written comments and/or applications for a license which are >received by NIST within sixty (60) days for the publication of this >notice will be considered. As such, I would like to apply, on behalf of my company Rocksoft Pty Ltd for a license of this patent. The following information is provided in accordance with 37 CFR 404.8. (a) Identification of the invention: Title: "Digital Signature Algorithm (DSA)." Patent Application Serial Number: 07/738.431. United States Patent Number: To be issued as 5,231,668, I believe. (b) The type of license required is a commercial license requiring no royalties, OR FAILING THAT A NON-COMMERCIAL (i.e. non-profit) LICENSE requiring no royalty payments. (c) The organization applying for the license is "Rocksoft Pty Ltd", a company incorporated in Australia, whose formally registered address is c/- Nelson Wheeler 200 East Terrace Adelaide 5000 Australia whose Australian Company Number is 008-280-153, and whose postal address (please address correspondence to this address) is: 16 Lerwick Avenue Hazelwood Park 5066 Australia. (d) The representative of Rocksoft is: Name : Dr Ross N. Williams. Address: 16 Lerwick Avenue, Hazelwood Park 5066 Australia. Phone: +61 8 379-5020. (e) Rocksoft is a software consultancy employing only Ross Williams. The company has not yet successfully commercialized any products. (f) Source of information concerning availability of a license: various sources, including your Federal Register notice. (g) I am unable to determine whether Rocksoft Pty Ltd may be formally classified as a small business firm under 404.3(c). However, I would be very surprised if it is not, unless there is some requirement for it to be incorporated in the US. (h) Development plan. If a license is granted, Rocksoft will attempt to create an implementation of the DSA and either sub license it as a component or embed it in products requiring digital signatures. No plans more specific than this can be provided at this time. (1) Rocksoft expects that many hundreds of programmer hours could be committed to the project. Very little capital is available. However, if a license is secured, this may become available. (2) NO further statement on a development plan can be made at present. (3) Fields of use: Rocksoft wishes to use the technology in many diverse fields. (4) Geographic are of use: The whole world. Failing this, just Australia. (i) No previous licenses have been granted to Rocksoft under Federally owned inventions. (j) Known uses of DSA by industry or government: I have heard that ISC sells a product called dsaSIGN, and that Bellcore has implemented DSA. (k) Any other information. I am aware that one of the goals of the licensing of Federally owned inventions is to promote small business in the US and Rocksoft is a small business in Australia. I am hoping however that this application will be successful because it is an application for a non-exclusive, non-transferrable license. I understand that NIST may grant an exclusive DSA license to PKP, and that this license application will be treated as an objection to the PKP license. I would like this application to be treated as such. Thank you for your kind attention. Please do not hesitate to contact me if you require any more information or clarification of the above. Yours sincerely, Ross Williams ------------- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Dr Ross N. Williams 16 Lerwick Avenue Hazelwood Park 5066 Australia Net : ross@guest.adelaide.edu.au. Fax : +61 8 373-4911 (C/-Internode Systems) Work : +61 8 379-9217 Michael R. Rubin Acting Chief Counsel for Technology Room A-1111 Administration Building National Institute of Standards and Technology Gaithersburg, MD 20899 4 August 1993. Dear Mr. Rubin: I hereby apply for a personal license to use the Digital Signature Algorithm. 1. Title of invention: Digital Signature Algorithm (DSA). 2. Patent Application Serial Number: 07/738.431. 3. United States Patent Number: To be issued as 5,231,668, I believe. 4. Source of information concerning availability of a license: Various sources, including your Federal Register notice. 5. Name and address of applicant: Dr Ross N. Williams 16 Lerwick Avenue Hazelwood Park 5066 Australia Net : ross@guest.adelaide.edu.au. Fax : +61 8 373-4911 (C/-Internode Systems) Work : +61 8 379-9217 6. Applicant's representative: not applicable. 7. I am an Australian citizen. 8. Approximate number of persons employed: not applicable. 9. I am not a small business firm. 10. Purpose: I would like a personal license allowing me to implement and use DSA. See #12. 11. Business and commercialization: not applicable; see #10. 12. Plans: I plan to use DSA to attach digital signatures to a variety of electronic documents, primarily for authentication. I plan to use DSA implementations, initially in software but perhaps later in hardware, from a variety of potential future sources. Investments: I may spend many hours programming a DSA implementation. 13. Fields of commercialization: not applicable; see #10. 14. I am not willing to accept a license for less than all fields of use of DSA. 15. I intend to implement and use DSA throughout the world. However, failing this a license for Australia and the U.S.A. would be appreciated. Failing this, a license for just Australia would still be useful. 16. Type of license: I would like a non-exclusive license which does not require royalty payments. 17. I have never been granted a license to a federally owned invention. 18. Known uses of DSA by industry or government: I have heard that ISC sells a product called dsaSIGN, and that Bellcore has implemented DSA. 19. Other information: I understand that NIST may grant an exclusive DSA license to PKP, and that this license application will be treated as an objection to the PKP license. Please note that PKP has stated its intent to make DSA free for personal use. Therefore, if NIST grants PKP a license and PKP acts according to its stated intent, there is no harm to anyone if I am granted this personal license. However, I do not trust PKP to act according to its stated intent, and I do not want to have to apply for a license from PKP even if it is royalty-free. So I ask that you grant me a license directly. Thank you for your kind attention. Please let me know if you need more information. Yours sincerely, Ross Williams ------------- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Dr Ross N. Williams 16 Lerwick Avenue Hazelwood Park 5066 Australia Net : ross@guest.adelaide.edu.au. Fax : +61 8 373-4911 (C/-Internode Systems) Work : +61 8 379-9217 Michael R. Rubin Acting Chief Counsel for Technology Room A-1111 Administration Building National Institute of Standards and Technology Gaithersburg, MD 20899 4 August 1993. Dear Mr. Rubin: I hereby apply for an implementor's license permitting me to sublicense the use of the Digital Signature Algorithm. 1. Title of invention: Digital Signature Algorithm (DSA). 2. Patent Application Serial Number: 07/738.431. 3. United States Patent Number: To be issued as 5,231,668, I believe. 4. Source of information concerning availability of a license: Various sources, including your Federal Register notice. 5. Name and address of applicant: Dr Ross N. Williams 16 Lerwick Avenue Hazelwood Park 5066 Australia Net : ross@guest.adelaide.edu.au. Fax : +61 8 373-4911 (C/-Internode Systems) Work : +61 8 379-9217 6. Applicant's representative: not applicable. 7. I am an Australian citizen. 8. Approximate number of persons employed: not applicable. 9. I am not a small business firm. 10. Purpose: I would like a license allowing me to let others freely use my implementation of DSA, i.e., allowing me to sublicense the use of DSA at no cost. See #12. 11. Business and commercialization: not applicable; see #10. 12. Plans: I plan to create a source-code implementation of DSA in software, using computer resources which are already available to me. I plan to give this implementation to anyone who asks, and perhaps to publish this implementation via electronic or non-electronic means, for study and use by the academic and non-academic communities. I hope to have people hear about this implementation by a variety of means, including word of mouth. 13. Fields of commercialization: not applicable; see #10. 14. I am not willing to accept a license for less than all fields of use of DSA. 15. I intend to implement DSA in Australia (but distribute my implementations throughout the world). 16. Type of license: I would like a non-exclusive license which does not require royalty payments. 17. I have never been granted a license to a federally owned invention. 18. Known uses of DSA by industry or government: I have heard that ISC sells a product called dsaSIGN, and that Bellcore has implemented DSA. 19. Other information: I understand that NIST may grant an exclusive DSA license to PKP, and that this license application will be treated as an objection to the PKP license. Let me emphasize that this is not a commercial license application. I do not intend to collect any fees for the use of this implementation. Thank you for your kind attention. Please let me know if you need more information. Yours sincerely, Ross Williams ------------- ===================================================================== ------ Paul Ferguson | "Government, even in its best state, Network Integrator | is but a necessary evil; in its worst Centreville, Virginia USA | state, an intolerable one." fergp@sytex.com | - Thomas Paine, Common Sense I love my country, but I fear its government. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Allan Thompson Date: Wed, 21 May 1997 11:23:26 +0800 To: cypherpunks@toad.com Subject: encryption laws Message-ID: <2.2.32.19930716030439.0067dc10@earthlink.net> MIME-Version: 1.0 Content-Type: text/plain Would it be possible for a court to subpeona a encrypted file or key, and order you to tell them the key ? If you didn't would you be held in 'contempt of court' ? -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.2 mQCNAyw57X8AAAEEANs79QzyCIwCXMUnbiFTK5l8lJBXKdZqGAHxwgbDOuOGBSJB HBxlfycbSqevTPmKRTL4yHD1yCmAbkTrZtZuP1DDWeStaujf3M8lh6RlU4lOLU4Z IAu12Y9i4IgyBQkM03d/TZfAaXwUKQu2APBNz8D6ZT53xVzJVy80opqUWHzJAAUR tB9BbGxhbiBUaG9tcHNvbiA8YXRjMTJAd2VsbC5jb20+iQCVAwUQLDsrvS80opqU WHzJAQEvWgQAvx/DdLFB5Jk4BOiSD5QX8qDbAb40L1rgNAi3R/1kSYnBjli/ncDR msyJKoviG0Ppl0JSxfX4SpgoKOsS1jpz5yFFmBAPCPJ5VC0cjwhgItdnyHnAcj99 FdrcVhF9G2oJkeoqgXkt3Hy6YWhGhxI4Wvcrv6eAC1yKZ8FA3xltuWA= =o+Ud -----END PGP PUBLIC KEY BLOCK----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Thu, 1 Jul 93 01:45:05 PDT To: cypherpunks@toad.com Subject: Re: LEB corruption in Clipper phones--the backdoor? Message-ID: <9307010844.AA24024@servo> MIME-Version: 1.0 Content-Type: text/plain Why are we pointing out these flaws publicly? You should let them pass, so that the flawed Clipper chips get widely deployed. THEN you go in front of Malarkey's subcommittee and demonstrate to the whole world how to intercept any Clipper-encrypted conversation without the escrowed keys. Then just stand back and watch the fun begin. 1/2 :-) Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Clark Reynard Date: Thu, 1 Jul 93 01:29:14 PDT To: cypherpunks@toad.com Subject: LEB corruption in Clipper phones--the backdoor? Message-ID: <9307010903.AA03572@metal.psu.edu> MIME-Version: 1.0 Content-Type: text/plain ""L. Detweiler"" quotes: >farber@central.cis.upenn.edu (David Farber) writes: >>2. Re chip health. I heard the same story plus yield was very low. >>I also understand that there is substantial redesign going on because >>the story about defaulting to an all-0 key if the LEB were corrupted >>was apparently true. I had heard this story, but discounted it as a 'cyberspace legend.' If this is true, there's the damn backdoor, obvious as the ass on a baboon. As others have noted, simply using the old crummy alligator clip method of wiretapping, sending a spike down the line at the moment of connection, and perhaps even a simple non-IC device like a cable descrambler could tap it, as easily as a normal phone. At the very least, you could record for later decryption, and it would require no more field work than currently necessary. Even with the corruption of analog media such as audio tapes, wouldn't an all-0 key make error-correction for line noise trivial? Corrupt the LEB, and any idiot could decrypt. Even _I_ could do that, with patience and at most a few thousand plaintext/ciphertext pairs (available to any fool with a Clipper chip). Am I wrong here, or is this, in fact, an idiotically simple flaw, so elementary that even the NSA could not have committed such a whopping, cretinous blunder in "good faith"? ---- Robert W. F. Clark rclark@nyx.cs.du.edu clark@metal.psu.edu From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@eli-remailer Date: Thu, 1 Jul 93 07:57:26 PDT To: cypherpunks@toad.com Subject: REMAIL: list of remailers 7/1/93 Message-ID: <9307011457.AA15378@toad.com> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Q1: What cypherpunk remailers exist? A1: 1: nowhere@bsu-cs.bsu.edu 2: hh@cicada.berkeley.edu 3: hh@pmantis.berkeley.edu 4: hh@soda.berkeley.edu 5: 00x@uclink.berkeley.edu 6: hal@alumni.caltech.edu 7: ebrandt@jarthur.claremont.edu 8: phantom@mead.u.washington.edu 9: remailer@rebma.mn.org 10: elee7h5@rosebud.ee.uh.edu 11: hfinney@shell.portal.com 12: remail@tamsun.tamu.edu 13: remail@tamaix.tamu.edu 14: remailer@utter.dis.org 15: remail@extropia.wimsey.com NOTES: #1-#5 no encryption of remailing requests #6-#14 support encrypted remailing requests #15 special - header and message must be encrypted together #9,#14,#15 introduce larger than average delay (not direct connect) #9,#14,#15 running on privately owned machines ====================================================================== Q2: What help is available? A2: Check out the pub/cypherpunks directory at soda.berkeley.edu (128.32.149.19). Instructions on how to use the remailers are in the remailer directory, along with some unix scripts and dos batch files. The public keys for the remailers which support encrypted remailing requests is also available in the same directory. Mail to me (elee9sf@menudo.uh.edu) for further help and/or questions. -----BEGIN PGP SIGNATURE----- Version: 2.3 iQCVAgUBLDLfl4OA7OpLWtYzAQHb8wQApHOt2pmOHoRJn7VZqUtZh3b+DLcSDI3i ReClJ//VYO2p30e5ZGlP6zhdfB0N6lbR3nK1d1u6a8hfIKM67Y9KorAgYRrIZr/n 7z/yj8mhX4FG606naDVIy0eXbwX/R5+XiYA00WQNRfhfzYdSxBibmpbdX7mFH/V+ xlkiNkCs+0E= =urKR -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@mead.u.washington.edu Date: Thu, 1 Jul 93 07:49:06 PDT To: cypherpunks@toad.com Subject: REMAIL: list 7/1/93 Message-ID: <9307011448.AA57122@mead.u.washington.edu> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Q1: What cypherpunk remailers exist? A1: 1: nowhere@bsu-cs.bsu.edu 2: hh@cicada.berkeley.edu 3: hh@pmantis.berkeley.edu 4: hh@soda.berkeley.edu 5: 00x@uclink.berkeley.edu 6: hal@alumni.caltech.edu 7: ebrandt@jarthur.claremont.edu 8: phantom@mead.u.washington.edu 9: remailer@rebma.mn.org 10: elee7h5@rosebud.ee.uh.edu 11: hfinney@shell.portal.com 12: remail@tamsun.tamu.edu 13: remail@tamaix.tamu.edu 14: remailer@utter.dis.org 15: remail@extropia.wimsey.com NOTES: #1-#5 no encryption of remailing requests #6-#14 support encrypted remailing requests #15 special - header and message must be encrypted together #9,#14,#15 introduce larger than average delay (not direct connect) #9,#14,#15 running on privately owned machines ====================================================================== Q2: What help is available? A2: Check out the pub/cypherpunks directory at soda.berkeley.edu (128.32.149.19). Instructions on how to use the remailers are in the remailer directory, along with some unix scripts and dos batch files. The public keys for the remailers which support encrypted remailing requests is also available in the same directory. Mail to me (elee9sf@menudo.uh.edu) for further help and/or questions. -----BEGIN PGP SIGNATURE----- Version: 2.3 iQCVAgUBLDLfl4OA7OpLWtYzAQHb8wQApHOt2pmOHoRJn7VZqUtZh3b+DLcSDI3i ReClJ//VYO2p30e5ZGlP6zhdfB0N6lbR3nK1d1u6a8hfIKM67Y9KorAgYRrIZr/n 7z/yj8mhX4FG606naDVIy0eXbwX/R5+XiYA00WQNRfhfzYdSxBibmpbdX7mFH/V+ xlkiNkCs+0E= =urKR -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Anonymous Date: Thu, 1 Jul 93 06:20:18 PDT To: cypherpunks@toad.com Subject: No Subject Message-ID: <9307011323.AA25759@bsu-cs.bsu.edu> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- Just a few updates: Eric Hollander told me he is working on updating the uclink remailer to only remail encrypted messages (like extropia) so that explains why it seems to be down... for now I moved it to the other remailers which don't support encrypted requests, and alphabetized the list by host. -----BEGIN PGP SIGNATURE----- Version: 2.3 iQCVAgUBLDLkCIOA7OpLWtYzAQFU+gQApPtko5koIevDJmBNo7YPkD3h6ZOybFW8 d7pzJaY6aYAN3DQUS9EHxzMiMrqNllwERvxV1+Ztr9Fgig1Ur7t/OL76WxJryV35 m+F6fOYdq5VP9j37AUr6LUXV4rg4SKcIVCip85eY6UBCLuwcio38wUSAbMbm8fP7 glUzWuSlmtI= =G7/a -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Karl Barrus Date: Thu, 1 Jul 93 06:55:19 PDT To: cypherpunks@toad.com Subject: ANON: free speech Message-ID: <199307011355.AA09915@Menudo.UH.EDU> MIME-Version: 1.0 Content-Type: text/plain Wow, Here's an unfortunate case of somebody who could have used anonymous methods to protect his speech and speak without fear: Gregory Steshenko was fired from Microsoft because users on a elist he was on complained. Check out the USENET post (I saw it in alt.comp.acad-freedom.talk) but it was crossposted to zillions of groups. /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jet@nas.nasa.gov (J. Eric Townsend) Date: Thu, 1 Jul 93 11:41:53 PDT To: Karl Barrus Subject: ANON: free speech In-Reply-To: <199307011355.AA09915@Menudo.UH.EDU> Message-ID: <9307011841.AA01966@boxer.nas.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain This is not an official NASA document, nor does it in any way reflect any of NASA's opinions, actions or views. Karl Barrus writes: > Gregory Steshenko was fired from Microsoft because users on a elist > he was on complained. Check out the USENET post (I saw it in > alt.comp.acad-freedom.talk) but it was crossposted to zillions of > groups. This sort of thing happens all the time, actually. A close friend of mine was put on an 'employee improvement plan' (the first step to being fired, actually) because she read/posted to rec.pets.cats. Upon closer examination by her grandboss and subsequent review of her actions before, during and after the plan, it was determined that the action was taken for political reasons. (ie: her boss was looking for a reason to get rid of her because they had a personal conflict). In other words, if they want to fire you, they'll look for a reason. I could be fired for sending this message, if someone wanted to push the issue and my bosses didn't like me. As it is, they do like me, and I do a very good job, so the worst that would happen (first iteration) is an official direction to stop contributing to the cypherpunks list from my work machine. (non-work related use of my government machine.) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fnerd@smds.com (FutureNerd Steve Witham) Date: Thu, 1 Jul 93 13:29:19 PDT To: cypherpunks@toad.com Subject: Re: Boston cpunx mtg Jul 10? Message-ID: <9307012015.AA22920@smds.com> MIME-Version: 1.0 Content-Type: text/plain A good time for the Next Boston area Cypherpunks meeting would be the second saturday of July--july 10, at 6 PM EDT. At least that would be good for me, and easy to remember since it's the canonical time... -fnerd quote me From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: zane@genesis.mcs.com (Sameer) Date: Thu, 1 Jul 93 22:36:40 PDT To: cypherpunks@toad.com Subject: Junk email/encrypted return-path-blocks Message-ID: MIME-Version: 1.0 Content-Type: text/plain I've been recently working at the direct-mail place putting rubber bands around mass mailings of junk mail (ah, the wonders of being a poor soon-to-be college student), which got me thinking about electronic junk mail and how such a thing can be avoided. In rl, you can go to the store, buy a product with cash, and you're not put on their mailing list. Buying via mail order, using check/credit-card, etc., requires that they get your address so they can put you on their mailing list, compile statistics about who you are, etc., as we all know. Now, over the net, suppose I wanted to buy an email product. I'd pay for it with digital cash, communicating with the vendor through the anonymous remailers. Now I see a problem in how the vendor will deliver the product. Obviously I can give the vendor my email address encrypted with the remailer's public keys, so the vendor still doesn't know who I am. But the vendor can still keep a database of address-blocks and which address blocks go with which purchases. Then the vendor can compile her mailing list of address blocks, and even *sell* this list to others, with product purchase history. Even though the junk-mailers don't know who I am, they can still flood my box with email. I thought of two possible solutions. The first solution I thought of requires a great deal of bandwidth. The vendor could simply post publicly (to usenet or something) the product I wanted, encrypted with my public key. (Rather, a public key I created just for this venture with a psuedonym so that none could see that it was I who was buying from the vendor.) The bandwidth for this thing would be incredible. The second solution I thought of seems like it would work. When I create the return-address block, it can be given some sort of ID-code (again, like with my other idea posted, similar to the ID-code on peices of Digicash in Chaum's scheme) so when the vendor delivers the product, she sends to encrypted block to the remailer, and the remailer forwards the product to me, and stores the ID-code in its database (doing the proper one-way transformation for untraceability) so that further attempts to use the exact same address-block will be noticed and not delivered. I also thought of creating a digicash like entity, a currency to pay for remailer transactions, so that sending junk mail through a remailer would be prohibitively expensive. It will probably happen anyway once we near the goal of full crypto-anarchy that most remailers will not operate without a fee, while the scheme I present above seems like it would work with both free remailers and those which charge for usage. (And a charge on a remailer which agrees with the market probably won't be high enough to stop a really rich junk mailer from spending the cash on junk mailings.) -- | Sameer Parekh-zane@genesis.MCS.COM-PFA related mail to pfa@genesis.MCS.COM | | Apprentice Philosopher, Writer, Physicist, Healer, Programmer, Lover, more | | "Symbiosis is Good" - Me_"Specialization is for Insects" - R. A. Heinlein_/ \_______________________/ \______________________________________________/ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Dan Veeneman Date: Thu, 1 Jul 93 13:47:17 PDT To: cypherpunks@toad.com Subject: Clipper article (and an OCR check) Message-ID: MIME-Version: 1.0 Content-Type: text/plain Cypherpunks, This may be old news to most of you, but I just got my HP ScanJet IIc working with Caere's OmniPage Pro 2.1, and thought I'd scan this in to give it a try. Note to D.C. Cypherpunks (or anyone else, for that matter): I'll be happy to scan any documents or newsclippings you send my way. I'm located in Columbia, Maryland. I'm reachable by UUCP e-mail at uunet!anagld!ftgcorp!dan. From Network World, issue date May 31, 1993. OPINIONS SECURITY PERSPECTIVES BY MICHEL KABAY Vigilance is needed to keep Clipper Chip in check Last month, the federal government endorsed a new encryption technology based on the Clipper Chip. The Clipper Chip will give federal agencies a key to unlock users' encrypted voice and data communications. Network users can live with this situation, but only if they're vigilant about preventing any attempt to make the Clipper Chip the only legal encryption mechanism available in the U.S. The Clipper Chip will serve some legitimate needs. As the U.S. builds its National Information Infrastructure, increasing amounts of data will flow electronically throughout the nation. Users will need encryption to protect their sensitive data. In a multivendor world, having a common encryption standard, such as the Clipper Chip, will simplify protection so users won't even notice their communications being encrypted. However, users have many questions and concerns about the Clipper Chip, as well. Internet users are curious about how the chip was developed: specifically, what companies and individuals were consulted and how the initial manufacturer, Mykotronx, Inc. of Torrance, Calif., was selected. This information might cast light on the quality of the chip and the price to be charged. Internet users also wonder why the algorithm is being kept secret. Without free access to the algorithm, many argue, the scientific community will not be sure that the algorithm actually functions as claimed. Defenders of the plan point to a proposed examination by selected experts, but any closed process leaves open the question of whether there is a back door to decryption. A major user concern involves key escrow, which is at the heart of the administration's proposal. Government agencies would hold pairs of incomplete decryption keys for every Clipper Chip installed in the U.S. To decrypt private communications, a government agency would need to get a warrant to obtain the two parts of the decryption key. INSET: Clipper Chip will give federal agencies a key to users' encrypted communications Anyone who discovers the key pairs for a specific Clipper Chip could decode all encrypted communications initiated by that device, even after the warrant expires. Therefore, the trustworthiness of the key escrow agencies is crucial to avoid abuses of the decryption keys. The partial keys might be stored in databases or generated by black-box decryption devices. Any party involved in creating these databases or devices would be a vulnerable point in the control over decryption. It would be valuable to know whether the federal government has studied the risks and estimated the costs of providing adequate protection. If so, many users would want to evaluate such studies independently. Key escrow for foreign purchasers of the Clipper Chip and for foreign manufacturers will also cause problems. If other countries use the technology and have all the keys in escrow, U.S. users may find their own security compromised by legal systems beyond their control. But the biggest concern regarding this technology is that it could lead to a ban on all unauthorized encryption technology in the U.S. A few years from now, anyone using a non-Clipper Chip encryption method could be assumed to be engaging in crime. Political pressure to ban all non-Clipper Chip encryption could become intense. Making non-Clipper Chip encryption illegal would lead to enforcement problems. Applying the technology only to voice transmissions would raise the popularity of data transmission -- that is, digitally encoded voice file transfers. So it would have to be applied to data, too. But failure to produce clear text using the Clipper Chip decryption could be construed as evidence of illegal encryption, even if the original data stream was not, in fact, interpretable. The prospect of astronomers being arrested because law enforcement officials couldn't make sense of their data on elemental composition of supernovas is pretty funny--if you like that kind of joke. I urge all users to fight any attempt to make the Clipper Chip the only legal encryption mechanism in the U.S. For further developments in the ongoing debate, users should follow the dialogues on the Internet in the Risks forum, the Privacy forum and the new alt.privacy.clipper news group. END Kabay is director of education with the National Computer Security Association in Carlisle, Pa. He can be reached at (717) 258-1816 or on the Internet at 75300.3232@compuserve.com. -- dan@ftgcorp.UUCP (Dan Veeneman) Fountainhead Title Group From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Derek Atkins Date: Thu, 1 Jul 93 13:52:48 PDT To: fnerd@smds.com (FutureNerd Steve Witham) Subject: Re: Boston cpunx mtg Jul 10? In-Reply-To: <9307012015.AA22920@smds.com> Message-ID: <9307012052.AA09872@toxicwaste.MEDIA.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain I'm probably going to be out of town that weekend, so I can't organize things.. If someone else wants to organize, feel free. Otherwise, I can probably work on organizing the weekend after for this month, assuming people have things they want to talk about and can generate a meeting agenda. I havent had an agenda, which is why I havent called a meeting since the last one in April. Also, I've been busy on my Thesis. ;-) -derek From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter Breton Date: Thu, 1 Jul 93 14:19:28 PDT To: Derek Atkins Subject: Re: Boston cpunx mtg Jul 10? In-Reply-To: <9307012052.AA09872@toxicwaste.MEDIA.MIT.EDU> Message-ID: MIME-Version: 1.0 Content-Type: text/plain The weekend after the 10th (the 17th) would also be better for me. Has Derek or anybody else still got the email addresses of the people who attended last time? ------------------------------------------------------------------------- Peter Breton pbreton@cs.umb.edu PGP key by finger ====================== ================================================== From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: miron@extropia.wimsey.com (Miron Cuperman) Date: Thu, 1 Jul 93 10:51:18 PDT To: cypherpunks@toad.com Subject: REMAIL: Error reporting implemented Message-ID: <1993Jul1.172952.10775@extropia.wimsey.com> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- I've implemented error reporting on remail@extropia. The errors are forwarded to errors@extropia.wimsey.com. This is an anon pool (=mailing list). Errors are concise, explaining what went wrong. The incoming Subject: line is used as the (sole) identifier. To subscribe to the error list, send 'subscribe' on the subject line to errors-request@extropia.wimsey.com. For help, send 'help'. - -- Miron Cuperman | NeXTmail/Mime ok Unix/C++/DSP, consulting/contracting | Public key avail AMIX: MCuperman | Laissez faire, laissez passer. Le monde va de lui meme. -----BEGIN PGP SIGNATURE----- Version: 2.2x iQCVAgUBLDMe6pNxvvA36ONDAQHgzwP+J3ra5Z/c8WpNgMlnlfnyAbvLbi8SHgsD HkWHzWr1et+3CP8mt+F/esDIQLmJZuHp+ulZsMowunVdNvfQQy/UU1jeMsepijkJ 2fqIJTjddAgdxs6cIPeZbEHjwFUbfGers5swH7aVe/NM2/W+38zGn3XzdOKHJMly 9llSzJ9K+CA= =V+9b -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Marc Horowitz Date: Thu, 1 Jul 93 14:32:44 PDT To: fnerd@smds.com (FutureNerd Steve Witham) Subject: Re: Boston cpunx mtg Jul 10? In-Reply-To: <9307012015.AA22920@smds.com> Message-ID: <9307012132.AA09157@dun-dun-noodles.aktis.com> MIME-Version: 1.0 Content-Type: text/plain >> A good time for the Next Boston area Cypherpunks meeting would be >> the second saturday of July--july 10, at 6 PM EDT. >> >> At least that would be good for me, and easy to remember since it's >> the canonical time... I'll be out of town for IETF. Since I'll be attending a DigiCash technical presentation (by David Chaum) and a new "Internet Mercantile Protocols" BOF session, I think I'll have something to offer the group :-) I return on the 18th. But my mother's birthday is the next weekend. Damn. I hate scheduling. Maybe we should just have an August meeting, too :-) Is anybody else here going to IETF? I'd like to meet up with anyone who is. Marc From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Eric J Fogleman Date: Thu, 1 Jul 93 14:39:35 PDT To: FutureNerd Steve Witham Subject: Re: Boston cpunx mtg Jul 10? In-Reply-To: <9307012015.AA22920@smds.com> Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Thu, 1 Jul 1993, FutureNerd Steve Witham wrote: > > A good time for the Next Boston area Cypherpunks meeting would be > the second saturday of July--july 10, at 6 PM EDT. > > At least that would be good for me, and easy to remember since it's > the canonical time... > > -fnerd > quote me Not a good time for me -- I'll be out of town... Any Saturday from 7/24 on is ok w/ me. Eric ===================================================================== ejf@world.std.com 1 Concord Sq #4, Boston, MA 02118 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Sandy <72114.1712@CompuServe.COM> Date: Thu, 1 Jul 93 18:06:47 PDT To: Subject: CLIPPER IN SCIENCE NEWS Message-ID: <930702010048_72114.1712_FHF46-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT Reply to: ssandfort@attmail.com . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Punksters, I have missed some messages because of a computer problem. Perhaps someone has already mentioned or reprinted an article by Ivars Peterson ("Encryption Controversy -- A Fierce Debate Erupts over Cryptography and privacy") about the Clipper, Capstone, et al. in June 19 issue of SCIENCE NEWS. If not, I would be willing to transcribe the article into ASCII and upload it to the list if enough folks are interested. S a n d y >>>>>> Please send e-mail to: ssandfort@attmail.com <<<<<< ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Thu, 1 Jul 93 21:53:25 PDT To: still@kailua.colorado.edu (James Still) Subject: Re: PGP and offline-readers In-Reply-To: <2C31A670@kailua.colorado.edu> Message-ID: <9307020453.AA23579@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain According to James Still: > > >> I am getting involved in networking some local BBS' and > >> message bases. > > The unique feature about CryptoBBS is it's "Post Office." The > P.O. allows callers to set up a p.o. box from which they can > up/download any file (pgp encrypted files for instance) to any > other user on the board without the sysop's approval/knowledge. > It encourages and nurtures an anonymous "mail drop" community > while protecting the caller's privacy. Be carefull! Remember that you may be held accountable for ANYTHING found on your BBS. If someone uses your board to trade credit card numbers..... See ya! > The question is, should I throw away the virtues of a lean 'n mean > app at 80K by adding a dolphin or pgp to it that automatically > encrypts the message base, uploaded messages, etc? Should > we give the BBS caller a little credit and assume he knows to > encrypt at his own machine before uploading the text? Or is > the temptation to make everyone *lick and seal their message > envelopes* too invasive? Typically, you want to assume that user knows NOTHING! You design your user- interface accordingly..... I know it sounds insulting but if this attitude makes your stuff easier to use....what do you care? +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Fri, 2 Jul 93 00:13:18 PDT To: cypherpunks@toad.com Subject: The last word? (forwarded article) Message-ID: <6XL26B1w165w@sytex.com> MIME-Version: 1.0 Content-Type: text/plain I took a few minutes (quite a few) and commited this to bidgets. I hope you folks take this as seriously as I do. Cheers. BoardWatch Magazine July 1993 pages 43 - 46 Steve Jackson Games v. US Secret Service by Peter D. Kennedy On March 12, 1993, a federal judge in Austin, Texas decided that the US Secret Service broke the law when it searched Steve Jackson Games Inc., and seized its bulletin board system and other computer equipment. The decision in this case has been long-awaited in the computer world, and most observers have hailed it as a significant victory for computer user's freedom and privacy. I had the fortune to be one of the lawyers representing Steve Jackson and his co-plaintiffs. During the course of the lawsuit, I met many people passionately interested in the issues the case raised. I watched and listened to the discussions and arguments about the case. I've been impressed by the intelligence of the on-line world, and the interest that computer enthusiasts show -- especially computer communications enthusiasts -- in the law. I've also been impressed and distressed at how the Net can spontaneously generate misinformation. Steve Jackson has spent untold hours correcting errors about him, his company, and the case on both the Net and more traditional news media. The decision in the Steve Jackson Games case is clearly a significant victory for computer users, especially BBS operators and subscribers. I hope to give a simple and clear explanation for the intelligent non-lawyer of the legal issues raised by the case, and the significance and limitations of the court's decision. The facts. By now, most people interested in the case are familiar with the basic facts: On March 1, 1990, the Secret Service, in an early-morning raid, searched the offices of Steve Jackson Games. The agents kept the employees out of the offices until the afternoon, and took the company's BBS -- called "Illuminati" -- along with an employee's work computer, other computer equipment, and hundreds and hundreds of floppy disks. They took all the recent versions of a soon-to-be-published game book, "GURPS Cyberpunk," including big parts of the draft which were publicly available on Illuminati. On March 2, Steve Jackson tried to get copies of the seized files back from the Secret Service. He was treated badly, and given only a handful of files from one office computer. He was not allowed to touch the Illuminati computer, or copy any of its files. Steve Jackson Games took a nosedive, and barely avoided going out of business. According to Jackson, eight employees lost their jobs on account of the Secret Service raid, and the company lost many thousands of dollars in sales. It is again a busy enterprise, no thanks to the Secret Service (although they tried to take credit, pointing to the supposedly wonderful publicity their raid produced.) After months of pestering, including pressure by lawyers and Senator Lloyd Bentson (now, as Treasury Secretary, the Secret Service's boss) the Secret Service returned most of the equipment taken, some of it much the worse for wear. By then, Steve Jackson had restarted Illuminati on a different computer. When the old Illuminati computer was finally given back, Jackson turned it one -- and saw that all the electronic mail which had been on the board on March 1 was gone! Wayne Bell, WWIV developer and guru, was called in. He gave us invaluable (and free) help evaluating the condition of the files. He concluded, and testified firmly at trial, that during the week of March 20, 1990, when the Secret Service still had Illuminati, the BBS was run, and every piece of e-mail was individually accessed and deleted. The Illuminati files the Secret Service had returned to Steve Jackson left irrefutable electronic traces of what had been done -- even I could understand how the condition and dates of the e-mail files showed what had happened, and when. The lawsuit. Suing the federal government and its agents is never a simple thing. The United States can only be sued when it consents. Lawsuits against individual agents face big legal hurdles erected to protect government officials from fear off a tidal wave of lawsuits. Amazing as it may sound, you cannot sue the United States (or any federal agency) for money damages for violating your constitutional rights. You can sue individual federal agents, though. If you do, you have to get past a defense called "qualified immunity" which basically means you have to show that the officials violated "clearly established" constitutional law. For reasons I can't explain briefly, "qualified immunity" often creates a vicious circle in civil rights litigation, where the substance of constitutional law is never established because the court never has determine the Constitution's scope, only whether the law was "clearly established" at the time of the violation. The strongest remedies for federal over-stepping are often statutes which allow direct suit against the United States or federal agencies (although these are less dramatic than the Constitution). Fortunately, these statutes were available to Steve Jackson and the three Illuminati users who joined him in his suit against the Secret Service. The legal claims. The Steve Jackson Games case was a lot of things to a lot of people. I saw the case as having two basic goals: (1) to redress the suppression of the public expression embodied in Steve Jackson's publications (including his publication via BBS) and thereby compensate the company for the damage unnecessarily done by the raid, and (2) to redress the violation of the privacy of the BBS users, and the less tangible harm they suffered. The individual government agents involved in the raid were sued for constitutional violations -- the First and Fourth Amendments. The Secret Service was sued under two important laws which embody the same principles as the First and Fourth Amendments -- the Privacy Protection Act of 1980 and provisions of the Electronic Communications Privacy Act of 1986. There were other claims, but these were the core. After the case was pending a year and a half and all discovery completed, the government moved to have thee claims dismissed, claiming qualified immunity. This motion (usually brought early in a case) guaranteed that the trail would be delayed by over a year, because even if the government lost its motion, the individuals could immediately appeal. In December, 1992, the tactical decision was made to drop those claims, rather than suffer the delay, and proceed promptly to trail on the claims against the Secret Service itself. The Privacy Protection Act of 1980. In the late 1970's the Stanford Daily was subjected to a fishing expedition by police officers in the Stanford Daily's newsroom. The police were looking for notes and photos of a demonstration the newspaper had covered for a story, hoping the newspaper's files would identify suspects. The Supreme Court held in 1979 that the newspaper had no separate First Amendment right protecting it from searches and seizures of its reporters notes and photographs if they were "evidence" of a crime the paper had covered -- even when the newspaper was not under any suspicion itself. Congress responded in 1980 with the Privacy Protection Act, which, until Steve jackson came along, was distinguished mostly by its lack of interpretation by courts. The Act's wording is rather obtuse, but basically it enacts a "subpoena only" rule for publishers -- law enforcement officials are not allowed to search for evidence of crimes in publisher's offices, or more accurately, they may not "search for or seize" publishers' "work product" or "documentary materials", essentially draft of publications, writer's notes, and such. To get such material, the police must subpoena them, not with the much more disruptive search warrant. Every BBS sysop should read this act, located at 42 U.S.C. 2000aa in the law books, because I can't fully explain it here. The Act is quite broad, protecting from searches and seizures the work product and commentary materials of anyone who has "a purpose to disseminate to the public a newspaper, book, broadcast, or other similar form of public communication..." It also has a big exception -- if the publisher is the person suspected in the criminal investigation. The Electronic Communications Privacy Act. Two provisions of the Electronic Communications Privacy Act (or ECPA) were paramount in the suit. The plaintiffs claimed the Secret Service violated two provisions -- one prohibiting unjustified "disclosure and use" of e-mail (18 U.S.C. 2703; the other prohibiting "interception" of e-mail (18 U.S.C. 22511(1)). The parties' positions were fairly simple, and laid out well before trail. As for the Privacy Protection Act, Steve Jackson claimed that his company's publication, both in book form and on Illuminati, were obviously "work product" protected by the Act, and the government had no right to seize them, and therefore owed him money for the damages the raid caused his business. The government replied claiming that (1) Steve Jackson Games' products are not the type of publications protected by the PPA; and anyway, (2) the Secret Service didn't know that Steve Jackson Games was a publisher when it raided its offices; and even then, (3) the Secret Service didn't mean to take the books, the books just came along when the computers and disks were taken. As for the e-mail, Steve Jackson and the other BBS users claimed that the seizure, disclosure, and deletion of the e-mail was both an unlawful "disclosure and use," and an "interception" of electronic communications in violation of the ECPA. The Secret Service replied that (1) there was no "interception" because the e-mail was just sitting there on the hard drive, not moving; and (2) the Secret Service didn't read the mail, but if it did, it was acting on good faith, because it had a search warrant authorizing it so seize Steve Jackson Games' "computers" and read their contents. The trial. When the individual defendants were dropped, the case quickly went to trail. The plaintiffs opened their case on January 29, 1993. The trail took the better part of four days; the witnesses included now-familiar names: Timothy Foley and Barbara Golden of the Secret Service, William Cook, formerly of the U.S. Attorney's office in Chicago, Henry Kluepfel of Bellcore, Steve Jackson and the BBS users Elizabeth McCoy, Walter Milliken and Steffan O'Sullivan, and WWIV master Wayne Bell. At trail, Judge Sparks was introduced to the labyrinthine E911 investigation. We also set up and ran Illuminati as it looked on March 1, 1990, and Steve Jackson walked Judge Sparks through his BBS, lingering on discussion areas such as "GURPS Old West" to give the Judge a taste of the scope and breadth of BBS publication and communications which the Secret Service had shut down. The judge had appeared upset by the callous and suspicious manner in which the Secret Service had treated Steve Jackson, and with the Service's apparent disregard for the effects the raid might have on the company. The decision. Judge Sparks decided the case in February, 1993, in a long written opinion. The full text of the opinion is available on the Internet at ftp.eff.org, and on Illuminati itself (512-447-7866). I recommend all sysops and BBS users to read it, as it is one of the very few legal rulings specifically addressing bulletin boards and electronic mail. First, the bad news: Judge Sparks accepted the government's argument that the seizure of the BBS was not an "interception" of the e-mail, even mail that had not yet been read. Essentially, he decided that the definition of "interception" implicitly means "contemporaneously with the transmission"; that is, for there to be an interception, the government must position itself in the data stream. like a conventional wiretap. Since the e-mail was temporarily stored on the BBS hard drive, he held there was no contemporaneous interception. Ruling that there was no interception means two things. First, the plaintiffs did not receive the $10,000 minimum damages a violation of the "interception" law provides, even though the judge found the Secret Service had not acted in good faith. More importantly, it lowers the standard for seizing BBS e-mail -- and threatens to lower the standard for the seizure of all electronic communications which reside long enough in computer memory to be seized (which is most all computer communications, as far as I understand it). To "intercept" wire communications you need a court order, not just a routine search warrant. This ruling (which technically only applies in Western District of Texas) means law enforcement is not limited in its seizure of BBSs by the higher standards required of wire-tapping. Now, the good news: the plaintiffs won the "disclosure and use" argument under the ECPA, getting back most of what was lost in the "interception" decision. First, Judge Sparks found the obvious: that while the Secret Service had Illuminati they or their agents read and deleted all the e-mail on Illuminati, including the plaintiffs' mail -- persons the Secret Service admittedly having no reason at all to suspect of any illegal activity. Next, he rejected the Secret Service's argument that its agents were acting in "good faith." While he didn't list all the reasons, quite a few are supported by the evidence: the Secret Service's investigation was "sloppy", he said, and there was no attempt to find out what Steve Jackson Games did as a business; the Secret Service was told the day of the raid that the company was a "publisher," and refused to make copies or return files for months after they were done reviewing them; and the Secret Service apparently allowed the private mail of dozens of entirely innocent and unsuspecting people to be read and trashed. The judge ruled that Steve Jackson, his company, and the three Illuminati users who joined Jackson in the suit were each entitled to an $1,000 award from the government, as provided by the ECPA. The Privacy Protection Act was pretty much a clean sweep. While the judge and Steve Jackson still differ over how much money the raid cost the company, the court's ruling was squarely in Jackson's favor on the law. Although unconventional, the court found that Steve Jackson Games' publications were clearly covered by the Act, should not have been seized, and should have been promptly returned. At trail, the Secret Service agents had freely admitted they knew nothing about the Act. Former U.S. Attorney William Cook claimed he knew about it before the raid, but decided (without any investigation) that Steve Jackson Games wasn't covered. The Privacy Protection Act (unlike the ECPA) allows no "good faith" excuses, anyway, and since the Secret Service was repeatedly told on March 1 and afterwards that the company was a publishing business there was no defense for the seizure of "GURPS Cyberpunk" or the other book drafts. Most of the over $50,000 awarded in damages was due to the violation of the Privacy Protection Act. Steve Jackson Games publishes traditional books and magazines, with printed paper pages. Is the BBS operator who publishes only on-line articles protected, too? It's a question Judge Sparks did not need to address directly, but his opinion can and should be read to include the on-line publisher. The court's opinion includes the BBS files as material improperly seized, and the Act specifically includes work product in electronic form. Publishing via BBSs has become just like publishing a "newspaper, book, or other form of publication..." -- the only source of news many people get. If the Privacy Protection Act is broadly understood to encompass electronic publishing (as it should) it should provide meaningful protection to innocent sysops whose boards may be used by some for illegal purposes. It should prevent the "preventative detention" of BBSs -- where boards are seized in investigations and held indefinitely -- which seems to be one crude means used to attack suspected criminal activity without bothering to actually prosecute a case. It should also force law enforcement to consider who the actual suspect is -- for instance, in the recent spate of seizures of BBSs for suspected copyright violations. The Privacy Protection Act should prevent law enforcement from seizing a sysop's board who is not suspect in engaging or condoning illegal activity. Those of you who have followed this case will note how little significance I've given to the "Phrack" investigation and the overvaluation of the E911 document. Of course the Secret Service misunderstood or exaggerated the importance of the purloined E911 document, and were chasing imaginary goblins. The real significance of the Steve Jackson Games case, however, was not knocking holes in that one investigation (the Neidorf trail effectively did that), but taking a solid step to set firm, discernible limits for criminal investigations involving computer communication. To focus on the specific foibles of the E911 investigation is to miss the importance of what the Secret Service really did wrong. Out of ignorance or callousness, they ignored the legal rights of people not even suspected of crimes; people who simple shared common electronic space. There are and will continue to be legitimate computer-crime investigations. The closeness that people live in Cyberspace, though, means the government must learn ways to conduct investigations without violating the rights of all the innocent members of the on-line community. In March 1990, the Privacy Protection Act said that Steve Jackson could write and publish his books without having them seized; the Secret Service didn't know that. In 1990, the Illuminati users had the right not to have their e-mail seized and read without at least being suspected of a crime; the Secret Service apparently didn't know that, either. Now they do, and hopefully the word will spread to other government agencies, too. (As of this writing, there is still no decision whether the Secret Service (or Steve Jackson, for that matter) will appeal Judge Spark's decision.) [Peter D. Kennedy is an associate with the Austin, Texas law firm of George, Donaldson & Ford, specializing in civil litigation. George, Donaldson & Ford represents national media, technology and other corporate and individual clients in a variety of civil litigation, including libel and invasion of privacy defense, constitutional law, intellectual property, commercial and employment litigation. George, Donaldson & Ford, 114 W. 7th Street, Suite 100, Austin, Texas 787001; (512) 495-1400 voice; (512) 499-0094 fax; E-mail: gdf.well.sf.ca.us] Paul Ferguson | "Confidence is the feeling you get Network Integrator | just before you fully understand Centreville, Virginia USA | the problem." fergp@sytex.com | - Murphy's 7th Law of Computing Quis Custodiet Ipsos Custodes? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Timothy Newsham Date: Fri, 2 Jul 93 11:24:10 PDT To: mdiehl@triton.unm.edu (J. Michael Diehl) Subject: Re: PGP and offline-readers In-Reply-To: <9307020453.AA23579@triton.unm.edu> Message-ID: <9307021824.AA00266@toad.com> MIME-Version: 1.0 Content-Type: text/plain I think a good idea for offline readers would be to build ontop of currently implemented protocols. One protocol worth mentioning is IMAP2. Right now IMAP2 usually runs over TCP but there is no reason why it couldn't run over a serial channel instead (SIMAP :) It allows for remote access to mailboxes from a mail server, and also remote access to builitin-board messages (ie. USENET). There are several packages in development or already in use that use IMAP. PINE for unix's and soon to be available for DOS machines supports IMAP access. PINE also supports MIME and could be extended nicely to handle automatic PGP encryption/decryption of mail (or en/de- cryption with other crypto-systems). Macintosh already has a mailer supporting IMAP, the name eludes me at the moment. The mailers in existence are written for TCP and would have to be modified for use over the serial line, perhaps with a pseudo-packet driver in the dos case. I think this type of solution would be much cheaper and much more feature filled than starting from scratch. Tim N. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Fri, 2 Jul 93 14:44:23 PDT To: sandfort@attmail.com Subject: Science News article request Message-ID: <3Fg36B1w165w@sytex.com> MIME-Version: 1.0 Content-Type: text/plain On 01 Jul 93 21:00:49 EDT, Sandy Sandfort wrote - > I have missed some messages because of a computer problem. > Perhaps someone has already mentioned or reprinted an article > by Ivars Peterson ("Encryption Controversy -- A Fierce Debate > Erupts over Cryptography and privacy") about the Clipper, > Capstone, et al. in June 19 issue of SCIENCE NEWS. If not, I > would be willing to transcribe the article into ASCII and upload > it to the list if enough folks are interested. Please do. I'm interested in seeing any article relative to the subject at hand... Cheers. Paul Ferguson | "Confidence is the feeling you get Network Integrator | just before you fully understand Centreville, Virginia USA | the problem." fergp@sytex.com | - Murphy's 7th Law of Computing Quis Custodiet Ipsos Custodes? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: crunch@netcom.com (John Draper) Date: Fri, 2 Jul 93 12:29:21 PDT To: cypherpunks@toad.com Subject: Cypherpunks brocures needed - Feedback welcome Message-ID: <9307021929.AA27787@netcom4.netcom.com> MIME-Version: 1.0 Content-Type: text/plain I am setting up some info tables at various upcoming events and partys. I want to make up a flier for those attending, and would like for someone in cypherpunks to please draft up what the flier should say. It should basically say what the goals of the Cypherpunks are, what they do, and stress the issues at stake, IE: Clipper ship proposal, promoting private data encryption, and the like. The flier will be an 8 1/2 by 11 paper, and I plan on making about 50 of them initially. I would like someone here to help me with the wording. It should be brief, and give just enough information to help our cause. Last call for Laptops. I have someone who has PC-DOS laptop, and we need someone with a Mac laptop, and we then have all bases covered. Thanx From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Sandy <72114.1712@CompuServe.COM> Date: Fri, 2 Jul 93 12:15:00 PDT To: Subject: CLIPPER IN SCIENCE NEWS Message-ID: <930702190909_72114.1712_FHF95-1@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT Reply to: ssandfort@attmail.com . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . As requested by some of you, here is the encryption article that appeared in the 19 June issue of SCIENCE NEWS. It's copied without permission, for personal use of list members only, blah, blah, blah. S a n d y * * * * * * * ENCRYPTION CONTROVERSY A fierce debate erupts over cryptography and privacy by Ivers Peterson With a little encryption to hide their words, Prince Charles and Princess Diana might never have suffered the embarrassing spectacle of having transcripts of their private telephone conversations splashed across the front pages of newspapers around the world. The royal couple has not been alone in learning the painful lesson that modern technology has made eavesdropping -- whether officially sanctioned, inadvertent, or illegal -- remarkably easy. Today, cellular and cordless telephones transmit conversations via radio waves that can be readily intercepted. Electronic-mail messages pass openly from one computer to another across a network accessible to innumerable people. "We take for granted that by sealing the envelope or closing the door, we can achieve privacy in our communications," says Whitfield Diffie of Sun Microsystems in Mountain View, Calif. "The challenge of modern security technology is to transplant these familiar mechanisms from the traditional world of face-to-face meetings and pen-and-ink communications to a world in which digital electronic communications are the norm and the luxury of personal encounters or handwritten messages [is] the exception." Modern technology has provided a solution in the form of sophisticated schemes for encrypting digitized sounds and text. Only a recipient with the proper key for unlocking the secret code can hear or read the otherwise unintelligible, encrypted string of digits. Nonetheless, few telephones and computers used by the general public come equipped with either software or micro-electronic circuitry for encrypting speech or text. Indeed, some critics charge that the U.S. government has actively discouraged wide dissemination of cryptographic technology. "Conflicting signals from a succession of administrations have led many to be very confused as to what U.S. citizens have a right to expect from cryptographic technologies and what capabilities the U.S. government would prefer its citizens have available," says Stephen T. Walker, president of Trusted Information Systems, Inc., in Glenwood, Md. . . . In April, the Clinton administration added a new ingredient that set the cryptographic-policy pot boiling. The White House proposal called for the adoption of a novel encryption scheme as a federal standard. It would incorporate a "front door" through which properly authorized government officials could readily decrypt intercepted messages for reasons of law enforcement or national security. the proposal ignited a firestorm of protest from large segments of the computer community. Since then, angry debate over this issue and the more general question of privacy in an electronic age has dominated discourse on many electronic bulletin boards, where individuals can post their queries and opinions on a smorgasbord of concerns. "Not everybody is saying this is terrible, terrible, terrible, but nobody is happy about it," Walker says. The list of dissatisfied parties ranges from major computer manufacturers and telephone companies to privacy activists belonging to organizations such as the Electronic Frontier Foundation and Computer Professionals for Social Responsibility. The administration's scheme has also attracted congressional scrutiny and focused attention on the need to formulate a coherent national cryptographic policy. Many see the resolution of privacy issues as one of the key elements in developing a national information infrastructure, which would allow anyone using a networked computer unprecedented access to libraries, data repositories, and other information sources throughout the United States. "Recent years have seen a succession of technological developments that diminish the privacy available to the individual," Diffie stated last month in testimony before the House science subcommittee. "Cryptography is perhaps alone in its promise to give us more privacy rather than less. But here we are told that we should forgo this technical benefit and accept a solution in which the government will retain the power to intercept our ever more valuable and intimate communications." . . . For many decades, cryptography remained largely a government matter -- an arcane discipline of interest to military organizations and to the secretive National Security Agency (NSA), which routinely monitors foreign communications. But the subject also captured the attention of a few enthusiasts outside government. In the 1970s, the development of electronic communication via the first national computer networks spurred these people to look for ways to protect information in this new, wide-open environment. In 1975, Diffie, working with computer scientist Martin E. Hellman of Stanford University, invented a novel, revolutionary cryptographic technique now know as public-key cryptography. Developed entirely outside of government, it offered a high level of security and privacy to any individual using the system. In conventional cryptographic schemes, the user typically has a "key" that changes all the digits of a message into an unintelligible string. The recipient then uses the same key to unscramble the code and read the message. In a public-key system, the user has one key -- kept secret -- encrypting the message and the recipient has a different but mathematically related key to decrypt the message. There's no need to keep the second key secret because, in principle, there should be no way to figure out the private key from knowledge of the public key. This, everyone has a private key and a public key, which they can then use to encrypt or decrypt messages. Almost simultaneously, the U.S. government offered an alternative, single-key method known as the Data Encryption Standard (DES), for coding information. Although experts outside of government initially harbored suspicions that the NSA had deliberately weakened the scheme to make code-breaking easier, 15 years of concerted effort to find flaws have failed to turn up any serious problems. Many banks and other institutions now routinely use this technique to maintain the confidentiality and integrity of communications involving financial transactions and other matters. . . . One of the first hints of something new in the works came early this year. Last fall, Walker heard about a new AT&T telephone equipped with a lightweight electronic device, basd on DES, for turning a telephone signal into a digital stream of encrypted information. He ordered five of these secure telephones for his business. In January, AT&T representatives told Walker they could only loan him the telephones he wanted; something better would become available in April, they said. Walker noticed they no longer mentioned DES as the encryption scheme. "So I knew there was something coming," Walker says. "But I didn't know what the details were." When the White House announcement finally came, the details caught just about everyone in the computer community by surprise. In essence, the proposed "key-escrow" technology takes the form of two specially fabricated, tamper-resistant integrated-circuit chips -- one, known as Clipper, for encrypting digital telephone signals and another, known as Capstone, for encrypting the output of computers. Information from any telephone or computer would pass through the chip to be encrypted, and a corresponding chip attached to the recipient's telephone or computer would decipher the message. However, the scheme is designed to include another key, divided into two parts, that when reconstituted will also unlock the message. The administration's plan is to deposit these pieces -- unique to each chip -- in two separate, secure databases. The two pieces of a particular key would be released only to officials at such agencies as the Federal Bureau of Investigation who are authorized to tap a particular telephone line. This technology improves "the security and privacy of telephone communications while meeting the legitimate needs of law enforcement," the White House stated in announcing the Clipper chip. "The effect," says Diffie, "is very much like that of the little keyhole in the back of the combination locks used on the lockers of schoolchildren. The children open the locks with the combination, which is supposed to keep the other children out, but the teachers can always look in the lockers by using the key." "Because the key-escrow chip enables lawful interceptions, the government for the first time in history is in a position to promote encryption without putting public safety at risk," says Dorothy E. Denning, a cryptography expert at Georgetown University in Washington, D.C. "As a result of the government's efforts, I expect to see greater use of encryption and, consequently, greater protection of sensitive communications." Administration officials insist the Clipper-Capstone scheme is voluntary. Initially, only certain departments and agencies of the government will be required to use it. But clearly, the administration hopes that various companies will start incorporating this technology into commercial products, at first to supply the government market and then to meet the security needs of businesses and private individuals. This approach puzzles many observers. "If you're not going to force it on people, then it's going to be largely irrelevant for the computer community," says Walker. "DES and RSA [a public-key cryptosystem] are already so widely used in software versions that most users will not even consider converting to Clipper or Capstone, simply because of the additional hardware expense." "Anyone who is seriously seeking to protect sensitive information will use alternative methods, either instead of or in addition to the Clipper-Capstone chips," he adds. That leaves the possibility that the government may eventually ban the use of certain types of cryptography, though officials presently deny any such intent. "Encryption is a technology that could be constrained legally in the same way that other technologies are constrained," Denning argues. "Congress should consider legislation that would impose such constraints." . . . Debating the technical merits of the administration's proposal has proved tricky. Many of the details of the scheme's implementation remain fuzzy, and the government has insisted on keeping secret the actual mathematical recipe, or algorithm, for generating the required keys. "It's very hard to assess something when you don't know what you're assessing," notes Lance J. Hoffman, a computer scientist at George Washington University in Washington, D.C. In contrast, the government made public the DES algorithm, giving cryptography experts a chance to examine and test the scheme thoroughly t vouch for its security. Developed secretly at the NSA, the new algorithm use for the Clipper and Capstone chips will receive no such scrutiny. The government's reluctance to release the algorithm stems from the possibility that some people might then use the algorithm without its accompanying key-escrow provision to create a formidable encryption scheme. "Tis is a powerful algorithm," says NSA's Clint Brooks. "You need some kind of control mechanism . . . to ensure the law-enforcement capability is preserved." The Clipper and Capstone chips also represent only one possible approach to achieving a reasonable balance between unconstrained privacy and the needs of law enforcement and national security. Silvio Micali of the Massachusetts Institute of Technology has proposed an alternative scheme -- developed well before the Clipper chip announcement -- that eschews complicated chips and special hardware in favor of a considerably more flexible, inexpensive software solution. Like the administration, Micali favors an approach that includes a cryptographic escape hatch in case of dire emergency. "Scientists ought to be socially responsible," he argues. "We have to ask ourselves what would be the social impact of widespread cryptography." Micali has demonstrated that it's possible with his technique to transform any public-key cryptosystem into one that includes a provision for third-party access to encrypted information, if a court deems such access essential for reasons of law enforcement or national security. He calls the transformed version a "fair" public-key cryptosystem. "The transformed systems preserve the security and efficiency of the original ones," Micali says. "Thus, one can still use whatever system [he or she] believes to be more secure and enjoy the additional property of fairness." . . . But to many others, the real debate is not about the technical merits of the Clipper and Capstone proposals. "The fundamental issue that people are talking about is the question of whether people have a right to have privacy in a conversation . . . something that cryptography can provide," says Ronald L. Rivest, a computer scientist at MIT. Denning contends that it would be irresponsible for either government or industry to promote the widespread use of strong encryption. "I do not believe our laws grant an `absolute right' to a private conversation," she says. But Rivest and others reject the notion that the pubic should have access only to cryptography that the U.S. government can decipher. They feel shut out of the government decision-making process that brought forth the Clipper chip. "I don't know anyone inside the government who is fighting for the average citizen's protection here," Walker says. "It's the national security and law enforcement guys that are running the show, and the administration has bought in to their side." "I don't think we have a fair situation at all," he adds. "That's why I keep insisting we've got to have a national review involving . . . private citizens and private organizations." The administration already has an internal review of cryptographic policy under way. This task force is supposed to have its final report ready by the end of the summer. In addition, earlier this month, the Computer System Security and Privacy Advisory Board, which advises the administration on matters of security and privacy, held a three-day meeting to hear public comments on a variety of cryptographic issues. Many people question the sudden rush to implement Clipper-Capstone, given the major ethical and constitutional questions at issue. "There hasn't been a serious public discussion," Hoffman says. "Nobody has been given enough time." Faced with such criticisms, the government now shows signs of slowing implementation of its key-escrow plan until the scheme's ramifications have been studied further. At the same time, computer users already have access to chips and software incorporating DES or the RSA public-key cryptosystem. "For the first time in history, we have a situation in which individuals can use cryptography good enough that even governments can't read [the encrypted messages]," Hoffman says. "That is a big change. The administration is ultimately going to have to address the issue of whether people can use their own cryptography and keep the keys secret themselves." * * * * * * * >>>>>> Please send e-mail to: ssandfort@attmail.com <<<<<< ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Dave Banisar Date: Fri, 2 Jul 93 14:33:14 PDT To: CYPHERPUNKS Subject: CPSR Workplace Privacy Test Message-ID: <00541.2824473766.4122@washofc.cpsr.org> MIME-Version: 1.0 Content-Type: text/plain CPSR Workplace Privacy Testimony ===================================================== Prepared Testimony and Statement for the Record of Marc Rotenberg, Director, CPSR Washington office, Adjunct Professor, Georgetown University Law Center on H.R. 1900, The Privacy for Consumers and Workers Act Before The Subcommittee on Labor-Management Relations, Committee on Education and Labor, U.S. House of Representatives June 30, 1993 Mr. Chairman, members of the Subcommittee, thank for the opportunity to testify today on H.R. 1900, the Privacy for Consumers and Workers Act. My name is Marc Rotenberg and I am the director of the CPSR Washington office and an adjunct professor at Georgetown University Law Center where I teach a course on information privacy law. Speaking on behalf of CPSR, we strongly endorse the Privacy for Consumers and Workers Act. The measure will establish important safeguards for workers and consumers in the United States. We believe that H.R. 1900 is particularly important as our country becomes more dependent on computerized information systems and the risk of privacy abuse increases. CPSR has a special interest in workplace privacy. For almost a decade we have advocated for the design of computer systems that better serve the needs of employees in the workplace. We do not view this particular goal as a trade-off between labor and management. It is our belief that computer systems and information policies that are designed so as to value employees will lead to a more productive work environment and ultimately more successful companies and organizations. As Charles Hecksher of the Harvard Business School has said good managers have no use for secret monitoring. Equally important is the need to ensure that certain fundamental rights of employees are safeguarded. The protection of personal privacy in the information age may be as crucial for American workers as the protection of safety was in the age of machines. Organizations that fail to develop appropriate workplace privacy policies leave employees at risk of abuse, embarrassment, and harassment. The concern about workplace privacy is widely felt in the computer profession. This month MacWorld magazine, a leading publication in the computer industry, released a special report on workplace privacy. The report, based on a survey of 301 companies in the United States and authored by noted science writer Charles Piller, made clear the need for a strong federal policy. Among the key findings of the MacWorld survey: > More than 21 percent of those polled said that they had "engaged in searches of employee computer files, voice mail, electronic mail, or other networking communications." > "Monitoring work flow" is the most frequently cited reason for electronic searches. > In two out of three cases, employees are not warned about electronic searches. > Only one third of the companies surveyed have a written policy on privacy What is also interesting about the MacWorld survey is the high level of concern expressed by top corporate managers about electronic monitoring. More than a half of those polled said that electronic monitoring was either "never acceptable" or "usually or always counterproductive." Less than five percent believed that electronic monitoring was a good tool to routinely verify honesty. These numbers suggest that managers would support a sensible privacy law. Indeed, they are consistent with other privacy polls conducted by Professor Alan Westin for the Lou Harris organization which show that managers are well aware of privacy concerns and may, with a little prodding, agree to sensible policies. What would such a policy look like? The MacWorld report also includes a model privacy policy that is based on several U.S. and international privacy codes. Here are the key elements: > Employees should know what electronic surveillance tools are used, and how management will use the data gathered. > Management should minimize electronic monitoring as much as possible. Continuous monitoring should not be permitted. > Data should only be used for clearly defined, work-related purposes. > Management should not engage in secret monitoring unless there is credible evidence of criminal activity or serious wrongdoing. > Data gathered through monitoring should not be the sole factor in employee evaluations. > Personal information gathered by employers should not be disclosed to any third parties, except to comply with legal requirements. > Employees or prospective employees should not be asked to waive privacy rights. > Managers who violate these privacy principles should be subject to discipline or termination. Many of these provisions are contained in H.R. 1900, the Privacy for Consumers and Workers Act. Clearly, the policies and the bill itself are not intended to prohibit monitoring, nor to prevent employers from protecting their business interests. What the bill will do is help establish a clear framework that ensures employees are properly notified of monitoring practices, that personal information is not misused, and that monitoring capability is not abused. It is a straightforward, sensible approach that does not so much balance rights as it clarifies interests and ensures that both employers and employees will respect appropriate limitations on monitoring capability. The need to move quickly to establish a framework for workplace privacy protection is clear. Privacy problems will become more acute in the years ahead as new monitoring schemes are developed and new forms of personal data are collected. As Professor Gary Marx has made clear, there is little that can be imagined in the monitoring realm that can not be achieved. Already, some members of the computer profession are wearing "active badges" that provide full-time geographical monitoring. Properly used, these devices help employees use new tools in the hi-tech workplace. Improperly used, such devices could track the physical movements of an employee throughout the day, almost like a blip on a radar screen. Computers are certainly powerful tools. We believe that they can be used to improve productivity and increase job satisfaction. But this requires that appropriate policies be developed to address employee concerns and that laws be passed, when necessary, to ensure that computer abuse does not occur. This concludes my testimony. I would be pleased to answer your questions. ===================================================== From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Timothy Newsham Date: Fri, 2 Jul 93 20:06:43 PDT To: mdiehl@triton.unm.edu (J. Michael Diehl) Subject: Re: PGP and offline-readers In-Reply-To: <9307030116.AA17473@triton.unm.edu> Message-ID: <9307030306.AA14108@toad.com> MIME-Version: 1.0 Content-Type: text/plain > > According to Timothy Newsham: > > I think a good idea for offline readers would be to build ontop of > > currently implemented protocols. One protocol worth mentioning is > > This is fine if you are using a *nix machine. But if you are trying > to enforce > your privacy over CI$ or genie or a bbs, well, you can't rely on one common > protocol. This is why I advocate communications program scripts. We need to get people to use common protocols! CI$ will respond to what its users want. If we got alot of BBS's to use IMAP then the users would want CI$ to use the same. If we made IMAP easy to use and helped BBS authors get IMAP code running in their systems then BBS users would use it PINE is very easy to use. It will be available soon for personal computers to use. That part of the solution is almost there. How do we get BBS's to use IMAP? they could support IMAP in a similar way that they support Zmodem. What needs to be done is to write some code that does IMAPD functions that could easily be incorporated into a BBS program, and figure out a way for end users to run PINE from their favorite bbs program. (and get PINE people to allow for a serial-line connection *or* write a false-packet driver that just strips off TCP/IP headers sends the data over the line and sends back ACK's to the TCP/IP process). Tim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Fri, 2 Jul 93 18:16:43 PDT To: newsham@wiliki.eng.hawaii.edu (Timothy Newsham) Subject: Re: PGP and offline-readers In-Reply-To: <9307021824.AA00266@toad.com> Message-ID: <9307030116.AA17473@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain According to Timothy Newsham: > I think a good idea for offline readers would be to build ontop of > currently implemented protocols. One protocol worth mentioning is This is fine if you are using a *nix machine. But if you are trying to enforce your privacy over CI$ or genie or a bbs, well, you can't rely on one common protocol. This is why I advocate communications program scripts. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Timothy Newsham Date: Sat, 3 Jul 93 01:42:07 PDT To: mccoy@ccwf.cc.utexas.edu (Jim McCoy) Subject: Re: PGP and offline-readers In-Reply-To: <199307030723.AA19543@tramp.cc.utexas.edu> Message-ID: <9307030842.AA23089@toad.com> MIME-Version: 1.0 Content-Type: text/plain > > > PINE is very easy to use. It will be available soon for personal > > computers to use. That part of the solution is almost there. > > That part of the solution is already done. There are already several very > good POP/IMAP clients for Macs and PCs (Eudora, NuPOP, etc). Why the > fixation on a particular mail agent? There is no way that you are going to > get people to agree on a single MUA, therefore it seems that the comm > channel is the beastie that one should focus on for encryption. No fixation. Just that IMAP is the best protocol for remote mail reading and pine is already available and supporting IMAP. And as a bonus it supports MIME. This *is* something that BBS'ers dont already have.. multi-media mail. > > I hate to break it to you, but there already exists a protocol for off-line > reading of mail and news over serial connections: QWK. While a noble > effort, I sincerely doubt that the BBSers and CI$ users are going to jump > over to a completely new protocol for transport of information for off-line > reading unless it offers them something that they do not already have, and > IMAP/POP just doesn't do that. If one were to be able to offer encrypted > TCP/IP connectivity though, then you would be offering people the additional > functionality of this comm channel (telnet, ftp, gopher/www, etc) to entice > them to switch over. You dont need encrypted TCP/IP! A good mail reader supporting MIME could handle encryption packages automatically! MIME also supports many other things that "they do not already have". > > > (and get PINE people to allow for a serial-line connection *or* > > write a false-packet driver that just strips off TCP/IP headers > > sends the data over the line and sends back ACK's to the TCP/IP > > process). > > Why not just get them to support IP? Probably easier... All they need is > a slip/ppp driver on the host, then you can do the encryption over comm > channel and avoid wasting time encrypting something that doesn't need to be > encrypted. Many BBS systems are beginning to wade through the shallow > water of the Internet, if we had the ability to offer them modifications to > provide encryption to thier IP connectivity while they are still new to the > game it would be much easier to get them accostomed to the idea that such > traffic should offer encryption; not that I think this will happen, but in > an ideal world... I dont think its easier. I think something like SLIMAP (serial line imap) would be the easist thing to implement. IMAP runs over a network stream and there is no reason it couldnt run over a serial line stream. The code written for imapd already runs on stdin/stdout... It wouldnt be hard to port to run on a serial line connection. > jim I dont think offering IP to the masses is the right solution right now. Its not appropriate for the BBS world. Getting people to use remote mail clients is something that the masses could take to alot easier. I think this would be the prefered way to read mail since the user interface could be made more friendly, sorta the 'prodigy thang'. I dont think it matters what protocol is used in the end but I think its something that should happen, and something that we as cypherpunks have an interest in seeing happen. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jim McCoy Date: Sat, 3 Jul 93 00:23:27 PDT To: newsham@wiliki.eng.hawaii.edu (Timothy Newsham) Subject: Re: PGP and offline-readers In-Reply-To: <9307030306.AA14108@toad.com> Message-ID: <199307030723.AA19543@tramp.cc.utexas.edu> MIME-Version: 1.0 Content-Type: text > PINE is very easy to use. It will be available soon for personal > computers to use. That part of the solution is almost there. That part of the solution is already done. There are already several very good POP/IMAP clients for Macs and PCs (Eudora, NuPOP, etc). Why the fixation on a particular mail agent? There is no way that you are going to get people to agree on a single MUA, therefore it seems that the comm channel is the beastie that one should focus on for encryption. > How do we get BBS's to use IMAP? they could support IMAP in > a similar way that they support Zmodem. What needs to be done > is to write some code that does IMAPD functions that could easily > be incorporated into a BBS program, and figure out a way for > end users to run PINE from their favorite bbs program. I hate to break it to you, but there already exists a protocol for off-line reading of mail and news over serial connections: QWK. While a noble effort, I sincerely doubt that the BBSers and CI$ users are going to jump over to a completely new protocol for transport of information for off-line reading unless it offers them something that they do not already have, and IMAP/POP just doesn't do that. If one were to be able to offer encrypted TCP/IP connectivity though, then you would be offering people the additional functionality of this comm channel (telnet, ftp, gopher/www, etc) to entice them to switch over. > (and get PINE people to allow for a serial-line connection *or* > write a false-packet driver that just strips off TCP/IP headers > sends the data over the line and sends back ACK's to the TCP/IP > process). Why not just get them to support IP? Probably easier... All they need is a slip/ppp driver on the host, then you can do the encryption over comm channel and avoid wasting time encrypting something that doesn't need to be encrypted. Many BBS systems are beginning to wade through the shallow water of the Internet, if we had the ability to offer them modifications to provide encryption to thier IP connectivity while they are still new to the game it would be much easier to get them accostomed to the idea that such traffic should offer encryption; not that I think this will happen, but in an ideal world... jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Sat, 3 Jul 93 02:41:39 PDT To: cypherpunks@toad.com Subject: (fwd) GIFs--Now it can be told Message-ID: <9307030942.AA03729@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Cypherpatriots, Here's a little experiment I've been conducting. A week ago I posted an ecrypted GIF to a bizarre new newsgroup that showed up on NETCOM, "alt.binaries.pictures.erotica.children." Quite a controversial group, pushing several buttons. My posting generated some real heat, though there was absolutely no evidence it was anything more than just a file. Apparently the mere fact of it existing was a kind of "thoughtcrime" in these politically correct times. Anyway, I let it brew for one week, then wrote this explanation and posted it. Several Cypherpunk list readers were slightly involved, some to criticize me, some to say "Not so fast." You know who you are. :-} All in all, a pleasant little experiment. Here's the posting I sent out: Newsgroups: alt.binaries.pictures.erotica.children,alt.config,netcom.netnews From: tcmay@netcom.com (Timothy C. May) Subject: GIFs--Now it can be told Message-ID: Date: Sat, 3 Jul 1993 09:28:29 GMT One week ago tonight a new group appeared at my site, "alt.binaries.pictures.erotica.children," a group certain to provoke controversy, to bring out the Net Cops, and to induce a certain kind of "Stockholm Syndrome," wherein some folks scramble to initiate censorship prior even to the Feds doing it. (Their battle cry is "Eeek! If we don't nip this in the bud, _right now_, think of what might happen!) My experience has been that these Net.Censors are usually too quick to claim something has clearly gone beyond the bounds of decency and acceptability. Thankfully, they usually fail in their efforts. Anyway, seeing this strange new group appear on my system, I decided to conduct an experiment. I posted an "encrypted GIF," not further identified, and waited for the reaction. The file was as follows (only part of it shown): -----BEGIN PGP MESSAGE----- Version: 2.2 b2cCrVJKUYUZf7UBA/i1tSSz66dOx4+cJKzNkm1JBhGigMdRvxM8Slm3TyC7kgWW L8J3w/On10thisi487rU/Gl7xOMajxCQedHrb6k0+wYDGjxmVcu9xwLWAWpkgq+5 fUiNKBnF/SUA/JisFrWvn63rt44n+DqROwx8CXuSvL1mUdqLRTS0t/timjHnhIwC VmLN1FTnSD8BBACFa38SqiwByarfcVhFg/fuKWc4AgKtYqSt5oWW6sYLckC3nEen ZcHV+DNFo36Exg7r0trapoBXpjoe9ENCsCbFJ7i/M7FwFYvK1QAcxQ6zGt+3HICM 9Hsxg1d5Goqp4+nmpW+9Y/UVY16+WVl9moY3c7Iv04Cp0ipu2B5qfIxPZoSMAlKv ..... Not to my surprise, about 20 people have (so far) requested the key to this file. (The whole encryption rationale is covered later.) I didn't reply to them...some of them asked for the key a second time! What surprised me is that nobody carefully looked at the file. Here it is again, with some places marked: -----BEGIN PGP MESSAGE----- Version: 2.2 b2cCrVJKUYUZf7UBA/i1tSSz66dOx4+cJKzNkm1JBhGigMdRvxM8Slm3TyC7kgWW L8J3w/On10thisi487rU/Gl7xOMajxCQedHrb6k0+wYDGjxmVcu9xwLWAWpkgq+5 ^^^^ fUiNKBnF/SUA/JisFrWvn63rt44n+DqROwx8CXuSvL1mUdqLRTS0t/timjHnhIwC ^^ VmLN1FTnSD8BBACFa38SqiwByarfcVhFg/fuKWc4AgKtYqSt5oWW6sYLckC3nEen ^ ZcHV+DNFo36Exg7r0trapoBXpjoe9ENCsCbFJ7i/M7FwFYvK1QAcxQ6zGt+3HICM ^^^^ 9Hsxg1d5Goqp4+nmpW+9Y/UVY16+WVl9moY3c7Iv04Cp0ipu2B5qfIxPZoSMAlKv ....... I put a couple of other "subliminal messages" in, which I suppose could provoke the Religious Right into squawking that "Satanic messages" are being hidden in computer files *that children could possibly read*. Gasp! Needless to say, such ASCII surgery performed on a PGP file (which, by the way, was just some random message someone had sent me a while back, utterly unreadable by anyone other than the two of us--and not even that after I mutated various characters) makes it completely unreadable. Even if someone had the other half of the PGP key pair--which never existed--the file would not even checksum as a legal PGP file! (Putting plaintext into the file was both a message I hoped astute readers would eventually notice--though it *is* pretty hard to see--and an ironclad proof that the file could not be a real PGP message, let alone a GIF, let alone kiddie porn.) There are some quasi-legitimate issues surrounding the area of child erotica. Was the child coerced? Was consent meaningful? Etc. But the posting of mere bits qua bits causing such anger and flamage indicates a serious overreaction. Are mere thoughts the crime? Orwell covered this, didn't he? * What if such images merely "look like" children (and just what is the age of consent? 18? 16? "Children" of 15 can get married in most countries of the world.)...are such "fakes" illegal? * What if they are computer-generated images, of children that never existed outside of a computer? Which children were exploited? We're back to thoughtcrime again. (Don't laugh, a leading interpretation is that even computer-generated child porn would be illegal, not because of crimes committed against children, but because of the "atmosphere" and "climate" it might produce. That is, thoughtcrime.) * What if the images were morphs? Not wholly computer-generated, but the morph of an adult image into that of a child? * What if one 15-year old child took photos of a another 15-year old child? What if one child "exploited" another? What if a child took pictures of herself, self-portraits? * What if the images, if they were ever to be posted, originated someplace where they are legal? Perhaps Amsterdam, someone suggested. If the U.S government tries to stop the Net (which is already a market anarchy, thankfully) from distributing this material, mightn't all the various countries that have different laws than ours do the same thing? There goes alt.fan.salman.rushdie. And there goes soc.motss and all the "normal" alt.binaries.pictures.* groups. Of course it won't likely happen, nor will alt.binaries.pictures.erotica.children go away,either. Get used to it. (Again, I don't care for it, but wailing and moaning won't make it go away.) * What if someone scanned-in images from the widely available books by David Hamilton, or Robert Mapplethorpe? Certainly many of these photos are of nude children...would the imminent death of Usenet finally happen if someone went down to B. Dalton Books, bought a David Hamilton collection, and posted some of the photos in a.b.p.e.c.? So, I would encourage folks to lighten up. In a week on the Net, not a single kiddie porn picture has been posted. And if it does happen, try to just ignore it. The kid whose picture was taken is probably grown up by now (I'm guessing that many such images are from old magazines, etc.). In any case, the occasional picture is hardly going to create a new slave trade in children. The issue of how the media may react is a more serious one. Part of the reason I'm explaining my little experiment now is to make sure my posting, at least, is not used by some nitwit reporter as the basis of a story. (If it's being used, then he'll soon have egg on his face.) That's the story. I hope you enjoyed the ride. P.S. I said I'd say something about why I used encryption. Aside from not being a real PGP-readable file, the idea was to make it look like one. This is the likeliest way for such material to get posted, along with anonymous remailers. The "look for the key in the 'usual places'" bit was to resonate with the "binary nerve gas" idea, where the dangerous pieces are stored separately and only combined at the last minute. I don't know if such techniques are already in use, but I expect them soon. The mutant condors that one reader (who claimed to be a Pope in the Church of the Subgenius, but who humorlessly missed the joke--but I forgive him, for he knew not what he saw) wanted to feed me to, can now stop circling my house. -Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. -- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Michael Ross Date: Sat, 3 Jul 93 06:57:52 PDT To: cypherpunks@toad.com Subject: Re: (fwd) GIFs--Now it can be told Message-ID: <9307031355.AA00356@antigone.com> MIME-Version: 1.0 Content-Type: text/plain Tim, That was very manipulative, and did not achieve much. It has also very little to do with the subject of this mailing list. If anything, you discouraged at least one person I know who became genuinely interested in encryption and PGP as a result of your post. If you had posted an actual David Hamilton photo, even encrypted, you would have put yourself forward, perhaps even bravely, as a test case. You then would really have had a point to argue, having taken a stand. As it turns out, you hid behind a pretty lame scheme, the only object of which seems to have been to make a fool out of as many people as possible. This is not how you accomplish constructive change, Tim. People resent being made to feel stupid, and they certainly will _not_ listen to what you have to say if you are belittling them. I happen to agree with those points you deigned to make in a straightforward manner. But you hid them so well behind trickery that they will go unnoticed. Learn to deal with people, and you'll see they are willing to listen to reasonable arguments. If your parents didn't give you enough attention as a child, don't take it out on the world by trying to get some here... Learn to work _with_ people, not _against_ people, lest within ten years you'll be walking into office buildings with automatic weapons strapped to your body and shooting lawyers... ;) Michael From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: s.summers1@genie.geis.com Date: Sat, 3 Jul 93 00:15:22 PDT To: cypherpunks@toad.com Subject: Junk mail/return encrypted-blo Message-ID: <9307030715.AA22317@relay2.geis.com> MIME-Version: 1.0 Content-Type: text/plain From zane@genesis.mcs.com (Sameer) >The second solution I thought of seems like it would work. When I >create the return-address block, it can be given some sort of ID-code >(again, like with my other idea posted, similar to the ID-code on peices >of Digicash in Chaum's scheme) so when the vendor delivers the product, >she sends to encrypted block to the remailer, and the remailer forwards >the product to me, and stores the ID-code in its database (doing the >proper one-way transformation for untraceability) so that further >attempts to use the exact same address-block will be noticed and not >delivered. Why not just include an Expire: header in the encrypted block, after which the remailer would just junk any mail sent with that return address? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: wet!naga (Peter Davidson) Date: Sat, 3 Jul 93 17:48:36 PDT To: cypherpunks@toad.com Subject: Reply to Michael's criticism of Tim Message-ID: MIME-Version: 1.0 Content-Type: text/plain I think Michael's reaction to Tim's experiment re alt.binaries.pictures.erotica.children deserves comment. >Date: Sat, 3 Jul 93 06:55:56 -0700 >From: Michael Ross >Subject: Re: (fwd) GIFs--Now it can be told > >Tim, > >That was very manipulative, and did not achieve much. Who was manipulated? Those who reacted did so freely. As Tim said, it was an experiment, not an attempt to achieve anything. The point was to see what would happen. >It has also very little to do with the subject of this mailing list. This mailing list is about encryption and other matters. The use of PGP to distribute erotica is thus a relevant topic. >If anything, you discouraged at least one person I know who became >genuinely interested in encryption and PGP as a result of your post. Tough. >As it turns out, you hid behind a pretty lame scheme, the only object >of which seems to have been to make a fool out of as many people as >possible. I think Michael has missed the point. >This is not how you accomplish constructive change, Tim. >People resent being made to feel stupid, and they certainly will >_not_ listen to what you have to say if you are belittling them. I don't recall Tim's belittling anyone - except perhaps the Net.Censors - who certainy deserve it. I don't think we need be too concerned about hurting their feelings. After all, they plan on doing worse to us. >I happen to agree with those points you deigned to make in a >straightforward manner. But you hid them so well behind trickery that >they will go unnoticed. On the contrary, were it not for the trickery some folks wouldn't bother reading Tim's comments on this subject. >Learn to deal with people, and you'll see >they are willing to listen to reasonable arguments. Ha! Chortle! Where you been all your life, Michael? People listen to reasonable arguments only when it suits them to. >If your parents didn't give you enough attention as a child, don't >take it out on the world by trying to get some here... Learn to work >_with_ people, not _against_ people, lest within ten years ... Garbage. If we are to go into spurious psychoanalysis then I think Michael's post reveals that he is still fixated on pleasing his parents by being a good little boy and not giving anyone any trouble. Fact is, there are people in the world who want to restrict our freedom and make us behave in ways they think best. Fuck 'em all! From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Pat Farrell" Date: Sat, 3 Jul 93 07:04:27 PDT To: cypherpunks@toad.com Subject: Ad Hominum attacks (was Re: PC Week Clipper article Message-ID: <36251.pfarrell@cs.gmu.edu> MIME-Version: 1.0 Content-Type: text/plain I'm more than a little concerned about the vicious personal attacks that this list makes on folks that have strongly held beliefs that disagree with some (or all) of the beliefs of hot headed posters to cypherpunks. I thought this was a technical mailing list, that dabbled in politics only as necessary. I see no justification for the personal attacks, especially on 3rd parties that do not read this list. These uncalled for attacks will not convince anyone on the list, and do not become the poster. In Message Tue, 29 Jun 1993 , (someone who should know better) writes: >Dorothy Denning is a fucking idiot. I strongly object to this posting. D.E.Denning is neither an idiot nor a "wicked witch of the East." She just happens to support a view that she strongly believes in. The fact that I think her side is dead wrong does not make her an idiot. Name calling accomplishes nothing but does hurt the signal to noise ratio of this list. Even more annoying are the attacks on Jim Bidzos. He is trying to make a buck, which was legal last time I looked. And on many issues, he is far more in our camp than against us. He at least likes strong cryptography, and his disputable patents expire in a relatively short time. He has agreed to allow a PGP-compatible program to use RSA without cost, providing the legal version that many U.S. users would like to see. I thought cypherpunks wrote code. I think that personal attacks on folks that are not on the list is a waste of bandwidth. (If you want to attack me here, fine, at least I get to respond firsthand) Pat Pat Farrell Grad Student pfarrell@cs.gmu.edu Department of Computer Science George Mason University, Fairfax, VA Public key availble via finger #include From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Sat, 3 Jul 93 12:48:06 PDT To: Cypherpunks@toad.com Subject: "Wired" has more than one cover--why? Message-ID: <9307031948.AA04165@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain I noticed that some copies of the latest "Wired" have Peter Gabriel on the cover and others have Mitch Kapor on the cover. What gives? Some sort of experiment? A novel way to gauge reader reaction to the covers? A lawsuit that forced a change in the covers? Esthetics? (My issue, with Peter Gabriel on the cover, is much artier, though harder to figure out, than the relatively mundane image of Kapor.) (Peter Gabriel, being a musician, may be said to be doing "a cover of a piece by Mitch Kapor.") Is Crunch on another set of covers? Did the issue with some of us Cypherpunks on the cover merely represent one of _several_ versions of the cover? (I envision the "Crypto Rebels" covers going to the Bay Area, the "Dish-Wallahs" covers going overseas, and the "Brenda Laurel" covers going directly to "Mondo 2000" headquarters in Berkeley.) -Tim May P.S. The issue of "Wired" is superb, as always. -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: by arrangement Note: I put time and money into writing this posting. I hope you enjoy it. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Sat, 3 Jul 93 13:39:04 PDT To: "Pat Farrell" Subject: Re: Ad Hominum attacks (was Re: PC Week Clipper article Message-ID: <9307032039.AA07619@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain I largely agree with Pat Farrell's comments about the vicious attacks on various crypto folks. I was the one who jokingly used the term "wicked witch of the East" in reference to D.D., though I am almost 100% certain it was only to this mailing list, and not to sci.crypt in general. Perhaps I let my enthusiasm for my wit take precedence over judgment. And in other places, such as sci.crypt, I have in fact defended Denning against ignorant comments along the lines of "Who is this Dorothy Denning person? I can't find her name anywhere in "The Codebreakers." She must not know anything about crypto." Whatever we may think of her position on Clipper, criticizing her personally and imputing motives to her that cannot possibly be known to outsiders, is foolish. What really bothers me is the type of criticism, which I also tend to call "ad hominem" (but which rhetoriticians may have a special name for), in which people impute _motives_ to others. Thus, we see seemingly endless comments about the motives of Denning, of Bidzos, of Sternlight, and of others. (When I posted on the topic of possible cooperation with Bidzos and RSA, I was hit with a barrage of highly critical rebuttals. The substantive ones were fine, and expected, but the ones speculating on my motives and imputing evilness to me were uncalled for. I wrote them off as typical Net zeal, and am still on good terms even with those who foamed at the mouth the most.) "Demonizing" our opponents, or making them look like dunces (as with the many "I've never heard of Dorothy Denning before" posts), does not help our cause. In fact, it probably weakens our cause, for two reasons. First, it cuts off dialog with those we disagree with. Second, we tend to underestimate people we have written off as stooges or dunces. While I think Dorothy Denning is, for various reasons, hopelessly in the camp of the NSA and FBI, I see nothing to be gained by demonizing her. Or imputing evil qua evil motives. Personally, I think being close to the FBI, Justice Dept., NIST, NSA, etc., and socializing with them, having lunch with them, doing contract work for them (nothing evil about that, per se...it's how academic departments fund their research), and generally being in "the Washington scene" has polarized her somewhat, just as we Cypherpunks are polarized by the support we get from our peer group, from the "cognitive dissonance" of seeing mostly the evidence that supports our existing point of view. When you spend your time in a milieu, work with people on their problems, you begin to adopt their world view. Understand, of course, that I am not addressing the underlying issues of who is right and who is wrong...I've already made my beliefs on this clear. I'm just agreeing with Pat Farrell that we all need to be careful not to demonize folks like Denning, Bidzos, or even Sternlight. We don't have to be solicitous (overly polite) toward them, and we can knock down their arguments, but we ought not to use cheap shots and cheap rhetorical tricks (one I hate especially is the "sound effect" jab, the "" sort of comment inserted into postings, sometimes even into the direct quotes of those being attacked!). Pat writes: >Even more annoying are the attacks on Jim Bidzos. He is trying to make a >buck, which was legal last time I looked. And on many issues, he is far more >in our camp than against us. He at least likes strong cryptography, and his >disputable patents expire in a relatively short time. He has agreed to allow >a PGP-compatible program to use RSA without cost, providing the legal >version that many U.S. users would like to see. I agree, though of course he and RSADSI did not fight as hard as they might have, in my opinion, on the subject of the cross-licensing with the DSS and Clipper/Skipjack products. I don't pretend to understand all of the issues involved, though I certainly can imagine he felt a lot more pressure (legal, export, classification) from the Feds than he felt from a loose organization of crypto privacy advocates. We're not where the money is, at least not yet. (In fact, Cypherpunks are generally not even customers of RSADSI, so why should Bidzos really care about our views? The industry security group that has denounced Clipper is undoubtedly much more influential.) Meanwhile, I have no real interest, personally, in the whole RSA v. PGP issue...let those directly involved work it all out. I will applaud loudly if Phil Z. and the other PGP folks do in fact reach an agreement with RSADSI, if only because it will remove one possible avenue of attack on private encryption. -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: by arrangement Note: I put time and money into writing this posting. I hope you enjoy it. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Sat, 3 Jul 93 14:07:37 PDT To: cypherpunks@toad.com Subject: Re: (fwd) GIFs--Now it can be told Message-ID: <9307032107.AA09849@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain (I'll only make a few comments.) Ed Carp writes: >> There are some quasi-legitimate issues surrounding the area of child >> erotica. Was the child coerced? Was consent meaningful? Etc. > >There are no quasi-legitimate issues surrounding child pornography in the >United States. It doesn't matter, legally whether consent was obtained or >not, etc. Child pornography is not legal. To make, sell, possess, distribute, >or conspire to do any of the above is a crime. I meant "quasi-legitimate" in the sense of being at least a real criminal issue. By contrast, merely discussing the issues cannot possibly be a crime, nor can, IMHO, the creation of such a group absent actual evidence of criminality. Sort of like shutting down "alt.drugs" on the grounds that illegal drugs are often discussed. (We can all think of several dozen newsgroups that touch on subjects illegal in many states of the U.S., in many countries of the world, etc.) >In the US, it doesn't matter what their actual ages are - if they are >depicted as being under the age of consent, they are illegal. Ah, but what if no mention is made of the age? If I happen to have a collection of pictures of 19-year-olds-who-look-15, because of my own esthetic standards, is this illegal? It sounds totally legal to me, and I think a court opinion will ultimately be rendered that so long as the models actually are over 18, no matter how young they look, no crime as ocurred. (Actually, the various "cheerleader porn" films cater to this fantasy and are not classed as child porn, so long as the actresses are 18 or older.) On purely computer-generated images: >Not at all. It's not an issue of exploitation in that case, nor is it an >issue of "thoughtcrime", since the thought has produced an actual image >that can be viewed by others. I strongly disagree. A computer image that never involved an actual child, cannot reasonably be viewed as child porn. Can a computer-generated "snuff" film be viewed as murder? (I see acted-out murders every day on t.v.) >Nothing in this email should be construed as a personal attack against you, >Tim. I'm just trying to relate the laws and the facts as they are. I don't take it as a personal attack. Ed's comments were thoughtful, even if I disagreed with some of them. By the way, I agree with some comments I've received that this subject is somewhat far afield from the "Cypherpunks charter," such as it is, but I'm finding the hundreds of highly repetitive and arcane postings about the same old remailer issues, and the internals of obscure mail programs, not all that close to the charter either. (I'm not saying they shouldn't be posted, and some have been well-written summaries, but I am saying they're highly-detailed nuts-and-bolts issues which probably are meaninful to only a few readers.) Part of the Cypherpunks approach is to "monkey wrench" the "Surveillance State" by flooding the comm lines with encrypted junk, with suspicious-looking files that will soak up surveillance time, and with various other subversive things that will push the boundaries. -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: by arrangement Note: I put time and money into writing this posting. I hope you enjoy it. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: khijol!erc@apple.com (Ed Carp) Date: Sat, 3 Jul 93 18:34:58 PDT To: tcmay@netcom.com (Timothy C. May) Subject: Re: Ad Hominum attacks (was Re: PC Week Clipper article In-Reply-To: <9307032039.AA07619@netcom.netcom.com> Message-ID: MIME-Version: 1.0 Content-Type: text > I was the one who jokingly used the term "wicked witch of the East" in > reference to D.D., though I am almost 100% certain it was only to this > mailing list, and not to sci.crypt in general. Perhaps I let my enthusiasm > for my wit take precedence over judgment. And in other places, such as > sci.crypt, I have in fact defended Denning against ignorant comments along > the lines of "Who is this Dorothy Denning person? I can't find her name > anywhere in "The Codebreakers." She must not know anything about crypto." > Whatever we may think of her position on Clipper, criticizing her > personally and imputing motives to her that cannot possibly be known to > outsiders, is foolish. I was the one who called Denning a "fucking idiot". Perhaps I should have said "fucking naive idiot" and been more specific, because while it might make sense for her to be "in bed with" the intelligence community to *her*, it makes no sense to anyone else I've talked to. In my view, she's either being criminally naive in being a mouthpiece for the NSA, being bought off by them, being threatened by them, has a personal/financial interest in the whole Clipper fiasco, or sees a political advantage in aligning herself with them. As has been discussed (to death, probably) in sci.crypt, alt.security*, etc., Clipper has several apparent flaws, none of which I'll go into here. Why would someone who is supposed to be some sort of "expert" be endorsing such a scheme is beyond me, unless she is being motivated by one of the above. In any case, the endorsement of such a scheme is naive in the extreme and almost criminally irresponsible of her, given the nature of Clipper/Capstone and the history of the intelligence community using such technology to spy on its own citizens in illegal operations. *That's* what I meant by my "fucking idiot" remark. > comments about the motives of Denning, of Bidzos, of Sternlight, and of Bidzos is just trying to make a buck. Sternlight seems to be anally retentive in the extreme, and believes his own bullshit. > "Demonizing" our opponents, or making them look like dunces (as with the > many "I've never heard of Dorothy Denning before" posts), does not help our > cause. In fact, it probably weakens our cause, for two reasons. First, it > cuts off dialog with those we disagree with. Second, we tend to > underestimate people we have written off as stooges or dunces. The first rule of most martial arts, as the first rule of combat, is "never underestimate your opponent". However irresponsible I may think Dorothy Denning, Jim Bidzos, or David Sternlight are, I don't underestimate them. If any one of those three (or anyone else, for that matter) has something to say, I will listen and judge it on its own merits. -- Ed Carp erc@apple.com, erc@saturn.upl.com 510/659-9560 For anonymous mailers --> anonymus+5300@charcoal.com "I've met many thinkers and many cats, but the wisdom of cats is infinitely superior." -- Hippolyte Taine (1828-1893) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Stanton McCandlish Date: Sat, 3 Jul 93 17:42:05 PDT To: cypherpunks@toad.com Subject: test Message-ID: <9307040041.AA13428@hydra.unm.edu> MIME-Version: 1.0 Content-Type: text/plain Hmm no mail in weeks from this list...I ass-u-me the problem is on my end, so here be a test message. Blah blah blah. -- Stanton McCandlish * Space Migration * Networking * ChaOrder * NO GOV'T. * anton@hydra.unm.edu * Intelligence Increase * Nano * Crypto * NO RELIGION * FidoNet: 1:301/2 * Life Extension * Ethics * VR * Now! * NO MORE LIES! * Noise in the Void BBS * +1-505-246-8515 (24hr, 1200-14400, v32bis, N-8-1) * From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mkapor@kei.com (Mitchell Kapor) Date: Sat, 3 Jul 93 18:41:34 PDT To: Mike Godwin Subject: Re: "Wired" has more than one cover--why? (fwd) Message-ID: <199307040140.AA26801@kei.com> MIME-Version: 1.0 Content-Type: text/plain They decided that West Coast covers should feature Peter Gabriel and the East Coast covers Mitch Kapor. Something about rock and roll playing better on newsstands than policy everywhere but the Northeasteast corridor. All subscribers got the Gabriel cover. As the Wired editor told me this split cover was a last minute decision and a first-time experiment. The Cypherpunks were on the cover all of copies of issue #2. ------------------------------------------------------------------------------ Mitchell Kapor, Electronic Frontier Foundation Note permanent new email address for all correspondence as of 6/1/93 mkapor@kei.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: J. Michael Diehl Date: Sat, 3 Jul 93 20:46:48 PDT To: erc@apple.com Subject: Re: Ad Hominum attacks (was Re: PC Week Clipper article In-Reply-To: Message-ID: <9307040345.AA27592@triton.unm.edu> MIME-Version: 1.0 Content-Type: text/plain According to Ed Carp: > > I was the one who called Denning a "fucking idiot". Perhaps I should have > said "fucking naive idiot" and been more specific, because while it might Well, I read the post, too, and I thought it was funny! Obviously not meant to be informative. I feel that people such as DD and LEA-mongers are @#$%ing idiots. And in a free forum, I should be able to say so. This is kinda what Cypherpunks stand for, IMHO. > The first rule of most martial arts, as the first rule of combat, is "never > underestimate your opponent". However irresponsible I may think Dorothy > Denning, Jim Bidzos, or David Sternlight are, I don't underestimate them. > If any one of those three (or anyone else, for that matter) has something to > say, I will listen and judge it on its own merits. And the second rule of most martial arts is, "Never get hit." In light of all of the LEA's trying to "hit" us, this is something to think about. Just my $.02. Laters. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ > -- > Ed Carp erc@apple.com, erc@saturn.upl.com 510/659-9560 > For anonymous mailers --> anonymus+5300@charcoal.com > "I've met many thinkers and many cats, but the wisdom of cats is infinitely > superior." -- Hippolyte Taine (1828-1893) > From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Al Billings Date: Sat, 3 Jul 93 23:28:33 PDT To: "Timothy C. May" Subject: Re: "Wired" has more than one cover--why? In-Reply-To: <9307031948.AA04165@netcom.netcom.com> Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Sat, 3 Jul 1993, Timothy C. May wrote: > I noticed that some copies of the latest "Wired" have Peter Gabriel on the > cover and others have Mitch Kapor on the cover. What gives? I don't know if this is related to it or not but I work in a magazine store and when we received the latest issue, I noticed that our invoice said something like "West Coast Edition" or something similar. Perhaps the different editions have different covers? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Leslie Regan Shade Date: Sun, 4 Jul 93 07:20:42 PDT To: Al Billings Subject: Re: "Wired" has more than one cover--why? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: text/plain > > On Sat, 3 Jul 1993, Timothy C. May wrote: > > > I noticed that some copies of the latest "Wired" have Peter Gabriel on the > > cover and others have Mitch Kapor on the cover. What gives? > Well, here in Montreal we got Peter Gabriel and we're certainly not on the west coast! Leslie Shade From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Chris Parrinello Date: Mon, 5 Jul 93 11:35:57 PDT To: cypherpunks@toad.com Subject: Non-cypherpunk question. Message-ID: <199307051835.AA21072@ux1.cso.uiuc.edu> MIME-Version: 1.0 Content-Type: text/plain Hi, I just started reading this mailing list and I've run into a few problems reading some of the messages because they include MIME information which my copy of MH chokes on for some reason. It doesn't like the x-text and text/x-pgp content-types. Would anybody on this list have a fix for that so I can continue to read this list with MH? Any help would be appreciated. Thanks in advance! Chris From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: marc@Athena.MIT.EDU Date: Mon, 5 Jul 93 13:33:37 PDT To: cypherpunks@toad.com Subject: [daemon@ATHENA.MIT.EDU : On-Line Congressional Hearing] Message-ID: <9307052033.AA17212@steve-dallas.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain ------- Forwarded transaction [6484] daemon@ATHENA.MIT.EDU (hearing-info@trystero.malamud.com) Commercialization & Privatization of the Internet 07/05/93 14:27 (70 lines) Subject: On-Line Congressional Hearing Date: Mon, 5 Jul 93 14:28:25 -0400 To: com-priv@psi.com From: hearing-info@trystero.malamud.com Reply-To: hearing-info@trystero.malamud.com Station: Internet Multicasting Service Channel: Internet Town Hall Program: On-Line Congressional Hearing Release: July 5, 1993 Content: First Announcement/On-Line Congressional Hearing On July 26 at 9:30AM EDT, the Subcommittee on Telecommunications and Finance of the U.S. House of Representatives will hold the first Congressional Hearing ever held over a computer network. The oversight hearing on "The Role of Government in Cyberspace" will take place in the Grand Ballroom of the National Press Club at 14th and F Streets, N.W., Washington, D.C. The hearing is open to the public. An open house will be held from 3-5PM on the same day in the same location and is also open to the public. Chairman Markey has asked that this historic occasion demonstrate the potential and diversity of the global Internet. Thirty Sparcstations will be in the hearing room, allowing members of Congress, staff, and their guests to read e-mail, use Gopher menus, read testimony in WAIS databases, browse the World Wide Web, and otherwise use the resources of the global Internet as part of the hearing. Some witnesses for the hearing will testify remotely, sending audio and video over the Internet. Audio and video of the hearing will also be multicast over the Multicast Backbone (MBONE). We are hoping that C-SPAN and other traditional media will also carry the event. *MORE DETAILS ON MBONE AND OTHER WAYS TO WATCH THE HEARINGS REMOTELY WILL BE FORTHCOMING SHORTLY.* One of the primary points that we are hoping to demonstrate is the diversity and size of the Internet. We have therefore established an electronic mail address by which people on the Internet can communicate with the Subcommittee before and during the hearing: congress@town.hall.org We encourage you to send your comments on what the role of government should be in the information age to this address. Your comments to this address will be made part of the public record of the hearing. Feel free to carry on a dialogue with others on a mailing list, cc'ing the e-mail address. Your cards and letters to congress@town.hall.org will help demonstrate that there are people who use the Internet as part of their personal and professional lives. We encourage you to send comments on the role of government in cyberspace, on what role cyberspace should play in government (e.g., whether government data be made available on the Internet), on how the Internet should be built and financed, on how you use the Internet, and on any other topic you feel is appropriate. This is your chance to show the U.S. Congress that there is a constituency that cares about this global infrastructure. If you would like to communicate with a human being about the hearing, you may send your comments and questions to: hearing-info@town.hall.org Support for the Internet Town Hall is provided by Sun Microsystems and O'Reilly & Associates. Additional support for the July 26 on-line congressional hearing is being provided by ARPA, BBN Communications, the National Press Club, Xerox PARC, and many other organizations. Network connectivity for the Internet Town Hall is provided by UUNET Technologies. --[6484]-- ------- End forwarded transaction From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: miron@extropia.wimsey.com (Miron Cuperman) Date: Mon, 5 Jul 93 18:05:36 PDT To: cypherpunks@toad.com Subject: More on remail error reporting Message-ID: <1993Jul5.184526.7226@extropia.wimsey.com> MIME-Version: 1.0 Content-Type: text/plain I've created a digest list for error reporting. The digest list is errors-d@extropia.wimsey.com. Send a message to errors-d-request to subscribe. Following this is an example of a digest. Notice that the subjects (which include the ID of the messages in question) are the the top for quick browsing. Currently, the digest is transmitted every 12 hours. I'm also handling bounces now, not only remail errors. --- cut here --- Date: Mon, 5 Jul 1993 09:30:29 -0700 From: errors-d-request@extropia.wimsey.com Reply-To: errors@extropia.wimsey.com Subject: errors-d Digest V1993 #2 X-Loop: errors-d@extropia.wimsey.com Precedence: list To: errors-d@extropia.wimsey.com errors-d Digest Volume 1993 : Issue 2 Today's Topics: Remailing error, ID = (No subject supplied) Remailing bounce, ID = "Horror That Scares" ---------------------------------------------------------------------- Date: Sat, 3 Jul 1993 13:44:36 -0700 From: anonymous@extropia.wimsey.com To: errors@extropia.wimsey.com Subject: Remailing error, ID = (No subject supplied) Message-Id: <199307032044.AA26014@xtropia> No receipient could be ascertained. Note: No encrypted contents was found (encryption is required). No subject was included. Please supply a subject in the future for reporting. It will be stripped-off before remailing. ------------------------------ Date: Mon, 5 Jul 1993 09:30:04 -0700 From: anonymous@extropia.wimsey.com To: errors@extropia.wimsey.com Subject: Remailing bounce, ID = "Horror That Scares" Message-Id: <199307051630.AA05344@xtropia> Bounced mail: > From: Mail Delivery Subsystem Subject of 'Returned mail: User unknown'. ------------------------------ End of errors-d Digest V1993 Issue #2 ************************************* From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: hfinney@shell.portal.com (Hal Finney) Date: Mon, 5 Jul 93 20:17:13 PDT To: cypherpunks@toad.com Subject: Encrypted cypherpunks list Message-ID: <9307060222.AA18201@jobe.shell.portal.com> MIME-Version: 1.0 Content-Type: text/plain As Eric Hughes suggested, I put together a little perl script to remail cypherpunks mail, PGP encrypted, to all names on a list. If you'd like to receive your cypherpunks messages encrypted, send me your address and your PGP key and I'll add you to the list. Then you can unsubscribe from the regular list. I'll upload the script once I test it a little more. Initial subscribers should consider themselves alpha testers and feel free to complain. Hal Finney hfinney@shell.portal.com From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: ""L. Detweiler"" Date: Mon, 5 Jul 93 21:47:13 PDT To: tcmay@netcom.com (Timothy C. May) Subject: Re: (fwd) GIFs--Now it can be told In-Reply-To: <9307030942.AA03729@netcom3.netcom.com> Message-ID: <9307060447.AA08750@longs.lance.colostate.edu> MIME-Version: 1.0 Content-Type: text/plain >Their battle cry is "Eeek! If >we don't nip this in the bud, _right now_, think of what might >happen! or `if we don't police ourselves, then somebody else will do it for us, and we don't want that'. >The mutant condors that one reader (who claimed to be a Pope in the >Church of the Subgenius, but who humorlessly missed the joke--but I >forgive him, for he knew not what he saw) wanted to feed me to, can >now stop circling my house. boy, all I can say is that you sure have a lot of chutzpah doing something like this, but it does definitely make a fascinating Gedanken. I especially appreciate your cogent description & analysis of the grey areas without which the whole thing would have been pointless, but with it make superb social commentary. ltr. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mark Date: Mon, 5 Jul 93 14:55:59 PDT To: cypherpunks@toad.com Subject: Non-cypherpunk question. Message-ID: <9307052155.AA00294@toad.com> MIME-Version: 1.0 Content-Type: text/plain >I just started reading this mailing list and I've run into a few problems >reading some of the messages because they include MIME information >which my copy of MH chokes on for some reason. It doesn't like the x-text >and text/x-pgp content-types. Would anybody on this list have a fix for >that so I can continue to read this list with MH? Any help would be appreciated. I use elm to read the list and it barfs on metamail messages as metamail hasnt been installed. What i did was to get cat.c and remove the arg checks so it didnt try to interpret the metamail switches elm piped to it and to not report missing files. Then it just catted it's arguements so /tmp/mail-aa0127 is catted and piped through less so i am able to read metamail (which are just nomal messages with a different Content-Type: line int he header anyway). Bit of a kludge but it works. Mark mark@coombs.anu.edu.au From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@rosebud.ee.uh.edu Date: Tue, 6 Jul 93 07:54:35 PDT To: cypherpunks@toad.com Subject: REMAIL: list 7/6/93 Message-ID: <9307061454.AA13165@toad.com> MIME-Version: 1.0 Content-Type: text/plain NOTE: new remailer @entropy.linet.org! -----BEGIN PGP SIGNED MESSAGE----- Last update: 07/02/93 Q1: What cypherpunk remailers exist? A1: 1: nowhere@bsu-cs.bsu.edu 2: hh@cicada.berkeley.edu 3: hh@pmantis.berkeley.edu 4: hh@soda.berkeley.edu 5: 00x@uclink.berkeley.edu 6: hal@alumni.caltech.edu 7: ebrandt@jarthur.claremont.edu 8: phantom@mead.u.washington.edu 9: remailer@rebma.mn.org 10: elee7h5@rosebud.ee.uh.edu 11: hfinney@shell.portal.com 12: remail@tamsun.tamu.edu 13: remail@tamaix.tamu.edu 14: remailer@utter.dis.org 15: remailer@entropy.linet.org 16: remail@extropia.wimsey.com NOTES: #1-#5 no encryption of remailing requests #6-#15 support encrypted remailing requests #16 special - header and message must be encrypted together #9,#14,#15,#16 introduce larger than average delay (not direct connect) #9,#14,#15 running on privately owned machines ====================================================================== Q2: What help is available? A2: Check out the pub/cypherpunks directory at soda.berkeley.edu (128.32.149.19). Instructions on how to use the remailers are in the remailer directory, along with some unix scripts and dos batch files. The public keys for the remailers which support encrypted remailing requests is also available in the same directory. Mail to me (elee9sf@menudo.uh.edu) for further help and/or questions. -----BEGIN PGP SIGNATURE----- Version: 2.3 iQCVAgUBLDRKRYOA7OpLWtYzAQEoQgP+MS4qW2ITP5UCSACcG/ngSid3/o/I1fic guGXQ5Ay6QWu9CVdc6YlbmkxxL6ekbLhtFSmMyXC356yixJ8Nvxcs7MYypHLlo3W oG7C6HDPmAq6JgVUdD4YCUXOS7haBt3HJ3K/utXFe3G6ybbEfG0TSUvwqgIVADql LSKB4yfpsk8= =04Iy -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Tue, 6 Jul 93 07:43:03 PDT To: cypherpunks@toad.com Subject: Re: (fwd) GIFs--Now it can be told In-Reply-To: <9307031355.AA00356@antigone.com> Message-ID: <9307061442.AA10023@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain Michael Ross says: > Tim, > > That was very manipulative, and did not achieve much. I wholely disagree. Tim's post to alt.binaries.pictures.erotica.children was a valuable exercise even given its limitations. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dmandl@lehman.com (David Mandl) Date: Tue, 6 Jul 93 08:34:07 PDT To: cypherpunks@toad.com Subject: PC Week hops on the bandwagon Message-ID: <9307061533.AA11664@disvnm2.shearson.com> MIME-Version: 1.0 Content-Type: text/plain Sorry if this has been mentioned already, but the new issue of PC Week contains a big special report entitled "Privacy in the Workplace." It's got about five or six separate pieces on electronic eavesdropping in the workplace, encryption, Clipper, etc., etc. I've only had a chance to scan it quickly (I mean with my eyes), but it seems that there's no mention of PGP at all, even in the piece on public-key encryption. Shocking. And the piece on Clipper, while it of course mentions all the opposition to the proposal, seemed just a bit wimpy to me. Anyway, it's the June 28 issue. Worth checking out, I guess. --Dave. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Tue, 6 Jul 93 12:04:22 PDT To: cypherpunks@toad.com Subject: We are Becoming Politically Correct Sheep Message-ID: <9307061904.AA12415@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Perry Metzger writes, about the reaction to the "junk bits" file I posted in a controversial new group, "alt.binaries.pictures.erotica.children": >Michael Ross says: >> Tim, >> >> That was very manipulative, and did not achieve much. > >I wholely disagree. Tim's post to alt.binaries.pictures.erotica.children >was a valuable exercise even given its limitations. > Of course I agree with Perry, though I also respect the others who have posted disagreements (sometimes strong!) here on this List or in the various newsgroups...that's what free speech is all about. Bear in mind that most of the "Cypherpunks agenda," to the extent we can identify it, is likely to provoke ordinary citizens into _outrage_. Talk of anonymous mail, digital money, money laundering, information markets, data havens, undermining authority, transnationalism, and all the rest (insert your favorite idea) is not exactly mainstream. While I don't personally care for the "kiddie porn" I've seen (the David Hamilton photos of young girls and the occasional Mapplethorpe photos in news reports), the issues raised in this area are of great importance. (I don't plan to argue for or against these images in this forum, though.) If we back down every time a censor screams "Illegal!," then very few of our agenda items will ever see the light of day. So long as physical violence or coercion is not involved, I see no reason to restrict the activities of others. I completely reject the concept of "class-based crimes," such as: - conventional erotica and pornography should be banned because it is degrading to women, objectifies them, etc. (ironically, unless of course it is "made by and for wimmin," a loophole added by Andrea Dworkin and her supporters after they discovered their anti-porn crusade in Canada and elsewhere would put an end to Lesbian porn mags like "Yellow Silk"!). - I put "child porn" in this category because only the actual coercion of children--if it is happening--should be stopped. (And even this is confusing, as coercion of children happens all the time--we call it "parenting.") A mere image carries no proof that this coercion has happened, for the many reasons I have cited and others have cited (e.g., the child may have willingly participated, the "child" may be 18 and merely look 15, the images may have come from other countries where the customs and laws are different, the image may have been computer-generated or morphed, and so on). - "racist jokes" are being targeted for elimination in many of the Usenet groups, by halting the carrying of "offensive" newsgroups. Legal purists will of course note that this is not "censorship" in the legal/government sense. IMHO, the English language needs a new term for something between the one extreme of government censorship and the other extreme of personal choice, perhaps something like "institutional censorship." Being a free market sort of person, I have no problems with, say, Apple Computer deciding not to carry "alt.binaries.pictures.erotica.children" or "rec.humor.funny.cripples," but it still a _form_ of "institutional censorship." [especially when they are acting so as to head off legal action, as I describe below] - read the "academic freedom" group (I forget the exact title...search for "acad-free" in your newsreader) and you'll see that more and more universities are using the "sexual harassment" laws/codes to stop certain newsgroups, to halt the distribution of sexually oriented images, and to take disciplinary action against students (mostly male) who have put GIFs on their computers or workstations (apparently female students who walk past an office in which female models are used as startup screens have decided they are being "sexually assaulted" or "harassed"). [An important point to make here is that many of these institutions are taking actions largely because they fear that if they don't, the plaintiffs will take their case to the _government_ legal system, perhaps by suing the university for "condoning an atmosphere hostile to womym and other people of color." If there was no threat of ultimate legal action, much of this "institutional censorship" would vanish, and people could just concentrate on doing their jobs, with or without calendars of "Miss Usenet" gracing their walls.] - discussion of ways to undermine the State, via crypto anarchy and strong crypography, are likely to be targets of future crackdowns. Sedition laws, conspiracy laws, RICO, etc. How long before speaking on these matters earns a warning letter from your university or your company? [Again, I think it's the "big stick" of ultimate government action that spurs these univeristy and company policies. Apple fears being shut down for having "involvement" with a terrorist plot, Emory University fears being sued for millions of dollars for "conspiring" to degrade wimmin of color, etc.) - how long before "rec.guns" is no longer carried at many sites, as they fear having their universities or companies linked to discussions of "assault weapons" and "cop-killer bullets"? [Prediction: Many companies and universities, under pressure from the Feds, will block groups in which encrypted files are posted. After all, if one encrypts, one must have something to hide, and that could expose the university to legal action from some group that feels aggrieved.] So, free speech is under assault across the country. The tort system is being abused to stifle dissentinting views (and lest you think I am only a capitalist, only a free marketeer, the use of "SLAPP suits"--"Strategic Lawsuits Against Public Participation"--by corporations or real estate developers to threaten those who dare to publicly speak against their projects is a travesty, a travesty that the courts have only recently begun to correct). We are becoming a nation of sheep, fearing the midnight raid, the knock on the door. We fear that if we tell a joke, someone will glare at us and threaten to sue us _and_ our company! And so companies are adopting "speech codes" and other such baggage of the Orwell's totalitarian state. Political correctness is extending its tendrils into nearly every aspect of life in America. Time to fight back. -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: by arrangement Note: I put time and money into writing this posting. I hope you enjoy it. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Tue, 6 Jul 93 13:19:19 PDT To: cypherpunks@toad.com Subject: Looking for biblio re commercialization of encryption Message-ID: <9307062019.AA15820@toad.com> MIME-Version: 1.0 Content-Type: text/plain ------- Start of forwarded message ------- From: Kibbee=Streetman%ACIS.1037%DSRD.K25@VINES.ORNL.GOV To: eff@eff.org Subject: References for Crypto Study Date: Wed, 23 Jun 93 15:27:26 EDT Dear Sir -- I am working on a project for NIST to develop an annotated bibliography on issues in the commercialization of encryption technology. Can you provide me with any references to EFF publications dealing with export, Clipper/Capstone, privacy, etc. ? I already have copies of the material presented at the CSS&PAB meeting at NIST but would like to have anything else that might be available. Thank you for your help! Kibbee D. Streetman (kds@ornl.gov) 1099 Commerce Park Oak Ridge, TN 37830 (615)574-9952 ------- End of Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mike@EGFABT.ORG (Mike Sherwood) Date: Tue, 6 Jul 93 14:03:51 PDT To: cypherpunks@toad.com Subject: Re: (fwd) GIFs--Now it can be told In-Reply-To: <9307061442.AA10023@snark.shearson.com> Message-ID: MIME-Version: 1.0 Content-Type: text/plain "Perry E. Metzger" writes: > > That was very manipulative, and did not achieve much. > > I wholely disagree. Tim's post to alt.binaries.pictures.erotica.children > was a valuable exercise even given its limitations. I agree.. what if he posted it as some silly program in one of the sources groups, encrypted and all, with a description as something almost no one would want? then the worst that would happen is people flaming him for encrypting it.. that would be a way to go for a real post to convey information.. we could always create an alt.too.many.secrets (obligatory documentary movie reference =]) to post things to where there is a large audience, but for an audience of people who care about such issues, as opposed to a normal post which joe random user could argue with everyone without knowing the difference between a pgp encrypted and uuencoded file. the other issue is that people will think what they want to think if they're uninformed, such as all of the people who flamed Tim for posting what's basically a worthless message, just that those people who flamed him didn't like the name of the group he posted it in.. for all we know, he could've posted his local /etc/hosts. -- Mike Sherwood internet: mike@EGFABT.ORG uucp: ...!sgiblab!egfabt!mike From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Duncan Frissell <76630.3577@CompuServe.COM> Date: Tue, 6 Jul 93 11:15:43 PDT To: Subject: Thoughtcrime Message-ID: <930706181141_76630.3577_EHK32-2@CompuServe.COM> MIME-Version: 1.0 Content-Type: text/plain (Ed Carp?) >There are no quasi-legitimate issues surrounding child pornography in the >United States. It doesn't matter, legally whether consent was obtained or >not, etc. Child pornography is not legal. To make, sell, possess, distribute, >or conspire to do any of the above is a crime. Not quite. The 9th Circuit Court of Appeals recently threw out the sell, possess, and distribute parts of the Child Pornography act on the traditional 1st Amendment grounds that retailers can't be punished for failure to examine (and get the model's age certificates) for every page or every film frame of every item in their inventory. Such blanket coverage is vague and overbroad. Who knows what the Supremes or other Circuits not located in San Francisco will do but the state of the law is still fluid. The question of morphing or animated kiddie porn is an interesting one. I haven't read the law so I don't know if they would be arguably covered. Pure *text* kiddieporn is legal of course. Remember all the battles over text pornography? Isn't it great that the video/graphics revolution has eliminated most censorship issues concerning pure text. ******************************************************************** * DUNCAN FRISSELL Attorney at Law, Writer, and Privacy * * CIS 76630,3577 Consultant since the Nixon * * Internet: Administration * * 76630.3577@compuserve.com * * or frissell@panix.com * * Easylink 62853962 * * Attmail !dfrissell * * TLX: 402231 FRISSELL NYK * * * * Privacy Checkup still only $29.95. Buy today before price * * controls force me to raise my prices. * * * * Would you like a debit VISA card from your secret offshore * * bank account. Let me show you how. * * * ******************************************************************** From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: stub23 Date: Tue, 6 Jul 93 14:44:58 PDT To: cypherpunks@toad.com Subject: Wired cover Message-ID: <199307062144.AA01546@orion.oac.uci.edu> MIME-Version: 1.0 Content-Type: text/plain well on mindvox the cover decision was announced a bit before the magazine came out and there was a huge guessing contest over who was going to be on the cover with some damn creative ideas but anyhow... although if i were to guess, i would say taht peter gabriel is on the cover of my issue, but on the inside it says cover: mitch kapor so i got confused dunno what mitch kapor looks like... also to note la and sf have different covers from what i ahve heard From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Tyler Yip - UnixWeenie(tm) Date: Tue, 6 Jul 93 15:18:22 PDT To: cypherpunks@toad.com Subject: wired covers Message-ID: <9307062217.AA09173@hairball.ecst.csuchico.edu> MIME-Version: 1.0 Content-Type: text/plain In Chico, California, the two book stores large enough to have Wired have Mitch Kapor (Tower Books) and Peter Gabriel (Readmore Books). I might go pick up the other cover. :) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jet@nas.nasa.gov (J. Eric Townsend) Date: Tue, 6 Jul 93 15:23:55 PDT To: cypherpunks@toad.com Subject: apologies (was Re: Complete ignorance of any sort of reality on May's part (was We are In-Reply-To: <9307062001.AA10698@snark.shearson.com> Message-ID: <9307062223.AA09861@boxer.nas.nasa.gov> MIME-Version: 1.0 Content-Type: text/plain I'm sorry I got sidetracked with the bit about dworkin. I'm not really even a serious supporter of hers. On the other hand, I'm probably one of the few people 'here' who've read most of her work. Before one goes about believing many of the outrageous things attributed to her, one should read her writing and take many of the statements in context. (Who was it a couple of years ago posting summaries of out of context quotes by usenetters in alt.flame?) At any rate, I was dismayed by Tim May's lack of knowledge regarding the people he was attacking. Wildly thrashing about and attacking anyone who isn't completely on one's side tends to get one nowhere. Again, I apologize for sidetracking things. -eric From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: "Perry E. Metzger" Date: Tue, 6 Jul 93 13:01:37 PDT To: cypherpunks@toad.com Subject: Re: Complete ignorance of any sort of reality on May's part (was We are In-Reply-To: <9307061947.AA17712@netcom.netcom.com> Message-ID: <9307062001.AA10698@snark.shearson.com> MIME-Version: 1.0 Content-Type: text/plain J. Eric Townsend says: > - Dworkin has never called for the banning of porn. I've read most of > her books, and she even goes out of her way to say she's not calling > for any sort of censorship. She *does* push for 'victim > compenstation'-style legislation. This is silly. Its like saying "I'm not in favor of banning guns -- but I want victims to be able to sue the gun manufacturers for negligence". Dworkin is a fascist in feminist clothing -- for all intents and purposes she believes that any act of heterosexual sex is on some level rape. She's nuts. > Tired of white het male computer geeks talking nonsense about anyone > who threatens their place in the power structure, This white male het computer geek marches in the Gay Pride Parade every year. (Well, not this year -- I was sick. Mea culpa.) He also thinks that Andrea Dworkin is about as anti-censorship as Rev. Wildmon. I don't give a shit about the power structure -- I just think that anyone telling me what I can and cannot see, what I can and cannot write, and what I can and cannot sell, is my enemy. Perry From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Edward J OConnell Date: Tue, 6 Jul 93 13:19:44 PDT To: "J. Eric Townsend" Subject: Re: Complete ignorance of any sort of reality on May's part (was We are In-Reply-To: <9307061947.AA17712@netcom.netcom.com> Message-ID: MIME-Version: 1.0 Content-Type: text/plain Yeah, I heard that she had to do some gymnastics to explain how gay male porn degrades women, too. ;-) Is this true, or am I also a homophobe? ;-) I hate Dworkins arguments. There are plenty of pro porn lesbians/feminists. At least, I've read stuff by several, (bright/Annie sprinkle, etc) and I've read some stuff by various porn stars that call themselves feminists... Identifying feminism with censorship annoys me...I wish I had some data on how many women who call themselves feminists are pro censorship... if its the majority, I guess I'd have to allow it... ;-) The problem for intellectuals is how to protect 'erotica' and somehow squash 'pornography.' The difference is amusing to me. One mans erotica is another womans porn... All right thinking people would agree that the only thing that could be wrong in the sex trade is coercion, be it of women or children or horses or hamsters... I have some problem with the idea of the coerciveness of the 'free market' though, as does Dworkin, so I guess we do have some things in common... I'd like to know that no one is in the trade to pay for a drug habit...of course, I think that drugs, like food and shelter and air, should be free... But I'm a nut. ;-) Jay From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Tue, 6 Jul 93 16:07:36 PDT To: Cypherpunks@toad.com Subject: "Let's kill all the lawyers..." Message-ID: <9307062308.AA22680@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain "What do you call the killing of those lawyers in San Francisco last week?" Answer (you knew this was coming): "A good start." The discussion of free speech and political correctness is apparently not welcome by some on this list. I guess the usual religious debates about which mail reader is better are what we're supposed to talk about. Well, I'm a member of this list, too, and issues of censorship and free speech are more interesting to me--and to some others, I suspect--than the intricacies of "MH." To each their own. Learn to use your "delete" key. (I agree that discussions of libertarianism vs. liberalism, etc., are the bane of the Net, and that we have been fortunate in avoiding the usual pitched battles between these camps on this List. My comments about censorship of speech, photos, etc., were not intended to provoke such a political battle.) Ironically, even as I type this, I am watching CNN and a special report on a "trial balloon" to ban anti-lawyer remarks! Seriously! Harvey Saferstein, President of the California State Bar, is explaining how "hate speech" laws can and should be used to limit the bashing of lawyers, the portrayal of them as good targets (he cited the lawyer being the first to be eaten in "Jurassic Park" as an example of the "atmosphere of hate" surrounding lawyers), and "inciting to violence." He specifically cited the killings in San Francisco last week as a reason to classify such speech as a "hate crime." No word on whether Shakespeare's "First, let's kill all the lawyers" would've gotten him 10-20 in the Tower of London. What is happening to free speech? What has happened to "Sir, I disagree with what you say, but I defend to the death your right to say it."? Now of course such a law is not likely to pass, or be upheld. (Saferstein is actually not lobbying for a _new_ law, but for extension through the judicial system of existing "hate crime" laws to included any "class-related" jokes and insults. A move other groups are already trying.) In a way, I am cheering this, as it can only end up trivializing and undermining the whole concept of "hate crimes" and "hate speech." Real crimes, including trespass to burn crosses on people's lawns, and the like, can and _should_ be prosecuted, but not "hate" crimes. (If such laws were applied uniformly, instead of just against so-called "white rights" groups, then most "minority" organizations, which preach hatred of "honkeys" and "hets," would be shut down.) As John Gilmore pointed out a few years back, most of us are breaking laws every day. If the government can attach penalties based on our political views, then dissidents can be targeted selectively and given sentences based on their alleged "hate crimes." (Imagine how the Black Panthers or Malcolm X could have been harassed even more aggressively if their "hate" could have been used to increase punishments for otherwise minor crimes? That they were harassed, 20 and 30 years ago, is beside the point. Folks who advocate "hate crime" laws should reflect carefully on how such laws may someday be used against them.) -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: by arrangement Note: I put time and money into writing this posting. I hope you enjoy it. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: khijol!erc@apple.com (Ed Carp) Date: Tue, 6 Jul 93 16:22:00 PDT To: cypherpunks@toad.com Subject: On the medium being the message Message-ID: MIME-Version: 1.0 Content-Type: text I was eating lunch today, staring at the cover of "Wired", when the phrase "The medium..." caught my eye. This set off a whole train of thought on message concealibility, like hiding messages in, say, the order of headers in a posting, or the "Reply-To:" header, or even the words in subsequent postings to a newsgroup. Who would ever think to look at, say, the third word in every posting Tim makes to alt.whatever newsgroup? Or in the "Date:" field, or in the "Message-ID:" field, or ... or ... or ... Hmmm. Food for thought. -- Ed Carp erc@wetware.com 510/659-9560 For anonymous mailers --> anonymus+5300@charcoal.com "I've met many thinkers and many cats, but the wisdom of cats is infinitely superior." -- Hippolyte Taine (1828-1893) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: gnu (John Gilmore) Date: Tue, 6 Jul 93 17:41:12 PDT To: eff-staff@eff.org, gnu Subject: Matchbook reminders for EFF / Cypherpunk members Message-ID: <9307070041.AA17216@toad.com> MIME-Version: 1.0 Content-Type: text/plain At a friend's house I found a matchbook printed up by NORML. It serves to advertise the organization, as well as providing information useful during legal troubles. It got me thinking about matchbooks or wallet cards as a good way to make people aware of us. (Matchbooks work better when your organization is concerned with smokables...) Someone mentioned a few weeks ago that we need to have a wallet-sized card that reminds people of their rights when they get into hassles. Experience has shown that we forget and bungle it, without a reminder. The NORML front cover says: Cypherpunk version (strawman): NORML CYPHERPUNKS National Organization Teaching, Learning, for the Reform of and Deploying Marijuana Laws Cryptographic Protection ------------------ 1636 R. St., N.W. Washington, DC 20009 spectron, cleveland, oh <- whoever makes the matches The spine: 900-97-NORML cypherpunks@toad.com The back: Before you rat, Big Brother's listenin' before you squeal, Big Sister's watchin'. before you snitch, Don't get cold feet, or cut a deal.. Use cryptographic stockin's. Call NORML. 900-97-NORML ...etc... (2.95 per minute You must be 18 or older to call) The inside: * NEVER CONSENT TO A Something very similar SEARCH (even with nothing to hide) * NEVER ANSWER ANY QUESTIONS (without an attorney) * CALL AN ATTORNEY IM- MEDIATELY (or call NORML) 900-97-NORML EFF's phone number? (2.95 per minute You must be 18 or older to call) NOTE: The live option is available only from 9 a.m. to 6 p.m., EST, M-F. A tract I cut out of a gay newspaper some years ago is in my wallet now; its advice is: SILENCE = GOLDEN ACT-UP/New York's clip-and-save guide to police intimidation The following guidelines were formulated by legal advisors to ACT UP/NY, but they apply to all gay men and lesbians and activists. 1. You do not have to talk to the police or FBI or any other investigators. You do not have to talk to them whether they come to your house, on the street, if you've been arrested, or even if you are in jail. Only a court or a grand jury has legal authority to compel testimony. 2. You don't have to let the police or FBI into your home or office unless they show you an arrest or search warrant which authorizes them to enter that SPECIFIC place. 3. If they do present a warrant, you do not have to tell them anything other than your name and address. You have a right to observe what they do. 4. Make written notes, including the agents' names, agency and badge numbers. Try to have other people present as witnesses and have them make written notes, too. 5. Anything you do say to any law enforcement officer may be used against you and other people. 6. If you do give the FBI or police information, it may mean that you will have to testify to the same information at a trial or before a grand jury. 7. Lying to an FBI agent or other federal investigators is a crime. 8. The best advice, if the FBI or police try to question you or to enter your home or office without a warrant, is to JUST SAY NO! Law enforcement agents have a job to do and they are highly skilled at it. Attempting to "outwit" them is very risky. YOU CAN NEVER TELL HOW A SEEMINGLY HARMLESS BIT OF INFORMATION CAN HELP THEM HURT YOU OR ANOTHER ACT UP MEMBER. 9. The investigators may threaten you with a grand jury subpoena if you don't give them information. But you may get one anyway, and anything you've already told them will be the basis for more detailed questioning under oath. 10. They may try to threaten or intimidate you by pretending to have information about you ("We know what you've been doing, but if you cooperate it will be all right.") If you are concerned about this, tell them you will consider talking to them with your lawyer present. 11. If you are nervous about simply refusing to talk, you may find it easier to tell them to contact your lawyer. Once a lawyer is involved, the agents usually pull back since they have lost their power to intimidate. If you are taken into police custory, once you request an attorney, they MUST cease questioning until your lawyer is present. But remember, you don't have to answer their questions, even if they keep asking. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: karn@qualcomm.com (Phil Karn) Date: Tue, 6 Jul 93 18:03:18 PDT To: tcmay@netcom.com Subject: Re: "Let's kill all the lawyers..." Message-ID: <9307070103.AA23132@servo> MIME-Version: 1.0 Content-Type: text/plain Amen! Well spoken, Tim. Last night I saw the Saferstein remarks you mention. I think they hit the local California TV stations before being picked up by CNN. I fully agree that PC is *really* getting out of hand if lawyers are now to be considered one of the downtrodden minority groups. Saferstein doesn't seem to understand the serious role satire plays in actually *preventing* violence in our society. Lawyers and politicians (lawyers being the larval stage of the latter) hold a tremendous amount of power over the rest of us. Satire (including jokes, political cartoons and the like) might not actually do much to lessen that power, but it does give the rest of us a chance to vent some of the resentment that might otherwise build into violence in more people. And of course there is satire's unique selectivity. It's hard to satirize somebody who doesn't deserve it. But a hypocritical lawyer or a politician with a bloated ego... well, I don't think bullets ever get any more magic than this. *They* may still believe in their own overriding self-importance, but thanks to satire, the rest of us don't have to! The real irony of trying to ban "lawyer bashing" is that some of the best (most critical) lawyer jokes are told by the lawyers themselves! So maybe we *should* pass a law against it. What better way to get more lawyers off the street and where they belong? (Short of cloning some more T. Rexes, of course...was there also applause in your theater during that scene?) Phil From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: dante@microsoft.com Date: Tue, 6 Jul 93 18:08:35 PDT To: gnu@toad.com Subject: Re: Matchbook reminders for EFF / Cypherpunk members Message-ID: <9307070107.AA00445@netmail.microsoft.com> MIME-Version: 1.0 Content-Type: text/plain John Gilmore said: | |At a friend's house I found a matchbook printed up by NORML. It |serves to advertise the organization, as well as providing information |useful during legal troubles. | |It got me thinking about matchbooks or wallet cards as a good way to |make people aware of us. (Matchbooks work better when your |organization is concerned with smokables...) Someone mentioned a few |weeks ago that we need to have a wallet-sized card that reminds people |of their rights when they get into hassles. Experience has shown that |we forget and bungle it, without a reminder. Good idea. FYI, the ACLU also provides these wallet-sized cards to anyone who asks, and they are invaluable. Read them _before_ you get arrested. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Fred Heutte Date: Tue, 6 Jul 93 18:32:40 PDT To: tcmay@netcom.com Subject: Re: "Let's kill all the lawyers..." Message-ID: <93Jul6.183147pdt.14190-3@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Tim May and Phil Karn's comments remind me of my friend Mark the Lawyer who lives in SF. I visit him on occasion when I'm in the Bay Area and notice that he has the proper perspective on things. When I was there a week ago he had a copy of the Nolo Press newspaper (including a hefty selection of their vast catalogue of lawyer jokes). And his refrigerator magnet reads: "Lawyer: person retained to protect client from others of profession." We need lawyers, but do we need *so many*?! I was born and grew up in Washington, DC. The DC Bar has over *50,000* lawyers! Even in our nation's capital that seems excessive. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Judith Milhon Date: Tue, 6 Jul 93 18:43:00 PDT To: cypherpunks@toad.com Subject: fwd of Chi.Trib article... Message-ID: <93Jul6.184232pdt.14403-3@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain ...for you maths hooligans and crypto thugs... From: SPOETZ Subj: The Chicago Tribune on Fermat's Last Theorem To: DELTORTO, SaintJude ------- Forwarded Message Subject: The Chicago Tribune on Fermat's Last Theorem >From: David Notkin The following column appeared in the Chicago Tribune / DuPage County edition Tuesday June 29 1993 page 2-1. MATH RIOTS PROVE FUN INCALCULABLE /by/ Eric Zorn /begin italics/ News Item (June 23) -- Mathematicians worldwide were excited and pleased today by the announcement that Princeton University professor Andrew Wiles had finally proved Fermat's Last Theorem, a 365-year-old problem said to be the most famous in the field. /end italics/ Yes, admittedly, there was rioting and vandalism last week during the celebration. A few bookstores had windows smashed and shelves stripped, and vacant lots glowed with burning piles of old dissertations. But overall we can feel relief that it was nothing -- nothing -- compared to the outbreak of exuberant thuggery that occurred in 1984 after Louis DeBranges finally proved the Bieberbach Conjecture. "Math hooligans are the worst," said a Chicago Police Department spokesman. "But the city learned from the Bieberbach riots. We were ready for them this time." When word hit Wednesday that Fermat's Last Theorem had fallen, a massive show of force from law enforcement at universities all around the country headed off a repeat of the festive looting sprees that have become the traditional accompaniment to triumphant breakthroughs in higher mathematics. Mounted police throughout Hyde Park kept crowds of delirious wizards at the University of Chicago from tipping over cars on the midway as they first did in 1976 when Wolfgang Haken and Kenneth Appel cracked the long-vexing Four-Color Problem. Incidents of textbook-throwing and citizens being pulled from their cars and humiliated with difficult story problems last week were described by the university's math department chairman Bob Zimmer as "isolated." Zimmer said, "Most of the celebrations were orderly and peaceful. But there will always be a few -- usually graduate students -- who use any excuse to cause trouble and steal. These are not true fans of Andrew Wiles." Wiles himself pleaded for calm even as he offered up the proof that there is no solution to the equation x^n + y^n = z^n when n is a whole number greater than two, as Pierre de Fermat first proposed in the 17th Century. "Party hard but party safe," he said, echoing the phrase he had repeated often in interviews with scholarly journals as he came closer and closer to completing his proof. Some authorities tried to blame the disorder on the provocative taunting of Japanese mathematician Yoichi Miyaoka. Miyaoka thought he had proved Fermat's Last Theorem in 1988, but his claims did not bear up under the scrutiny of professional referees, leading some to suspect that the fix was in. And ever since, as Wiles chipped away steadily at the Fermat problem, Miyaoka scoffed that there would be no reason to board up windows near universities any time soon; that God wanted Miyaoka to prove it. In a peculiar sidelight, Miyaoka recently took the trouble to secure a U.S. trademark on the equation "x^n + y^n = z^n " as well as the now-ubiquitous expression "Take that, Fermat!" Ironically, in defeat, he stands to make a good deal of money on cap and T-shirt sales. This was no walk-in-the-park proof for Wiles. He was dogged, in the early going, by sniping publicity that claimed he was seen puttering late one night doing set theory in a New Jersey library when he either should have been sleeping, critics said, or focusing on arithmetic algebraic geometry for the proving work ahead. "Set theory is my hobby, it helps me relax," was his angry explanation. The next night, he channeled his fury and came up with five critical steps in his proof. Not a record, but close. There was talk that he thought he could do it all by himself, especially when he candidly referred to University of California mathematician Kenneth Ribet as part of his "supporting cast," when most people in the field knew that without Ribet's 1986 proof definitively linking the Taniyama Conjecture to Fermat's Last Theorem, Wiles would be just another frustrated guy in a tweed jacket teaching calculus to freshmen. His travails made the ultimate victory that much more explosive for math buffs. When the news arrived, many were already wired from caffeine consumed at daily colloquial teas, and the took to the streets en masse shouting, "Obvious! Yessss! It was obvious!" The law cannot hope to stop such enthusiasm, only to control it. Still, one has to wonder what the connection is between wanton pillaging and a mathematical proof, no matter how long-awaited and subtle. The Victory Over Fermat rally, held on a cloudless day in front of a crowd of 30,000 (police estimate: 150,000) was pleasantly peaceful. Signs unfurled in the audience proclaimed Wiles the greatest mathematician of all time, though partisans of Euclid, Descartes, Newton, and C.F. Gauss and others argued the point vehemently. A warmup act, The Supertheorists, delighted the crowd with a ragged song, "It Was Never Less Than Probable, My Friend," which included such gloating, barbed verses as --- "I had a proof all ready / But then I did a choke-a / Made liberal assumptions / Hi! I'm Yoichi Miyaoka." In the speeches from the stage, there was talk of a dynasty, specifically that next year Wiles will crack the great unproven Riemann Hypothesis ("Rie-peat! Rie-peat!" the crowd cried), and that after the Prime-Pair Problem, the Goldbach Conjecture ("Minimum Goldbach," said one T-shirt) and so on. They couldn't just let him enjoy his proof. Not even for one day. Math people. Go figure 'em. ---------------------------------------------------------------------- St.Jude the Oblique From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Tue, 6 Jul 93 18:55:34 PDT To: cypherpunks@toad.com Subject: Re: "Let's kill all the lawyers..." In-Reply-To: <93Jul6.183147pdt.14190-3@well.sf.ca.us> Message-ID: <9307070156.AA16144@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Fred Heutte comments: > Tim May and Phil Karn's comments remind me of my friend Mark the Lawyer > who lives in SF. I visit him on occasion when I'm in the Bay Area and > notice that he has the proper perspective on things. When I was there > a week ago he had a copy of the Nolo Press newspaper (including a hefty > selection of their vast catalogue of lawyer jokes). And his refrigerator > magnet reads: "Lawyer: person retained to protect client from others of > profession." > > We need lawyers, but do we need *so many*?! I was born and grew up > in Washington, DC. The DC Bar has over *50,000* lawyers! Even in > our nation's capital that seems excessive. I don't really think of lawyers as the problem, per se, nor do I think there are too many GIVEN WHAT THE LAW HAS BECOME. Seems to me folks have gotten what they asked for. The asked for more regulation, they got it. The asked to be protected from the contracts they signed (that is, to find ways to get out of contracts they no longer liked), they got it. They asked for easier divorce, they got it. They asked to be able to sue for nearly anything bad that happens to them, they got it. All of these things increase the business of lawyers, as business is no longer done on a handshake, property has to be divided up with the easier divorces, and so on. If you think about it, the reason for the surge in lawyers is clear. What, if anything, can be done? Here are several suggestions: 1. Return the sanctity of the contract. If parties sign a contract, then unless there is provable fraud, the contract is valid. No wiggling out claiming "diminished capacity" (if you're diminished, hire someone to handle your affairs), claims of "not understanding," or claims that the contract itself was coercion, racist, unfair, whatever. 2. Eliminate public funding of court proceedings. Eliminate things like the "Legal Aid Society" that subsidize court proceeding against landlords and property owners (as but one example). 3. Loser pays all court costs, and perhaps damages for bringing the suit, if the suit was clearly unfounded. (A murky area, I'll grant you, but other countries have tried it and it cuts down on frivolous "I'll sue!" types of suits.) 4. In divorce cases, adopt a system in advance of the wedding clearly stating the terms and conditions under which property, kids, etc., are to be doled out. Oh, and by Point #1, the sanctity of Pre-Nuptial Agreements is ironclad...no wiggling out by hiring lawyers. 5. Ultimately, privatize the court system. Bruce Benson, in "The Enterprise of Law," describes how this might work. (I won't debate it here in this group.) Obligatory Link to Cypherpunk Ideas: Many of these reforms are likely in cyberspace, where contracts will be contracts....with money placed in escrow with anonymous escrow services and only fairly simple adjudication and arbitration of the "facts," not the "intents." (Read Vinge's "True Names" for one vision of crypto anarchy and then try to imagine how the lawyers will ply their trade in such an environment.) -Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Fred Heutte Date: Tue, 6 Jul 93 19:07:08 PDT To: stjude@well.sf.ca.us Subject: Re: fwd of Chi.Trib article... Message-ID: <93Jul6.190635pdt.14421-1@well.sf.ca.us> MIME-Version: 1.0 Content-Type: text/plain Thanks, that was priceless! Best thing I've read this year. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: khijol!erc@apple.com (Ed Carp) Date: Tue, 6 Jul 93 19:32:17 PDT To: mccoy@ccwf.cc.utexas.edu (Jim McCoy) Subject: Re: On the medium being the message In-Reply-To: <199307070119.AA23872@tigger.cc.utexas.edu> Message-ID: MIME-Version: 1.0 Content-Type: text > > [...] This set off a whole train of thought on > > message concealibility, like hiding messages in, say, the order of headers > > in a posting, or the "Reply-To:" header, or even the words in subsequent > > postings to a newsgroup. Who would ever think to look at, say, the third > > word in every posting Tim makes to alt.whatever newsgroup? Or in the "Date:" > > field, or in the "Message-ID:" field, or ... or ... or ... > > Not much bandwidth in that medium there... > > Things like gif/jpeg images and sound files have a ton of semi-random bits > in them that you can fool around with without anyone noticing much, but > plain text in news headers and postings just doesn;t leave one with much > room for putting in a message. At least not without being blanently > obvious... True, but how much do you need if you have code dictionaries? The Message-ID field, for example, could contain a page.word reference, one that meant "the cops are watching me, be careful", or "Nuclear detonator received". Not much the NSA could do to figure that one out unless they had searched your place, or knew a HELL of a lot about you and your co-conspirator. My point was, there are a lot of covert channels that one can use without making it obvious that there is any sort of covert data being passed. -- Ed Carp erc@wetware.com 510/659-9560 For anonymous mailers --> anonymus+5300@charcoal.com "I've met many thinkers and many cats, but the wisdom of cats is infinitely superior." -- Hippolyte Taine (1828-1893) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jet@netcom.com (J. Eric Townsend) Date: Tue, 6 Jul 93 12:46:36 PDT To: cypherpunks@toad.com Subject: Complete ignorance of any sort of reality on May's part (was We are Message-ID: <9307061947.AA17712@netcom.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Timothy C. May writes: > degrading to women, objectifies them, etc. (ironically, unless of course it > is "made by and for wimmin," a loophole added by Andrea Dworkin and her > supporters after they discovered their anti-porn crusade in Canada and > elsewhere would put an end to Lesbian porn mags like "Yellow Silk"!). This is complete and utter nonsense. Tim May has no clue as to what he talks about. What's worse, it smells of homophobia. In no particular order: - Dworkin has never called for the banning of porn. I've read most of her books, and she even goes out of her way to say she's not calling for any sort of censorship. She *does* push for 'victim compenstation'-style legislation. (How this sort of legislation interacts with constitutional rights is beyond my keen, save a few decisions I've read about 19th century property rights in Louisiana. :-) - I've heard Dworkin come down just has hard on lesbigay porn, if not harder than, as she does on het porn. Her old housemate John Stoltenberg (sp?) is as noxious as she is on this point. - "Yellow Silk" is not a lesbian porn mag. It's a very lame het softcore mag. If you'd like to see *real* lesbian porn (some of which pisses off a fair portition of the feminist and lesbian communities) find "On Our Backs" (started by Susie Bright), "Venus Infers" (started by Pat Califia, women-only SM), or "Girljock" (sort of a preppie/athelete/lesbian (not dyke :-) porn mag). - Last I heard, there was no need to capitalize 'lesbian'. None of the dykes/lesbians I know capitalize it, unless it starts a sentence. Residents of Lesbos (the true 'Lesbians') might disagree, however. Tired of white het male computer geeks talking nonsense about anyone who threatens their place in the power structure, -- jet@netcom.com -- J. Eric Townsend -- '92 R100R: "CLACKER" "Either what you've said is so vague that it's meaningless or I disagreee with you completely." -- Tom Maddox From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Jim McCoy Date: Tue, 6 Jul 93 18:20:03 PDT To: erc@wetware.com Subject: Re: On the medium being the message In-Reply-To: Message-ID: <199307070119.AA23872@tigger.cc.utexas.edu> MIME-Version: 1.0 Content-Type: text > [...] This set off a whole train of thought on > message concealibility, like hiding messages in, say, the order of headers > in a posting, or the "Reply-To:" header, or even the words in subsequent > postings to a newsgroup. Who would ever think to look at, say, the third > word in every posting Tim makes to alt.whatever newsgroup? Or in the "Date:" > field, or in the "Message-ID:" field, or ... or ... or ... Not much bandwidth in that medium there... Things like gif/jpeg images and sound files have a ton of semi-random bits in them that you can fool around with without anyone noticing much, but plain text in news headers and postings just doesn;t leave one with much room for putting in a message. At least not without being blanently obvious... jim From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: nobody@soda.berkeley.edu Date: Tue, 6 Jul 93 21:07:14 PDT To: cypherpunks@toad.com Subject: Encrypted list software Message-ID: <9307070403.AA05223@soda.berkeley.edu> MIME-Version: 1.0 Content-Type: text/plain -----BEGIN PGP SIGNED MESSAGE----- I've had a couple of people ask to have their names added to the encrypted list forwarder I put together. I'm soliciting feedback on how this service should work. Right now, it only encrypts the "body" of the message. The "headers", which are the "From:" and "Subject:" lines, etc., are passed through basically unchanged (except for "To:", which I change to be the person it is going to. Maybe that's unnecessary, as I notice that the cypherpunks list puts its own address into "To:", for some reason.) It also adds "Encrypted: PGP" to the headers. I wonder if it would be better for it to encrypt the whole message, headers and body together, then to mail that with a fresh new header that would show nothing about the original message. The first approach hides the contents of the message, but not its subject or who it is from; the second hides more. Any suggestions as to which is more useful? Hal Finney hfinney@shell.portal.com -----BEGIN PGP SIGNATURE----- iQCUAgUBLDoazagTA69YIUw3AQEVIQP4yImWVmyipsNbMUu8pX4QkyPx9T/95MVP lTc+LAFwACUSbm2/DNTqLOLbDhb9rnMlHT/926mjoJFC4H3xQn61oXzM50GtRiaY ORJOxJ8CVqmQE7RW51jEAM0wIH4L2CDhveudY6r2ZX7uLjmybkdHJy4G5BSb46cD x5h93fOyXg== -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: sneal@muskwa.ucs.ualberta.ca (Sneal) Date: Tue, 6 Jul 93 20:08:19 PDT To: cypherpunks@toad.com Subject: We are becoming politically correct sheep Message-ID: <9307070308.AA02565@muskwa.ucs.ualberta.ca> MIME-Version: 1.0 Content-Type: text/plain I am slightly dubious of the wisdom of Tim's switch-and-bate on a.b.p.e.c. for a couple of reasons: a) The possibility of some media nitwit hearing about the initial post and missing Tim's "retraction" (or ignoring it in the interests of a great big ol' byline). Nightmarish possibilities abound, particularly given the subtle nature of the "clue" in the PGP block. b) In a more paranoid moment some months ago, I predicted that the NSA would be waiting for a chance to work a PGP angle into some sensational story that creates a lot of public outcry. Linking PGP to terrorism, drug dealing, or kiddie porn would be a great first step towards getting some laws against "unlicensed cryptography" on the books. I'm less worried about Tim giving the TLAs any ideas (I'm sure they have lots of bright "media relations" people already) than I am about him inspiring real pornographers (or agent provocateurs). c) Personally, I think that the fewer excuses one gives busybodies to "make policy", the better. However, what with Clipper, Markey, Gore, Denning, Sternlight, et al, the cat's already out of the bag. We can only sigh and wish that these beknighted ones had viewed with alarm the excess profits and price gouging of the haircutting industry, and the need to balance unbridled free enterprise with the tonsorial rights of the public. However - tickling a few neurons may very well have been worth the risks noted above. In response to Tim's later post about freedom of speech, J. Eric Townsend writes: >[flameage censored] In arguing the fine points of Dworkinism, pornography, capitalization of proper nouns, etc., I think Eric misses Tim's point, which is (I think) that the current movement of society is from Forbidding actions that cause harm to others to Forbidding actions and speech that might offend others, or make them uncomfortable, or hurt their feelings. This is an obviously not a happy thing. While not offending others is an admirable goal, I am going to disagree with Tim May if he claims that he can levitate given the right mix of ginseng, pig knuckles, and spiritual harmony. Tim may be emotionally crushed by this, but that's life. If things keep on the way they are, in a few years, Tim will have the option of taking me to the Spiritual Tribunal and having me busted for emotional assault, where I'll be sentenced to three to five years at hard consciousness-raising. There's an excellent article on this issue by Jonathan Rauch in the April 93 issue of 'Reason'; this is an excerpt from his book "Kindly Inquisitors: The New Attack On Free Thought". Rauch's thesis is that the very humanitarian goal of making sure that nobody's feelings are hurt is incompatible with the free inquiry and lively discourse that are necessary parts of a free society. To those of you who think "it can't happen here", I would refer you to Canada's "hate speech" laws, which make it a criminal offense to "promote hatred against an identifiable group". To date, the only well-known charges under these laws have been against couple of Holocaust revisionists; however, the definitions of "promoting hatred" and "identifiable group" are vague enough to make this country a somewhat dangerous place to have unpopular views, even disregarding the tremendous leverage this law gives governments to step on anyone who gets too far out of line. "It's the First Amendment, stupid." -- Steve From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Tue, 6 Jul 93 21:25:10 PDT To: cypherpunks@toad.com Subject: Re: We are becoming politically correct sheep In-Reply-To: <9307070308.AA02565@muskwa.ucs.ualberta.ca> Message-ID: <9307070425.AA15301@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Steve Neal makes some very good points: > a) The possibility of some media nitwit hearing about the initial > post and missing Tim's "retraction" (or ignoring it in the interests > of a great big ol' byline). Nightmarish possibilities abound, > particularly given the subtle nature of the "clue" in the PGP block. I agree, which is why I ended the charade. (And I would've ended it sooner had I gotten any strange phone calls, suggesting a reporter sniffing around, or threats to report the posting to the cops. I did get a few strange messages suggesting Netcom should yank my account.) But the interesting thing is how paranoid people are about free speech being exercised (the free speech being posting of non-provably illegal material, not the posting of provably illegal material). I won't repeat my point about a nation of politically correct sheep. > However - tickling a few neurons may very well have been worth the > risks noted above. Yes, perhaps thinking about some issues in advance is a good "drill." (For some reason, I seem to gravitate toward these "early warning" situations...it was me who posted the first message about Dorothy Denning's key escrow system, last October ("A Trial Balloon to Ban Encryption?"), and I also posted the fake "Stealth Secrets" article in cypherpunks, anonymously. The intent was to test the commitment of the list to the much-talked about "whistleblowers" group and to the likey implications. (Sure enough, several people freaked out and called for censorship--as if anonymous whistleblowing can be censored! I 'fessed-up after several days, pointing out the material came from a published book and some Aviation Leak material.) Steve then makes some really excellent points: > In arguing the fine points of Dworkinism, pornography, > capitalization of proper nouns, etc., I think Eric misses Tim's point, > which is (I think) that the current movement of society is from > > Forbidding actions that cause harm to others > > to > > Forbidding actions and speech that might offend others, or make them > uncomfortable, or hurt their feelings. Yes, exactly! This is a profound shift from the principles on which this country (apologies to Brits, etc.) was founded. > To those of you who think "it can't happen here", I would refer you > to Canada's "hate speech" laws, which make it a criminal offense to > "promote hatred against an identifiable group". To date, the only And France and Germany have both used "hate crimes" as "hate groups" as justification to ban certain groups from existing. > well-known charges under these laws have been against couple of > Holocaust revisionists; however, the definitions of "promoting > hatred" and "identifiable group" are vague enough to make this > country a somewhat dangerous place to have unpopular views, even > disregarding the tremendous leverage this law gives governments to > step on anyone who gets too far out of line. Good points, but the so-called "Holocaust" never actually happened, hence there cannot be any such thing as "Holocaust revisionism," just the telling of the truth. While the Nazis were not perfect, this nonsense about extermination camps was just Allied propaganda (confirmed by documents declassified in 1967) designed to embarass the Nazi "Huns" and to hide the mass exodus of Jews, who stole the wealth of Germany and took it to New York to set up brokerage and banking firms like S.G. Warburg and the Rothschild Bank. Every true researcher knows this. (This little joke could be enough in Canada, as Steve points out, to at least threaten me, and perhaps the machine this message originates to the List from. Most likely not (the Canadians concentrated on long-time activists), but the _threat_ is there. And this threat is coming down to the U.S.) Understand that the real threat to the Jews in Germany was not so much hatred of the Jews (of which there was probably less in Germany than in France and other European countried until Hitler began stirring up hatred and staging events to trigger mass hatred) as it was the unbridled power of the Nazi state. Civil rights were suspended, the courts fell under the control of Hitler's people, and "law" became whatever the government wanted. Ironically, with "hate crimes" as a prosecutorial tool in the 1930s, Hitler could have used the laws to prosecute Jews (especially Orthodox Jews, with different fashion styles and a dislike ("hate"?) for many Gentiles. The real threat is the government, whatever its initial intent. They have the guns, they have the courts, they have the power. We've sunk into a strange situation in which various special interest groups jockey for special privilege, special powers granted to them by the State. "Live and let live" doesn't mean one has to _like_ all the various individuals or groups that are out there, it just means you let them do their thing as long as they don't interfere with your own life. You can't pass laws to force others to like you, or your group, or to make their thougths conform to yours. About all you can really do is make sure they can't rob and kill, and even that's iffy. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: tcmay@netcom.com (Timothy C. May) Date: Tue, 6 Jul 93 21:40:37 PDT To: fergp@sytex.com (Paul Ferguson) Subject: Re: Live for today In-Reply-To: Message-ID: <9307070441.AA21415@netcom3.netcom.com> MIME-Version: 1.0 Content-Type: text/plain Paul Ferguson writes: > I applaud your exploit in the bitwise/erotica/net-police experiment. > I personally think it was damned clever and proved a valuable point. > In fact, I'd like to get your permission to reprint your original > message in Legal Net News, por favor. By all means! Just be sure to provide enough context and to included the "explanation." Also, several other people made some excellent comments, and you might want to somehow include their points. > Ask us. We will tell you -- its about stirring up the pot. Yeah, I think a lot of us got involved in this whole thing (now called Cypherpunks, but it started percolating years ago) precisely to stir things up. And to the credit of you folks, I think some progress has been made. The remailers, the awareness of Cypherpunks-type issues in the media ("Wired," "Whole Earth Review," "New York Times," "Newsweek"), and our role in the Clipper/Capstone/Skipjack/whatever matter, are all positive steps. It is true we haven't deployed digital cash, nor have we set up data havens in cyberspace, nor a bunch of other things, but these things are instrinsically hard to pull off. Someday they'll come. Finally: > Quis Custodiet Ipsos Custodes? (I've been tempted recently to come up with a "crypto" version of this famous "And who shall guard the guardians?" line. Something, in Latin of course (for effect), about "And who shall eavesdrop on the eavesdroppers?" or somesuch. Perhaps the original is best as it is.) -Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Tue, 6 Jul 93 21:13:49 PDT To: tcmay@netcom.com Subject: Live for today Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Tue, 6 Jul 93 16:08:00 -0700, Timothy C. May wrote - > The discussion of free speech and political correctness is > apparently not welcome by some on this list. I guess the usual > religious debates about which mail reader is better are what > we're supposed to talk about. Well, I'm a member of this list, > too, and issues of censorship and free speech are more > interesting to me--and to some others, I suspect--than the > intricacies of "MH." Hear, hear. Settle down, old chum. I suppose it takes a volitile issue or two to get me off of my keister, but now that I'm up, I'm more than willing to toss my (good?) name into the fracas. Idealisms are much akin to links in a chain; each crafted individually, yet forming a bond that link each idealism together into a society. (Discussions on how healthy this society really should be left for future discusion.) I walk a fine line between an affectionado for free speech and a staunch supporter of individual rights and privacy. Each aspect has its proponents and contentions, yet each aspect needs protection under _human_ law. Now, where does one infringe upon the other? I have always been fond of the adage that "your right to swing your fist ends when it hits my nose," and I hope you understand my sentiment. I have even played the role of the "net police" in at least one instance. (But then again, I did not react to rumor, innuendo or happenstance. This is another topic entirely. Those who subscribe to RISKS may be the wiser.) I applaud your exploit in the bitwise/erotica/net-police experiment. I personally think it was damned clever and proved a valuable point. In fact, I'd like to get your permission to reprint your original message in Legal Net News, por favor. > What is happening to free speech? What has happened to "Sir, I > disagree with what you say, but I defend to the death your right > to say it."? I was a military-man (once upon a time), and took that oath seriously. I tired of the "spinning-your-wheels" metality, so I naturally migrated into the private telecommunications sector. I would still defend it today, to death. Make no mistake, this country may have developed some serious problems over the course of the past 200 years, but some of us hold the intrinsic values embelished in the Constitution dear. What Tim has done is above and beyond petty in-fighting in this group. We are about change, challenge and chaos. We are old, we are new. We change, yet we are the same. What does it take? Ask us. We will tell you -- its about stirring up the pot. Paul Ferguson | "Confidence is the feeling you get Network Integrator | just before you fully understand Centreville, Virginia USA | the problem." fergp@sytex.com | - Murphy's 7th Law of Computing Quis Custodiet Ipsos Custodes? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Tue, 6 Jul 93 21:13:11 PDT To: cypherpunks@toad.com Subject: Public record Message-ID: <5HPa7B2w165w@sytex.com> MIME-Version: 1.0 Content-Type: text/plain I received a letter from "The National Computer System Security and Priivacy Advisory Board" this past week, acknowledging my letter to them (and submission thereof) on the "key-escrow" initiative. Without quoting the entirety of the letter, one particular passage merits repeat: "Copies of written statements/comments received on these issues will be made part of the public record. All statements/comments are available for inspection aand copying in the Central Reference and Records Inspection Facility, Room 600, Herbert C. Hoover (Department of Commerce) Building, 14th Street between Pennsylvania and Constitution Avenues, NW, Washington, DC 20230." The letter is signed by Lynn McNulty, Board Secretariat. (Actually, his secretary called me here in New York to get my mailing address even though I made a point of including it in my original letter of opposition. Go figure.) Anyway, this is now public record and subject to an FOIA request, no? Cheers. Paul Ferguson | "Confidence is the feeling you get Network Integrator | just before you fully understand Centreville, Virginia USA | the problem." fergp@sytex.com | - Murphy's 7th Law of Computing Quis Custodiet Ipsos Custodes? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Peter shipley Date: Wed, 7 Jul 93 01:22:04 PDT To: cypherpunks@toad.com Subject: a forward of a forward of a .... Message-ID: <9307070608.AA06525@merde.dis.org> MIME-Version: 1.0 Content-Type: text/plain ------- Forwarded Message Return-Path: shipley@remarque.berkeley.edu Message-Id: From: sinster@scintilla.santa-clara.ca.us (Darren Senn) Subject: Warning from the LPF... To: fyi@xcf.berkeley.edu Date: Tue, 6 Jul 1993 20:53:48 -0800 (PDT) X-Mailer: ELM [version 2.4 PL21] Content-Type: text Content-Length: 11239 Resent-To: shipley@dis.org Resent-Date: Tue, 06 Jul 1993 21:02:51 -0700 Resent-From: Evil Pete [ Indented just so I don't choke anyone's mailer -- DS ] Date: Mon, 28 Jun 1993 07:48:33 GMT From: friedman@gnu.ai.mit.edu (Noah Friedman) Subject: Digital Signature Scandal Organization: Free Software Foundation, 675 Mass Ave. Cambridge, MA 02139 [The following is an official announcement from the League for Programming Freedom. Please redistribute this as widely as possible. [NF]] Digital Signature Scandal Digital signature is a technique whereby one person (call her J. R. Gensym) can produce a specially encrypted number which anyone can verify could only have been produced by her. (Typically a particular signature number encodes additional information such as a date and time or a legal document being signed.) Anyone can decrypt the number because that can be done with information that is published; but producing such a number uses a "key" (a password) that J. R. Gensym does not tell to anyone else. Several years ago, Congress directed the NIST (National Institute of Standards and Technology, formerly the National Bureau of Standards) to choose a single digital signature algorithm as a standard for the US. In 1992, two algorithms were under consideration. One had been developed by NIST with advice from the NSA (National Security Agency), which engages in electronic spying and decoding. There was widespread suspicion that this algorithm had been designed to facilitate some sort of trickery. The fact that NIST had applied for a patent on this algorithm engendered additional suspicion; despite their assurances that this would not be used to interfere with use of the technique, people could imagine no harmless motive for patenting it. The other algorithm was proposed by a company called PKP, Inc., which not coincidentally has patents covering its use. This alternative had a disadvantage that was not just speculation: if this algorithm were adopted as the standard, everyone using the standard would have to pay PKP. (The same patents cover the broader field of public key cryptography, a technique whose use in the US has been mostly inhibited for a decade by PKP's assiduous enforcement of these patents. The patents were licensed exclusively to PKP by the Massachusetts Institute of Technology and Stanford University, and derive from taxpayer-funded research.) PKP, Inc. made much of the suspect nature of the NIST algorithm and portrayed itself as warning the public about this. On June 8, NIST published a new plan which combines the worst of both worlds: to adopt the suspect NIST algorithm, and give PKP, Inc. an *exclusive* license to the patent for it. This plan places digital signature use under the control of PKP through the year 2010. By agreeing to this arrangement, PKP, Inc. shows that its concern to protect the public from possible trickery was a sham. Its real desire was, as one might have guessed, to own an official national standard. Meanwhile, NIST has justified past suspicion about its patent application by proposing to give that patent (in effect) to a private entity. Instead of making a gift to PKP, Inc., of the work all of us have paid for, NIST and Congress ought to protect our access to it--by pursuing all possible means, judicial and legislative, to invalidate or annul the PKP patents. If that fails, even taking them by eminent domain is better (and cheaper in the long run!) than the current plan. You can write to NIST to object to this giveaway. Write to: Michael R. Rubin Active Chief Counsel for Technology Room A-1111, Administration Building, National Institute of Standards and Technology Gaithersburg, Maryland 20899 (301) 975-2803. The deadline for arrival of letters is around August 4. Please send a copy of your letter to: League for Programming Freedom 1 Kendall Square #143 P.O.Box 9171 Cambridge, Massachusetts 02139 (The League for Programming Freedom is an organization which defends the freedom to write software, and opposes monopolies such as patented algorithms and copyrighted languages. It advocates returning to the former legal system under which if you write the program, you are free to use it. Please write to the League if you want more information.) Sending copies to the League will enable us to show them to elected officials if that is useful. This text was transcribed from a fax and may have transcription errors. We believe the text to be correct but some of the numbers may be incorrect or incomplete. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ** The following notice was published in the Federal Register, Vol. 58, No. 108, dated June 8, 1993 under Notices ** National Institute of Standards and Technology Notice of Proposal for Grant of Exclusive Patent License This is to notify the public that the National Institute of Standards and Technology (NIST) intends to grant an exclusive world-wide license to Public Key Partners of Sunnyvale, California to practice the Invention embodied in U.S. Patent Application No. 07/738.431 and entitled "Digital Signature Algorithm." A PCT application has been filed. The rights in the invention have been assigned to the United States of America. The prospective license is a cross-license which would resolve a patent dispute with Public Key Partners and includes the right to sublicense. Notice of availability of this invention for licensing was waived because it was determined that expeditious granting of such license will best serve the interest of the Federal Government and the public. Public Key Partners has provided NIST with the materials contained in Appendix A as part of their proposal to NIST. Inquiries, comments, and other materials relating to the prospective license shall be submitted to Michael R. Rubin, Active Chief Counsel for Technology, Room A-1111, Administration Building, National Institute of Standards and Technology, Gaithersburg, Maryland 20899. His telephone number is (301) 975-2803. Applications for a license filed in response to this notice will be treated as objections to the grant of the prospective license. Only written comments and/or applications for a license which are received by NIST within sixty (60) days for the publication of this notice will be considered. The prospective license will be granted unless, within sixty (60) days of this notice, NIST receives written evidence and argument which established that the grant of the license would not be consistent with the requirements of 35 U.S.C. 209 and 37 CFR 404.7. Dated: June 2, 1993. Raymond G. Kammer Acting Director, National Institute Standards and Technology. Appendix "A" The National Institute for Standards and Technology ("NIST") has announced its intention to grant Public Key Partners ("PKP") sublicensing rights to NIST's pending patent application on the Digital Signature Algorithm ("DSA"). Subject to NIST's grant of this license, PKP is pleased to declare its support for the proposed Federal Information Processing Standard for Digital Signatures (the "DSS") and the pending availability of licenses to practice the DSA. In addition to the DSA, licenses to practice digital signatures will be offered by PKP under the following patents: Cryptographic Apparatus and Method ("Diffie-Hellman") No. 4,200,770 Public Key Cryptographic Apparatus and Method ("Hellman-Merkle") No. 4,315,552 Exponential Cryptographic Apparatus and Method ("Hellman-Pohlig") No. 4,434,414 Method For Identifying Subscribers And For Generating And Verifying Electronic Signatures In A Data Exchange System ("Schnorr") No. 4,995,082 It is PKP's intent to make practice of the DSA royalty free for personal, noncommercial and U.S. Federal, state and local government use. As explained below, only those parties who enjoy commercial benefit from making or selling products, or certifying digital signatures, will be required to pay royalties to practice the DSA. PKP will also grant a license to practice key management, at no additional fee, for the integrated circuits which will implement both the DSA and the anticipated Federal Information Processing Standard for the "key escrow" system announced by President Clinton on April 16, 1993. Having stated these intentions, PKP now takes this opportunity to publish its guidelines for granting uniform licenses to all parties having a commercial interest in practicing this technology: First, no party will be denied a license for any reason other that the following: (i) Failure to meet its payment obligations, (ii) Outstanding claims of infringement, or (iii) Previous termination due to material breach. Second, licenses will be granted for any embodiment sold by the licensee or made for its use, whether for final products software, or components such as integrated circuits and boards, and regardless of the licensee's channel of distribution. Provided the requisite royalties have been paid by the seller on the enabling component(s), no further royalties will be owned by the buyer for making or selling the final product which incorporates such components. Third, the practice of digital signatures in accordance with the DSS may be licensed separately from any other technical art covered by PKP's patents. Fourth, PKP's royalty rates for the right to make or sell products, subject to uniform minimum fees, will be no more than 2 1/2% for hardware products and 5% for software, with the royalty rate further declining to 1% on any portion of the product price exceeding $1,000. These royalty rates apply only to noninfringing parties and will be uniform without regard to whether the licensed product creates digital signatures, verifies digital signatures or performs both. Fifth, for the next three (3) years, all commercial services which certify a signature's authenticity for a fee may be operated royalty free. Thereafter, all providers of such commercial certification services shall pay a royalty to PKP of $1.00 per certificate for each year the certificate is valid. Sixth, provided the foregoing royalties are paid on such products or services, all other practice of the DSA shall be royalty free. Seventh, PKP invites all of its existing licensees, at their option, to exchange their current licenses for the standard license offered for DSA. Finally, PKP will mediate the concerns of any party regarding the availability of PKP's licenses for the DSA with designated representatives of NIST and PKP. For copies of PKP's license terms, contact Michael R. Rubin, Acting Chief Counsel for Technology, NIST, or Public Key Partners. Dated: June 2, 1993. Robert B. Fougner, Esq., Director of Licensing, Public Key Partners, 310 North Mary Avenue, Sunnyvale, CA 94033 [FR Doc. 93-13473 Filed 8-7-93; 8:45 am] ^^^^^^ [Looks like a typo to me... -- DS ] - -- Darren Senn Phone: (408) 988-2640 Snail: 620 Park View Drive #206 sinster@scintilla.santa-clara.ca.us Santa Clara, CA 95054 Just another alpha male wire-head pyromaniac ------- End of Forwarded Message From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Chris Parrinello Date: Tue, 6 Jul 93 21:47:34 PDT To: nobody@soda.berkeley.edu Subject: Re: Encrypted list software In-Reply-To: <9307070403.AA05223@soda.berkeley.edu> Message-ID: <199307070446.AA27421@ux1.cso.uiuc.edu> MIME-Version: 1.0 Content-Type: text/plain Your message dated: Tue, 06 Jul 1993 21:03:30 PDT >-----BEGIN PGP SIGNED MESSAGE----- > >I've had a couple of people ask to have their names added to the >encrypted list forwarder I put together. I'm soliciting feedback on >how this service should work. > >I wonder if it would be better for it to encrypt the whole message, headers >and body together, then to mail that with a fresh new header that would >show nothing about the original message. I think encrypting who the message is from and the subject would be best that way I can have a subject of "Plans to Kill Pauly Shore" after I decrypt the message. For how the service should work, I think you should look into MIME. You can include encrypted text that will decrypt when you read it with your mail program. Chris From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: khijol!erc@apple.com (Ed Carp) Date: Wed, 7 Jul 93 00:07:56 PDT To: i6t4@jupiter.sun.csd.unb.ca (Nickey MacDonald) Subject: Re: What do you make of this? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: text > Here's a list of phone numbers, what do you make of them? > Nick MacDonald | NMD on IRC > i6t4@jupiter.sun.csd.unb.ca | PGP 2.1 Public key available via finger > i6t4@unb.ca | (506) 457-1931 ^{1024/746EBB 1993/02/23} I don't know. What are they? Ed (busily building gcc-2.4.5 on a 486) Carp -- Ed Carp erc@wetware.com 510/659-9560 For anonymous mailers --> anonymus+5300@charcoal.com "I've met many thinkers and many cats, but the wisdom of cats is infinitely superior." -- Hippolyte Taine (1828-1893) From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: mike@EGFABT.ORG (Mike Sherwood) Date: Wed, 7 Jul 93 00:36:42 PDT To: cypherpunks@toad.com Subject: Re: What do you make of this? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: text/plain Nickey MacDonald writes: > Here's a list of phone numbers, what do you make of them? > > (503) 241-9796 ext: 09 > (510) 244-8003 ext: 308 I dont know about all of them, but the second one is near me and I confirmed that there is no 244 prefix in the 510 area code, so either ther is an error in that data, or should I venture so far as to say that he's trying to make a point about hiding information in a seemingly harmless format. I don't have the desire to actually try to find out what it is, but it wouldnt take much more research to find out if the list is primarily made of nonexistent numbers. However, the only reason I even looked that far is because of the nature of this group and the fact that it was brought up as such, rather than "Local U.S. Department of Agriculture offices" or some other title that would cause people to want to be as far away from it as possible. -- Mike Sherwood internet: mike@EGFABT.ORG uucp: ...!sgiblab!egfabt!mike  From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: rwhelan@mason1.gmu.edu (Ryan A. Whelan) Date: Tue, 6 Jul 93 23:00:41 PDT To: parrinel@ux1.cso.uiuc.edu (Chris Parrinello) Subject: Re: Encrypted list software In-Reply-To: <199307070446.AA27421@ux1.cso.uiuc.edu> Message-ID: <9307070600.AA23572@mason1.gmu.edu> MIME-Version: 1.0 Content-Type: text -----BEGIN PGP SIGNED MESSAGE----- > I think encrypting who the message is from and the subject would be > best that way I can have a subject of "Plans to Kill Pauly Shore" > after I decrypt the message. > For how the service should work, I think you should look into MIME. You > can include encrypted text that will decrypt when you read it with > your mail program. Well actaully, since we just recently got perl installed on our system, I have been playing around with the elm and nn scripts. They seem to work resonably well, but it looks like they need a little work. The do detect if the message is PGP encrypted or if it has a PGP signature in it and when I mail things it asks if I want to sign it or encrypt it. They need a little polishing but they do work. Anyone else has any experience using this? anyone got any suggestions? Sometime when I am not so tired I am going to play with the emacs and tin scripts. - -- Ryan A. Whelan "Only two good things came out of Berkeley, LSD and BSD, rwhelan@mason1.gmu.edu rwhelan@cosmos.gmu.edu coincidence???" rwhelan@gmuvax.gmu.edu PGP Public Key available via finger "If its not UNIX, its crap" -----BEGIN PGP SIGNATURE----- Version: 2.3 iQCVAgUBLDpmSxGKBstqmlA7AQHHQwQAjSnhBqjU28HAjYN87g7iSSwfZxRYxrdY ArpkU89N72CW1NgEQnLoZGYmyVuXNdmMn7qVJrEPXM5ivT/iGgiLmrUsiFSe1mtF gt20XyQ/VYO74M3DI7wC3tUcn63lRaJO79rYjenQKL6g4HPdIZxYjJMj6TlEzPK3 ULahI5aALys= =zUm7 -----END PGP SIGNATURE----- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Nickey MacDonald Date: Tue, 6 Jul 93 22:31:44 PDT To: cypherpunks list Subject: What do you make of this? Message-ID: MIME-Version: 1.0 Content-Type: text/plain Here's a list of phone numbers, what do you make of them? (503) 241-9796 ext: 09 (510) 244-8003 ext: 308 (614) 626-6421 ext: 19 (917) 806-0801 ext: 19 (208) 565-6220 ext: 23 (807) 961-6176 (608) 809-5822 (402) 815-5084 (716) 251-3201 ext: 214 (317) 837-9796 ext: 20 (514) 999-7352 ext: 38 (412) 221-7266 ext: 226 (619) 620-9556 ext: 18 (417) 582-2491 ext: 26 (210) 879-1228 ext: 017 (413) 708-9037 ext: 24 (203) 791-3828 ext: 15 (413) 366-5478 ext: 37 (414) 297-3632 ext: 301 (305) 469-5633 (200) 296-4919 ext: 104 (818) 708-4065 ext: 12 (402) 614-0058 (213) 918-2514 ext: 221 (201) 897-4434 ext: 01 (611) 200-0862 ext: 208 (213) 248-9232 ext: 0309 (507) 236-2585 ext: 27 (218) 271-1379 ext: 0329 (201) 267-6176 ext: 114 (504) 214-8612 ext: 22 (803) 823-1367 (207) 562-8716 ext: 27 (215) 239-5596 ext: 0421 (405) 332-6203 (912) 248-6594 ext: 225 (216) 440-2025 ext: 122 (313) 322-2667 ext: 33 -- Nick MacDonald | NMD on IRC i6t4@jupiter.sun.csd.unb.ca | PGP 2.1 Public key available via finger i6t4@unb.ca | (506) 457-1931 ^{1024/746EBB 1993/02/23} From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jota@iguana.inesc.pt (Joao Pedro Martins) Date: Tue, 6 Jul 93 17:41:10 PDT To: cypherpunks@toad.com Subject: Subscribe Message-ID: <9307070041.AA21672@iguana.inesc.pt> MIME-Version: 1.0 Content-Type: text subscribe -- * "Deitaram-se. Blimunda era virgem. Que idade tens, perguntou Baltasar, e *Blimunda respondeu, Dezanove anos, mas ja' enta~o se tornara muito mais *velha." - Jose' Saramago, "Memorial do Convento" **************************************************** jota@mujave.inesc.pt * * ...jotinha meu amor... INFOFREE * i got pgp, ask me NO MORE ! (U2,SBS-L) * 9431006 <- noy my password dancing and laughing From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mike Godwin Date: Wed, 7 Jul 93 22:15:48 PDT To: karn@qualcomm.com (Phil Karn) Subject: Re: "Let's kill all the lawyers..." In-Reply-To: <9307070103.AA23132@servo> Message-ID: <199307071221.AA05193@eff.org> MIME-Version: 1.0 Content-Type: text/plain Phil writes: > Last night I saw the Saferstein remarks you mention. I think they hit > the local California TV stations before being picked up by CNN. I > fully agree that PC is *really* getting out of hand if lawyers are now > to be considered one of the downtrodden minority groups. If I were to set out to deliberate make lawyers look even sillier than they look already, I couldn't imagine a better place to start than to make a remark like Saferstein's "hate crimes" comment. --Mike From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: pat@tstc.edu (Patrick E. Hykkonen) Date: Wed, 7 Jul 93 22:15:15 PDT To: tcmay@netcom.com (Timothy C. May) Subject: Re: Live for today In-Reply-To: <9307070441.AA21415@netcom3.netcom.com> Message-ID: <9307071325.AA04823@tstc.edu> MIME-Version: 1.0 Content-Type: text/plain > It is true we haven't deployed digital cash, nor have we set up data > havens in cyberspace, nor a bunch of other things, but these things > are instrinsically hard to pull off. Someday they'll come. Could someone please define a 'data haven'? I understand digitial cash, it is exactly what it sounds like. However, in the context I've heard data haven used in, then there is much more than simply keeping one's data encrypted on your local hard drive. Still learning and trying to understand all of these things. -- Pat Hykkonen, N5NPL Texas State Technical College at Waco Internet: {pat,postmaster,root}@tstc.edu Instructional Network Services Packet: N5NPL@WD5KAL.#CENTX.TX.USA.NA 3801 Campus Dr. Waco, Tx 76705 V:(817) 867-4830 F:(817) 799-2843 From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Mike Godwin Date: Wed, 7 Jul 93 22:15:21 PDT To: phred@well.sf.ca.us (Fred Heutte) Subject: Re: "Let's kill all the lawyers..." In-Reply-To: <93Jul6.183147pdt.14190-3@well.sf.ca.us> Message-ID: <199307071228.AA05225@eff.org> MIME-Version: 1.0 Content-Type: text/plain Fred Heutte writes: > We need lawyers, but do we need *so many*?! I was born and grew up > in Washington, DC. The DC Bar has over *50,000* lawyers! Even in > our nation's capital that seems excessive. They're not all in our nation's capital. The DC Bar allows lawyers admitted to other jurisdictions to "waive into" DC if their MBE score is sufficiently high--no separate bar exam. Many lawyers get admitted to the DC Bar this way in anticipation of the possibility that someday they may have to do some legal work in DC. Conversely, lots of lawyers simply come to DC without getting admitted to the DC Bar. They just don't practice in the District. --Mike From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Chris Claborne Date: Wed, 7 Jul 93 22:06:38 PDT To: cypherpunks@toad.com Subject: Re: Encrypted postings. Message-ID: <9307071256.ab02776@ncrcom.DaytonOH.NCR.COM> MIME-Version: 1.0 Content-Type: text/plain >I've had a couple of people ask to have their names added to the >encrypted list forwarder I put together. I'm soliciting feedback on >how this service should work. Could we send our postings to the mailer in encrypted format? That is... I would encrypt the message with the public key for the mailer, the mailer would decrypt and re-post to the clear-text mailer and to the PGP group. Granted, because the mailer must be run in full auto mode, it won't be the most secure. It would mean that all inbound as well as outbound cypherpunk traffic to my node would be in an electronic envelope. 2 -- C -- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Andrew S Hall Date: Wed, 7 Jul 93 22:14:55 PDT To: cypherpunks@toad.com Subject: Tim's shenanigans Message-ID: <9307071350.AA29739@photon.magnus.acs.ohio-state.edu> MIME-Version: 1.0 Content-Type: text/plain A brief comment. Anyone who was fooled was a dimwit. If I remember correctly, Tim's "encrypted GIF" was about 80 lines long. This isn't large enough for a stick drawing, let alone kiddie porn. A. Techno-Anarchy.Neophilia.Economic Freedom.Cryptography.Anti-Statism.Personal Liberty.Laissez-Faire.Privacy Protection.Libertarianism.No Taxes.No Bullshit. ********** Liberty BBS 1-614-798-9537 ********** ********** Dedicated to Freedom. Yours. ********** From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: jon barber Date: Wed, 7 Jul 93 02:36:21 PDT To: cypherpunks@toad.com Subject: Re: Complete ignorance of any sort of reality on May's part (was We are Message-ID: <756.9307070933@panacea.insignia.co.uk> MIME-Version: 1.0 Content-Type: text/plain > Tired of white het male computer geeks talking nonsense about anyone > who threatens their place in the power structure, Bollocks. I'm sick of being labelled 'white het male'. I am, but so what ? Your response was the most power-oriented in this exchange, and your steroetypes are just as banal as me calling all lesbians fat & ugly. What power structure ? I don't see any power structure - in fact I'm just as powerless as anyone else is. I'm sick and tired of having to be politically correct for fear of being called a bigot. I'll be damned if I'll be turned into an emasculated new age man, as the ones I've come across repel me almost as much as child pornographers. Jon Barber, donning asbestos suit. P.S. I'm no homophobe. My best friend is HIV+ after having a bisexual history, and his girlfriends twin sister is a lesbian, who I like very much. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: whitfield.diffie@Eng.Sun.COM Date: Wed, 7 Jul 93 22:07:33 PDT To: cypherpunks@toad.com Subject: Happens to `best' of them Message-ID: <9307072015.AA25620@ushabti.Eng.Sun.COM> MIME-Version: 1.0 Content-Type: text/plain The following delicious item appeared at the bottom of page 4 in the National Edition of The New York Times on Saturday, 3 July 1993. The Iraq Raid: Snoop Gets Scoop Special to The New York Times Washington, July 2 --- An electronic hacker was able to listen in as top aides to Secretary of State Warren Christopher helped him to alert world leaders about the missile strike against Baghdad last Saturday. The conversations were intercepted beginning nearly an hour before the raid was made public. But the first calls were apparently not overheard until after Tomahawk missiles from Navy ships struck the headquarters of the Iraqi intelligence service. The calls, placed from a Government plane as Mr. Christopher returned to Washington from Maine, provided a sense of the hurried efforts made by officials in midair and in Washington to spread news of the attack. At one point, they indicate, a State Department official awakened Chancellor Helmut Kohl of of Germany only to discover that President Clinton had spoken with the German leader earlier in the day. The eavesdropping was first reported in the current issue of Business Week, which obtained a tape recording of the conversations from an electronic hacker who specializes in monitoring unsecured calls. The magazine made available a transcript of the recording. The State Department refused to comment on what is said were private conversations among Mr. Christopher's aides, but a senior official there said the transcript was essentially accurate. None of the calls made by Mr. Christopher himself was recorded, apparently because they were placed through secure channels. Any uncoded call that travels through the airwaves rather than along a wire can be intercepted, and electronic eavesdroppers have become skilled at using scanners to monitor the communications. From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Nickey MacDonald Date: Wed, 7 Jul 93 22:12:09 PDT To: Mike Sherwood Subject: Re: What do you make of this? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: text/plain On Wed, 7 Jul 1993, Mike Sherwood wrote: > I dont know about all of them, but the second one is near me and I > confirmed that there is no 244 prefix in the 510 area code, so either > ther is an error in that data, or should I venture so far as to say that > he's trying to make a point about hiding information in a seemingly > harmless format. I hope no one actually trys to call any of those numbers... I couldn't think of a way to list them without giving away the truth... You are correct, I was trying to make a point of hiding information in a seemingly harmless format (although the longer the message, the less harmless the format looks)... > I don't have the desire to actually try to find out > what it is, but it wouldnt take much more research to find out if the > list is primarily made of nonexistent numbers. Well... I'll increase your chances to figure it out, should you get the desire... The hidden text was Un*x compressed... > However, the only reason I > even looked that far is because of the nature of this group and the fact that > it was brought up as such, rather than "Local U.S. Department of Agriculture > offices" or some other title that would cause people to want to be as far > away from it as possible. I had hoped that someone would assume there was a message... I'm still hoping someone will find it... I'll release the source either way... :-) -- Nick MacDonald | NMD on IRC i6t4@jupiter.sun.csd.unb.ca | PGP 2.1 Public key available via finger i6t4@unb.ca | (506) 457-1931 ^{1024/746EBB 1993/02/23} From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Chris Claborne Date: Wed, 7 Jul 93 21:58:29 PDT To: cypherpunks@toad.com Subject: Re: PC week Message-ID: <9307071831.af02186@ncrcom.DaytonOH.NCR.COM> MIME-Version: 1.0 Content-Type: text/plain >Sorry if this has been mentioned already, but the new issue of PC >Week contains a big special report entitled "Privacy in the >Workplace." It's got about five or six separate pieces on electronic >eavesdropping in the workplace, encryption, Clipper, etc., etc. I've >only had a chance to scan it quickly (I mean with my eyes), but it >seems that there's no mention of PGP at all, even in the piece on >public-key encryption. Shocking. And the piece on Clipper, while it >of course mentions all the opposition to the proposal, seemed just a >bit wimpy to me. Anyway, it's the June 28 issue. Worth checking >out, I guess. Wimpy yes, but a good start. I am seeing more and more on clipper and encryption. I think I even saw on in the LA Times. I would reccomend that we encourage this behavior by writing letters to the editor. Remember... Power of the press. (some day "power of the net") 2 -- C -- From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: smm@engr.uark.edu (MILLIGAN STEVEN M) Date: Wed, 7 Jul 93 22:07:11 PDT To: cypherpunks@toad.com Subject: hello Message-ID: MIME-Version: 1.0 Content-Type: text/plain hey there. I just joined the group about a week ago and have held off writting, until I sort of got a feel for what goes on. I still don't think I have the feel for it , but what the hell I'm writting anyway. If it is possible is there anyone who could take a little time to give me a few hints on how to send, receive, and forward encyrpted messages. any help at all would be appreciated. Thanx, Steve Milligan smm@engr.uark.edu "George Washington fought for his country and ended up in the White House... Sitting Bull fought for HIS country and ended up in a tent show." From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: fergp@sytex.com (Paul Ferguson) Date: Wed, 7 Jul 93 22:06:29 PDT To: cypherpunks@toad.com Subject: Technophobia & Intelligence: Forwarded article from Information Week Message-ID: MIME-Version: 1.0 Content-Type: text/plain reprinted from: Information Week July 5, 1993 (cover story) pages 31 through 38 The Intelligence Test Do tight funds and technophobia impede the CIA's ability to gather information? by Francis Hamit As the United States turns 217 years old this week, the officials responsible for the computers and communications of the nation's intelligence agencies are in no mood for a party. Many of their systems are antiquated, inefficient, and sometimes dangerously ineffective. Their resources are being taxed by the changing demands of post-Cold War politics. They need money to update their systems, yet a Democratic Congress appears intent on cutting the overall intelligence budget by more than $1 billion. To top it all off, IS officials in the intelligence community face an internal cultural bias against computers; some CIA employees see the machines as little more than electronic security leaks. "They just don't get it," says industry analyst Esther Dyson, who recently visited the CIA with an Electronic Frontier Foundation delegation. "It's depressing." Yet, the U.S. intelligence community, under the leadership of the CIA, is undergoing a quiet revolution in culture and methodology. The IT component of the effort is being led by Michael L. Dillard, chairman of the information policy board in the Office of the Director of Central Intelligence, essentially the intelligence community's CIO. Dillard has the authority to do the job. He reports directly to the director of central intelligence, R. James Woolsey. Dillard and Woolsey's charter includes the CIA -- which is in the process of trying to fill a new CIO position of their own -- as well as government departments such as the Bureau of Research and Intelligence in the State Department, the intelligence elements of the various Armed Forces, the Energy Department's intelligence component, the National Security Agency, even units of the Treasury Department. Factor in the ad hoc task forces and working groups set up to handle specific areas of concern such as terrorism, narcotics, and transnational criminal activities, and it's a potentially cacophonous collection of sources to manage in a real-time environment -- and with an extremely limited margin for error. The Agency That Knew Too Much? The intelligence community's work is breathtaking in scope. Raw data floods in daily from every conceivable source. Technical collection efforts such as signals interception and high- resolution imaging from spy satellites and other sources are combined with the reports of agents and secret sources around the world and "open sources," such as newspaper articles and radio broadcasts. All this information flows like a river into a system that must select, analyze, and evaluate significant data, and then turn it into easy-to-understand digests for policymakers. But the overall system is not working as well as it should, and the need for reform has long been acknowledged by members of the intelligence community. The CIA alone runs 10 data processing systems; under the current classification and compartmentalization, there is virtually no interoperability between them (see related story below). This has led to some public embarrassments. Recently, for example, the agency was accused of covering up part of the BNL scandal, in which an Italian bank used U.S. Agriculture Department guarantees to help Saddam Hussein finance Iraq's arms buildup before the Gulf War. This accusation came after the CIA first denied knowledge of the affair, then later found the requested documents in a file box under a staff member's desk. The current reforms began last year under former director of central intelligence Robert Gates and have continued under Woolsey, who was a member of the committee that made the original reform recommendations. Late last year, before the annual convention of the Association of Former Intelligence Officers, Gates identified the targets for intelligence community reform as nothing less than "our mission, our structure, our long-term size and budget, and our culture." These changes come at a time when intelligence consumers are demanding interactive, multimedia systems that better meet their needs and time constraints. Given the current climate of budget cutbacks and growing demands, the community may undergo a major restructuring that will force wider use of distributed, multimedia computer and communications systems. CIO Dillard is unable to detail precise changes to the intelligence community's IS effort because information such as various agencies' IS budget and staff size is strictly classified. But he shared his five goals for IS in the intelligence community: o Increase the volume of data, especially from "open sources." The first Open Source Coordinator has been appointed. o Attain true connectivity and interoperability among the systems used in the intelligence community. While some are PC- and workstation-based and use commercially available software, traditional approaches to security had mandated that they not be linked. o Reduce the growing cost of operating and maintaining legacy systems. Today, 82 cents of every dollar spent by IS groups in intelligence goes to maintain and operate existing systems. "This," says Dillard,"is using up our resources and driving out our ability to recapitalize and meet new requirements." o Downsize systems. o Create an equal infusion of technology throughout the community. While some computers in use are leading edge, others date back to the 1960s, Some software is 25 years old. These initiatives would be difficult in any environment, But the intelligence community also harbors a cultural bias against electronic systems. It stems, in part, from the need to secure information in such a way to protect sources and methods. "In the proper-based world, this is not a problem," Dillard says. "In the electronic one, the ability to connect and compare data can lead to unintended compromises of security." Indeed, the intelligence community has had an explosion of literally thousands of databases. Open sources alone command 4,000 databases of all kinds; the most sensitive are kept offline. Many paper files are never converted to digital form. With the intelligence community creating an estimated 20,000 digital records a day, the job of digitizing and transferring older paper files is relegated to the to-do pile. The agencies are researching and developing software tools to break through this logjam by helping analysts search very large databases. This effort is being managed by the Intelligence Community Management Staff, a separate entity charged with implementing much of the reform. Congress has had much to say about the intelligence community's need to eliminate redundant computer systems. But unlike in private businesses, redundant sources in intelligence may actually help clarify information by providing additional checks on incoming data. Redundant information also helps guard against deception schemes by adversary intelligence services. In addition, while the community's rapidly growing stream of data demands the use of the latest technology, the open systems approach that works best in the business world is unfamiliar, possibly even threatening, to those in the intelligence community. Past attempts to cut one type of collection in favor of another generally have been damaging. In the late '70s, director of central intelligence Stansfield Turner emphasized technical means over human intelligence sources -- he was uncomfortable with spies and forced out many veteran covert operatives. Turner's critics say the efforts may have led to an inability to respond to anti-American terrorist operations in the Middle East, such as the 1983 bombing of the U.S. Marines barracks in Beirut, which was aggravated by the bombing and subsequent kidnapping and murder of the CIA's local station chief. Satellites Alone Don't Fly Only 30% to 40% of all intelligence gathering is the result of technical means such as satellite surveillance and signals interception. Another 30% comes from open sources, while an overwhelming 80% is derived from human sources (the total exceeds 100% to account for overlap between sources). Many in the intelligence community believe there is no substitute for the human analyst. Funding for the intelligence community's new IT efforts may be scarce. Despite Clinton administration efforts to expand the overall intelligence budget to more than $28 billion in order to cope with the changes caused by the collapse of the Soviet Union, Congress seems intent upon cutting more than $1 billion from current levels. Not surprisingly, intelligence professionals are horrified by this prospect in the midst of the agencies' most profound cultural change and organizational restructuring since World War II. They fear that vital programs may be damaged, eroding the nation's ability to cope with new challenges. At the same time, the intelligence community is trying to downsize by attrition and has cut expenditures by 17.5%. Hiring has been cut back both for career and contract agents, and many veterans are being offered early retirement. Some intelligence officers feel budget cuts could interfere with the community's recruiting ability. "The lifeblood of the intelligence community is bringing in new people and giving them experience and training," says David Whipple, a CIA veteran and now executive director of the association of Former Intelligence Officers. The demands upon the intelligence community since the end of the Cold War have grown more complex. Veterans of the Cold War era sometimes even wax nostalgic. "The Cold War simplified things into a bipolar world," says one CIA veteran analyst. "It froze a lot of things, like the situation in the Balkans, which have now erupted with a vengeance." In the 1980s, nearly 60% of the overall intelligence budget was focused upon the Soviet Union and the Warsaw Pact nations. At first glance, it would seem that this amount could now be cut. But with the fluid geopolitical situation and the emergence of dozens of new players, the requirements in Eastern Europe are increasing, the agencies argue. Not surprisingly, so is the use of computing. "We've all had to develop an understanding of computing and how to use it in out day-today work," says a CIA public affairs officer. While mainframes still dominate, PCs are appearing on intelligence desktops, joining older systems rather than replacing them. There's still a long way to go for real change. And the intelligence community's wary attitude could mean necessary changes are made later rather than sooner. "There's this sort of intellectual understanding of change, but there's none of that understanding, somewhere between emotional and intellectual, where you 'get it,'" says analyst Dyson. "Some of them do, but to me a good intelligence service is smarter than everybody else." [ related story ] Downsizing: Is It Safe? An ongoing debate is raging within the U.S. intelligence community about large-scale computer systems. Michael Dillard, chairman of the information policy board in the Office of the Director of Central Intelligence, talks about reviewing standalone systems to see if they can be combined, or at least made co-resident, with other systems on similar hardware. This would cut operations and maintenance staffing, but it would also make such systems more vulnerable to compromise. Such a melding of data sets violates the well-established culture of keeping secrets by separating them on a "need-to-know" basis. Given the literally millions of people who have Confidential, Secret, Top Secret, and higher clearances, the real surprise is not that there is an occasional traitor such as Jonathan Pollard or John Walker, but that there are not more such breaches of security. Of course, for the intelligence community, one is too many. Pollard, for instance, is said to have given 85,000 documents to his Israeli handlers. And the full extent of the damage done by Walker during his 20 years of spying for the Soviets may never be known, but certainly codes and other vital intelligence sources and methods were compromised. "Sources and methods" are, of course, the most closely held secrets of any intelligence service. While former director of central intelligence Robert Gates initiated a vigorous declassification program, a National Archives official recently complained that the review and declassification of documents from the 1960s alone would take nearly 20 years to complete at the present rate. In fact, the U.S. government still holds classified documents that date back to World War I. "Why shouldn't there be one national policy concerning the protection of valuable national assets?" asks Maynard C. Anderson, an assistant deputy undersecretary of defense, in a recent letter to Security Management magazine. He notes that laws such as the Atomic Energy Act, the Arms Control Act, and the Privacy Act have added categories of information to be protected but not a mechanism for the overall administration of information security. "The lack of a single, coordinated, national information policy has resulted in the fragmentation of policy-making and prevented the allocation of resources where they are needed most." Such issues are consciously avoided by both civilian and military intelligence officers who view themselves as the implementors rather than the makers of policy. The highly compartmentalized approach of sharing information only with those who "need to know" is the ultimate protection of sources and methods. Dire Consequences More important, it saves lives. An agent-in-place can be run for years with his or her true identity known only to a handful of people within one agency. In such a circumstance, the data from the source must be heavily filtered to avoid compromising the source's identity, which could have fatal consequences for the operation and the agent. The downside is that it allows ad hoc operations to take place, such as Iran-Contra, which was mounted from within the basement of the National Security Council offices in the White House. (It also explains why Robert Gates was not informed about the operation despite his position at the time as deputy director of intelligence.) Computer networks have not proven themselves to be absolutely secure, so the creation of an electronic system vulnerable to compromise goes very much against the grain of senior officers. But the need for quicker processing is apparent, as is the need for absolute security. It is a big problem not easily resolved. In fact, resolution may depend upon software yet to be developed, possibly by a new generation of programmers who will be offered well-paying jobs by private enterprise at a time when government research dollars are being absorbed by current program needs. -F.H. 8<------- End forwarded article -------- Paul Ferguson | "Confidence is the feeling you get Network Integrator | just before you fully understand Centreville, Virginia USA | the problem." fergp@sytex.com | - Murphy's 7th Law of Computing Quis Custodiet Ipsos Custodes? From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Nickey MacDonald Date: Wed, 7 Jul 93 22:04:34 PDT To: cypherpunks list Subject: Motorola cordless phones with 'Secure Clear (tm) Audio' Message-ID: MIME-Version: 1.0 Content-Type: text/plain Anyone know anything about Motorola's new phones (models VST 100, VST 350, VST 550, locally priced at $179, $249 and $299 Canadian)? This is what the ad says: - Motorola's newest telephones add nothing to cellular, but do set a new standard for Cordless Technology. - The Secure Clear (tm) Technology is the only Cordless Telephone to virtually eliminate any possibility of eaves dropping. - Motorola Cordless Telephones project a scrambled signal making it virtually impossible to monitor a conversation with other Cordless Phones, scanners or baby monitors. - The Motorola Secure Clear (tm) Cordless Phones are available in three models: VST 550, VST 350, VST 100. - The New Secure Clear (tm) Cordless Telephones meet the same rigid quality and durability standards demanded of all Motorola products. There are pictures and feature lists... and then a phone number, which I have been trying to get through fo 2 hours... 1-800-668-1117 {As if it was obvious... the bottom line says: Secure Clear (tm) and Motorola are Trademarks of Motorola Inc.} -- Nick MacDonald | NMD on IRC i6t4@jupiter.sun.csd.unb.ca | PGP 2.1 Public key available via finger i6t4@unb.ca | (506) 457-1931 ^{1024/746EBB 1993/02/23} From cypherpunks@MHonArc.venona Wed Dec 17 23:17:14 2003 From: Nickey MacDonald Date: Wed, 7 Jul 93 22:04:10 PDT To: cypherpunks list Subject: Some source code for phone number coding... Message-ID: MIME-Version: 1.0 Content-Type: text/plain Here is a couple of message about my phone encoding format (giving progressively more info to a person trying to guess the format) followed by the complete source... Use it well. (TABsize was 3.) Okay, well without giving you the source... heres the biggest hint I can think of... >From /etc/magic: 0 string \037\235 compressed data Translating that to decimal and in 4 byte unsigned long we get (\037\235\0\0 == 31,157,0,0 == 0,530,382,848 ^^^^^ >From the start of my posted list of phone numbers: (503) 241-9796 ext: 09 ^^^ ^ ?? ? If you know the rules for forming (valid looking) phone numbers... Anyway, to finially give the whole thing away... The file that is hidden starts with these 4 bytes... 1f 9d 90 54 == 0,530,419,796 Well.. I like puzzles... (as long as the answer is eventually revealed) so I'll let you think it over for a bit, before I send you the source... ;-) Okay well... lets assume that all valid phone numbers must be in the form [2-9][0-1][0-9] [2-9][0-9][0-9] [0-9][0-9][0-9][0-9] This is the form of my encoding... now if you take a sample number, like 1,234,567,890 and try encode it into a phone number, you would get (123) 456-7890 ^^ And you notice that the 1 and the two are out of range... Well.. as it happens, for 32 bit unsigned numbers the range is 0 to 4,294,967,294... The first digit will always be 0-4, half of which are illegal in that position, so I decided to swap the first two digits... That doesn't fix all of the range problems, thus whenever there is an invalid digit in position 1,2 or 4 I move it to the extension and put a special indicator value (the higest of the legal range) in its place. Thats the whole secret... Code will follow soon... :-) /* pe.c phone encode Written by: Nickey MacDonald July 7, 1993 Encode a message as a list of phone numbers... There are some tricks used to make the phone numbers appear more realistic, and there is a caveate... If the input file has 4 null bytes aligned of a 4 byte boundry, then the program will think its the EOF and stop... This could be fixed easily... I just didn't. */ #include unsigned long getbytes(FILE *fp); int main(void) { unsigned short i, ei; /* i=work counter, ei=ext. counter */ unsigned char pn[10], ext[4], v=0; /* Digits of phone num, ext and a */ /* pseudo random value */ unsigned long b; /* 4 bytes compress to a unsigned long */ char tpnumbuf[11]; /* a sprinft buffer for b */ /* Read until EOF or 4 properly aligned null bytes */ while((b=getbytes(stdin)) != 0) { ei=0; /* Convert the unsigned long into a string */ sprintf(tpnumbuf, "%010lu", b); /* Pick up the digits of the unsigned long */ /* Because of the distribution, swap the first two digits... */ pn[0]=tpnumbuf[1]-'0'; pn[1]=tpnumbuf[0]-'0'; for(i=2; i<10; i++) { pn[i]=tpnumbuf[i]-'0'; v+=pn[i]; } /* The first digit of the area code must be [2-9] */ if (pn[0]<3) { ext[ei++]=pn[0]; pn[0]=2; } /* Currently the middle digit of area code must be 0 or 1 */ if (pn[1]>0) { ext[ei++]=pn[1]; pn[1]=1; } /* The first digit of prefix must be [2-9] */ if (pn[3]<3) { ext[ei++]=pn[3]; pn[3]=2; } /* Generate the output phone number */ fprintf(stdout, "(%d%d%d) %d%d%d-%d%d%d%d", pn[0], pn[1], pn[2], pn[3], pn[4], pn[5], pn[6], pn[7], pn[8], pn[9]); /* Generate the extension if needed */ if (ei>0) { ext[ei++]=v%10; fprintf(stdout, " ext: "); for (i=0; i